Redactable Signatures for Independent Removal of Structure and Content
نویسندگان
چکیده
In this paper, we present a provably secure redactable signature scheme allowing to independently redact structure and content. We identify the problems when structure is not separated from content, resulting in an attack on the scheme proposed at VLDB ’08 by Kundu and Bertino. The attack allows for changing the semantic meaning of a given tree. We introduce a rigid security model, including consecutive redaction control, to formalize the required behaviour of our scheme. Moreover, we present first performance evaluations of our implementation to demonstrate the practical use of the presented scheme.
منابع مشابه
Efficient Transparent Redactable Signatures with a Single Signature Invocation
A redactable signature scheme is one that allows the original signature to be used, usually along with some additional data, to verify certain carefully specified changes to the original document that was signed, namely the removal or redaction of subdocuments. For redactable signatures, the term transparency has been used to describe a scheme that hides the number and locations of redacted sub...
متن کاملGeneralizations and Extensions of Redactable Signatures with Applications to Electronic Healthcare
Redactable signatures allow for altering signed documents, retaining the validity of the signature without interaction with the original signer. In their plain form, such schemes are designed for documents having an unspecific structure, i.e. documents are simply considered as binary strings. In this work, we generalize the concept of redactable signatures towards documents that inherently prov...
متن کاملSigner-Anonymous Designated-Verifier Redactable Signatures for Cloud-Based Data Sharing
Redactable signature schemes allow to black out predefined parts of a signed message without affecting the validity of the signature, and are therefore an important building block in privacy-enhancing cryptography. However, a second look shows, that for many practical applications, they cannot be used in their vanilla form. On the one hand, already the identity of the signer may often reveal se...
متن کاملOn the Relation between Redactable and Sanitizable Signature Schemes
Malleable signature schemes (MSS) enable a third party to alter signed data in a controlled way, maintaining a valid signature after an authorized change. Most well studied cryptographic constructions are (1) redactable signatures (RSS), and (2) sanitizable signatures (SSS). RSSs allow the removal of blocks from a signed document, while SSSs allow changing blocks to arbitrary strings. We rigoro...
متن کاملShort Redactable Signatures Using Random Trees
A redactable signature scheme for a string of objects supports verification even if multiple substrings are removed from the original string. It is important that the redacted string and its signature do not reveal anything about the content of the removed substrings. Existing schemes completely or partially leak a piece of information: the lengths of the removed substrings. Such length informa...
متن کامل