Title :
Using MTMs to secure electronic signatures generation
Author :
Serb, Mihai ; Patriciu, Victor Valeriu
Author_Institution :
Doctoral Sch., Mil. Tech. Acad., Bucharest, Romania
Abstract :
In an ever growing number of countries, electronic signatures can produce the same legal effects as handwritten signatures, if certain conditions are met. But these rules do not alleviate the risk of an attacker tampering with the application that is used to generate the signature or verify the signature. It is much easier for an attacker to try to replace this application with a modified version which fools the user into applying a valid signature on data that was modified without his knowledge, than to try to forge the signature. In this paper we present a solution for creating a secure environment for signature creation / verification based on the use of MTM (Mobile Trusted Module) devices. We show that by using a MTM for both secure storage of private keys and as a means to determine the integrity of the signature creation / verification application, the user can be certain of the fact that the signing / verification process was not tampered with.
Keywords :
digital signatures; private key cryptography; MTM; handwritten signatures; legal effects; mobile trusted module; private keys; secure electronic signatures generation; secure storage; signature creation; signature verification; Computer architecture; Law; Mobile communication; Mobile handsets; Operating systems; Security; JavaCard; MTM; SSCA; SSCD; electronic signatures;
Conference_Titel :
Communications (COMM), 2012 9th International Conference on
Conference_Location :
Bucharest
Print_ISBN :
978-1-4577-0057-6
DOI :
10.1109/ICComm.2012.6262538
