David Chaum introduced blind signatures almost four decades ago [1], as the fundamental building block to implement a form of untraceable digital cash. His proposal was to represent each digital coin as a unique serial number blindly signed by the issuing bank. The unique serial number embedded in the coin would prevent double spending, while the blind signature over the coin would guarantee both untraceability (by not knowing which coin was signed) and unforgeability (by signing the coins in the first place). Unfortunately, the way Chaum explained the blindness property has somewhat obscured the fact that it actually has two different faces.

Read the rest of this entry »