A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
IFIP/Sec '01 Proceedings of the IFIP TC11 Sixteenth Annual Working Conference on Information Security: Trusted Information: The New Decade Challenge
Certificate Based PKI and B2B E-Commerce: Suitable Match or Not?
IFIP/Sec '01 Proceedings of the IFIP TC11 Sixteenth Annual Working Conference on Information Security: Trusted Information: The New Decade Challenge
Personal security environment on Palm PDA
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Secure coprocessors in electronic commerce applications
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
Trusted code execution in JavaCard
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Hi-index | 0.00 |
There are important details that give legal validity to handwritten signatures: First, the document to be signed is under control of the signatory and it is not possible to substitute or alter it, and second, the tools to produce the signature (the pen and the signatory itself) are also under control of the signatory. These details make possible that handwritten signatures are used in a law court to prove the willingness of the signatory to be bound by the content of the document. Digital signatures require complex calculations that can not be done using mental arithmetic by the signatory. In this case neither document nor tools are under direct control of the signatory but under control of a computer. Consequently, the willingness of the signatory can not be sufficiently demonstrated. Furthermore, to be able to perform digital signatures, we must assume that the user trusts the computer to perform exactly what is intended. This yields digital signatures unusable in scenarios that require mobility. In this paper we present a system to perform digital signatures in environments that require mobility. The system is based on the use of personal digital assistants and smart cards and fulfils the common requirements established in different national laws regarding digital signatures.