可修订数字签名研究综述

Survey on Redactable Signatures

数据的安全问题已成为关系国家经济、政治、国防、文化安全的重大问题.数字签名可验证数据内容的完整性和数据源的真实性,是保障数据安全的核心技术之一.数字签名的传统安全要求为在自适应选择消息攻击下满足存在不可伪造性.虽然数字签名的传统安全目标能满足数据认证的基本要求,但也阻碍了对已签名数据的合理操作,不能满足很多实际应用的需求.可修订签名是一类支持编辑操作的具有同态性质的数字签名.在不与签名人交互的情况下,签名持有人(修订者)可删除已签名数据中的敏感子数据,并计算修订后数据的有效签名.自2001年可修订数字签名被正式提出以来,就一直是应用密码学领域的研究热点.近年来许多国内外的学者从形式化安全定义、修订规则、计算效率、通信效率等多个方面对其进行探索研究,相继取得了一批有意义的研究成果.网络技术及其应用的快速发展在不断地对可修订数字签名提出新的要求,将从其核心算法定义、安全模型以及现有的代表性方案等方面对可修订数字签名进行概括和分析,并探讨值得进一步研究的问题.

Data security issues have become a serious challenge to national economic,political,defence and cultural security.As a core technology in protecting data security,digital signatures have been widely used for the verification of data integrity and source authenticity.The security definition of conventional digital signatures is existentially unforgeable against adaptive chosen-message attacks.Although it meets the basic security requirement of data authentication,it hampers the reasonable operation of authenticated data which is desirable in many practical applications.As a type of malleable homomorphic signatures for editing,redactable signatures allow the signature holder(redactor)to delete sensitive portions of the signed data and generate a valid signature for the disclosed data without any help from the original signer.It has been a research hotspot in the field of cryptography since it was introduced in 2001.In recent years,many researchers have studied redactable signatures from the aspects of formal security definition,redaction control mechanism,computational cost and communication overhead,and there are lots of research results.However,the rapid development of network technology and its applications are putting forward new challenges to redactable signatures.This paper summarizes and analyses redactable signatures in terms of algorithm definition,security model and representative designs.Furthermore,some existing problems worthy of further study are also discussed.