Cryptology ePrint Archive: Report 2017/445

Practical Strongly Invisible and Strongly Accountable Sanitizable Signatures

Michael Till Beck and Jan Camenisch and David Derler and Stephan Krenn and Henrich C. Pöhls and Kai Samelin and Daniel Slamanig

Abstract: Sanitizable signatures are a variant of digital signatures where a designated party (the sanitizer) can update admissible parts of a signed message. At PKC’17, Camenisch et al. introduced the notion of invisible sanitizable signatures that hides from an outsider which parts of a message are admissible. Their security definition of invisibility, however, does not consider dishonest signers. Along the same lines, their signer-accountability definition does not prevent the signer from falsely accusing the sanitizer of having issued a signature on a sanitized message by exploiting the malleability of the signature itself. Both issues may limit the usefulness of their scheme in certain applications. We revise their definitional framework, and present a new construction eliminating these shortcomings. In contrast to Camenisch et al.’s construction, ours requires only standard building blocks instead of chameleon hashes with ephemeral trapdoors. This makes this, now even stronger, primitive more attractive for practical use. We underpin the practical efficiency of our scheme by concrete benchmarks of a prototype implementation.

Category / Keywords: Public-Key Cryptography

Original Publication (with major differences): ACISP

Date: received 19 May 2017, last revised 13 Dec 2017

Contact author: ksa at zurich ibm com

Available format(s): PDF | BibTeX Citation

Note: Fixed a detail in the transparency definition and added page numbers.

Version: 20171213:114444 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]