A digital signature does not allow any alteration of the document to which it is attached. Appropriate alteration of some signed documents, however, should be allowed because there are security requirements other than that for the integrity of the document. In the disclosure of official information, for example, sensitive information such as personal information or national secrets is masked when an official document is sanitized so that its nonsensitive information can be disclosed when it is demanded by a citizen. If this disclosure is done digitally by using the current digital signature schemes, the citizen cannot verify the disclosed information correctly because the information has been altered to prevent the leakage of sensitive information. That is, with current digital signature schemes, the confidentiality of official information is incompatible with the integrity of that information. This is called the digital document sanitizing problem, and some solutions such as digital document sanitizing schemes and content extraction signatures have been proposed. In this paper, we point out that the conventional digital signature schemes are vulnerable to additional sanitizing attack and show how this vulnerability can be eliminated by using a new digitally signed document sanitizing scheme with disclosure condition control.
Kunihiko MIYAZAKI
Mitsuru IWAMURA
Tsutomu MATSUMOTO
Ryoichi SASAKI
Hiroshi YOSHIURA
Satoru TEZUKA
Hideki IMAI
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Kunihiko MIYAZAKI, Mitsuru IWAMURA, Tsutomu MATSUMOTO, Ryoichi SASAKI, Hiroshi YOSHIURA, Satoru TEZUKA, Hideki IMAI, "Digitally Signed Document Sanitizing Scheme with Disclosure Condition Control" in IEICE TRANSACTIONS on Fundamentals,
vol. E88-A, no. 1, pp. 239-246, January 2005, doi: 10.1093/ietfec/e88-a.1.239.
Abstract: A digital signature does not allow any alteration of the document to which it is attached. Appropriate alteration of some signed documents, however, should be allowed because there are security requirements other than that for the integrity of the document. In the disclosure of official information, for example, sensitive information such as personal information or national secrets is masked when an official document is sanitized so that its nonsensitive information can be disclosed when it is demanded by a citizen. If this disclosure is done digitally by using the current digital signature schemes, the citizen cannot verify the disclosed information correctly because the information has been altered to prevent the leakage of sensitive information. That is, with current digital signature schemes, the confidentiality of official information is incompatible with the integrity of that information. This is called the digital document sanitizing problem, and some solutions such as digital document sanitizing schemes and content extraction signatures have been proposed. In this paper, we point out that the conventional digital signature schemes are vulnerable to additional sanitizing attack and show how this vulnerability can be eliminated by using a new digitally signed document sanitizing scheme with disclosure condition control.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1093/ietfec/e88-a.1.239/_p
Copy
@ARTICLE{e88-a_1_239,
author={Kunihiko MIYAZAKI, Mitsuru IWAMURA, Tsutomu MATSUMOTO, Ryoichi SASAKI, Hiroshi YOSHIURA, Satoru TEZUKA, Hideki IMAI, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Digitally Signed Document Sanitizing Scheme with Disclosure Condition Control},
year={2005},
volume={E88-A},
number={1},
pages={239-246},
abstract={A digital signature does not allow any alteration of the document to which it is attached. Appropriate alteration of some signed documents, however, should be allowed because there are security requirements other than that for the integrity of the document. In the disclosure of official information, for example, sensitive information such as personal information or national secrets is masked when an official document is sanitized so that its nonsensitive information can be disclosed when it is demanded by a citizen. If this disclosure is done digitally by using the current digital signature schemes, the citizen cannot verify the disclosed information correctly because the information has been altered to prevent the leakage of sensitive information. That is, with current digital signature schemes, the confidentiality of official information is incompatible with the integrity of that information. This is called the digital document sanitizing problem, and some solutions such as digital document sanitizing schemes and content extraction signatures have been proposed. In this paper, we point out that the conventional digital signature schemes are vulnerable to additional sanitizing attack and show how this vulnerability can be eliminated by using a new digitally signed document sanitizing scheme with disclosure condition control.},
keywords={},
doi={10.1093/ietfec/e88-a.1.239},
ISSN={},
month={January},}
Copy
TY - JOUR
TI - Digitally Signed Document Sanitizing Scheme with Disclosure Condition Control
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 239
EP - 246
AU - Kunihiko MIYAZAKI
AU - Mitsuru IWAMURA
AU - Tsutomu MATSUMOTO
AU - Ryoichi SASAKI
AU - Hiroshi YOSHIURA
AU - Satoru TEZUKA
AU - Hideki IMAI
PY - 2005
DO - 10.1093/ietfec/e88-a.1.239
JO - IEICE TRANSACTIONS on Fundamentals
SN -
VL - E88-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2005
AB - A digital signature does not allow any alteration of the document to which it is attached. Appropriate alteration of some signed documents, however, should be allowed because there are security requirements other than that for the integrity of the document. In the disclosure of official information, for example, sensitive information such as personal information or national secrets is masked when an official document is sanitized so that its nonsensitive information can be disclosed when it is demanded by a citizen. If this disclosure is done digitally by using the current digital signature schemes, the citizen cannot verify the disclosed information correctly because the information has been altered to prevent the leakage of sensitive information. That is, with current digital signature schemes, the confidentiality of official information is incompatible with the integrity of that information. This is called the digital document sanitizing problem, and some solutions such as digital document sanitizing schemes and content extraction signatures have been proposed. In this paper, we point out that the conventional digital signature schemes are vulnerable to additional sanitizing attack and show how this vulnerability can be eliminated by using a new digitally signed document sanitizing scheme with disclosure condition control.
ER -