Title: Signing a message Post by: FabioCarpi on October 05, 2016, 03:24:34 AM If I sign the same message several times, the bitcoin-qt returns the same signature.
It does not use a random seed for signing, such as signing transactions? Title: Re: Signing a message Post by: AgentofCoin on October 05, 2016, 10:05:45 PM If I sign the same message several times, the bitcoin-qt returns the same signature. It does not use a random seed for signing, such as signing transactions? No, message signing is different from transaction signing. Message signing has three parts: (1) Address (with privatekey), (2) Message, and (3) Signature. When signing a message, you are providing proof that the message comes from that bitcoin address (and thus you have control over that privatekey). If you change the address you are signing from, your signature will change. There is no random seed in basic message signing, since that would defeat others ability to verify it. Title: Re: Signing a message Post by: FabioCarpi on October 05, 2016, 10:46:44 PM If I sign two transactions with the same seed, I expose my private key.
The same thing happens with the message signature? Title: Re: Signing a message Post by: achow101 on October 05, 2016, 10:49:31 PM If I sign the same message several times, the bitcoin-qt returns the same signature. It does not use a random seed for signing, such as signing transactions? No, message signing is different from transaction signing. Message signing has three parts: (1) Address (with privatekey), (2) Message, and (3) Signature. When signing a message, you are providing proof that the message comes from that bitcoin address (and thus you have control over that privatekey). If you change the address you are signing from, your signature will change. There is no random seed in basic message signing, since that would defeat others ability to verify it. If I sign two transactions with the same seed, I expose my private key. Yes, that can happen. But that will not happen here because the signatures are identical. You only expose the private key if the R values are the same but the S values are different. In this case, because the signatures are identical, then both R and S are identical so it doesn't matter.The same thing happens with the message signature? Title: Re: Signing a message Post by: FabioCarpi on October 05, 2016, 11:20:41 PM If I sign two transactions with the same seed, I expose my private key.
The same thing happens with the message signature? Title: Re: Signing a message Post by: FabioCarpi on October 05, 2016, 11:21:21 PM In my algorithm, I give different signatures for the same message, because I'm using the same function to sign transaction.
How it should be? Title: Re: Signing a message Post by: achow101 on October 06, 2016, 12:24:58 AM In my algorithm, I give different signatures for the same message, because I'm using the same function to sign transaction. That's ok. I'm not sure why Core returns the same signature. I think it may just be cached by the software, I need to look into a bit more.How it should be? It seems to be cached. This seems to be implied by this comment in the signing stuff: Code: Furthermore, it is guaranteed that identical signatures (including their Title: Re: Signing a message Post by: piotr_n on October 06, 2016, 09:02:32 PM It seems to be cached. This seems to be implied by this comment in the signing stuff: More likely they're using deterministic signatures.Code: Furthermore, it is guaranteed that identical signatures (including their https://bitcointalk.org/index.php?topic=727918.0 I think it wasn't like this before. Perhaps it came with the sipa's secp256k1 lib. |