The most common application of blinding is the blind signature.

Although the latter issue can probably be resolved using blind signatures, the first remains.

Blind signature schemes exist for many public key signing protocols.

Blind signature schemes see a great deal of use in applications where sender privacy is important.

European patent application on "Electronic voting process using fair blind signatures"

He used blind signatures to achieve unlinkability between withdrawal and spend transactions.

In a blind signature protocol, the signer digitally signs a message without being able to learn its content.

This attack works because in this blind signature scheme the signer signs the message directly.

In this important work, Chaum presents a new cryptographic primitive, blind signature protocols.

Anonymous internet banking depends on the mathematics of public key cryptography and blind signature algorithms.

Blind signatures are an important building block of many privacy-sensitive applications, such as anonymous payments, voting, and credentials.

It is based on blind signatures and is heavily influenced by DigiCash.

Like the first on-line method, it is based on RSA blind signatures.

One of the simplest blind signature schemes is based on RSA signing.

Schnorr also suggested enhancements for securing blind signatures schemes based on discrete logarithm problem.

Blind signatures are typically employed in privacy-related protocols where the signer and message author are different parties.

This implies that does not leak any information about m. The signing authority then calculates the blinded signature s' as:

The resulting blind signature can be publicly verified against the original, unblinded message in the manner of a regular digital signature.

An often-used analogy to the cryptographic blind signature is the physical act of enclosing a ballot in a special carbon paper lined envelope.

In these schemes, the final output (message/signature) of the blind signature scheme is identical to that of the normal signing protocol.

Cryptographers think of the field as originating in the work of Dr David Chaum who invented the blinded signature.

Blind signature schemes can be implemented using a number of common public key signing schemes, for instance RSA and DSA.

In some blind signature schemes, such as RSA, it is even possible to remove the blinding factor from the signature before it is verified.

The original idea for an anonymous credential system was derived from blind signatures, but relied on a trusted party for credential transfer-the translation from one pseudonym to another.

While blind signatures are highly relevant for electronic cash and one-show credentials, a new cryptographic primitive, called group signature, opened new possibilities for the construction of privacy enhancing protocols.