Hard Invalidation of Electronic Signatures

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9065)

Abstract

We present a new concept for invalidating electronic signatures which, in many situations, seem to be better suited for real business and society applications. We do not rely on an administrative invalidation process executed separately for each single signing key and based on certificate revocation lists. Instead, all signatures created with a certain group are invalidated by a certain event. We propose a hard invalidation via releasing of the inherent cryptographic proof value – instead of soft invalidation via revoking certificates which leaves intact the cryptographic strength of signatures (even if legal validity is partially lost).

We present concrete efficient realizations of our ideas based on verifiable encryption, trapdoor discrete logarithm groups and ring signatures.

Keywords

electronic signature revocation deniability verifiable encryption trapdoor discrete logarithm ring signature 

References

  1. 1.
    Bellare, M., Miner, S.K.: A forward-secure digital signature scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 431–448. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  2. 2.
    Błaśkiewicz, P., Kubiak, P., Kutyłowski, M.: Two-Head Dragon Protocol: Preventing Cloning of Signature Keys. In: Chen, L., Yung, M. (eds.) INTRUST 2010. LNCS, vol. 6802, pp. 173–188. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  3. 3.
    Camenisch, J.L., Chaabouni, R., Shelat, A.: Efficient protocols for set membership and range proofs. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 234–252. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  4. 4.
    Camenisch, J., Shoup, V.: Practical verifiable encryption and decryption of discrete logarithms. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 126–144. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Dodis, Y., Katz, J., Xu, S., Yung, M.: Strong key-insulated signature schemes. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 130–144. Springer, Heidelberg (2002)Google Scholar
  6. 6.
    European Commission: Proposal for a regulation of the European Parliament and of the council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (general data protection regulation). COM, 11 (2012)Google Scholar
  7. 7.
    Federal Republic of Germany: Bundesstrafbuch. BGBl. I S. 3322 (1998)Google Scholar
  8. 8.
    Girault, M., Poupard, G., Stern, J.: On the fly authentication and signature schemes based on groups of unknown order. J. Cryptology 19(4), 463–487 (2006)MathSciNetCrossRefMATHGoogle Scholar
  9. 9.
    Itkis, G.: Cryptographic tamper evidence. IACR Cryptology ePrint Archive 31 (2003)Google Scholar
  10. 10.
    Itkis, G., Reyzin, L.: SiBIR: Signer-Base Intrusion-Resilient Signatures. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 499–514. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Klonowski, M., Kutyłowski, M., Lauks, A., Zagórski, F.: Conditional Digital Signatures. In: Katsikas, S.K., López, J., Pernul, G. (eds.) TrustBus 2005. LNCS, vol. 3592, pp. 206–215. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Krawczyk, H., Rabin, T.: Chameleon signatures. In: Network and Distributed System Security Symposium, NDSS 2000. The Internet Society (2000)Google Scholar
  13. 13.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  14. 14.
    Pfitzmann, B.: Digital Signature Schemes. LNCS, vol. 1100. Springer, Heidelberg (1996)MATHGoogle Scholar
  15. 15.
    Poupard, G., Stern, J.: On the fly signatures based on factoring. In: Motiwalla, J., Tsudik, G. (eds.) 6th ACM Conference on Computer and Communications Security, CCS 1999, pp. 37–45. ACM (1999)Google Scholar
  16. 16.
    Saltzer, J.H.: On digital signatures. Operating Systems Review 12(2), 12–14 (1978)CrossRefGoogle Scholar
  17. 17.
    The European Parliament and European Council: Regulation (EU) no 910/2014 of the European Parliamnt and of the Council on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC. Official Journal of the European Union L 257/73 (2014)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Lucjan Hanzlik
    • 1
  • Mirosław Kutyłowski
    • 1
  • Moti Yung
    • 2
  1. 1.Faculty of Fundamental Problems of TechnologyWrocław University of TechnologyWrocławPoland
  2. 2.Google Inc. and Columbia UniversityNew YorkUSA

Personalised recommendations