diff --git a/blog/assets/images/privacy-pass/Blind_signatures.png b/blog/assets/images/privacy-pass/blind-signatures.png
similarity index 100%
rename from blog/assets/images/privacy-pass/Blind_signatures.png
rename to blog/assets/images/privacy-pass/blind-signatures.png
diff --git a/blog/assets/images/privacy-pass/google-vpn.webp b/blog/assets/images/privacy-pass/google-vpn.webp
new file mode 100644
index 00000000..b8ffec62
Binary files /dev/null and b/blog/assets/images/privacy-pass/google-vpn.webp differ
diff --git a/blog/posts/privacy-pass.md b/blog/posts/privacy-pass.md
index 8b3b4412..ab1af448 100644
--- a/blog/posts/privacy-pass.md
+++ b/blog/posts/privacy-pass.md
@@ -222,4 +222,8 @@ Apple's Private Relay uses RSA blind signatures to anonymously authenticate user
 
 Google's [VPN](https://www.gstatic.com/vpn/google_vpn_white_paper.pdf) also uses blind signatures to protect users.
 
+![Diagram showing Google's blind signature VPN authentication scheme](../assets/images/privacy-pass/google-vpn.webp)
+
+<small aria-hidden="true">Image: [Google](https://www.gstatic.com/vpn/google_vpn_white_paper.pdf)</small>
+
 Hopefully we can see more VPN companies start to use Privacy Pass to authenticate users, I think it would be a massive improvement to user privacy.