Focus point of the paper are blind digital signatures. The team of HPI Prof. Anja Lehmann and doctoral students Cavit Özbay (HPI) and Phillip Nazarian (UCI) is working on methods to make these signatures even more secure. At the IACR EUROCRYPT 2025 in Madrid, one of the most important cryptography conferences, they’ve now had the chance to present their paper.
The collaboration arose from a partnership between HPI and the University of California. UCI doctoral student Phillip Nazarian embarked on a research trip to Potsdam.
“My PhD advisor at UCI has collaborated with Prof. Anja Lehmann in the past, so he was aware that my research interests had some similarity with the work being done at HPI. When Anja reached out to us about the partnership between the two universities, it seemed like a great opportunity to work together on a project.”
Together with the team from the Cybersecurity – Identity Management chair, the doctoral student worked at HPI from June to July 2024 to develop the core framework for the paper, which they have now been able to present. Two months of intensive collaboration – he was particularly surprised by the lively exchange within the HPI team:
“Our crypto group is quite small here at UCI, and our schedules don't always line up too well because of teaching work and other commitments. One thing I loved about being at HPI was that there were always people around the office to discuss ideas with. This helped us to make very quick progress on the project!”
Their paper: How can the security of blind threshold signatures be improved?
Blind digital signatures can be used to authenticate documents without revealing their content. One example is digital elections: The ballot is digitally signed by the election committee without revealing its content – in other words, blindly. This makes the vote valid, but the secrecy of the ballot remains intact.
At the same time, digital signatures should also be better protected against attempts at forgery. In cryptography, there is a particular helpful approach for this: threshold signature schemes. Here, the signing key is distributed over a number of signers, and not just one entity signs a document, but several entities are responsible for creating a signature. This means that each party produces a signature share, and only when enough – namely a certain threshold – are put together, a valid signature is created. This distributed setting makes the secret signing key more difficult to corrupt, and security is guaranteed as long as not a significant number of key shares has been compromised.
However, when combining both concepts – threshold and blind signatures – an interesting challenge arises, namely: What does security even mean for this blind variant, i.e., how can privacy and security be combined? With normal blind digital signatures, there is a simple way to detect a forgery: although the signer does not know what message they have signed, they do know how many have been signed. So if someone suddenly claims to have more signatures than the signatory has signed documents, it is clear that a forgery has occurred.
When bringing blind signatures into the threshold setting, this is no longer as straightforward. This is because many possible combinations of signature shares exist: signers do not know which messages they have signed and therefore do not know to how many signatures they have actually contributed.
So what does security mean in the context of blind threshold signatures and do existing schemes meet their expectations? That is the question Prof. Lehmann's team is addressing.
Prof. Lehmann explains: “The main challenge when working at this intersection of security and privacy is understanding and formally capturing how these properties can coexist, and what security even means. Our work shows that the existing security notion of threshold blind signatures was too weak and proposes a framework of several stronger notions and techniques to achieve them.”
Now they had the opportunity to present their paper at one of the most important cryptography conferences and discuss their findings.
The team's goal is to use their findings to advance research in this field. “We hope that our definitional framework will help future research on threshold blind signatures, to targe more meaningful notions of security and ensuring that they provide the expected guarantees,” says Prof. Lehmann.
The entire paper is available here: https://eprint.iacr.org/2025/353
