Abstract
We propose an effective scheme for controlling usage of secure signature creation devices (SSCD). With cryptographic means we assure that an inspector can check whether an (ordered) list of signatures at hand is the complete list of signatures created by the device. Our scheme is devoted to some applications like automatic creation of invoices or contract signing by a legal representative of a company.
The inspection procedure is probabilistic with no false-negatives and low probability of false-positives. It requires extra private keys known only by the inspector. So it cannot be executed by the holder of an SSCD – this has to prevent testing integrity of the list after list manipulations searching for a false-positive result.
Our solution works for a wide class of signatures based on Discrete Logarithm Problem without any changes of the signature format.
We provide formal security proofs as well as discuss implementation issues.
During the work on this paper the second author has been supported by Foundation for Polish Science, MISTRZ Programme, and by the IBM Faculty Award.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
ANSI: X9.62:2005 public key cryptography for the financial services industry: The elliptic curve Digital Signature Algorithm (ECDSA) (2005)
Bender, J., Dagdelen, Ö., Fischlin, M., Kügler, D.: The PACE\(|\)AA protocol for machine readable travel documents, and its security. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 344–358. Springer, Heidelberg (2012)
Bichsel, P., Camenisch, J., Groß, T., Shoup, V.: Anonymous credentials on a standard Java card. In: Al-Shaer, E., Jha, S., Keromytis, A.D. (eds.) ACM Conference on Computer and Communications Security, pp. 600–610. ACM (2009)
Boneh, D., Ding, X., Tsudik, G., Wong, C.M.: Instantenous revocation of security capabilities. In: USENIX Security Symposium (2001)
Bundesnetzagentur für Elektrizität, Gas, Telekommunikation, Post und Eisenbahnen: Bekanntmachung zur elektronischen Signatur nach dem Signaturgesetz und der Signaturverordnung (Übersicht über geeignete Algorithmen). Draft, 10 October 2013
Common Criteria. http://www.commoncriteriaportal.org
European Commision: Proposal for a regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market, 4 June 2012
European Parliament and of the European Council: Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. Official Journal of the European Communities L(13), 19 Jan 2000
Feige, U., Fiat, A., Shamir, A.: Zero-knowledge proofs of identity. J. Cryptol. 1(2), 77–94 (1988)
Guillou, L.C., Quisquater, J.-J.: A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 123–128. Springer, Heidelberg (1988)
IEEE: IEEE P1363: Standard specification for public key cryptography (2000)
ISO: ISO/IEC 9796–3:2006 Information technology - Security techniques - Digital signature schemes giving message recovery - Part 3: Discrete logarithm based mechanisms (2006)
ISO/IEC: 14888–3:2006 Information technology - Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms (2006)
Krzywiecki, Ł., Kubiak, P., Kutyłowski, M.: Stamp and extend – instant but undeniable timestamping based on lazy trees. In: Mitchell, C.J., Tomlinson, A. (eds.) INTRUST 2012. LNCS, vol. 7711, pp. 5–24. Springer, Heidelberg (2012)
Nicolosi, A., Krohn, M.N., Dodis, Y., Mazières, D.: Proactive two-party signatures for user authentication. In: NDSS, The Internet Society (2003)
NIST: FIPS publication 186–4: Digital Signature Standard (DSS) (2013)
RSA Laboratories: PKCS#1 v2.1 – RSA Cryptography Standard + Errata (2005)
Schnorr, C.-P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, Heidelberg (1990)
Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. IACR Cryptology ePrint Archive 332 (2004)
Young, A., Yung, M.: Kleptography: using cryptography against cryptography. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 62–74. Springer, Heidelberg (1997)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Kubiak, P., Kutyłowski, M. (2014). Supervised Usage of Signature Creation Devices. In: Lin, D., Xu, S., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2013. Lecture Notes in Computer Science(), vol 8567. Springer, Cham. https://doi.org/10.1007/978-3-319-12087-4_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-12087-4_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-12086-7
Online ISBN: 978-3-319-12087-4
eBook Packages: Computer ScienceComputer Science (R0)