Minimizing TTP's involvement in signature validation

A digital signature applied on a message could serve as irrefutable cryptographic evidence to prove its origin and integrity. However, evidence solely based on digital signatures may not enforce strong non-repudiation. Additional mechanisms are needed to make digital signatures as valid non-repudiation evidence in the settlement of possible disputes. Most of existing mechanisms for maintaining the validity of digital signatures rely on the supporting services from trusted third parties, e.g., time-stamping and certificate revocation. Obviously, this is less efficient for on-line transactions. In this paper, we propose two new schemes for validating digital signatures as non-repudiation evidence that minimize the trusted third party's involvement.

[1]  Robert H. Deng,et al.  Validating Digital Signatures without TTP's Time-Stamping and Certificate Revocation , 2003, ISC.

[2]  Yaron Sella On The Computation-Storage Trade-Offs of Hash Chain Traversal , 2003, Financial Cryptography.

[3]  Hugo Krawczyk,et al.  Simple forward-secure signatures from any signature scheme , 2000, IACR Cryptol. ePrint Arch..

[4]  Dawn Xiaodong Song,et al.  Practical forward secure group signature schemes , 2001, CCS '01.

[5]  Jianying Zhou Maintaining the Validity of Digital Signatures in B2B Applications , 2002, ACISP.

[6]  Leonid Reyzin,et al.  A New Forward-Secure Digital Signature Scheme , 2000, ASIACRYPT.

[7]  Jianying Zhou,et al.  Securing digital signatures for non-repudiation , 1999, Comput. Commun..

[8]  Selim G. Aki Digital signatures: A tutorial survey , 1983, Computer.

[9]  Carlisle M. Adams,et al.  X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP , 1999, RFC.

[10]  Gene Itkis,et al.  SiBIR: Signer-Base Intrusion-Resilient Signatures , 2002, CRYPTO.

[11]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Gene Itkis,et al.  Forward-Secure Signatures with Optimal Signing and Verifying , 2001, CRYPTO.

[13]  Shouhuai Xu,et al.  Strong Key-Insulated Signature Schemes , 2003, Public Key Cryptography.

[14]  Kellogg S. Booth Authentication of signatures using public key encryption , 1981, CACM.

[15]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and CRL Profile , 1999, RFC.

[16]  Michael Merritt,et al.  Protocols for Data Security , 1983, Computer.

[17]  Carlisle M. Adams,et al.  Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) , 2001, RFC.

[18]  Jianying Zhou Non-Repudiation in Electronic Commerce , 2002, DEXA Workshops.

[19]  Tal Malkin,et al.  Efficient Generic Forward-Secure Signatures with an Unbounded Number Of Time Periods , 2002, EUROCRYPT.

[20]  X Itu,et al.  Information technology-open systems interconnection-the directory: Public-key and attribute certific , 2000 .

[21]  Leonid Reyzin,et al.  Forward-Secure Signatures with Fast Key Update , 2002, SCN.

[22]  Thomas D. Wu The Secure Remote Password Protocol , 1998, NDSS.

[23]  Mihir Bellare,et al.  A Forward-Secure Digital Signature Scheme , 1999, CRYPTO.