Search code examples
pythoncryptographypycryptoblind-signature

Blinding a message with PyCrypto in Python 3+


In Python 2, there were two methods called blind/unblind. Their docs recommend that you should now use pkcs1_15, however they only show how to sign/verify a message.

Their sample code looks like this:

from Crypto.Signature import pkcs1_15
from Crypto.Hash import SHA256
from Crypto.PublicKey import RSA

# Generate a new RSA key pair
private_key = RSA.generate(3072)
public_key = private_key.publickey()

# Message which is larger than the modulus
message = 'Some arbitrary text to blind.'
message = message.encode('utf-8')
hashed_message = SHA256.new(message)

# Sign message on the senders side
signed_message = pkcs1_15.new(private_key).sign(hashed_message)

# On the receivers' side, you can verify the signed message with the public key
pkcs1_15.new(public_key).verify(hashed_message, signed_message)

# No exceptions raised, so we can conclude that the signature is valid.

Does anyone know what the code would look like, if one were to blind it instead?


Solution

  • Firstly: PyCrypto is no longer maintained, and one should use its mostly-API-compatible successor, PyCryptodome, instead. If one is willing to learn a new API, they even advocate to switch to the Cryptography library instead.

    According to their documentation, they fully dropped support for manually blinding and unblinding messages. Instead they ask you to specifically pick one of the supported padding schemes, as is done in the sample code in your question.

    Now of course, if you are looking for actual blind signatures as per your tag, then it seems that you'll have to move away from PyCrypto(dome), as they no longer support that. In fact there seems to be no out-of-the-box support in any of the big Python cryptographic libraries, based on a cursory search.