Desarrollo de librerías de firma ciega para OpenSSL

Abstract

OpenSSL is a cryptographic suite that was initially aimed at providing an implementation of the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols; although has now become a cryptographic suite with a much broader scope. OpenSSL is intended to be used as a library, it's open source and it's developed by a worldwide community of volunteers. Today, OpenSSL incorporates many of the "classic" security mechanisms, mainly related to provide authentication and confidentiality. However, these mechanisms are not sufficient to deal with other more-complex security challenges, especially those related to privacy and anonymity, which require new specific mechanisms. The main objective of this TFG is the implementation of one of these mechanisms, the blind signature, for OpenSSL. This particular type of signature allows the signer to sign a message without actually knowing its contents. The fact of developing this TFG within the OpenSSL umbrella is an added motivation to the authors since OpenSSL is probably the most important and widely-use cryptographic suite. Another objective of this TFG is the implementation of an electronic currency system that uses the proposed blind-signature library for OpenSSL. This system acts as a proof of proper performance of this library. As a result of the work done, we have got a fully functional library that allows the generation of a valid signature without knowing the contents of the message to be signed. Furthermore, we have deployed an electronic currency system that makes proper use of the provided OpenSSL blind-signature libraries.

OpenSSL es una suite criptográfica inicialmente dedicada a proveer una implementación de los protocolos Transport Layer Security (TLS) y Secure Sockets Layer (SSL), pero que actualmente se ha convertido en una suite criptográfica de carácter generalista. OpenSSL está pensado para poder ser utilizado como librería, su código es abierto y está desarrollado por voluntarios.