A Revocable Certificateless Sanitizable Signature Scheme With Batch Verification

Abstract

In medical and healthcare application scenarios, data integrity and user privacy are often concerned the most. A sanitizable signature scheme is a common adopted approach since it admits an authorized person to sanitize partial sensitive information of signed messages while keeping the correctness of preserved message and signature pairs. A certificateless sanitizable signature scheme further enjoys the merits of certificateless public key systems. That is, it is unnecessary to maintain the public key certificates in traditional cryptosystems or deal with the key escrow problem in identity-based systems. However, the functionality of batch verification for retained message-signature pairs and the revocation mechanism are still lack in previous works. To resolve these issues, the authors propose a revocable certificateless sanitizable signature scheme with batch verification in this paper. The revocation mechanism is fulfilled by combining user's private key with an updatable time key. Hence, a revoked user is unable to request the renewed time key. We also provide a formal proof that our proposed system satisfies the security requirement of existential unforgeability under adaptive chosen-message attacks (EUF-CMA) in the random oracle model. In comparison to related variants, our system demonstrates superior functionality and computational efficiency.