### Efficient Transparent Redactable Signatures with a Single Signature Invocation

Stuart Haber, William Horne, and Miaomiao Zhang

##### Abstract

A redactable signature scheme is one that allows the original signature to be used, usually along with some additional data, to verify certain carefully specified changes to the original document that was signed, namely the removal or redaction of subdocuments. For redactable signatures, the term "transparency" has been used to describe a scheme that hides the number and locations of redacted subdocuments. We present here two efficient transparent redactable signature schemes, which are the first such schemes in the literature that are based solely on tools of symmetric cryptography, along with a single application of an ordinary digital signature. As with several previous schemes for redactable signatures, we sign a sequence of randomized commitments that depend on the contents of the subdocuments of the document to be signed. In order to hide their number and location, we randomize their order, and mix them with a sequence of "dummy nodes" that are indistinguishable from commitment values. Our first scheme uses a data structure of size quadratic in the number of subdocuments, encoding all the precedence relations between pairs of subdocuments. By embedding these precedence relations in a smaller family of graphs, our second scheme is more efficient, with expected cost linear in the number of subdocuments in the document to be signed. We introduce a quantified version of the transparency property, precisely describing the uncertainty about the number of redacted subdocuments that is guaranteed by the two schemes. We prove that our schemes are secure, i.e. unforgeable, private, and transparent, based on the security of collision-free hash functions, pseudorandom generators, and digital signature schemes. While providing such strong security, our scheme is also efficient, in terms of both computation and communication.

Available format(s)
Publication info
Preprint. MINOR revision.
Keywords
transparent redactable signaturesdigital signaturescombinatorial cryptography
Contact author(s)
stuart haber @ acm org
History
Short URL
https://ia.cr/2016/1165

CC BY

BibTeX

@misc{cryptoeprint:2016/1165,
author = {Stuart Haber and William Horne and Miaomiao Zhang},
title = {Efficient Transparent Redactable Signatures with a Single Signature Invocation},
howpublished = {Cryptology ePrint Archive, Paper 2016/1165},
year = {2016},
note = {\url{https://eprint.iacr.org/2016/1165}},
url = {https://eprint.iacr.org/2016/1165}
}
`
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.