Digitally signed document sanitizing scheme with disclosure condition control

Kunihiko Miyazaki, Mitsuru Iwamura, Tsutomu Matsumoto, Ryoichi Sasaki, Hiroshi Yoshiura, Satoru Tezuka, Hideki Imai

Research output: Contribution to journalArticle

62 Citations (Scopus)

Abstract

A digital signature does not allow any alteration of the document to which it is attached. Appropriate alteration of some signed documents, however, should be allowed because there are security requirements other than that for the integrity of the document. In the disclosure of official information, for example, sensitive information such as personal information or national secrets is masked when an official document is sanitized so that its nonsensitive information can be disclosed when it is demanded by a citizen. If this disclosure is done digitally by using the current digital signature schemes, the citizen cannot verify the disclosed information correctly because the information has been altered to prevent the leakage of sensitive information. That is, with current digital signature schemes, the confidentiality of official information is incompatible with the integrity of that information. This is called the digital document sanitizing problem, and some solutions such as digital document sanitizing schemes and content extraction signatures have been proposed. In this paper, we point out that the conventional digital signature schemes are vulnerable to additional sanitizing attack and show how this vulnerability can be eliminated by using a new digitally signed document sanitizing scheme with disclosure condition control.

Original languageEnglish
Pages (from-to)239-246
Number of pages8
JournalIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
VolumeE88-A
Issue number1
DOIs
Publication statusPublished - 2005 Jan

Fingerprint

Electronic document identification systems
Disclosure
Signed
Digital Signature
Signature Scheme
Integrity
Confidentiality
Vulnerability
Leakage
Signature
Attack
Verify
Requirements

Keywords

  • Digital signature
  • Disclosure of official information
  • Privacy issue

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Hardware and Architecture
  • Information Systems

Cite this

Digitally signed document sanitizing scheme with disclosure condition control. / Miyazaki, Kunihiko; Iwamura, Mitsuru; Matsumoto, Tsutomu; Sasaki, Ryoichi; Yoshiura, Hiroshi; Tezuka, Satoru; Imai, Hideki.

In: IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Vol. E88-A, No. 1, 01.2005, p. 239-246.

Research output: Contribution to journalArticle

Miyazaki, Kunihiko ; Iwamura, Mitsuru ; Matsumoto, Tsutomu ; Sasaki, Ryoichi ; Yoshiura, Hiroshi ; Tezuka, Satoru ; Imai, Hideki. / Digitally signed document sanitizing scheme with disclosure condition control. In: IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences. 2005 ; Vol. E88-A, No. 1. pp. 239-246.
@article{4464612a214f4b45b03db642712f49a1,
title = "Digitally signed document sanitizing scheme with disclosure condition control",
abstract = "A digital signature does not allow any alteration of the document to which it is attached. Appropriate alteration of some signed documents, however, should be allowed because there are security requirements other than that for the integrity of the document. In the disclosure of official information, for example, sensitive information such as personal information or national secrets is masked when an official document is sanitized so that its nonsensitive information can be disclosed when it is demanded by a citizen. If this disclosure is done digitally by using the current digital signature schemes, the citizen cannot verify the disclosed information correctly because the information has been altered to prevent the leakage of sensitive information. That is, with current digital signature schemes, the confidentiality of official information is incompatible with the integrity of that information. This is called the digital document sanitizing problem, and some solutions such as digital document sanitizing schemes and content extraction signatures have been proposed. In this paper, we point out that the conventional digital signature schemes are vulnerable to additional sanitizing attack and show how this vulnerability can be eliminated by using a new digitally signed document sanitizing scheme with disclosure condition control.",
keywords = "Digital signature, Disclosure of official information, Privacy issue",
author = "Kunihiko Miyazaki and Mitsuru Iwamura and Tsutomu Matsumoto and Ryoichi Sasaki and Hiroshi Yoshiura and Satoru Tezuka and Hideki Imai",
year = "2005",
month = "1",
doi = "10.1093/ietfec/E88-A.1.239",
language = "English",
volume = "E88-A",
pages = "239--246",
journal = "IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences",
issn = "0916-8508",
publisher = "Maruzen Co., Ltd/Maruzen Kabushikikaisha",
number = "1",

}

TY - JOUR

T1 - Digitally signed document sanitizing scheme with disclosure condition control

AU - Miyazaki, Kunihiko

AU - Iwamura, Mitsuru

AU - Matsumoto, Tsutomu

AU - Sasaki, Ryoichi

AU - Yoshiura, Hiroshi

AU - Tezuka, Satoru

AU - Imai, Hideki

PY - 2005/1

Y1 - 2005/1

N2 - A digital signature does not allow any alteration of the document to which it is attached. Appropriate alteration of some signed documents, however, should be allowed because there are security requirements other than that for the integrity of the document. In the disclosure of official information, for example, sensitive information such as personal information or national secrets is masked when an official document is sanitized so that its nonsensitive information can be disclosed when it is demanded by a citizen. If this disclosure is done digitally by using the current digital signature schemes, the citizen cannot verify the disclosed information correctly because the information has been altered to prevent the leakage of sensitive information. That is, with current digital signature schemes, the confidentiality of official information is incompatible with the integrity of that information. This is called the digital document sanitizing problem, and some solutions such as digital document sanitizing schemes and content extraction signatures have been proposed. In this paper, we point out that the conventional digital signature schemes are vulnerable to additional sanitizing attack and show how this vulnerability can be eliminated by using a new digitally signed document sanitizing scheme with disclosure condition control.

AB - A digital signature does not allow any alteration of the document to which it is attached. Appropriate alteration of some signed documents, however, should be allowed because there are security requirements other than that for the integrity of the document. In the disclosure of official information, for example, sensitive information such as personal information or national secrets is masked when an official document is sanitized so that its nonsensitive information can be disclosed when it is demanded by a citizen. If this disclosure is done digitally by using the current digital signature schemes, the citizen cannot verify the disclosed information correctly because the information has been altered to prevent the leakage of sensitive information. That is, with current digital signature schemes, the confidentiality of official information is incompatible with the integrity of that information. This is called the digital document sanitizing problem, and some solutions such as digital document sanitizing schemes and content extraction signatures have been proposed. In this paper, we point out that the conventional digital signature schemes are vulnerable to additional sanitizing attack and show how this vulnerability can be eliminated by using a new digitally signed document sanitizing scheme with disclosure condition control.

KW - Digital signature

KW - Disclosure of official information

KW - Privacy issue

UR - http://www.scopus.com/inward/record.url?scp=27544479095&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=27544479095&partnerID=8YFLogxK

U2 - 10.1093/ietfec/E88-A.1.239

DO - 10.1093/ietfec/E88-A.1.239

M3 - Article

AN - SCOPUS:27544479095

VL - E88-A

SP - 239

EP - 246

JO - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

JF - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

SN - 0916-8508

IS - 1

ER -