As Blinding is known in cryptography , a method in which a client a service can be used in a coded form, without knowing either the input or the output. The method finds particular to prevent side channel attacks and the identity-based encryption ( English Identity-Based Encryption , IBE ) application.
Mathematical definition
In the blinding process, there are two bijective functions , one of which is needed to be blinding (encoding) and the other is needed to be deblinding (i.e., unblinding; decoding).
The RSA cryptosystem is usually used as the encryption function . However, other asymmetric encryption functions can also be used. The following definitions are also used:
symbol
Mathematical definition
Explanation
news
m
{\ displaystyle m}
∃
m
:
m
∈
N
{\ displaystyle \ exists m: m \ in \ mathbb {N}}
the plaintext
c
{\ displaystyle c}
∃
c
:
c
∈
N
{\ displaystyle \ exists c: c \ in \ mathbb {N}}
the ciphertext
RSA cryptosystem
N
{\ displaystyle N}
∃
N
:
N
∈
N
∧
N
>
m
{\ displaystyle \ exists N: N \ in \ mathbb {N} \ land N> m}
The product of two prime numbers
p
,
q
{\ displaystyle p, q}
e
{\ displaystyle e}
∃
e
:
e
∈
N
{\ displaystyle \ exists e: e \ in \ mathbb {N}}
the exponent of the public key
d
{\ displaystyle d}
∃
d
:
d
∈
N
{\ displaystyle \ exists d: d \ in \ mathbb {N}}
the exponent of the private key
(
N
,
e
)
{\ displaystyle (N, e)}
the public key
(
N
,
d
)
{\ displaystyle (N, d)}
the private key
f
{\ displaystyle f}
∃
f
:
(
m
,
(
N
,
e
)
)
↦
m
e
(
mod
N
)
=
c
{\ displaystyle \ exists f: (m, (N, e)) \ mapsto m ^ {e} (\! {\ bmod {N}}) = c}
the RSA encryption function, which accepts the plain text and the public key and outputs the ciphertext
G
{\ displaystyle g}
∃
G
:
(
c
,
(
N
,
d
)
)
↦
c
d
=
(
m
e
(
mod
N
)
)
d
=
(
m
e
)
d
(
mod
N
)
=
m
(
mod
N
)
=
m
{\ displaystyle \ exists g: (c, (N, d)) \ mapsto c ^ {d} = \ left (m ^ {e} \ left (\! {\ bmod {N}} \ right) \ right) ^ {d} = \ left (m ^ {e} \ right) ^ {d} (\! {\ bmod {N}}) = m (\! {\ bmod {N}}) = m}
the RSA decryption function, which accepts the ciphertext and the private key and outputs the plaintext
Blinding functions
r
{\ displaystyle r}
∃
r
:
r
∈
N
∩
]
1
,
N
[
∧
gcd
(
r
,
N
)
=
1
{\ displaystyle \ exists r: r \ in \ mathbb {N} \ cap {] 1, N [} \ land \ gcd (r, N) = 1}
Which used only once and transmitted in plain text random number relatively prime to be.
N
{\ displaystyle N}
B.
{\ displaystyle B}
∃
B.
:
(
m
,
r
)
↦
(
m
r
)
e
(
mod
N
)
=
m
′
{\ displaystyle \ exists B: (m, r) \ mapsto (m \, r) ^ {e} \ left (\! {\ bmod {N}} \ right) = m '}
the blinding function
D.
{\ displaystyle D}
∃
D.
:
(
f
(
m
′
)
,
r
)
↦
f
(
m
′
)
r
-
1
(
mod
N
)
=
f
(
m
)
(
mod
N
)
=
f
(
m
)
{\ displaystyle \ exists D: (f (m '), r) \ mapsto f (m') \, r ^ {- 1} \ left (\! {\ bmod {N}} \ right) = f (m ) \ left (\! {\ bmod {N}} \ right) = f (m)}
the deblinding function
↑ a b c d e see RSA key generation
This applies to blinding and deblinding, neglecting the public and private keys, as well as :
r
{\ displaystyle r}
m
=
G
(
c
)
=
G
(
f
(
m
)
)
≡
m
=
G
(
c
)
=
G
(
D.
(
f
(
B.
(
m
)
)
)
)
{\ displaystyle m = g (c) = g (f (m)) \ equiv m = g (c) = g (D (f (B (m))))}
swell
^ A b c d David Gray, Caroline Sheedy: Public Key Infrastructures, Services and Applications . In: EuroPKI 2010, Lecture Notes in Computer Science (LNCS) . tape 6711 . Springer, Berlin, Heidelberg 2011, ISBN 978-3-642-53997-8 , E-Voting: A New Approach Using Double-Blind Identity-Based Encryption, p. 93-108 (English).
<img src="https://de.wikipedia.org/wiki/Special:CentralAutoLogin/start?type=1x1" alt="" title="" width="1" height="1" style="border: none; position: absolute;">