Certificateless and provably-secure digital signature scheme based on elliptic curve

With the internet today available at the user’s beck, and call data or Information Security plays a vital role. Confidentiality, Integrity, Availability, and Non-repudiation are the pillars of security on which every application on the web is based on. With these basic requirements the users also need the security in low resource constrained environments making it more challenging for the security experts to design secured cryptographic algorithms. Digital Signatures play a pivotal role in Authentication. They help in verifying the integrity of the data being exchanged. Elliptical curves are the strongest contenders in Digital Signatures, and much research is being done to enhance the method in many ways. The paper briefs a secured and improved ECDSA Elliptical Curve Digital Signature Algorithm which is an improved and secured version of the Digital Signature Algorithm

The Emperor\u27s New Clothes: The Shocking Truth About Digital Signatures and Internet Commerce

This Article critiques a specific set of assumptions about specific application of digital signature technology: that contracts will be formed over the Internet among parties with no prior relationships through reliance on digital signature certificates issued by trusted third parties to establish the identity of the parties. This application for digital signature technology was once seen as both its most ambitious and most promising application because, for parties with no prior knowledge of each other, there is not yet a reliable system of online identities in Internet commerce. Parties with an ongoing commercial relationship can absorb the cost of offline communications such as faxes, telephone calls or face-to-face meetings to negotiate and execute an agreement governing the setting up of a reliable system for online authentication of parties to wholly electronic transactions. Parties that want to rely exclusively on online communications to create the framework for contracting as well as to enter into contracts, however, face a problem of infinite regress: how can the online communications that set up the system for confirming online identities itself be authenticated with nothing more to rely on than online communications? Many supporters of digital signatures believed legislation was essential to cut through this Gordian Knot. Legislation could authorize parties unable to use a prior relationship or offline communications to confirm the validity of online identities to rely on digital signature certificates instead. Much legislation regulating the use of digital signatures is based on an unstated premise: liabilities must be imposed by law because private agreements will not be adequate to the task of regulating this technology. This Article will summarize the original consensus regarding the role of digital signatures in electronic commerce, explain why that consensus was mistaken on many points, describe commercial applications of digital signatures that are gaining market share today and contrast them with the original consensus, and consider the implications of a major misperception of market trends for the future of electronic commerce legislation. A brief description of digital signatures and public key infrastructure is included in the appendix to this article

Are Online Business Transactions Executed by Electronic Signatures Legally Binding?

Most of us believe that we make contracts over the Internet all the time. We buy books and computers, arrange for hotels and planes, trade stocks, and apply for mortgages. But as recently as seven months ago that transaction was most likely not legally binding. This uncertainty led many practitioners, businesspeople, and consumers to question the efficacy of contracts executed by electronic signatures. Without a uniform standard, many jurisdictions ruled inconsistently, while other jurisdictions did not consider the issue. This disparate treatment threatened the legitimacy of online agreements and deprived both consumers and businesses of the certainty and predictability expected from well-developed markets. The law\u27s formalities evolved outside of the digital world, and the process of adapting them to it has proven to be more difficult than expected. In June of 2000, Congress attempted to solve this problem with the Electronic Signatures in Global and National Commerce Act (E-Sign)

PKI Interoperability: Still an Issue? A Solution in the X. 509 Realm

There exist many obstacles that slow the global adoption of public key infrastructure (PKI) technology. The PKI interoperability problem, being poorly understood, is one of the most confusing. In this paper, we clarify the PKI interoperability issue by exploring both the juridical and technical domains. We demonstrate the origin of the PKI interoperability problem by determining its root causes, the latter being legal, organizational and technical differences between countries, which mean that relying parties have no one to rely on. We explain how difficult it is to harmonize them. Finally, we propose to handle the interoperability problem from the trust management point of view, by introducing the role of a trust broker which is in charge of helping relying parties make informed decisions about X.509 certificates