The goal of this research is to find a mechanism to guarantee that a file stored in a conventional file system, on disk, has not been modified. Our proposal for achieving that goal is a smart card based DSFS (Digital Sealed File System). The main idea is to send only the hash value of a document to the SmartCard together with the unique document identification. After creation of public/private key pair and hash value encryption, SmartCard destroys private key. This yields a final signature and public key as output. Therefore, sending confidential key material from SmartCard to a system is completely avoided. Since hash value is small data, limited bandwidth to the card for transferring large documents for encryption is not a problem. However, there are some possible drawbacks of the proposed idea. An attacker is able to circumvent the signing process in SmartCard and to act as SigningTool. Moreover, publishing of public key is the issue of the DSFS architecture and public key distribution is too complex and unreliable solution. Here we describe a possibility of overcoming these problems.
[1]
Matt Blaze,et al.
Key Management in an Encrypting File System
,
1994,
USENIX Summer.
[2]
Yongge Wang,et al.
Fast and Secure Magnetic WORM Storage Systems
,
2003,
Second IEEE International Security in Storage Workshop.
[3]
Axelle Apvrille,et al.
Streamed or detached triple integrity for a time stamped secure storage system
,
2002,
First International IEEE Security in Storage Workshop, 2002. Proceedings..
[4]
Alfred Menezes,et al.
Handbook of Applied Cryptography
,
2018
.
[5]
Carlisle M. Adams,et al.
Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)
,
2001,
RFC.
[6]
Stuart Haber,et al.
How to time-stamp a digital document
,
1990,
Journal of Cryptology.
[7]
William M. Daley,et al.
Security Requirements for Cryptographic Modules
,
1999
.
[8]
J. Hughes,et al.
A Time Stamped Virtual WORM System
,
2002
.