Redactable Signature with Compactness from Set-Commitment
This work addresses the need for privacy-preserving document disclosure by governments, offering a practical solution for redacting sensitive information without invalidating signatures.
The paper tackles the problem of redactable signatures requiring linear-size signatures by constructing an efficient scheme with constant-size signatures, overcoming the need for random oracles or generic group models.
Redactable signature allows anyone to remove parts of a signed message without invalidating the signature. The need to prove the validity of digital documents issued by governments is increasing. When governments disclose documents, they must remove private information concerning individuals. Redactable signature is useful for such a situation. However, in most redactable signature schemes, to remove parts of the signed message, we need pieces of information for each part we want to remove. If a signed message consists of l elements, the number of elements in an original signature is at least linear in l. As far as we know, in some redactable signature schemes, the number of elements in an original signature is constant, regardless of the number of elements in a message to be signed. However, these constructions have drawbacks in that the use of the random oracle model or generic group model. In this paper, we construct an efficient redactable signature to overcome these drawbacks. Our redactable signature is obtained by combining set-commitment proposed in the recent work by Fuchsbauer et al. (JoC 2019) and digital signatures.