arno
/
bitcoinbook
mirror of https://github.com/bitcoinbook/bitcoinbook
1
0
Fork 0
Code Issues Releases Wiki Activity

Schnorr signatures explained (better)

Browse Source 
Used Alice to clarify the roles, changed the notation to be consistent, fixed an error in the diagram
mb3dev
Andreas M. Antonopoulos 2 years ago
parent a85a83210f
commit 8fb382c9c9
7 changed files with 1341 additions and 16 deletions
Show Stats Download Patch File Download Diff File

BIN
images/schnorr_signatures.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 316 KiB

After

Width:  |  Height:  |  Size: 338 KiB

185
images/vector_drawings/alice_public_key_derivation.svg
Unescape View File

@ -0,0 +1,185 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
width="1065px"
height="995px"
viewBox="0 0 1065 995"
version="1.1"
id="svg15248"
sodipodi:docname="alice_public_key_derivation.svg"
inkscape:version="1.2 (56b05e47e7, 2022-06-09, custom)"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<defs
id="defs15252" />
<sodipodi:namedview
id="namedview15250"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageshadow="2"
inkscape:pageopacity="0.0"
inkscape:pagecheckerboard="0"
showgrid="false"
inkscape:zoom="0.94070352"
inkscape:cx="247.15545"
inkscape:cy="497.5"
inkscape:window-width="1920"
inkscape:window-height="1136"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="1"
inkscape:current-layer="Schnorr"
inkscape:showpageshadow="2"
inkscape:deskcolor="#d1d1d1" />
<!-- Generator: Sketch 52.6 (67491) - http://www.bohemiancoding.com/sketch -->
<title
id="title15181">Group</title>
<desc
id="desc15183">Created with Sketch.</desc>
<g
id="Schnorr"
stroke="none"
stroke-width="1"
fill="none"
fill-rule="evenodd">
<g
id="Group"
transform="translate(0.69346371,2.6636493)">
<polyline
id="Shape"
stroke="#000000"
stroke-width="4"
stroke-linecap="square"
points="200.727273 494.399999 201.589529 488.783012 202.451785 486.481177 203.314041 484.731801 205.038554 481.996617 206.763066 479.816455 208.487578 477.968278 211.074347 475.606702 213.661115 473.589456 216.247883 471.822575 219.696908 469.761675 223.145932 467.963483 227.457213 466.005488 231.768494 464.306413 236.079774 462.819551 241.253311 461.268909 246.426849 459.933508 252.462642 458.605704 258.498435 457.489523 265.396484 456.434919 273.156789 455.488284 281.77935 454.686685 291.264168 454.055946 301.611242 453.608183 313.682828 453.324958 329.203438 453.205164 367.142709 453.025441 379.214295 452.696271 389.561369 452.206206 399.046186 451.549241 408.531003 450.664037 417.153566 449.641699 425.776127 448.398608 434.398688 446.926115 443.02125 445.21974 451.643811 443.278768 460.266372 441.105683 468.888934 438.705501 477.511496 436.085108 486.996313 432.958061 496.481131 429.586218 505.965948 425.98177 515.450766 422.1568 525.79784 417.746271 536.144914 413.101384 547.354243 407.820191 558.563573 402.294606 569.772903 396.538327 581.844489 390.095297 593.916075 383.412537 606.849917 376.000072 619.783759 368.339297 633.579858 359.907062 647.375956 351.217702 661.172054 342.282057 675.830409 332.528801 690.488764 322.518562 705.147118 312.260431 720.667728 301.137717 736.188339 289.754871 751.70895 278.119697 768.091817 265.572181 784.474683 252.758939 800.85755 239.686852 818.102673 225.65404 835.347796 211.348143 852.592918 196.775379 870.700298 181.193048 888.807677 165.329007 906.915056 149.188997 925.022435 132.778373 943.99207 115.3015 962.961705 97.538537 981.931341 79.494566 1000.90098 61.174375 1020.73287 41.731019 1040.56476 21.995595 1060.39665 1.972737 1062.12116 0.218182 1062.12116 0.218182"
inkscape:label="curve_top" />
<polyline
id="polyline15186"
stroke="#000000"
stroke-width="4"
stroke-linecap="square"
points="200.727273 494.400001 201.589529 500.016988 202.451785 502.318823 203.314041 504.068199 205.038554 506.803383 206.763066 508.983545 208.487578 510.831722 211.074347 513.193298 213.661115 515.210544 216.247883 516.977425 219.696908 519.038325 223.145932 520.836517 227.457213 522.794512 231.768494 524.493587 236.079774 525.980449 241.253311 527.531091 246.426849 528.866492 252.462642 530.194296 258.498435 531.310477 265.396484 532.365081 273.156789 533.311716 281.77935 534.113315 291.264168 534.744054 301.611242 535.191817 313.682828 535.475042 329.203438 535.594836 367.142709 535.774559 379.214295 536.103729 389.561369 536.593794 399.046186 537.250759 408.531003 538.135963 417.153566 539.158301 425.776127 540.401392 434.398688 541.873885 443.02125 543.58026 451.643811 545.521232 460.266372 547.694317 468.888934 550.094499 477.511496 552.714892 486.996313 555.841939 496.481131 559.213782 505.965948 562.81823 515.450766 566.6432 525.79784 571.053729 536.144914 575.698616 547.354243 580.979809 558.563573 586.505394 569.772903 592.261673 581.844489 598.704703 593.916075 605.387463 606.849917 612.799928 619.783759 620.460703 633.579858 628.892938 647.375956 637.582298 661.172054 646.517943 675.830409 656.271199 690.488764 666.281438 705.147118 676.539569 720.667728 687.662283 736.188339 699.045129 751.70895 710.680303 768.091817 723.227819 784.474683 736.041061 800.85755 749.113148 818.102673 763.14596 835.347796 777.451857 852.592918 792.024621 870.700298 807.606952 888.807677 823.470993 906.915056 839.611003 925.022435 856.021627 943.99207 873.4985 962.961705 891.261463 981.931341 909.305434 1000.90098 927.625625 1020.73287 947.068981 1040.56476 966.804405 1060.39665 986.827263 1062.12116 988.581818 1062.12116 988.581818"
inkscape:label="curve_bottom" />
<circle
id="circle15192"
stroke="#000000"
stroke-width="3"
fill="#9b9b9b"
cx="522"
cy="421"
r="6"
inkscape:label="gray circle" />
<circle
id="circle15196"
stroke="#b50004"
stroke-width="3"
fill="#d0021b"
cx="375"
cy="453"
r="6"
inkscape:label="red circle" />
<text
id="G"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
inkscape:label="G"
x="-26.696276"
y="16.423048"><tspan
x="510.30371"
y="462.42303"
id="tspan15198">G</tspan></text>
<text
id="G-9"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="362.03058"
y="492.55688"
inkscape:label="A"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"><tspan
sodipodi:role="line"
id="tspan649"
x="362.03058"
y="492.55688">A</tspan></text>
<text
id="P-=-pk×G"
font-family="Georgia"
font-size="36"
font-weight="normal"
fill="#000000"
inkscape:label="A = a ⋅ G"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
x="385.59488"
y="380.25064"><tspan
sodipodi:role="line"
id="tspan610"
x="385.59488"
y="380.25064">A = a⋅G</tspan></text>
<text
id="y^2-=-x^3+7"
transform="rotate(36,753.56933,674.53894)"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#9b9b9b"><tspan
x="651.56934"
y="687.03894"
id="tspan15213">y^2 = x^3+7</tspan></text>
<text
id="Public-key"
font-family="HelveticaNeue, Helvetica Neue"
font-size="20"
font-weight="normal"
fill="#9B9B9B"
inkscape:label="Public-key A"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:20px;font-family:HelveticaNeue, 'Helvetica Neue';-inkscape-font-specification:'HelveticaNeue, Helvetica Neue, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#9b9b9b"
x="240.87692"
y="437.30566"><tspan
sodipodi:role="line"
id="tspan612"
x="240.87692"
y="437.30566">Public key A</tspan></text>
<text
id="Generator-point"
font-family="HelveticaNeue, Helvetica Neue"
font-size="20"
font-weight="normal"
fill="#9B9B9B"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:20px;font-family:HelveticaNeue, 'Helvetica Neue';-inkscape-font-specification:'HelveticaNeue, Helvetica Neue, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#9b9b9b"
x="549.57208"
y="429.69418"><tspan
sodipodi:role="line"
id="tspan614"
x="549.57208"
y="429.69418">Generator point G</tspan></text>
<path
id="Path-3"
d="m 410.01654,418.05684 c 29.9532,-15.97667 62.62493,-18.30646 97.85594,-7.00972 l -1.52667,4.76123 c -33.77494,-10.82986 -64.88274,-8.69089 -93.47991,6.39692 l 6.62655,9.64773 -32.11386,4.46657 15.69505,-28.37102 z"
fill="#d0021b"
fill-rule="nonzero"
inkscape:label="red arrow"
style="stroke-width:8.1;stroke-dasharray:none;paint-order:markers stroke fill" />
<path
d="M 102.09862,494.5951 H 848.50001"
id="Path-4"
stroke="#979797"
inkscape:label="x-axis" />
</g>
</g>
<metadata
id="metadata32833">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:title>Group</dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 9.8 KiB

