

How can i get informations from a code - jboulhous

Hello, maybe this is not the place where to ask this question, please bear with me.<p>alice will give bob a code, and when bob provides me this code(maybe +time, and alice&#x27;s name), i would like to know if this code was really given to bob by alice.<p>i thought of some simple stuff like (a<i>x + b)(</i> is math, + is string concat) where &quot;a&quot; is alice&#x27;s name, x is date and b is a unique number for this code (provided by alice to bob) and then with the date and alice&#x27;s name, i will do the math to know that this was realy given by alice to bob, and know what is the b ?<p>may be there is some better way to do this, but the requirements are that the code provided to bob should not be so long (max 10 chars).<p>Thank you.
======
informatimago
You can implement a protocol to know whether it was alice who gave this code
to bob.

Using public key encryption, alice can have a private key, which she uses to
sign the code she gives to bob.

Then anybody can use the public key to check the signature on that code, to
very that the owner of the private key (ie. alice) did sign it.

As for "too long", it's relative. For example:

    
    
        $ echo 'code given to bob by Pascal Bourguignon: 42'|gpg --armor --clearsign -
        -----BEGIN PGP SIGNED MESSAGE-----
        Hash: SHA1
    
        code given to bob by Pascal Bourguignon: 42
        -----BEGIN PGP SIGNATURE-----
        Version: GnuPG v1
    
        iQEcBAEBAgAGBQJU6JnbAAoJEMqG5FsaozHfUMAIAJh+6MLorX8vOCzKve/ia4nv
        cloO1Ctp1xEF19Pou72HuMyinYl5S0Xh94JGclquUMxzA1RwlXY3kH65tZ/WgmpY
        xEK+f5VYNeX3uoPQ/3TnV1Tp1vP7IxAmtctqYImGprvdwmCQRkBCDXIX2q/A2WVV
        ZXwKHqdgSU5TVtLblAbLEX3ZdWsQbV8uekMU9bJy87lWMOFM96sD/TGpmnGxo6a4
        S1C9uEtYtvGTLjQCWhSn+TelhNluDyphwv+eDSmLNYAeelgYeUOKKgqpBFglVgSj
        HZQrjg/C7sPFJt77KpImhJaHzcLf8azX7IcSv74Uawd2EYhL97imQlNwEoL+v7Q=
        =m2xA
        -----END PGP SIGNATURE-----
    
        $ echo 'code given to bob by Pascal Bourguignon: 42'|gpg --armor --clearsign -|gpg --verify
        gpg: Signature made Sat Feb 21 15:45:35 2015 CET using RSA key ID 1AA331DF
        gpg: Good signature from "Pascal J. Bourguignon (Maven) <pjb@informatimago.com>"

