Sanitizable signatures in XML signature: performance, mixing properties, and revisiting the property of transparency

Authors:
Henrich C. Pöhls;Kai Samelin;Joachim Posegga
Affiliations:
Chair of IT Security, University of Passau, Germany;Chair of IT Security, University of Passau, Germany;Chair of IT Security, University of Passau, Germany
Venue:
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Year:
2011

Citing 10
Cited 3

Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
The complexity of XPath query evaluation

Proceedings of the twenty-second ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Structural signatures for tree data structures

Proceedings of the VLDB Endowment
Security of Sanitizable Signatures Revisited

Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection

ICWS '09 Proceedings of the 2009 IEEE International Conference on Web Services
Redactable signatures for tree-structured data: definitions and constructions

ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
On the key exposure problem in chameleon hashes

SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Sanitizable signatures

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Extended sanitizable signatures

ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Redactable Signatures for Signed CDA Documents

Journal of Medical Systems

Redactable signatures for independent removal of structure and content

ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
The role of data integrity in EU digital signature legislation -- achieving statutory trust for sanitizable signature schemes

STM'11 Proceedings of the 7th international conference on Security and Trust Management
On structural signatures for tree data structures

ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present the performance measures of our Java Cryptography Architecture (JCA) implementation that integrates sanitizable signature schemes into the XML Signature Specification. Our implementation shows mostly negligible performance impacts when using the Ateniese scheme with four different chameleon hashes and the Miyazaki scheme in XML Signatures. Thus, sanitizable signatures can be added to the XML Security Toolbox. Applying the new tools we show how to combine different hash algorithms over different document parts adding and removing certain properties of the sanitizable signature scheme; this mixing comes very natural in XML Signatures. Finally, we motivate that existing definitions for the property of Transparency are counterintuitive in these combinations. Our conclusion is that the document-level Transparency property is independent of the sub-document properties Weak and Strong Transparency.