Skip to main content
SpringerLink
Log in

Verifiably encrypted cascade-instantiable blank signatures to secure progressive decision management

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

In this paper, we introduce the notion of verifiably encrypted cascade-instantiable blank signatures (CBS) in a multi-user setting. In CBS, there is a delegation chain that starts with an originator and is followed by a sequence of proxies. The originator creates and signs a template, which may comprise fixed fields and exchangeable fields. Thereafter, each proxy along the delegation chain is able to make an instantiation of the template from the choices passed down from her direct predecessor, before generating a signature for her instantiation. First, we present a non-interactive basic CBS construction that does not rely on any shared secret parameters among the users. In verifying an instantiation signature, all the preceding instantiation signatures leading back to the template signature are also verified concurrently. It is formally proved to be secure against collusion attacks by the originator and proxies. Second, we investigate verifiably encrypted CBS to provide fairness between the originator and proxies, where the security model is stricter than basic CBS in that the adversary may also collude with the arbitrator. Efficiency analysis shows that the proposed CBS schemes enjoy linear computation costs. Finally, we extend our scheme to CBS supporting designated instantiations, free instantiations, privately verifiable template signature, identity-based CBS, as well as CBS secure against proxy-key exposure.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Asokan, N., Schunter, M., Waidner, M.: Optimistic protocols for fair exchange. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 7–17. CCS’97, ACM, New York, NY, USA (1997)

  2. Asokan, N., Shoup, V., Waidner, M.: Optimistic fair exchange of digital signatures. In: Nyberg, K. (ed.) Advances in Cryptology-EUROCRYPT’98. LNCS, vol. 1403. Springer, Heidelberg (1998)

    Google Scholar 

  3. Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Anitizable signatures. In: di Vimercati, S., Syverson, P., Gollmann, D. (eds.) Computer Security-ESORICS 2005, LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  4. Bao, F., Deng, R.H., Mao, W.: Efficient and practical fair exchange protocols with off-line TTP. In: 1998 IEEE Symposium on Security and Privacy, 1998, Proceedings, pp. 77–85 (1998)

  5. Bao, F., Deng, R.H., Ding, X., Lai, J., Zhao, Y.: Hierarchical identity-based chameleon hash and its applications. In: Lopez, J., Tsudik, G. (eds.) Applied Cryptography and Network Security, LNCS, vol. 6715, pp. 201–219. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  6. Boldyreva, A., Gentry, C., O’Neill, A., Yum, D.H.: Ordered multisignatures and identity-based sequential aggregate signatures, with applications to secure routing. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 276–285. CCS’07, ACM, New York, NY, USA (2007)

  7. Boldyreva, A., Palacio, A., Warinschi, B.: Secure proxy signature schemes for delegation of signing rights. J. Cryptol. 25(1), 57–115 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  8. Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Biham, E. (ed.) Advances in Cryptology-EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Brzuska, C., Busch, H., Dagdelen, O., Fischlin, M., Franz, M., Katzenbeisser, S., Manulis, M., Onete, C., Peter, A., Poettering, B., Schröder, D.: Redactable signatures for tree-structured data: definitions and constructions. In: Zhou, J., Yung, M. (eds.) Applied Cryptography and Network Security, LNCS, vol. 6123, pp. 87–104. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  10. Brzuska, C., Fischlin, M., Freudenreich, T., Lehmann, A., Page, M., Schelbert, J., Schröder, D., Volk, F.: Security of sanitizable signatures revisited. In: Jarecki, S., Tsudik, G. (eds.) Public Key Cryptography-PKC 2009, LNCS, vol. 5443, pp. 317–336. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  11. Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Unlinkability of sanitizable signatures. In: Nguyen, P.Q., Pointcheval, D. (eds.) Public Key Cryptography-PKC 2010, LNCS, vol. 6056, pp. 444–461. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  12. Canard, S., Jambert, A.: On extended sanitizable signature schemes. In: Pieprzyk, J. (ed.) Topics in Cryptology-CT-RSA 2010, LNCS, vol. 5985, pp. 179–194. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  13. Canard, S., Laguillaumie, F., Milhau, M.: Trapdoor sanitizable signatures and their application to content protection. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) Applied Cryptography and Network Security, LNCS, vol. 5037, pp. 258–276. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  14. Chang, E.C., Lim, C.L., Xu, J.: Short redactable signatures using random trees. In: Fischlin, M. (ed.) Topics in Cryptology-CT-RSA 2009, LNCS, vol. 5473, pp. 133–147. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  15. Derler, D., Hanser, C., Slamanig, D.: Blank digital signatures: optimization and practical experiences. In: Camenisch, J., Fischer-Hübner, S., Hansen, M. (eds.) Privacy and Identity Management for the Future Internet in the Age of Globalisation, IFIP Advances in Information and Communication Technology, vol. 457, pp. 201–215. Springer, Berlin (2015)

