Redactable Signatures for Independent Removal of Structure and Content

  • Kai Samelin
  • Henrich C. Pöhls
  • Arne Bilzhause
  • Joachim Posegga
  • Hermann de Meer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7232)


In this paper, we present a provably secure redactable signature scheme allowing to independently redact structure and content. We identify the problems when structure is not separated from content, resulting in an attack on the scheme proposed at VLDB ’08 by Kundu and Bertino. The attack allows for changing the semantic meaning of a given tree. We introduce a rigid security model, including consecutive redaction control, to formalize the required behaviour of our scheme. Moreover, we present first performance evaluations of our implementation to demonstrate the practical use of the presented scheme.


Structural Integrity Redactable Signatures Performance XML 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Sanitizable Signatures. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  2. 2.
    Benaloh, J., De Mare, M.: One-way accumulators: A decentralized alternative to digital signatures, pp. 274–285. Springer, Heidelberg (1993)Google Scholar
  3. 3.
    Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and Verifiably Encrypted Signatures from Bilinear Maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Brzuska, C., Busch, H., Dagdelen, O., Fischlin, M., Franz, M., Katzenbeisser, S., Manulis, M., Onete, C., Peter, A., Poettering, B., Schröder, D.: Redactable Signatures for Tree-Structured Data: Definitions and Constructions. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 87–104. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  5. 5.
    Brzuska, C., Fischlin, M., Freudenreich, T., Lehmann, A., Page, M., Schelbert, J., Schröder, D., Volk, F.: Security of Sanitizable Signatures Revisited. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 317–336. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  6. 6.
    Brzuska, C., Fischlin, M., Lehmann, A., Schröder, D.: Unlinkability of Sanitizable Signatures. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 444–461. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  7. 7.
    Canard, S., Jambert, A.: On Extended Sanitizable Signature Schemes. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 179–194. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Chang, E.-C., Lim, C.L., Xu, J.: Short Redactable Signatures Using Random Trees. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 133–147. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  9. 9.
    Coron, J.-S., Naccache, D.: Boneh et al.’s k-Element Aggregate Extraction Assumption Is Equivalent to the Diffie-Hellman Assumption. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 392–397. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Haber, S., Hatano, Y., Honda, Y., Horne, W.G., Miyazaki, K., Sander, T., Tezoku, S., Yao, D.: Efficient signature schemes supporting redaction, pseudonymization, and data deidentification. In: ASIACCS, pp. 353–362 (2008)Google Scholar
  11. 11.
    Izu, T., Kunihiro, N., Ohta, K., Sano, M., Takenaka, M.: Sanitizable and Deletable Signature. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 130–144. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  12. 12.
    Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic Signature Schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  13. 13.
    Klonowski, M., Lauks, A.: Extended Sanitizable Signatures. In: Rhee, M.S., Lee, B. (eds.) ICISC 2006. LNCS, vol. 4296, pp. 343–355. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Krawczyk, H., Rabin, T.: Chameleon Hashing and Signatures. In: Symposium on Network and Distributed Systems Security, pp. 143–154 (2000)Google Scholar
  15. 15.
    Kundu, A., Bertino, E.: Structural Signatures for Tree Data Structures. In: Proc. of PVLDB 2008, New Zealand. ACM (2008)Google Scholar
  16. 16.
    Kundu, A., Bertino, E.: CERIAS Tech Report 2009-1 Leakage-Free Integrity Assurance for Tree Data Structures (2009)Google Scholar
  17. 17.
    Kundu, A., Bertino, E.: How to authenticate graphs without leaking. In: EDBT, pp. 609–620 (2010)Google Scholar
  18. 18.
    Liu, B., Lu, J., Yip, J.: XML data integrity based on concatenated hash function. International Journal of Computer Science and Information Security 1(1) (May 2009)Google Scholar
  19. 19.
    Miyazaki, K., Susaki, S., Iwamura, M., Matsumoto, T., Sasaki, R., Yoshiura, H.: Digital documents sanitizing problem. Technical Report ISEC2003-20, IEICE (2003)Google Scholar
  20. 20.
    Miyazaki, K., Hanaoka, G., Imai, H.: Digitally signed document sanitizing scheme based on bilinear maps. In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2006, pp. 343–354. ACM, New York (2006)CrossRefGoogle Scholar
  21. 21.
    Miyazaki, K., Iwamura, M., Matsumoto, T., Sasaki, R., Yoshiura, H., Tezuka, S., Imai, H.: Digitally Signed Document Sanitizing Scheme with Disclosure Condition Control. IEICE Transactions 88-A(1), 239–246 (2005)Google Scholar
  22. 22.
    Owens, L., Duffy, A., Dowling, T.: An Identity Based Encryption system. In: PPPJ, pp. 154–159 (2004)Google Scholar
  23. 23.
    Pöhls, H.C., Samelin, K., Posegga, J.: Sanitizable Signatures in XML Signature — Performance, Mixing Properties, and Revisiting the Property of Transparency. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 166–182. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  24. 24.
    Sandhu, R.S.: Lattice-Based Access Control Models. Computer 26, 9–19 (1993)CrossRefGoogle Scholar
  25. 25.
    Steinfeld, R., Bull, L., Zheng, Y.: Content Extraction Signatures. In: Kim, K.-c. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 285–304. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  26. 26.
    Wu, Z.-Y., Hsueh, C.-W., Tsai, C.-Y., Lai, F., Lee, H.-C., Chung, Y.: Redactable Signatures for Signed CDA Documents. Journal of Medical Systems, 1–14 (December 2010)Google Scholar
  27. 27.
    Zhang, F., Safavi-naini, R., Susilo, W.: ID-Based Chameleon Hashes from Bilinear Pairings. In: IACR Cryptology ePrint Archive, number 208 (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Kai Samelin
    • 1
  • Henrich C. Pöhls
    • 1
  • Arne Bilzhause
    • 1
  • Joachim Posegga
    • 1
  • Hermann de Meer
    • 1
  1. 1.Institute of IT-Security and Security-Law (ISL)University of PassauGermany

Personalised recommendations