Verifiably encrypted cascade-instantiable blank signatures to secure progressive decision management

  • Yujue Wang
  • HweeHwa Pang
  • Robert H. Deng
Regular Contribution


In this paper, we introduce the notion of verifiably encrypted cascade-instantiable blank signatures (CBS) in a multi-user setting. In CBS, there is a delegation chain that starts with an originator and is followed by a sequence of proxies. The originator creates and signs a template, which may comprise fixed fields and exchangeable fields. Thereafter, each proxy along the delegation chain is able to make an instantiation of the template from the choices passed down from her direct predecessor, before generating a signature for her instantiation. First, we present a non-interactive basic CBS construction that does not rely on any shared secret parameters among the users. In verifying an instantiation signature, all the preceding instantiation signatures leading back to the template signature are also verified concurrently. It is formally proved to be secure against collusion attacks by the originator and proxies. Second, we investigate verifiably encrypted CBS to provide fairness between the originator and proxies, where the security model is stricter than basic CBS in that the adversary may also collude with the arbitrator. Efficiency analysis shows that the proposed CBS schemes enjoy linear computation costs. Finally, we extend our scheme to CBS supporting designated instantiations, free instantiations, privately verifiable template signature, identity-based CBS, as well as CBS secure against proxy-key exposure.


Digital signature Blank signature Proxy signature Sanitizable signature Redactable signature Verifiably encrypted signature Optimistic fair exchange Delegation chain 



This work is supported by Singapore National Research Foundation under the NCR Award Number NRF2014NCR-NCR001-012.


