1
0
mirror of https://github.com/bitcoinbook/bitcoinbook synced 2024-11-22 08:08:11 +00:00

Edited ch08_signatures.adoc with Atlas code editor

This commit is contained in:
claylock 2023-10-26 19:25:20 +00:00
parent f08f7231db
commit 04dae8ce7f

View File

@ -635,7 +635,7 @@ The preceding protocol has several security problems. Most notable is that one
party might learn the public keys of the other parties before committing
to their own public key. For example, Alice generates her public key
_yG_ honestly and shares it with Bob. Bob generates his public key
using _zG_ _yG_. When their two keys are combined (_yG_ + _zG_ _yG_), the
using _zG_ _yG_. When their two keys are combined [.keep-together]#(_yG_ + _zG_ _yG_),# the
positive and negative _yG_ terms cancel out so the public key only represents
the private key for _z_ (i.e., Bob's private key). Now Bob can create a
valid signature without any assistance from Alice. This is ((("key cancellation attacks")))called a