
























Jelizaveta Vakarjuk, Cybernetica (Estonia), Tallinn University of Technology
Peeter Laud, Cybernetica (Estonia)
Smart-ID is a signing and authentication service available to residents of Belgium, Estonia, Iceland, Latvia and Lithuania. Such smartphone-based signing service delivers the usability of software keys with security guarantees of ID-cards by relying on a remote server to compensate for weak device protection. Security of current Smart-ID relies on multi-prime server-supported RSA, password-authenticated key shares and clone detection mechanism. Unfortunately, the security properties of the underlying protocol (Buldas et al. ESORICS 2017) have been specified only in ``game-based'' manner. In other words, there are no guarantees for the protocol being secure in concurrent setting. We remedy this shortcoming by presenting two ideal functionalities $\mathcal{F}^{\textsf{gSpl}}$ and $\mathcal{F}_{\textsf{Sig}}^{\textsf{Spl}}$ for server-supported signing in Universal Composability model. We show that improved RSA server-supported protocol realizes $\mathcal{F}^{\textsf{gSpl}}$ and give practical example of server-supported ECDSA protocol realizing $\mathcal{F}_{\textsf{ECDSA}}^{\textsf{Spl}}$.
BibTeX
@misc{cryptoeprint:2024/1941,
author = {Nikita Snetkov and Jelizaveta Vakarjuk and Peeter Laud},
title = {Universally Composable Server-Supported Signatures for Smartphones},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/1941},
year = {2024},
doi = {10.62056/a3c3wa0kr},
url = {https://eprint.iacr.org/2024/1941}
}
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。