How can i get informations from a code

2 points by jboulhous ↗ HN
Hello, maybe this is not the place where to ask this question, please bear with me.

alice will give bob a code, and when bob provides me this code(maybe +time, and alice's name), i would like to know if this code was really given to bob by alice.

i thought of some simple stuff like (ax + b)( is math, + is string concat) where "a" is alice's name, x is date and b is a unique number for this code (provided by alice to bob) and then with the date and alice's name, i will do the math to know that this was realy given by alice to bob, and know what is the b ?

may be there is some better way to do this, but the requirements are that the code provided to bob should not be so long (max 10 chars).

Thank you.

1 comment

[ 3.3 ms ] story [ 12.0 ms ] thread
You can implement a protocol to know whether it was alice who gave this code to bob.

Using public key encryption, alice can have a private key, which she uses to sign the code she gives to bob.

Then anybody can use the public key to check the signature on that code, to very that the owner of the private key (ie. alice) did sign it.

As for "too long", it's relative. For example:

    $ echo 'code given to bob by Pascal Bourguignon: 42'|gpg --armor --clearsign -
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    code given to bob by Pascal Bourguignon: 42
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQEcBAEBAgAGBQJU6JnbAAoJEMqG5FsaozHfUMAIAJh+6MLorX8vOCzKve/ia4nv
    cloO1Ctp1xEF19Pou72HuMyinYl5S0Xh94JGclquUMxzA1RwlXY3kH65tZ/WgmpY
    xEK+f5VYNeX3uoPQ/3TnV1Tp1vP7IxAmtctqYImGprvdwmCQRkBCDXIX2q/A2WVV
    ZXwKHqdgSU5TVtLblAbLEX3ZdWsQbV8uekMU9bJy87lWMOFM96sD/TGpmnGxo6a4
    S1C9uEtYtvGTLjQCWhSn+TelhNluDyphwv+eDSmLNYAeelgYeUOKKgqpBFglVgSj
    HZQrjg/C7sPFJt77KpImhJaHzcLf8azX7IcSv74Uawd2EYhL97imQlNwEoL+v7Q=
    =m2xA
    -----END PGP SIGNATURE-----

    $ echo 'code given to bob by Pascal Bourguignon: 42'|gpg --armor --clearsign -|gpg --verify
    gpg: Signature made Sat Feb 21 15:45:35 2015 CET using RSA key ID 1AA331DF
    gpg: Good signature from "Pascal J. Bourguignon (Maven) <pjb@informatimago.com>"