Cryptology ePrint Archive: Report 2018/971

Chameleon-Hashes with Dual Long-Term Trapdoors and Their Applications

Stephan Krenn and Henrich C. Pöhls and Kai Samelin and Daniel Slamanig

Abstract: A chameleon-hash behaves likes a standard collision-resistant hash function for outsiders. If, however, a trapdoor is known, arbitrary collisions can be found. Chameleon-hashes with ephemeral trapdoors (CHET; Camenisch et al., PKC ’17) allow prohibiting that the holder of the long-term trapdoor can find collisions by introducing a second, ephemeral, trapdoor. However, this ephemeral trapdoor is required to be chosen freshly for each hash. We extend these ideas and introduce the notion of chameleon-hashes with dual long-term trapdoors (CHDLTT). Here, the second trapdoor is not chosen freshly for each new hash; Rather, the hashing party can decide if it wants to generate a fresh second trapdoor or use an existing one. This primitive generalizes CHETs, extends their applicability and enables some appealing new use-cases, including three-party sanitizable signatures, group-level selectively revocable signatures and break-the-glass signatures. We present two provably secure constructions and an implementation which demonstrates that this extended primitive is efficient enough for use in practice.

Category / Keywords: digital signatures, sanitizable signatures, chameleon hashing

Original Publication (with major differences): AfricaCrypt 2018

Date: received 11 Oct 2018, last revised 15 Oct 2018

Contact author: kaispapers at gmail com

Available format(s): PDF | BibTeX Citation

Note: Fixed typo in title

Version: 20181015:131936 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]