On the Theory and Practice of Personal Digital Signatures

We take a step towards a more realistic modeling of personal digital signatures, where a human user, his mobile equipment, his PC and a server are all considered as independent players in the protocol, and where only the human user is assumed incorruptible. We then propose a protocol for issuing digital signatures on behalf of the user. This protocol is proactively UC-secure assuming at most one player is corrupted in every operational phase. In more practical terms, this means that one can securely sign using terminals (PC's) that are not necessarily trusted, as long as the mobile unit and the PC are not both corrupted at the same time. In other words, our solution cannot be broken by phising or key-logging via the PC. The protocol allows for mobile units with very small computing power by securely outsourcing computation to the PC and also allows usage of any PC that can communicate properly. Finally, we report on the results of a prototype implementation of our solution.

[1]  Hugo Krawczyk,et al.  Robust and Efficient Sharing of RSA Functions , 1996, CRYPTO.

[2]  Yehuda Lindell,et al.  Universally Composable Password-Based Key Exchange , 2005, EUROCRYPT.

[3]  Paul C. van Oorschot,et al.  Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer , 2007, Financial Cryptography.

[4]  Michael Waidner,et al.  Secure password-based cipher suite for TLS , 2001, NDSS.

[5]  Tal Rabin,et al.  A Simplified Approach to Threshold and Proactive RSA , 1998, CRYPTO.

[6]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[7]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[8]  Ivan Damgård,et al.  Simplified Threshold RSA with Adaptive and Proactive Security , 2006, EUROCRYPT.

[9]  Birgit Pfitzmann,et al.  SEMPER - Secure Electronic Marketplace for Europe , 2000, Lecture Notes in Computer Science.

[10]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[11]  Ivan Damgård,et al.  Practical Threshold RSA Signatures without a Trusted Dealer , 2000, EUROCRYPT.

[12]  Dan Boneh,et al.  TWENTY YEARS OF ATTACKS ON THE RSA CRYPTOSYSTEM , 1999 .

[13]  Shouhuai Xu,et al.  Key-Insulated Public Key Cryptosystems , 2002, EUROCRYPT.

[14]  Amir Herzberg,et al.  Payments and banking with mobile personal devices , 2003, CACM.

[15]  Gene Itkis,et al.  SiBIR: Signer-Base Intrusion-Resilient Signatures , 2002, CRYPTO.

[16]  Adrian Perrig,et al.  Phoolproof Phishing Prevention , 2006, Financial Cryptography.

[17]  Michael Baentsch,et al.  The Zurich Trusted Information Channel - An Efficient Defence Against Man-in-the-Middle and Malicious Software Attacks , 2008, TRUST.

[18]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.