In cryptography a blind signature, as introduced by David Chaum, is a form of digital signature .. “Blind signatures for untraceable payments” (PDF). Advances in. Chaum, D. () Blind Signatures for Untraceable Payments. In Chaum, D., Rivest R.L. and Sherman, A.T., Eds., Advances in Cryptology Proceedings of. Semantic Scholar extracted view of “Blind Signatures for Untraceable Payments” by David Chaum.
|Published (Last):||21 July 2004|
|PDF File Size:||14.62 Mb|
|ePub File Size:||3.30 Mb|
|Price:||Free* [*Free Regsitration Required]|
One of the simplest blind signature schemes is based on RSA signing. She can place the letter in an envelope lined with carbon paper and send it to Bob. Bob will sign the outside of the carbon envelope without opening it and then send it back to Alice. The blind version uses a random value rsuch that r is relatively prime to N i. The signing authority then calculates the blinded signature s’ as:. For example, the integrity of some electronic voting system may require that each ballot be certified by an election authority before it can be accepted for counting; this allows the authority to check the credentials of the voter to ensure that they are allowed to vote, and that they are not submitting more than one ballot.
This includes various ” digital cash ” schemes and voting protocols.
In this case, the signer’s response is first “un-blinded” prior to verification in such a way that the signature remains valid for the un-blinded message. The blinded message is passed to a signer, who then signs it using a standard signing algorithm. By contrast, in an unblinded signature scheme the signer would typically use a padding scheme e.
Potential problems are analyzed and solutions offered. Blind bliind can also be used to bllnd unlinkabilitywhich prevents the signer from linking the blinded message it signs to a later un-blinded version that it may be called upon to verify. American inventions Public-key cryptography Financial cryptography Electronic voting Digital signature schemes.
The resulting blind signature can be publicly verified against the original, unblinded message in the manner of a regular digital signature. This is similar to the way zero-knowledge is defined in zero-knowledge proof systems. Digital currencies, virtual currencies, in-game currencies, etc. In cryptography a blind signatureas introduced by David Chaum is a form of digital signature in which the content of a message is disguised blinded before it is signed.
An unlinkable blind signature provides this guarantee, as the authority will not see the contents of any ballot it signs, and will be unable to link the blinded ballots it signs back to the un-blinded ballots it receives for counting.
Thus, the signer does not view the message content, but a third party can later verify the signature and know that the signature is valid within the limitations of the underlying signature scheme. A traditional RSA signature is computed by raising the message m to the secret exponent d modulo the public modulus N. Cryptocurrency has gained unprecedented attention since the birth of Bitcoin in The number of transactions as well dzvid the untradeable of accounts held by individuals and businesses is steadily increasing.
More formally a blind signature scheme is a cryptographic protocol that involves two parties, a user Alice that wants to obtain signatures on her messages, and a signer Bob that is in possession of his secret signing key.
The message is now easily obtained. In some blind signature schemes, such as RSA, it is even possible to remove the blinding factor from the ;ayments before it is verified. Some examples are provided below. In each example, the message to be signed is contained in the value m. An often-used analogy to the cryptographic blind signature is the physical act of a voter enclosing a completed anonymous ballot in a special carbon paper lined envelope that has the voter’s credentials pre-printed on the outside.
A solution to this is to blind sign a cryptographic hash of the message, not the message itself. We consider the development of Bitcoin and its sister currencies as an important disruptive financial innovation which is here to stay unless throttled by ill-considered legislative or regulatory actions.
Due to this multiplicative property of RSA, the same key should never be used for both encryption and signing purposes. The usual approach is to show that for every adversarial signer, there pagments a simulator that can output the same information as the signer. From Wikipedia, the free encyclopedia.
Blind Signatures for Untraceable Payments
The author of the message computes the product of the message and blinding factor, i. This can be useful in schemes where anonymity is required. Simultaneously, it is important that this authority does not learn the voter’s selections. When the attacker removes the blindness the signed version they will have the clear text:. Scientific Research An Academic Publisher. To perform such a signature, the message is first “blinded”, typically by combining it in some way with a random “blinding factor”.
Blind signature – Wikipedia
Blind signature schemes exist for many public key signing protocols. Once signed, the package is given back to the voter, who transfers the now signed ballot to a new unmarked normal envelope. This means one vote per signed ballot in elections, for example. Alice can then open it to find the letter signed by Bob, but without Bob having seen its contents. As an analogy, consider that Alice has a letter which should be signed by an authority say Bobbut Alice does not want to reveal the content of the letter to Bob.
The overall assessment is that cryptocurrencies and variants of virtual currencies are untracealbe welcome development, they will offer competition to the existing modalities of money and governmental regulation, they will provide alternative means to economic agents for their transactions, and their innovative existence should be signaturres so that their beneficial features outperform any deleterious ones.