Paper 2022/047

Short Pairing-Free Blind Signatures with Exponential Security

Stefano Tessaro and Chenzhi Zhu


This paper proposes the first practical pairing-free three-move blind signature schemes that (1) are concurrently secure, (2) produce short signatures (i.e., three or four group elements/scalars), and (3) are provably secure either in the generic group model (GGM) or the algebraic group model (AGM) under the (plain or one-more) discrete logarithm assumption (beyond additionally assuming random oracles). We also propose a partially blind version of one of our schemes. Our schemes do not rely on the hardness of the ROS problem (which can be broken in polynomial time) or of the mROS problem (which admits sub-exponential attacks). The only prior work with these properties is Abe’s signature scheme (EUROCRYPT ’02), which was recently proved to be secure in the AGM by Kastner et al. (PKC ’22), but which also produces signatures twice as long as those from our scheme. The core of our proofs of security is a new problem, called weighted fractional ROS (WFROS), for which we prove (unconditional) exponential lower bounds.

Available format(s)
Public-key cryptography
Publication info
Preprint. MINOR revision.
Blind SignaturesDigital Signatures
Contact author(s)
tessaro @ cs washington edu
zhucz20 @ cs washington edu
2022-01-14: revised
2022-01-14: received
See all versions
Short URL
Creative Commons Attribution


      author = {Stefano Tessaro and Chenzhi Zhu},
      title = {Short Pairing-Free Blind Signatures with Exponential Security},
      howpublished = {Cryptology ePrint Archive, Paper 2022/047},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.