Proxy smart card systems

Abstract

The established legal value of digital signatures and the growing availability of identity-based digital services are progressively extending the use of smart cards to all citizens, opening new challenging scenarios. Among them, motivated by concrete applications, secure and practical delegation of digital signatures is becoming more and more critical. Unfortunately, secure delegation systems proposed so far (e.g., proxy signatures) include various drawbacks for any practical system. In this work we put forth the notion of a "Proxy Smart Card System", a distributed system that allows a smart card owner to delegate part of its computations (e.g., signatures of messages) to remote users. We stress the problematic aspects concerning the use of known proxycryptography schemes in synergy with current standard technologies. This in turn motivates the need of proxy smart card systems. Then we formalize the security and functional requirements of a proxy smart card system, identifying the involved parties, the adversary model and the usability properties. Finally, we present the design and analysis of a proxy smart card system which outperforms the current state of the art. © IFIP International Federation for Information Processing 2010.