Paper 2016/1064

Signer-Anonymous Designated-Verifier Redactable Signatures for Cloud-Based Data Sharing

David Derler, Stephan Krenn, and Daniel Slamanig


Redactable signature schemes allow to black out predefined parts of a signed message without affecting the validity of the signature, and are therefore an important building block in privacy-enhancing cryptography. However, a second look shows, that for many practical applications, they cannot be used in their vanilla form. On the one hand, already the identity of the signer may often reveal sensitive information to the receiver of a redacted message; on the other hand, if data leaks or is sold, everyone getting hold of (redacted versions of) a signed message will be convinced of its authenticity. We overcome these issues by providing a definitional framework and practically efficient instantiations of so called signer-anonymous designated-verifier redactable signatures (AD-RS). As a byproduct we also obtain the first group redactable signatures, which may be of independent interest. AD-RS are motivated by a real world use-case in the field of health care and complement existing health information sharing platforms with additional important privacy features. Moreover, our results are not limited to the proposed application, but can also be directly applied to various other contexts such as notary authorities or e-government services.

Note: Updated Theorem 2 and Proof of Lemma 9: we strengthened the security requirement for the proof system. This greatly simplifies the security analysis and the instantiations we target satisfy this property anyway.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Major revision. CANS 2016
redactable signaturesdesignated-verifiergroup signatureskey-homomorphic signaturesdata sharingcloud computing
Contact author(s)
david derler @ iaik tugraz at
2016-11-28: revised
2016-11-15: received
See all versions
Short URL
Creative Commons Attribution


      author = {David Derler and Stephan Krenn and Daniel Slamanig},
      title = {Signer-Anonymous Designated-Verifier Redactable Signatures for Cloud-Based Data Sharing},
      howpublished = {Cryptology ePrint Archive, Paper 2016/1064},
      year = {2016},
      doi = {10.1007/978-3-319-48965-0_13},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.