Friday, February 3, 2023
HomeBitcoinsignature - Continuation query about nonce randomness and verification of the randomness...

signature – Continuation query about nonce randomness and verification of the randomness by signing events


In what means, if any, can the entire signing events confirm that the nonce is each random

By randomly producing the nonce your self you recognize for a undeniable fact that no person else is aware of the nonce.

Even higher, use a deterministic random nonce algorithm like RFC6979, which computes the nonce as a hash of the message and the non-public key. Since no person else is aware of your non-public key (in any other case there’s nothing left for them to study…), this implies the attacker cannot get the nonce both.

and never shared?

Properly by not sharing it with anybody, like you do not share your non-public key.

Is that this fully as much as the signature implementation

Sure, each (respectable) ECDSA/Schnorr implementation does all of this internally.

within the signature setup

It occurs at signing time, not at setup time.

or is it bitcoin protocol particular?

No.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments