MIP-1208

Paper Description

BibTeX entry

@incollection{MIP-1208,
author={K. Samelin, H. Poehls, J. Posegga, H. de Meer},
title={{Redactable vs. Sanitizable Signatures}},
institution={{Fakult{\"a}t f{\"u}r Informatik und Mathematik, Universit{\"a}t Passau}},
year={2012},
number={MIP-1208}
}

Abstract

Malleable signature schemes allow altering signed data in a controlled way while keeping the signature verifiable trusting the signer’s key. Several constructions exists. They can be grouped in two different categories: (1) redactable signatures (RSS) and (2) sanitizable signa-
tures (SSS). Redactable signatures allow for removing blocks of a signed document, while sanitizable signatures offer the possibility to change the admissible blocks to arbitrary strings. This paper shows that sanitizable signatures with a strenghted security definition can be transformed into redactable signatures with a weakened privacy definition. The transfor-
mation from an RSS into an SSS is not possible, even if we assume accountability for redactable signatures. In particular, no unforgeable redactable signature scheme can be transformed into a sanitizable signature scheme. This work provides the first rigorous proof that redactable and sanitizable signatures are two different concepts.

Paper itself

MIP-1208.pdf