blindness

2 files changed, 13 insertions, 6 deletions

diff --git a/taler-fc19/paper.tex b/taler-fc19/paper.tex
index 3fdc1ce..c82f33f 100644
--- a/taler-fc19/paper.tex
+++ b/taler-fc19/paper.tex
@@ -772,12 +772,10 @@ Such blind signature protocols have already been used to construct e-cash
 

 We require the following two security properties for $\textsc{BlindSign}$:

 \begin{itemize}

-  \item \emph{blindness}: Let $M$ be the set of all possible messages and $\overline{M}$ be the

-    set of all possible blinded messages. Then the distribution of

-    \[ \left\{ (m, \overline{m}) \,\middle| m\, \randsel M, \overline{m} \leftarrow \algo{Blind}_{BS}(\mathcal{S}(\V{sk}), m) \right\} \]

-    must be computationally

-    indistinguishable from

-    \[ \left\{ (m, x) \,\middle|\, m \randsel M, x \randsel \overline{M} \right\}. \]

+  \item \emph{blindness}: It should be computationally infeasible for a

+    malicious signer to decide which of two messages and has been signed first

+    in two executions with an honest user.  The corresponding game can defined as

+    in Abe and Okamoto \cite{abe2000provably}.

   \item \emph{unforgeability}:  An adversary that requests $k$ signatures with $\algo{Sign}_{BS}$

     is unable to produce $k+1$ valid signatures with non-negligible probability.

 \end{itemize}

diff --git a/taler-fc19/ref.bib b/taler-fc19/ref.bib
index 4fda028..007ee7d 100644
--- a/taler-fc19/ref.bib
+++ b/taler-fc19/ref.bib
@@ -2379,3 +2379,12 @@ url    = {https://www.crockford.com/wrmg/base32.html}
 	year =		2010,
 	month =		may,
 }
+
+@inproceedings{abe2000provably,
+  title={Provably secure partially blind signatures},
+  author={Abe, Masayuki and Okamoto, Tatsuaki},
+  booktitle={Annual International Cryptology Conference},
+  pages={271--286},
+  year={2000},
+  organization={Springer}
+}