Validity models of electronic signatures and their enforcement in practice

Authors:
Harald Baier;Vangelis Karatsiolis
Affiliations:
Darmstadt University of Applied Sciences and Center for Advanced Security Research Darmstadt, Darmstadt, Germany;Technische Universität Darmstadt, Department of Computer Science, Darmstadt, Germany
Venue:
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Year:
2009

Citing 1
Cited 3

A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM

Modeling long-term signature validation for resolution of dispute

TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Certification validation: back to the past

EuroPKI'11 Proceedings of the 8th European conference on Public Key Infrastructures, Services, and Applications
Certification validation: Back to the past

Computers & Mathematics with Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

An electronic signature is considered to be valid, if the signature is mathematically correct and if the signer's public key is classified as authentic. While the first property is easy to decide, the authenticity of the signer's public key depends on the underlying validity model. To our knowledge there are three different validity models described in various public documents or standards. However, up to now a formal description of these models is missing. It is therefore a first aim of the paper at hand to give a formal definition of the common three validity models. In addition, we describe which application in practice requires which validity model, that is we give a mapping of use cases to validity models. We also analyse which standard implements which model and show how to enforce each model in practice.