Advertisement

Data Authentication with Privacy Protection

  • Jianghua Liu
  • Yang Xiang
  • Wanlei Zhou
  • Xinyi Huang
  • Jinhua Ma
Chapter

Abstract

Digital signatures, with the properties of data integrity and authenticity authentication, protect a signed message from any alteration. However, appropriate alteration of signed message should be allowed for the purposes of privacy protection in some scenarios, such as medical data sharing, outsourced databases, etc. Redactable signatures, a branch of homomorphic signatures for editing, allow any party to delete some submessage blocks from a signed message and generate a valid signature on the remaining message without any help of the original signer. This chapter provides a basic introduction on the state-of-the-art redactable signature schemes. We mainly consider the redaction control problem of redactable signature schemes in different applications. We also present three integrated solutions, which hopefully offer more insights into this crucial problem.

References

  1. 1.
    Diffie, W., & Hellman, M. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22, 644–654.MathSciNetCrossRefGoogle Scholar
  2. 2.
    Goldwasser, S., Micali, S., & Rivest, R. L. (1988). A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing, 17, 281–308.MathSciNetCrossRefGoogle Scholar
  3. 3.
    Miyazaki, K. (2003). Digital documents sanitizing problem. IEICE Technical Report, ISEC2003–20.Google Scholar
  4. 4.
    Johnson, R., Molnar, D., Song, D., & Wagner, D. (2002). Homomorphic signature schemes. In: CT-RSA (Vol. 2271, pp. 244–262). Berlin: Springer.CrossRefGoogle Scholar
  5. 5.
    Becker, G. (2008). Merkle signature schemes, merkle trees and their cryptanalysis. Ruhr-University Bochum, Technical Report.Google Scholar
  6. 6.
    Goldreich, O., & Goldwasser, S. (1986). Micali: How to construct random functions. Journal of the ACM (JACM), 33, 792–807.CrossRefGoogle Scholar
  7. 7.
    Goldreich, O., Goldwasser, S., & Micali, S. (1984). How to construct randolli functions. In 1984 25th Annual Symposium on Foundations of Computer Science (pp. 464–479). IEEE.Google Scholar
  8. 8.
    Derler, D., Hanser, C., & Slamanig, D. (2015). Revisiting cryptographic accumulators, additional properties and relations to other primitives. In CT-RSA (pp. 127–144).Google Scholar
  9. 9.
    Steinfeld, R., Bull, L., & Zheng, Y. (2001). Content extraction signatures. In International Conference on Information Security and Cryptology (pp. 285–304). Berlin: Springer.CrossRefGoogle Scholar
  10. 10.
    Wu, Z. Y., Hsueh, C. W., Tsai, C. Y., Lai, F., Lee, H. C., & Chung, Y. (2012). Redactable signatures for signed cda documents. Journal of Medical Systems, 36, 1795–1808.CrossRefGoogle Scholar
  11. 11.
    Slamanig, D., & Rass, S. (2010). Generalizations and extensions of redactable signatures with applications to electronic healthcare. In Communications and Multimedia Security (pp. 201–213). Berlin: Springer.CrossRefGoogle Scholar
  12. 12.
    Brown, J., & Blough, D. M. (2012). Verifiable and redactable medical documents. In AMIA Annual Symposium Proceedings (Vol. 2012, p. 1148). American Medical Informatics Association.Google Scholar
  13. 13.
    Bauer, D., Blough, D. M., & Mohan, A. (2009). Redactable signatures on data with dependencies and their application to personal health records. In Proceedings of the 8th ACM Workshop on Privacy in the Electronic Society (pp. 91–100). ACM.Google Scholar
  14. 14.
    Samelin, K., Pöhls, H. C., Bilzhause, A., Posegga, J., & De Meer, H. (2012). Redactable signatures for independent removal of structure and content. In International Conference on Information Security Practice and Experience (pp. 17–33). Berlin: Springer.CrossRefGoogle Scholar
