In our Horribly Flawed World of PKI … Go Schnorr

A demo of the method is here.

We live in a world of PKI, and where we distribute public keys through digital certificates. It is a horribly jumbled world, which few people understand. If we were to start again, we would not implement PKI. The world of Bitcoin and blockchain does it much better, and where I can sign something with my private key, and then the signature can be used to derive my public key back again. In this way, I don’t have to distribute my public key, you can find it out from my signature. We can also verify that I am the signer of my message, without needing to put my public key in a trusted certificate. And so we turn to Schnorr signatures, and their implementation in the Go programming language.

Schnorr signatures

With the Schnorr signature, we create a signature (R,s) for a hash of the message (MM). We first generate a private key (x) and then derive the public key from a point on the elliptic curve (G) to get:

P=x⋅G

Next we select a random value (k) to get a signature value of R:

R=k⋅G

The value of s is then:

s=k−Hash(M,R)⋅x

Our signature of M is (s,R) and the public key is P.