Abstract
In this paper, we introduce the notion of verifiably encrypted cascade-instantiable blank signatures (CBS) in a multi-user setting. In CBS, there is a delegation chain that starts with an originator and is followed by a sequence of proxies. The originator creates and signs a template, which may comprise fixed fields and exchangeable fields. Thereafter, each proxy along the delegation chain is able to make an instantiation of the template from the choices passed down from her direct predecessor, before generating a signature for her instantiation. First, we present a non-interactive basic CBS construction that does not rely on any shared secret parameters among the users. In verifying an instantiation signature, all the preceding instantiation signatures leading back to the template signature are also verified concurrently. It is formally proved to be secure against collusion attacks by the originator and proxies. Second, we investigate verifiably encrypted CBS to provide fairness between the originator and proxies, where the security model is stricter than basic CBS in that the adversary may also collude with the arbitrator. Efficiency analysis shows that the proposed CBS schemes enjoy linear computation costs. Finally, we extend our scheme to CBS supporting designated instantiations, free instantiations, privately verifiable template signature, identity-based CBS, as well as CBS secure against proxy-key exposure.
Similar content being viewed by others
References
Asokan, N., Schunter, M., Waidner, M.: Optimistic protocols for fair exchange. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 7–17. CCS’97, ACM, New York, NY, USA (1997)
Asokan, N., Shoup, V., Waidner, M.: Optimistic fair exchange of digital signatures. In: Nyberg, K. (ed.) Advances in Cryptology-EUROCRYPT’98. LNCS, vol. 1403. Springer, Heidelberg (1998)
Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Anitizable signatures. In: di Vimercati, S., Syverson, P., Gollmann, D. (eds.) Computer Security-ESORICS 2005, LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005)
Bao, F., Deng, R.H., Mao, W.: Efficient and practical fair exchange protocols with off-line TTP. In: 1998 IEEE Symposium on Security and Privacy, 1998, Proceedings, pp. 77–85 (1998)
Bao, F., Deng, R.H., Ding, X., Lai, J., Zhao, Y.: Hierarchical identity-based chameleon hash and its applications. In: Lopez, J., Tsudik, G. (eds.) Applied Cryptography and Network Security, LNCS, vol. 6715, pp. 201–219. Springer, Heidelberg (2011)
Boldyreva, A., Gentry, C., O’Neill, A., Yum, D.H.: Ordered multisignatures and identity-based sequential aggregate signatures, with applications to secure routing. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 276–285. CCS’07, ACM, New York, NY, USA (2007)
Boldyreva, A., Palacio, A., Warinschi, B.: Secure proxy signature schemes for delegation of signing rights. J. Cryptol. 25(1), 57–115 (2012)
Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Biham, E. (ed.) Advances in Cryptology-EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)
Brzuska, C., Busch, H., Dagdelen, O., Fischlin, M., Franz, M., Katzenbeisser, S., Manulis, M., Onete, C., Peter, A., Poettering, B., Schröder, D.: Redactable signatures for tree-structured data: definitions and constructions. In: Zhou, J., Yung, M. (eds.) Applied Cryptography and Network Security, LNCS, vol. 6123, pp. 87–104. Springer, Heidelberg (2010)
Brzuska, C., Fischlin, M., Freudenreich, T., Lehmann, A., Page, M., Schelbert, J., Schröder, D., Volk, F.: Security of sanitizable signatures revisited. In: Jarecki, S., Tsudik, G. (eds.) Public Key Cryptography-PKC 2009, LNCS, vol. 5443, pp. 317–336. Springer, Heidelberg (2009)
Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Unlinkability of sanitizable signatures. In: Nguyen, P.Q., Pointcheval, D. (eds.) Public Key Cryptography-PKC 2010, LNCS, vol. 6056, pp. 444–461. Springer, Heidelberg (2010)
Canard, S., Jambert, A.: On extended sanitizable signature schemes. In: Pieprzyk, J. (ed.) Topics in Cryptology-CT-RSA 2010, LNCS, vol. 5985, pp. 179–194. Springer, Heidelberg (2010)
