D5.9 Analysis of malleable signatures for defining allowed modification and providing verifiable means of conformant processing
UNI PASSAU, TUGRAZ
PRISMACLOUD aims at bringing novel cryptographic concepts and methods to practical application to improve the security and privacy of cloud based services and make them usable for providers and users.
The purpose of this deliverable is to present the nal version of the FLEXAUTH tool including the architecture and the design of the tool, starting from terms and denitions, over design paradigms and component model, to the static software architecture. This tool provides means for exible authentication protocols with selective disclosure and is based on variants of malleable signature schemes , i.e., redactable signature schemes (RSS) as well as group signature schemes (GSS). When verifying a signature with one of the cryptographic schemes available through the FLEXAUTH tool, one veries (directly or indirectly) whether a certain piece of data is conformant to a certain policy. The special purpose signatures inside FLEXAUTH thus allow to verify the conformance with different types of policies with different expressiveness. While the aforementioned aspects represent a final iteration of content already present in Deliverable D5.6., we additionally present research regarding the application of the FLEXAUTH tool beyond the application in the e-Health and Smart City use-cases within PRISMACLOUD.
Download the full version [PDF]