Skip to main content
SpringerLink
Log in
Book cover

International Conference on Provable Security

ProvSec 2015: Provable Security pp 455–474Cite as

Rethinking Privacy for Extended Sanitizable Signatures and a Black-Box Construction of Strongly Private Schemes

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9451))

Abstract

Sanitizable signatures, introduced by Ateniese et al. at ESORICS’05, allow to issue a signature on a message where certain predefined message blocks may later be changed (sanitized) by some dedicated party (the sanitizer) without invalidating the original signature. With sanitizable signatures, replacements for modifiable (admissible) message blocks can be chosen arbitrarily by the sanitizer. However, in various scenarios this makes sanitizers too powerful. To reduce the sanitizers power, Klonowski and Lauks at ICISC’06 proposed (among others) an extension that enables the signer to limit the allowed modifications per admissible block to a well defined set each. At CT-RSA’10 Canard and Jambert then extended the formal model of Brzuska et al. from PKC’09 to additionally include the aforementioned and other extensions. We, however, observe that the privacy guarantees of their model do not capture privacy in the sense of the original definition of sanitizable signatures. That is, if a scheme is private in this model it is not guaranteed that the sets of allowed modifications remain concealed. To this end, we review a stronger notion of privacy, i.e., (strong) unlinkability (defined by Brzuska et al. at EuroPKI’13), in this context. While unlinkability fixes this problem, no efficient unlinkable scheme supporting the aforementioned extensions exists and it seems to be hard to construct such schemes. As a remedy, in this paper, we propose a notion stronger than privacy, but weaker than unlinkability, which captures privacy in the original sense. Moreover, it allows to easily construct efficient schemes satisfying our notion from secure existing schemes in a black-box fashion.

The authors have been supported by EU Horizon 2020 through project Prismacloud, grant agreement number 644962. An extended version of this paper is available in the IACR Cryptology ePrint Archive.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    We note that the implication of privacy by transparency [6] only holds in the proof-restricted case (cf. Sect. 3).

  2. 2.

    Such sets could be obtained and standardized by using concepts from k-anonymity [31] or t-plausibility [1] with the help of domain expert knowledge.

  3. 3.

    If \(\mathsf{AEval}\) is probabilistic, the internally used randomness is denoted as r. \(\mathsf{AEval}_r\) is used to make the randomness explicit.

  4. 4.

    Note that, even though \(\mathcal {A}\) can run \(\mathsf{AEval}\) and \(\mathsf{AWitCreate}\) itself, they are modeled as oracles to emphasize that \(\mathcal {A}\) sees arbitrary accumulators and witnesses.

  5. 5.

    While san is not required for plain sanitizable signature schemes, \(\mathsf ESSS\) additionally return san to pass auxiliary information, which is only relevant for the sanitizer.

  6. 6.

    Note, that the ability to reconstruct the set limitations for \(\sigma _b'\) obtained via \(\mathcal {O}^\mathsf{LoRSanit}\) would imply a trivial distinguisher for the unlinkability game.

  7. 7.

    In [22], a security notion called strong privacy has been introduced for plain sanitizable signatures. Our notion of strong privacy is unrelated to their notion and does not conflict with their notion as ours is only meaningful in context of \(\mathsf{ESSS}\).

  8. 8.

    For compactness, we exchange all accumulators in a single game change and note that it is straight forward to unroll the exchange of the accumulators to k simple game changes.

References

  1. Anandan, B., Clifton, C., Jiang, W., Murugesan, M., Pastrana-Camacho, P., Si, L.: \(t\)-Plausibility: generalizing words to desensitize text. Trans. Data Priv. 3, 505–534 (2012)

    MathSciNet  Google Scholar 

  2. Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Sanitizable signatures. In: di Vimercati, S.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  3. Bauer, D., Blough, D.M., Mohan, A.: Redactable signatures on data with dependencies and their application to personal health records. In: ACM WPES 2009 (2009)

    Google Scholar 

  4. Brzuska, C., Fischlin, M., Freudenreich, T., Lehmann, A., Page, M., Schelbert, J., Schröder, D., Volk, F.: Security of sanitizable signatures revisited. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 317–336. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  5. Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Santizable signatures: how to partially delegate control for authenticated data. In: BIOSIG 2009 (2009)

    Google Scholar 

  6. Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Unlinkability of sanitizable signatures. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 444–461. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  7. Brzuska, C., Pöhls, H.C., Samelin, K.: Non-interactive public accountability for sanitizable signatures. In: De Capitani di Vimercati, S., Mitchell, C. (eds.) EuroPKI 2012. LNCS, vol. 7868, pp. 178–193. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  8. Brzuska, C., Pöhls, H.C., Samelin, K.: Efficient and perfectly unlinkable sanitizable signatures without group signatures. In: Katsikas, S., Agudo, I. (eds.) EuroPKI 2013. LNCS, vol. 8341, pp. 12–30. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  9. Canard, S., Jambert, A.: On extended sanitizable signature schemes. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 179–194. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  10. Canard, S., Jambert, A., Lescuyer, R.: Sanitizable signatures with several signers and sanitizers. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 35–52. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  11. Canard, S., Laguillaumie, F., Milhau, M.: Trapdoor sanitizable signatures and their application to content protection. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 258–276. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  12. Canard, S., Lescuyer, R.: Protecting privacy by sanitizing personal data: a new approach to anonymous credentials. In: ASIA CCS 2013 (2013)