  15. 15.
    Chang, E. C., Lim, C. L., & Xu, J. (2009). Short redactable signatures using random trees. In CT-RSA (Vol. 9, pp. 133-147). Berlin: Springer.CrossRefGoogle Scholar
  16. 16.
    Kundu, A., & Bertino, E. (2013). Privacy-preserving authentication of trees and graphs. International Journal of Information Security, 12, 467–494.CrossRefGoogle Scholar
  17. 17.
    Brzuska, C., Busch, H., Dagdelen, O., Fischlin, M., Franz, M., Katzenbeisser, S., Manulis, M., Onete, C., Peter, A., Poettering, B., et al. (2010). Redactable signatures for tree-structured data: definitions and constructions. In International Conference on Applied Cryptography and Network Security (pp. 87–104). Berlin: Springer.CrossRefGoogle Scholar
  18. 18.
    Hirose, S., & Kuwakado, H. (2013). Redactable signature scheme for tree-structured data based on merkle tree. In 2013 International Conference on Security and Cryptography (SECRYPT) (pp. 1–8). IEEE.Google Scholar
  19. 19.
    Miyazaki, K., Hanaoka, G., & Imai, H. (2006). Digitally signed document sanitizing scheme based on bilinear maps. In Proceedings of the 2006 ACM Symposium on Information, computer and communications security (pp. 343–354). ACM.Google Scholar
  20. 20.
    Pöhls, H. C., Samelin, K., Posegga, J., & De Meer, H. (2012). Length-hiding redactable signatures from one-way accumulators in o (n). Technical report, Technical Report MIP-1201, Faculty of Computer Science and Mathematics (FIM), University of Passau.Google Scholar
  21. 21.
    Pöhls, H. C., Samelin, K., Posegga, J., & de Meer, H. (2012). Transparent mergeable redactable signatures with signer commitment and applications. Technical report, Technical Report MIP-1206, University of Passau, 8 2012.Google Scholar
  22. 22.
    Pöhls, H. C., & Samelin, K. (2014). On updatable redactable signatures. In International Conference on Applied Cryptography and Network Security (pp. 457–475). Berlin: Springer.Google Scholar
  23. 23.
    Derler, D., Pöhls, H. C., Samelin, K., & Slamanig, D. (2015). A general framework for redactable signatures and new constructions. In International Conference on Information Security and Cryptology (pp. 3–19). Berlin: Springer.CrossRefGoogle Scholar
  24. 24.
    Pöhls, H. C., & Samelin, K. (2015). Accountable redactable signatures. In 2015 10th International Conference on Availability, Reliability and Security (ARES) (pp. 60–69). IEEE.Google Scholar
  25. 25.
    Bull, L., Squire, D. M., Newmarch, J., & Zheng, Y. (2003). Grouping verifiable content for selective disclosure. In Australasian Conference on Information Security and Privacy (pp. 1–12). Berlin: Springer.Google Scholar
  26. 26.
    Bull, L., Squire, D. M., & Zheng, Y. (2004). A hierarchical extraction policy for content extraction signatures. International Journal on Digital Libraries, 4, 208–222.CrossRefGoogle Scholar
  27. 27.
    Miyazaki, K., Iwamura, M., Matsumoto, T., Sasaki, R., Yoshiura, H., Tezuka, S., et al. (2005). Digitally signed document sanitizing scheme with disclosure condition control. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 88, 239–246.CrossRefGoogle Scholar
  28. 28.
    Ma, J., Liu, J., Wang, M., & Wu, W. (2017). An efficient and secure design of redactable signature scheme with redaction condition control. In International Conference on Green, Pervasive, and Cloud Computing (pp. 38–52). Berlin: Springer.CrossRefGoogle Scholar
  29. 29.
    Boneh, D., Gentry, C., Lynn, B., & Shacham, H. (2003). Aggregate and verifiably encrypted signatures from bilinear maps. In Eurocrypt (Vol. 2656, pp. 416–432). Berlin: Springer.Google Scholar
