Enhancing the reliability of digital signatures as non-repudiation evidence under a holistic threat model
- Autores: Jorge López Hernández-Ardieta
- Directores de la Tesis: Ana Isabel González-Tablas Ferreres (dir. tes.)
- Lectura: En la Universidad Carlos III de Madrid ( España ) en 2011
- Idioma: inglés
- Tribunal Calificador de la Tesis: Arturo Ribagorda Garnacho (presid.), Benjamín Álvarez (secret.), Luis Hernández Encinas (voc.), Javier López (voc.), Carmen Sánchez Avila (voc.)
- Materias:
- Enlaces
- Tesis en acceso abierto en: e-Archivo
- Resumen
Traditional sensitive operations, like banking transactions, purchase processes, contract agreements etc. need to tie down the involved parties respecting the commitments made, avoiding a further repudiation of the responsibilities taken. Depending on the context, the commitment is made in one way or another, being handwritten signatures possibly the most common mechanism ever used. With the shift to digital communications, the same guarantees that exist in real world transactions are expected from electronic ones as well. Non-repudiation is thus a desired property of current electronic transactions, like those carried out in Internet banking, e-commerce or, in general, any electronic data interchange scenario.
Digital evidence is generated, collected, maintained, made available and verified by non-repudiation services in order to resolve disputes about the occurrence of a certain event, protecting the parties involved in a transaction against the other's false denial about such an event. In particular, a digital signature is considered as non-repudiation evidence which can be used subsequently, by disputing parties or by an adjudicator, to arbitrate in disputes.
The reliability of a digital signature should determine its capability to be used as valid evidence. The reliability depends on the trustworthiness of the whole life cycle of the signature, including the generation, transfer, verification and storage phases. Any vulnerability in it would undermine the reliability of the digital signature, making its applicability as non-repudiation evidence difficult to achieve. Unfortunately, technology is subject to vulnerabilities, always with the risk of an occurrence of security threats. Despite that, no rigorous mechanism addressing the reliability of digital signatures technology has been proposed so far.
The main goal of this doctoral thesis is to enhance the reliability of digital signatures in order to enforce their non-repudiation property when acting as evidence.
In the first instance, we have determined that current technology does not provide an acceptable level of trustworthiness to produce reliable non-repudiation evidence that is based on digital signatures. The security threats suffered by current technology are suffice to prevent the applicability of digital signatures as non-repudiation evidence. This finding is also aggravated by the fact that digital signatures are granted legal effectiveness under current legislation, acting as evidence in legal proceedings regarding the commitment made by a signatory in the signed document.
In our opinion, the security threats that subvert the reliability of digital signatures had to be formalized and categorized. For that purpose, a holistic taxonomy of potential attacks on digital signatures has been devised, allowing their systematic and rigorous classification.
In addition, and assuming a realistic security risk, we have built a new approach more robust and trustworthy than the predecessors to enhance the reliability of digital signatures, enforcing their non-repudiation property. This new approach is supported by two novel mechanisms presented in this thesis: the signature environment division paradigm and the extended electronic signature policies. Finally, we have designed a new fair exchange protocol that makes use of our proposal, demonstrating the applicability in a concrete scenario.
