Bitcoin Forum
September 27, 2018, 11:06:28 PM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Bitcoin Forum > Bitcoin > Development & Technical Discussion (Moderators: gmaxwell, achow101) > Re: ECDSA Signatures allow recovery of the public key
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Re: ECDSA Signatures allow recovery of the public key  (Read 661 times)
jl2012
Legendary
*
Offline Offline

Activity: 1792
Merit: 1010


View Profile
January 19, 2015, 08:32:50 AM
 #1
Reviving this thread.

With all the discussion in blocksize fork, could we consider to implement this public-key-free signature? It will save about 15% space for a standard 226 bytes 1-input-2-outputs transaction.

Roughly speaking, CPU speed and network speed doubles every 18 and 21 months respectively. Therefore, it makes sense to shift the burden from the network to CPU. Also, it is always possible to fall back to the traditional signature verification.
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
1538089588
Hero Member
*
Offline Offline

Posts: 1538089588

View Profile Personal Message (Offline)

Ignore
1538089588
1538089588
Reply with quote  #2
1538089588
Report to moderator
Mixing reinvented for your privacy ChipMixer.com ChipMixerwzxtzbw.onion
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
gmaxwell
Moderator
Legendary
*
qt
Offline Offline

Activity: 2520
Merit: 1514



View Profile
January 19, 2015, 03:05:31 PM
 #2
Please don't bump old threads, especially not to propose something new. You can always link to the old thread in a new post.

I would strongly recommend against it. If Bitcoin were to deploy a new signature system we'd likely prefer schnorr signatures to pick up efficient multisignature; there are other approaches which much more size reduction (E.g. BLS pairing signatures are half the size); and there are other considerations.
Bitcoin will not be compromised
jl2012
Legendary
*
Offline Offline

Activity: 1792
Merit: 1010


View Profile
January 19, 2015, 05:19:20 PM
 #3
Quote from: gmaxwell on January 19, 2015, 03:05:31 PM
Please don't bump old threads, especially not to propose something new. You can always link to the old thread in a new post.

I would strongly recommend against it. If Bitcoin were to deploy a new signature system we'd likely prefer schnorr signatures to pick up efficient multisignature; there are other approaches which much more size reduction (E.g. BLS pairing signatures are half the size); and there are other considerations.

I always think bitcoin should support more signature systems and hash algorithms, with different key size. Low value outputs could be protected by a single small key, while high value outputs for long-term storage could be protected by multisig with different signature systems.
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion (Moderators: gmaxwell, achow101) > Re: ECDSA Signatures allow recovery of the public key
 « previous topic next topic »
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!