    Google Scholar 

  13. Chakaravarthy, V.T., Gupta, H., Roy, P., Mohania, M.K.: Efficient techniques for document sanitization. In: ACM CIKM 2008 (2008)

    Google Scholar 

  14. Chang, E.-C., Xu, J.: Remote integrity check with dishonest storage server. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 223–237. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  15. Chow, R., Oberst, I., Staddon, J.: Sanitization’s slippery slope: the design and study of a text revision assistant. In: SOUPS 2009. ACM (2009)

    Google Scholar 

  16. Derler, D., Hanser, C., Slamanig, D.: Revisiting cryptographic accumulators, additional properties and relations to other primitives. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 127–144. Springer, Heidelberg (2015)

    Google Scholar 

  17. Fleischhacker, N., Krupp, J., Malavolta, G., Schneider, J., Schröder, D., Simkin, M.: Efficient unlinkable sanitizable signatures from signatures with rerandomizable keys. Cryptology ePrint Archive, Report 2015/395 (2015)

    Google Scholar 

  18. Gong, J., Qian, H., Zhou, Y.: Fully-secure and practical sanitizable signatures. In: Lai, X., Yung, M., Lin, D. (eds.) Inscrypt 2010. LNCS, vol. 6584, pp. 300–317. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  19. Haber, S., Hatano, Y., Honda, Y., Horne, W.G., Miyazaki, K., Sander, T., Tezoku, S., Yao, D.: Efficient signature schemes supporting redaction, pseudonymization, and data deidentification. In: ACM Symposium on Information, Computer and Communications Security, ASIACCS 2008 (2008)

    Google Scholar 

  20. Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, p. 244. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  21. Klonowski, M., Lauks, A.: Extended sanitizable signatures. In: Rhee, M.S., Lee, B. (eds.) ICISC 2006. LNCS, vol. 4296, pp. 343–355. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  22. de Meer, H., Pöhls, H.C., Posegga, J., Samelin, K.: On the relation between redactable and sanitizable signature schemes. In: Jürjens, J., Piessens, F., Bielova, N. (eds.) ESSoS. LNCS, vol. 8364, pp. 113–130. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  23. Miyazaki, K., Iwamura, M., Matsumoto, T., Sasaki, R., Yoshiura, H., Tezuka, S., Imai, H.: Digitally signed document sanitizing scheme with disclosure condition control. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 1, 239–246 (2005)

    Article  Google Scholar 

  24. Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Redactable signatures to control the maximum noise for differential privacy in the smart grid. In: Nguyen, P.Q., Pointcheval, D. (eds.) SmartGridSec 2014. LNCS, vol. 8448, pp. 79–93. Springer, Heidelberg (2014)

    Google Scholar 

  25. Pöhls, H.C., Samelin, K.: On updatable redactable signatures. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 457–475. Springer, Heidelberg (2014)

    Google Scholar 

  26. Pöhls, H.C., Samelin, K., Posegga, J.: Sanitizable signatures in XML Signature — performance, mixing properties, and revisiting the property of transparency. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 166–182. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  27. Slamanig, D., Rass, S.: Generalizations and extensions of redactable signatures with applications to electronic healthcare. In: De Decker, B., Schaumüller-Bichl, I. (eds.) CMS 2010. LNCS, vol. 6109, pp. 201–213. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  28. Slamanig, D., Stranacher, K., Zwattendorfer, B.: User-centric identity as a service-architecture for eids with selective attribute disclosure. In: ACM SACMAT 2014 (2014)

    Google Scholar 

  29. Steinfeld, R., Bull, L., Zheng, Y.: Content extraction signatures. In: Kim, K. (ed.) ICISC 2001. LNCS, vol. 2288, p. 285. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  30. Stranacher, K., Krnjic, V., Zefferer, T.: Trust and reliability for public sector data. In: ICBG (2013)

    Google Scholar 

  31. Sweeney, L.: Achieving \(k\)-anonymity privacy protection using generalization and suppression. Int. J. Uncertainty Fuzziness Knowl. Based Syst. 10(5), 571–588 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  32. Yum, D.H., Seo, J.W., Lee, P.J.: Trapdoor sanitizable signatures made easy. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 53–68. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  33. Zwattendorfer, B., Slamanig, D.: On privacy-preserving ways to porting the austrian eID system to the public cloud. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IFIP AICT, vol. 405, pp. 300–314. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. IAIK, Graz University of Technology, Graz, Austria

    David Derler & Daniel Slamanig

Authors
  1. David Derler
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Daniel Slamanig
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to David Derler .

Editor information

Editors and Affiliations

  1. The Hong Kong Polytechnic University, Hong Kong, China

    Man-Ho Au

  2. Japan Advanced Inst. of Science and Tech, Ishikawa, Japan

    Atsuko Miyaji

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Derler, D., Slamanig, D. (2015). Rethinking Privacy for Extended Sanitizable Signatures and a Black-Box Construction of Strongly Private Schemes. In: Au, MH., Miyaji, A. (eds) Provable Security. ProvSec 2015. Lecture Notes in Computer Science(), vol 9451. Springer, Cham. https://doi.org/10.1007/978-3-319-26059-4_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-26059-4_25

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-26058-7

  • Online ISBN: 978-3-319-26059-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation