Title :
A framework for the revocation of unintended digital signatures initiated by malicious terminals
Author :
Berta, István Zsolt ; Buttyán, Levente ; Vajda, István
Author_Institution :
Dept. of Telecommun., Budapest Univ. of Technol. & Econ., Hungary
Abstract :
Human users need trusted computers when they want to generate digital signatures. In many applications, in particular, if the users are mobile, they need to carry their trusted computers with themselves. Smart cards are easy to use, easy to carry, and relatively difficult to tamper with, but they do not have a user interface; therefore, the user still needs a terminal for authorizing the card to produce digital signatures. If the terminal is malicious, it can mislead the user and obtain a digital signature on an arbitrary document. In order to mitigate this problem, we propose a solution based on conditional signatures. More specifically, we propose a framework for the controlled revocation of unintended digital signatures. We also propose a solution with a special emphasis on privacy issues.
Keywords :
authorisation; data privacy; digital signatures; card authorization; conditional signatures; electronic commerce; malicious terminals; privacy issues; unintended digital signature revocation; Application software; Cryptography; Digital signatures; Manufacturing; Privacy; Protection; Protocols; Security; Smart cards; User interfaces; Index Terms- Electronic commerce; authorization; privacy.; security;
Journal_Title :
Dependable and Secure Computing, IEEE Transactions on
DOI :
10.1109/TDSC.2005.28