Abstract
Consider an application where a human user has to digitally sign a message. It is usually assumed that she has a trusted computer at her disposal, however, this assumption does not hold in several practical cases, especially if the user is mobile. Smart cards have been proposed to solve this problem, but they do not have a user interface, therefore the user still needs a (potentially untrusted) terminal to authorize the card to produce digital signatures. In order to mitigate this problem, we proposed a solution based on conditional signatures to provide a framework for the repudiation of unintended signatures. Our previous solution relies on a trusted third party who is able to link the issuer of the signature with the intended recipient, which may lead to severe privacy problems. In this paper we extend our framework and propose protocols that allow the user to retain her privacy with respect to this trusted third party.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abadi, M., Burrows, M., Kaufman, C., and Lampson, B. (1992). Authentication and Delegation with Smart-cards. Theoretical Aspects of Computer Software: Proc. of the International Conference TACS’91, Springer, Berlin, Heidelberg.
Anonymizer Inc. (1999).. http://www.anonymizer.com.
Asokan, N., Debar, Hervé, Steiner, Michael, and Waidner, Michael (1999). Authenticating Public Terminals. Computer Networks, 1999.
Berta, I. Zs. and Vajda, I. (2003). Documents from Malicious Terminals. SPIE Microtechnologies for the New Millenium 2003, Bioengineered and Bioinspired Systems, Maspalomas, Spain.
Berta, István Zsolt, Buttyán, Levente, and Vajda, István (2004). Mitigating the Untrusted Terminal Problem Using Conditional Signatures. Proceedings of International Conference on Information Technology ITCC 2004, IEEE, 2004, IEEE, Las Vegas, NV, USA, April.
Brands, S. A. (1994). Untraceable off-line cash in wallets with observers. In Crypto’93 Springer-Verlag, LNCS 773 pp. 302–318.
Chaum, David (1981). Untraceable electronic mail, return addresses and digital pseudonyms. Communications of the ACM, v24, n.2 pp.84–88.
Chaum, David (1982). Blind signatures for untraceable payments. Advances in Proceedings of Crypto 82, D. Chaum, R.L. Rivest, & A.T. Sherman (Eds.), Plenum, pp. 199–203.
Clarke, Dwaine, Gassend, Blaise, Kotwal, Thomas, Burnside, Matt, Dijk, Marten van, Devadas, Srinivas, and Rivest, Ronald (2002). The Untrusted Computer Problem and Camera-Based Authentication.
Franklin, M. and Yung, M. (1992). Towards provably secure efficient electronic cash. Columbia Univ. Dept. of CS TR CSUCS-018-92.
Jakobsson, M. and Raïhi, D. (1998). Mix-based electronic payments. Fifth Annual Workshop on Selected Areas in Cryptography (SAC’98), Queen’s University, Kingston, Ontario, Canada.
Lee, B and Kim, K (2002). Fair Exchange of Digital Signatures using Conditional Signature. SCIS 2002, Symposium on Cryptography and Information Security.
Matsumoto, T (1996). Human-Computer cryptography: An attempt. In ACM Conference on Computer and Communications Security, pp 68–75.
Naor, Moni (1991). Bit Commitment Using Pseudo-Randomness. Journal of Cryptology: the journal of the International Association for Cryptologic Research, volume 2, pp 151–158.
Naor, Moni and Pinkas, Benny (1997). Visual Authentication and Identification. Lecture Notes in Computer Science, volume 1294.
Naor, Moni and Shamir, Adi (1995). Visual Cryptography. Lecture Notes in Computer Science, vol 950, pp 1–12, 1995, http://citeseer.nj.nac.com/naor95visual.html.
Rankl, W. and Effing, W. (1997). Smart Card Handbook. John Wiley & Sons, 2nd edition, ISBN: 0471988758.
Rivest, R (2001). Issues in Cryptography. Computers, Freedom, Privacy 2001 Conference http://theory.lcs.mit.edu/~rivest/Rivest-IssuessInCryptography.pdf.
Schneier, B. and Shostack, A. (1999). Breaking up is Hard to do: Modelling security threats for smart cards. USENIX Workshop on Smart Card Technology, Chicago, Illinois, USA, http://www.counterpane.com/smart-card-threats.html.
Schneier, Bruce (1996). Applied Cryptography. John Wiley & Sons, ISBN: 0471117099.
Schneier, Bruce (1999). The Solitaire Encryption Algorithm. http://www.counterpane.com/solitaire.htm.
Stabell-Kulo, Tage, Arild, Ronny, and Myrvang, Per Harald (1999). Providing Authentication to Messages Signed with a Smart Card in Hostile Environments. Usenix Workshop on Smart Card Technology, Chicago, Illinois, USA, May 10–11, 1999.
Syverson, Paul, F., Goldschlag, David M., and Reed, Michael G. (1997). Anonymous Connections and Onion Routing. IEEE Symposium on Security and Privacy, Oakland, California.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer Science + Business Media, Inc.
About this paper
Cite this paper
Berta, I.Z., Buttyán, L., Vajda, I. (2004). Privacy Protecting Protocols for Revokable Digital Signatures. In: Quisquater, JJ., Paradinas, P., Deswarte, Y., El Kalam, A.A. (eds) Smart Card Research and Advanced Applications VI. IFIP International Federation for Information Processing, vol 153. Springer, Boston, MA. https://doi.org/10.1007/1-4020-8147-2_5
Download citation
DOI: https://doi.org/10.1007/1-4020-8147-2_5
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4020-8146-0
Online ISBN: 978-1-4020-8147-7
eBook Packages: Springer Book Archive