Follow

cosign is my new program for cooperatively signing documents with RSA (PKCS#1 v1.5 + SHA256) in a way that requires all the parties to produce partial signatures on the document without any of them having access to the private key. github.com/osresearch/cosign

Inspired by Boyd's 1986 paper "Digital Multisignatures", which introduced additive secret sharing for splitting RSA keys. Unfortunately I haven't found an online version of that paper, although a followup from 1988 is available. link.springer.com/content/pdf/

@zwol OAEP includes a random bit string to avoid determinism, which makes it unsuitable for distributed signatures unless the parties agree on the randomness.

@th looks interesting! Maybe add to readme a brief note on what parameters are used (key size) and (though it doesn't matter in this setting) performance?

@eqe noted! thanks for the suggestion. (2048 bit for now, since that was what I was hoping to be able to install to yubikeys)

Sign in to participate in the conversation
(void *) social site

(void*)