A certificate - Based signature scheme for secure mobile communications

In this paper we introduce a new signature scheme specially designed to address one of the most important problems of mobile communications: possible unauthorized access to private / secret keys stored on mobile terminals. Our solution is based on a relatively new concept called “certificate - based encryption” (CBE). CBE combines the best aspects of identity - based encryption (IBE) with the advantages offered by public - key encryption. Using CBE we can construct a signature scheme, that increases the level of trust in a signature created on a mobile terminal, by requiring users to acquire, before any signing operation, a proof of validity for their key pairs, from a trusted third party, in this case the Certification Authority (CA). The proof of validity is in fact a certificate, which is used as a second signing key, besides the user´s private key, in the signing process. This means that the user must have authorization to create a valid signature, authorization which comes from the CA in the form of a second signing key, the certificate, which he cannot compute by himself. We present a detailed description of the signing and verification processes and of the benefits and drawbacks derived from using this scheme.