  1. 1.
    Asokan, N., Schunter, M., Waidner, M.: Optimistic protocols for fair exchange. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 7–17. CCS’97, ACM, New York, NY, USA (1997)Google Scholar
  2. 2.
    Asokan, N., Shoup, V., Waidner, M.: Optimistic fair exchange of digital signatures. In: Nyberg, K. (ed.) Advances in Cryptology-EUROCRYPT’98. LNCS, vol. 1403. Springer, Heidelberg (1998)Google Scholar
  3. 3.
    Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Anitizable signatures. In: di Vimercati, S., Syverson, P., Gollmann, D. (eds.) Computer Security-ESORICS 2005, LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Bao, F., Deng, R.H., Mao, W.: Efficient and practical fair exchange protocols with off-line TTP. In: 1998 IEEE Symposium on Security and Privacy, 1998, Proceedings, pp. 77–85 (1998)Google Scholar
  5. 5.
    Bao, F., Deng, R.H., Ding, X., Lai, J., Zhao, Y.: Hierarchical identity-based chameleon hash and its applications. In: Lopez, J., Tsudik, G. (eds.) Applied Cryptography and Network Security, LNCS, vol. 6715, pp. 201–219. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  6. 6.
    Boldyreva, A., Gentry, C., O’Neill, A., Yum, D.H.: Ordered multisignatures and identity-based sequential aggregate signatures, with applications to secure routing. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 276–285. CCS’07, ACM, New York, NY, USA (2007)Google Scholar
  7. 7.
    Boldyreva, A., Palacio, A., Warinschi, B.: Secure proxy signature schemes for delegation of signing rights. J. Cryptol. 25(1), 57–115 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  8. 8.
    Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Biham, E. (ed.) Advances in Cryptology-EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Brzuska, C., Busch, H., Dagdelen, O., Fischlin, M., Franz, M., Katzenbeisser, S., Manulis, M., Onete, C., Peter, A., Poettering, B., Schröder, D.: Redactable signatures for tree-structured data: definitions and constructions. In: Zhou, J., Yung, M. (eds.) Applied Cryptography and Network Security, LNCS, vol. 6123, pp. 87–104. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  10. 10.
    Brzuska, C., Fischlin, M., Freudenreich, T., Lehmann, A., Page, M., Schelbert, J., Schröder, D., Volk, F.: Security of sanitizable signatures revisited. In: Jarecki, S., Tsudik, G. (eds.) Public Key Cryptography-PKC 2009, LNCS, vol. 5443, pp. 317–336. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Unlinkability of sanitizable signatures. In: Nguyen, P.Q., Pointcheval, D. (eds.) Public Key Cryptography-PKC 2010, LNCS, vol. 6056, pp. 444–461. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    Canard, S., Jambert, A.: On extended sanitizable signature schemes. In: Pieprzyk, J. (ed.) Topics in Cryptology-CT-RSA 2010, LNCS, vol. 5985, pp. 179–194. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  13. 13.
    Canard, S., Laguillaumie, F., Milhau, M.: Trapdoor sanitizable signatures and their application to content protection. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) Applied Cryptography and Network Security, LNCS, vol. 5037, pp. 258–276. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  14. 14.
    Chang, E.C., Lim, C.L., Xu, J.: Short redactable signatures using random trees. In: Fischlin, M. (ed.) Topics in Cryptology-CT-RSA 2009, LNCS, vol. 5473, pp. 133–147. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  15. 15.
    Derler, D., Hanser, C., Slamanig, D.: Blank digital signatures: optimization and practical experiences. In: Camenisch, J., Fischer-Hübner, S., Hansen, M. (eds.) Privacy and Identity Management for the Future Internet in the Age of Globalisation, IFIP Advances in Information and Communication Technology, vol. 457, pp. 201–215. Springer, Berlin (2015)Google Scholar
  16. 16.
    Draper-Gil, G., Zhou, J., Ferrer-Gomila, J.L., Hinarejos, M.F.: An optimistic fair exchange protocol with active intermediaries. Int. J. Inf. Secur. 12(4), 299–318 (2013)CrossRefGoogle Scholar
  17. 17.
    Fuchsbauer, G., Pointcheval, D.: Anonymous proxy signatures. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) Security and Cryptography for Networks, LNCS, vol. 5229. Springer, Heidelberg (2008)Google Scholar
  18. 18.
    Hanser, C., Rabkin, M., Schröder, D.: Verifiably encrypted signatures: security revisited and a new construction. In: Pernul, G., Yaryan, P., Weippl, E. (eds.) Computer Security-ESORICS 2015, Part I. LNCS, vol. 9326, pp. 146–164. Springer International Publishing, Cham (2015)CrossRefGoogle Scholar
  19. 19.
    Hanser, C., Slamanig, D.: Blank digital signatures. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 95–106. ASIA CCS’13, ACM, New York, NY, USA (2013)Google Scholar
  20. 20.
    Huang, Q., Wong, D.S., Susilo, W.: Group-oriented fair exchange of signatures. Inf. Sci. 181(16), 3267–3283 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
  21. 21.
    Huang, Q., Wong, D.S., Susilo, W.: The construction of ambiguous optimistic fair exchange from designated confirmer signature without random oracles. Inf. Sci. 228, 222–238 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  22. 22.
    Huang, Q., Wong, D.S., Susilo, W.: P\(^2\)OFE: privacy-preserving optimistic fair exchange of digital signatures. In: Benaloh, J. (ed.) CT-RSA 2014, LNCS, vol. 8366, pp. 367–384. Springer, Heidelberg (2014)Google Scholar
  23. 23.
    Huang, Q., Yang, G., Wong, D.S., Susilo, W.: Ambiguous optimistic fair exchange. In: Pieprzyk, J. (ed.) Advances in Cryptology-ASIACRYPT 2008. LNCS, vol. 5350, pp. 74–89. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  24. 24.
    Huang, Q., Yang, G., Wong, D.S., Susilo, W.: A new efficient optimistic fair exchange protocol without random oracles. Int. J. Inf. Secur. 11(1), 53–63 (2011)CrossRefGoogle Scholar
  25. 25.
    Huang, X., Mu, Y., Susilo, W., Wu, W., Xiang, Y.: Further observations on optimistic fair exchange protocols in the multi-user setting. In: Nguyen, P., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 124–141. Springer, Heidelberg (2010)Google Scholar