    Google Scholar 

  16. Draper-Gil, G., Zhou, J., Ferrer-Gomila, J.L., Hinarejos, M.F.: An optimistic fair exchange protocol with active intermediaries. Int. J. Inf. Secur. 12(4), 299–318 (2013)

    Article  Google Scholar 

  17. Fuchsbauer, G., Pointcheval, D.: Anonymous proxy signatures. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) Security and Cryptography for Networks, LNCS, vol. 5229. Springer, Heidelberg (2008)

    Google Scholar 

  18. Hanser, C., Rabkin, M., Schröder, D.: Verifiably encrypted signatures: security revisited and a new construction. In: Pernul, G., Yaryan, P., Weippl, E. (eds.) Computer Security-ESORICS 2015, Part I. LNCS, vol. 9326, pp. 146–164. Springer International Publishing, Cham (2015)

    Chapter  Google Scholar 

  19. Hanser, C., Slamanig, D.: Blank digital signatures. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 95–106. ASIA CCS’13, ACM, New York, NY, USA (2013)

  20. Huang, Q., Wong, D.S., Susilo, W.: Group-oriented fair exchange of signatures. Inf. Sci. 181(16), 3267–3283 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  21. Huang, Q., Wong, D.S., Susilo, W.: The construction of ambiguous optimistic fair exchange from designated confirmer signature without random oracles. Inf. Sci. 228, 222–238 (2013)

    Article  MathSciNet  MATH  Google Scholar 

  22. Huang, Q., Wong, D.S., Susilo, W.: P\(^2\)OFE: privacy-preserving optimistic fair exchange of digital signatures. In: Benaloh, J. (ed.) CT-RSA 2014, LNCS, vol. 8366, pp. 367–384. Springer, Heidelberg (2014)

    Google Scholar 

  23. Huang, Q., Yang, G., Wong, D.S., Susilo, W.: Ambiguous optimistic fair exchange. In: Pieprzyk, J. (ed.) Advances in Cryptology-ASIACRYPT 2008. LNCS, vol. 5350, pp. 74–89. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  24. Huang, Q., Yang, G., Wong, D.S., Susilo, W.: A new efficient optimistic fair exchange protocol without random oracles. Int. J. Inf. Secur. 11(1), 53–63 (2011)

    Article  Google Scholar 

  25. Huang, X., Mu, Y., Susilo, W., Wu, W., Xiang, Y.: Further observations on optimistic fair exchange protocols in the multi-user setting. In: Nguyen, P., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 124–141. Springer, Heidelberg (2010)

    Google Scholar 

  26. Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) Topics in Cryptology-CT-RSA 2002, LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  27. Kate, A., Zaverucha, G.M., Goldberg, I.: Constant-size commitments to polynomials and their applications. In: Abe, M. (ed.) Advances in Cryptology-ASIACRYPT 2010, LNCS, vol. 6477, pp. 177–194. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  28. Kim, K.S., Jeong, I.R.: Efficient verifiably encrypted signatures from lattices. Int. J. Inf. Secur. 13(4), 305–314 (2014)

    Article  Google Scholar 

  29. Klonowski, M., Lauks, A.: Extended sanitizable signatures. In: Rhee, M.S., Lee, B. (eds.) Information Security and Cryptology-ICISC 2006, LNCS, vol. 4296, pp. 343–355. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  30. Kundu, A., Atallah, M.J., Bertino, E.: Leakage-free redactable signatures. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy, pp. 307–316. CODASPY’12, ACM, New York, NY, USA (2012)

  31. Kundu, A., Bertino, E.: Structural signatures for tree data structures. Proc. VLDB Endow. 1(1), 138–150 (2008)

    Article  Google Scholar 

  32. Lai, J., Ding, X., Wu, Y.: Accountable trapdoor sanitizable signatures. In: Deng, R.H., Feng, T. (eds.) Information Security Practice and Experience, LNCS, vol. 7863, pp. 117–131. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  33. Lee, J.Y., Cheon, J.H., Kim, S.: An analysis of proxy signatures: is a secure channel necessary? In: Joye, M. (ed.) Topics in Cryptology-CT-RSA 2003, LNCS, vol. 2612, pp. 68–79. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  34. Lim, S., Lee, E., Park, C.M.: A short redactable signature scheme using pairing. Secur. Commun. Netw. 5(5), 523–534 (2012)

    Article  Google Scholar 

  35. Lysyanskaya, A., Micali, S., Reyzin, L., Shacham, H.: Sequential aggregate signatures from trapdoor permutations. In: Cachin, C., Camenisch, J.L. (eds.) Advances in Cryptology-EUROCRYPT 2004, LNCS, vol. 3027, pp. 74–90. Springer, Heidelberg (2004)

