Integrity and Authenticity Protection with Selective Disclosure Control in the Cloud & IoT


Integrity and Authenticity Protection with Selective Disclosure Control in the Cloud & IoT


Henrich C. Pöhls (University of Passau), Christoph Frädrich (University of Passau), Wolfgang Popp (University of Passau), Noelle Rakotondravony (University of Passau), Kai Samelin (IBM Research Zurich and Technische Universität Darmstadt)


Digitally signing data allows to verify authenticity and thus provides strong data quality assurance or forensic evidence even in the presence of an active attacker. A drawback of cryptographic standard signatures is that the signed data set can not be split in parts to selectively disclose only required parts in order to protect the confidentiality of the unneeded data parts. This can be overcome by redactable signatures schemes (RSS). They allow the reduction of information from signed data while keeping integrity and origin protection on the remaining data. In two scenarios RSS have obvious benefits: selecting entries from server logfiles while keeping evidential character and redacting private information before sharing health care data. Especially, in the health care scenario — for end-to-end protection— the RSS needs to execute the sign algorithm at the data source, here assumed to be a constrained Internet-of-Things (IoT) devices, and the verify algorithm at the data sink, here assumed to be a usual Android mobile phone. Hence, we implemented an exist- ing RSS algorithm with good functionality for the use cases on all three platforms to scrutinise its practicality. Our performance measurements show impractical runtime especially on the IoT device for a construction that was proven to be secure in the standard model. However, we provide in this paper an adjusted construction that we prove to be secure in the random oracle model, which is still secure enough for practical applications. It has a far better performance. We give detailed performance measurements and evaluate which functions have been optimized by the adjusted construction and how parallelization, especially interesting in scalable cloud environments, can speed up this algorithm.


18th International Conference on Information and Communications Security (ICICS2016)

Place and Date

Nov 29 - Dec 02, 2016, Singapore