Issue No. 03 - July-September (2005 vol. 2)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2005.28
Human users need trusted computers when they want to generate digital signatures. In many applications, in particular, if the users are mobile, they need to carry their trusted computers with themselves. Smart cards are easy to use, easy to carry, and relatively difficult to tamper with, but they do not have a user interface; therefore, the user still needs a terminal for authorizing the card to produce digital signatures. If the terminal is malicious, it can mislead the user and obtain a digital signature on an arbitrary document. In order to mitigate this problem, we propose a solution based on conditional signatures. More specifically, we propose a framework for the controlled revocation of unintended digital signatures. We also propose a solution with a special emphasis on privacy issues.
Index Terms- Electronic commerce, security, authorization, privacy.
Istv? Zsolt Berta, Levente Butty?, Istv? Vajda, "A Framework for the Revocation of Unintended Digital Signatures Initiated by Malicious Terminals", IEEE Transactions on Dependable and Secure Computing, vol. 2, no. , pp. 268-272, July-September 2005, doi:10.1109/TDSC.2005.28