Abstract
We observe that current mainstream digital signature schemes are complex and inconvenient for end users. We group the main problems related to these schemes and propose a new approach, centered on the needs of the end user. The new model is a redesign of the overall signature process, discarding certificates and the X509 PKI in favor of simple structures and natural trust relationships modeled on conventional handwritten signatures.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
United States: Electronic signature in global and national commerce act (“E-Sign”) (2000)
United States: Government paperwork elimination act (“GPEA”) (2000)
European Parliament, Council: Directive 1999/93/ec of the european parliament and of the council of 13 December 1999 on a community framework for electronic signatures (2000)
Brasil: Medida provisoria no 2.200-2, de 24 de agosto de 2001 (2001)
ITU-T: Information technology - Open systems interconnection - The Directory: Public-key and attribute certificate frameworks, 6th edn. Number ISO/IEC 9594-8 (December 2008)
Ellison, C., Schneier, B.: Ten risks of pki: What you’re not being told about public key infrastructure. Computer Security Journal 16(1), 1–7 (2000)
Lopez, J., Oppliger, R., Pernul, G.: Why have public key infrastructures failed so far? Internet Research 15(5), 544–556 (2005)
Gutmann, P.: Pki: it’s not dead, just resting. Computer 35(8), 41–49 (2002)
Rede Nacional de Ensino e Pesquisa (RNP): Infraestrutura de Chaves Públicas para Ensino e Pesquisa, ICPEdu (2013), http://www.rnp.br/servicos/icpedu.html
National Institute of Information Technology (ITI): Brazilian Public Key Infrastructure, ICP-Brazil (2013), http://www.iti.gov.br/icp-brasil
Merryman, J., Pérez-Perdomo, R.: The civil law tradition: an introduction to the legal systems of Europe and Latin America. Stanford University Press (2007)
Stallings, W.: Cryptography and Network Security: Principles and Practice, 5th edn. Prentice Hall (2010)
Lekkas, D., Gritzalis, D.: Cumulative notarization for long-term preservation of digital signatures. Computers Security 23(5), 413–424 (2004)
Haber, S., Stornetta, W.S.: How to time-stamp a digital document. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 437–455. Springer, Heidelberg (1991)
Bayer, D., Haber, S., Stornetta, W.: Improving the efficiency and reliability of digital time-stamping. In: Sequences II: Methods in Communication, Security, and Computer Science, pp. 329–334 (1993)
ETSI: CMS Advanced Electronic Signatures (CAdES), 2.1.1 edn. Number TS 101 733 (March 2013)
ETSI: XML Advanced Electronic Signatures (XAdES), 1.4.2 edn. Number TS 101 903 (December 2010)
Custódio, R.F., Vigil, M.A.G., Romani, J., Pereira, F.C., da Silva Fraga, J.: Optimized certificates – A new proposal for efficient electronic document signature validation. In: Mjølsnes, S.F., Mauw, S., Katsikas, S.K. (eds.) EuroPKI 2008. LNCS, vol. 5057, pp. 49–59. Springer, Heidelberg (2008)
Vigil, M.A.G., Moecke, C.T., Custódio, R.F., Volkamer, M.: The notary based PKI – A lightweight PKI for long-term signatures on documents. In: De Capitani di Vimercati, S., Mitchell, C. (eds.) EuroPKI 2012. LNCS, vol. 7868, pp. 85–97. Springer, Heidelberg (2013)
ETSI: Provision of harmonized Trust-service status information, 3.1.2 edn. Number TS 102 231 (December 2009)
Adams, C., Cain, P., Pinkas, D., Zuccherato, R.: Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP). RFC 3161 (Proposed Standard), Updated by RFC 5816 (August 2001)
Vigil, M.A.G., Cabarcas, D., Wiesmaier, A., Buchmann, J.: Authenticity, integrity and proof of existence for long-term archiving: a survey. Cryptology ePrint Archive, Report 2012/499 (2012), http://eprint.iacr.org/
Braun, J., Buchmann, J., Mullan, C., Wiesmaier, A.: Long term confidentiality: a survey. Cryptology ePrint Archive, Report 2012/449 (2012), http://eprint.iacr.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Werlang, F.C., Custódio, R.F., Vigil, M.A.G. (2014). A User-Centric Digital Signature Scheme. In: Katsikas, S., Agudo, I. (eds) Public Key Infrastructures, Services and Applications. EuroPKI 2013. Lecture Notes in Computer Science, vol 8341. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-53997-8_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-53997-8_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-53996-1
Online ISBN: 978-3-642-53997-8
eBook Packages: Computer ScienceComputer Science (R0)