Efficient Sanitizable Signatures Without Random Oracles
Sanitizable signatures, introduced by Ateniese et al. (ESORICS ’05), allow the signer to delegate the sanitization right of signed messages. The sanitizer can modify the message and update the signature accordingly, so that the sanitized part of the message is kept private. For stronger protection of sensitive information, it is desirable that no one can link sanitized message-signature pairs of the same document. This idea was formalized by Brzuska et al. (PKC ’10) as unlinkability, which was followed up recently by Fleischhacker et al. (PKC ’16). Unfortunately, these generic constructions of sanitizable signatures, unlinkable or not, are based on building blocks with specially crafted features which efficient (standard model) instantiations are absent. Basing on existing primitives or a conceptually simple primitive is more desirable.
In this work, we present two such generic constructions, leading to efficient instantiations in the standard model. The first one is based on rerandomizable tagging, a new primitive which may find independent interests. It captures the core accountability mechanism of sanitizable signatures. The second one is based on accountable ring signatures (CARDIS ’04, ESORICS ’15). As an intermediate result, we propose the first accountable ring signature scheme in the standard model.
KeywordsSignature Scheme Generic Construction Random Oracle Random Oracle Model Pseudorandom Function
We thank the anonymous reviewers for their comments on our manuscript.
Sherman Chow is supported by the Early Career Award and the Early Career Scheme (CUHK 439713), and General Research Funds (CUHK 14201914) of the Research Grants Council, University Grant Committee of Hong Kong.
Dominique Schröder is supported by the German Federal Ministry of Education and Research (BMBF) through funding for the project PROMISE and by the German research foundation (DFG) through funding for the collaborative research center 1223.
- 18.Catalano, D.: Homomorphic signatures and message authentication codes. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 514–519. Springer, Heidelberg (2014)Google Scholar
- 23.Fleischhacker, N., Krupp, J., Malavolta, G., Schneider, J., Schröder, D., Simkin, M.: Efficient unlinkable sanitizable signatures from signatures with re-randomizable keys. In: Cheng, C.-M., et al. (eds.) PKC 2016. LNCS, vol. 9614, pp. 301–330. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49384-7_12 CrossRefGoogle Scholar
- 29.Krawczyk, H., Rabin, T.: Chameleon signatures. In: NDSS 2000. The Internet Society, February 2000Google Scholar