[Help] Do ECDSA signatures convey signers' infomation?

[DisableAsync]

Assuming the signatures always come with their corresponding signed data. Can we find out who signed the data?

[randombit]

A signature is a binding between a message and a public key. So if you can verify the signature, you know that that particular public/private key pair was used to generate it. But that doesn't convey any real world identity, in and of itself - a public key is basically just a sequence of bits. Usually a public key <-> real world identity binding is conveyed in something like an X.509 certificate.

[DisableAsync]

Thinking about some kinda TOR like decentralized networking design. Because peers don't talk to each other directly, they would need a way to verity he authenticity of the relayed (encrypted) messages they received.

And no, I'm not silly or crazy, I just want to practice something different so I can improve my skill. :P

[reneme]

So I assume you want to establish a secure channel between the endpoints that is routed through intermediate nodes. Maybe just perform a TLS handshake between the endpoints? As of TLS 1.3 the certificates (both client and server) are encrypted and wouldn't be visible to intermediate nodes.

[DisableAsync]

Maybe just perform a TLS handshake between the endpoints?

That sounded just like TOR (if I don't get TOR wrong)! It is a good idea. But I want something better.

If I'm ever to actually start working on the network stack, most likely the first thing I'm gonna do is implementing an instant messaging application upon it (like a PoC, but more that a PoC). And a feature I would certainly want is sending messages to or receiving from offline peers, so we wouldn't always be able to do TLS handshakes.

[reneme]

Maybe the Signal.org blog could provide some inspiration? E.g.

• Sealed Sender Preview
• X3DH Key Agreement Protocol

[DisableAsync]

Sorry for the late reply, was overloaded with work.

I'm really bad at language and might get the docs wrong, apologies if I did.

In "Sealed Sender", looks like Signal is trying to verify the senders hard. This doesn't look so good to me, and in terms of a decentralized network I don't believe it's much doable.
For "X3DH" I don't understand most parts of the docs, maybe I should just skip it and use ECIES for simplicity. (Yep, I am not a cryptography guy. Sad. )

BTW why is it so hard to find technical docs for TOR?