{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,7]],"date-time":"2026-02-07T03:12:05Z","timestamp":1770433925735,"version":"3.49.0"},"reference-count":29,"publisher":"Association for Computing Machinery (ACM)","issue":"1","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Internet Technol."],"published-print":{"date-parts":[[2007,2]]},"abstract":"<jats:p>One of the major recent trends in computing has been towards so-called smart devices, such as PDAs, cell phones and sensors. Such devices tend to have a feature in common: limited computational capabilities and equally limited power, as most operate on batteries. This makes them ill-suited for public key signatures. This article explores practical and conceptual implications of using Server-Aided Signatures (SAS) for these devices. SAS is a signature method that relies on partially-trusted servers for generating (normally expensive) public key signatures for regular users. Although the primary goal is to aid small, resource-limited devices in signature generation, SAS also offers fast certificate revocation, signature causality and reliable timestamping. It also has some interesting features such as built-in attack detection for users and DoS resistance for servers. Our experimental results also validate the feasibility of deploying SAS on smart devices.<\/jats:p>","DOI":"10.1145\/1189740.1189743","type":"journal-article","created":{"date-parts":[[2007,4,5]],"date-time":"2007-04-05T19:20:08Z","timestamp":1175800808000},"page":"3","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":12,"title":["Equipping smart devices with public key signatures"],"prefix":"10.1145","volume":"7","author":[{"given":"Xuhua","family":"Ding","sequence":"first","affiliation":[{"name":"Singapore Management University, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daniele","family":"Mazzocchi","sequence":"additional","affiliation":[{"name":"Istituto Superiore Mario Boella, Torino, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gene","family":"Tsudik","sequence":"additional","affiliation":[{"name":"University of California, Irvine, CA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2007,2]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"crossref","unstructured":"Adams C. Cain P. Pinkas D. and Zuccherato R. 2001. Internet x.509 public key infrastructure time stamp protocol (tsp) draft-ietf-pkix-time-stamp-15.txt.]]   Adams C. Cain P. Pinkas D. and Zuccherato R. 2001. Internet x.509 public key infrastructure time stamp protocol (tsp) draft-ietf-pkix-time-stamp-15.txt.]]","DOI":"10.17487\/rfc3161"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.5555\/353580.353592"},{"key":"e_1_2_1_3_1","doi-asserted-by":"crossref","unstructured":"Bellare M. Canetti R. and \n      Krawczyk H\n  . \n  1996\n  . Keying hash functions for message authen-tication. In Advances in Cryptology---CRYPTO '96 N. Koblitz Ed. Number 1109 in \n  Lecture Notes in Computer Science\n  . \n  Springer-Verlag Berlin 1--15.]]   Bellare M. Canetti R. and Krawczyk H. 1996. Keying hash functions for message authen-tication. In Advances in Cryptology---CRYPTO '96 N. Koblitz Ed. Number 1109 in Lecture Notes in Computer Science. Springer-Verlag Berlin 1--15.]]","DOI":"10.1007\/3-540-68697-5_1"},{"key":"e_1_2_1_4_1","volume-title":"Proceedings of RSA Conference' Cryptography Track.]]","author":"Bicakci K.","unstructured":"Bicakci , K. and Baykal , N . 2000. Server assisted signatures revisited . In Proceedings of RSA Conference' Cryptography Track.]] Bicakci, K. and Baykal, N. 2000. Server assisted signatures revisited. In Proceedings of RSA Conference' Cryptography Track.]]"},{"key":"e_1_2_1_5_1","doi-asserted-by":"crossref","unstructured":"Boeyen S. Howes T. and Richard P. 1999. RFC 2559: Internet x.509 public key infrastructure operational protocols---LDAPv2.]]   Boeyen S. Howes T. and Richard P. 1999. RFC 2559: Internet x.509 public key infrastructure operational protocols---LDAPv2.]]","DOI":"10.17487\/rfc2559"},{"key":"e_1_2_1_6_1","volume-title":"Proceedings of USENIX Security Symposium","author":"Boneh D.","year":"2001","unstructured":"Boneh , D. , Ding , X. , Tsudik , G. , and Wong , B . 2001. Instanteneous revocation of security capabilities . In Proceedings of USENIX Security Symposium 2001 .]] Boneh, D., Ding, X., Tsudik, G., and Wong, B. 2001. Instanteneous revocation of security capabilities. In Proceedings of USENIX Security Symposium 2001.]]"},{"key":"e_1_2_1_7_1","volume-title":"Proceedings of NDSS","author":"Ding X.","year":"2002","unstructured":"Ding , X. , Mazzocchi , D. , and Tsudik , G . 2002. Experimenting with server-aided signatures . In Proceedings of NDSS 2002 .]] Ding, X., Mazzocchi, D., and Tsudik, G. 2002. Experimenting with server-aided signatures. In Proceedings of NDSS 2002.]]"},{"key":"e_1_2_1_8_1","volume-title":"Proceedings of IEEE ICDCS","author":"Ding X.","year":"2004","unstructured":"Ding , X. , Tsudik , G. , and Xu , S . 