Author

Topic: using timestamps to link a bitcoin address and a RSA public key (Read 1782 times)

newbie
Activity: 12
Merit: 0

I'm slowly working my way through though.  I will definitely use GnuPG and not RSA finally, for GnuPG is much more known.  I'll just have to read the manual page many times.


The nice thing with OpenPGP messages (GnuPG is mainly a good implementation of the OpenPGP standard - http://tools.ietf.org/html/rfc4880)
that you can extend the algorithms (check section 9.1 of the standard) used to make the signature while still using the same message format.
Don't forget that is depending of the OpenPGP private key used you might use RSA as signing algorithm as the key might be in RSA...

Kind regards,

PS: Thank you for the BC donation to Forban.


legendary
Activity: 1288
Merit: 1080
I felt your pain when dealing with GnuPG scripting especially with how file handles are managed.

Until I discovered the Perl API to access GnuPG called GnuPG::Interface (made by Jesse Vincent):

http://search.cpan.org/dist/GnuPG-Interface/
http://search.cpan.org/dist/GnuPG-Interface/lib/GnuPG/Interface.pm

This is working great and avoid the classical glitches.

Hope this helps,
 

Thanks but unfortunately I can't use Perl, Python or any of this kind of advanced scripting language on my web server.  I have to stick to shell scripting.

I'm slowly working my way through though.  I will definitely use GnuPG and not RSA finally, for GnuPG is much more known.  I'll just have to read the manual page many times.
newbie
Activity: 12
Merit: 0

At some point I wanted to use ECDSA signing capabilities of bitcoin address.  But it's not easy, and the bitcoin client doesn't provide any tool for that.  And I was convinced that it should not.

Using GnuPG would be nice, but I realised that it's a pain in the ass to program with.  It realy doesn't seem to me that it is suitable for scripting.


I felt your pain when dealing with GnuPG scripting especially with how file handles are managed.

Until I discovered the Perl API to access GnuPG called GnuPG::Interface (made by Jesse Vincent):

http://search.cpan.org/dist/GnuPG-Interface/
http://search.cpan.org/dist/GnuPG-Interface/lib/GnuPG/Interface.pm

This is working great and avoid the classical glitches.

Hope this helps,
 
legendary
Activity: 1288
Merit: 1080
I am currently programming a bitcoin asset exchange plateform, and during this process I came up with an idea which is, in my opnion, pretty good.

I needed some way to identify the owner.  He should be able to prove he is the owner of the asset, and he should be able to transfer his ownership to someone else.

Using passwords is the quick-and-dirty way to do so.  But there are many drawbacks to this method.  I won't discuss them here.

At some point I wanted to use ECDSA signing capabilities of bitcoin address.  But it's not easy, and the bitcoin client doesn't provide any tool for that.  And I was convinced that it should not.

Using GnuPG would be nice, but I realised that it's a pain in the ass to program with.  It realy doesn't seem to me that it is suitable for scripting.

So I decided to use RSA keys, using the openssl command.  It was much easier than I thought, and particularly easier than GnuPG.

Anyway, here is the idea I came up with.

At some point I have to associate a bitcoin address (where future dividends are to be paid) to a public RSA key.  Keeping a database of these relations is necessary, but not sufficient.  Basically it would give exactly the same problems as with passwords.  Anybody who would access to the database could modify it and then claim ownership of the assets.

So the idea is to timestamp the relations into the bitcoin block chain.

Here is an exemple.

I want to associate this bitcoin address :

1Hy9dexzNzjvQYkYy6zKRVZMU8k2j5vuPt

to this RSA public key :

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67nZtqz41rGFdUsVMC/E
HsvhfyG7dreTeIfOO+tA1fUuyooiodsYw73qM4qKZFJduBdtrMqAiQhGkfUjhqbf
aIlc/5yR+0ZUHI6eiCcPtDi95MdpmDtlXg/9YkQ36ACZX2ccCIiUIaHVK4lc2MzT
6Io9FaXCejkoZiEsAK+XqUxc3X5B0VFVxyq4i/S7qOQKABfEDaF56OhtW3URGX7V
LTOxMmSccL/tVeN3cwUfNOHsoVF7g1bqPGYvdEGOzEklzJ3i2IYMah7d4So3BlXr
OMI6HCZTfCd+J64c5h6dh2ciQr27XDUKBVQhm3s5gwQl0WRcQhQ4LRG3ur+Rud5q
2QIDAQAB
-----END PUBLIC KEY-----


All I have to do is to use a timestamping function like this one :

timestamp() {
    wget -O - -q http://blockexplorer.com/q/hashtoaddress/$(openssl dgst -rmd160)
}

this way :

{ echo 1Hy9dexzNzjvQYkYy6zKRVZMU8k2j5vuPt ; echo "-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67nZtqz41rGFdUsVMC/E
HsvhfyG7dreTeIfOO+tA1fUuyooiodsYw73qM4qKZFJduBdtrMqAiQhGkfUjhqbf
aIlc/5yR+0ZUHI6eiCcPtDi95MdpmDtlXg/9YkQ36ACZX2ccCIiUIaHVK4lc2MzT
6Io9FaXCejkoZiEsAK+XqUxc3X5B0VFVxyq4i/S7qOQKABfEDaF56OhtW3URGX7V
LTOxMmSccL/tVeN3cwUfNOHsoVF7g1bqPGYvdEGOzEklzJ3i2IYMah7d4So3BlXr
OMI6HCZTfCd+J64c5h6dh2ciQr27XDUKBVQhm3s5gwQl0WRcQhQ4LRG3ur+Rud5q
2QIDAQAB
-----END PUBLIC KEY-----"
} | timestamp

And I get a bitcoin address :

13CWM9MmeyP1MA6SgAiqAq7cGxXaLWhnTG

Now, the owner of the RSA just have to send a small amount to this address, so that no-one could claim ownership of this bitcoin address.  Why would anyone claim ownership of someone else's bitcoin address ?  Only because this could give him the right to transfer it to an other bitcoin address, one that he actually owns.

The whole point of all this is that with such a method ownership of assets can be identified by bitcoin addresses, providing that these addresses are timestamped with a RSA public key.


PS.  Hum... as I write this, I realise that this method might make the use of GnuPG easier than I thought.  Maybe finally easier than RSA.
Jump to: