Advertisement

Chameleon-Hashes with Dual Long-Term Trapdoors and Their Applications

  • Stephan Krenn
  • Henrich C. Pöhls
  • Kai Samelin
  • Daniel Slamanig
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10831)

Abstract

A chameleon-hash behaves likes a standard collision-resistant hash function for outsiders. If, however, a trapdoor is known, arbitrary collisions can be found. Chameleon-hashes with ephemeral trapdoors (\(\mathsf {CHET}\); Camenisch et al., PKC 17) allow prohibiting that the holder of the long-term trapdoor can find collisions by introducing a second, ephemeral, trapdoor. However, this ephemeral trapdoor is required to be chosen freshly for each hash.

We extend these ideas and introduce the notion of chameleon-hashes with dual long-term trapdoors (\(\mathsf {CHDLTT}\)). Here, the second trapdoor is not chosen freshly for each new hash; Rather, the hashing party can decide if it wants to generate a fresh second trapdoor or use an existing one. This primitive generalizes \(\mathsf {CHET}\)s, extends their applicability and enables some appealing new use-cases, including three-party sanitizable signatures, group-level selectively revocable signatures and break-the-glass signatures. We present two provably secure constructions and an implementation which demonstrates that this extended primitive is efficient enough for use in practice.

References

  1. 1.
    Alsouri, S., Dagdelen, Ö., Katzenbeisser, S.: Group-based attestation: enhancing privacy and management in remote attestation. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) Trust 2010. LNCS, vol. 6101, pp. 63–77. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13869-0_5CrossRefGoogle Scholar
  2. 2.
    Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Sanitizable signatures. In: di Vimercati, S.C., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005).  https://doi.org/10.1007/11555827_10CrossRefGoogle Scholar
  3. 3.
    Ateniese, G., Magri, B., Venturi, D., Andrade, E.R.: Redactable blockchain - or - rewriting history in bitcoin and friends. In: EuroS&P, pp. 111–126 (2017)Google Scholar
  4. 4.
    Ateniese, G., de Medeiros, B.: Identity-based Chameleon hash and applications. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 164–180. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-27809-2_19CrossRefGoogle Scholar
  5. 5.
    Ateniese, G., de Medeiros, B.: On the key exposure problem in Chameleon hashes. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 165–179. Springer, Heidelberg (2005).  https://doi.org/10.1007/978-3-540-30598-9_12CrossRefGoogle Scholar
  6. 6.
    Bao, F., Deng, R.H., Ding, X., Lai, J., Zhao, Y.: Hierarchical identity-based Chameleon hash and its applications. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 201–219. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-21554-4_12CrossRefGoogle Scholar
  7. 7.
    Beck, M.T., Camenisch, J., Derler, D., Krenn, S., Pöhls, H.C., Samelin, K., Slamanig, D.: Practical strongly invisible and strongly accountable sanitizable signatures. In: Pieprzyk, J., Suriadi, S. (eds.) ACISP 2017. LNCS, vol. 10342, pp. 437–452. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-60055-0_23CrossRefGoogle Scholar
  8. 8.
    Beck, M.T., Krenn, S., Preiss, F.-S., Samelin, K.: Practical signing-right revocation. In: Franz, M., Papadimitratos, P. (eds.) Trust 2016. LNCS, vol. 9824, pp. 21–39. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-45572-3_2CrossRefGoogle Scholar
  9. 9.
    Bellare, M., Namprempre, C., Pointcheval, D., Semanko, M.: The one-more-RSA-inversion problems and the security of Chaum’s blind signature scheme. J. Cryptol. 16(3), 185–215 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Bellare, M., Ristov, T.: A characterization of Chameleon hash functions and new, efficient designs. J. Cryptol. 27(4), 799–823 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: CCS, pp. 62–73, New York, NY, USA (1993)Google Scholar
