Re: [CFRG] RSA blind signatures

Christopher Wood <caw@heapingbits.net> Wed, 24 February 2021 23:27 UTC

Return-Path: <caw@heapingbits.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8DF543A1D56 for <cfrg@ietfa.amsl.com>; Wed, 24 Feb 2021 15:27:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b=VPOIvQTa; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=vUB0P5ol
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bPr47ntitaJW for <cfrg@ietfa.amsl.com>; Wed, 24 Feb 2021 15:27:05 -0800 (PST)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4484E3A1D4F for <cfrg@irtf.org>; Wed, 24 Feb 2021 15:27:05 -0800 (PST)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 477BE5C00F0; Wed, 24 Feb 2021 18:27:04 -0500 (EST)
Received: from imap4 ([10.202.2.54]) by compute4.internal (MEProxy); Wed, 24 Feb 2021 18:27:04 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=mime-version:message-id:in-reply-to:references:date:from:to :cc:subject:content-type:content-transfer-encoding; s=fm3; bh=+H rrH2nLMhyKrb5irC+plRwbdMOKHWjOZmOPuppzu0o=; b=VPOIvQTaIwHI2/06/n fpfnybikWcqR2QAAspL4lExR2kg+JBYTfoP3PtnJzH5cwZ+QadgiN7IyhPPyYxHG /LGNd8c8NTTzvLimcWcEiQVE58WaVQHdhEE+DyYSm5GUUQkOGuKcqvfSUigHNoom HD06YPf/Hpak1mSdwdujmczOWLzgT2Jvpuka++3+G90S6ahsK3prI6+qsdrd//yl 57e61RdjiEoFEhQMFGcNzjUlgvfrYgN65iHJGVAS/dOEEEPyC9TOUspGtp3mTbYj 77hUy3ReYIVUdPtQznD8vaautmmy3O+wYo3PvA/7/AUx+3A7E82RtqIIrLpcrM20 pS0g==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=+HrrH2nLMhyKrb5irC+plRwbdMOKHWjOZmOPuppzu 0o=; b=vUB0P5olBxAtct1HreImmJ4qF69fmL06DYpGcp0kKN86cUQM49UVDh29f FhbPxlR0EukMw3LqCkC6Ca3dUxtWsj1kMC0r74wWRgNBhnMfn6sX3FLcUkhlRdZy UBGCFoIRXTBG1Nzm6Kb+og9zeKd4CUFCnrjYC7YzytXmn2z35bcCMdZ2PdXldzXS Wl9kdSuGIsnF8002Eq/xEWl7fD0OjqOv08s5hCcGSkO/XgPtFSoUM4sPU25CYbtc vdKNyqaKeq5j3hxDnkCJUgXugpWyWd1ZhaqWca04rauXBUOEDcWykKhwlkS3tIwA eYLGzMDaOJ/nadsRGCrVGYls7U6BQ==
X-ME-Sender: <xms:yOA2YGu2EvGPXpMq_Ksf1QUzwv4phc2dQ4GlC-BLs3huAZPEJq_Wvw> <xme:yOA2YLfpdbGtVXkAXGLsajTGXdFi0hHrPR7XsRIUM2-kkmK_jqMlxE83C5ro7ZU4o Ft9hr0mxSSshOzzYik>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrkeekgddtlecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgfgsehtqh ertderreejnecuhfhrohhmpedfvehhrhhishhtohhphhgvrhcuhghoohgufdcuoegtrgif sehhvggrphhinhhgsghithhsrdhnvghtqeenucggtffrrghtthgvrhhnpeekffekveeghf fgtdffieevudfgledthefhfedvvdehleeivdegveegleefteejudenucevlhhushhtvghr ufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegtrgifsehhvggrphhinhhgsg hithhsrdhnvght
X-ME-Proxy: <xmx:yOA2YBxFQ50wqAE_-8Br5fAsOpz3OsAtaB2IYxAt2AUdfJxuZrQ9VQ> <xmx:yOA2YBMBb6iXE5Wv9DCJ9jQJMnPTGRRUqO1H8YXinEjoOs2yz_ISzg> <xmx:yOA2YG9LAia_-L1F3h5L2mjv4151AJG1goBF-aYDao6yw2CTD-29Uw> <xmx:yOA2YHL8kvyTIfWdwVM3n4dijIj1le5mAJllMSUrtNrpz0r5NqN3vA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 0CE0916006B; Wed, 24 Feb 2021 18:27:04 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-141-gf094924a34-fm-20210210.001-gf094924a
Mime-Version: 1.0
Message-Id: <7175aa1c-51e9-4942-8f48-5c0eca4d7bc5@www.fastmail.com>
In-Reply-To: <CAOyO2_LgLbuyK-azfDCaYPPmUxv6uug29xr2upkz_V1+0UuwNA@mail.gmail.com>
References: <44983891-284f-4552-b4c7-bc432148d214@www.fastmail.com> <CAOyO2_LgLbuyK-azfDCaYPPmUxv6uug29xr2upkz_V1+0UuwNA@mail.gmail.com>
Date: Wed, 24 Feb 2021 15:26:42 -0800
From: "Christopher Wood" <caw@heapingbits.net>
To: =?UTF-8?Q?Michele_Orr=C3=B9?= <lists@tumbolandia.net>
Cc: cfrg@irtf.org
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/cbSmIV10DFqsAayMTyCex3VuZsg>
Subject: Re: [CFRG] RSA blind signatures
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2021 23:27:07 -0000

On Wed, Feb 24, 2021, at 12:17 AM, Michele OrrĂ¹ wrote:
> For those cases needing Privacy Pass but with public verifiability, I 
> would kindly ask CFRG to also take a second to evaluate blind BLS 
> signatures.

+1 -- it would be great to know if there's general interest in implementers for blind BLS.

Best,
Chris

> It is true that verification would be much slower than RSA;  however, 
> they have efficient batching algorithms (for which the amortized cost 
> is ~2 scalar multiplications) and the issuance protocol is literally 
> the same as a Privacy Pass.
> Additionally, they have the same number of rounds and same number of 
> messages.  
> 
> This would avoid perhaps creating an entire new standard and having 
> just a new section on the privacy pass draft?
> Hoping to help,
> --
> Michele.