Security of the design of time-stamped signatures

作者:

Highlights:

摘要

To ensure integrity and originality of digital information, digital signatures were proposed to provide both authority and non-repudiation. However, without an authenticated time-stamp, we can neither trust signed documents when the signers' signature key was lost, stolen, or accidentally compromised, nor solve the cases when the signer himself repudiates the signing, claiming that has accidentally lost his signature key. To withstand forward forgery suffered by linking schemes and to reduce verification cost, Sun et al. proposed four time-stamped signature schemes that are based on absolute temporal authentication. Though Sun et al. claimed that these schemes are quite secure against the forward forgery, we find that they suffered from substitution attacks, by which the signer can backward/forward forge signatures and the time-stamping service can also forge signatures. Finally, we also propose four time-stamped signature schemes to overcome these security flaws. Moreover, the proposed new schemes are more efficient than the Sun et al. schemes.

论文关键词:Authentication,Time-stamping,Digital signatures,Substitution attack

论文评审过程:Received 9 October 2004, Revised 21 December 2005, Available online 9 February 2006.

论文官网地址:https://doi.org/10.1016/j.jcss.2006.01.001