scholarly journals MISPLACED PRIORITIES: THE UTAH DIGITAL SIGNATURE ACT AND LIABILITY ALLOCATION IN A PUBLIC KEY INFRASTRUCTURE

2017 ◽  
Author(s):  
C. Bradford Biddle
Keyword(s):  
Digital Signature ◽  
Legal Status ◽  
Digital Signatures ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Public Key Encryption ◽  
Electronic Documents ◽  
Online Databases ◽  
The Status ◽  
Computer Based

On March 9, 1995, the Utah Digital Signature Act (the “Utah Act”) was signed into law.1 Complex and ambitious, the Utah Act is intended to promote the use of digital signatures on computer-based documents and to facilitate electronic commerce.2 The Utah Act implements an infrastructure in which computer users utilize “certification authorities,” online databases called repositories, and public-key encryption technology in order to “sign” electronic documents in a legally binding fashion. In addition to setting out a regulatory scheme designed to implement this infrastructure, the Utah Act provides certain digital signatures with legal status as valid signatures and addresses a variety of issues relating to the status of digitally-signed electronic documents in contract and evidence law.

scholarly journals LEGISLATING MARKET WINNERS: DIGITAL SIGNATURE LAWS AND THE ELECTRONIC COMMERCE MARKETPLACE

2017 ◽  
Author(s):  
C. Bradford Biddle
Keyword(s):  
Electronic Commerce ◽  
Digital Signature ◽  
Legal Status ◽  
Digital Signatures ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Legal Regime ◽  
Internet Commerce

The argument goes something like this: Internet commerce is hampered by the authentication problem. There is no reliable way to ensure that the sender of an electronic transmission is in fact who they purport to be. Digital signatures, supported by a “public key infrastructure” of certification authorities (CAs) and certificate databases, can solve this authentication problem. CAs will not emerge under the current legal regime, however, because they face uncertain and potentially immense liability exposure. Additionally, the legal status of digitally signed documents is unclear. Therefore, legislation is needed which defines and limits CA liability and which establishes the legality of digitally signed documents. Such legislation will solve the authentication problem and result in robust Internet commerce.

Certificates and Public Key Infrastructure

2008 ◽  
pp. 217-245
Author(s):  
Manuel Mogollon
Keyword(s):  
Access Control ◽  
Digital Signature ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Comprehensive System ◽  
Public Key Encryption ◽  
Control Data ◽  
The Public ◽  
Digital Certificates ◽  
Public Keys

In public-key encryption, the secrecy of the public key is not required, but the authenticity of the public key is necessary to guarantee its integrity and to avoid spoofing and playback attacks. A user’s public key can be authenticated (signed) by a certificate authority that verifies that a public key belongs to a specific user. In this chapter, digital certificates, which are used to validate public keys, and certificate authorities are discussed. When public-key is used, it is necessary to have a comprehensive system that provides public key encryption and digital signature services to ensure confidentiality, access control, data integrity, authentication, and non-repudiation. That system, public-key infrastructure or PKI, is also discussed in this chapter.

scholarly journals Joint State Composition Theorems for Public-Key Encryption and Digital Signature Functionalities with Local Computation

2020 ◽  
Vol 33 (4) ◽  
pp. 1585-1658
Author(s):  
Ralf Küsters ◽  
Max Tuengerthal ◽  
Daniel Rausch
Keyword(s):  
Digital Signature ◽  
Digital Signatures ◽  
Public Key ◽  
Public Key Encryption ◽  
Local Computation ◽  
Universal Composability ◽  
State Operator ◽  
State Composition ◽  
Composition Theorem ◽  
Joint State

Abstract In frameworks for universal composability, complex protocols can be built from sub-protocols in a modular way using composition theorems. However, as first pointed out and studied by Canetti and Rabin, this modular approach often leads to impractical implementations. For example, when using a functionality for digital signatures within a more complex protocol, parties have to generate new verification and signing keys for every session of the protocol. This motivates to generalize composition theorems to so-called joint state (composition) theorems, where different copies of a functionality may share some state, e.g., the same verification and signing keys. In this paper, we present a joint state theorem which is more general than the original theorem of Canetti and Rabin, for which several problems and limitations are pointed out. We apply our theorem to obtain joint state realizations for three functionalities: public-key encryption, replayable public-key encryption, and digital signatures. Unlike most other formulations, our functionalities model that ciphertexts and signatures are computed locally, rather than being provided by the adversary. To obtain the joint state realizations, the functionalities have to be designed carefully. Other formulations proposed in the literature are shown to be unsuitable. Our work is based on the IITM model. Our definitions and results demonstrate the expressivity and simplicity of this model. For example, unlike Canetti’s UC model, in the IITM model no explicit joint state operator needs to be defined and the joint state theorem follows immediately from the composition theorem in the IITM model.