Canard, S., Laguillaumie, F., Milhau, M.: Trapdoor sanitizable signatures and their application to content protection. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) Applied Cryptography and Network Security, LNCS, vol. 5037, pp. 258–276. Springer, Heidelberg (2008)
Chang, E.C., Lim, C.L., Xu, J.: Short redactable signatures using random trees. In: Fischlin, M. (ed.) Topics in Cryptology-CT-RSA 2009, LNCS, vol. 5473, pp. 133–147. Springer, Heidelberg (2009)
Derler, D., Hanser, C., Slamanig, D.: Blank digital signatures: optimization and practical experiences. In: Camenisch, J., Fischer-Hübner, S., Hansen, M. (eds.) Privacy and Identity Management for the Future Internet in the Age of Globalisation, IFIP Advances in Information and Communication Technology, vol. 457, pp. 201–215. Springer, Berlin (2015)
Draper-Gil, G., Zhou, J., Ferrer-Gomila, J.L., Hinarejos, M.F.: An optimistic fair exchange protocol with active intermediaries. Int. J. Inf. Secur. 12(4), 299–318 (2013)
Fuchsbauer, G., Pointcheval, D.: Anonymous proxy signatures. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) Security and Cryptography for Networks, LNCS, vol. 5229. Springer, Heidelberg (2008)
Hanser, C., Rabkin, M., Schröder, D.: Verifiably encrypted signatures: security revisited and a new construction. In: Pernul, G., Yaryan, P., Weippl, E. (eds.) Computer Security-ESORICS 2015, Part I. LNCS, vol. 9326, pp. 146–164. Springer International Publishing, Cham (2015)
Hanser, C., Slamanig, D.: Blank digital signatures. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 95–106. ASIA CCS’13, ACM, New York, NY, USA (2013)
Huang, Q., Wong, D.S., Susilo, W.: Group-oriented fair exchange of signatures. Inf. Sci. 181(16), 3267–3283 (2011)
Huang, Q., Wong, D.S., Susilo, W.: The construction of ambiguous optimistic fair exchange from designated confirmer signature without random oracles. Inf. Sci. 228, 222–238 (2013)
Huang, Q., Wong, D.S., Susilo, W.: P\(^2\)OFE: privacy-preserving optimistic fair exchange of digital signatures. In: Benaloh, J. (ed.) CT-RSA 2014, LNCS, vol. 8366, pp. 367–384. Springer, Heidelberg (2014)
Huang, Q., Yang, G., Wong, D.S., Susilo, W.: Ambiguous optimistic fair exchange. In: Pieprzyk, J. (ed.) Advances in Cryptology-ASIACRYPT 2008. LNCS, vol. 5350, pp. 74–89. Springer, Heidelberg (2008)
Huang, Q., Yang, G., Wong, D.S., Susilo, W.: A new efficient optimistic fair exchange protocol without random oracles. Int. J. Inf. Secur. 11(1), 53–63 (2011)
Huang, X., Mu, Y., Susilo, W., Wu, W., Xiang, Y.: Further observations on optimistic fair exchange protocols in the multi-user setting. In: Nguyen, P., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 124–141. Springer, Heidelberg (2010)
Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) Topics in Cryptology-CT-RSA 2002, LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002)
Kate, A., Zaverucha, G.M., Goldberg, I.: Constant-size commitments to polynomials and their applications. In: Abe, M. (ed.) Advances in Cryptology-ASIACRYPT 2010, LNCS, vol. 6477, pp. 177–194. Springer, Heidelberg (2010)
Kim, K.S., Jeong, I.R.: Efficient verifiably encrypted signatures from lattices. Int. J. Inf. Secur. 13(4), 305–314 (2014)
Klonowski, M., Lauks, A.: Extended sanitizable signatures. In: Rhee, M.S., Lee, B. (eds.) Information Security and Cryptology-ICISC 2006, LNCS, vol. 4296, pp. 343–355. Springer, Heidelberg (2006)
Kundu, A., Atallah, M.J., Bertino, E.: Leakage-free redactable signatures. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy, pp. 307–316. CODASPY’12, ACM, New York, NY, USA (2012)
Kundu, A., Bertino, E.: Structural signatures for tree data structures. Proc. VLDB Endow. 1(1), 138–150 (2008)
Lai, J., Ding, X., Wu, Y.: Accountable trapdoor sanitizable signatures. In: Deng, R.H., Feng, T. (eds.) Information Security Practice and Experience, LNCS, vol. 7863, pp. 117–131. Springer, Heidelberg (2013)
Lee, J.Y., Cheon, J.H., Kim, S.: An analysis of proxy signatures: is a secure channel necessary? In: Joye, M. (ed.) Topics in Cryptology-CT-RSA 2003, LNCS, vol. 2612, pp. 68–79. Springer, Heidelberg (2003)
