Rethinking Privacy for Extended Sanitizable Signatures and a Black-Box Construction for Strongly Private Schemes

Authors

David Derler (IAIK, Graz University of Technology) and Daniel Slamanig (IAIK, Graz University of Technology)

Abstract

Sanitizable signatures, introduced by Ateniese et al. at ESORICS'05, allow to issue a signature on a message where certain predefined message blocks may later be changed (sanitized) by some dedicated party (the sanitizer) without invalidating the original signature. With sanitizable signatures, replacements for modifiable (admissible) message blocks can be chosen arbitrarily by the sanitizer. However, in various scenarios this makes sanitizers too powerful. To reduce the sanitizers power, Klonowski and Lauks at ICISC'06 proposed (among others) an extension that enables the signer to limit the allowed modifications per admissible block to a well defined set each. At CT-RSA'10 Canard and Jambert then extended the formal model of Brzuska et al. from PKC'09 to additionally include the aforementioned and other extensions. We, however, observe that the privacy guarantees of their model do not capture privacy in the sense of the original definition of sanitizable signatures. That is, if a scheme is private in this model it is not guaranteed that the sets of allowed modifications remain concealed. To this end, we review a stronger notion of privacy, i.e., (strong) unlinkability (defined by Brzuska et al. at EuroPKI'13), in this context. While unlinkability fixes the aforementioned issue, no efficient unlinkable scheme supporting the aforementioned extensions exists and it seems to be hard to construct such schemes. As a remedy, in this paper, we propose a notion stronger than privacy, but weaker than unlinkability, which captures privacy in the original sense. Moreover, it allows to easily construct efficient schemes satisfying our notion from secure existing schemes in a black-box fashion.

Venue

9th International Conference on Provable Security (ProvSec 2015) (https://security-lab.jaist.ac.jp/provsec2015/)

Place and Date

Kanazawa, Japan, November 24th - 26th, 2015

Publication Reference

David Derler and Daniel Slamanig. "Rethinking Privacy for Extended Sanitizable Signatures and a Black-Box Construction for Strongly Private Schemes". In Provable Security - 9th International Conference, ProvSec 2015. Kanazawa, Japan, November 24-26, 2015.

Bibtex

@inproceedings{ds15,
   Author    = {David Derler and Daniel Slamanig},
   Title     = {{Rethinking Privacy for Extended Sanitizable Signatures and a Black-Box Construction for Strongly Private Schemes}},
   Booktitle = {Provable Security - 9th International Conference, ProvSec 2015, Kanazawa, Japan, November 24-26, 2015},   
   Year      = {2015}, 
   Publisher = {Springer}
}