A Blind Proxy Re-Signatures Scheme Based on Random Oracle

2011 ◽  
Vol 204-210 ◽  
pp. 1062-1065 ◽  
Author(s):  
Yu Qiao Deng
Keyword(s):  
Digital Signature ◽  
Digital Signatures ◽  
Random Oracle ◽  
Proxy Signature ◽  
Public Key ◽  
Signature Scheme ◽  
Signature Schemes

Digital signature schemes allow a signer to transform any message into a signed message, such that anyone can verify the validity of the signed message using the signer’s public key, but only the signer can generate signed messages. A proxy re-signature, which is a type of digital signatures, has significant applications in many areas. Proxy signature scheme was first introduced by Blaze, Bleumer, and Strauss, but that scheme is inefficient and with limited features. After that, some Proxy re-signature schemes were proposed by researchers. This paper constructs a blind proxy re-signatures scheme. Comparing to the previous proxy re-signature schemes, the scheme adds a message blinded feature, and then the security of the scheme is proven.

scholarly journals Identity Based Encryption and Identity Based Signature Scheme: A Research on Security Schemes

2019 ◽  
Vol 8 (6S4) ◽  
pp. 1330-1337
Keyword(s):  
Key Management ◽  
Public Key Cryptography ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Signature Scheme ◽  
Certificate Authority ◽  
Identity Based Encryption ◽  
Computer Based ◽  
Identity Based ◽  
To Receive

In computer based system, key for the problem of identification, authentication and secrecy can be found in the field of cryptography. Dependence on public key infrastructure and to receive certificates signed by Certificate Authority (CA) to authenticate oneself for exchange of encrypted messages is one of the most significant limitation for the widespread adoption of Public Key Cryptography (PKC) as this process is time engrossing and error prone. Identity based cryptography (IBC) aspires to reduce the certificate and key management overhead of PKC. IBC’s important primordial is Identity-based Encryption (IBE). IBE provided emergent for perception of Identity based signature (IBS) schemes. In this paper, overview of IBE and IBS schemes has been given. Also, a survey on various IBE and IBS schemes has been performed to review different problems related to them. Finally, feasibility and applicability of IBC in current and future environments has been discussed.

scholarly journals Time of signing in the Estonian digital signature scheme

2019 ◽  
pp. 40-50
Author(s):  
Tõnu Mets ◽  
Arnis Parsovs
Keyword(s):  
European Union ◽  
Digital Signature ◽  
Digital Signatures ◽  
Signature Scheme ◽  
Signature Schemes ◽  
Electronic Documents ◽  
Legal Requirement ◽  
The Public ◽  
Digital Signature Scheme ◽  
Legal Consequences

There is a widespread misconception among some lawyers, technologists and the public that the Estonian digital signature scheme provides reliable proof of the time when a document was digitally signed. In this article Tõnu Mets and Arnis Parsovs show that the legal requirement to establish the time of signing is not met in practice. The related legal requirement that the validation of the digital signature should confirm that the certificate was valid at the time of signing is also not met. The authors analyse the legal consequences of this, and discuss possible solutions for the issues that arise. They note that digital signature schemes used in other countries implementing Regulation (EU) No 910/2014 of the European Parliament and the Council of 23 July 2014 (eIDAS) are likely to share the problems discussed in this article. Index words: Estonia, European Union, Digital signatures, Electronic documents

scholarly journals Public Key Infrastructure and Digital Signature Legislation: Ten Public Policy Questions

2017 ◽  
Author(s):  
C. Bradford Biddle
Keyword(s):  
Public Policy ◽  
Digital Signature ◽  
Public Key Infrastructure ◽  
The State ◽  
Policy Implications ◽  
Public Key ◽  
Foreign Countries ◽  
Long Term Consequences

Following the lead of the State of Utah, numerous states and several foreign countries have enacted “digitalsignature” legislation aimed at promoting the development of a public key infrastructure (PKI). While PKIlegislation has acquired significant momentum, it is not clear that lawmakers have carefully considered thepublic policy implications and long-term consequences of these laws. This article surveys ten public policyissues implicated by digital signature legislation.

scholarly journals Quantum Election Protocol Based on Quantum Public Key Cryptosystem

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Wenhua Gao ◽  
Li Yang
Keyword(s):  
Digital Signature ◽  
Large Scale ◽  
Third Party ◽  
Public Key ◽  
General Construction ◽  
Public Key Cryptosystem ◽  
Public Key Encryption ◽  
Quantum Digital Signature ◽  
Quantum Public Key ◽  
Quantum Public Key Cryptosystem

