Efficient Blind and Partially Blind Signatures Without Random Oracles

Implementations of blind and partially blind signatures over elliptic curves as described in Efficient Blind and Partially Blind Signatures Without Random Oracles.

This library provides a usable implementation of the algorithm without regard to its eventual use. Uses such as in a "mint", are left to the implementor.

The key innovation of the paper and therefore of this library is in permitting partially blind signatures where the signer and the user share some component of the message (potentially the null string) openly. This would make it useful, for example, in a mint application where the mint (bank) executes out-of-band logic to verify the user's balance before signing an ATM-like withdrawal of an agreed denomination.

Features

• bls12_381_plain (default): Plain implementation over the BLS12-128 elliptic curve secure against constant-depth concurrent adversaries (not secure against fully concurrent adversaries).

Sequence

sequenceDiagram
participant User
participant Signer
participant Verifier
alt Setup
Signer ->> Signer: Generate(KeyPair)
Signer ->> User: (KeyPair.PublicKey)
end

alt Negotiate Message
    User ->> Signer: m0
end

alt Sign
User ->> Signer: (X,W)
Signer ->> User: (eta)
User ->> Signer: (b1, b2, b3)
Signer ->> Signer: Verify(X,W,eta,b1,b2,b3)
Signer ->> User: (Y,R,l)
User ->> User: (sigma,alpha,beta)
end
alt Verify
User ->> Verifier: (m0,m1,sigma,alpha,beta)
end

References

Using algorithms from:

• Efficient Blind and Partially Blind Signatures Without Random Oracles.
• bls12_381 Rust Crate
• Efficient Implementation of Pairing-Based Cryptosystems
• Efficient Algorithms for Pairing-Based Cryptosystems
• Pairing Friendly Curves

License

Licensed under:

• MIT license or MIT License

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be licensed as above, without any additional terms or conditions.