Efficient signature schemes supporting redaction, pseudonymization, and data deidentification

Haber, Stephen; Hatano, Yasuo; Honda, Yukio; Horne, William; Miyazaki, Kôji; Sander, Tomas; Tezoku, Satoru; Yao, Danfeng

doi:10.1145/1368310.1368362

Cited by 51 publications

(29 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors of [18] have recently proposed a concept to apply redactable signatures in context of Personal Health Records (PHRs) to realize minimum disclosure of personal information and to achieve cryptographic enforcement of dependencies between parts containing personal information. Another recent work developed independently from ours by Haber et al [15] can be considered as closest to the ideas presented in this paper. They present redactable signatures that can be used for pseudonymization and de-identification of data, although they mainly focus on relational, i.e.…”

Section: Medical Applicationssupporting

confidence: 54%

“…Furthermore, [15] have recently extended the approach of [2], such that a signer can specify which parts of a document are allowed to be redacted. Their approach is similar to the one of [1].…”

Section: Related Workmentioning

confidence: 99%

“…Hiding refers to the adversary's inability to reconstruct redacted parts of the document. Unforgeability is more involved and requires some definitions [2,15]:…”

Section: Security Of Generalized Redactable Signaturesmentioning

confidence: 99%

“…Nevertheless, is should be noted that we require the standard signature scheme used to sign the root of the modified Merkle-tree to provide eUF-CMA security. Thereby, our game is based on the security model of [15]. Basically, an adversary who manages to win this game with non-negligible probability, will be able to breach the security of some of the used cryptographic primitives with non-negligible probability.…”

Section: Security Of Generalized Redactable Signaturesmentioning

confidence: 99%

See 3 more Smart Citations

Generalizations and Extensions of Redactable Signatures with Applications to Electronic Healthcare

Slamanig

Raß

2010

Communications and Multimedia Security

View full text Add to dashboard Cite

Abstract. Redactable signatures allow for altering signed documents, retaining the validity of the signature without interaction with the original signer. In their plain form, such schemes are designed for documents having an unspecific structure, i.e. documents are simply considered as binary strings. In this work, we generalize the concept of redactable signatures towards documents that inherently provide a structure and investigate the security of our construction. Furthermore, we present extensions to our scheme, adding features not commonly provided by other redactable signature schemes. Additionally, various applications in healthcare are discussed, supporting the applicability and usability of our construction.

show abstract

Section: Medical Applicationssupporting

confidence: 54%

Section: Related Workmentioning

confidence: 99%

“…Hiding refers to the adversary's inability to reconstruct redacted parts of the document. Unforgeability is more involved and requires some definitions [2,15]:…”

Section: Security Of Generalized Redactable Signaturesmentioning

confidence: 99%

Section: Security Of Generalized Redactable Signaturesmentioning

confidence: 99%

See 2 more Smart Citations

Generalizations and Extensions of Redactable Signatures with Applications to Electronic Healthcare

Slamanig

Raß

2010

Communications and Multimedia Security

View full text Add to dashboard Cite

show abstract

“…This is especially true since further properties have been added to the models in subsequent works, like the requirement that the sanitizer's identity remains hidden [5] in the sanitizable signature model of [3], resembling the above notion of transparency. Nonetheless, one can divide the literature about sanitizable signatures roughly into the works following the approach by Ateniese et al, e.g., [6,7], and the works based on the approach by Miyazaki et al, including [8,9,10,5,11].…”

Section: Introductionmentioning

confidence: 99%

Security of Sanitizable Signatures Revisited

Brzuska

Fischlin

Freudenreich

et al. 2009

Public Key Cryptography – PKC 2009

123

View full text Add to dashboard Cite

Abstract. Sanitizable signature schemes, as defined by Ateniese et al. (ESORICS 2005), allow a signer to partly delegate signing rights to another party, called the sanitizer. That is, the sanitizer is able to modify a predetermined part of the original message such that the integrity and authenticity of the unchanged part is still verifiable. Ateniese et al. identify five security requirements for such schemes (unforgeability, immutability, privacy, transparency and accountability) but do not provide formal specifications for these properties. They also present a scheme that is supposed to satisfy these requirements.Here we revisit the security requirements for sanitizable signatures and, for the first time, present a comprehensive formal treatment. Besides a full characterization of the requirements we also investigate the relationship of the properties, showing for example that unforgeability follows from accountability. We then provide a full security proof for a modification of the original scheme according to our model.

show abstract