Blind signatures for simple election
peter at digitalbrains.com
Wed Apr 8 20:05:01 CEST 2015
On 08/04/15 18:43, Jan Svensson wrote:
> From what I've read it seems like GPG internally is using blinding to
> avoid RSA timing attacks, but I guess it is not possible for a user of
> GPG to use those functions in a similar way as I describe above.
Those are two different beasts, by the way. You want to blind the
/data/. In OpenPGP, the data that is to be signed is hashed, and only
the /hash/ is signed with, e.g., RSA. So it could be said that the hash
is blinded, but the signed data definitely is not.
My gut feeling is that OpenPGP is ill suited for this task, but I
haven't thought thorougly about it.
 Not sure if that is proper use of the terminology, I'd usually say
the operation is blinded, not the data.
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users