BIP340: fix broken link to Schnorr's blind signature attack #1275

pull meshcollider wants to merge 1 commits into bitcoin:master from meshcollider:202201_fix_broken_link changing 1 files +1 −1
  1. meshcollider commented at 9:01 AM on January 21, 2022: contributor

    The link in BIP 340 to Schnorr's 2001 paper "Security of Blind Discrete Log Signatures Against Interactive Attacks" is broken.

    This fixes it with an updated link (at the same domain).

  2. BIP340: fix broken link to Schnorr's blind signature attack d58f2b29f7
  3. in bip-0340.mediawiki:236 in d58f2b29f7 
     232 | @@ -233,7 +233,7 @@ Adaptor signatures, beyond the efficiency and privacy benefits of encoding scrip
 233 |  
 234 |  === Blind Signatures ===
 235 |  
 236 | -A blind signature protocol is an interactive protocol that enables a signer to sign a message at the behest of another party without learning any information about the signed message or the signature. Schnorr signatures admit a very [https://www.math.uni-frankfurt.de/~dmst/research/papers/schnorr.blind_sigs_attack.2001.pdf simple blind signature scheme] which is however insecure because it's vulnerable to [https://www.iacr.org/archive/crypto2002/24420288/24420288.pdf Wagner's attack]. A known mitigation is to let the signer abort a signing session with a certain probability, and the resulting scheme can be [https://eprint.iacr.org/2019/877 proven secure under non-standard cryptographic assumptions].
 237 | +A blind signature protocol is an interactive protocol that enables a signer to sign a message at the behest of another party without learning any information about the signed message or the signature. Schnorr signatures admit a very [http://publikationen.ub.uni-frankfurt.de/files/4292/schnorr.blind_sigs_attack.2001.pdf simple blind signature scheme] which is however insecure because it's vulnerable to [https://www.iacr.org/archive/crypto2002/24420288/24420288.pdf Wagner's attack]. A known mitigation is to let the signer abort a signing session with a certain probability, and the resulting scheme can be [https://eprint.iacr.org/2019/877 proven secure under non-standard cryptographic assumptions].
    jonasnick commented at 2:52 PM on January 21, 2022:

    https?

    meshcollider commented at 11:52 PM on January 21, 2022:

    That gives "This connection is not private" warnings due to obsolete TLS version unfortunately

    MarcoFalke commented at 7:56 AM on January 22, 2022:

    I sent them an email

    MarcoFalke commented at 10:24 AM on January 26, 2022:

    They answered that https is not supported

    sipa commented at 9:33 PM on January 26, 2022:

    It's obviously unreasonable to expect an institution that does research around cryptography to actually use a cryptographic protocol.

  4. meshcollider commented at 11:29 PM on February 7, 2022: contributor

    So, considering a plaintext link is better than a broken one, let's get this merged :)

  5. luke-jr commented at 3:16 PM on May 5, 2022: member

    Need an ACK from @sipa @jonasnick or @real-or-random

  6. luke-jr added the label Proposed BIP modification on May 5, 2022
  7. sipa commented at 3:18 PM on May 5, 2022: member

    ACK d58f2b29f7afcb1f72837c5283c329ee330c5889

  8. real-or-random approved
  10. luke-jr merged this on May 5, 2022
  11. luke-jr closed this on May 5, 2022
  12. meshcollider deleted the branch on May 6, 2022
Contributors
meshcolliderjonasnickMarcoFalkesipaluke-jrreal-or-random
Labels
Proposed BIP modification
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bips. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-01 19:10 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me