Double-authentication-preventing signatures

Poettering, Bertram & Stebila, Douglas (2014) Double-authentication-preventing signatures. In Kutyłowski, Mirosław & Vaidya, Jaideep (Eds.) Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security, Proceedings, Part I [Lecture Notes in Computer Science, Volume 8713], Springer, Wroclaw, Poland, pp. 436-453.

[img]
Preview
Accepted Version (PDF 423kB)
[img]
Preview
Full version (PDF 513kB)
Supplemental Material.
[img] C implementation of DAPS scheme; requires gcrypt library (Archive: ZIP 7kB)
Supplemental Material. ZIP file containing C source code.

View at publisher

Abstract

Digital signatures are often used by trusted authorities to make unique bindings between a subject and a digital object; for example, certificate authorities certify a public key belongs to a domain name, and time-stamping authorities certify that a certain piece of information existed at a certain time. Traditional digital signature schemes however impose no uniqueness conditions, so a trusted authority could make multiple certifications for the same subject but different objects, be it intentionally, by accident, or following a (legal or illegal) coercion. We propose the notion of a double-authentication-preventing signature, in which a value to be signed is split into two parts: a subject and a message. If a signer ever signs two different messages for the same subject, enough information is revealed to allow anyone to compute valid signatures on behalf of the signer. This double-signature forgeability property discourages signers from misbehaving---a form of self-enforcement---and would give binding authorities like CAs some cryptographic arguments to resist legal coercion. We give a generic construction using a new type of trapdoor functions with extractability properties, which we show can be instantiated using the group of sign-agnostic quadratic residues modulo a Blum integer.

Impact and interest:

0 citations in Scopus
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

93 since deposited on 20 Jul 2014
28 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 73005
Item Type: Conference Paper
Refereed: Yes
Additional URLs:
DOI: 10.1007/978-3-319-11203-9_25
ISBN: 978-3-319-11202-2
Subjects: Australian and New Zealand Standard Research Classification > MATHEMATICAL SCIENCES (010000) > OTHER MATHEMATICAL SCIENCES (019900) > Mathematical Sciences not elsewhere classified (019999)
Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Computer System Security (080303)
Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > DATA FORMAT (080400) > Data Encryption (080402)
Divisions: Current > Institutes > Institute for Future Environments
Current > Schools > School of Mathematical Sciences
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Funding:
Copyright Owner: Copyright 2014 Springer
Deposited On: 20 Jul 2014 22:58
Last Modified: 02 Dec 2016 23:46

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page