ACM Transactions on Computer Systems (TOCS)
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Authentication and delegation with smart-cards
TACS'91 Selected papers of the conference on Theoretical aspects of computer software
Cryptography: Theory and Practice
Cryptography: Theory and Practice
Smart cards in hostile environments
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Secure coprocessors in electronic commerce applications
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
The Design of a COTSReal-Time Distributed Security Kernel
EDCC-4 Proceedings of the 4th European Dependable Computing Conference on Dependable Computing
Smartcards: Hot to Put them to Use in a User-Centric System
HUC '00 Proceedings of the 2nd international symposium on Handheld and Ubiquitous Computing
A Framework for the Revocation of Unintended Digital Signatures Initiated by Malicious Terminals
IEEE Transactions on Dependable and Secure Computing
Using multiple smart cards for signing messages at malicious terminals
ISC'06 Proceedings of the 9th international conference on Information Security
A user-friendly approach to human authentication of messages
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Hi-index | 0.00 |
This paper presents a solution to how a smart card can be used to sign data in a hostile environment. In particular, how to use a smart card to make a signature on data when the machine to which the smart-card reader is attached can not be trusted. The problem is solved by means of a verification server together with a substitution table and a one-time pad; it is argued that lacking a trusted channel from the card, our solution is minimal. An invalid signature (a signature on data not intended to be signed) can only be made if the online server colludes with the machine the user is using. In all other circumstances, only a denial-of-service attack is possible. The realization is applicable in practice, but slightly awkward.