Advertisement

FABSS: Attribute-Based Sanitizable Signature for Flexible Access Structure

  • Ruo Mo
  • Jianfeng Ma
  • Ximeng Liu
  • Qi Li
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10631)

Abstract

In the Electronic Health Record (EHR) system, digital signature is utilized to prevent the medical data from being tampered. However, users update their medical data frequently and have to sign these medical data from scratch after updating. Besides, traditional signature attests the identity of the individual signing the records, which leads to vast computation cost and the privacy leakage. In this paper, we obfuscate users identity information with attribute sets and introduce a semi-trusted participant–sanitizer to propose the Flexible Attribute-Based Sanitizable Signature (FABSS) scheme. We prove that our scheme is unforgeable under generic group model. Through comparison, the FABSS scheme not only reduces the users computation overhead, but also supports flexible access structures to implement expressively fine-grained access control.

Keywords

Flexible attribute-based access control Sanitizable signature Unforgeability Anonymity Information privacy 

Notes

Acknowledgement

This work is supported by the National High Technology Research and Development Program (863 Program) (No. 2015AA016007, No. 2015AA017203), the Key Program of NSFC Grant (No. U1405255, No. U1135002), the National Natural Science Foundation of China (No. 61502248) and the NUPTSF (No. 215008). The authors would like to thank the editors and the anonymous reviewers for their constructive comments that would help us to improve this paper.

References

  1. 1.
    Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Sanitizable signatures. In: di Vimercati, S.C., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005).  https://doi.org/10.1007/11555827_10CrossRefGoogle Scholar
  2. 2.
    Brzuska, C., Fischlin, M., Freudenreich, T., Lehmann, A., Page, M., Schelbert, J., Schröder, D., Volk, F.: Security of sanitizable signatures revisited. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 317–336. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00468-1_18CrossRefGoogle Scholar
  3. 3.
    Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Unlinkability of sanitizable signatures. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 444–461. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13013-7_26CrossRefGoogle Scholar
  4. 4.
    Canard, S., Laguillaumie, F., Milhau, M.: Trapdoor sanitizable signatures and their application to content protection. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 258–276. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-68914-0_16CrossRefzbMATHGoogle Scholar
  5. 5.
    Lai, J., Ding, X., Wu, Y.: Accountable trapdoor sanitizable signatures. In: Deng, R.H., Feng, T. (eds.) ISPEC 2013. LNCS, vol. 7863, pp. 117–131. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38033-4_9CrossRefGoogle Scholar
  6. 6.
    Miyazaki, K., Hanaoka, G., Imai, H.: Digitally signed document sanitizing scheme based on bilinear maps. In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 343–354 (2006)Google Scholar
  7. 7.
    Yuen, T.H., Susilo, W., Liu, J.K., Mu, Y.: Sanitizable signatures revisited. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 80–97. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-89641-8_6CrossRefGoogle Scholar
  8. 8.
    Agrawal, S., Kumar, S., Shareef, A., Rangan, C.P.: Sanitizable signatures with strong transparency in the standard model. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 93–107. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-16342-5_7CrossRefGoogle Scholar
  9. 9.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of 13th ACM Conference on Computer and Communications Security, pp. 89–98 (2006)Google Scholar
  10. 10.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 321–334 (2007)Google Scholar
  11. 11.
    Maji, H.K., Prabhakaran, M., Rosulek, M.: Attribute-based signatures. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 376–392. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19074-2_24CrossRefGoogle Scholar
  12. 12.
    Li, J., Au, M.H., Susilo, W., Xie, D., Ren, K.: Attribute-based signature and its applications. In: Proceedings of 5th ACM Symposium on Information, Computer and Communications Security, pp. 60–69 (2010)Google Scholar
  13. 13.
    Okamoto, T., Takashima, K.: Efficient attribute-based signatures for non-monotone predicates in the standard model. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 35–52. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19379-8_3CrossRefGoogle Scholar
  14. 14.
    Su, J., Cao, D., Zhao, B., Wang, X., You, I.: ePASS: an expressive attribute-based signature scheme with privacy and an unforgeability guarantee for the internet of things. Future Gener. Comput. Syst. 33, 11–18 (2014)CrossRefGoogle Scholar
  15. 15.
    Rao, Y.S., Dutta, R.: Efficient attribute-based signature and signcryption realizing expressive access structures. Int. J. Inf. Secur. 15, 81–109 (2016)CrossRefGoogle Scholar
  16. 16.
    Li, J., Chen, X., Huang, X.: New attribute-based authentication and its application in anonymous cloud access service. Int. J. Web Grid Serv. 11, 125–141 (2015)CrossRefGoogle Scholar
  17. 17.
    Liu, X., Ma, J., Xiong, J., Ma, J., Li, Q.: Attribute based sanitizable signature scheme. J. Commun. 34, 148–155 (2013)Google Scholar
  18. 18.
    Xu, L., Zhang, X., Wu, X., Shi, W.: ABSS: an attribute-based sanitizable signature for integrity of outsourced database with public cloud. In: Proceedings of 5th ACM Conference on Data and Application Security and Privacy, pp. 167–169 (2015)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Xidian UniversityXi’anChina
  2. 2.Singapore Management UniversitySingaporeSingapore
  3. 3.Nanjing University of Posts and TelecommunicationsNanjingChina

Personalised recommendations