Cryptology ePrint Archive: Report 2009/171

On the Theory and Practice of Personal Digital Signatures

Ivan Damgård and Gert Læssøe Mikkelsen

Abstract: (Full version of a PKC 2009 paper)

We take a step towards a more realistic modeling of personal digital signatures, where a human user, his mobile equipment, his PC and a server are all considered as independent players in the protocol, and where only the human user is assumed incorruptible. We then propose a protocol for issuing digital signatures on behalf of the user. This protocol is proactively UC-secure assuming at most one player is corrupted in every operational phase. In more practical terms, this means that one can securely sign using terminals (PC’s) that are not necessarily trusted, as long as the mobile unit and the PC are not both corrupted at the same time. In other words, our solution cannot be broken by phising or key-logging via the PC. The protocol allows for mobile units with very small computing power by securely outsourcing computation to the PC and also allows usage of any PC that can communicate properly. Finally, we report on the results of a prototype implementation of our solution.

Category / Keywords: public-key cryptography / digital signatures, RSA

Publication Info: This is a full version of a paper which apeared at PKC 2009.

Date: received 13 Apr 2009

Contact author: gertm at cs au dk

Available format(s): PDF | BibTeX Citation

Version: 20090420:144236 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]