Ensuring the Legality of Digital Signature Licitness for Hold Harmless in Mexico

How to eSign a document: digital signature licitness for Hold Harmless in Mexico

hi everyone i'm hendrik weilner and this talk is about policy compliance signatures which is joint work with christian varichar and christianmatt starting with some motivation we consider the standard blockchain setting where we have two parties alice and bob that are both in possession of a signature key pair if alice now wants to create a transaction for bob she uses her signing key to generate a signature over the transaction details m and the verification key of bob the generated transaction can then be checked for validity using the verification key of alice furthermore we require unforgeability in this setting which means that no one other than alice should be able to create a valid signature in her name in this talk we consider the more restricted setting where we require a valid transaction to also fulfill the global policy f evaluated over the attributes of the sender and the receiver a blockchain that allows for these types of attribute checks can be very useful within corporate environments to only allow for transactions between employees of different departments in this setting the key pairs of alice and bob are additionally associated with an attribute set xa and xb to generate a signature alice proceeds similarly to the previous case and uses her signing key together with the transaction details m and the public key of bob the generated signature is now deemed valid if the policy f applied on the attribute set xa of alice and xb of bob verifies in this setting we also require unforgeability which means as in the previous case that no one other than alice should be able to create a valid signature in her name and additionally that alice and bob should not be able to create a valid signature if they do not fulfill the global policy furthermore we require attribute hiding which means that nothing about the attributes of the different parties is leaked by the public keys and the generated signatures only reveal that the attributes of the participating parties fulfill the policy and nothing beyond that next we are going to see which existing cryptographic primitives we could use to achieve this goal the first primitive that could be useful in this setting are digital signatures in a digital signature scheme there exists a party carrel that executes the setup procedure that outputs a verification key vk and a secret key sk carol then sends the verification key to bob and the secret key to alice alice can use the secret key to sign a message m and generate the corresponding signature sigma the verification key can then be used to check if the signature sigma is valid with respect to the message m unfortunately this primitive does not incorporate any attributes of the sender or the receiver and is therefore not useful in our setting an extension of digital signatures that incorporates attributes is the notion of attribute based signatures in an attribute based signature scheme carol executes the setup procedure to generate a master public key and the master secret key the master secret key is then used by carol together with an attribute set xa to generate the signing key ska of alice alice then uses her signing key ska to generate a signature sigma for a message m and a policy f this signature can then be verified using the master public key and the policy f the signature in this case is only valid if the attributes xa of ls fulfill the policy f the notion of attribute based signatures incorporates attributes into the signature generation but unfortunately only the attributes of the sender are incorporated which is still insufficient for our setting another type of signatures that handles attributes is the notion of policy based signatures policy based signatures work similarly to attribute based signatures with the difference that signing keys are generated with respect to a policy f instead of an attribute set furthermore during the signature generation alice needs to provide a witness w for a relation that involves the policy f associated with the signing key and the message that is being signed a signature now is only deemed valid if the witness w that has been used in the signature generation is a valid witness for the relation involving the policy f of the signing key and the message m one way to allow for the incorporation of bob's attributes in this notion would be by including some public information of bob in the message m that is being signed the problem here is that for the signature generation alice needs to know bob's attributes to prove that both of their attributes together fulfill the policy therefore we cannot guarantee privacy for bob in this setting which makes this notion unsuitable for our motivational example since none of the previous primitives fit our motivation example we now introduce the new notion of policy compliance signatures in a policy-compliant signature scheme carol executes the setup procedure which takes as an input of policy f and outputs a master public key and the master secret key she then uses the master secret key together with an attribute set to generate a public key secret key pair in more detail she uses the attribute set xa to generate the keys for alice and the attribute set xp to generate the keys for bob to generate a signature alice uses her secret key together with the public key of bob and the message m in the signing procedure the resulting message signature pair can then be verified using the master public key and the public keys of alice and bob the signature only verifies if the global policy f is fulfilled when evaluated using the attributes xa of alice and xp of bob we can directly see that the notion of policy compliance signatures provides a good solution for our motivational example to achieve unforgeability and attribute hiding in our motivational example our policy compliance signature scheme also needs to achieve these notions before we can talk about how to cheat these notions we first need to formally define them we begin with the notion of unforgiability in the case of unforgiability we have three different types of forgeries that we need to prevent the first type of forgery is what we call a key generation forgery in a key generation forgery a malicious alice is able to generate a valid signature for a public key that has not been generated by carol since carol did not assign any attributes to this maliciously generated public key it cannot result in a valid policy evaluation in a signature forgery an adversary is able to create a signature corresponding to