这篇只是汇总在学习密码学和Fabric的MSP体系过程中的阅读,方便日后回头翻阅,可以迅速回忆。涉及内容较多主体较为分散,挂一漏万。仍有待深入研究学习。
密码学的基础知识概述(Hash算法,对称加密算法,X.509证书)
- CSDN笔记 - MD5, SHA, AES, DES, X.509, PKCS概述 : 记录基础知识
- Structure of X509 Certificates : X.509结构
RSA
- RSA算法原理(一)
- RSA算法原理(二) : 数学原理介绍,欧拉函数,大数因数分解
ECC(椭圆曲线)
- Elliptic Curve Cryptography: a gentle introduction : 英文介绍系列,原理解释。非欧式几何,有限域离散对数问题。强力推荐
- Comparing ECDSA vs RSA : ECDSA和RSA的全方位对比。RSA历史更悠久更成熟,部分CA还不支持ECDSA。在提供相同安全程度上,ECDSA需要的bit更少。同时,RSA seems to be significantly faster than ECDSA in verifying signatures, though it is slower while signing. Higher security level require more bits, this results in RSA’s performance to decline dramatically, whereas ECDSA is only slightly affected.
当前,Fabric的签名算法只支持ECDSA(The signing key used for signing by the node (currently only ECDSA keys are supported)),摘自Fabric官网-Membership Service Providers (MSP)
Ref: Bitcoin和Ethereum中的vrs(v:recovery id)
- ECDSA: (v, r, s), what is v? : Strictly speaking the recid is not necessary, as we can just cycle through all the possible coordinate pairs and check if any of them match the signature. The recid just speeds up this verification.
- How does recovering the public key from an ECDSA signature work?
零知识证明 Zero-Knowledge-Proof
- Zero-Knowledge-Proof Wikipedia
- MSP Implementation with Identity Mixer : Fabric里对零知识证明的使用
Fabric官网的MSP相关文档汇总
- Identity : 最基本的概念,PKI体系,X.509证书,CA,CRL,概念介绍
- Membership : 概念介绍,MSP的层次设计(Local MSP,Channel MSP),MSP的结构(主要是在节点内的证书存放目录),以及与Org的关系
- Membership Service Providers (MSP) : 配置,偏实践应用