347
images/vector_drawings/schnorr_signing.svg
Unescape View File

@ -0,0 +1,347 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
width="1065px"
height="995px"
viewBox="0 0 1065 995"
version="1.1"
id="svg15248"
sodipodi:docname="schnorr_signing.svg"
inkscape:version="1.2 (56b05e47e7, 2022-06-09, custom)"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<defs
id="defs15252" />
<sodipodi:namedview
id="namedview15250"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageshadow="2"
inkscape:pageopacity="0.0"
inkscape:pagecheckerboard="0"
showgrid="false"
inkscape:zoom="1.343662"
inkscape:cx="481.89203"
inkscape:cy="600.59748"
inkscape:window-width="1920"
inkscape:window-height="1136"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="1"
inkscape:current-layer="Group"
inkscape:showpageshadow="2"
inkscape:deskcolor="#d1d1d1" />
<!-- Generator: Sketch 52.6 (67491) - http://www.bohemiancoding.com/sketch -->
<title
id="title15181">Group</title>
<desc
id="desc15183">Created with Sketch.</desc>
<g
id="Schnorr"
stroke="none"
stroke-width="1"
fill="none"
fill-rule="evenodd"
inkscape:label="Schnorr">
<g
id="Group"
transform="translate(0.75586347,4.7413931)">
<polyline
id="Shape"
stroke="#000000"
stroke-width="4"
stroke-linecap="square"
points="200.727273 494.399999 201.589529 488.783012 202.451785 486.481177 203.314041 484.731801 205.038554 481.996617 206.763066 479.816455 208.487578 477.968278 211.074347 475.606702 213.661115 473.589456 216.247883 471.822575 219.696908 469.761675 223.145932 467.963483 227.457213 466.005488 231.768494 464.306413 236.079774 462.819551 241.253311 461.268909 246.426849 459.933508 252.462642 458.605704 258.498435 457.489523 265.396484 456.434919 273.156789 455.488284 281.77935 454.686685 291.264168 454.055946 301.611242 453.608183 313.682828 453.324958 329.203438 453.205164 367.142709 453.025441 379.214295 452.696271 389.561369 452.206206 399.046186 451.549241 408.531003 450.664037 417.153566 449.641699 425.776127 448.398608 434.398688 446.926115 443.02125 445.21974 451.643811 443.278768 460.266372 441.105683 468.888934 438.705501 477.511496 436.085108 486.996313 432.958061 496.481131 429.586218 505.965948 425.98177 515.450766 422.1568 525.79784 417.746271 536.144914 413.101384 547.354243 407.820191 558.563573 402.294606 569.772903 396.538327 581.844489 390.095297 593.916075 383.412537 606.849917 376.000072 619.783759 368.339297 633.579858 359.907062 647.375956 351.217702 661.172054 342.282057 675.830409 332.528801 690.488764 322.518562 705.147118 312.260431 720.667728 301.137717 736.188339 289.754871 751.70895 278.119697 768.091817 265.572181 784.474683 252.758939 800.85755 239.686852 818.102673 225.65404 835.347796 211.348143 852.592918 196.775379 870.700298 181.193048 888.807677 165.329007 906.915056 149.188997 925.022435 132.778373 943.99207 115.3015 962.961705 97.538537 981.931341 79.494566 1000.90098 61.174375 1020.73287 41.731019 1040.56476 21.995595 1060.39665 1.972737 1062.12116 0.218182 1062.12116 0.218182"
inkscape:label="curve_top" />
<polyline
id="polyline15186"
stroke="#000000"
stroke-width="4"
stroke-linecap="square"
points="200.727273 494.400001 201.589529 500.016988 202.451785 502.318823 203.314041 504.068199 205.038554 506.803383 206.763066 508.983545 208.487578 510.831722 211.074347 513.193298 213.661115 515.210544 216.247883 516.977425 219.696908 519.038325 223.145932 520.836517 227.457213 522.794512 231.768494 524.493587 236.079774 525.980449 241.253311 527.531091 246.426849 528.866492 252.462642 530.194296 258.498435 531.310477 265.396484 532.365081 273.156789 533.311716 281.77935 534.113315 291.264168 534.744054 301.611242 535.191817 313.682828 535.475042 329.203438 535.594836 367.142709 535.774559 379.214295 536.103729 389.561369 536.593794 399.046186 537.250759 408.531003 538.135963 417.153566 539.158301 425.776127 540.401392 434.398688 541.873885 443.02125 543.58026 451.643811 545.521232 460.266372 547.694317 468.888934 550.094499 477.511496 552.714892 486.996313 555.841939 496.481131 559.213782 505.965948 562.81823 515.450766 566.6432 525.79784 571.053729 536.144914 575.698616 547.354243 580.979809 558.563573 586.505394 569.772903 592.261673 581.844489 598.704703 593.916075 605.387463 606.849917 612.799928 619.783759 620.460703 633.579858 628.892938 647.375956 637.582298 661.172054 646.517943 675.830409 656.271199 690.488764 666.281438 705.147118 676.539569 720.667728 687.662283 736.188339 699.045129 751.70895 710.680303 768.091817 723.227819 784.474683 736.041061 800.85755 749.113148 818.102673 763.14596 835.347796 777.451857 852.592918 792.024621 870.700298 807.606952 888.807677 823.470993 906.915056 839.611003 925.022435 856.021627 943.99207 873.4985 962.961705 891.261463 981.931341 909.305434 1000.90098 927.625625 1020.73287 947.068981 1040.56476 966.804405 1060.39665 986.827263 1062.12116 988.581818 1062.12116 988.581818"
inkscape:label="curve_bottom" />
<polyline
id="Path-2"
stroke="#4a90e2"
stroke-width="2"
points="934.927849 122.975921 934.927849 866.632231 243.680999 460.300962"
inkscape:label="signing_verification" />
<circle
id="Oval"
stroke="#2673ba"
stroke-width="3"
fill="#4a90e2"
cx="244"
cy="460"
r="6"
inkscape:label="blue circle" />
<circle
id="circle15190"
stroke="#b50004"
stroke-width="3"
fill="#d0021b"
cx="373"
cy="536"
r="6"
inkscape:label="red circle" />
<circle
id="circle15192"
stroke="#000000"
stroke-width="3"
fill="#9b9b9b"
cx="522"
cy="421"
r="6"
inkscape:label="gray circle" />
<circle
id="circle15194"
stroke="#2673ba"
stroke-width="3"
fill="#4a90e2"
cx="935"
cy="123"
r="6"
inkscape:label="blue circle" />
<circle
id="circle15196"
stroke="#b50004"
stroke-width="3"
fill="#d0021b"
cx="375"
cy="453"
r="6"
inkscape:label="red circle" />
<text
id="G"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="-10.564646"
y="9.0093107"><tspan
x="526.43536"
y="455.00931"
id="tspan15198">G</tspan></text>
<text
id="G-4"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="361.66333"
y="494.6723"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
inkscape:label="point A"><tspan
sodipodi:role="line"
id="tspan2421"
x="361.66333"
y="494.6723">A</tspan></text>
<text
id="s×G"
font-family="Georgia"
font-size="36"
font-weight="normal"
fill="#000000"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
x="561.36523"
y="204.41455"><tspan
sodipodi:role="line"
id="tspan2455"
x="561.36523"
y="204.41455">S=s⋅G</tspan></text>
<text
id="hash(P,R,m)×P"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:29.3333px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
x="35.222843"
y="443.95047"><tspan
sodipodi:role="line"
id="tspan2463"
x="35.222843"
y="443.95047">hash(R,A,m)⋅A</tspan></text>
<text
id="s×G-=-R-+-hash(P,R,m"
transform="rotate(-90)"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#9b9b9b"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#9b9b9b"
x="-694.7868"
y="921.90692"
inkscape:label="S=R+hash(R,A,m)⋅A"><tspan
sodipodi:role="line"
id="tspan2465">S = R + hash(R,A,m)⋅A</tspan></text>
<text
id="P-=-pk×G"
font-family="Georgia"
font-size="36"
font-weight="normal"
fill="#000000"
inkscape:label="A=a⋅G"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
x="391.07199"
y="396.69861"><tspan
sodipodi:role="line"
id="tspan2386"
x="391.07199"
y="396.69861">A=a⋅G</tspan></text>
<text
id="y^2-=-x^3+7"
transform="rotate(36)"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#9b9b9b"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#9b9b9b"
x="847.69379"
y="126.88805"><tspan
sodipodi:role="line"
id="tspan2559"
x="847.69379"
y="126.88805">y² = x³+7</tspan></text>
<text
id="R-=-k×G"
font-family="Georgia"
font-size="36"
font-weight="normal"
fill="#000000"
inkscape:label="R-=-k×G"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
x="467.99869"
y="529.38641"><tspan
sodipodi:role="line"
id="tspan2427"
x="467.99869"
y="529.38641">R=r⋅G</tspan></text>
<path
id="Path-3"
d="m 410.5356,421.66534 c 29.9532,-15.97667 62.62493,-18.30646 97.85594,-7.00972 l -1.52667,4.76123 c -33.77494,-10.82986 -64.88274,-8.69089 -93.47991,6.39692 l 6.62655,9.64773 -32.11386,4.46657 15.69505,-28.37102 z"
fill="#d0021b"
fill-rule="nonzero"
inkscape:label="red arrow" />
<path
id="path15229"
d="M 887.2713,132.42022 C 710.94135,168.73334 592.09852,260.20161 530.47686,406.93285 l -4.60997,-1.93601 C 588.16405,256.6571 708.41819,164.12296 886.3632,127.50232 l -2.18799,-11.84926 31.15084,8.99307 -25.88495,19.52483 z"
fill="#4a90e2"
fill-rule="nonzero"
inkscape:label="blue arrow" />
<path
id="path15235"
d="m 279.03441,428.30065 c 31.45447,-15.47251 61.59004,-12.5645 89.99766,8.69042 l -2.99541,4.00343 c -26.74134,-20.00818 -54.69714,-22.81869 -84.26899,-8.46454 l 6.34886,9.8239 -32.22667,3.56252 16.48599,-27.91885 z"
fill="#4a90e2"
fill-rule="nonzero"
inkscape:label="blue arrow" />
<path
id="path15237"
d="m 420.85351,515.3951 c 44.78177,-16.77372 76.73255,-43.78559 95.97059,-81.075 l 4.44349,2.29245 c -19.86942,38.51324 -52.88906,66.38293 -98.93993,83.56942 l 3.57186,11.59854 -31.98312,-5.32254 23.44791,-22.39298 z"
fill="#d0021b"
fill-rule="nonzero"
inkscape:label="red arrow" />
<path
d="M 102.09862,494.5951 H 848.50001"
id="Path-4"
stroke="#979797"
inkscape:label="x-axis" />
<text
id="text2447"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="361.91034"
y="577.5553"
inkscape:label="point R"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"><tspan
sodipodi:role="line"
id="tspan2449"
x="361.91034"
y="577.5553">R</tspan></text>
<text
id="text2453"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="919.52246"
y="108.52747"
inkscape:label="point S"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"><tspan
sodipodi:role="line"
id="tspan2459"
x="919.52246"
y="108.52747">S</tspan></text>
<text
id="text2469"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#9b9b9b"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#9b9b9b"
x="653.59094"
y="325.42337"
inkscape:label="R+hash(R,A,m)⋅A"
transform="rotate(30.4)"><tspan
sodipodi:role="line"
id="tspan2471"
x="653.59094"
y="325.42337">R + hash(R,A,m)⋅A</tspan></text>
<g
id="g2493"
inkscape:label="Legend">
<path
id="path15231"
d="M 153.46013,139.88209 H 46.371357 v -5 H 153.46013 v -12 l 29,14.5 -29,14.5 z"
fill="#4a90e2"
fill-rule="nonzero"
inkscape:label="legend blue arrow" />
<path
id="path15233"
d="M 153.46013,80.850682 H 46.371357 v -5 H 153.46013 v -12 l 29,14.5 -29,14.500004 z"
fill="#d0021b"
fill-rule="nonzero"
inkscape:label="legend red arrow" />
<text
id="Signing"
font-family="HelveticaNeue, 'Helvetica Neue'"
font-size="20px"
font-weight="normal"
fill="#000000"
inkscape:label="Signing"
y="-21.825176"
x="43.052998"><tspan
x="45.052998"
y="59.174828"
id="tspan15240">Signing</tspan></text>
<text
id="Verification"
font-family="HelveticaNeue, 'Helvetica Neue'"
font-size="20px"
font-weight="normal"
fill="#000000"
y="-18.916801"
x="44.215107"><tspan
x="46.215107"
y="122.08318"
id="tspan15243">Verification</tspan></text>
</g>
</g>
</g>
<metadata
id="metadata32833">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:title>Group</dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 16 KiB

