Polish Concepts for Securing E-Government Document Flow
One of the basic problems in electronic documents flow in public administration is authentication of documents and fulfilling all related legal and technical requirements. The situation in public administration is in many ways easier that in general flow of legal documents. Here, the citizens and representatives of public bodies are the actors of the process well defined and known in the system.
A number of technical and legal solutions are aimed to make electronic documents flow easier and more reliable. Out of these, the main components are: electronic seal and personal signature.
In this paper we focus on requirements and their technical feasibility concerning personal signatures. The idea is to provide means for signing documents exchanged between citizens and public bodies so that
immediate disabling of a signature card is possible, and
the signing time is undeniable.
Technical solutions that we propose are based on mediated signatures. In particular, this enables to control ID-card usage against predefined policies (e.g. usage limited to particular time periods, frequency, etc.). In this scenario, a card can be disabled instantly therefore preventing creation of disputable signatures.
In particular, we propose signatures based on hash signatures. For RSA, we propose to embed a deterministic signature based on discrete logarithm problem into padding algorithm. This makes the signatures independent of security of a single algebraic problem.
KeywordsHash Function Smart Card Public Administration Discrete Logarithm Problem Public Body
Unable to display preview. Download preview PDF.
- Buchmann, Johannes /Dahmen, Erik /Klintsevich, Elena /Okeya, Katsuyuki /Vuillaume, Camille: Merkle signatures with virtually unlimited signature capacity. In Jonathan Katz/Moti Yung, editors, ACNS, volume 4521 of LNCS. Springer. ISBN 978-3-540-72737-8, pp. 31–45.Google Scholar
- Boneh, Dan/Ding, Xuhua/Tsudik, Gene/Wong, Chi Ming: A method for fast revocation of public key certicates and security capabilities. In SSYM’01: Proceedings of the 10th conference on USENIX Security Symposium. USENIX Association, Berkeley, CA, USA, pp. 22–22.Google Scholar
- Buchmann, Johannes/Garca, Luis Carlos Coronado/Dahmen, Erik/Doering, Martin/Klintsevich, Elena: CMSS - an improved Merkle signature scheme. In Rana Barua/Tanja Lange, editors, INDOCRYPT, volume 4329 of LNCS. Springer. ISBN 3-540-49767-6, pp. 349–363.Google Scholar
- Błaśkiewicz, Przemysław/Kubiak, Przemysław/Kutyłowski Mirosław: Digital signatures for egovernment - a long-term security architecture. Accepted for publication in proceedings of the e-Forensics conference, Shanghai, China, November 10–12, 2010.Google Scholar
- Black, John/Rogaway, Phillip/Shrimpton, Thomas: Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV. Cryptology ePrint Archive, Report 2002/066, 2002.Google Scholar
- Dahmen, Erik/Okeya, Katsuyuki/Takagi, Tsuyoshi/Vuillaume, Camille: Digital signatures out of second-preimage resistant hash functions. In Johannes Buchmann/Jintai Ding, editors, PQCrypto, volume 5299 of LNCS. Springer. ISBN 978-3-540-88402-6, pp. 109–123.Google Scholar
- Infineon Technologies AG: Chip Card & Security: SLE 66CLX800PE(M) Family, 8/16-Bit High Security Dual Interface Controller For Contact based and Contactless Applications, 2009.Google Scholar
- Lamport, Leslie: Constructing digital signatures from a one way function. Technical Report CSL- 98, SRI International Computer Science Laboratory, 1979.Google Scholar
- Merkle, Ralph C.: A certied digital signature. In Gilles Brassard, editor, CRYPTO, volume 435 of LNCS. Springer. ISBN 3-540-97317-6, pp. 218–238.Google Scholar
- Naor, Dalit /Shenhav, Amir /Wool, Avishai: One-Time Signatures Revisited: Have They Become Practical? Cryptology ePrint Archive, Report 2005/442, 2005.Google Scholar
- Rohde, Sebastian/Eisenbarth, Thomas/Dahmen, Erik/Buchmann, Johannes/Paar, Christof: Fast hash-based signatures on constrained devices. In Gilles Grimaud/Francois-Xavier Standaert, editors, CARDIS, volume 5189 of LNCS. Springer. ISBN 978-3-540-85892-8, pp. 104–117.Google Scholar
- Reyzin, Leonid/Reyzin, Natan: Better than BiBa: Short onetime signatures with fast signing and verifying. In Lynn Margaret Batten/Jennifer Seberry, editors, ACISP, volume 2384 of LNCS. Springer. ISBN 3-540-43861-0, pp. 144–153.Google Scholar
- RSA Laboratories: PKCS#1 v2.1 — RSA Cryptography Standard + Errata, 2005.Google Scholar