11 results sorted by ID
Possible spell-corrected query: policy-based signature
Bicameral and Auditably Private Signatures
Khoa Nguyen, Partha Sarathi Roy, Willy Susilo, Yanhong Xu
Cryptographic protocols
This paper introduces Bicameral and Auditably Private Signatures (BAPS) -- a new privacy-preserving signature system with several novel features. In a BAPS system, given a certified attribute $\mathbf{x}$ and a certified policy $P$, a signer can issue a publicly verifiable signature $\Sigma$ on a message $m$ as long as $(m, \mathbf{x})$ satisfies $P$. A noteworthy characteristic of BAPS is that both attribute $\mathbf{x}$ and policy $P$ are kept hidden from the verifier, yet the latter is...
Traceable Policy-Based Signatures with Delegation
Ismail Afia, Riham AlTawy
Public-key cryptography
In PKC 2014, a policy-based signature (PBS) scheme was proposed by Bellare and Fuchsbauer in which a signer can only sign messages conforming to some policy specified by an issuing authority. PBS construction supports the delegation of signing policy keys with possible restrictions to the original policy. Although the PBS scheme is meant to restrict the signing privileges of the scheme’s users, singers could easily share their signing keys with others without being held accountable since PBS...
Policy-Based Redactable Signatures
Zachary A Kissel
Public-key cryptography
In this work we make progress towards solving an open problem posed by Bilzhause et. al, to give constructions of redactable signature schemes that allow the signer to limit the possible redactions performed by a third party. A separate, but related notion, called controlled disclosure allows a redactor to limit future redactions. We look at two types of data, sets and linear data (data organized as a sequence). In the case of sets, we limit redactions using a policy modeled by a monotone...
Unlinkable Policy-based Sanitizable Signatures
Ismail Afia, Riham AlTawy
Public-key cryptography
In CT-RSA 2020, P3S was proposed as the first policy-based sanitizable signature scheme which allows the signer to designate future message sanitizers by defining an access policy relative to their attributes rather than their keys. However, since P3S utilizes a policy-based chameleon hash (PCH), it does not achieve unlinkability which is a required notion in privacy-preserving applications. Moreover, P3S requires running a procedure to share the secret trapdoor information for PCH with each...
Policy-Compliant Signatures
Christian Badertscher, Christian Matt, Hendrik Waldner
We introduce policy-compliant signatures (PCS). A PCS scheme can be used in a setting where a central authority determines a global policy and distributes public and secret keys associated with sets of attributes to the users in the system. If two users, Alice and Bob, have attribute sets that jointly satisfy the global policy, Alice can use her secret key and Bob's public key to sign a message. Unforgeability ensures that a valid signature can only be produced if Alice's secret key is known...
Cross-Domain Attribute-Based Access Control Encryption
Mahdi Sedaghat, Bart Preneel
Public-key cryptography
Logic access control enforces who can read and write data; the enforcement is typically performed by a fully trusted entity. At TCC 2016, Damg\aa rd et al. proposed Access Control Encryption (ACE) schemes where a predicate function decides whether or not users can read (decrypt) and write (encrypt) data, while the message secrecy and the users' anonymity are preserved against malicious parties. Subsequently, several ACE constructions with an arbitrary identity-based access policy have been...
Policy-Based Sanitizable Signatures
Kai Samelin, Daniel Slamanig
Public-key cryptography
Sanitizable signatures are a variant of signatures which allow a single, and signer-defined, sanitizer to modify signed messages in a controlled way without invalidating the respective signature. They turned out to be a versatile primitive, proven by different variants and extensions, e.g., allowing multiple sanitizers or adding
new sanitizers one-by-one. However, existing constructions are very restricted regarding their flexibility in specifying potential sanitizers.
We propose a different...
CHARIOT: Cloud-Assisted Access Control for the Internet of Things
Clementine Gritti, Melek Onen, Refik Molva
Public-key cryptography
The Internet of Things (IoT) technology has expanded widely across the world, promising new data management opportunities for industries, companies and individuals in different sectors, such as health services or transport logistics. This trend relies on connecting devices/things to collect, exchange and store data.
The exponentially increasing number of IoT devices, their origin diversity, their limited capabilities in terms of resources, as well as the ever-increasing amount of data, raise...
An Equivalence Between Attribute-Based Signatures and Homomorphic Signatures, and New Constructions for Both
Rotem Tsabary
In Attribute-Based Signatures (ABS; first defined by Maji, Prabhakaran and Rosulek, CT-RSA 2011) an authority can generate multiple signing keys, where each key is associated with a constraint $f$. A key respective to $f$ can sign a message $x$ only if $f(x) = 0$. The security requirements are unforgeability and key privacy (signatures should not expose the specific signing key used). In Homomorphic Signatures (HS; first defined by Boneh and Freeman, PKC 2011), given a signature for a...
Operational Signature Schemes
Michael Backes, Ozgur Dagdelen, Marc Fischlin, Sebastian Gajek, Sebastian Meiser, Dominique Schröder
Functional encryption, as introduced by Boneh, Sahai, and Waters (TCC'11),
generalizes public-key encryption systems to include functional decryption
capabilities. Recently, Boyle et al. as well as Bellare and
Fuchsbauer (both PKC'14) formalized analogous notions for signature schemes. Here
we discuss that both their notions are limited in terms of expressiveness in the
sense that they cannot cast known signature schemes supporting operations on
data in their frameworks. We therefore propose...