alice's public key without knowing her secret key this type of attack is similar to the standard notion of unforgeability for a digital signature scheme in the third and last type of forgery and attribute forgery a malicious alice and the malicious bob are able to jointly create a valid signature even though the attributes do not fulfill the policy after informally talking about the different types of attacks we need to prevent we are now going to formally define unforgeability using a security game in this security game an adversary has access to different oracles that are run by a challenger and can be queried multiple times the first oracle that the adversary can access is the key generation oracle it queries it using an attribute set x and receives as a reply the corresponding public key pk additionally the adversary can also query a corruption oracle using one of the public keys that have been previously output by the key generation oracle to obtain the corresponding secret key the last oracle that the adversary has access to is the signing oracle inputting a sender public key pks a receiver public key pkr and a message m the adversary obtains a signature sigma for the message m after the adversary has interacted with the different oracles its goal is to output two public keys pk and pkstar a message m star and a signature sigma star such that the signature sigma star is a valid signature with respect to the public keys p k and pk star and the message m star for the adversary to provide a valid signature forgery it needs to provide one of the different types of attacks that we have previously described this is the case if it either holds that the sender public epk has not been created to the corruption oracle or if both of the public keys pk and pk star have been output by the key generation oracle and their corresponding attribute sets x and x star do not fulfill the policy f we call a policy compliant signature scheme unfortunately if it is impossible for any efficient adversary to produce a valid signature forgery after talking about unforgeability we now focus on attribute hiding where we distinguish between an indistinguishability based and a simulation-based notion we start by considering the indistinguishability-based notion as in the case of unforgibility we define indistinguishability-based attribute titling using a security game in this game the adversary has access to the same oracles as before but with a different input output behavior also in this game the adversary can query all of the oracles multiple times the key generation oracle in this game can be queried using two attribute sets x0 and x1 the adversary then receives as a reply to this query a public key pk that has been generated with respect to the attribute set xb where b is a bit that is sampled in the beginning of the game the goal of the adversary in this game after it has finished querying the different oracles is to correctly determine the bit b by outputting a bit b prime a policy compliant signature scheme achieves indistinguishability based attribute hiding if the probability that the output bit b prime is equal to b is close to one half for all efficient adversaries besides the key generation oracle the adversary also has access to a corruption oracle which it can query using a public key pk to obtain the corresponding secret key sk to not make it trivial for the adversary to determine the bit b and therefore win the security game it can only query the corruption oracle using public keys that have been the reply to a key generation query where the attribute sets x0 and x1 are equal if we do not enforce this restriction that vertery might be able to directly learn the bit b the signing oracle in this game behaves exactly as in the unforgetability game but we also need to enforce an additional restriction on the queries of the adversary here namely we require that the policy evaluated on the left charge attributes of the sender key pkx and the receiver key pky used in the signing query are equal to the policy evaluated on the right challenge attributes of the sender and the receiver key otherwise the adversary might again be able to directly learn the bit b after defining unforgeability and indistinguishability based attribute hiding we can now consider some construction approaches for policy compliance signatures a first approach to realize policy compliance signatures is by relying on carol in more detail if alice wants to generate a signature for bob she submits her message to carol together with bob's identifier and receives as a reply the signature sigma afterwards bob can send the signature together with a message and alice identifier to carol who outputs either 0 or 1. unfortunately this solution requires the involvement of carol for every signature generation and verification but we would like to have a solution where carol is only needed for the generation of the public parameters and the keys of the different parties such that alice can generate the signatures on her own and everyone can verify them on their own the second approach to realizing policy compliance signatures is to let carroll issue signature keys together with a certificate that corresponds to the attributes of the corresponding party for the generation of a signature alice would then use her signing key to generate a signature for her message and additionally proof using both of the verification keys and the certificates that her attributes together with the attributes of bob fulfill the global policy when bob obtains the proof and the signature he can verify the signature generated for the message as well as the proof that the attributes of alice and bob together fulfill the policy this solution looks like a good solution at first sight but it has the drawback that it does not give us any guarantees in terms of privacy this is due to the fact that for alice to prove that her attributes together with bob's attributes fulfill the global policy she needs to know bob's attributes which directly compromises privacy after considering these first approaches for the realization of policy compliance signatures we now introduce the necessary tools for our final construction the first tool that is needed for our construction is a digital signature scheme which we have already introduced additionally our construction also requires a non-interactive zero-knowledge proof system which is similar to the proof system that we have mentioned in the previous construction approach the last primitive that we need for our construction is a predicate encryption scheme which allows for the oblivious evaluation of policies without revealing the underlying