article

Equipping smart devices with public key signatures

Authors:

Daniele Mazzocchi,

Gene TsudikAuthors Info & Claims

ACM Transactions on Internet Technology (TOIT), Volume 7, Issue 1

Pages 3 - es

https://doi.org/10.1145/1189740.1189743

Published: 01 February 2007 Publication History

Abstract

One of the major recent trends in computing has been towards so-called smart devices, such as PDAs, cell phones and sensors. Such devices tend to have a feature in common: limited computational capabilities and equally limited power, as most operate on batteries. This makes them ill-suited for public key signatures. This article explores practical and conceptual implications of using Server-Aided Signatures (SAS) for these devices. SAS is a signature method that relies on partially-trusted servers for generating (normally expensive) public key signatures for regular users. Although the primary goal is to aid small, resource-limited devices in signature generation, SAS also offers fast certificate revocation, signature causality and reliable timestamping. It also has some interesting features such as built-in attack detection for users and DoS resistance for servers. Our experimental results also validate the feasibility of deploying SAS on smart devices.

References

[1]

Adams, C., Cain, P., Pinkas, D., and Zuccherato, R. 2001. Internet x.509 public key infrastructure time stamp protocol (tsp), draft-ietf-pkix-time-stamp-15.txt.]]

[2]

Asokan, N., Tsudik, G., and Waidner, M. 1997. Server-supported signatures. J. Comput. Secur. 5, 1.]]

Digital Library

[3]

Bellare, M., Canetti, R., and Krawczyk, H. 1996. Keying hash functions for message authen-tication. In Advances in Cryptology---CRYPTO '96, N. Koblitz, Ed. Number 1109 in Lecture Notes in Computer Science. Springer-Verlag, Berlin 1--15.]]

Digital Library

[4]

Bicakci, K. and Baykal, N. 2000. Server assisted signatures revisited. In Proceedings of RSA Conference' Cryptography Track.]]

[5]

Boeyen, S., Howes, T., and Richard, P. 1999. RFC 2559: Internet x.509 public key infrastructure operational protocols---LDAPv2.]]

[6]

Boneh, D., Ding, X., Tsudik, G., and Wong, B. 2001. Instanteneous revocation of security capabilities. In Proceedings of USENIX Security Symposium 2001.]]

[7]

Ding, X., Mazzocchi, D., and Tsudik, G. 2002. Experimenting with server-aided signatures. In Proceedings of NDSS 2002.]]

[8]

Ding, X., Tsudik, G., and Xu, S. 2004. Leak-free group signatures with immediate revocation. In Proceedings of IEEE ICDCS 2004.]]

Digital Library

[9]

Even, S., Goldreich, O., and Micali, S. 1996. On-line/off-line digital signatures. J. Crypt. 9, 1, 35--67.]]

Digital Library

[10]

Ganesan, R. 1995. Argumenting kerberose with pubic-key crytography. In Symposium on Network and Distributed Systems Security, T. Mayfield, Ed. Internet Society, San Diego, California.]]

Digital Library

[11]

Goldwasser, S., Micali, S., and Rivest, R. 1998. A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17, 2.]]

Digital Library

[12]

Goodrich, M., Tahassia, R., and Schwbrin, A. 2001. Implementation of an authenticated dictionary with skip lists and commutative hashing. In Proceedings of DARPA DISCEX II.]]

[13]

Goyal, V. 2004. More efficient server assisted one time signatures. available at http://eprint.iacr.org/S004/135.]]

[14]

Housley, R., Ford, W., Polk, W., and Sold, D. 1999. RFC 2459: Internet x.509 public key infrastructure certificate and crl profile.]]

[15]

Kocher, P. 1998. On certificate revocation and validation. In Financial Cryptography---FC '98, Lecture Notes in Computer Science, Springer-Verlag, Vol. 1465. 172--177.]]

Digital Library

[16]

Lamport, L. 1981. Password authentication with insecure communication. Comm. ACM 24, 11 (Nov.), 770--772.]]

