Supervised Usage of Signature Creation Devices

  • Przemysław Kubiak
  • Mirosław Kutyłowski
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8567)


We propose an effective scheme for controlling usage of secure signature creation devices (SSCD). With cryptographic means we assure that an inspector can check whether an (ordered) list of signatures at hand is the complete list of signatures created by the device. Our scheme is devoted to some applications like automatic creation of invoices or contract signing by a legal representative of a company.

The inspection procedure is probabilistic with no false-negatives and low probability of false-positives. It requires extra private keys known only by the inspector. So it cannot be executed by the holder of an SSCD – this has to prevent testing integrity of the list after list manipulations searching for a false-positive result.

Our solution works for a wide class of signatures based on Discrete Logarithm Problem without any changes of the signature format.

We provide formal security proofs as well as discuss implementation issues.


Secure signature creation device (sscd) Smart card Qualified signature Controlled usage Discrete Logarithm Problem Diffie-Hellman Problem ElGamal signature Schnorr signature DSA ECDSA 


  1. 1.
    ANSI: X9.62:2005 public key cryptography for the financial services industry: The elliptic curve Digital Signature Algorithm (ECDSA) (2005)Google Scholar
  2. 2.
    Bender, J., Dagdelen, Ö., Fischlin, M., Kügler, D.: The PACE\(|\)AA protocol for machine readable travel documents, and its security. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 344–358. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  3. 3.
    Bichsel, P., Camenisch, J., Groß, T., Shoup, V.: Anonymous credentials on a standard Java card. In: Al-Shaer, E., Jha, S., Keromytis, A.D. (eds.) ACM Conference on Computer and Communications Security, pp. 600–610. ACM (2009)Google Scholar
  4. 4.
    Boneh, D., Ding, X., Tsudik, G., Wong, C.M.: Instantenous revocation of security capabilities. In: USENIX Security Symposium (2001)Google Scholar
  5. 5.
    Bundesnetzagentur für Elektrizität, Gas, Telekommunikation, Post und Eisenbahnen: Bekanntmachung zur elektronischen Signatur nach dem Signaturgesetz und der Signaturverordnung (Übersicht über geeignete Algorithmen). Draft, 10 October 2013Google Scholar
  6. 6.
  7. 7.
    European Commision: Proposal for a regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market, 4 June 2012Google Scholar
  8. 8.
    European Parliament and of the European Council: Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. Official Journal of the European Communities L(13), 19 Jan 2000Google Scholar
  9. 9.
    Feige, U., Fiat, A., Shamir, A.: Zero-knowledge proofs of identity. J. Cryptol. 1(2), 77–94 (1988)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Guillou, L.C., Quisquater, J.-J.: A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 123–128. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  11. 11.
    IEEE: IEEE P1363: Standard specification for public key cryptography (2000)Google Scholar
  12. 12.
    ISO: ISO/IEC 9796–3:2006 Information technology - Security techniques - Digital signature schemes giving message recovery - Part 3: Discrete logarithm based mechanisms (2006)Google Scholar
  13. 13.
    ISO/IEC: 14888–3:2006 Information technology - Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms (2006)Google Scholar
  14. 14.
    Krzywiecki, Ł., Kubiak, P., Kutyłowski, M.: Stamp and extend – instant but undeniable timestamping based on lazy trees. In: Mitchell, C.J., Tomlinson, A. (eds.) INTRUST 2012. LNCS, vol. 7711, pp. 5–24. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  15. 15.
    Nicolosi, A., Krohn, M.N., Dodis, Y., Mazières, D.: Proactive two-party signatures for user authentication. In: NDSS, The Internet Society (2003)Google Scholar
  16. 16.
    NIST: FIPS publication 186–4: Digital Signature Standard (DSS) (2013)Google Scholar
  17. 17.
    RSA Laboratories: PKCS#1 v2.1 – RSA Cryptography Standard + Errata (2005)Google Scholar
  18. 18.
    Schnorr, C.-P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, Heidelberg (1990)Google Scholar
  19. 19.
    Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. IACR Cryptology ePrint Archive 332 (2004)Google Scholar
  20. 20.
    Young, A., Yung, M.: Kleptography: using cryptography against cryptography. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 62–74. Springer, Heidelberg (1997)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.Faculty of Fundamental Problems of TechnologyWrocław University of TechnologyWrocławPoland

Personalised recommendations