Policy-Based Signatures
Mihir Bellare, Georg Fuchsbauer
We introduce policy-based signatures (PBS), where a signer can only sign
messages conforming to some authority-specified policy. The main
requirements are unforgeability and privacy, the latter meaning that
signatures not reveal the policy. PBS offers value along two
fronts: (1)~On the practical side, they allow a corporation to
control what messages its employees can sign under the corporate key.
(2)~On the theoretical side, they unify existing work, capturing
others forms of signatures as...
This paper introduces Bicameral and Auditably Private Signatures (BAPS) -- a new privacy-preserving signature system with several novel features. In a BAPS system, given a certified attribute $\mathbf{x}$ and a certified policy $P$, a signer can issue a publicly verifiable signature $\Sigma$ on a message $m$ as long as $(m, \mathbf{x})$ satisfies $P$. A noteworthy characteristic of BAPS is that both attribute $\mathbf{x}$ and policy $P$ are kept hidden from the verifier, yet the latter is...
In PKC 2014, a policy-based signature (PBS) scheme was proposed by Bellare and Fuchsbauer in which a signer can only sign messages conforming to some policy specified by an issuing authority. PBS construction supports the delegation of signing policy keys with possible restrictions to the original policy. Although the PBS scheme is meant to restrict the signing privileges of the scheme’s users, singers could easily share their signing keys with others without being held accountable since PBS...
In this work we make progress towards solving an open problem posed by Bilzhause et. al, to give constructions of redactable signature schemes that allow the signer to limit the possible redactions performed by a third party. A separate, but related notion, called controlled disclosure allows a redactor to limit future redactions. We look at two types of data, sets and linear data (data organized as a sequence). In the case of sets, we limit redactions using a policy modeled by a monotone...
In CT-RSA 2020, P3S was proposed as the first policy-based sanitizable signature scheme which allows the signer to designate future message sanitizers by defining an access policy relative to their attributes rather than their keys. However, since P3S utilizes a policy-based chameleon hash (PCH), it does not achieve unlinkability which is a required notion in privacy-preserving applications. Moreover, P3S requires running a procedure to share the secret trapdoor information for PCH with each...
We introduce policy-compliant signatures (PCS). A PCS scheme can be used in a setting where a central authority determines a global policy and distributes public and secret keys associated with sets of attributes to the users in the system. If two users, Alice and Bob, have attribute sets that jointly satisfy the global policy, Alice can use her secret key and Bob's public key to sign a message. Unforgeability ensures that a valid signature can only be produced if Alice's secret key is known...
Logic access control enforces who can read and write data; the enforcement is typically performed by a fully trusted entity. At TCC 2016, Damg\aa rd et al. proposed Access Control Encryption (ACE) schemes where a predicate function decides whether or not users can read (decrypt) and write (encrypt) data, while the message secrecy and the users' anonymity are preserved against malicious parties. Subsequently, several ACE constructions with an arbitrary identity-based access policy have been...
Sanitizable signatures are a variant of signatures which allow a single, and signer-defined, sanitizer to modify signed messages in a controlled way without invalidating the respective signature. They turned out to be a versatile primitive, proven by different variants and extensions, e.g., allowing multiple sanitizers or adding new sanitizers one-by-one. However, existing constructions are very restricted regarding their flexibility in specifying potential sanitizers. We propose a different...
The Internet of Things (IoT) technology has expanded widely across the world, promising new data management opportunities for industries, companies and individuals in different sectors, such as health services or transport logistics. This trend relies on connecting devices/things to collect, exchange and store data. The exponentially increasing number of IoT devices, their origin diversity, their limited capabilities in terms of resources, as well as the ever-increasing amount of data, raise...
In Attribute-Based Signatures (ABS; first defined by Maji, Prabhakaran and Rosulek, CT-RSA 2011) an authority can generate multiple signing keys, where each key is associated with a constraint $f$. A key respective to $f$ can sign a message $x$ only if $f(x) = 0$. The security requirements are unforgeability and key privacy (signatures should not expose the specific signing key used). In Homomorphic Signatures (HS; first defined by Boneh and Freeman, PKC 2011), given a signature for a...
Functional encryption, as introduced by Boneh, Sahai, and Waters (TCC'11), generalizes public-key encryption systems to include functional decryption capabilities. Recently, Boyle et al. as well as Bellare and Fuchsbauer (both PKC'14) formalized analogous notions for signature schemes. Here we discuss that both their notions are limited in terms of expressiveness in the sense that they cannot cast known signature schemes supporting operations on data in their frameworks. We therefore propose...
We introduce policy-based signatures (PBS), where a signer can only sign messages conforming to some authority-specified policy. The main requirements are unforgeability and privacy, the latter meaning that signatures not reveal the policy. PBS offers value along two fronts: (1)~On the practical side, they allow a corporation to control what messages its employees can sign under the corporate key. (2)~On the theoretical side, they unify existing work, capturing others forms of signatures as...