[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Question about Blind Signature



Hi!
I have some stupid question about how to implement blind signature.
I Know it works as follows:
If A wants B to sign X but donot know it is X, A can send
   X*PK(random)  : PK is public key of B
Then B signs on message:
  SK(X*PK(random)) ==> SK(X)*random
Then A can obtain SK(X) by SK(X)*random/random

My question is when I see how RSA encrypts using PKCS
The PKCS block is like this
 00 01 FF FF FF FF ... 00 input
Then SK(00 01 FF FF FF .. 00 input) .
If the input = X*PK(random)
then SK(00 01 FF FF FF .. 00 X*PK(random)) will not produce SK(X)*random
How to solve this??
Thanks!!