Digital Signatures Do Not Guarantee Exclusive Ownership
نویسندگان
چکیده
Digital signature systems provide a way to transfer trust from the public key to the signed data; this is used extensively within PKIs. However, some applications need a transfer of trust in the other direction, from the signed data to the public key. Such a transfer is cryptographically robust only if the signature scheme has a property which we name exclusive ownership. In this article, we show that the usual signature algorithms (such as RSA[3] and DSS[4]) do not have that property. Moreover, we describe several constructs which may be used to transform a signature scheme into another signature scheme which provides exclusive ownership.
منابع مشابه
Bitcoin Transaction Malleability and MtGox
In Bitcoin, transaction malleability describes the fact that the signatures that prove the ownership of bitcoins being transferred in a transaction do not provide any integrity guarantee for the signatures themselves. This allows an attacker to mount a malleability attack in which it intercepts, modifies, and rebroadcasts a transaction, causing the transaction issuer to believe that the origina...
متن کاملOn the Security of Dynamic Group Signatures: Preventing Signature Hijacking
We identify a potential weakness in the standard security model for dynamic group signatures which appears to have been overlooked previously. More specifically, we highlight that even if a scheme provably meets the security requirements of the model, a malicious group member can potentially claim ownership of a group signature produced by an honest group member by forging a proof of ownership....
متن کاملTowards Automated Transactions Based on the Offline Handwritten Signatures
Automating business transactions over the Internet relies on digital signatures, a replacement of conventional handwritten signatures in paper-based processes. Although they guarantee data integrity and authenticity, digital signatures are not as convenient to users as the manuscript ones. In this paper, a methodology is proposed to produce digital signatures using off-line hand-written signatu...
متن کاملSupporting Digital Signatures in Mobile Environments
Digital signatures, like physical signatures, can verify that a specific user affixed their signature to a document and they can also verify that the document is the same as when the user affixed the digital signature. Digital signature systems (DSS) use public key cryptography methods to create digital signatures. The integrity of the digital signature is tied to the security of the user’s pri...
متن کاملRFC 6979 Deterministic DSA and ECDSA August 2013
This document defines a deterministic digital signature generation procedure. Such signatures are compatible with standard Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA) digital signatures and can be processed with unmodified verifiers, which need not be aware of the procedure described therein. Deterministic signatures retain the cryptographic security...
متن کامل