New primitive: blind signatures.

This commit introduces blind signatures, as requested by Verifpal
user Professor Marko Schuetz-Schmuck from the University of Puerto

Two new primitives are introduced: BLIND and UNBLIND. The interface
works as follows:

b = BLIND(k, m)
SIGN(a, b)
UNBLIND(k, m, SIGN(a, BLIND(k, m))) = SIGN(a, m)

The purpose of blind signatures is to allow a party to sign a message
without having access to its contents. To fulfill this purpose, a sender
"blinds" a message m with "blinding factor" k and sends the resulting
blinded message m.

The signer signs the blinded message m with their private key a.

Then, using UNBLIND and their blinding factor k, the sender can "unblind"
the signature SIGN(a, BLIND(K, m)) and obtain SIGN(a, m).

Therfore, the signer signed the message without knowing it, and the
sender was able to obtain the signature of the signer on the original
message without revealing the message.

Note that an attacker possessing b and k can obtain m.

An example model is included in `examples/blind.vp`.

Further testing of this new primitive is very much appreciated.

The Verifpal User Manual and Verifpal for Visual Studio Code will be
updated momentarily to reflect the new BLIND and UNBLIND primitives.
2 jobs for master in 38 seconds
Status Job ID Name Coverage
passed #403


passed #404