Online/Offline Signatures
In Nov 1988, Silvio Micali, Oded Goldreich and Shimon Even submitted a patent that allowed for a pre-computation element so that a message could be signed without the requirement to be on-line. It involved two main stages. The first was a precomputed value that was independent on the message (s1), and the second for a one-time public key (s2) [here]:
Let’s implement an offline/online signature scheme, based on the paper: “An online/offline signature scheme based on the strong rsa assumption” [1]. In this method, we generate two prime numbers p and q and which are:
p=2p′+1
q=2q′+1
and where p′ and q′ are also prime. We then create a random generator (g), and select a hash function (H). This hash function has k bits. Alice’s public key is:
(n,g,H)
and her private key is (p,q).
Offline phase
Alice selects a number of random values (s_i) between 0 and (p′×q′), and then calculates:
The offline pairs will be (s_i,X_i).
