2014 | OriginalPaper | Chapter
On the Relation between Redactable and Sanitizable Signature Schemes
Authors : Hermann de Meer, Henrich C. Pöhls, Joachim Posegga, Kai Samelin
Published in: Engineering Secure Software and Systems
Publisher: Springer International Publishing
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
Malleable signature schemes (
$\mathcal MSS$
) enable a third party to alter signed data in a controlled way, maintaining a valid signature after an authorized change. Most well studied cryptographic constructions are (1) redactable signatures (
$\mathcal RSS$
), and (2) sanitizable signatures (
$\mathcal SSS$
).
$\mathcal RSS$
s allow the removal of blocks from a signed document, while
$\mathcal SSS$
s allow changing blocks to arbitrary strings. We rigorously prove that
$\mathcal RSS$
s are less expressive than
$\mathcal SSS$
s: no unforgeable
$\mathcal RSS$
can be transformed into an
$\mathcal SSS$
. For the opposite direction we give a black-box transformation of a single
$\mathcal SSS$
, with tightened security, into an
$\mathcal RSS$
.