  12. 12.
    Bilzhause, A., Huber, M., Pöhls, H.C., Samelin, K.: Cryptographically enforced four-eyes principle. In: ARES, pp. 760–767 (2016)Google Scholar
  13. 13.
    Bilzhause, A., Pöhls, H.C., Samelin, K.: Position paper: The past, present, and future of sanitizable and redactable signatures. In: ARES, pp. 87:1–87:9 (2017)Google Scholar
  14. 14.
    Blazy, O., Kakvi, S.A., Kiltz, E., Pan, J.: Tightly-secure signatures from chameleon hash functions. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 256–279. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46447-2_12Google Scholar
  15. 15.
    Boneh, D., Ding, X., Tsudik, G., Wong, C.: A method for fast revocation of public key certificates and security capabilities. In: USENIX (2001)Google Scholar
  16. 16.
    Brassard, G., Chaum, D., Crépeau, C.: Minimum disclosure proofs of knowledge. J. Comput. Syst. Sci. 37(2), 156–189 (1988)MathSciNetCrossRefzbMATHGoogle Scholar
  17. 17.
    Brzuska, C., Fischlin, M., Freudenreich, T., Lehmann, A., Page, M., Schelbert, J., Schröder, D., Volk, F.: Security of sanitizable signatures revisited. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 317–336. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00468-1_18CrossRefGoogle Scholar
  18. 18.
    Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Sanitizable signatures: how to partially delegate control for authenticated data. In: BIOSIG, pp. 117–128 (2009)Google Scholar
  19. 19.
    Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Unlinkability of sanitizable signatures. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 444–461. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13013-7_26CrossRefGoogle Scholar
  20. 20.
    Brzuska, C., Pöhls, H.C., Samelin, K.: Non-interactive public accountability for sanitizable signatures. In: De Capitani di Vimercati, S., Mitchell, C. (eds.) EuroPKI 2012. LNCS, vol. 7868, pp. 178–193. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40012-4_12CrossRefGoogle Scholar
  21. 21.
    Brzuska, C., Pöhls, H.C., Samelin, K.: Efficient and perfectly unlinkable sanitizable signatures without group signatures. In: Katsikas, S., Agudo, I. (eds.) EuroPKI 2013. LNCS, vol. 8341, pp. 12–30. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-53997-8_2CrossRefGoogle Scholar
  22. 22.
    Camenisch, J., Derler, D., Krenn, S., Pöhls, H.C., Samelin, K., Slamanig, D.: Chameleon-hashes with ephemeral trapdoors. In: Fehr, S. (ed.) PKC 2017. LNCS, vol. 10175, pp. 152–182. Springer, Heidelberg (2017).  https://doi.org/10.1007/978-3-662-54388-7_6CrossRefGoogle Scholar
  23. 23.
    Camenisch, J., Lehmann, A., Neven, G., Samelin, K.: Virtual smart cards: how to sign with a password and a server. In: Zikas, V., De Prisco, R. (eds.) SCN 2016. LNCS, vol. 9841, pp. 353–371. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-44618-9_19Google Scholar
  24. 24.
    Canard, S., Jambert, A.: On extended sanitizable signature schemes. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 179–194. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-11925-5_13CrossRefGoogle Scholar
  25. 25.
    Canard, S., Jambert, A., Lescuyer, R.: Sanitizable signatures with several signers and sanitizers. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 35–52. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-31410-0_3CrossRefGoogle Scholar
  26. 26.
    Chen, X., Tian, H., Zhang, F., Ding, Y.: Comments and improvements on key-exposure free chameleon hashing based on factoring. In: Lai, X., Yung, M., Lin, D. (eds.) Inscrypt 2010. LNCS, vol. 6584, pp. 415–426. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-21518-6_29CrossRefGoogle Scholar
  27. 27.
    Chen, X., Zhang, F., Kim, K.: Chameleon hashing without key exposure. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 87–98. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-30144-8_8CrossRefGoogle Scholar
