Blind signatures for simple election

Peter Lebbing peter at
Wed Apr 8 20:05:01 CEST 2015

On 08/04/15 18:43, Jan Svensson wrote:
> From what I've read it seems like GPG internally is using blinding to
> avoid RSA timing attacks, but I guess it is not possible for a user of
> GPG to use those functions in a similar way as I describe above.

Those are two different beasts, by the way. You want to blind the
/data/. In OpenPGP, the data that is to be signed is hashed, and only
the /hash/ is signed with, e.g., RSA. So it could be said that the hash
is blinded[1], but the signed data definitely is not.

My gut feeling is that OpenPGP is ill suited for this task, but I
haven't thought thorougly about it.



[1] Not sure if that is proper use of the terminology, I'd usually say
the operation is blinded, not the data.

I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list