Abstract
This paper considers the case where a dispute occurs between a verifier and a signer about the validity of a digital signature. In non-repudiation services such dispute may occur long after the signature creation and approval. We present a security model for digital signature validation with the notion of dispute. The first contribution of this paper is the definition of the semantics of a Resolution of Dispute Rule (RDR ) in the scope of this model. The second contribution is a calculus for reasoning about the validation of digital signatures at a particular date which may be in the past (so-called long-term signature validation). This calculus is then used to implement the RDR. The usefulness of the calculus is demonstrated through modeling Evidence Record Syntax (ERS), one of the main protocols used in practice for long-term signature validation.
Chapter PDF
Similar content being viewed by others
References
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Public key infrastructure: Certificate and CRL profile, IETF, Tech. Rep. RFC 5280 (2008)
Aarnes, A.: Public key certificate revocation schemes, Ph.D. dissertation, Norwegian University of Science (2000)
ETSI, Algorithms and parameters for secure electronic signatures; part 1: Hash functions and asymmetric algorithms, Tech. Rep. ETSI TS 102 176-1 V2.0.0 (2007)
Jerman Blaič, A., Klobučar, T., Jerman, B.D.: Long-term trusted preservation service using service interaction protocol and evidence records. Comput. Stand. Interfaces 29 (2007)
Huhnlein, D., Korte, U., Langer, L., Wiesmaier, A.: A comprehensive reference architecture for trustworthy long-term archiving of sensitive data. In: Third International Conference on New Technologies, Mobility and Security (2009)
Troncoso, C., De Cock, D., Preneel, B.: Improving secure long-term archival of digitally signed documents. In: Proceedings of the 4th ACM International Workshop on Storage Security and Survivability, pp. 27–36. ACM, New York (2008)
ETSI, CMS Advanced Electronic Signatures, Tech. Rep. ETSI TS 101 733 (2008)
Gondrom, T., Brandner, R., Pordesch, U.: Evidence Record Syntax (ERS), Tech. Rep. RFC4998 (2007)
Maurer, U.M.: Modelling a public-key infrastructure. In: Martella, G., Kurth, H., Montolivo, E., Hwang, J. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 325–350. Springer, Heidelberg (1996)
Marchesini, J., Smith, S.: Modeling public key infrastructures in the real world. In: Chadwick, D., Zhao, G. (eds.) EuroPKI 2005. LNCS, vol. 3545, pp. 118–134. Springer, Heidelberg (2005)
Bicakci, K., Crispo, B., Tanenbaum, A.S.: How to incorporate revocation status information into the trust metrics for public-key certification. In: Proceedings of the 2005 ACM Symposium on Applied Computing, pp. 1594–1598. ACM, New York (2005)
Baier, H., Karatsiolis, V.: Validity models of electronic signatures and their enforcement in practice. In: Martinelli, F., Preneel, B. (eds.) EuroPKI 2009. LNCS, vol. 6391, pp. 255–270. Springer, Heidelberg (2010)
Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17, 281–308 (1988)
Walleck, D., Li, Y., Xu, S.: Empirical analysis of certificate revocation lists. In: Atluri, V. (ed.) DAS 2008. LNCS, vol. 5094, pp. 159–174. Springer, Heidelberg (2008)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. Discrete Mathematics and Its Applications. CRC Press, Boca Raton (1997)
FNISA, Annexe B1 - règles et recommandations concernant le choix et le dimensionnement des mécanismes cryptographique, French Network and Information Security Agency, Tech. Rep. Version 1.20 du (janvier 26, 2010)
ETSI, Provision of harmonized trust service provider status information, Tech. Rep. ETSI TS 102 231 V3.1.2 (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ben MBarka, M., Krief, F., Ly, O. (2012). Modeling Long-Term Signature Validation for Resolution of Dispute. In: Mödersheim, S., Palamidessi, C. (eds) Theory of Security and Applications. TOSCA 2011. Lecture Notes in Computer Science, vol 6993. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27375-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-27375-9_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27374-2
Online ISBN: 978-3-642-27375-9
eBook Packages: Computer ScienceComputer Science (R0)