  28. 28.
    Chen, X., Zhang, F., Susilo, W., Mu, Y.: Efficient generic on-line/off-line signatures without key exposure. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 18–30. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-72738-5_2CrossRefGoogle Scholar
  29. 29.
    Chen, X., Zhang, F., Susilo, W., Tian, H., Li, J., Kim, K.: Identity-based Chameleon hash scheme without key exposure. In: Steinfeld, R., Hawkes, P. (eds.) ACISP 2010. LNCS, vol. 6168, pp. 200–215. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14081-5_13CrossRefGoogle Scholar
  30. 30.
    Damgård, I., Haagh, H., Orlandi, C.: Access control encryption: enforcing information flow with cryptography. In: Hirt, M., Smith, A. (eds.) TCC 2016. LNCS, vol. 9986, pp. 547–576. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53644-5_21CrossRefGoogle Scholar
  31. 31.
    Demirel, D., Derler, D., Hanser, C., Pöhls, H.C., Slamanig, D., Traverso, G.: PRISMACLOUD D4.4: overview of functional and malleable signature schemes. Technical report, H2020 Prismacloud (2015). www.prismacloud.eu
  32. 32.
    Derler, D., Slamanig, D.: Rethinking privacy for extended sanitizable signatures and a black-box construction of strongly private schemes. In: Au, M.-H., Miyaji, A. (eds.) ProvSec 2015. LNCS, vol. 9451, pp. 455–474. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-26059-4_25Google Scholar
  33. 33.
    Even, S., Goldreich, O., Micali, S.: On-line/off-line digital signatures. J. Cryptol. 9(1), 35–67 (1996)MathSciNetCrossRefzbMATHGoogle Scholar
  34. 34.
    Fehr, V., Fischlin, M.: Sanitizable signcryption: sanitization over encrypted data (full version). IACR Cryptology ePrint Archive, Report 2015/765 (2015)Google Scholar
  35. 35.
    Ferreira, A., Cruz-Correia, R., Antunes, L., Farinha, P., Oliveira-Palhares, E., Chadwick, D.W., Costa-Pereira, A.: How to break access control in a controlled manner. In: 19th IEEE Symposium on Computer-Based Medical Systems (CBMS 2006), pp. 847–854 (2006)Google Scholar
  36. 36.
    Fleischhacker, N., Krupp, J., Malavolta, G., Schneider, J., Schröder, D., Simkin, M.: Efficient unlinkable sanitizable signatures from signatures with re-randomizable keys. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 301–330. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49384-7_12CrossRefGoogle Scholar
  37. 37.
    Frädrich, C., Pöhls, H.C., Popp, W., Rakotondravony, N., Samelin, K.: Integrity and authenticity protection with selective disclosure control in the cloud & IoT. In: Lam, K.Y., Chi, C.H., Qing, S. (eds.) ICICS. LNCS, pp. 197–213. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-50011-9_16Google Scholar
  38. 38.
    Gao, W., Li, F., Wang, X.: Chameleon hash without key exposure based on Schnorr signature. Comput. Stand. Interfaces 31(2), 282–285 (2009)CrossRefGoogle Scholar
  39. 39.
    Gao, W., Wang, X., Xie, D.: Chameleon hashes without key exposure based on factoring. J. Comput. Sci. Technol. 22(1), 109–113 (2007)CrossRefGoogle Scholar
  40. 40.
    Gong, J., Qian, H., Zhou, Y.: Fully-secure and practical sanitizable signatures. In: Lai, X., Yung, M., Lin, D. (eds.) Inscrypt 2010. LNCS, vol. 6584, pp. 300–317. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-21518-6_21CrossRefGoogle Scholar
  41. 41.
    Hanser, C., Slamanig, D.: Blank digital signatures. In: ASIACCS (2013)Google Scholar
  42. 42.
    Hanzlik, L., Kutyłowski, M., Yung, M.: Hard invalidation of electronic signatures. In: Lopez, J., Wu, Y. (eds.) ISPEC 2015. LNCS, vol. 9065, pp. 421–436. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-17533-1_29CrossRefGoogle Scholar
  43. 43.
    Hohenberger, S., Waters, B.: Short and stateless signatures from the RSA assumption. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 654–670. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03356-8_38CrossRefGoogle Scholar