351
images/vector_drawings/schnorr_sigs.svg
Unescape View File

@ -0,0 +1,351 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
width="1065px"
height="995px"
viewBox="0 0 1065 995"
version="1.1"
id="svg15248"
sodipodi:docname="schnorr_sigs.svg"
inkscape:version="1.2 (56b05e47e7, 2022-06-09, custom)"
inkscape:export-filename="../9026c1c1/schnorr_signatures.png"
inkscape:export-xdpi="300"
inkscape:export-ydpi="300"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<defs
id="defs15252" />
<sodipodi:namedview
id="namedview15250"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageshadow="2"
inkscape:pageopacity="0.0"
inkscape:pagecheckerboard="0"
showgrid="false"
inkscape:zoom="1.343662"
inkscape:cx="622.92452"
inkscape:cy="424.95806"
inkscape:window-width="1920"
inkscape:window-height="1136"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="1"
inkscape:current-layer="Group"
inkscape:showpageshadow="2"
inkscape:deskcolor="#d1d1d1" />
<!-- Generator: Sketch 52.6 (67491) - http://www.bohemiancoding.com/sketch -->
<title
id="title15181">Group</title>
<desc
id="desc15183">Created with Sketch.</desc>
<g
id="Schnorr"
stroke="none"
stroke-width="1"
fill="none"
fill-rule="evenodd"
inkscape:label="Schnorr">
<g
id="Group"
transform="translate(0.75586347,4.7413931)">
<polyline
id="Shape"
stroke="#000000"
stroke-width="4"
stroke-linecap="square"
points="200.727273 494.399999 201.589529 488.783012 202.451785 486.481177 203.314041 484.731801 205.038554 481.996617 206.763066 479.816455 208.487578 477.968278 211.074347 475.606702 213.661115 473.589456 216.247883 471.822575 219.696908 469.761675 223.145932 467.963483 227.457213 466.005488 231.768494 464.306413 236.079774 462.819551 241.253311 461.268909 246.426849 459.933508 252.462642 458.605704 258.498435 457.489523 265.396484 456.434919 273.156789 455.488284 281.77935 454.686685 291.264168 454.055946 301.611242 453.608183 313.682828 453.324958 329.203438 453.205164 367.142709 453.025441 379.214295 452.696271 389.561369 452.206206 399.046186 451.549241 408.531003 450.664037 417.153566 449.641699 425.776127 448.398608 434.398688 446.926115 443.02125 445.21974 451.643811 443.278768 460.266372 441.105683 468.888934 438.705501 477.511496 436.085108 486.996313 432.958061 496.481131 429.586218 505.965948 425.98177 515.450766 422.1568 525.79784 417.746271 536.144914 413.101384 547.354243 407.820191 558.563573 402.294606 569.772903 396.538327 581.844489 390.095297 593.916075 383.412537 606.849917 376.000072 619.783759 368.339297 633.579858 359.907062 647.375956 351.217702 661.172054 342.282057 675.830409 332.528801 690.488764 322.518562 705.147118 312.260431 720.667728 301.137717 736.188339 289.754871 751.70895 278.119697 768.091817 265.572181 784.474683 252.758939 800.85755 239.686852 818.102673 225.65404 835.347796 211.348143 852.592918 196.775379 870.700298 181.193048 888.807677 165.329007 906.915056 149.188997 925.022435 132.778373 943.99207 115.3015 962.961705 97.538537 981.931341 79.494566 1000.90098 61.174375 1020.73287 41.731019 1040.56476 21.995595 1060.39665 1.972737 1062.12116 0.218182 1062.12116 0.218182"
inkscape:label="curve_top" />
<polyline
id="polyline15186"
stroke="#000000"
stroke-width="4"
stroke-linecap="square"
points="200.727273 494.400001 201.589529 500.016988 202.451785 502.318823 203.314041 504.068199 205.038554 506.803383 206.763066 508.983545 208.487578 510.831722 211.074347 513.193298 213.661115 515.210544 216.247883 516.977425 219.696908 519.038325 223.145932 520.836517 227.457213 522.794512 231.768494 524.493587 236.079774 525.980449 241.253311 527.531091 246.426849 528.866492 252.462642 530.194296 258.498435 531.310477 265.396484 532.365081 273.156789 533.311716 281.77935 534.113315 291.264168 534.744054 301.611242 535.191817 313.682828 535.475042 329.203438 535.594836 367.142709 535.774559 379.214295 536.103729 389.561369 536.593794 399.046186 537.250759 408.531003 538.135963 417.153566 539.158301 425.776127 540.401392 434.398688 541.873885 443.02125 543.58026 451.643811 545.521232 460.266372 547.694317 468.888934 550.094499 477.511496 552.714892 486.996313 555.841939 496.481131 559.213782 505.965948 562.81823 515.450766 566.6432 525.79784 571.053729 536.144914 575.698616 547.354243 580.979809 558.563573 586.505394 569.772903 592.261673 581.844489 598.704703 593.916075 605.387463 606.849917 612.799928 619.783759 620.460703 633.579858 628.892938 647.375956 637.582298 661.172054 646.517943 675.830409 656.271199 690.488764 666.281438 705.147118 676.539569 720.667728 687.662283 736.188339 699.045129 751.70895 710.680303 768.091817 723.227819 784.474683 736.041061 800.85755 749.113148 818.102673 763.14596 835.347796 777.451857 852.592918 792.024621 870.700298 807.606952 888.807677 823.470993 906.915056 839.611003 925.022435 856.021627 943.99207 873.4985 962.961705 891.261463 981.931341 909.305434 1000.90098 927.625625 1020.73287 947.068981 1040.56476 966.804405 1060.39665 986.827263 1062.12116 988.581818 1062.12116 988.581818"
inkscape:label="curve_bottom" />
<polyline
id="Path-2"
stroke="#4a90e2"
stroke-width="2"
points="934.927849 122.975921 934.927849 866.632231 243.680999 460.300962"
inkscape:label="signing_verification" />
<circle
id="Oval"
stroke="#2673ba"
stroke-width="3"
fill="#4a90e2"
cx="244"
cy="460"
r="6"
inkscape:label="blue circle" />
<circle
id="circle15190"
stroke="#b50004"
stroke-width="3"
fill="#d0021b"
cx="373"
cy="536"
r="6"
inkscape:label="red circle" />
<circle
id="circle15192"
stroke="#000000"
stroke-width="3"
fill="#9b9b9b"
cx="522"
cy="421"
r="6"
inkscape:label="gray circle" />
<circle
id="circle15194"
stroke="#2673ba"
