Tamper-evident digital signatures: Protecting certification Authorities against malware

Jong Youl Choi, Philippe Golle, Markus Jakobsson

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

19 Scopus citations

Abstract

We introduce the notion of tamper-evidence for digital signature generation in order to defend against attacks aimed at covertly leaking secret information held by corrupted signing nodes. This is achieved by letting observers (which need not be trusted) verify the absence of covert channels by means of techniques we introduce herein. We call our signature schemes tamper-evident since any deviation from the protocol is immediately detectable. We demonstrate our technique for the RSA-PSS (known as RSA's Probabilistic Signature Scheme) and DSA signature schemes and show how the same technique can be applied to the Schnorr and Feige-Fiat-Shamir (FFS) signature schemes. Our technique does not modify the distribution of the generated signature transcripts, and has only a minimal overhead in terms of computation, communication, and storage.

Original languageEnglish
Title of host publicationProceedings - 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing, DASC 2006
Pages37-44
Number of pages8
DOIs
StatePublished - 2006
Externally publishedYes
Event2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing, DASC 2006 - Indianapolis, IN, United States
Duration: Sep 29 2006Oct 1 2006

Publication series

NameProceedings - 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing, DASC 2006

Conference

Conference2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing, DASC 2006
Country/TerritoryUnited States
CityIndianapolis, IN
Period09/29/0610/1/06

Fingerprint

Dive into the research topics of 'Tamper-evident digital signatures: Protecting certification Authorities against malware'. Together they form a unique fingerprint.

Cite this