Cryptology ePrint Archive: Report 2005/147

Tamper-Evident Digital Signatures: Protecting Certification Authorities Against Malware

Jong Youl Choi and Philippe Golle and Markus Jakobsson

Abstract: We introduce the notion of tamper-evidence for digital signature generation in order to defend against attacks aimed at covertly leaking secret information held by corrupted network nodes. This is achieved by letting observers (which need not be trusted) verify the absence of covert channels by means of techniques we introduce herein. We call our signature schemes tamper-evident since any deviation from the protocol is immediately detectable. We demonstrate our technique for RSA-PSS and DSA signature schemes and how the same technique can be applied to Feige-Fiat-Shamir (FFS) and Schnorr signature schemes. Our technique does not modify the distribution of the generated signature transcripts, and has only a minimal overhead in terms of computation, communication, and storage. Keywords. covert channel, malware, observer, subliminal channel, tamper-evident, undercover

Category / Keywords: cryptographic protocols / covert channel, malware, observer, subliminal channel, tamper-evident, undercover

Date: received 23 May 2005

Contact author: jychoi at cs indiana edu

Available format(s): PDF | BibTeX Citation

Version: 20050523:200527 (All versions of this report)

Short URL: ia.cr/2005/147

Discussion forum: Show discussion | Start new discussion