stroke-width="3"
fill="#4a90e2"
cx="935"
cy="123"
r="6"
inkscape:label="blue circle" />
<circle
id="circle15196"
stroke="#b50004"
stroke-width="3"
fill="#d0021b"
cx="375"
cy="453"
r="6"
inkscape:label="red circle" />
<text
id="G"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="-10.564646"
y="9.0093107"><tspan
x="526.43536"
y="455.00931"
id="tspan15198">G</tspan></text>
<text
id="G-4"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="361.66333"
y="494.6723"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
inkscape:label="point A"><tspan
sodipodi:role="line"
id="tspan2421"
x="361.66333"
y="494.6723">A</tspan></text>
<text
id="s×G"
font-family="Georgia"
font-size="36"
font-weight="normal"
fill="#000000"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
x="561.36523"
y="204.41455"><tspan
sodipodi:role="line"
id="tspan2455"
x="561.36523"
y="204.41455">S=s⋅G</tspan></text>
<text
id="hash(P,R,m)×P"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:29.3333px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
x="35.222843"
y="443.95047"><tspan
sodipodi:role="line"
id="tspan2463"
x="35.222843"
y="443.95047">hash(R,A,m)⋅A</tspan></text>
<text
id="s×G-=-R-+-hash(P,R,m"
transform="rotate(-90)"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#9b9b9b"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#9b9b9b"
x="-694.7868"
y="921.90692"
inkscape:label="S=R+hash(R,A,m)⋅A"><tspan
sodipodi:role="line"
id="tspan2465">S = R + hash(R,A,m)⋅A</tspan></text>
<text
id="P-=-pk×G"
font-family="Georgia"
font-size="36"
font-weight="normal"
fill="#000000"
inkscape:label="A=a⋅G"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
x="391.07199"
y="396.69861"><tspan
sodipodi:role="line"
id="tspan2386"
x="391.07199"
y="396.69861">A=a⋅G</tspan></text>
<text
id="y^2-=-x^3+7"
transform="rotate(36)"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#9b9b9b"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#9b9b9b"
x="847.69379"
y="126.88805"><tspan
sodipodi:role="line"
id="tspan2559"
x="847.69379"
y="126.88805">y² = x³+7</tspan></text>
<text
id="R-=-k×G"
font-family="Georgia"
font-size="36"
font-weight="normal"
fill="#000000"
inkscape:label="R-=-k×G"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
x="467.99869"
y="529.38641"><tspan
sodipodi:role="line"
id="tspan2427"
x="467.99869"
y="529.38641">R=r⋅G</tspan></text>
<path
id="Path-3"
d="m 410.5356,421.66534 c 29.9532,-15.97667 62.62493,-18.30646 97.85594,-7.00972 l -1.52667,4.76123 c -33.77494,-10.82986 -64.88274,-8.69089 -93.47991,6.39692 l 6.62655,9.64773 -32.11386,4.46657 15.69505,-28.37102 z"
fill="#d0021b"
fill-rule="nonzero"
inkscape:label="red arrow" />
<path
id="path15229"
d="M 887.2713,132.42022 C 710.94135,168.73334 592.09852,260.20161 530.47686,406.93285 l -4.60997,-1.93601 C 588.16405,256.6571 708.41819,164.12296 886.3632,127.50232 l -2.18799,-11.84926 31.15084,8.99307 -25.88495,19.52483 z"
fill="#4a90e2"
fill-rule="nonzero"
inkscape:label="blue arrow"
style="fill:#d0021b;fill-opacity:1" />
<path
id="path15235"
d="m 279.03441,428.30065 c 31.45447,-15.47251 61.59004,-12.5645 89.99766,8.69042 l -2.99541,4.00343 c -26.74134,-20.00818 -54.69714,-22.81869 -84.26899,-8.46454 l 6.34886,9.8239 -32.22667,3.56252 16.48599,-27.91885 z"
fill="#4a90e2"
fill-rule="nonzero"
inkscape:label="blue arrow" />
<path
id="path15237"
d="m 420.85351,515.3951 c 44.78177,-16.77372 76.73255,-43.78559 95.97059,-81.075 l 4.44349,2.29245 c -19.86942,38.51324 -52.88906,66.38293 -98.93993,83.56942 l 3.57186,11.59854 -31.98312,-5.32254 23.44791,-22.39298 z"
fill="#d0021b"
fill-rule="nonzero"
inkscape:label="red arrow" />
<path
d="M 102.09862,494.5951 H 848.50001"
id="Path-4"
stroke="#979797"
inkscape:label="x-axis" />
<text
id="text2447"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="361.91034"
y="577.5553"
inkscape:label="point R"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"><tspan
sodipodi:role="line"
id="tspan2449"
x="361.91034"
y="577.5553">R</tspan></text>
<text
id="text2453"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="919.52246"
y="108.52747"
inkscape:label="point S"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"><tspan
sodipodi:role="line"
id="tspan2459"
x="919.52246"
y="108.52747">S</tspan></text>
<text
id="text2469"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#9b9b9b"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#9b9b9b"
x="653.59094"
y="325.42337"
inkscape:label="R+hash(R,A,m)⋅A"
transform="rotate(30.4)"><tspan
sodipodi:role="line"
id="tspan2471"
x="653.59094"
y="325.42337">R + hash(R,A,m)⋅A</tspan></text>
<g
id="g2493"
inkscape:label="Legend">
<path
id="path15231"
d="M 153.46013,139.88209 H 46.371357 v -5 H 153.46013 v -12 l 29,14.5 -29,14.5 z"
fill="#4a90e2"
fill-rule="nonzero"
inkscape:label="legend blue arrow" />
<path
id="path15233"
d="M 153.46013,80.850682 H 46.371357 v -5 H 153.46013 v -12 l 29,14.5 -29,14.500004 z"
fill="#d0021b"
fill-rule="nonzero"
inkscape:label="legend red arrow" />
<text
id="Signing"
font-family="HelveticaNeue, 'Helvetica Neue'"
font-size="20px"
font-weight="normal"
fill="#000000"
inkscape:label="Signing"
y="-21.825176"
x="43.052998"><tspan
x="45.052998"
y="59.174828"
id="tspan15240">Signing</tspan></text>
<text
id="Verification"
font-family="HelveticaNeue, 'Helvetica Neue'"
font-size="20px"
font-weight="normal"
fill="#000000"
y="-18.916801"
x="44.215107"><tspan
x="46.215107"
y="122.08318"
id="tspan15243">Verification</tspan></text>
</g>
</g>
</g>
<metadata
id="metadata32833">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:title>Group</dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 16 KiB

