我正在寻找一种方法来在两个彼此不信任的客户之间洗牌一系列已知值(如一副纸牌),以一种双方都可以验证的方式,并且不会获得任何优势。
到目前为止,我在想...
for each item in array:
A tells B random number to use (Ra1) <~ prevent B from using pre-calculated password
B creates secret random number, and shows hash to A <~ can prove this number is used
B adds his own secret random number (Ra1+Rb1) <~ prevent A from using pre-calculated password
B encrypts a random array value using the combined password (Ra1+Rb1), removing from the stack
B gives encrypted value to A
A re-encrypts the value <~ prevent B from recognizing his package later
A stores at random index in new array of unknown items
A shows the full array to B <~ B can be confident that the array will not be tampered with
A does not know what is in each package, nor does B
B can now choose a package for himself, and A can then provide the password for that package, allowing B to recognize his package, and know the contents.
A can also choose a package, and request the key to unlock it form B.
After all transactions are agreed, and secrecy is no longer required, all secrets are revealed by both parties, who can both then verify the contents of the boxes
这一切对我来说似乎过于复杂——我无法想象如何让它为 A、B 和 C 工作,这样任何一方都不需要值得信赖或可靠(以后可能不提供密钥——干扰之间的交易)其他方)。
概括
理想情况下,我需要一种算法来洗牌,在两个不值得信任的各方之间,以这样的方式洗牌,只要有至少 2 个利益相关方相互提供他们的卡片,所有各方都可以稍后验证这些卡片。最后的秘密。