Abstract : Digital signatures are by far the most prominent mechanisms to detect violations of integrity. When signing rights are delegated, the integrity protection is gradually weaker as the delegatee’s actions are not considered integrity violations. Taken to an extreme, delegating the right to undetectably change everything to everyone will achieve a property called contingency. Contingency was introduced as the “dual of integrity” in 2009 by Rost and Pfitzmann in German [26] and later translated into English in 2011 [4]. Contingency describes the exact opposite of integrity: the provable absence of integrity. Following this line of privacy research, this paper gives the first rigorous definition of contingency and presents a cryptographic protocol build upon a transparent sanitizable signature scheme. Hence, contingency is a verifiable statement that the signer explicitly desired that the integrity status of data is not verifiable. We analyze legal implications and applications of contingent information.
https://hal.inria.fr/hal-01468199 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Wednesday, February 15, 2017 - 11:37:21 AM Last modification on : Wednesday, February 15, 2017 - 11:41:00 AM Long-term archiving on: : Tuesday, May 16, 2017 - 1:05:53 PM
Henrich C. Pöhls. Contingency Revisited: Secure Construction and Legal Implications of Verifiably Weak Integrity. 7th Trust Management (TM), Jun 2013, Malaga, Spain. pp.136-150, ⟨10.1007/978-3-642-38323-6_10⟩. ⟨hal-01468199⟩