290
images/vector_drawings/schnorr_verification.svg
Unescape View File

@ -0,0 +1,290 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
width="1065px"
height="995px"
viewBox="0 0 1065 995"
version="1.1"
id="svg15248"
sodipodi:docname="schnorr_verification.svg"
inkscape:version="1.2 (56b05e47e7, 2022-06-09, custom)"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<defs
id="defs15252" />
<sodipodi:namedview
id="namedview15250"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageshadow="2"
inkscape:pageopacity="0.0"
inkscape:pagecheckerboard="0"
showgrid="false"
inkscape:zoom="1.343662"
inkscape:cx="481.89203"
inkscape:cy="466.63522"
inkscape:window-width="1920"
inkscape:window-height="1136"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="1"
inkscape:current-layer="Group"
inkscape:showpageshadow="2"
inkscape:deskcolor="#d1d1d1" />
<!-- Generator: Sketch 52.6 (67491) - http://www.bohemiancoding.com/sketch -->
<title
id="title15181">Group</title>
<desc
id="desc15183">Created with Sketch.</desc>
<g
id="Schnorr"
stroke="none"
stroke-width="1"
fill="none"
fill-rule="evenodd"
inkscape:label="Schnorr">
<g
id="Group"
transform="translate(0.75586347,4.7413931)">
<polyline
id="Shape"
stroke="#000000"
stroke-width="4"
stroke-linecap="square"
points="200.727273 494.399999 201.589529 488.783012 202.451785 486.481177 203.314041 484.731801 205.038554 481.996617 206.763066 479.816455 208.487578 477.968278 211.074347 475.606702 213.661115 473.589456 216.247883 471.822575 219.696908 469.761675 223.145932 467.963483 227.457213 466.005488 231.768494 464.306413 236.079774 462.819551 241.253311 461.268909 246.426849 459.933508 252.462642 458.605704 258.498435 457.489523 265.396484 456.434919 273.156789 455.488284 281.77935 454.686685 291.264168 454.055946 301.611242 453.608183 313.682828 453.324958 329.203438 453.205164 367.142709 453.025441 379.214295 452.696271 389.561369 452.206206 399.046186 451.549241 408.531003 450.664037 417.153566 449.641699 425.776127 448.398608 434.398688 446.926115 443.02125 445.21974 451.643811 443.278768 460.266372 441.105683 468.888934 438.705501 477.511496 436.085108 486.996313 432.958061 496.481131 429.586218 505.965948 425.98177 515.450766 422.1568 525.79784 417.746271 536.144914 413.101384 547.354243 407.820191 558.563573 402.294606 569.772903 396.538327 581.844489 390.095297 593.916075 383.412537 606.849917 376.000072 619.783759 368.339297 633.579858 359.907062 647.375956 351.217702 661.172054 342.282057 675.830409 332.528801 690.488764 322.518562 705.147118 312.260431 720.667728 301.137717 736.188339 289.754871 751.70895 278.119697 768.091817 265.572181 784.474683 252.758939 800.85755 239.686852 818.102673 225.65404 835.347796 211.348143 852.592918 196.775379 870.700298 181.193048 888.807677 165.329007 906.915056 149.188997 925.022435 132.778373 943.99207 115.3015 962.961705 97.538537 981.931341 79.494566 1000.90098 61.174375 1020.73287 41.731019 1040.56476 21.995595 1060.39665 1.972737 1062.12116 0.218182 1062.12116 0.218182"
inkscape:label="curve_top" />
<polyline
id="polyline15186"
stroke="#000000"
stroke-width="4"
stroke-linecap="square"
points="200.727273 494.400001 201.589529 500.016988 202.451785 502.318823 203.314041 504.068199 205.038554 506.803383 206.763066 508.983545 208.487578 510.831722 211.074347 513.193298 213.661115 515.210544 216.247883 516.977425 219.696908 519.038325 223.145932 520.836517 227.457213 522.794512 231.768494 524.493587 236.079774 525.980449 241.253311 527.531091 246.426849 528.866492 252.462642 530.194296 258.498435 531.310477 265.396484 532.365081 273.156789 533.311716 281.77935 534.113315 291.264168 534.744054 301.611242 535.191817 313.682828 535.475042 329.203438 535.594836 367.142709 535.774559 379.214295 536.103729 389.561369 536.593794 399.046186 537.250759 408.531003 538.135963 417.153566 539.158301 425.776127 540.401392 434.398688 541.873885 443.02125 543.58026 451.643811 545.521232 460.266372 547.694317 468.888934 550.094499 477.511496 552.714892 486.996313 555.841939 496.481131 559.213782 505.965948 562.81823 515.450766 566.6432 525.79784 571.053729 536.144914 575.698616 547.354243 580.979809 558.563573 586.505394 569.772903 592.261673 581.844489 598.704703 593.916075 605.387463 606.849917 612.799928 619.783759 620.460703 633.579858 628.892938 647.375956 637.582298 661.172054 646.517943 675.830409 656.271199 690.488764 666.281438 705.147118 676.539569 720.667728 687.662283 736.188339 699.045129 751.70895 710.680303 768.091817 723.227819 784.474683 736.041061 800.85755 749.113148 818.102673 763.14596 835.347796 777.451857 852.592918 792.024621 870.700298 807.606952 888.807677 823.470993 906.915056 839.611003 925.022435 856.021627 943.99207 873.4985 962.961705 891.261463 981.931341 909.305434 1000.90098 927.625625 1020.73287 947.068981 1040.56476 966.804405 1060.39665 986.827263 1062.12116 988.581818 1062.12116 988.581818"
inkscape:label="curve_bottom" />
<polyline
id="Path-2"
stroke="#4a90e2"
stroke-width="2"
points="934.927849 122.975921 934.927849 866.632231 243.680999 460.300962"
inkscape:label="signing_verification" />
<circle
id="Oval"
stroke="#2673ba"
stroke-width="3"
fill="#4a90e2"
cx="244"
cy="460"
r="6"
inkscape:label="blue circle" />
<circle
id="circle15190"
stroke="#b50004"
stroke-width="3"
fill="#d0021b"
cx="373"
cy="536"
r="6"
inkscape:label="red circle" />
<circle
id="circle15192"
stroke="#000000"
stroke-width="3"
fill="#9b9b9b"
cx="522"
cy="421"
r="6"
inkscape:label="gray circle" />
<circle
id="circle15194"
stroke="#2673ba"
stroke-width="3"
fill="#4a90e2"
cx="935"
cy="123"
r="6"
inkscape:label="blue circle" />
<circle
id="circle15196"
stroke="#b50004"
stroke-width="3"
fill="#d0021b"
cx="375"
cy="453"
r="6"
inkscape:label="red circle" />
<text
id="G"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="-10.564646"
y="9.0093107"><tspan
x="526.43536"
y="455.00931"
id="tspan15198">G</tspan></text>
<text
id="G-4"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="361.66333"
y="494.6723"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
inkscape:label="point A"><tspan
sodipodi:role="line"
id="tspan2421"
x="361.66333"
y="494.6723">A</tspan></text>
<text
id="s×G"
font-family="Georgia"
font-size="36"
font-weight="normal"
fill="#000000"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
x="561.36523"
y="204.41455"><tspan
sodipodi:role="line"
id="tspan2455"
x="561.36523"
y="204.41455">S=s⋅G</tspan></text>
<text
id="hash(P,R,m)×P"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:29.3333px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"
x="35.222843"
y="443.95047"><tspan
sodipodi:role="line"
id="tspan2463"
x="35.222843"
y="443.95047">hash(R,A,m)⋅A</tspan></text>
<text
id="s×G-=-R-+-hash(P,R,m"
transform="rotate(-90)"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#9b9b9b"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#9b9b9b"
x="-694.7868"
y="921.90692"
inkscape:label="S=R+hash(R,A,m)⋅A"><tspan
sodipodi:role="line"
id="tspan2465">S = R + hash(R,A,m)⋅A</tspan></text>
<text
id="y^2-=-x^3+7"
transform="rotate(36)"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#9b9b9b"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#9b9b9b"
x="847.69379"
y="126.88805"><tspan
sodipodi:role="line"
id="tspan2559"
x="847.69379"
y="126.88805">y² = x³+7</tspan></text>
<path
id="path15229"
d="M 887.2713,132.42022 C 710.94135,168.73334 592.09852,260.20161 530.47686,406.93285 l -4.60997,-1.93601 C 588.16405,256.6571 708.41819,164.12296 886.3632,127.50232 l -2.18799,-11.84926 31.15084,8.99307 -25.88495,19.52483 z"
fill="#4a90e2"
fill-rule="nonzero"
inkscape:label="blue arrow" />
<path
id="path15235"
d="m 279.03441,428.30065 c 31.45447,-15.47251 61.59004,-12.5645 89.99766,8.69042 l -2.99541,4.00343 c -26.74134,-20.00818 -54.69714,-22.81869 -84.26899,-8.46454 l 6.34886,9.8239 -32.22667,3.56252 16.48599,-27.91885 z"
fill="#4a90e2"
fill-rule="nonzero"
inkscape:label="blue arrow" />
<path
d="M 102.09862,494.5951 H 848.50001"
id="Path-4"
stroke="#979797"
inkscape:label="x-axis" />
<text
id="text2447"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="361.91034"
y="577.5553"
inkscape:label="point R"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"><tspan
sodipodi:role="line"
id="tspan2449"
x="361.91034"
y="577.5553">R</tspan></text>
<text
id="text2453"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#000000"
x="919.52246"
y="108.52747"
inkscape:label="point S"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#000000"><tspan
sodipodi:role="line"
id="tspan2459"
x="919.52246"
y="108.52747">S</tspan></text>
<text
id="text2469"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#9b9b9b"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:36px;font-family:Georgia;-inkscape-font-specification:'Georgia, Normal';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;fill:#9b9b9b"
x="653.59094"
y="325.42337"
inkscape:label="R+hash(R,A,m)⋅A"
transform="rotate(30.4)"><tspan
sodipodi:role="line"
id="tspan2471"
x="653.59094"
y="325.42337">R + hash(R,A,m)⋅A</tspan></text>
<g
id="g2493"
inkscape:label="Legend">
<path
id="path15233"
d="M 153.46013,80.850682 H 46.371357 v -5 H 153.46013 v -12 l 29,14.5 -29,14.500004 z"
fill="#d0021b"
fill-rule="nonzero"
inkscape:label="legend red arrow" />
<text
id="Signing"
font-family="HelveticaNeue, 'Helvetica Neue'"
font-size="20px"
font-weight="normal"
fill="#000000"
inkscape:label="Signing"
y="-21.825176"
x="43.052998"><tspan
x="45.052998"
y="59.174828"
id="tspan15240">Signing</tspan></text>
</g>
</g>
</g>
<metadata
id="metadata32833">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:title>Group</dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 14 KiB

