Sciweavers

PKC
2009
Springer

On the Theory and Practice of Personal Digital Signatures

15 years 3 days ago
On the Theory and Practice of Personal Digital Signatures
We take a step towards a more realistic modeling of personal digital signatures, where a human user, his mobile equipment, his PC and a server are all considered as independent players in the protocol, and where only the human user is assumed incorruptible. We then propose a protocol for issuing digital signatures on behalf of the user. This protocol is proactively UC-secure assuming at most one player is corrupted in every operational phase. In more practical terms, this means that one can securely sign using terminals (PC's) that are not necessarily trusted, as long as the mobile unit and the PC are not both corrupted at the same time. In other words, our solution cannot be broken by phising or key-logging via the PC. The protocol allows for mobile units with very small computing power by securely outsourcing computation to the PC and also allows usage of any PC that can communicate properly. Finally, we report on the results of a prototype implementation of our solution.
Gert Læssøe Mikkelsen, Ivan Damg&arin
Added 25 Nov 2009
Updated 25 Nov 2009
Type Conference
Year 2009
Where PKC
Authors Gert Læssøe Mikkelsen, Ivan Damgård
Comments (0)