Redactable Signature Schemes for Trees with Signer-Controlled Non-Leaf-Redactions

  • Hermann de Meer
  • Henrich C. PöhlsEmail author
  • Joachim Posegga
  • Kai Samelin
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 455)


Redactable signature schemes (\(\mathsf{RSS }\)) permit to remove parts from signed documents, while the signature remains valid. Some \(\mathsf{RSS }\)s for trees allow to redact non-leaves. Then, new edges have to be added to the tree to preserve it’s structure. This alters the position of the nodes’ children and may alter the semantic meaning encoded into the tree’s structure. We propose an extended security model, where the signer explicitly controls among which nodes new edges can be added. We present a provably secure construction based on accumulators with the enhanced notions of indistinguishability and strong one-wayness.


Redactable signatures Malleable signatures Trees 


  1. 1.
    Pöhls, H.C., Samelin, K., de Meer, H., Posegga, J.: Flexible redactable signature schemes for trees - extended security model and construction. In: SECRYPT, pp. 113–125 (2012)Google Scholar
  2. 2.
    Miyazaki, K., et al.: Digitally signed document sanitizing scheme with disclosure condition control. IEICE Trans. 88–A, 239–246 (2005)CrossRefGoogle Scholar
  3. 3.
    Kundu, A., Bertino, E.: Privacy-preserving authentication of trees and graphs. Int. J. Inf. Sec. 12, 467–494 (2013)CrossRefGoogle Scholar
  4. 4.
    Pöhls, H.C., Samelin, K., Posegga, J.: Sanitizable signatures in XML signature — performance, mixing properties, and revisiting the property of transparency. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 166–182. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  5. 5.
    Slamanig, D., Rass, S.: Generalizations and extensions of redactable signatures with applications to electronic healthcare. In: De Decker, B., Schaumüller-Bichl, I. (eds.) CMS 2010. LNCS, vol. 6109, pp. 201–213. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  6. 6.
    Wu, Z.Y., Hsueh, C.W., Tsai, C.Y., Lai, F., Lee, H.C., Chung, Y.: Redactable Signatures for Signed CDA Documents. J. Med. Syst. 36(3), 1795–1808 (2012)CrossRefGoogle Scholar
  7. 7.
    Becker, A., Jensen, M.: Secure combination of xml signature application with message aggregation in multicast settings. In: ICWS, pp. 531–538 (2013)Google Scholar
  8. 8.
    Hanser, C., Slamanig, D.: Blank digital signatures. In: AsiaCCS, pp. 95–106. ACM (2013)Google Scholar
  9. 9.
    Rass, S., Slamanig, D.: Cryptography for Security and Privacy in Cloud Computing. Artech House, Boston (2013)Google Scholar
  10. 10.
    Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002) CrossRefGoogle Scholar
  11. 11.
    Steinfeld, R., Bull, L., Zheng, Y.: Content extraction signatures. In: Kim, K. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 285–304. Springer, Heidelberg (2002) CrossRefGoogle Scholar
  12. 12.
    Izu, T., Kanaya, N., Takenaka, M., Yoshioka, T.: PIATS: a partially sanitizable signature scheme. In: Qing, S., Mao, W., López, J., Wang, G. (eds.) ICICS 2005. LNCS, vol. 3783, pp. 72–83. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  13. 13.
    Izu, T., Takenaka, M., Yajima, J., Yoshioka, T.: Integrity assurance for real-time video recording. In: 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 651–655. IEEE (2012)Google Scholar
  14. 14.
    Miyazaki, K., Hanaoka, G.: Invisibly sanitizable digital signature scheme. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 91, 392–402 (2008)CrossRefGoogle Scholar
  15. 15.
    Miyazaki, K., Hanaoka, G., Imai, H.: Digitally signed document sanitizing scheme based on bilinear maps. In: ASIACCS, pp. 343–354. ACM (2006)Google Scholar
  16. 16.
    Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Sanitizable signatures. In: di Vimercati, S.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  17. 17.
    Brzuska, C., Fischlin, M., Freudenreich, T., Lehmann, A., Page, M., Schelbert, J., Schröder, D., Volk, F.: Security of sanitizable signatures revisited. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 317–336. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  18. 18.
    Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Sanitizable signatures: How to partially delegate control for authenticated data. In: Proceedings of BIOSIG. LNI, vol. 155, pp. 117–128. GI (2009)Google Scholar
  19. 19.
    Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Unlinkability of sanitizable signatures. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 444–461. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  20. 20.
    Gong, J., Qian, H., Zhou, Y.: Fully-secure and practical sanitizable signatures. In: Lai, X., Yung, M., Lin, D. (eds.) Inscrypt 2010. LNCS, vol. 6584, pp. 300–317. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  21. 21.
    Lai, J., Ding, X., Wu, Y.: Accountable trapdoor sanitizable signatures. In: Deng, R.H., Feng, T. (eds.) ISPEC 2013. LNCS, vol. 7863, pp. 117–131. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  22. 22.
    de Meer, H., Pöhls, H.C., Posegga, J., Samelin, K.: On the relation between redactable and sanitizable signature schemes. In: Jürjens, J., Piessens, F., Bielova, N. (eds.) ESSoS 2014. LNCS, vol. 8364, pp. 113–130. Springer, Heidelberg (2014) CrossRefGoogle Scholar
  23. 23.
    Pöhls, H.C., Peters, S., Samelin, K., Posegga, J., de Meer, H.: Malleable signatures for resource constrained platforms. In: Cavallaro, L., Gollmann, D. (eds.) WISTP 2013. LNCS, vol. 7886, pp. 18–33. Springer, Heidelberg (2013) Google Scholar