There is no quantum election protocol that can fulfil the eight requirements of an electronic election protocol, i.e., completeness, robustness, privacy, legality, unreusability, fairness, verifiability, and receipt-freeness. To address this issue, we employ the general construction of quantum digital signature and quantum public key encryption, in conjunction with classic public key encryption, to develop and instantiate a general construction of quantum election protocol. The proposed protocol exhibits the following advantages: (i) no pre-shared key between any two participants is required, and no trusted third party or anonymous channels are required. The protocol is suitable for large-scale elections with numerous candidates and voters and accommodates the situation in which multiple voters vote simultaneously. (ii) It is the first protocol that dismantles the contradiction between verifiability and receipt-freeness in a quantum election protocol. It satisfies all eight requirements stated earlier under the physical assumptions that there exists a one-way untappable channel from the administrator to the voter and that there is no collusion between any of the three parties in the protocol. Compared with current election protocols with verifiability and receipt-freeness, this protocol relies upon fewer physical assumptions. (iii) This construction is flexible and can be instantiated into an election scheme having post-quantum security by applying cryptographic algorithms conveying post-quantum security. Moreover, utilizing quantum digital signature and public key encryption yields a good result: the transmitted ballots are in quantum states, so owing to the no-cloning theorem, ballot privacy is less likely to be compromised, even if private keys of the signature and public key encryption are leaked after the election. However, in existing election protocols employing classic digital signatures and public key encryption, ballot privacy can be easily violated if attackers obtain private keys. Thus, our construction enhances privacy.

Cryptographic Primitives

2020 ◽  
pp. 57-134
Author(s):  
Andreas Bolfing
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curves ◽  
Digital Signature ◽  
Discrete Logarithm ◽  
Public Key ◽  
Public Key Encryption ◽  
Cryptographic Primitives ◽  
Digital Signature Algorithm ◽  
Digital Signature Scheme ◽  
Current Standards

This chapter provides a very detailed introduction to cryptography. It first explains the cryptographic basics and introduces the concept of public-key encryption which is based on one-way and trapdoor functions, considering the three major public-key encryption families like integer factorization, discrete logarithm and elliptic curve schemes. This is followed by an introduction to hash functions which are applied to construct Merkle trees and digital signature schemes. As modern cryptoschemes are commonly based on elliptic curves, the chapter then introduces elliptic curve cryptography which is based on the Elliptic Curve Discrete Logarithm Problem (ECDLP). It considers the hardness of the ECDLP and the possible attacks against it, showing how to find suitable domain parameters to construct cryptographically strong elliptic curves. This is followed by the discussion of elliptic curve domain parameters which are recommended by current standards. Finally, it introduces the Elliptic Curve Digital Signature Algorithm (ECDSA), the elliptic curve digital signature scheme.

PRACTICE OF USING AN ELECTRONIC DIGITAL SIGNATURE IN BUSINESS ACTIVITIES

2020 ◽  
pp. 28-35
Author(s):  
Maria Darkina ◽  
Keyword(s):  
Digital Signature ◽  
Technical Information ◽  
Electronic Signature ◽  
Electronic Documents ◽  
Electronic Signatures ◽  
The Status ◽  
The Russian Federation ◽  
Graphic Image ◽  
Handwritten Signature

The article deals with the problems of the practice of obtaining changes and using an electronic signature (EP) by entrepreneurs in their activities, specifies the normative legal acts regulating the procedure for obtaining an electronic signature by relevant persons and submitting the necessary documents to the certification centers for obtaining it, specifies the types of EP — simple and enhanced, the procedure for using a simple unqualified and enhanced qualified signature. The concept of an electronic signature is defined in accordance with the law. The information contained in the item instance is described: the signature of the person who signed the document, the date and time of signing, its authority and relation to the data being signed, technical information, information for additional signature verification mechanisms, comments, files, a graphic image of the handwritten signature, and other functionally required data. The practice of judicial authorities is analyzed and certain problems of application and use of electronic signatures by legal entities and individuals are identified. We consider the authorities that issue qualified and unqualified certificates of electronic signatures on the territory of the Russian Federation, as well as the procedure for producing certificates for EP keys and their validity period. The reasons for the production of an item instance by certification centers (registration centers) and the package of required documents, depending on the status of the applicant, are set out. The role of trading platforms is indicated. The article considers the need to systematize legislative acts, develop a universal digital signature, and create terminals for sending electronic documents to regulatory authorities.

Sign in / Sign up

Export Citation Format

Share Document