Modeling Long-Term Signature Validation for Resolution of Dispute

  • Moez Ben MBarka
  • Francine Krief
  • Olivier Ly
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6993)


This paper considers the case where a dispute occurs between a verifier and a signer about the validity of a digital signature. In non-repudiation services such dispute may occur long after the signature creation and approval. We present a security model for digital signature validation with the notion of dispute. The first contribution of this paper is the definition of the semantics of a Resolution of Dispute Rule (RDR ) in the scope of this model. The second contribution is a calculus for reasoning about the validation of digital signatures at a particular date which may be in the past (so-called long-term signature validation). This calculus is then used to implement the RDR. The usefulness of the calculus is demonstrated through modeling Evidence Record Syntax (ERS), one of the main protocols used in practice for long-term signature validation.


long-term signature validation resolution of dispute formal calculus Public Key Infrastructure 


  1. 1.
    Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Public key infrastructure: Certificate and CRL profile, IETF, Tech. Rep. RFC 5280 (2008)Google Scholar
  2. 2.
    Aarnes, A.: Public key certificate revocation schemes, Ph.D. dissertation, Norwegian University of Science (2000)Google Scholar
  3. 3.
    ETSI, Algorithms and parameters for secure electronic signatures; part 1: Hash functions and asymmetric algorithms, Tech. Rep. ETSI TS 102 176-1 V2.0.0 (2007)Google Scholar
  4. 4.
    Jerman Blaič, A., Klobučar, T., Jerman, B.D.: Long-term trusted preservation service using service interaction protocol and evidence records. Comput. Stand. Interfaces 29 (2007)Google Scholar
  5. 5.
    Huhnlein, D., Korte, U., Langer, L., Wiesmaier, A.: A comprehensive reference architecture for trustworthy long-term archiving of sensitive data. In: Third International Conference on New Technologies, Mobility and Security (2009)Google Scholar
  6. 6.
    Troncoso, C., De Cock, D., Preneel, B.: Improving secure long-term archival of digitally signed documents. In: Proceedings of the 4th ACM International Workshop on Storage Security and Survivability, pp. 27–36. ACM, New York (2008)CrossRefGoogle Scholar
  7. 7.
    ETSI, CMS Advanced Electronic Signatures, Tech. Rep. ETSI TS 101 733 (2008)Google Scholar
  8. 8.
    Gondrom, T., Brandner, R., Pordesch, U.: Evidence Record Syntax (ERS), Tech. Rep. RFC4998 (2007)Google Scholar
  9. 9.
    Maurer, U.M.: Modelling a public-key infrastructure. In: Martella, G., Kurth, H., Montolivo, E., Hwang, J. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 325–350. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  10. 10.
    Marchesini, J., Smith, S.: Modeling public key infrastructures in the real world. In: Chadwick, D., Zhao, G. (eds.) EuroPKI 2005. LNCS, vol. 3545, pp. 118–134. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Bicakci, K., Crispo, B., Tanenbaum, A.S.: How to incorporate revocation status information into the trust metrics for public-key certification. In: Proceedings of the 2005 ACM Symposium on Applied Computing, pp. 1594–1598. ACM, New York (2005)CrossRefGoogle Scholar
  12. 12.
    Baier, H., Karatsiolis, V.: Validity models of electronic signatures and their enforcement in practice. In: Martinelli, F., Preneel, B. (eds.) EuroPKI 2009. LNCS, vol. 6391, pp. 255–270. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  13. 13.
    Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17, 281–308 (1988)MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Walleck, D., Li, Y., Xu, S.: Empirical analysis of certificate revocation lists. In: Atluri, V. (ed.) DAS 2008. LNCS, vol. 5094, pp. 159–174. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  15. 15.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. Discrete Mathematics and Its Applications. CRC Press, Boca Raton (1997)zbMATHGoogle Scholar
  16. 16.
    FNISA, Annexe B1 - règles et recommandations concernant le choix et le dimensionnement des mécanismes cryptographique, French Network and Information Security Agency, Tech. Rep. Version 1.20 du (janvier 26, 2010)Google Scholar
  17. 17.
    ETSI, Provision of harmonized trust service provider status information, Tech. Rep. ETSI TS 102 231 V3.1.2 (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Moez Ben MBarka
    • 1
    • 2
  • Francine Krief
    • 2
  • Olivier Ly
    • 2
  1. 1.Cryptolog InternationalParisFrance
  2. 2.LaBRIUniversity of Bordeaux 1TalenceFrance

Personalised recommendations