Cryptology ePrint Archive: Report 2006/297

Forward-Secure Signatures with Untrusted Update

Xavier Boyen and Hovav Shacham and Emily Shen and Brent Waters

Abstract: In most forward-secure signature constructions, a program that updates a user's private signing key must have full access to the private key. Unfortunately, these schemes are incompatible with several security architectures including Gnu Privacy Guard (GPG) and S/MIME, where the private key is encrypted under a user password as a ``second factor'' of security, in case the private key storage is corrupted, but the password is not.

We introduce the concept of forward-secure signatures with untrusted update, where the key update can be performed on an encrypted version of the key. Forward secure signatures with untrusted update allow us to add forward security to signatures, while still keeping passwords as a second factor of security. We provide a construction that has performance characteristics comparable with the best existing forward-secure signatures. In addition, we describe how to modify the Bellare-Miner forward secure signature scheme to achieve untrusted update.

Category / Keywords: public-key cryptography /

Publication Info: An extended abstract is to appear in ACM CCS 2006.

Date: received 30 Aug 2006

Contact author: xb at boyen org

Available format(s): PDF | BibTeX Citation

Version: 20060831:090528 (All versions of this report)

Short URL: ia.cr/2006/297

Discussion forum: Show discussion | Start new discussion