attributes we now describe the different primitives in more detail where we begin with non-interactive zero-knowledge proofs in the first step of a non-interactive serial knowledge proof a setup procedure is executed by carol that outputs a common reference string which is then sent to lsn to bob if alice now wants to prove the validity of a statement x for which she knows a witness w then she can generate a proof pi using the crs the statement x and the witness w this proof is then sent to bob who can verify it using the statement x and the common reference string we require zero knowledge proof system to achieve soundness and zero knowledge soundness ensures that it is not possible for malicious alice to generate a valid proof for statements x for which no witness w exists and zero knowledge in turn guarantees that when bob obtains the proof pie he does not learn anything about the witness w for the statement x after introducing non-interactive zero knowledge proofs we can now focus on predicate encryption in a predicate encryption scheme the setup procedure executed by carol outputs a master public key and the master secret key the master public key can then be used by others to generate a ciphertext ct encrypting an attribute set x the master secret key in turn is used by carol to generate a functional key skf that is associated with a policy f when bob uses this functional key to decrypt the ciphertex ct he obtains as an output the policy associated with the functional key applied on the attribute set encrypted in the cipher text which in this case is f x we require a predicate encryption scheme to be attribute hiding which means that bob when decrypting a cipher text does not learn anything more about the encrypted attribute set than what is leaked by the evaluation of the policy f in our construction of policy compliance signatures we only require the predicate encryption scheme to be secret key which means that the setup procedure only outputs a master secret key that is used for encryption and key generation after introducing the necessary tools for our construction we are now ready to give a high level overview of how our construction works the idea of our construction is to use a predicate encryption scheme to encrypt the attributes of the different parties in the public keys and use the corresponding functional key as part of the secret keys of the different parties for the policy evaluation to generate a signature the sender decrypts the ciphertext contained in the public key of the receiver and proves in zero knowledge that the decryption output together with its functional key shows that the policy is fulfilled it can then be verified that the global policy is fulfilled by checking the validity of the generated proof in more detail the master public key of our scheme consists of a common reference string for non-interactive zero knowledge proof and two verification keys for a digital signature scheme vkp and vks the corresponding master secret key consists of the master secret key for predicate encryption scheme and the signing keys skp and sks that correspond to the verification keys vkp and vks to generate a public key for a participating party a new digital signature key pair is sampled where the verification key vk is included in the public key furthermore the attributes of the party are encrypted using the predicate encryption scheme and the resulting cipher text is included in the public key finally a signature sigma p is generated using the sign-in key skp for the verification key vk and the ciphertext ct and is also included in the public key the corresponding secret key for the public key consists of the signing key sk which has been generated together with the verification key vk and a functional key skf that is generated for the policy f evaluated on the first component using the attribute set x of the party this half-evaluated policy enables us to obliviously check if the sender and the receiver together fulfill the policy without revealing anything about their attributes in the last step another signature sigma s is generated using the signing key sks for the verification key vk of the public key and the functional key skf to bind the public key and the secret key together to generate a signature the sender uses its functional key to decrypt the ciphertext contained in the public key of the receiver and produces the proof pi using the zero knowledge proof system by proving that the output of the decryption is 1 and that the functional key that has been used to generate the decryption is part of the secret key that corresponds to the public key of the sender the generated proof ensures that the policy is fulfilled by both of the parties and that the correct key of the sender has been used in the final step the sender uses its signing key sk to generate a signature sigma prime over the message m and the proof pi the resulting signature sigma prime can then be publicly verified by verifying the zero knowledge proof pi and the signature sigma of the digital signature scheme we highlight that all the primitives used in our construction can be based on standard assumptions which in turn results in the realization of policy compliance signatures from standard assumptions after describing how our construction works we now discuss its security where we first focus on unforgeability we can argue that our scheme is unforgiable by analyzing the different events in which an adversary construct a signature forgery and show that the occurrence probability of these events are bounded by the security of our underlying primitives the first way for an adversary to produce a forgery is to generate a public key on its own for which it is able to produce a valid signature the generation of a public key without carol's involvement would result in a signature forgery with respect to the verification key vkp and can therefore be bounded by the unforgiability of the digital signature scheme another possibility for an adversary to generate a forgery is by forging a signature for a public key in the system for which it does not know the secret key in this case the adversary could use a proof pie from a previous signature generated for this key and try to forge a signature with respect to the verification key vk for a new message m prime if the adversary is successful in this case it has created a signature forgery with respect to the verification key vk therefore the occurrence of this event can also be bounded by the unforgivability of the digital signature scheme a third way for an adversary to produce a signature forgery is by generating a valid signature for public keys that do not fulfill the