Re: [CFRG] Call for adoption for draft-wood-cfrg-rsa-blind-signatures

Scott Hendrickson <> Wed, 31 March 2021 20:00 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D07193A3549 for <>; Wed, 31 Mar 2021 13:00:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dtdLVwicma8n for <>; Wed, 31 Mar 2021 13:00:25 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4864:20::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 766CF3A3545 for <>; Wed, 31 Mar 2021 13:00:25 -0700 (PDT)
Received: by with SMTP id a1so25335975ljp.2 for <>; Wed, 31 Mar 2021 13:00:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=mime-version:from:date:message-id:subject:to; bh=1AL0o2Sib6vN0tjs4v+1JUdwT27P9BcXGS2OUqafS0k=; b=M6m4ysk1m8Rd7LLrxWqw5PCGqp8rq0ecBbP3sKkeAfdw+MUM0kWXMCnvoapRU/IQoJ KrkdMnqTxR4ObpEDw58Og1Est8T5kADu8YA+cZMwlJxf1nlfCzl2w5otgNEj8tExFqNK Q0AMLTwV2VaEfQAP1dYhk/Em9d8oYxbhv/CQ0MTcLHD8JVKzffqWOtO5dV7WQkbQooAz pk/CNvVEtF2HNdjnmxNyOxl8QkaRMNw1Ehx5/cg5/RibOVRYz2JzRhYkk+lGshmWlL6H FSLeYD0CZTU5KZLS4QeIg6ZlQKD9XpCNAaKCFu0aJ5wfMlS6wFUIn/vAqV2yWenYcId5 FLBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=1AL0o2Sib6vN0tjs4v+1JUdwT27P9BcXGS2OUqafS0k=; b=B1UUABvV5wdv/Ng92bDDHLs+pOdOR6jC0zrue+Mye9R2kyCVtaDKQVaQkDQIjYcC1y cuwIbGhXvtH7w78rb9j6eBMkZseo1FU0dgQwI2t8uuCGoU8vD3XfeK8PKkN2VF6kNRSo EuRyekvONDV6UDs+Uv2KRKgpYto+gUIoHXqMwa4LIc6e7qkPmVndhkOEPC0/qvDYZr2i Kj46LrUFv0c0nnfowQpSBXMEabr9ARCcdcCYn78dH6KHcER83hWFJcVYlTjk01GRdvbj 3poxSJRqe+ryCLN3MjBbRzuGkdNGd2C+D3S20HwD3te50vTxGqB3mHjT4/pW8bL3sTla yUlA==
X-Gm-Message-State: AOAM532kjefu3tg9CThatvXEKl7xygpC7sYgbdLefLB6MyOds/qkb/YY C0fYZobJ3C2BZu9aqaXkAPtdWRh08rBqL1RRniKmllHYCIg5sKwhpVIudNQJ
X-Google-Smtp-Source: ABdhPJzhq0AnDlx0tunSHoBw/VEefHajlQJPYGIWv/N5sRBXn4J5THrJN8Q9cwJNhxqKoDBVXbgDNngBAjwoSBr/yms=
X-Received: by 2002:a2e:818e:: with SMTP id e14mr3197720ljg.41.1617220822187; Wed, 31 Mar 2021 13:00:22 -0700 (PDT)
MIME-Version: 1.0
From: Scott Hendrickson <>
Date: Wed, 31 Mar 2021 13:00:11 -0700
Message-ID: <>
Content-Type: multipart/alternative; boundary="000000000000a1494a05beda90ce"
Archived-At: <>
Subject: Re: [CFRG] Call for adoption for draft-wood-cfrg-rsa-blind-signatures
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 31 Mar 2021 20:00:32 -0000

Hey all, Scott from Google here.

Public verifiability would complement existing standardized blind signing
mechanisms. Systems where single use constraints can be relaxed, or the
verifiers are decentralized make public verifiability desirable. As noted
by the standard and others, calls for an externally verifiable privacy pass
have been made[1], but may have been slowed by a missing standard.

Having built a system on similar blind signing crypto myself, I can
confidently say the lack of a standard made the work significantly harder
and more risky :-).

I'd be happy to work on this standard with both contributions and feedback.


FYI Google has a related patent to this work "Privacy-preserving flexible
anonymous-pseudonymous access" which we are working on an IPR for.