Unlinkability of sanitizable signatures

  • Authors:
  • Christina Brzuska;Marc Fischlin;Anja Lehmann;Dominique Schröder

  • Affiliations:
  • Darmstadt University of Technology, Germany;Darmstadt University of Technology, Germany;Darmstadt University of Technology, Germany;Darmstadt University of Technology, Germany

  • Venue:
  • PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
  • Year:
  • 2010

Quantified Score

Hi-index 0.00

Visualization

Abstract

Sanitizable signatures allow a designated party, called the sanitizer, to modify parts of signed data such that the immutable parts can still be verified with respect to the original signer. Ateniese et al. (ESORICS 2005) discuss five security properties for such signature schemes: unforgeability, immutability, privacy, transparency and accountability. These notions have been formalized in a recent work by Brzuska et al. (PKC 2009), discussing also the relationships among the security notions. In addition, they prove a modification of the scheme of Ateniese et al. to be secure according to these notions. Here we discuss that a sixth property of sanitizable signature schemes may be desirable: unlinkability. Basically, this property prevents that one can link sanitized message-signature pairs of the same document, thus allowing to deduce combined information about the original document. We show that this notion implies privacy, the inability to recover the original data of sanitized parts, but is not implied by any of the other five notions. We also discuss a scheme based on group signatures meeting all six security properties.