Redactable document signature schemes allow a document such as a file in a file system of a computing system to be redacted without invalidating a signature of the document (or document signature) using certain redaction operations. For example, some redactable document signature schemes allow some redaction operations and do not allow other redaction operations. As a specific example, some redactable document signature schemes limit which subdocuments of a document can be redacted.
Typically, a redactable document signature includes a signature value output from a signature process of a digital signature scheme to which a hash value of a document is submitted. As a basic example, a signature value can be the result of encrypting a hash value derived from a document with a private key of a public/private key pair. Additionally, a redactable document signature typically includes ancillary data used during redaction and verification of the document and redactable document signature.