Digital Library

[17]

MacKenzie, P. and Reiter, M. K. 2001a. Networked cryptographic devices resilient to capture. In Proceedings of the 2001 IEEE Symposium on Security and Privacy. 12--25.]]

Digital Library

[18]

MacKenzie, P. and Reiter, M. K. 2001b. Two-party generation of dsa signatures. In Advances in Cryptolosy---CRYPTO '01, J. Kilian, Ed. Number 2139 in Lecture Notes in Computer Science. Springer-Verlag, Berlin Germany, 137--154.]]

Digital Library

[19]

Merkle, R. C. 1988. A digital signature based on a conventional encryption function. In Advances in Cryptology---CRYPTO '87, C. Pomerance, Ed. Number 293 in Lecture Notes in Computer Science. Springer-Verlag, Berlin Germany, Santa Barbara, CA, USA, 369--378.]]

Digital Library

[20]

Micali, S. 1996. Enhanced certificate revocation system. Tech. Rep. TM-542b, MIT/LCS. May.]]

Digital Library

[21]

Modadugu, N., Boneh, D., and Kim, M. 2000. Generating rsa keys on a handheld using an untrusted server. In RSA Conference, Cryptography Track, 2000.]]

Digital Library

[22]

Myers, M., Ankney, R., Malpani, A., Galperin, S., and Adams, C. 1999. RFC2560: Internet public key infrastructure online certicate status protocol---OCSP.]]

[23]

Naor, M. and Nissim, K. 1998. Certificate revocation and certificate update. In Proceedings of the 7th USENIX Security Symposium (San Antonio, Texas).]]

Digital Library

[24]

Perrig, A. 2001. The biba one-time signature and broadcast authentication protocol. In Proceedings of ACM CCS 2001.]]

Digital Library

[25]

Perrig, A., Canetti, R., Song, D., and Tygar, D. 2001. Efficient and secure source authentication for multicast. In Proceedings of NDSS 2001.]]

[26]

Rivest, R. L., Shamir, A., and Adleman, L. M. 1978. A method for obtaining digital signatures and public-key cryptosystems. J. ACM 21, 2 (Feb.), 120--126.]]

Digital Library

[27]

RSA Laboratory. 2002. PKCS &num;Lv2.1: RSA cryptography standard.]]

[28]

Schnorr, C. P. 1989. Efficient identification and signatures for smart cards. In Advances in Cryptology---CRYPTO '89. 239--252.]]

Digital Library

[29]

Shamir, A. and Tauman, Y. 2001. Improved online/offline signature schemes. In Advances in Cryptology---CRYPTO '2001. 365--367.]]

Digital Library

[30]

Wang, X. and Yu, H. 2005. How to break md5 and other bash functions. In Advances in Cryptology---EUROCRYPT '2005.]]

Digital Library

Cited By

Resmi KJoseph AGeorge B(2024)Multimodal Face and Ear Recognition Using Feature Level and Score Level Fusion ApproachArtificial Intelligence: Theory and Applications10.1007/978-981-99-8476-3_22(279-288)Online publication date: 28-Feb-2024
https://doi.org/10.1007/978-981-99-8476-3_22
(2012)Essential Mobile-Commerce TechnologyCyber Crime10.4018/978-1-61350-323-2.ch312(641-670)Online publication date: 2012
https://doi.org/10.4018/978-1-61350-323-2.ch312
Hu WKaabouch NMousavinezhad SYang H(2012)Smartphone Data Protection Using Mobile Usage Pattern MatchingCyber Security Standards, Practices and Industrial Applications10.4018/978-1-60960-851-4.ch002(23-39)Online publication date: 2012
https://doi.org/10.4018/978-1-60960-851-4.ch002
Show More Cited By

Index Terms

Equipping smart devices with public key signatures
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Invisible Sanitizable Signatures and Public-Key Encryption are Equivalent
Applied Cryptography and Network Security
Abstract
Sanitizable signature schemes are signature schemes which support the delegation of modification rights. The signer can allow a sanitizer to perform a set of admissible operations on the original message and then to update the signature, in such a ...
Transitive signatures: new schemes and proofs

