Cryptology ePrint Archive: Report 2018/337

Invisible Sanitizable Signatures and Public-Key Encryption are Equivalent

Marc Fischlin and Patrick Harasser

Abstract: Sanitizable signature schemes are signature schemes which support the delegation of modification rights. The signer can allow a sanitizer to perform a set of admissible operations on the original message and then to update the signature, in such a way that basic security properties like unforgeability or accountability are preserved. Recently, Camenisch et al. (PKC 2017) devised new schemes with the previously unattained invisibility property. This property says that the set of admissible operations for the sanitizer remains hidden from outsiders. Subsequently, Beck et al. (ACISP 2017) gave an even stronger version of this notion and constructions achieving it. Here we characterize the invisibility property in both forms by showing that invisible sanitizable signatures are equivalent to IND-CPA-secure encryption schemes, and strongly invisible signatures are equivalent to IND-CCA2-secure encryption schemes. The equivalence is established by proving that invisible (resp. strongly invisible) sanitizable signature schemes yield IND-CPA-secure (resp. IND-CCA2-secure) public-key encryption schemes and that, vice versa, we can build (strongly) invisible sanitizable signatures given a corresponding public-key encryption scheme.

Category / Keywords: public-key cryptography / Sanitizable signatures; Invisibility; Public-key encryption; One-way functions; Digital signatures

Original Publication (with major differences): The 16th International Conference on Applied Cryptography and Network Security -- ACNS 2018

Date: received 11 Apr 2018, last revised 11 Apr 2018

Contact author: patrick harasser at cryptoplexity de

Available format(s): PDF | BibTeX Citation

Version: 20180411:202736 (All versions of this report)

Short URL: ia.cr/2018/337


[ Cryptology ePrint archive ]