Advertisement

Practical Strongly Invisible and Strongly Accountable Sanitizable Signatures

  • Michael Till Beck
  • Jan Camenisch
  • David Derler
  • Stephan Krenn
  • Henrich C. Pöhls
  • Kai Samelin
  • Daniel Slamanig
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10342)

Abstract

Sanitizable signatures are a variant of digital signatures where a designated party (the sanitizer) can update admissible parts of a signed message. At PKC ’17, Camenisch et al. introduced the notion of invisible sanitizable signatures that hides from an outsider which parts of a message are admissible. Their security definition of invisibility, however, does not consider dishonest signers. Along the same lines, their signer-accountability definition does not prevent the signer from falsely accusing the sanitizer of having issued a signature on a sanitized message by exploiting the malleability of the signature itself. Both issues may limit the usefulness of their scheme in certain applications.

We revise their definitional framework, and present a new construction eliminating these shortcomings. In contrast to Camenisch et al.’s construction, ours requires only standard building blocks instead of chameleon hashes with ephemeral trapdoors. This makes this, now even stronger, primitive more attractive for practical use. We underpin the practical efficiency of our scheme by concrete benchmarks of a prototype implementation.

Keywords

Random Oracle Security Property Signed Message Message Space Anonymous Credential 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Ahn, J.H., Boneh, D., Camenisch, J., Hohenberger, S., shelat, A., Waters, B.: Computing on authenticated data. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 1–20. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-28914-9_1 CrossRefGoogle Scholar
  2. 2.
    Ateniese, G., Chou, D.H., Medeiros, B., Tsudik, G.: Sanitizable signatures. In: Vimercati, S.C., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005). doi: 10.1007/11555827_10 CrossRefGoogle Scholar
  3. 3.
    Ateniese, G., Magri, B., Venturi, D., Andrade, E.R.: Redactable blockchain - or - rewriting history in bitcoin and friends. IACR Cryptology ePrint Archive 2016, 757 (2016)Google Scholar
  4. 4.
    Bellare, M., Namprempre, C., Pointcheval, D., Semanko, M.: The one-more-rsa-inversion problems and the security of chaum’s blind signature scheme. J. Cryptol. 16(3), 185–215 (2003). doi: 10.1007/s00145-002-0120-1 MathSciNetCrossRefzbMATHGoogle Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: CCS, pp. 62–73 (1993)Google Scholar
  6. 6.
    Bilzhause, A., Huber, M., Pöhls, H.C., Samelin, K.: Cryptographically enforced four-eyes principle. In: ARES, pp. 760–767 (2016)Google Scholar
  7. 7.
    Brzuska, C., et al.: Redactable signatures for tree-structured data: definitions and constructions. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 87–104. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-13708-2_6 CrossRefGoogle Scholar
  8. 8.
    Brzuska, C., Fischlin, M., Freudenreich, T., Lehmann, A., Page, M., Schelbert, J., Schröder, D., Volk, F.: Security of sanitizable signatures revisited. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 317–336. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-00468-1_18 CrossRefGoogle Scholar
  9. 9.
    Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Sanitizable signatures: how to partially delegate control for authenticated data. In: BIOSIG, pp. 117–128 (2009)Google Scholar
  10. 10.
    Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Unlinkability of sanitizable signatures. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 444–461. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-13013-7_26 CrossRefGoogle Scholar
  11. 11.
    Brzuska, C., Pöhls, H.C., Samelin, K.: Non-interactive public accountability for sanitizable signatures. In: Capitani di Vimercati, S., Mitchell, C. (eds.) EuroPKI 2012. LNCS, vol. 7868, pp. 178–193. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40012-4_12 CrossRefGoogle Scholar
  12. 12.
    Brzuska, C., Pöhls, H.C., Samelin, K.: Efficient and perfectly unlinkable sanitizable signatures without group signatures. In: Katsikas, S., Agudo, I. (eds.) EuroPKI 2013. LNCS, vol. 8341, pp. 12–30. Springer, Heidelberg (2014). doi: 10.1007/978-3-642-53997-8_2 CrossRefGoogle Scholar