We present novel realizations of the transitive signature primitive introduced by Micali and Rivest, enlarging the set of assumptions on which this primitive can be based, and also providing performance improvements over existing schemes. More ...
Public key signatures in the multi-user setting

This paper addresses the security of public key signature schemes in a "multi-user" setting. We bound the advantage of an adversary in producing an existential forgery on any one of a set of target public keys by the advantage of an adversary in ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Internet Technology

ACM Transactions on Internet Technology Volume 7, Issue 1

February 2007

184 pages

ISSN:1533-5399

EISSN:1557-6051

DOI:10.1145/1189740

Issue’s Table of Contents

Copyright © 2007 ACM.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 February 2007

Published in TOIT Volume 7, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

14
Total Citations
View Citations
1,139
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Resmi KJoseph AGeorge B(2024)Multimodal Face and Ear Recognition Using Feature Level and Score Level Fusion ApproachArtificial Intelligence: Theory and Applications10.1007/978-981-99-8476-3_22(279-288)Online publication date: 28-Feb-2024
https://doi.org/10.1007/978-981-99-8476-3_22
(2012)Essential Mobile-Commerce TechnologyCyber Crime10.4018/978-1-61350-323-2.ch312(641-670)Online publication date: 2012
https://doi.org/10.4018/978-1-61350-323-2.ch312
Hu WKaabouch NMousavinezhad SYang H(2012)Smartphone Data Protection Using Mobile Usage Pattern MatchingCyber Security Standards, Practices and Industrial Applications10.4018/978-1-60960-851-4.ch002(23-39)Online publication date: 2012
https://doi.org/10.4018/978-1-60960-851-4.ch002
Roy-Chowdhury ABaras J(2011)Energy-efficient source authentication for secure group communication with low-powered smart devices in hybrid wireless/satellite networksEURASIP Journal on Wireless Communications and Networking10.1155/2011/3925292011(1-18)Online publication date: 1-Jan-2011
https://dl.acm.org/doi/10.1155/2011/392529
Kambourakis GKonstantinou EDouma AAnagnostopoulos MFotiadis G(2010)Efficient certification path discovery for MANETEURASIP Journal on Wireless Communications and Networking10.1155/2010/2439852010(1-13)Online publication date: 1-Apr-2010
https://dl.acm.org/doi/10.1155/2010/243985
Samadani MShajari MAhaniha MBui TJarke MDhar VHui KKrcmar H(2010)A survey on mobile digital signature modelsProceedings of the 12th International Conference on Electronic Commerce: Roadmap for the Future of Electronic Business10.1145/2389376.2389396(141-145)Online publication date: 2-Aug-2010
https://dl.acm.org/doi/10.1145/2389376.2389396
Samadani MShajari MAhaniha M(2010)Self-Proxy Mobile SignatureProceedings of the 2010 IEEE 24th International Conference on Advanced Information Networking and Applications Workshops10.1109/WAINA.2010.125(437-442)Online publication date: 20-Apr-2010
https://dl.acm.org/doi/10.1109/WAINA.2010.125
Hu WZuo YKaabouch NChen L(2010)An optimization neural network for smartphone data protection2010 IEEE International Conference on Electro/Information Technology10.1109/EIT.2010.5612088(1-6)Online publication date: May-2010
https://doi.org/10.1109/EIT.2010.5612088
Hu WZuo YKaabouch NYang H(2009)Mobile Data Protection Using Handheld Usage Context MatchingProceedings of the 2009 Tenth International Conference on Mobile Data Management: Systems, Services and Middleware10.1109/MDM.2009.102(594-599)Online publication date: 18-May-2009
https://dl.acm.org/doi/10.1109/MDM.2009.102
Zhu BLiao J(2008)A Key Distribution from Pairing for Wireless Sensor Network2008 4th International Conference on Wireless Communications, Networking and Mobile Computing10.1109/WiCom.2008.983(1-5)Online publication date: Oct-2008
https://doi.org/10.1109/WiCom.2008.983
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents