arno/bitcoinbook
1
0
Fork 0
mirror of https://github.com/bitcoinbook/bitcoinbook synced 2025-05-09 10:28:51 +00:00
Code Issues Releases Wiki Activity

Edited ch08_signatures.adoc with Atlas code editor

Browse Source
This commit is contained in:
clenser 2023-10-19 13:10:18 +00:00
parent e9372d39fb
commit 4e24b9ff43
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ch08_signatures.adoc
View File

@ -601,7 +601,7 @@ Alice and Bob need to derive the public key for +x+, which is +xG+.
Since it's possible to use elliptic curve operations to add two EC Since it's possible to use elliptic curve operations to add two EC
points together, they start by Alice deriving +yG+ and Bob deriving points together, they start by Alice deriving +yG+ and Bob deriving
+zG+. They then add them together to create +xG = yG + zG+. The point +zG+. They then add them together to create +xG = yG + zG+. The point
+xG+ is their _aggregated public key_. To create a signature, they begin the +xG+ is ((("aggregated public keys")))((("public keys", "aggregated")))their _aggregated public key_. To create a signature, they begin the
simple multisignature protocol: simple multisignature protocol:
1. They each individually choose a large random private nonce, +a+ for 1. They each individually choose a large random private nonce, +a+ for
@ -632,7 +632,7 @@ to their own public key. For example, Alice generates her public key
using +zG - yG+. When their two keys are combined (+yG + zG - yG+), the using +zG - yG+. When their two keys are combined (+yG + zG - yG+), the
positive and negative +yG+ terms cancel out so the public key only represents positive and negative +yG+ terms cancel out so the public key only represents
the private key for +z+, i.e., Bob's private key. Now Bob can create a the private key for +z+, i.e., Bob's private key. Now Bob can create a
valid signature without any assistance from Alice. This is called a valid signature without any assistance from Alice. This is ((("key cancellation attacks")))called a
_key cancellation attack_. _key cancellation attack_.
There are various ways to solve the key cancellation attack. The There are various ways to solve the key cancellation attack. The