Abstract
The fast growth of technology and the demands of contemporary globalization have meant that most organizations use electronic means for communication and formalization of documents. One of the main problems faced by reviewers is recognizing counterfeit documents. The electronic signature of documents is a preliminary solution to the problem. In our research we are interested in developing a web service that allows to sign documents and verify their authenticity. To protect this web service against malicious activity there are aspects of computer security that must be considered such as steganography, cryptography and security protocols. In this article we introduce a security protocol using symmetric cryptography scheme in order to sign and authenticate digital documents. We have verified formally this protocol and found out that it provides the fourth level of authentication according to Lowe’s hierarchy. In addition, we also address security aspects that must be taken into account to avoid attacks in these kinds of applications and some implementations we are developing.
Keywords
The research reported here was supported by PROMEP UPCHS-PTC-035.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Carts, D.A.: A review of the diffie-hellman algorithm an its use in secure internet protocols. In: As part of the Information Security Reading Room, pp. 1–9. SANS Institute (2001)
Artz, D.: Digital steganography: Hiding data within data. IEEE Internet Computing 5, 75–80 (2001)
Burrows, M., Abadi, M., Needham, R.M.: A logic of authentication. Proceedings of the Royal Society of London 426(1), 233–271 (1989)
Cox, I.J., Miller, M., Bloom, J., Fridrich, J., Kalker, T.: Digital Watermarking and Steganography. Morgan Kaufmann, San Francisco (2007)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)
197 FIPS. Advanced encryption standard (aes). Technical report (2001)
1977 FIPS 1977 FIPS. Data encryption standard. Technical Report Part 6 of Title 15 Code of Federal Regulations (1988)
Frattolillo, F.: Watermarking protocol for web context. IEEE Transactions on Information Forensics and Security 2(3-1), 350–363 (2007)
Frattolillo, F., D’Onofrio, S.: A web oriented watermarking protocol. In: IEC, Prague, pp. 91–96 (2005)
Haouzia, A., Noumeir, R.: Methods for image authentication: a survey. Multimedia Tools and Applications 39, 1–46 (2008) 10.1007/s11042-007-0154-3
Kessler, G.C., Ciphers, N.: An overview of steganography for the computer forensics examiner. Federal Bureau of Investigations, viewed 28 (2004)
Kostopoulos, I., Gilani, S.A.M., Skodras, A.N.: Colour image authentication based on a self-embedding technique. In: 14th International Conference on Digital Signal Processing DSP 2002, vol. 2(1), pp. 733–736 (2002)
Kundur, D., Lin, C.Y., Macq, B., Yu, H.: Special issue on enabling security technologies for digital rights management. In: Proceedings of the IEEE, pp. 879–882. IEEE, Los Alamitos (2004)
Lei, C.-L., Yu, P.-L., Tsai, P.-L., Chan, M.-H.: An efficient and anonymous buyer-seller watermarking protocol. IEEE Transactions on Image Processing, 13, 1618–1626 (2004)
Lim, Y., Xu, C., Feng, D.D.: Web based image authentication using invisible fragile watermark. In: Proceedings of the Pan-Sydney Area Workshop on Visual Information Processing VIP 2001, vol. 11, pp. 31–34. Australian Computer Society, Inc., Darlinghurst (2001)
López-Pimentel, J.C., Monroy, R.: Formal support to security protocol development: a survey. Journal Computacin y Sistemas, special volume celebrating 50 years of Computing in Mexico 12, 89–108 (2008)
Lowe, G.: An attack on the needham-schroeder public-key authentication protocol. Information Processing Letters 56(3), 131–133 (1995)
Lowe, G.: Some new attacks upon security protocols. In: Proceedings of the 9th IEEE Computer Security Foundations Workshop, CSFW 1996, pp. 162–169. IEEE Computer Society Press, Washington, DC, USA (1996)
Lowe, G.: A hierarchy of authentication specifications. In: Proceedings of the 10th IEEE Computer Security Foundations Workshop, CSFW 1997, pp. 31–44. IEEE Computer Society, Los Alamitos (1997)
Potdar, V.M., Han, E.C.S.: Survey of digital image watermarking techniques. In: 3rd International Conference on Industrial Informatics (INDIN 2005), pp. 709–716 (2005)
Memon, N., Wong, P.W.: A buyer-seller watermarking protocol. IEEE Trans. Image Processing 10, 643–649 (2001)
Paulson, L.C.: The inductive approach to verifying cryptographic protocols. Journal in Computer Security 6(1-2), 85–128 (1998)
Potdar, V.M., Han, S., Chang, E.: A survey of digital image watermarking techniques. In: 3rd IEEE International Conference on Industrial Informatics INDIN 2005, vol. 1(1), pp. 709–716 (2005)
Qiao, L., Nahrstedt, K.: Watermarking schemes and protocols for protecting rightful ownership and customer’s rights. J. Vis. Commun. Image Representation 9, 194–210 (1999)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 120–126 (1978)
Yeung, M.M., Mintzer, F.: An invisible watermarking technique for image verification. In: International Conference on Image Processing, vol. 2, p. 680 (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lopez Pimentel, J.C., Monroy, R., Ramos Fon Bon, V.F. (2011). Symmetric Cryptography Protocol for Signing and Authenticating Digital Documents. In: Snasel, V., Platos, J., El-Qawasmeh, E. (eds) Digital Information Processing and Communications. ICDIPC 2011. Communications in Computer and Information Science, vol 188. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22389-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-22389-1_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22388-4
Online ISBN: 978-3-642-22389-1
eBook Packages: Computer ScienceComputer Science (R0)