  44. 44.
    Höhne, F., Pöhls, H.C., Samelin, K.: Rechtsfolgen editierbarer signaturen. Datenschutz Datensicherheit 36(7), 485–491 (2012)CrossRefGoogle Scholar
  45. 45.
    Klonowski, M., Lauks, A.: Extended sanitizable signatures. In: Rhee, M.S., Lee, B. (eds.) ICISC 2006. LNCS, vol. 4296, pp. 343–355. Springer, Heidelberg (2006).  https://doi.org/10.1007/11927587_28CrossRefGoogle Scholar
  46. 46.
    Krawczyk, H., Rabin, T.: Chameleon hashing and signatures. In: NDSS (2000)Google Scholar
  47. 47.
    Krenn, S., Samelin, K., Sommer, D.: Stronger security for sanitizable signatures. In: Garcia-Alfaro, J., Navarro-Arribas, G., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM/QASA -2015. LNCS, vol. 9481, pp. 100–117. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-29883-2_7CrossRefGoogle Scholar
  48. 48.
    Lai, R.W.F., Zhang, T., Chow, S.S.M., Schröder, D.: Efficient sanitizable signatures without random oracles. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9878, pp. 363–380. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-45744-4_18CrossRefGoogle Scholar
  49. 49.
    de Meer, H., Pöhls, H.C., Posegga, J., Samelin, K.: On the relation between redactable and sanitizable signature schemes. In: Jürjens, J., Piessens, F., Bielova, N. (eds.) ESSoS 2014. LNCS, vol. 8364, pp. 113–130. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-04897-0_8CrossRefGoogle Scholar
  50. 50.
    Mohassel, P.: One-time signatures and Chameleon hash functions. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 302–319. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19574-7_21CrossRefGoogle Scholar
  51. 51.
    Pöhls, H.C.: Contingency revisited: secure construction and legal implications of verifiably weak integrity. In: Fernández-Gago, C., Martinelli, F., Pearson, S., Agudo, I. (eds.) IFIPTM 2013. IAICT, vol. 401, pp. 136–150. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38323-6_10CrossRefGoogle Scholar
  52. 52.
    Pöhls, H.C., Peters, S., Samelin, K., Posegga, J., de Meer, H.: Malleable signatures for resource constrained platforms. In: Cavallaro, L., Gollmann, D. (eds.) WISTP 2013. LNCS, vol. 7886, pp. 18–33. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38530-8_2CrossRefGoogle Scholar
  53. 53.
    Pöhls, H.C., Samelin, K.: Accountable redactable signatures. In: ARES (2015)Google Scholar
  54. 54.
    Pöhls, H.C., Samelin, K., Posegga, J.: Sanitizable signatures in XML signature — performance, mixing properties, and revisiting the property of transparency. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 166–182. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-21554-4_10CrossRefGoogle Scholar
  55. 55.
    Ren, Q., Mu, Y., Susilo, W.: Mitigating Phishing by a new ID-based Chameleon hash without key exposure. In: AusCERT, pp. 1–13 (2007)Google Scholar
  56. 56.
    Shamir, A., Tauman, Y.: Improved online/offline signature schemes. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 355–367. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44647-8_21CrossRefGoogle Scholar
  57. 57.
    Zhang, F., Safavi-naini, R., Susilo, W.: Id-based chameleon hashes from bilinear pairings. IACR Cryptol. ePrint Archive 2003, 208 (2003)Google Scholar
  58. 58.
    Zhang, R.: Tweaking TBE/IBE to PKE transforms with Chameleon hash functions. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 323–339. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-72738-5_21CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Stephan Krenn
    • 1
  • Henrich C. Pöhls
    • 2
  • Kai Samelin
    • 3
  • Daniel Slamanig
    • 1
  1. 1.AIT Austrian Institute of Technology GmbHViennaAustria
  2. 2.ISL & Chair of IT-SecurityUniversity of PassauPassauGermany
  3. 3.TU DarmstadtDarmstadtGermany

Personalised recommendations