  30. 30.
    Haber, S., Hatano, Y., Honda, Y., Horne, W., Miyazaki, K., Sander, T., Tezoku, S., & Yao, D. (2008). Efficient signature schemes supporting redaction, pseudonymization, and data deidentification. In Proceedings of the 2008 ACM symposium on Information, Computer and Communications Security (pp. 353–362). ACM.Google Scholar
  31. 31.
    Derler, D., Krenn, S., & Slamanig, D. (2016). Signer-anonymous designated-verifier redactable signatures for cloud-based data sharing. In International Conference on Cryptology and Network Security (pp. 211–227). Berlin: Springer.CrossRefGoogle Scholar
  32. 32.
    Beimel, A. (1996). Secure schemes for secret sharing and key distribution. Technion-Israel Institute of technology, Faculty of computer science.Google Scholar
  33. 33.
    Goyal, V., Pandey, O., Sahai, A., & Waters, B. (2006). Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM Conference on Computer and Communications Security (pp. 89–98). ACM.Google Scholar
  34. 34.
    Liu, J., Huang, X., & Liu, J. K. (2015). Secure sharing of personal health records in cloud computing: ciphertext-policy attribute-based signcryption. Future Generation Computer Systems, 52, 67–76.CrossRefGoogle Scholar
  35. 35.
    Karchmer, M., & Wigderson, A. (1993). On span programs. In 1993 Proceedings of the Eighth Annual Structure in Complexity Theory Conference (pp. 102–111). IEEE.Google Scholar
  36. 36.
    Liu, J., Ma, J., Wu, W., Chen, X., Huang, X., & Xu, L. (2017). Protecting mobile health records in cloud computing: A secure, efficient, and anonymous design. ACM Transactions on Embedded Computing Systems (TECS), 16, 57.Google Scholar
  37. 37.
    Barber, S., Boyen, X., Shi, E., & Uzun, E. (2012). Bitter to betterhow to make bitcoin a better currency. In International Conference on Financial Cryptography and Data Security (pp. 399–414). Berlin: Springer.CrossRefGoogle Scholar
  38. 38.
    Shamir, A. (1979). How to share a secret. Communications of the ACM, 22, 612–613.MathSciNetCrossRefGoogle Scholar
  39. 39.
    de Meer, H., Liedel, M., Pöhls, H. C., Posegga, J., & Samelin, K. (2012). Indistinguishability of one-way accumulators. Technical report, Technical Report MIP-1210, Faculty of Computer Science and Mathematics (FIM), University of Passau.Google Scholar
  40. 40.
    Sudarsono, A., Nakanishi, T., & Funabiki, N. (2011). Efficient proofs of attributes in pairing-based anonymous credential system. In PETS (pp. 246–263). Berlin: Springer.CrossRefGoogle Scholar
  41. 41.
    Benaloh, J., & De Mare, M. (1993). One-way accumulators: A decentralized alternative to digital signatures. In Workshop on the Theory and Application of Cryptographic Techniques (pp. 274–285). Berlin: Springer.CrossRefGoogle Scholar
  42. 42.
    Barić, N., & Pfitzmann, B. (1997). Collision-free accumulators and fail-stop signature schemes without trees. In Advances in Cryptology EUROCRYPT97 (pp. 480–494). Berlin: Springer.CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  • Jianghua Liu
    • 1
  • Yang Xiang
    • 2
    • 3
  • Wanlei Zhou
    • 4
  • Xinyi Huang
    • 5
  • Jinhua Ma
    • 5
  1. 1.School of Information TechnologyDeakin UniversityBurwood, VICAustralia
  2. 2.School of Software and Electrical EngineeringSwinburne University of TechnologyHawthorn, VICAustralia
  3. 3.The State Key Laboratory of Integrated Service Networks (ISN)Xidian UniversityXi’anChina
  4. 4.School of SoftwareUniversity of Technology SydneyUltimo, NSWAustralia
  5. 5.College of Mathematics and InformaticsFujian Normal UniversityFuzhouChina

Personalised recommendations