Digital signatures are starting to be permitted or even required instead of handwritten signatures in many areas, such as secure credit card transactions, homebanking, high-value orders, electronic tax declarations, and e-government. Whenever high liability is attached to digital signatures or highly critical actions are based on them, the security of the signer's software basis is essential. For instance, this is the case if signers are financially responsible for all signatures and cannot repudiate them by saying that their system was broken into, or if a company executive can remotely authorize important company decisions.

Why Secure Signatures Need a Secure Platform

However, a standard personal computer or mobile device, with an off-the-shelf operating system and all the software that one mainly buys this system for, is not at all secure. Different applications of the same user are not protected from each other; almost all data may nowadays carry executable code; and the execution often starts without knowledge of the computer owner. Hence it is impossible to administer a standard end-user system so that a critical application is protected from all others.

Why Not Just Use a Smartcard?

A current standard answer to the secure-signing questions is that one should use smartcards, which protect the signing key and signing function from the main operating system and software. However, the smartcard does not have a secure channel to the signer. For instance, the user enters a PIN and views the document to be signed via the normal operating system, where malicious software can intercept the PIN and let different documents be signed. 

The PERSEUS solution

Following the PERSEUS idea, security-critical services and information has to be extracted from the legacy operating system. In this context, these are the trusted viewer, the user authentication process, the cryptographic operations, and the cryptographic key (see Figure 1). 

Figure 1: Main components involved in a secure signature creation process. The signature can be calculated by a software-only service, or by a smartcard using a secure smartcard driver.

Now, a digital signature can be securely created as follows:

1. If the user has invoked the signature creation process, the document to be signed is transmitted to the trusted viewer - a PERSEUS service that renders the document and displays the resulting view using the secure user interface. Since the trusted viewer is a separated PERSEUS application, malicious code running within the legacy operating system cannot access the document any more.
2. After the user has verified the document, a user authentication is performed using the trusted user interface that prevents the legacy operating system from eavesdropping the authentication information (e.g., the PIN).  
3. If the user has been authenticated successfully, the signature can either be created by a signature service realized in software, or by a smartcard. in the latter case, a hash value of the document to be signed and the user authentication information is securely sent to the smartcard using an isolated smartcard driver.
4. The resulting signature is returned to the application of the legacy operating system that has invoked the signature creation process.

Note that the legacy cannot access the document after it has been sent to the trusted viewer. Moreover, it can neither eavesdrop the user authentication process not access the cryptographic algorithms or the signature key.