Automatic event-stream notarization using digital signatures
Some digital signature algorithms (such as RSA) require messages to be padded before they are signed. Secure tokens can use these padding bits as a subliminal channel to embed auditing information in their signed messages. These auditing bits simplify protecting against lost and stolen tokens, breaks of specific protocols, hash functions, and ciphers, and attacks based on defeating a token's tamper-resistance.
KeywordsHash Function Smart Card Protocol Message Digital Signature Scheme Hash Chain
Unable to display preview. Download preview PDF.
- 1.R. Anderson, “UEPS — A Second Generation Electronic Wallet,” Computer Security — ESORICS '92, Springer-Verlag, 1992, pp. 411–418.Google Scholar
- 3.R. Anderson, “Liability and Computer Security: Nine Principles,” Computer Security — ESORICS '94, Springer-Verlag, 1994, pp. 231–245.Google Scholar
- 4.R. Anderson, “Robustness Principles for Public Key Protocols,” Advances in Cryptology — CRYPTO '95, Springer-Verlag, 1995, pp. 236–247.Google Scholar
- 5.D.W. Davies and W.L. Price, Security for Computer Networks, Second Edition, John Wiley & Sons, 1989.Google Scholar
- 7.K. Nyberg and R. Rueppel, “Message Recovery for Signature Schemes Based on the Discrete Logarithm Problem,” Advances in Cryptology-EUROCRYPT '94, Springer-Verlag, 1995, pp. 182–193.Google Scholar
- 8.J.-J. Quisquater and L. Guillou, “DSS and RSA,”presented at the rump session of Eurocrypt 1995.Google Scholar
- 9.RSA Laboratories, “Public Key Cryptography Standards #1: RSA Encryption Standard,” version 1.5, 1 November 1993.Google Scholar
- 10.B. Schneier, Applied Cryptography, 2nd Edition, John Wiley & Sons, 1996.Google Scholar
- 11.G.J. Simmons, “The Prisoner's Problem and the Subliminal Channel,” Advances in Cryptology: Proceedings of CRYPTO '83, Plenum Press, 1984, pp. 51–67.Google Scholar
- 12.W.B. Sweet, “Commercial Automated Key Escrow (CAKE): An Exportable Strong Encryption Proposal, Version 2.0,” National Semiconductor iPower Business Unit, 4 June 1995.Google Scholar