Blind Signature - Dangers of Blind Signing

Dangers of Blind Signing

RSA is subject to the RSA blinding attack through which it is possible to be tricked into decrypting a message by blind signing another message. Since the signing process is equivalent to decrypting with the signers secret key, an attacker can provide a blinded version of a message encrypted with the signers public key, for them to sign. The encrypted message would usually be some secret information which the attacker observed being sent encrypted under the signers public key which the attacker wants to learn. When the attacker unblinds the signed version they will have the clear text:

\begin{align} m'' & = m' r^e\pmod n \\ & = (m^e\pmod n \cdot r^e)\pmod n \\ & = (mr)^e \pmod n \\ \end{align}

where is the encrypted version of the message. When the message is signed, the cleartext is easily extracted:

\begin{align} s' & = m''^d\pmod n \\ & = ((mr)^e\pmod n)^d\pmod n \\ & = (mr)^{ed} \pmod n \\ & = m \cdot r \pmod n \mbox{, since } ed \equiv 1 \pmod{\phi(n)}\\ \end{align}

Note that refers to Euler's totient function. The message is now easily obtained.

\begin{align} m = s' \cdot r^{-1} \pmod{n} \end{align}

This attack works because in this blind signature scheme the signer signs the message directly. By contrast, in an unblinded signature scheme the signer would typically use a padding scheme (e.g. by instead signing the result of a Cryptographic hash function applied to the message, instead of signing the message itself), however since the signer does not know the actual message, any padding scheme would produce an incorrect value when unblinded. Due to this multiplicative property of RSA, the same key should never be used for both encryption and signing purposes.

Read more about this topic:  Blind Signature

Famous quotes containing the words dangers of, dangers and/or blind:

    Culture is the suggestion, from certain best thoughts, that a man has a range of affinities through which he can modulate the violence of any master-tones that have a droning preponderance in his scale, and succor him against himself. Culture redresses this imbalance, puts him among equals and superiors, revives the delicious sense of sympathy, and warns him of the dangers of solitude and repulsion.
    Ralph Waldo Emerson (1803–1882)

    The greatest dangers have their allurements, if the want of success is likely to be attended with a degree of glory. Middling dangers are horrid, when the loss of reputation is the inevitable consequence of ill success.
    Philip Dormer Stanhope, 4th Earl Chesterfield (1694–1773)

    Most blest believer he!
    Who in that land of darkness and blind eyes
    Thy long-expected healing wings could see,
    When thou didst rise,
    And what can never more be done
    Did at midnight speak with the Sun!
    Henry Vaughan (1622–1695)