A lightweight electronic signature scheme using Twitter

In many application contexts, qualified electronic signature are difficult to adopt due to cost and technological reasons. As the European legislation admits the use of (non-qualified) electronic signatures in several cases, the design of new signature protocols with cheapness and usability features is a challenging issue. In this paper, we propose a new lightweight electronic signature protocol that does not require any public key infrastructure, cryptography and dedicated device, yet guaranteeing a good level of security. The protocol is conceived for closed domains of users, such as the case of documents exchanged between employees of a company. Signature and verification processes rely on the Twitter social network and do not require any changes of its features. A system prototype has been also designed and implemented to show that the adoption of our solution is both realistic and effective.

[1]  Francesco Buccafurri,et al.  Threats to Legal Electronic Storage: Analysis and Countermeasures , 2011, EGOVIS.

[2]  Moni Naor,et al.  Visual Cryptography , 1994, Encyclopedia of Multimedia.

[3]  Byoungcheon Lee,et al.  Fair Exchange of Digital Signatures Using Conditional Signature , 2002 .

[4]  Christoph Busch,et al.  Towards Electronic Identification and Trusted Services for Biometric Authenticated Transactions in the Single Euro Payments Area , 2014, APF.

[5]  Francesco Buccafurri,et al.  Fortifying the dalì attack on digital signature , 2009, SIN '09.

[6]  Laurent Sustek Hardware Security Module , 2011, Encyclopedia of Cryptography and Security.

[7]  Tsutomu Matsumoto Human-computer cryptography: An attempt , 1998 .

[8]  Tal Rabin,et al.  Robust sharing of secrets when the dealer is honest or cheating , 1994, JACM.

[9]  Francesco Buccafurri,et al.  Driving Global Team Formation in Social Networks to Obtain Diversity , 2014, ICWE.

[10]  Levente Buttyán,et al.  Mitigating the untrusted terminal problem using conditional signatures , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[11]  Moni Naor,et al.  Visual Authentication and Identification , 1997, CRYPTO.

[12]  Francesco Buccafurri,et al.  A Model to Support Multi-Social-Network Applications , 2014, OTM Conferences.

[13]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[14]  Francesco Buccafurri,et al.  Digital Document Signing: Vulnerabilities and Solutions , 2015, Inf. Secur. J. A Glob. Perspect..

[15]  Francesco Buccafurri,et al.  A new form of assortativity in online social networks , 2015, Int. J. Hum. Comput. Stud..

[16]  Francesco Buccafurri,et al.  Social Signature: Signing by Tweeting , 2014, EGOVIS.

[17]  Stathis Mavrovouniotis,et al.  Hardware Security Modules , 2014, Secure Smart Embedded Devices, Platforms and Applications.

[18]  Audun Jøsang,et al.  Entity Authentication and Trust Validation in PKI Using Petname Systems , 2013 .