  13. 13.
    Camenisch, J., Derler, D., Krenn, S., Pöhls, H.C., Samelin, K., Slamanig, D.: Chameleon-hashes with ephemeral trapdoors and applications to invisible sanitizable signatures. IACR Cryptology ePrint Archive 2017, 11 (2017)Google Scholar
  14. 14.
    Camenisch, J., Lehmann, A., Neven, G., Samelin, K.: Virtual smart cards: how to sign with a password and a server. In: Zikas, V., Prisco, R. (eds.) SCN 2016. LNCS, vol. 9841, pp. 353–371. Springer, Cham (2016). doi: 10.1007/978-3-319-44618-9_19 Google Scholar
  15. 15.
    Canard, S., Jambert, A.: On extended sanitizable signature schemes. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 179–194. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-11925-5_13 CrossRefGoogle Scholar
  16. 16.
    Canard, S., Jambert, A., Lescuyer, R.: Sanitizable signatures with several signers and sanitizers. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 35–52. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-31410-0_3 CrossRefGoogle Scholar
  17. 17.
    Canard, S., Laguillaumie, F., Milhau, M.: Trapdoor sanitizable signatures and their application to content protection. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 258–276. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-68914-0_16 CrossRefGoogle Scholar
  18. 18.
    Canard, S., Lescuyer, R.: Protecting privacy by sanitizing personal data: a new approach to anonymous credentials. In: ASIACCS, pp. 381–392 (2013)Google Scholar
  19. 19.
    Damgård, I., Haagh, H., Orlandi, C.: Access control encryption: enforcing information flow with cryptography. In: Hirt, M., Smith, A. (eds.) TCC 2016. LNCS, vol. 9986, pp. 547–576. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-53644-5_21 CrossRefGoogle Scholar
  20. 20.
    Demirel, D., Derler, D., Hanser, C., Pöhls, H.C., Slamanig, D., Traverso, G.: PRISMACLOUD D4.4: overview of functional and malleable signature schemes. Technical report, H2020 Prismacloud (2015). www.prismacloud.eu
  21. 21.
    Derler, D., Hanser, C., Slamanig, D.: Blank digital signatures: optimization and practical experiences. In: Camenisch, J., Fischer-Hübner, S., Hansen, M. (eds.) Privacy and Identity 2014. IAICT, vol. 457, pp. 201–215. Springer, Cham (2015). doi: 10.1007/978-3-319-18621-4_14 CrossRefGoogle Scholar
  22. 22.
    Derler, D., Pöhls, H.C., Samelin, K., Slamanig, D.: A general framework for redactable signatures and new constructions. In: Kwon, S., Yun, A. (eds.) ICISC 2015. LNCS, vol. 9558, pp. 3–19. Springer, Cham (2016). doi: 10.1007/978-3-319-30840-1_1 CrossRefGoogle Scholar
  23. 23.
    Derler, D., Slamanig, D.: Rethinking privacy for extended sanitizable signatures and a black-box construction of strongly private schemes. In: Au, M.-H., Miyaji, A. (eds.) ProvSec 2015. LNCS, vol. 9451, pp. 455–474. Springer, Cham (2015). doi: 10.1007/978-3-319-26059-4_25 Google Scholar
  24. 24.
    Ejgenberg, Y., Farbstein, M., Levy, M., Lindell, Y.: SCAPI: the secure computation application programming interface. IACR Cryptology ePrint Archive 2012, 629 (2012)Google Scholar
  25. 25.
    Fehr, V., Fischlin, M.: Sanitizable signcryption: sanitization over encrypted data (full version). IACR Cryptology ePrint Archive, Report 2015/765 (2015)Google Scholar
  26. 26.
    Fleischhacker, N., Krupp, J., Malavolta, G., Schneider, J., Schröder, D., Simkin, M.: Efficient unlinkable sanitizable signatures from signatures with re-randomizable keys. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 301–330. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49384-7_12 CrossRefGoogle Scholar
  27. 27.
    Fleischhacker, N., Krupp, J., Malavolta, G., Schneider, J., Schröder, D., Simkin, M.: Efficient unlinkable sanitizable signatures from signatures with re-randomizable keys. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 301–330. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49384-7_12 CrossRefGoogle Scholar
  28. 28.
    Ghosh, E., Goodrich, M.T., Ohrimenko, O., Tamassia, R.: Fully-dynamic verifiable zero-knowledge order queries for network data. ePrint 2015, 283 (2015)Google Scholar
