Viewing posts for the category Cryptography
The idea of a ring signature (the term itself is a bit sloppy in context, but let's stick with it for now) is simple enough:
How sure are you that the cryptography underlying Bitcoin is secure? With regard to one future development of Bitcoin's crypto, in discussions in public fora, I have more than once confidently asserted "well, but the Schnorr signature has a security reduction to ECDLP". Three comments on that before we begin:
This post was mostly prompted by a long series of discussions had online and in person with many people, including in particular Adam Back and Tim Ruffing (but lots of others!) - and certainly not restricted to discussions I took part in - about the tradeoffs in a version of Bitcoin that does actually use Confidential Transactions.
(**THIS ALGORITHM IS BROKEN** .. OOPS! LEAVING FOR POSTERITY, BUT I HAVE MARKED WITH *** A COMMENT IN THE BELOW THAT IDENTIFIES THE FLAW IN THE REASONING. Also, there is a way I think it could be made to work, but only in a more restricted context than initially envisioned; again, see the comment below marked with ***).
I've spent the last few weeks working on this paper, which comes out of my own desire to understand the technical underpinnings of Bulletproofs (see my previous post). It ends up being a walkthrough of sections of three academic papers, with "Asides" along the ways about various supporting concepts like Commitments and Zero Knowledge Proofs.
Adam Gibson (20)