Laurence Bull

Universal Designated-Verifier Signatures

Motivated by privacy issues associated with dissemination of signed digital certificates, we define a new type of signature scheme called a ‘Universal Designated-Verifier Signature’ (UDVS). A UDVS scheme can function as a standard publicly-verifiable digital signature but has additional functionality which allows any holder of a signature (not necessarily the signer) to designate the signature to any desired designated-verifier (using the verifier’s public key). Given the designated-signature, the designated-verifier can verify that the message was signed by the signer, but is unable to convince anyone else of this fact.

A Hierarchical Extraction Policy for content extraction signatures: Selectively handling verifiable digital content

Content extraction signatures (CES) enable the selective disclosure of verifiable content from signed documents. We have previously demonstrated a CES Extraction Policy for fragment grouping to allow the document signer to designate which subsets of the original document are valid subdocuments. Extending this ability, we introduce a new Hierarchical Grouping Extraction Policy that is more powerful, and for which the encoding is dramatically smaller, than the existing Grouping Extraction Policy. This new Extraction Policy maps naturally onto the hierarchically structured documents commonly found in digital libraries. After giving a motivating example involving digital libraries we then conjecture as to how to enrich their functionality through the use of CESs. We also show how to implement the new extraction policy using XML signatures with a custom transform along with an improved design for the XML signature structure in order to achieve CES functionality.

Grouping verifiable content for selective disclosure

This paper addresses the issue of selective disclosure of verifiable content. It extends previous work relating to Content Extraction Signatures [21] to implement a more complex structure that encodes a richer, more flexible fragment extraction policy, which includes fragment grouping. The new extraction policy enables the signer to specify both optional and mandatory fragment associations (or groupings) for verifying extracted content.

XML Signature Extensibility Using Custom Transforms

The XML Signature specification defines a set of algorithms to be used to ensure security and application inter-operability for content signed using an XML Signature. We discuss a limitation of the XML Signature that arises from its extensibility to cater for new algorithms, and that is likely to be encountered in real-world implementations. We propose two ways to use and disseminate newly defined, or custom, transformation algorithms to address this limitation. These involve downloading the algorithm on-demand, or embedding the algorithm in the signature itself. Finally, we highlight a possible vulnerability to attack in the existing XML Signature Core Validation process when using custom transforms, and suggest an extension to the XML Signature standard to remedy this.