  36. Malkin, T., Obana, S., Yung, M.: The hierarchy of key evolving signatures and a characterization of proxy signatures. In: Cachin, C., Camenisch, J. (eds.) Advances in Cryptology-EUROCRYPT 2004, LNCS, vol. 3027, pp. 306–322. Springer, Heidelberg (2004)

  37. Mambo, M., Usuda, K., Okamoto, E.: Proxy signatures for delegating signing operation. In: Proceedings of the 3rd ACM Conference on Computer and Communications Security, pp. 48–57. CCS’96, ACM, New York, NY, USA (1996)

  38. Nishimaki, R., Xagawa, K.: Verifiably encrypted signatures with short keys based on the decisional linear problem and obfuscation for encrypted ves. In: Kurosawa, K., Hanaoka, G. (eds.) Public-Key Cryptography-PKC 2013. LNCS, vol. 7778, pp. 405–422. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  39. Pöhls, H.C., Samelin, K.: On updatable redactable signatures. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) Applied Cryptography and Network Security. LNCS, vol. 8479, pp. 457–475. Springer International Publishing, Berlin (2014)

    Google Scholar 

  40. Qu, L., Wang, G., Mu, Y.: Optimistic fair exchange of ring signatures. In: Rajarajan, M., Piper, F., Wang, H., Kesidis, G. (eds.) Security and Privacy in Communication Networks, pp. 227–242. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  41. Schuldt, J.C.N., Matsuura, K., Paterson, K.G.: Proxy signatures secure against proxy key exposure. In: Cramer, R. (ed.) Public Key Cryptography-PKC 2008, LNCS, vol. 4939, pp. 141–161. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  42. Tan, K.W., Deng, R.H.: Applying sanitizable signature to web-service-enabled business processes: going beyond integrity protection. In: IEEE International Conference on Web Services, 2009. ICWS 2009, pp. 67–74 (2009)

  43. Wang, G., Bao, F., Zhou, J., Deng, R.H.: Security analysis of some proxy signatures. In: Lim, J.I., Lee, D.H. (eds.) Information Security and Cryptology-ICISC 2003, LNCS, vol. 2971, pp. 305–319. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  44. Wang, H., Pieprzyk, J.: Efficient one-time proxy signatures. In: Laih, C.S. (ed.) Advances in Cryptology-ASIACRYPT 2003, LNCS, vol. 2894, pp. 507–522. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  45. Wang, Y., Au, M., Liu, J., Yuen, T., Susilo, W.: Threshold-oriented optimistic fair exchange. In: Lopez, J., Huang, X., Sandhu, R. (eds.) Network and System Security, pp. 424–438. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  46. Wang, Y., Wu, Q., Wong, D.S., Qin, B., Liu, J., Mao, J.: Optimistic fair exchange of distributed signatures. In: CSC 2014, pp. 85–90. IET (2014)

  47. Yuen, T.H., Susilo, W., Liu, J.K., Mu, Y.: Sanitizable signatures revisited. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) Cryptology and Network Security, LNCS, vol. 5339, pp. 80–97. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  48. Yum, D.H., Seo, J.W., Lee, P.J.: Trapdoor sanitizable signatures made easy. In: Zhou, J., Yung, M. (eds.) Applied Cryptography and Network Security, LNCS, vol. 6123, pp. 53–68. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  49. Zhang, L., Wu, Q., Qin, B.: Identity-based verifiably encrypted signatures without random oracles. In: Pieprzyk, J., Zhang, F. (eds.) Provable Security, LNCS, vol. 5848, pp. 76–89. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  50. Zhang, L., Wu, Q., Qin, B.: Identity-based optimistic fair exchange in the standard model. Secur. Commun. Netw. 6(8), 1010–1020 (2013)

    Article  Google Scholar 

Download references

Acknowledgements

This work is supported by Singapore National Research Foundation under the NCR Award Number NRF2014NCR-NCR001-012.

Author information

Authors and Affiliations

  1. School of Information Systems, Singapore Management University, 80 Stamford Road, Singapore, 178902, Singapore

    Yujue Wang, HweeHwa Pang & Robert H. Deng

Authors
  1. Yujue Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. HweeHwa Pang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Robert H. Deng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yujue Wang.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wang, Y., Pang, H. & Deng, R.H. Verifiably encrypted cascade-instantiable blank signatures to secure progressive decision management. Int. J. Inf. Secur. 17, 347–363 (2018). https://doi.org/10.1007/s10207-017-0372-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-017-0372-2

Keywords

Search

Navigation