Modeling Long-Term Signature Validation for Resolution of Dispute

This paper considers the case where a dispute occurs between a verifier and a signer about the validity of a digital signature. In non-repudiation services such dispute may occur long after the signature creation and approval. We present a security model for digital signature validation with the notion of dispute. The first contribution of this paper is the definition of the semantics of a Resolution of Dispute Rule (RDR ) in the scope of this model. The second contribution is a calculus for reasoning about the validation of digital signatures at a particular date which may be in the past (so-called long-term signature validation). This calculus is then used to implement the RDR. The usefulness of the calculus is demonstrated through modeling Evidence Record Syntax (ERS), one of the main protocols used in practice for long-term signature validation.

[1]  Elisa Bertino,et al.  Computer Security — ESORICS 96 , 1996, Lecture Notes in Computer Science.

[2]  Sean W. Smith,et al.  Modeling Public Key Infrastructures in the Real World , 2005, EuroPKI.

[3]  Kenneth H. Rosen,et al.  Discrete Mathematics and its applications , 2000 .

[4]  Harald Baier,et al.  Validity Models of Electronic Signatures and Their Enforcement in Practice , 2009, EuroPKI.

[5]  Andrea Omicini,et al.  Proceedings of the 2005 ACM Symposium on Applied Computing (SAC), Santa Fe, New Mexico, USA, March 13-17, 2005 , 2005, SAC.

[6]  William Yurcik,et al.  Proceedings of the 4th ACM international workshop on Storage security and survivability , 2008, CCS 2008.

[7]  Günther Pernul,et al.  Public Key Infrastructures, Services and Applications , 2011, Lecture Notes in Computer Science.

[8]  Gianluca Ramunno,et al.  Electronic Signatures and Infrastructures (ESI); Provision of harmonized Trust-service status information , 2006 .

[9]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[10]  Detlef Hühnlein,et al.  A Comprehensive Reference Architecture for Trustworthy Long-Term Archiving of Sensitive Data , 2009, 2009 3rd International Conference on New Technologies, Mobility and Security.

[11]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[12]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and CRL Profile , 1999, RFC.

[13]  Ralf Brandner,et al.  Evidence Record Syntax (ERS) , 2007, RFC.

[14]  Ueli Maurer,et al.  Modelling a Public-Key Infrastructure , 1996, ESORICS.

[15]  Tomaz Klobucar,et al.  Long-term trusted preservation service using service interaction protocol and evidence records , 2007, Comput. Stand. Interfaces.

[16]  Fazel Ahmad Azizi Advanced Electronic Signature , 2011 .

[17]  Bart De Decker,et al.  A Privacy-Preserving Ticketing System , 2008, DBSec.

[18]  Shouhuai Xu,et al.  Empirical Analysis of Certificate Revocation Lists , 2008, DBSec.

[19]  Carmela Troncoso,et al.  Improving secure long-term archival of digitally signed documents , 2008, StorageSS '08.

[20]  Kemal Bicakci,et al.  How to incorporate revocation status information into the trust metrics for public-key certification , 2005, SAC '05.