[cryptography] enabling blind signatures in GPG

Jake jake at spaz.org
Sun Aug 18 04:08:52 EDT 2013

Hello everybody,

I am trying to form an anonymous opining sytem based on a single 
Registrar, whose signatures deify users' public keys with the mark of a 
Participant.  But to protect the users from an evil registrar, blinding 
must be used.

I have been told that blinding is already implemented internally to deter 
timing-based attacks, so this would be a matter of implementing a command-line 
option to blind a blob and save the blinding salts.

I am not a cryptographer so I can only repeat what i've heard on this.


Basically, a Participant generates a key pair (only for use in opining, 
not with their real identity) and wants to be able to prove, in public 
signed cleartext postings, that their public key has been signed by the 
Registar as an endorsement of Participation.  But they don't want the 
Registrar to see their public key and correlate it with their real 
identity (their proof of eligibility for participation) because that would 
compromise their anonymity.

So the Participant "blinds" their public key, presents that blob to the 
Registrar (along with their real identity) and receives the Registrar's 
signature of the blob.  Then they take the blob home, and unblind it, 
revealing a perfect Registrar's signature of their public key.

Please write if you can help me make this happen.  I believe that the 
system i'm trying to create could have a very positive effect on democracy 
in the world, and hopefully make politicians into simple clerks whose job 
is simply to count the opinions and follow the will of the people.

take care,

More information about the cryptography mailing list