Bil*_*oon 3 algorithm cryptography shuffle
我正在寻找一种方法来在两个不相互信任的客户之间洗牌一系列已知值(如一副牌),这种方式可以被双方验证,并且无法获得任何优势.
到目前为止我在想......
for each item in array:
A tells B random number to use (Ra1) <~ prevent B from using pre-calculated password
B creates secret random number, and shows hash to A <~ can prove this number is used
B adds his own secret random number (Ra1+Rb1) <~ prevent A from using pre-calculated password
B encrypts a random array value using the combined password (Ra1+Rb1), removing from the stack
B gives encrypted value to A
A re-encrypts the value <~ prevent B from recognizing his package later
A stores at random index in new array of unknown items
A shows the full array to B <~ B can be confident that the array will not be tampered with
A does not know what is in each package, nor does B
B can now choose a package for himself, and A can then provide the password for that package, allowing B to recognize his package, and know the contents.
A can also choose a package, and request the key to unlock it form B.
After all transactions are agreed, and secrecy is no longer required, all secrets are revealed by both parties, who can both then verify the contents of the boxes
这一切对我来说似乎过于复杂 - 我无法想象如何让它以A,B和C的方式工作,使得任何一方都不需要值得信赖或可靠(可能不会在以后提供密钥 - 干扰之间的交易)其他党派).
理想情况下,我需要一种算法来洗牌,在两个不值得信任的派对之间,以这种方式进行套牌,并且卡片可以在以后由所有各方验证,只要至少有2个利益相关方提供彼此最后的秘密.
这是着名的心理扑克问题.一种解决方案涉及交换加密(即E 1(E 2(M))== E 2(E 1(M))).
来自维基文章:
- 爱丽丝和鲍勃同意一张卡片.在实践中,这意味着他们就一组数字或其他数据达成一致,这样该组的每个元素都代表一张卡片.
- Alice选择加密密钥A并使用它来加密卡组中的每张卡.
- 爱丽丝洗牌.
- Alice将加密和改组的套牌传递给Bob.加密到位后,Bob无法知道哪张卡是哪张.
- Bob选择加密密钥B并使用它来加密加密和洗牌的每张卡.
- 鲍勃洗牌.
- Bob将双重加密和洗牌的牌组传回Alice.
- Alice使用她的密钥A对每张卡进行解密.这仍然保留了Bob的加密,因此她无法知道哪张卡是哪张.
- Alice为每张卡(A1,A2等)选择一个加密密钥并单独加密.
- 爱丽丝将甲板传给鲍勃.
- Bob使用他的密钥B对每张卡进行解密.这仍然保留了Alice的个人加密,但他无法知道哪张卡是哪张.
- Bob为每张卡(B1,B2等)选择一个加密密钥并单独加密.
- 鲍勃将甲板传回爱丽丝.
- 爱丽丝为所有人播放了套牌.
[...]
该算法可以针对任意数量的玩家进行扩展.
这允许洗牌,而不允许任何一方作弊,并且没有任何一方知道对方有什么牌(如果你删除了最后一个要求并且只想要公平洗牌,问题就变得容易了).
所使用的加密必须对已知的明文攻击是安全的.