Lim, S., Lee, E., Park, C.M.: A short redactable signature scheme using pairing. Secur. Commun. Netw. 5(5), 523–534 (2012)
Lysyanskaya, A., Micali, S., Reyzin, L., Shacham, H.: Sequential aggregate signatures from trapdoor permutations. In: Cachin, C., Camenisch, J.L. (eds.) Advances in Cryptology-EUROCRYPT 2004, LNCS, vol. 3027, pp. 74–90. Springer, Heidelberg (2004)
Malkin, T., Obana, S., Yung, M.: The hierarchy of key evolving signatures and a characterization of proxy signatures. In: Cachin, C., Camenisch, J. (eds.) Advances in Cryptology-EUROCRYPT 2004, LNCS, vol. 3027, pp. 306–322. Springer, Heidelberg (2004)
Mambo, M., Usuda, K., Okamoto, E.: Proxy signatures for delegating signing operation. In: Proceedings of the 3rd ACM Conference on Computer and Communications Security, pp. 48–57. CCS’96, ACM, New York, NY, USA (1996)
Nishimaki, R., Xagawa, K.: Verifiably encrypted signatures with short keys based on the decisional linear problem and obfuscation for encrypted ves. In: Kurosawa, K., Hanaoka, G. (eds.) Public-Key Cryptography-PKC 2013. LNCS, vol. 7778, pp. 405–422. Springer, Heidelberg (2013)
Pöhls, H.C., Samelin, K.: On updatable redactable signatures. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) Applied Cryptography and Network Security. LNCS, vol. 8479, pp. 457–475. Springer International Publishing, Berlin (2014)
Qu, L., Wang, G., Mu, Y.: Optimistic fair exchange of ring signatures. In: Rajarajan, M., Piper, F., Wang, H., Kesidis, G. (eds.) Security and Privacy in Communication Networks, pp. 227–242. Springer, Heidelberg (2012)
Schuldt, J.C.N., Matsuura, K., Paterson, K.G.: Proxy signatures secure against proxy key exposure. In: Cramer, R. (ed.) Public Key Cryptography-PKC 2008, LNCS, vol. 4939, pp. 141–161. Springer, Heidelberg (2008)
Tan, K.W., Deng, R.H.: Applying sanitizable signature to web-service-enabled business processes: going beyond integrity protection. In: IEEE International Conference on Web Services, 2009. ICWS 2009, pp. 67–74 (2009)
Wang, G., Bao, F., Zhou, J., Deng, R.H.: Security analysis of some proxy signatures. In: Lim, J.I., Lee, D.H. (eds.) Information Security and Cryptology-ICISC 2003, LNCS, vol. 2971, pp. 305–319. Springer, Heidelberg (2004)
Wang, H., Pieprzyk, J.: Efficient one-time proxy signatures. In: Laih, C.S. (ed.) Advances in Cryptology-ASIACRYPT 2003, LNCS, vol. 2894, pp. 507–522. Springer, Heidelberg (2003)
Wang, Y., Au, M., Liu, J., Yuen, T., Susilo, W.: Threshold-oriented optimistic fair exchange. In: Lopez, J., Huang, X., Sandhu, R. (eds.) Network and System Security, pp. 424–438. Springer, Heidelberg (2013)
Wang, Y., Wu, Q., Wong, D.S., Qin, B., Liu, J., Mao, J.: Optimistic fair exchange of distributed signatures. In: CSC 2014, pp. 85–90. IET (2014)
Yuen, T.H., Susilo, W., Liu, J.K., Mu, Y.: Sanitizable signatures revisited. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) Cryptology and Network Security, LNCS, vol. 5339, pp. 80–97. Springer, Heidelberg (2008)
Yum, D.H., Seo, J.W., Lee, P.J.: Trapdoor sanitizable signatures made easy. In: Zhou, J., Yung, M. (eds.) Applied Cryptography and Network Security, LNCS, vol. 6123, pp. 53–68. Springer, Heidelberg (2010)
Zhang, L., Wu, Q., Qin, B.: Identity-based verifiably encrypted signatures without random oracles. In: Pieprzyk, J., Zhang, F. (eds.) Provable Security, LNCS, vol. 5848, pp. 76–89. Springer, Heidelberg (2009)
Zhang, L., Wu, Q., Qin, B.: Identity-based optimistic fair exchange in the standard model. Secur. Commun. Netw. 6(8), 1010–1020 (2013)
Acknowledgements
This work is supported by Singapore National Research Foundation under the NCR Award Number NRF2014NCR-NCR001-012.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wang, Y., Pang, H. & Deng, R.H. Verifiably encrypted cascade-instantiable blank signatures to secure progressive decision management. Int. J. Inf. Secur. 17, 347–363 (2018). https://doi.org/10.1007/s10207-017-0372-2
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-017-0372-2