  26. 26.
    Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) Topics in Cryptology-CT-RSA 2002, LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  27. 27.
    Kate, A., Zaverucha, G.M., Goldberg, I.: Constant-size commitments to polynomials and their applications. In: Abe, M. (ed.) Advances in Cryptology-ASIACRYPT 2010, LNCS, vol. 6477, pp. 177–194. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  28. 28.
    Kim, K.S., Jeong, I.R.: Efficient verifiably encrypted signatures from lattices. Int. J. Inf. Secur. 13(4), 305–314 (2014)CrossRefGoogle Scholar
  29. 29.
    Klonowski, M., Lauks, A.: Extended sanitizable signatures. In: Rhee, M.S., Lee, B. (eds.) Information Security and Cryptology-ICISC 2006, LNCS, vol. 4296, pp. 343–355. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  30. 30.
    Kundu, A., Atallah, M.J., Bertino, E.: Leakage-free redactable signatures. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy, pp. 307–316. CODASPY’12, ACM, New York, NY, USA (2012)Google Scholar
  31. 31.
    Kundu, A., Bertino, E.: Structural signatures for tree data structures. Proc. VLDB Endow. 1(1), 138–150 (2008)CrossRefGoogle Scholar
  32. 32.
    Lai, J., Ding, X., Wu, Y.: Accountable trapdoor sanitizable signatures. In: Deng, R.H., Feng, T. (eds.) Information Security Practice and Experience, LNCS, vol. 7863, pp. 117–131. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  33. 33.
    Lee, J.Y., Cheon, J.H., Kim, S.: An analysis of proxy signatures: is a secure channel necessary? In: Joye, M. (ed.) Topics in Cryptology-CT-RSA 2003, LNCS, vol. 2612, pp. 68–79. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  34. 34.
    Lim, S., Lee, E., Park, C.M.: A short redactable signature scheme using pairing. Secur. Commun. Netw. 5(5), 523–534 (2012)CrossRefGoogle Scholar
  35. 35.
    Lysyanskaya, A., Micali, S., Reyzin, L., Shacham, H.: Sequential aggregate signatures from trapdoor permutations. In: Cachin, C., Camenisch, J.L. (eds.) Advances in Cryptology-EUROCRYPT 2004, LNCS, vol. 3027, pp. 74–90. Springer, Heidelberg (2004)Google Scholar
  36. 36.
    Malkin, T., Obana, S., Yung, M.: The hierarchy of key evolving signatures and a characterization of proxy signatures. In: Cachin, C., Camenisch, J. (eds.) Advances in Cryptology-EUROCRYPT 2004, LNCS, vol. 3027, pp. 306–322. Springer, Heidelberg (2004)Google Scholar
  37. 37.
    Mambo, M., Usuda, K., Okamoto, E.: Proxy signatures for delegating signing operation. In: Proceedings of the 3rd ACM Conference on Computer and Communications Security, pp. 48–57. CCS’96, ACM, New York, NY, USA (1996)Google Scholar
  38. 38.
    Nishimaki, R., Xagawa, K.: Verifiably encrypted signatures with short keys based on the decisional linear problem and obfuscation for encrypted ves. In: Kurosawa, K., Hanaoka, G. (eds.) Public-Key Cryptography-PKC 2013. LNCS, vol. 7778, pp. 405–422. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  39. 39.
    Pöhls, H.C., Samelin, K.: On updatable redactable signatures. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) Applied Cryptography and Network Security. LNCS, vol. 8479, pp. 457–475. Springer International Publishing, Berlin (2014)Google Scholar
  40. 40.
    Qu, L., Wang, G., Mu, Y.: Optimistic fair exchange of ring signatures. In: Rajarajan, M., Piper, F., Wang, H., Kesidis, G. (eds.) Security and Privacy in Communication Networks, pp. 227–242. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  41. 41.
    Schuldt, J.C.N., Matsuura, K., Paterson, K.G.: Proxy signatures secure against proxy key exposure. In: Cramer, R. (ed.) Public Key Cryptography-PKC 2008, LNCS, vol. 4939, pp. 141–161. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  42. 42.
    Tan, K.W., Deng, R.H.: Applying sanitizable signature to web-service-enabled business processes: going beyond integrity protection. In: IEEE International Conference on Web Services, 2009. ICWS 2009, pp. 67–74 (2009)Google Scholar
  43. 43.
    Wang, G., Bao, F., Zhou, J., Deng, R.H.: Security analysis of some proxy signatures. In: Lim, J.I., Lee, D.H. (eds.) Information Security and Cryptology-ICISC 2003, LNCS, vol. 2971, pp. 305–319. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  44. 44.
    Wang, H., Pieprzyk, J.: Efficient one-time proxy signatures. In: Laih, C.S. (ed.) Advances in Cryptology-ASIACRYPT 2003, LNCS, vol. 2894, pp. 507–522. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  45. 45.
    Wang, Y., Au, M., Liu, J., Yuen, T., Susilo, W.: Threshold-oriented optimistic fair exchange. In: Lopez, J., Huang, X., Sandhu, R. (eds.) Network and System Security, pp. 424–438. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  46. 46.
    Wang, Y., Wu, Q., Wong, D.S., Qin, B., Liu, J., Mao, J.: Optimistic fair exchange of distributed signatures. In: CSC 2014, pp. 85–90. IET (2014)Google Scholar
  47. 47.
    Yuen, T.H., Susilo, W., Liu, J.K., Mu, Y.: Sanitizable signatures revisited. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) Cryptology and Network Security, LNCS, vol. 5339, pp. 80–97. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  48. 48.
    Yum, D.H., Seo, J.W., Lee, P.J.: Trapdoor sanitizable signatures made easy. In: Zhou, J., Yung, M. (eds.) Applied Cryptography and Network Security, LNCS, vol. 6123, pp. 53–68. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  49. 49.
    Zhang, L., Wu, Q., Qin, B.: Identity-based verifiably encrypted signatures without random oracles. In: Pieprzyk, J., Zhang, F. (eds.) Provable Security, LNCS, vol. 5848, pp. 76–89. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  50. 50.
    Zhang, L., Wu, Q., Qin, B.: Identity-based optimistic fair exchange in the standard model. Secur. Commun. Netw. 6(8), 1010–1020 (2013)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2017

Authors and Affiliations

  1. 1.School of Information SystemsSingapore Management UniversitySingaporeSingapore

Personalised recommendations