A General Framework for Redactable Signatures and New Constructions

Derler, David; Pöhls, Henrich C.; Samelin, Kai; Slamanig, Daniel

doi:10.1007/978-3-319-30840-1_1

Cited by 32 publications

(24 citation statements)

References 33 publications

(25 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Miyazaki et al [32] also considered "invisible sanitizable signatures" which is actually a different primitive known as redactable signatures [15] as discussed in [10]. Extensions of sanitizable signatures such as the multi-sanitizer setting [12] and a setting where the modification capabilities of the sanitizer are limited [11] were considered.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Efficient Invisible and Unlinkable Sanitizable Signatures

Bultel

Lafourcade

Lai

et al. 2019

Public-Key Cryptography – PKC 2019

View full text Add to dashboard Cite

Sanitizable signatures allow designated parties (the sanitizers) to apply arbitrary modifications to some restricted parts of signed messages. A secure scheme should not only be unforgeable, but also protect privacy and hold both the signer and the sanitizer accountable. Two important security properties that are seemingly difficult to achieve simultaneously and efficiently are invisibility and unlinkability. While invisibility ensures that the admissible modifications are hidden from external parties, unlinkability says that sanitized signatures cannot be linked to their sources. Achieving both properties simultaneously is crucial for applications where sensitive personal data is signed with respect to data-dependent admissible modifications. The existence of an efficient construction achieving both properties was recently posed as an open question by Camenisch et al. (PKC'17). In this work, we propose a solution to this problem with a two-step construction. First, we construct (non-accountable) invisible and unlinkable sanitizable signatures from signatures on equivalence classes and other basic primitives. Second, we put forth a generic transformation using verifiable ring signatures to turn any non-accountable sanitizable signature into an accountable one while preserving all other properties. When instantiating in the generic group and random oracle model, the efficiency of our construction is comparable to that of prior constructions, while providing stronger security guarantees.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Extensions of sanitizable signatures such as the multi-sanitizer setting [12] and a setting where the modification capabilities of the sanitizer are limited [11] were considered. Other primitives related to sanitizable signatures include homomorphic signatures [27,26], redactable signatures [15,35,5], and proxy signatures [37,36,34].…”

Section: Related Workmentioning

confidence: 99%

Efficient Invisible and Unlinkable Sanitizable Signatures

Bultel

Lafourcade

Lai

et al. 2019

Public-Key Cryptography – PKC 2019

View full text Add to dashboard Cite

show abstract

“…Overview. Redactable signatures, also known as malleable signatures, provide a means for, within given boundaries, redacting parts or field blocks from digitally signed digital documents, without the signature losing its validity [11]. In applications employing redactable signatures, one signer signs a digital document, from which a second user is able to redact some information (redacting in the sense of suppressing or "blacking out"), keeping in mind that redaction rules apply, i.e., not all fields are redactable.…”

Section: Hcip2 Stencil For Digital Document Redactionmentioning

confidence: 99%

HCI Patterns for Cryptographically Equipped Cloud Services

Länger

Alaqra

Fischer‐Hübner

et al. 2018

Human-Computer Interaction. Theories, Methods, and Human Issues

View full text Add to dashboard Cite

Recent cryptographic research has devised several new algorithms and protocols with a potential of mitigating several of the most ardent security and privacy threats, existing in currently available public cloud services. Nevertheless, such cryptographic schemes often exhibit counterintuitive functionality to end users, or they work differently to other already established traditional schemes with which users are already familiar. A practical solution to address these problems involves a human centered design approach, deriving Human Computer Interaction (HCI) requirements from consultations and extensive testing with experts, prospective end users, and other stakeholders. The European Horizon 2020 project PRISMACLOUD "Privacy and Security Maintaining Services for the Cloud" uses such an approach and provides HCI patterns as part of its proper cloud service development methodology CryptSDLC to communicate HCI requirements to cloud service designers and user interface implementers. In this article, we present several new cryptographic cloud services, e.g. for redacting digitally signed data, and for redundant storage and sharing of confidential data in a public cloud scenario, together with three example HCI patterns for specific interactions of end users with these services. We show how these patterns were elaborated and validated in practice to prove the suitability for their intended purpose. To summarize, we give an account on our practical experience during the actual prototype development and implementation and show how they constitute an essential element of the CryptSDLC development methodology.

show abstract

“…Informally, redactable signatures [31,38,48] allow to sign documents, where certain predefined parts can later be blacked out (or cloaked) without signer interaction and without invalidating the signature. A redactable signature scheme (RSS) is a tuple of efficient algorithms (KeyGen, Sign, Verify, Redact), which are defined as follows (using the notation of [19]):…”

Section: Instantiationsmentioning

confidence: 99%

“…See [19] for a formal security model. Besides these properties, the security model for RSS has been refined and extended several times.…”

Section: Instantiationsmentioning

confidence: 99%

Towards Authenticity and Privacy Preserving Accountable Workflows

Derler

Hanser

Pöhls

et al. 2016

IFIP Advances in Information and Communication Technology

Self Cite

View full text Add to dashboard Cite

HAL is a multidisciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.

show abstract

A General Framework for Redactable Signatures and New Constructions

Cited by 32 publications

References 33 publications

Efficient Invisible and Unlinkable Sanitizable Signatures

Efficient Invisible and Unlinkable Sanitizable Signatures

HCI Patterns for Cryptographically Equipped Cloud Services

Towards Authenticity and Privacy Preserving Accountable Workflows

Contact Info

Product

Resources

About