  29. 29.
    Ghosh, E., Ohrimenko, O., Tamassia, R.: Zero-Knowledge authenticated order queries and order statistics on a list. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 149–171. Springer, Cham (2015). doi: 10.1007/978-3-319-28166-7_8 CrossRefGoogle Scholar
  30. 30.
    Gong, J., Qian, H., Zhou, Y.: Fully-secure and practical sanitizable signatures. In: Lai, X., Yung, M., Lin, D. (eds.) Inscrypt 2010. LNCS, vol. 6584, pp. 300–317. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-21518-6_21 CrossRefGoogle Scholar
  31. 31.
    Hanser, C., Slamanig, D.: Blank digital signatures. In: ASIACCS, pp. 95–106 (2013)Google Scholar
  32. 32.
    Höhne, F., Pöhls, H.C., Samelin, K.: Rechtsfolgen editierbarer signaturen. Datenschutz und Datensicherheit 36(7), 485–491 (2012). doi: 10.1007/s11623-012-0165-8 CrossRefGoogle Scholar
  33. 33.
    Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002). doi: 10.1007/3-540-45760-7_17 CrossRefGoogle Scholar
  34. 34.
    Klonowski, M., Lauks, A.: Extended sanitizable signatures. In: Rhee, M.S., Lee, B. (eds.) ICISC 2006. LNCS, vol. 4296, pp. 343–355. Springer, Heidelberg (2006). doi: 10.1007/11927587_28 CrossRefGoogle Scholar
  35. 35.
    Krenn, S., Samelin, K., Sommer, D.: Stronger security for sanitizable signatures. In: Garcia-Alfaro, J., Navarro-Arribas, G., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM/QASA -2015. LNCS, vol. 9481, pp. 100–117. Springer, Cham (2016). doi: 10.1007/978-3-319-29883-2_7 CrossRefGoogle Scholar
  36. 36.
    de Meer, H., Pöhls, H.C., Posegga, J., Samelin, K.: Scope of security properties of sanitizable signatures revisited. In: ARES, pp. 188–197 (2013)Google Scholar
  37. 37.
    de Meer, H., Pöhls, H.C., Posegga, J., Samelin, K.: On the relation between redactable and sanitizable signature schemes. In: Jürjens, J., Piessens, F., Bielova, N. (eds.) ESSoS 2014. LNCS, vol. 8364, pp. 113–130. Springer, Cham (2014). doi: 10.1007/978-3-319-04897-0_8 CrossRefGoogle Scholar
  38. 38.
    Miyazaki, K., Hanaoka, G., Imai, H.: Invisibly sanitizable digital signature scheme. IEICE Trans. 91–A(1), 392–402 (2008)CrossRefGoogle Scholar
  39. 39.
    Pöhls, H.C., Peters, S., Samelin, K., Posegga, J., Meer, H.: Malleable signatures for resource constrained platforms. In: Cavallaro, L., Gollmann, D. (eds.) WISTP 2013. LNCS, vol. 7886, pp. 18–33. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38530-8_2 CrossRefGoogle Scholar
  40. 40.
    Pöhls, H.C., Samelin, K.: Accountable redactable signatures. In: ARES, pp. 60–69 (2015)Google Scholar
  41. 41.
    Pöhls, H.C., Samelin, K., Posegga, J.: Sanitizable signatures in XML signature — performance, mixing properties, and revisiting the property of transparency. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 166–182. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-21554-4_10 CrossRefGoogle Scholar
  42. 42.
    Samelin, K., Pöhls, H.C., Bilzhause, A., Posegga, J., Meer, H.: Redactable signatures for independent removal of structure and content. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 17–33. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-29101-2_2 CrossRefGoogle Scholar
  43. 43.
    Steinfeld, R., Bull, L., Zheng, Y.: Content extraction signatures. In: Kim, K. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 285–304. Springer, Heidelberg (2002). doi: 10.1007/3-540-45861-1_22 CrossRefGoogle Scholar
  44. 44.
    Yum, D.H., Seo, J.W., Lee, P.J.: Trapdoor sanitizable signatures made easy. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 53–68. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-13708-2_4 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Michael Till Beck
    • 1
  • Jan Camenisch
    • 2
  • David Derler
    • 3
  • Stephan Krenn
    • 4
  • Henrich C. Pöhls
    • 5
  • Kai Samelin
    • 2
    • 6
  • Daniel Slamanig
    • 3
  1. 1.Ludwig-Maximilians-Universität MünchenMunichGermany
  2. 2.IBM Research – ZurichRüschlikonSwitzerland
  3. 3.IAIKGraz University of TechnologyGrazAustria
  4. 4.AIT Austrian Institute of Technology GmbHViennaAustria
  5. 5.ISL and Chair of IT-SecurityUniversity of PassauPassauGermany
  6. 6.TU DarmstadtDarmstadtGermany

Personalised recommendations