policy it can achieve this by either forging a zero-knowledge proof or by creating a valid witness on its own in the case that an adversary forges is your knowledge proof without knowing a witness it breaks the extractability property of the underlying non-interactive zero-knowledge protocol extractability requires that an adversary is not able to generate a valid proof for a statement if it is not in possession of a corresponding witness this is a stronger property than soundness where it is only required that an adversary is not able to generate a valid proof for false statement one possibility for the adversary to generate a valid witness is by taking the secret key of a public key that fulfills the policy and forge a signature sigma prime with respect to the verification key of the public key that does not fulfill the policy this forged key can then be used to generate a valid proof pie with respect to the public key that does not fulfill the policy this attack results in a signature forgery with respect to the verification key vks and can therefore be again bounded by the unforgeability of the digital signature scheme this concludes the analysis of the unforgeability of our construction and we can now take a more detailed look into the attribute hiding of our scheme to achieve attribute titling we need to ensure that nothing about the attributes of the participating parties is leaked from the public keys and that the generated signatures between different parties only reveal that the attributes fulfill the policy and nothing beyond that since the only part in the public key that contains information about the attributes of the party is the ciphertext ct it follows from the attribute titling of the predicate encryption scheme that nothing about the attributes of the parties is leaked by the public keys to ensure that no information beyond the policy evaluation is leaked by signature sigma prime we can rely on the zero knowledge property of our proof system the zero knowledge property states that no information beyond the validity of the statement that is being proven is leaked which in our case is the fulfillment of the policy this concludes our analysis of the indistinguishability indistinguishability-based attribute hiding besides standalone security we also analyze the security of policy compliance signatures in the universal composability framework before doing so we give a high level overview of the uc framework in the uc framework we consider two different worlds the real world and the ideal world in the real world we have a protocol that is executed by alice and bob and can further be influenced by an adversary in the ideal world we have alice and bob that interact with an ideal functionality f which is also accessed by an ideal adversary called the simulator the inputs of ls bob and the adversary are decided by an environment z in both of these worlds we say that the scheme is uc secure if there exists a simulator such that it is hard for any efficient environment set to determine if it interacts with the real world or the ideal world the job of the simulator here is to properly simulate the interaction in the ideal world such that the environment cannot see a difference with respect to the real world the intuition behind this definition of security is that all the attacks that can be executed in a protocol execution in the real world can also be executed in the ideal world through the simulator the same holds in terms of leakage in more detail it follows that the information that is leaked in the protocol execution is the same as the information that is leaked by the ideal functionality this security definition further allows that whenever the ideal functionality is used as a subroutine in the bigger protocol execution it can be replaced by the specific protocol for which you see realization has been proven this is known as the composition theorem before presenting the ideal functionality that can be realized using policy compliance signatures we focus on the ideal functionality that is realized by digital signature scheme the signature functionality has interfaces to interact with alice and bob alice can user interface to send a key generation request to the ideal functionality which then forwards this request to the simulator the simulator replies to this request with a key identifier v that is then sent back to alice afterwards for the signature generation alice sends m as a sign request to the ideal functionality as in the case of a key generation request the ideal functionality forwards the request to the simulator which replies with the signature sigma that is then sent to ellis by the ideal functionality if bob is in possession of a signature sigma for a message m of alice he can send a verify request consisting of alice identifier the message and the signature to the ideal functionality the ideal functionality then forwards the verification request to the simulator which replies to the ideal functionality if the signature is valid or not this answer is then forwarded to bob by the ideal functionality the signature functionality also guarantees unforgeability which means that no signature for a message that has never been used in a sign request by alice will be deemed valid with respect to her identifier v the describe signature functionality can be realized using a protocol where alice uses the setup procedure of a digital signature scheme to generate her key pair and uses the verification key as her identifier to sign a message alice executes the sign procedure using her signing key bob can then use the verification procedure together with alice verification key to check a signature for its validity the simulator in the ideal world for the signature functionality generates a keeper when a key generation query is forwarded to it by the signature functionality and replies with the verification key as the corresponding identifier whenever the simulator receives a sign query it uses the sign procedure of the signature scheme to generate a signature with the signing key that corresponds to the verification key contained in the sign query and whenever a verification query is asked the simulator locally executes the verify procedure using the corresponding verification key and sends the output as a reply to the ideal functionality the unforgetability of the signature scheme in this setting ensures that no one other than alice is able to generate a valid signature for a new message with respect to her identifier which matches the unforgeability guarantee of the ideal functionality after focusing on the ideal functionality for digital signature scheme we now consider the extended policy