Audit logs are one of the most important tools for transparently tracking system events and maintaining continuous oversight in corporate organizations and enterprise business systems. There are many cases where the audit logs contain sensitive data, or the audit logs are enormous. In these situations, dealing with a subset of the data is more practical than the entire data set. To provide a secure solution to handle these issues, a sanitizable signature scheme (SSS) is a viable cryptographic primitive. Herein, we first present the \textit{first} post-quantum secure multivariate-based SSS, namely ${\sf Mul-SAN}$. Our proposed design provides unforgeability, privacy, immutability, signer accountability, and sanitizer accountability under the assumption that the $MQ$ problem is NP-hard. ${\sf Mul-SAN}$ is very efficient and only requires computing field multiplications and additions over a finite field for its implementation. ${\sf Mul-SAN}$ presents itself as a practical method to partially delegate control of the authenticated data in avenues like the healthcare industry and government organizations. We also explore using Blockchain to provide a tamper-proof and robust audit log mechanism.

翻译：审计日志是透明追踪系统事件并在企业组织及商业业务系统中保持持续监督的重要工具之一。在许多情况下，审计日志包含敏感数据，或者审计日志规模庞大。在这些场景中，处理数据子集比处理整个数据集更为实用。为提供安全解决方案应对这些问题，可净化签名方案（SSS）是一种可行的密码学原语。本文首先提出首个抗量子安全的基于多元多项式的SSS方案，即${\sf Mul-SAN}$。我们提出的设计在$MQ$问题被假设为NP难的前提下，提供了不可伪造性、隐私性、不可篡改性、签名者问责性及净化者问责性。${\sf Mul-SAN$效率极高，其实现仅需在有限域上计算域乘法和加法。${\sf Mul-SAN}$可作为实用方法，在医疗行业及政府组织等场景中部分委托对认证数据的控制权。我们还探索利用区块链提供防篡改且鲁棒的审计日志机制。