Unlinkable and Strongly Accountable Sanitizable Signatures from Verifiable Ring Signatures

An Unlinkable Sanitizable Signature scheme (USS) allows a sanitizer to modify some parts of a signed message such that nobody can link the modified signature to the original one. A Verifiable Ring Signature scheme (VRS) allows the users to sign messages anonymously within a group such that a user can prove a posteriori to a verifier that he is the signer of a given message. In this paper, we first revisit the notion of VRS: we improve the proof capabilities of the users, we give a complete security model for VRS and we give an efficient and secure scheme called EVeR. Our main contribution is GUSS, a generic USS based on a VRS scheme and an unforgeable signature scheme. We show that GUSS instanciated with EVeR and the Schnorr’s signature is twice as efficient as the best USS scheme of the literature. Moreover, we propose a stronger definition of accountability: an USS is accountable when the signer can prove whether a signature is sanitized. We formally define the notion of strong accontability when the sanitizer can also prove the origin of a signature. We show that the notion of strong accountability is important in practice. Finally, we prove the security properties of GUSS (including the strong accountability) and EVeR under the Decisional Diffie-Hellman assumption in the random oracle model.