Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

multisig - signature format #23

Open
axic opened this issue Sep 21, 2016 · 2 comments

Comments

@axic
Copy link

commented Sep 21, 2016

For storing signatures. Should be analogous to multikey (ipfs/specs#58).

Note: this is just a quick writeup, up for debate.

Following the usual structure:
<schema type><size><signature>

Signature itself is defined as:

  • RSA: raw signature (key size is defined by signature length)
  • ECDSA: SEC1 format
  • Others?

Unspecified:

  • probably we need to specify padding options for RSA
  • probably it would be useful having the signed hash optionally included? (but this can get messy)
@james-darkfox

This comment has been minimized.

Copy link

commented Apr 24, 2017

"multisig" is better known as an obvious (and general) solution to threshold signatures. A multisig signature consists of "multiple signatures". I.e. Alice and Bob within a group of Alice, Bob, Carol, Dave; co-signed an object on behalf of the group - not just themselves.

Multisig is commonly referenced within the cryptocurrency community.

FWIW: An ideal threshold signature (like Schnorr signatures; I.e. ed25519) is identical to a signature form a single party, requiring no difference in the representation nor verification process.

If you plan to support "multisig (list)" in "multisig (this project)", you will need to support .. lists. Alternatively you may consider each signature independent and leave the rest to the application.

Unfortunately, I do not have any alternative naming suggestions for identifying signatures, especially within this collection of "multi*".

@EternalDeiwos

This comment has been minimized.

Copy link

commented Feb 1, 2018

Naming problems aside; I would really like to see this distinct kind of multiformat but in addition to something like multikey.

Regarding the structure, I'd propose the following:

<dsa type><hash type><length><signature>

Where signature is the signed bytes of the hash defined by <hash type> using the DSA defined by <dsa type>.

The format and padding information would yield distinct DSA types such as:

  • RSA_PSS
  • RSA_PKCS1
  • ECDSA_P256
  • ECDSA_K256 (secp256k1 -- "bitcoin curve")
  • etc.

Regarding naming: given the specific attention to signatures and key material (ipfs/specs#58) and the inevitable attention that encryption will draw soon, it may be worthwhile to consider a multicrypto spec that defines all three of these in relation to each other and the other multiformats.

multicrypto-encryption may look something like:

<cipher type><length><cipher text>

Where <cipher type> is a known cipher of varying key lengths (similar to how different hashes are set up in multihash):

  • AES_128
  • AES_256
  • etc.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
3 participants
You can’t perform that action at this time.