Search papers, labs, and topics across Lattice.
This paper introduces a post-quantum sanitizable signature scheme based on a McEliece-based chameleon hash function, leveraging the trapdoor of a Goppa code for controlled collision finding. The scheme achieves existential unforgeability and immutability under the hardness of syndrome decoding in the random-oracle model. A novel weight constraint on signer-generated randomizers ensures perfect transparency, making sanitized signatures indistinguishable from original signatures.
Finally, a post-quantum sanitizable signature scheme achieves perfect transparency, allowing authorized message modifications without revealing the sanitization process.
We introduce a novel post-quantum sanitizable signature scheme constructed upon a chameleon hash function derived from the McEliece cryptosystem. In this design, the designated sanitizer possesses the inherent trapdoor of a Goppa code, which facilitates controlled collision-finding via Patterson decoding. This mechanism enables authorized modification of specific message blocks while ensuring all other content remains immutably bound. We provide formal security definitions and rigorous proofs of existential unforgeability and immutability, grounded in the hardness of syndrome decoding in the random-oracle model, where a robust random oracle thwarts trivial linear hash collisions. A key innovation lies in our precise characterization of the transparency property: by imposing a specific weight constraint on the randomizers generated by the signer, we achieve perfect transparency, rendering sanitized signatures indistinguishable from freshly signed ones. This work establishes the first transparent, code-based, post-quantum sanitizable signature scheme, offering strong theoretical guarantees and a pathway for practical deployment in long-term secure applications.
