Unlinkability of sanitizable signatures

Authored book
(Volume of book series)

Publication Details

Author(s): Brzuska C, Fischlin M, Lehmann A, Schröder D
Publication year: 2010
Title of series: Public Key Cryptography - PKC 2010
Pages range: 444-461
ISBN: 9783642130120
Language: English


Sanitizable signatures allow a designated party, called the sanitizer, to modify parts of signed data such that the immutable parts can still be verified with respect to the original signer. Ateniese et al. (ESORICS 2005) discuss five security properties for such signature schemes: unforgeability, immutability, privacy, transparency and accountability. These notions have been formalized in a recent work by Brzuska et al. (PKC 2009), discussing also the relationships among the security notions. In addition, they prove a modification of the scheme of Ateniese et al. to be secure according to these notions. Here we discuss that a sixth property of sanitizable signature schemes may be desirable: unlinkability. Basically, this property prevents that one can link sanitized message-signature pairs of the same document, thus allowing to deduce combined information about the original document. We show that this notion implies privacy, the inability to recover the original data of sanitized parts, but is not implied by any of the other five notions. We also discuss a scheme based on group signatures meeting all six security properties. © 2010 Springer-Verlag Berlin Heidelberg.

FAU Authors / FAU Editors

Schröder, Dominique Prof. Dr.
Lehrstuhl für Informatik 13 (Angewandte Kryptographie)

How to cite

Brzuska, C., Fischlin, M., Lehmann, A., & Schröder, D. (2010). Unlinkability of sanitizable signatures.

Brzuska, Chris, et al. Unlinkability of sanitizable signatures. 2010.


Last updated on 2018-16-12 at 13:50

Share link