|Page Name:||Experiment: Chainsignature|
The purpose of a signature is to authenticate the creator of the signed object.
In the case of blind dates, internet shopping there is nothing to authenticate at the first exchange of information, because all merchants and blind date partners are total strangers anyway. What matters is that the correspondence that follows the first exchange of information is with the same stranger, not with some other stranger.
The scheme is that message M_n signature is a secure hash of a concatenation of all messages since the first message, message M_n included. If M_1 is a file with the very first message that the signer sent and M_2 is the 2. message that the signer sent, then a way to calculate the signature is:
cat ./M_1.blob > ./x.blob # The ">" is required for overwriting the old x.blob .
cat ./M_2.blob >> ./x.blob # The ">>" in stead of the ">" is
# required to add in stead of overwriting.
cat ./M_3.blob >> ./x.blob
cat ./M_n.blob >> ./x.blob
sha256sum ./x.blob > ./the_signature.txt
The M_n must be included to the signature calculation x.blob to make sure that an eavesdropper can not reuse the signature for signing its own message. To make eavesdropping more difficult, different messages might be sent through different channels.
The message M_1 might be accompanied by M_0, which might be some bitstream that is distributed as a small piece of paper with a QR-code. Given that NSA and alike do not intercept paper-mail/snail-mail without specifically targeting someone, because the cost of doing physical processing of physical letters is too high, some initial symmetric cryptography keys and the M_0 might be sent by using snail-mail.