122
images/vector_drawings/secp256k1.svg
Unescape View File

@ -0,0 +1,122 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
width="1065px"
height="995px"
viewBox="0 0 1065 995"
version="1.1"
id="svg15248"
sodipodi:docname="secp256k1.svg"
inkscape:version="1.2 (56b05e47e7, 2022-06-09, custom)"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<defs
id="defs15252" />
<sodipodi:namedview
id="namedview15250"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageshadow="2"
inkscape:pageopacity="0.0"
inkscape:pagecheckerboard="0"
showgrid="false"
inkscape:zoom="0.94673367"
inkscape:cx="484.29671"
inkscape:cy="495.38747"
inkscape:window-width="1920"
inkscape:window-height="1136"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="1"
inkscape:current-layer="Schnorr"
inkscape:showpageshadow="2"
inkscape:deskcolor="#d1d1d1" />
<!-- Generator: Sketch 52.6 (67491) - http://www.bohemiancoding.com/sketch -->
<title
id="title15181">Group</title>
<desc
id="desc15183">Created with Sketch.</desc>
<g
id="Schnorr"
stroke="none"
stroke-width="1"
fill="none"
fill-rule="evenodd"
inkscape:label="Schnorr">
<g
id="Group"
transform="translate(0.000000, 3.000000)">
<polyline
id="curve_top"
stroke="#000000"
stroke-width="4"
stroke-linecap="square"
points="200.727273 494.399999 201.589529 488.783012 202.451785 486.481177 203.314041 484.731801 205.038554 481.996617 206.763066 479.816455 208.487578 477.968278 211.074347 475.606702 213.661115 473.589456 216.247883 471.822575 219.696908 469.761675 223.145932 467.963483 227.457213 466.005488 231.768494 464.306413 236.079774 462.819551 241.253311 461.268909 246.426849 459.933508 252.462642 458.605704 258.498435 457.489523 265.396484 456.434919 273.156789 455.488284 281.77935 454.686685 291.264168 454.055946 301.611242 453.608183 313.682828 453.324958 329.203438 453.205164 367.142709 453.025441 379.214295 452.696271 389.561369 452.206206 399.046186 451.549241 408.531003 450.664037 417.153566 449.641699 425.776127 448.398608 434.398688 446.926115 443.02125 445.21974 451.643811 443.278768 460.266372 441.105683 468.888934 438.705501 477.511496 436.085108 486.996313 432.958061 496.481131 429.586218 505.965948 425.98177 515.450766 422.1568 525.79784 417.746271 536.144914 413.101384 547.354243 407.820191 558.563573 402.294606 569.772903 396.538327 581.844489 390.095297 593.916075 383.412537 606.849917 376.000072 619.783759 368.339297 633.579858 359.907062 647.375956 351.217702 661.172054 342.282057 675.830409 332.528801 690.488764 322.518562 705.147118 312.260431 720.667728 301.137717 736.188339 289.754871 751.70895 278.119697 768.091817 265.572181 784.474683 252.758939 800.85755 239.686852 818.102673 225.65404 835.347796 211.348143 852.592918 196.775379 870.700298 181.193048 888.807677 165.329007 906.915056 149.188997 925.022435 132.778373 943.99207 115.3015 962.961705 97.538537 981.931341 79.494566 1000.90098 61.174375 1020.73287 41.731019 1040.56476 21.995595 1060.39665 1.972737 1062.12116 0.218182 1062.12116 0.218182" />
<polyline
id="curve_bottom"
stroke="#000000"
stroke-width="4"
stroke-linecap="square"
points="200.727273 494.400001 201.589529 500.016988 202.451785 502.318823 203.314041 504.068199 205.038554 506.803383 206.763066 508.983545 208.487578 510.831722 211.074347 513.193298 213.661115 515.210544 216.247883 516.977425 219.696908 519.038325 223.145932 520.836517 227.457213 522.794512 231.768494 524.493587 236.079774 525.980449 241.253311 527.531091 246.426849 528.866492 252.462642 530.194296 258.498435 531.310477 265.396484 532.365081 273.156789 533.311716 281.77935 534.113315 291.264168 534.744054 301.611242 535.191817 313.682828 535.475042 329.203438 535.594836 367.142709 535.774559 379.214295 536.103729 389.561369 536.593794 399.046186 537.250759 408.531003 538.135963 417.153566 539.158301 425.776127 540.401392 434.398688 541.873885 443.02125 543.58026 451.643811 545.521232 460.266372 547.694317 468.888934 550.094499 477.511496 552.714892 486.996313 555.841939 496.481131 559.213782 505.965948 562.81823 515.450766 566.6432 525.79784 571.053729 536.144914 575.698616 547.354243 580.979809 558.563573 586.505394 569.772903 592.261673 581.844489 598.704703 593.916075 605.387463 606.849917 612.799928 619.783759 620.460703 633.579858 628.892938 647.375956 637.582298 661.172054 646.517943 675.830409 656.271199 690.488764 666.281438 705.147118 676.539569 720.667728 687.662283 736.188339 699.045129 751.70895 710.680303 768.091817 723.227819 784.474683 736.041061 800.85755 749.113148 818.102673 763.14596 835.347796 777.451857 852.592918 792.024621 870.700298 807.606952 888.807677 823.470993 906.915056 839.611003 925.022435 856.021627 943.99207 873.4985 962.961705 891.261463 981.931341 909.305434 1000.90098 927.625625 1020.73287 947.068981 1040.56476 966.804405 1060.39665 986.827263 1062.12116 988.581818 1062.12116 988.581818" />
<circle
id="circle15192"
stroke="#000000"
stroke-width="3"
fill="#9B9B9B"
cx="522"
cy="421"
r="6"
inkscape:label="gray_circle" />
<text
id="G"
font-family="Georgia"
font-size="36"
font-weight="normal"
fill="#000000"><tspan
x="537"
y="446"
id="tspan15198">G</tspan></text>
<text
id="y^2-=-x^3+7"
transform="rotate(36)"
font-family="Georgia"
font-size="36px"
font-weight="normal"
fill="#9b9b9b"
x="149.53462"
y="-491.79929"><tspan
x="801.10394"
y="195.23965"
id="tspan15213"
inkscape:label="tspan15213">y^2 = x^3+7</tspan></text>
<text
id="Generator-point"
font-family="HelveticaNeue, Helvetica Neue"
font-size="20"
font-weight="normal"
fill="#9B9B9B"><tspan
x="536"
y="471"
id="tspan15219">Generator point</tspan></text>
<path
d="M102.098624,494.595105 L848.500006,494.595105"
id="Path-4"
stroke="#979797"
inkscape:label="x-axis" />
</g>
</g>
<metadata
id="metadata32833">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:title>Group</dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 6.7 KiB

