Re: [belenios-discuss] Computing a fingerprint of a trustee's public key

[Stéphane Glondu <stephane.glondu AT inria.fr>]

Dear Tomas,

Le 05/01/2021 à 19:27, Tomáš Hnyk a écrit :
> I am a trustee in an (mock) election and I forgot to save the
> fingerprint of my verification key. How can I compute it? I need to
> check that I have the correct private key, so I need to check that my
> private key corresponds to the public key.

There is no easy way to compute the public key from the private key. One
has to do arithmetic using some third-party tool.

> I tried reading section 4.4 of the specification but I must say it
> confuses me. What are the number x, q and g?
I'm assuming you're not using the threshold mode. Then, your private key
is a number (you can look inside the file), called "x" in the
specification. "q" and "g" are in the election.json file (in the
"public_key" field, which also has a "p" field). Actually, "p" is also
needed to compute your public key. Your public key (a number) is then "g
^ x mod p".

Note that in the threshold mode, the system is different and it is not
possible to compute the public key (the so-called "verification key")
from the private key. Indeed, the actual private key is stored encrypted
on the server and what is presented as "private key" to the user is the
key needed to decrypt the actual private key.

> I know how to produce a fingerprint of a file, but I am not actually
> sure which file I need to fingerprint. Is the fingerprint next to my
> name on the election's page a result of running
> 
> sha256sum private_key.json | xxd -p -r | base64 | tr -d "=" ?

No. The fingerprint next to your name is the sha256sum of the public
key, as computed above (written in base 10, between double quotes). It
is not the sha256sum of any file.


Cheers,

-- 
Stéphane