Publication Type

Journal Article

Version

acceptedVersion

Publication Date

6-2020

Abstract

Data authentication primarily serves as a tool to achieve data integrity and source authentication. However, traditional data authentication does not fit well where an intermediate entity (editor) is required to modify the authenticated data provided by the source/data owner before sending the data to other recipients. To ask the data owner for authenticating each modified data can lead to higher communication overhead. In this article, we introduce the notion of editing-enabled signatures where the data owner can choose any set of modification operations applicable on the data and still can restrict any possibly untrusted editor to authenticate the data modified using an operation from this set only. Moreover, the editor does not need to interact with the data owner in order to authenticate the data every time it is modified. We construct an editing-enabled signature (EES) scheme that derives its efficiency from mostly lightweight cryptographic primitives. We formalize the security model for editing-enabled signatures and analyze the security of our EES scheme. Editing-enabled signatures can find numerous applications that involve generic editing tasks and privacy-preserving operations. We demonstrate how our EES scheme can be applied in two privacy-preserving applications.

Keywords

Receivers, Internet of Things, IoT, cloud computing, Servers, Authentication, Task analysis, Editing-enabled signatures, editing functions, hash-chains, privacy-preserving applications

Discipline

Information Security

Research Areas

Cybersecurity

Publication

IEEE Internet of Things

Volume

7

Issue

6

First Page

4997

Last Page

5007

ISSN

2327-4662

Identifier

10.1109/JIOT.2020.2972741

Publisher

IEEE

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1109/JIOT.2020.2972741

Download

Share

COinS