62
schnorr.asciidoc
Unescape View File

@ -47,54 +47,84 @@ For example, the public key of the transaction signer +P+ is computed by the mul
.Schnorr signatures illustrated
image::images/schnorr_signatures.png["Schnorr signatures illustrated"]
==== Creting a Schnorr signature
The first part of a signature scheme is the formula used to create the digital signature, which is shown in <<schnorr_signing_formula>>:
[[schnorr_signing_formula]]
.Bitcoin's Schnorr signing formula
latexmath:[\(s⋅G = R + hash(R || P || m)⋅P\)]
latexmath:[\(S = R + hash(R || A || m) ⋅ A\)]
Let's work through this formula step-by-step, explaining the various components as they are built from the perspective of the software that is signing a specific Bitcoin transaction.
===== The wallet owner's private key (pk)
First of all, the purpose of Bitcoin digital signatures is to prove ownership and allow spending of bitcoin in a transaction. The owner of the bitcoin is identified by a private key +pk+, which they have kept secret. The owner has derived a corresponding public key +P+, such that latexmath:[\(P = pk⋅G\)]. As a reminder, +G+ is a known and fixed point on the elliptic curve called the _generator point_, used as the starting point for elliptic curve multiplication and public key derivation (see <<public_key_derivation>>).
[TIP]
====
Throughout this book, we use lower-case letters to represent private keys (eg. +a+ is Alice's private key) and the corresponding upper case letter to denote the public key (eg. +A+ is Alice's public key). Upper-case letters more generally represent points on the elliptic curve, with +G+ being the special predefined generator point of the curve.
====
===== The wallet owner's private key (a)
First of all, the purpose of Bitcoin digital signatures is to prove ownership and allow spending of bitcoin in a transaction. Alice, the owner of the bitcoin being spent, has a private key +a+, which she has kept secret. Alice has derived a corresponding public key +A+, such that latexmath:[\(A = a⋅G\)]. As a reminder, +G+ is a known and fixed point on the elliptic curve called the _generator point_, used as the starting point for elliptic curve multiplication and public key derivation (see <<public_key_derivation>>).
===== The ephemeral random value +r+
The signing software will randomly generate one more integer (also known as the _emphemeral_ or _nonce_ value) +r+ and corresponding point +R+ such that:
The signing software will randomly generate one more integer (also known as the _emphemeral key_ ) +r+ and corresponding point +R+ such that:
latexmath:[\(R = r⋅G\)]
As in ECDSA signatures, it is *essential* to the security of the Schnorr signature scheme that +r+ is indeed random and used only once. Repeating values of +r+ with different messages or signing keys may allow an attacker to guess the signer's private key, defeating the security of the scheme.
// As a reminder, wallet developers decide how their signing software will work and it is up to them to ensure there are no repeating +r+ values.//
////
TODO
As a reminder, wallet developers decide how their signing software will work and it is up to them to ensure there are no repeating +r+ values.
////
===== The Bitcoin transaction (message) +m+
In cryptography, the thing we are signing is called the "message". In Bitcoin, the message is the serialized Bitcoin transaction. Therefore, in the formula the Bitcoin transaction is denoted by the letter +m+, for "message".
In cryptography, the thing we are signing is called the "message". In Bitcoin, the message is the serialized Bitcoin transaction. Therefore, in the signing formula we represent the serialized Bitcoin transaction with the letter +m+, from the word "message".
===== The prefixed hash of the message +m+
The signing software will now calculate a SHA256 hash of the message +m+, prefixed by +R+ and +P+, as follows:
The signing software will now calculate a SHA256 hash of the message +m+, prefixed by +R+ and +A+, as follows:
latexmath:[\(hash( R || P || m )\)]
latexmath:[\(hash( R || A || m )\)]
In Bitcoin's implementation of Schnorr signatures, the message is prefixed by +R+ and +P+ in the hash formula so as to _bind_ the signed message to those public keys, preventing a class of attacks called "related key attacks".
In Bitcoin's implementation of Schnorr signatures, the message is prefixed by +R+ and +A+ in the hash formula so as to _bind_ the signed message to those public keys, preventing a class of attacks called "related key attacks".
// To learn more about "related key attacks" see:
////
TODO
To learn more about "related key attacks" see:
////
===== Calculating the signature value +s+
Finally, the signing software calculates a value +s+, using the equation in <<schnorr_signing_formula>>:
Finally, Alice's wallet calculates a value for +s+, using the equation in <<schnorr_signing_formula>>:
latexmath:[\(s⋅G = R + hash(R || A || m)⋅A\)]
Alice and only Alice can calculate +s+, because only Alice knows the secret values +a+ and +r+.
.Calculating +s+ for the Schnorr signature
****
The algebraic formula that Alice's software uses to calculate +s+ is based on her knowledge of the secret keys +r+ and +a+, works as follows:
latexmath:[\(s⋅G = R + hash(R || P || m)⋅P\)]
++S = R + hash(R,A,m)⋅A++
++s⋅G = r⋅G + hash(R,A,m)⋅a⋅G++
++s⋅G = (r + hash(R,A,m)⋅a)⋅G++
++s = (r + hash(R,A,m)⋅a)++
Only Alice, since she knows +r+ and +a+, can find a value for +s+ that satisfies the signing formula:
++S = R + hash(R,A,m) ⋅ A++
****
===== Encoding the signature
The signature is encoded in the witness of the Bitcoin transaction as a serialized encoding of the pair of values (R, s), which allows anyone to verify the authenticity of the signature.
The signature is encoded in the witness of the Bitcoin transaction as a serialized encoding of the pair of values (R, S), which allows anyone to verify the authenticity of the signature.
===== Verifying the signature
Given the signature +(R, s)+, the message (Bitcoin transaction) +m+, and the owner's public key +P+ a verifier can evaluate the same formula as in <<schnorr_signing_formula>> and see that the two parts are equal. Since the verifier does not have the private key +pk+ or the nonce value +r+, that were used to produce the points +P+ and +R+ respectively, they cannot themselves calculate a value +s+ that satisfies the formula. They can however, given the value +s+, verify that it works in the equation and thereby verify that the signature is authentic.
Given the signature +(R, S)+, the message (Bitcoin transaction) +m+, and the owner's public key +P+ a verifier can evaluate the same formula as in <<schnorr_signing_formula>> and see that the two parts are equal. Since the verifier does not have the private key +a+ or the ephemeral random key +r+, that were used to produce the points +A+ and +R+ respectively, they cannot themselves calculate a value +s+ that satisfies the formula. They can however, given the value +S+, verify that it works in the equation and thereby verify that the signature is authentic.

Write Preview
Loading…
Cancel
Save