|
 ABSTRACT
In most forward-secure signature constructions, a program that updates a user's private signing key must have full access to the private key. Unfortunately, these schemes are incompatible with several security architectures including Gnu Privacy Guard (GPG) and S/MIME, where the private key is encrypted under a user password as a "second factor" of security, in case the private key storage is corrupted, but the password is not.We introduce the concept of forward-secure signatures with untrusted update, where the key update can be performed on an encrypted version of the key. Forward secure signatures with untrusted update allow us to add forward security to signatures, while still keeping passwords as a second factor of security. We provide a construction that has performance characteristics comparable with the best existing forward-secure signatures. In addition, we describe how to modify the Bellare-Miner forward secure signature scheme to achieve untrusted update.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
|
| |
2
|
|
| |
3
|
Ross Anderson. Invited Lecture. 4th ACM Computer and Communications Security, 1997.
|
| |
4
|
|
| |
5
|
Dan Boneh and Xavier Boyen. Efficient selective-id secure identity-based encryption without random oracles. In EUROCRYPT, pages 223--238, 2004.
|
| |
6
|
Dan Boneh, Xavier Boyen, and Eu-Jin Goh. Hierarchical identity based encryption with constant size ciphertext. In Advances in Cryptology---EUROCRYPT 2005, volume 3494 of Lecture Notes in Computer Science, pages 440--456. Berlin: Springer-Verlag, 2005.
|
| |
7
|
|
| |
8
|
Ran Canetti, Shai Halevi, and Jonathan Katz. A forward-secure public-key encryption scheme. In EUROCRYPT, pages 255--271, 2003.
|
 |
9
|
Eric Cronin , Sugih Jamin , Tal Malkin , Patrick McDaniel, On the performance, feasibility, and use of forward-secure signatures, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA
[doi> 10.1145/948109.948130]
|
| |
10
|
|
| |
11
|
|
| |
12
|
Amos Fiat and Adi Shamir. How to prove yourself: Practical solutions to identification and signature problems.
|
| |
13
|
Steven Galbraith. Pairings. In IanF. Blake, Gadiel Seroussi, and Nigel Smart, editors, Advances in Elliptic Curve Cryptography, volume 317 of London Mathematical Society Lecture Notes, chapterIX, pages 183--213. Cambridge University Press, 2005.
|
| |
14
|
|
| |
15
|
|
| |
16
|
|
| |
17
|
|
| |
18
|
Gene Itkis, Robert McNerney, and Scott Russell. Intrusion-resilient secure channels. In ACNS, pages 238--253, 2005.
|
| |
19
|
|
| |
20
|
|
| |
21
|
Anton Kozlov and Leonid Reyzin. Forward-secure signatures with fast key update. In SCN, pages 241--256, 2002.
|
| |
22
|
|
| |
23
|
Ben Laurie and Nicholas Bohm. Signatures: An interface between law and technology, January 2003. Online: http://www.apache-ssl.org/tech-legal.pdf.
|
| |
24
|
Ben Lynn. PBC library. Online: http://rooster.stanford.edu/ben/pbc/.
|
| |
25
|
|
| |
26
|
|
| |
27
|
Shigeo Mitsunari, Ryuichi Sakai, and Masao Kasahara. A new traitor tracing. IEICE Transactions on Fundamentals, E850A(2):481--484, 2002.
|
| |
28
|
|
| |
29
|
Kenneth Paterson. Cryptography from pairings. In Ian F. Blake, Gadiel Seroussi, and Nigel Smart, editors, Advances in Elliptic Curve Cryptography, volume 317 of London Mathematical Society Lecture Notes, chapterX, pages 215--51. Cambridge University Press, 2005.
|
| |
30
|
GMP Project. The Gnu multiprecision arithmetic library. Online: http://www.swox.com/gmp/.
|
| |
31
|
|
| |
32
|
|
| |
33
|
Brent Waters. Efficient identity-based encryption without random oracles. In EUROCRYPT, pages 114--127, 2005.
|
| |
34
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
E.3