  24. 24.
    Chang, E.-C., Lim, C.L., Xu, J.: Short redactable signatures using random trees. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 133–147. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  25. 25.
    Samelin, K., Pöhls, H.C., Bilzhause, A., Posegga, J., de Meer, H.: Redactable signatures for independent removal of structure and content. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 17–33. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  26. 26.
    Brzuska, C., et al.: Redactable signatures for tree-structured data: definitions and constructions. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 87–104. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  27. 27.
    Haber, S., Hatano, Y., Honda, Y., Horne, W.G., Miyazaki, K., Sander, T., Tezoku, S., Yao, D.: Efficient signature schemes supporting redaction, pseudonymization, and data deidentification. In: ASIACCS, pp. 353–362 (2008)Google Scholar
  28. 28.
    Ahn, J.H., Boneh, D., Camenisch, J., Hohenberger, S., Shelat, A., Waters, B.: Computing on authenticated data. ePrint Report 2011/096 (2011)Google Scholar
  29. 29.
    Attrapadung, N., Libert, B., Peters, T.: Computing on authenticated data: new privacy definitions and constructions. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 367–385. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  30. 30.
    Attrapadung, N., Libert, B., Peters, T.: Efficient completely context-hiding quotable and linearly homomorphic signatures. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 386–404. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  31. 31.
    Backes, M., Meiser, S., Schröder, D.: Delegatable functional signatures. IACR Cryptology ePrint Archive 2013, 408 (2013)Google Scholar
  32. 32.
    Boneh, D., Freeman, D.M.: Homomorphic signatures for polynomial functions. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 149–168. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  33. 33.
    Boyle, E., Goldwasser, S., Ivan, I.: Functional signatures and pseudorandom functions. IACR Cryptology ePrint Archive 2013, 401 (2013)Google Scholar
  34. 34.
    Samelin, K., Pöhls, H.C., Bilzhause, A., Posegga, J., de Meer, H.: On structural signatures for tree data structures. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 171–187. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  35. 35.
    Gottlob, G., Koch, C., Pichler, R.: The complexity of XPath query evaluation. In: Symposium on Principles of Database Systems, PODS, pp. 179–190. ACM, New York (2003)Google Scholar
  36. 36.
    Barić, N., Pfitzmann, B.: Collision-free accumulators and fail-stop signature schemes without trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480–494. Springer, Heidelberg (1997) CrossRefGoogle Scholar
  37. 37.
    Benaloh, J.C., de Mare, M.: One-way accumulators: a decentralized alternative to digital signatures (extended abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994) CrossRefGoogle Scholar
  38. 38.
    Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM JoC 17, 281–308 (1988)MathSciNetzbMATHGoogle Scholar
  39. 39.
    Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28, 270–299 (1984)MathSciNetCrossRefzbMATHGoogle Scholar
  40. 40.
    Lipmaa, H.: Secure accumulators from euclidean rings without trusted setup. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 224–240. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  41. 41.
    Sander, T.: Efficient accumulators without trapdoor extended abstract. In: Varadharajan, V., Mu, Y. (eds.) ICICS 1999. LNCS, vol. 1726, pp. 252–262. Springer, Heidelberg (1999) CrossRefGoogle Scholar
  42. 42.
    Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002) CrossRefGoogle Scholar
  43. 43.
    Buldas, A., Laud, P., Lipmaa, H.: Accountable certificate management using undeniable attestations. In: ACM Conference on Computer and Communications Security, pp. 9–17 (2000)Google Scholar
  44. 44.
    Nyberg, K.: Fast accumulated hashing. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 83–87. Springer, Heidelberg (1996) CrossRefGoogle Scholar
  45. 45.
    de Meer, H., Liedel, M., Pöhls, H.C., Posegga, J., Samelin, K.: Indistinguishability of one-way accumulators. Technical report MIP-1210, University of Passau (2012)Google Scholar
  46. 46.
    Hirose, S., Kuwakado, H.: Redactable signature scheme for tree-structured data based on merkle tree. In: SECRYPT, pp. 313–320 (2013)Google Scholar
  47. 47.
    Brzuska, C., Pöhls, H.C., Samelin, K.: Non-interactive public accountability for sanitizable signatures. In: De Capitani di Vimercati, S., Mitchell, C. (eds.) EuroPKI 2012. LNCS, vol. 7868, pp. 178–193. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  48. 48.
    Brzuska, C., Pöhls, H.C., Samelin, K.: Efficient and perfectly unlinkable sanitizable signatures without group signatures. In: Katsikas, S., Agudo, I. (eds.) EuroPKI 2013. LNCS, vol. 8341, pp. 12–30. Springer, Heidelberg (2014) CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Hermann de Meer
    • 1
    • 3
  • Henrich C. Pöhls
    • 2
    • 3
    Email author
  • Joachim Posegga
    • 2
    • 3
  • Kai Samelin
    • 3
  1. 1.Chair of Computer Networks and CommunicationsUniversity of PassauPassauGermany
  2. 2.Chair of IT-SecurityUniversity of PassauPassauGermany
  3. 3.Institute of IT-Security and Security Law (ISL)University of PassauPassauGermany

Personalised recommendations