Re: Members of Parliament Problem

[paul@fatmans.demon.co.uk]

> I don't quite follow how this would work.  If Trent issues a blind
> signature, then that means (doesn't it?) that he doesn't see what he
> is signing.  So how can he confirm that the message is actually from
> a member of the group when he doesn't see it?

I should have elaborated a little on this.

My idea was that trent should be able to decrypt the message and 
verify it was meaninful (at least probably so) by some form of 
frequency analysis, as he would be a computer program this would not
be a significant time loss in a system with few users (such as 
parliament as suggested with the initial problem)
if the resulting message didn`t have approximate 
frequency distributions of letters you would expect in natural 
langauge or source code or whatever the message would not be 
published as it is probably an invalid key being used thus decrypting 
to garbage. A better way to do all this would probably just be to 
have Bob sign the message then Trent strip the signature before 
signing it himself but I just dashed this off as a quick response 
without really thinking it through. A nicer protocol would be one 
where the key distribution is easier initially (isn`t this always the 
case ;-)) or even a protocol which isn`t arbitrated, like your reply 
said Chaum mentions protocols for this.



 

  Datacomms Technologies web authoring and data security
       Paul Bradley, Paul@fatmans.demon.co.uk
  Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org    
       Http://www.cryptography.home.ml.org/
      Email for PGP public key, ID: 5BBFAEB1
     "Don`t forget to mount a scratch monkey"