cosign is my new program for cooperatively signing documents with RSA (PKCS#1 v1.5 + SHA256) in a way that requires all the parties to produce partial signatures on the document without any of them having access to the private key.

Inspired by Boyd's 1986 paper "Digital Multisignatures", which introduced additive secret sharing for splitting RSA keys. Unfortunately I haven't found an online version of that paper, although a followup from 1988 is available.

@zwol OAEP includes a random bit string to avoid determinism, which makes it unsuitable for distributed signatures unless the parties agree on the randomness.

@th looks interesting! Maybe add to readme a brief note on what parameters are used (key size) and (though it doesn't matter in this setting) performance?

@eqe noted! thanks for the suggestion. (2048 bit for now, since that was what I was hoping to be able to install to yubikeys)

Sign in to participate in the conversation
(void *) social site