Equipping Smart Devices with Public Key Signatures

摘要

One of the major recent trends in computing has been towards so-called smart devices, such as PDAs, cell phones and sensors. Such devices tend to have a feature in common: limited computational capabilities and equally limited power, as most operate on batteries. This makes them ill-suited for public key signatures. This article explores practical and conceptual implications of using Server-Aided Signatures (SAS) for these devices. SAS is a signature method that relies on partially-trusted servers for generating (normally expensive) public key signatures for regular users. Although the primary goal is to aid small, resource-limited devices in signature generation, SAS also offers fast certificate revocation, signature causality and reliable timestamping. It also has some interesting features such as built-in attack detection for users and DoS resistance for servers. Our experimental results also validate the feasibility of deploying SAS on smart devices.