Cryptology ePrint Archive: Report 2017/011

Chameleon-Hashes with Ephemeral Trapdoors And Applications to Invisible Sanitizable Signatures

Jan Camenisch and David Derler and Stephan Krenn and Henrich C. Pöhls and Kai Samelin and Daniel Slamanig

Abstract: A chameleon-hash function is a hash function that involves a trapdoor the knowledge of which allows one to find arbitrary collisions in the domain of the function. In this paper, we introduce the notion of chameleon-hash functions with ephemeral trapdoors. Such hash functions feature additional, i.e., ephemeral, trapdoors which are chosen by the party computing a hash value. The holder of the main trapdoor is then unable to find a second pre-image of a hash value unless also provided with the ephemeral trapdoor used to compute the hash value. We present a formal security model for this new primitive as well as provably secure instantiations. The first instantiation is a generic black-box construction from any secure chameleon-hash function. We further provide three direct constructions based on standard assumptions. Our new primitive has some appealing use-cases, including a solution to the long-standing open problem of invisible sanitizable signatures, which we also present.

Category / Keywords: public-key cryptography / chameleon-hash functions, chameleon-hash functions with ephemeral trapdoors, trapdoor commitments, sanitizable signatures, invisible sanitizable signatures

Original Publication (with major differences): IACR-PKC-2017

Date: received 9 Jan 2017, last revised 13 Dec 2017

Contact author: ksa at zurich ibm com

Available format(s): PDF | BibTeX Citation

Note: Fixed a detail in the transparency definition.

Version: 20171213:114927 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]