Securing Digital signature in Mobiles

Academic Open Internet Journal

ISSN 1311-4360

www.acadjournal.com

Volume 20, 2007

Abstract
It is a basic of Digital signature scheme that, the signing key is to be kept secret. Herein I
discuss a smart card reader in a mobile device, for using Digital sign. Here settings for
Digital sign applications as well as their problems are discussed; along with that a
framework for Mobile security applications are also considered. The related security
issues are also discussed. It is always necessary to
carefully manage private key
handling, and a solution for that is presented.

1. Introduction
Digital sign is a necessary condition in E-commerce. The best method for this seems to
be public key usage here. Every user has to generate a key pair say Pk, and Sk, where Pk
is public key and Sk is private key. Sk should not be shared with anyone else. Let a
document X, need to be signed using Sk, than one needs to produce a signature say
s = Sigsk (X)
A verifier obtains the pair (X, s). Now Pk must provide a means for providing or
establishing whether s is a
valid sign. The signer is himself capable to produce
signatures. A public key infrastructure paradigm is used to interconnect public key and a
real person. Digital sign is just a string of bits on some medium and can be stolen. If a
hacker can get access to victim’s private key he can also digitally sign on behalf of him.
The main goal of this paper is to concentrate on securing digital signature.
1.1 Attacks on signing environment
Usually while signing, the user’s private key is stored on his disk which is than encrypted
using a Pass-phrase, normally. This is not secure if security hole is discovered which
generates due to e-mail etc.
This digital sign can be bypassed if hard disk is read on
another computer. Using smart card digital signature can be protected inside its non-
volatile memory, and can be protected by a password, and is also portable. Trojans and
viruses can modify signing software such that it can make changes to the document and
sign the other, without his knowledge. It also leads to repudiation. Smart cards do not
have any means of direct communication with the users. A PSE (Personal Security
Environment) can be built on mobiles for using it as electronic wallet for producing
digital sign.

3. A security solution
A mono-functional mobile can be used for signing securely. It is to be designed such that
it is physically tamper resistant, with only one program running on it, which can interact
with untrusted outer world through a clearly defined application level protocol. It allows
the user to transfer only signed / unsigned documents. The signing key is to be kept in a
well protected part of the memory. Most users need functionally integrated mobile
phone/PDA, but that has very less demand in market. Instead, multifunctional signing
device can be designed so as to be user friendly and easier to implement. Mobile
phones/PDAs are easy for entering passwords for unlocking signing keys. Mobile phones
have built in smart card reader and can be used for transferring signed documents. They
can also upload software and have developer tools and programming info easily
available. Palm PDA has choice of several development tools and its OS documentation
is freely available. Its power and moderately price attracts a high usability. It can also be
used only for signing purpose.

3.1 Design issues
Here in is proposed, a prototype PSE, for signing documents using Palm III PDA, a smart
card and a smart card. I have chosen Palm, as it can does all cryptographic operations, but
unfortunately is not suitable for cryptographic primitives. Time stamping methods can be
used for keeping the signing key secure atleast for 20 year and must be 512 bit long.Smart card

as cryptographic device usages help more security compared to Palm OS as
every part of memory can be read by every process. A library can also be implemented
compatible with PKCS 11 standard for supporting messages digesting, signing and
verification. The hardware token needs smart card reader to be attached with palm, which
is connected to serial port. Palm communicates exclusively with the smart card. Such an
environment can be used by police to check electronic ID cards. During a request for sign
for an active document PIN need to be entered and is sent to the token if successful.
Hashing is done using private key of user. Then signature is attached to the document and
this signed document is kept in proprietary format.

4. Security concerns
An attacker can just modify variations of software to display favorable results. Hence in
this scheme, the user has to carry his PDA, all the time else hackers may modify PDA’s
hardware. This is also possible with PDA having pre-installed software. Similarly the
sensitivity of smart card and its reader must be considered. An attacker can replace smart
card with fake one, which can capture PIN and send to attacker. Now the attacker has
both PIN and card, and can use them. This can be avoided by making card create a key
pair and store public key in a computer. A certification authority may also be used for it.
It can be verified everything RANDOM NONCE. Hacker can acquire victim’s PDA that
has signing keys in PDA memory. He can also get PDA + smart card + reader. In former
case he drops PDA memory contents to a PC and can extract the keys. He can perform a
brute force attack on the user’s PIN which is used to encrypt key and than can
successfully fake signed documents. Such attack can be pre-packed in some user friendlyexploit-program,

like Games, puzzles, calculator etc.,. In the former case, he can tamper
with signing program. Similarly in the latter case, he can transfer with signing program
making the user believe that the sign is correct, when created. He can also extract the key
from user’s smart card using a suitable device. The attacker can threaten the user with
gun to sign, even without a signing environment. Technical security measures can only
be used to protect assets which are less valuable than physical attack. The proposed
system can be considered as secure because mounting a technical attack (like repeatedly
stealing user’s PDA or reverse engineering smart card) requires a lot of resources.

5. Conclusions
Today digital sign must have an equally a legal value on par with handwritten sign. In
addition to this one’s private key must be kept secure by all means. Care must be taken to
signing environment particularly from Trojan horses. Here I have proposed a PSE
consisting of a Palm PDA + Smart card + Reader. Using this one can convince for
authenticity of document signature. Hence the user’s private key is kept in smart card,
and signing and verification takes place in the device which can be kept in security. In
addition to this if time stamping is done the system can be used daily without signature
abuse. Thus where signature is valuable more security is needed.

6. References
1) P.R Zinberman “ The Official PGP User guide” MIT press ‘95

2) D.W Davies : “ Use of the Signature token to create a negotiable document” in
advances in Cryptology: Proceedings of Crypto ’83, pp 377-382, New York,
USA, 1984, Plenym Publishing
3) A. Webner: Distribution of risks in implementation of Digital signatures
http://www.semper.org
4) D. Balfanz Handheld computers can be better Smart cards. In proceedings of
USENIX Security ’99, August.
5) C. Ellison Ten risks of PKI: ‘What you’re not being told about PKI Computer
Security Journal’ 16(1): 1-7, 2000.
6) http://www.palm.com/.
7) A.K Lenstar Selecting Cryptography key sizes http:// www.cryptsavvy.com/
8) A. Shamir Playing hide and seek with stored keys http:// www.ncipher.com