Hardening digital signatures against untrusted signature software

Digital signature is nowadays a consolidated machinery allowing the management of electronic documents with full legal power. In this scenario, digital signature represents thus the key issue on every process of document de- materialization toward which both private and public organizations, as well as simple citizens, are moving quickly. Unfortunately, digital signature suffers from a severe vulnerability, directly deriving from the potential untrustworthy of the platform where the signature generation process runs. Indeed, the usage of secure smart cards does not eliminate the necessity of interfacing them with the PC. allowing the attacker to poison the PC itself to obtain signed documents with no intention from the subscriber. The problem is inherently unsolvable, provided that the current signature mechanism, as well as its legal value, are maintained. In this paper we give a solution with nice backward compatibility properties, working as a full solution in a restricted (but probable) set of untrustworthy cases, and mitigating the problem in the more general case.