Title :
Server-aided digital signature protocol based on password
Author :
He, Yong-Zhong ; Wu, Chuan-Kun ; Feng, Deng-Guo
Author_Institution :
Inst. of Software, Chinese Acad. of Sci., Beijing, China
Abstract :
Digital signature is a cryptographic mechanism widely used in secure communications. Although there are many digital signature schemes with firm mathematical foundations, one of the biggest concerns is how to protect the private keys from disclosure in applications. To counter this problem, we suggest splitting the signature private key into two parts and storing in two well-protected servers, and the client may get signatures through the protocol SADS proposed in this paper. With SADS, the client only needs to provide a password to get a message to be signed with the help of the two severs. The private key is not exposed if only one of the servers is compromised or misused by the server administrator, which greatly decreases the possibility of the corruption of a signature private key and facilitates the mobility of the signing services. Furthermore, various signing policies can be enforced in the servers, such as revocation of the private key, delegation of signature rights, signature with tune constraints, content-sensitive signatures.
Keywords :
client-server systems; digital signatures; private key cryptography; telecommunication security; cryptographic mechanism; secure communication; server-aided digital signature protocol; signature private key; Application software; Content addressable storage; Cryptographic protocols; Digital signatures; Information security; Personal communication networks; Protection; Public key; Public key cryptography; Servers;
Conference_Titel :
Security Technology, 2005. CCST '05. 39th Annual 2005 International Carnahan Conference on
Print_ISBN :
0-7803-9245-0
DOI :
10.1109/CCST.2005.1594836
