Papers
Topics
Authors
Recent
2000 character limit reached

Blockchain-Envisioned Post-Quantum Secure Sanitizable Signature for Audit Logs Management (2312.16322v2)

Published 26 Dec 2023 in cs.CR

Abstract: Audit logs are one of the most important tools for transparently tracking system events and maintaining continuous oversight in corporate organizations and enterprise business systems. There are many cases where the audit logs contain sensitive data, or the audit logs are enormous. In these situations, dealing with a subset of the data is more practical than the entire data set. To provide a secure solution to handle these issues, a sanitizable signature scheme (SSS) is a viable cryptographic primitive. Herein, we first present the first post-quantum secure multivariate-based SSS, namely Mul-SAN. Our proposed design provides unforgeability, privacy, immutability, signer accountability, and sanitizer accountability under the assumption that the MQ problem is NP-hard. Mul-SAN is very efficient and only requires computing field multiplications and additions over a finite field for its implementation. Mul-SAN presents itself as a practical method to partially delegate control of the authenticated data in avenues like the healthcare industry and government organizations. We also explore using Blockchain to provide a tamper-proof and robust audit log mechanism.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (35)
  1. Towards blockchain-driven, secure and transparent audit logs. In Proceedings of the 15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (2018), pp. 443–448.
  2. Sanitizable signatures. In European Symposium on Research in Computer Security (2005), Springer, pp. 159–177.
  3. Cloud data integrity checking using bilinear pairing and network coding. Cluster Computing 22 (2019), 6927–6935.
  4. Post-quantum cryptography. Nature 549, 7671 (2017), 188–194.
  5. Oil and vinegar: Modern parameters and implementations. IACR Transactions on Cryptographic Hardware and Embedded Systems (2023), 321–365.
  6. Unlinkable and invisible gamma -sanitizable signatures. In International Conference on Applied Cryptography and Network Security (2021), Springer, pp. 251–283.
  7. Security of sanitizable signatures revisited. In International Workshop on Public Key Cryptography (2009), Springer, pp. 317–336.
  8. Sanitizable signatures: How to partially delegate control for authenticated data. BIOSIG 2009: biometrics and electronic signatures (2009).
  9. Unlinkability of sanitizable signatures. In International Workshop on Public Key Cryptography (2010), Springer, pp. 444–461.
  10. Efficient invisible and unlinkable sanitizable signatures. In IACR International Workshop on Public Key Cryptography (2019), Springer, pp. 159–189.
  11. Current state of multivariate cryptography. IEEE Security & Privacy 15, 4 (2017), 28–36.
  12. Multivariate cryptography. In Multivariate Public Key Cryptosystems. Springer, 2020, pp. 7–23.
  13. High-speed fpga implementation of the nist round 1 rainbow signature scheme. In 2018 International Conference on ReConFigurable Computing and FPGAs (ReConFig) (2018), IEEE, pp. 1–8.
  14. Efficient unlinkable sanitizable signatures from signatures with re-randomizable keys. IET Information Security 12, 3 (2018), 166–183.
  15. Computers and intractability, vol. 174. freeman San Francisco, 1979.
  16. An efficient data integrity auditing protocol for cloud computing. Future Generation Computer Systems 109 (2020), 306–316.
  17. Enabling fast public auditing and data dynamics in cloud services. IEEE Transactions on Services Computing 15, 4 (2020), 2047–2059.
  18. A survey on blockchain-based integrity auditing for cloud data. Digital Communications and Networks 8, 5 (2022), 591–603.
  19. Efficient sanitizable signatures without random oracles. In European Symposium on Research in Computer Security (2016), Springer, pp. 363–380.
  20. Id-based sanitizable signature data integrity auditing scheme with privacy-preserving. Computers & Security 121 (2022), 102858.
  21. Lattice-based cryptography. In Post-quantum cryptography. Springer, 2009, pp. 147–191.
  22. Nakkar, M. Secure Hardware Implementation of Post Quantum Cryptosystems. PhD thesis, Concordia University, 2017.
  23. Fault analysis-resistant implementation of rainbow signature scheme. In 2017 29th International Conference on Microelectronics (ICM) (2017), IEEE, pp. 1–5.
  24. Policy-based sanitizable signatures. In Cryptographers’ Track at the RSA Conference (2020), Springer, pp. 538–563.
  25. Efficient invisible and unlinkable sanitizable signatures. In Public-Key Cryptography–PKC 2019: 22nd IACR International Conference on Practice and Theory of Public-Key Cryptography, Beijing, China, April 14-17, 2019, Proceedings, Part I (2019), vol. 11442, Springer, p. 159.
  26. Data integrity auditing without private key storage for secure cloud storage. IEEE Transactions on Cloud Computing 9, 4 (2019), 1408–1421.
  27. A high-speed public-key signature scheme for 8-b iot-constrained devices. IEEE Internet of Things Journal 7, 4 (2020), 3663–3677.
  28. An overview of hash based signatures. Cryptology ePrint Archive (2023).
  29. Publicly verifiable shared dynamic electronic health record databases with functional commitment supporting privacy-preserving integrity auditing. IEEE Transactions on Cloud Computing 10, 3 (2020), 2050–2065.
  30. Lightweight certificate-based public/private auditing scheme based on bilinear pairing for cloud storage. IEEE Access 8 (2019), 2258–2271.
  31. Yi, H. Under quantum computer attack: Is rainbow a replacement of rsa and elliptic curves on hardware? Security and Communication Networks 2018 (2018).
  32. A rainbow-based authentical scheme for securing smart connected health systems. Journal of medical systems 43, 8 (2019), 1–10.
  33. High-speed hardware architecture for implementations of multivariate signature generations on fpgas. EURASIP Journal on Wireless Communications and Networking 2018, 1 (2018), 1–9.
  34. Cl-bosic: A distributed agent-oriented scheme for remote data integrity check and forensics in public cloud. In International Conference on Intelligent Computing (2023), Springer, pp. 425–441.
  35. Owl: A data sharing scheme with controllable anonymity and integrity for group users. Computer Communications 209 (2023), 455–468.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
Slide Deck Streamline Icon: https://streamlinehq.com

Whiteboard

Dice Question Streamline Icon: https://streamlinehq.com

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now
Lightbulb Streamline Icon: https://streamlinehq.com

Continue Learning

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now
List To Do Tasks Checklist Streamline Icon: https://streamlinehq.com

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets

Sign up for free to view the 1 tweet with 0 likes about this paper.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up for Free