Efficient Redactable Signature and Application to Anonymous Credentials

Sanders, Olivier

doi:10.1007/978-3-030-45388-6_22

Cited by 49 publications

(36 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…1. Our redactable signature scheme is a better solution for the "storing redactable signature problem" than other redactable signatures schemes with compactness [4,43] in that our scheme does not use the GGM or ROM. The redactable signature scheme by Camenisch et al instantiated by the partial randomizable SPS by Abe et al [1] relies on three q-type assumption.…”

Section: Our Resultsmentioning

confidence: 99%

“…As far as we know, redactable signature schemes in [4,12,43] satisfy compactness. However, these schemes have drawbacks.…”

Section: Motivationmentioning

confidence: 99%

“…The redactable signature scheme by Ahn, Boneh, Camenisch, Hohenberger, Shelat, and Waters [4] 3 uses the random oracle model (ROM) [7]. The redactable signature scheme by Sanders [43], its security is guaranteed in the generic group model (GGM) [44]. It is desirable to solve the "storing redactable signature problem" without the GGM or ROM.…”

Section: Motivationmentioning

confidence: 99%

“…They used an unlinkable redactable signature scheme to construct an anonymous credential scheme [14]. Later, Sanders [43] also constructed an unlinkable redactable signature scheme to obtain an efficient anonymous credential scheme.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Redactable Signature with Compactness from Set-Commitment

Tezuka¹,

Tanaka²

2022

Preprint

View full text Add to dashboard Cite

Redactable signature allows anyone to remove parts of a signed message without invalidating the signature. The need to prove the validity of digital documents issued by governments is increasing. When governments disclose documents, they must remove private information concerning individuals. Redactable signature is useful for such a situation. However, in most redactable signature schemes, to remove parts of the signed message, we need pieces of information for each part we want to remove. If a signed message consists of ℓ elements, the number of elements in an original signature is at least linear in ℓ.As far as we know, in some redactable signature schemes, the number of elements in an original signature is constant, regardless of the number of elements in a message to be signed. However, these constructions have drawbacks in that the use of the random oracle model or generic group model. In this paper, we construct an efficient redactable signature to overcome these drawbacks. Our redactable signature is obtained by combining set-commitment proposed in the recent work by Fuchsbauer et al. (JoC 2019) and digital signatures.

show abstract

Section: Our Resultsmentioning

confidence: 99%

“…As far as we know, redactable signature schemes in [4,12,43] satisfy compactness. However, these schemes have drawbacks.…”

Section: Motivationmentioning

confidence: 99%

Section: Motivationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Redactable Signature with Compactness from Set-Commitment

Tezuka¹,

Tanaka²

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Specifically, the constructions in [11,13,24,30] are based on RSA algorithms, and their security depends on the complexity of large number decomposition. The security of those designs using pairing in [10,12,15,22,23,28,31] depends on the complexity of DLP. However, all schemes suffer from potential security threats brought by the quantum information technologies.…”

Section: Related Workmentioning

confidence: 99%

Ring Trapdoor Redactable Signatures from Lattice

Yang

Huang

Zheng

et al. 2021

Information Security Practice and Experience

View full text Add to dashboard Cite

Redactable signature plays a significant role in real-life applications such as electronic health records, and has been studied extensively. Nevertheless, how to construct a redactable signature scheme with designated redactors is still unknown. In this paper, we affirmatively answer this problem by presenting a notion of ring trapdoor redactable signature (RTRS). RTRS is a variant of redactable signature where the redactors are specified. We first introduce the concept of ring trapdoor preimage sampleable functions (RPSFs), which inherits the merit of preimage sampleable functions and ring trapdoor functions, and then show an instantiation of RPSFs under the assumption of inhomogeneous small integer solution problem. We then present two concrete constructions of RTRS (a simplified version and a full version) from a family of RPSFs and a common signature scheme. It is proved that the unforgeability, privacy and restriction of proposed schemes relies on the security of underlying common signature schemes and ring one-way property of the RPSFs. Besides, we also prove that our schemes satisfy the indistinguishability.

show abstract

Advanced Signatures

Sanders

2022

Asymmetric Cryptography

View full text Add to dashboard Cite

Efficient Redactable Signature and Application to Anonymous Credentials

Cited by 49 publications

References 23 publications

Redactable Signature with Compactness from Set-Commitment

Redactable Signature with Compactness from Set-Commitment

Ring Trapdoor Redactable Signatures from Lattice

Advanced Signatures

Contact Info

Product

Resources

About