compliance signatures functionality the policy compliance signature functionality consists of an additional interface to carol carol can use this interface to submit a policy generation query for policy f to the ideal functionality which forwards it to the simulator the simulator then replies to the ideal functionality with a master identifier vm this master identifier is then forwarded to carol when alice issues her key generation query she additionally submits her attribute set xa to the ideal functionality which then notifies the simulator that the key generation query has been asked for alice without revealing the attribute set xa the simulator then replies to the ideal functionality with an identifier va which is then forwarded to alice when bob issues his key generation query using the attribute set xb the ideal functionality and the simulator interact in the same way as before to obtain the identifier vb when alice issues a sign query she submits bob's identifier vb and the message m to the ideal functionality which forwards this query to the simulator together with the policy evaluation over the attributes of alice and bob the simulator then replies with a signature sigma that is forwarded by the ideal functionality to alice for verification query bob submits the signature together with the message and the identifier of the sender and the receiver to the ideal functionality which forwards this query to the simulator the simulator then notifies the ideal functionality if the signature is valid or not which is forwarded to bob we highlight that it is also possible to submit the corrupt gray for the different parties to the ideal functionality if a corrupt query is submitted the simulator learns the attribute set for the party that is being corrupted as well as the evaluation with all the remaining public keys where the corrupted party acts as the sender in the case that another key generation query is asked after a corruption query the simulator also learns the policy evaluation for this new key with all the corrupted parties acting as senders the policy compliant signature functionality guarantees unforgeability and privacy unforgeability here means that first no one other than alice is able to generate a valid signature for her identifier second that it is not possible to generate a valid signature for two identifiers where the corresponding parties do not fulfill the policy and third that no ballot signature can be generated with respect to identifiers that have not been output by the ideal functionality privacy in this setting means that nothing more about the attributes of the different parties can be learned than what is leaked by generated signatures and corrupted parties the policy compliance signature functionality can be realized using a protocol where the setup and key generation procedure are executed by carol to generate the master public key and the master secret key as well as the keys for alice and bob for alice to generate a signature she can execute the sign procedure using bob's public key and her secret key to sign a message m and bob can verify the signature using the verify procedure of the policy compliant signature scheme in the ideal world the simulator needs to sample all the keys using the information it obtains from the ideal functionality as described on the previous slide we observed that for the simulator to be able to accomplish this and to guarantee privacy it needs to be able to simulate public keys without knowing the underlying attribute sets and to be able to simulate signatures by only knowing the corresponding policy evaluation of the involved parties furthermore it needs to be able to generate a secret key for a previously generated public key in the case of a corruption query by learning the corresponding attribute set after the public key has been generated the existence of such a simulator is not guaranteed by our current indistinguishability based attribute hiding definition contrary unforgeability in the ideal world directly follows from the unforgeability of the policy compliance signature scheme which is due to the fact that the unforgeability requirements on the policy compliance signature scheme match the unforgeability requirements of the ideal functionality to guarantee privacy in the ideal world we need to consider a stronger simulation-based attribute hiding notion that guarantees the existence of a simulator that is able to simulate the different keys and signatures in the simulation-based security game the adversary has access to the same oracles as in the indistinguishability based one but instead of distinguishing between the left or right attribute set used for the generation of public keys the task of the adversary is to distinguish if the keys and signatures it receives are simulated or honestly generated for the simulator to generate these keys it obtains some additional information in the case of a key generation query the simulator learns all the policy evaluations of the requested key with all the corrupted keys where the corrupted keys act as sender keys in the case of a corruption query the simulator learns the attributes of the key as well as all the policy evaluations of this key acting as the sender key with all the remaining keys in the case of a sign query the simulator learns the policy evaluation of the attributes associated with the keys that are used in the query this notion is sufficient for our uc realization and guarantees the existence of the simulator that is able to generate the different keys and signatures in a proper way additionally we highlight that if the simulation based secure predicate encryption scheme is used as an instantiation in our construction then we also obtain a simulation based secure policy compliance signature scheme unfortunately we are not aware of any predicate encryption scheme that achieves the required notion of simulation-based security therefore we leave it as an interesting open question to construct simulation-based secure policy compliance signatures to summarize in this talk we have introduced the notion of policy compliance signatures together with the corresponding notion of unforgiability and indistinguishability-based attribute hiding furthermore we presented a policy compliance signature scheme based on digital signatures non-interactive zero knowledge proofs and predicate encryption that achieves unforgeability and indistinguishability-based attribute hiding in the last step we also gave a uc formulation of our notion and presented the corresponding simulation based notion of attribute hiding that is needed to realize our uc formulation thank you very much for listening