2004. Leak-free group signatures with immediate revocation . In Proceedings of IEEE ICDCS 2004 .]] Ding, X., Tsudik, G., and Xu, S. 2004. Leak-free group signatures with immediate revocation. In Proceedings of IEEE ICDCS 2004.]]"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF02254791"},{"key":"e_1_2_1_10_1","volume-title":"Symposium on Network and Distributed Systems Security, T. Mayfield, Ed. Internet Society","author":"Ganesan R.","year":"1995","unstructured":"Ganesan , R. 1995 . Argumenting kerberose with pubic-key crytography . In Symposium on Network and Distributed Systems Security, T. Mayfield, Ed. Internet Society , San Diego, California.]] Ganesan, R. 1995. Argumenting kerberose with pubic-key crytography. In Symposium on Network and Distributed Systems Security, T. Mayfield, Ed. Internet Society, San Diego, California.]]"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1137\/0217017"},{"key":"e_1_2_1_12_1","volume-title":"Proceedings of DARPA DISCEX II.]]","author":"Goodrich M.","unstructured":"Goodrich , M. , Tahassia , R. , and Schwbrin , A . 2001. Implementation of an authenticated dictionary with skip lists and commutative hashing . In Proceedings of DARPA DISCEX II.]] Goodrich, M., Tahassia, R., and Schwbrin, A. 2001. Implementation of an authenticated dictionary with skip lists and commutative hashing. In Proceedings of DARPA DISCEX II.]]"},{"key":"e_1_2_1_13_1","unstructured":"Goyal V. 2004. More efficient server assisted one time signatures. available at http:\/\/eprint.iacr.org\/S004\/135.]]  Goyal V. 2004. More efficient server assisted one time signatures. available at http:\/\/eprint.iacr.org\/S004\/135.]]"},{"key":"e_1_2_1_14_1","doi-asserted-by":"crossref","unstructured":"Housley R. Ford W. Polk W. and Sold D. 1999. RFC 2459: Internet x.509 public key infrastructure certificate and crl profile.]]   Housley R. Ford W. Polk W. and Sold D. 1999. RFC 2459: Internet x.509 public key infrastructure certificate and crl profile.]]","DOI":"10.17487\/rfc2459"},{"key":"e_1_2_1_15_1","series-title":"Lecture Notes in Computer Science","volume-title":"Financial Cryptography---FC '98","author":"Kocher P.","unstructured":"Kocher , P. 1998. On certificate revocation and validation . In Financial Cryptography---FC '98 , Lecture Notes in Computer Science , Springer-Verlag , Vol . 1465. 172--177.]] Kocher, P. 1998. On certificate revocation and validation. In Financial Cryptography---FC '98, Lecture Notes in Computer Science, Springer-Verlag, Vol. 1465. 172--177.]]"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/358790.358797"},{"key":"e_1_2_1_17_1","volume-title":"Proceedings of the 2001 IEEE Symposium on Security and Privacy. 12--25","author":"MacKenzie P.","unstructured":"MacKenzie , P. and Reiter , M. K . 2001a. Networked cryptographic devices resilient to capture . In Proceedings of the 2001 IEEE Symposium on Security and Privacy. 12--25 .]] MacKenzie, P. and Reiter, M. K. 2001a. Networked cryptographic devices resilient to capture. In Proceedings of the 2001 IEEE Symposium on Security and Privacy. 12--25.]]"},{"key":"e_1_2_1_18_1","doi-asserted-by":"crossref","unstructured":"MacKenzie P.\n     and \n      Reiter M. K\n  . \n  2001\n  b. Two-party generation of dsa signatures. In Advances in Cryptolosy---CRYPTO '01 J. Kilian Ed. Number 2139 in \n  Lecture Notes in Computer Science\n  . \n  Springer-Verlag Berlin Germany 137--154.]]   MacKenzie P. and Reiter M. K. 2001b. Two-party generation of dsa signatures. In Advances in Cryptolosy---CRYPTO '01 J. Kilian Ed. Number 2139 in Lecture Notes in Computer Science. Springer-Verlag Berlin Germany 137--154.]]","DOI":"10.1007\/3-540-44647-8_8"},{"key":"e_1_2_1_19_1","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology---CRYPTO '87","author":"Merkle R. C.","unstructured":"Merkle , R. C. 1988. A digital signature based on a conventional encryption function . In Advances in Cryptology---CRYPTO '87 , C. Pomerance, Ed. Number 293 in Lecture Notes in Computer Science . Springer-Verlag , Berlin Germany , Santa Barbara, CA, USA, 369--378.]] Merkle, R. C. 1988. A digital signature based on a conventional encryption function. In Advances in Cryptology---CRYPTO '87, C. Pomerance, Ed. Number 293 in Lecture Notes in Computer Science. Springer-Verlag, Berlin Germany, Santa Barbara, CA, USA, 369--378.]]"},{"key":"e_1_2_1_21_1","volume-title":"RSA Conference","author":"Modadugu N.","year":"2000","unstructured":"Modadugu , N. , Boneh , D. , and Kim , M . 2000. Generating rsa keys on a handheld using an untrusted server . In RSA Conference , Cryptography Track , 2000 .]] Modadugu, N., Boneh, D., and Kim, M. 2000. Generating rsa keys on a handheld using an untrusted server. In RSA Conference, Cryptography Track, 2000.]]"},{"key":"e_1_2_1_22_1","doi-asserted-by":"crossref","unstructured":"Myers M. Ankney R. Malpani A. Galperin S. and Adams C. 1999. RFC2560: Internet public key infrastructure online certicate status protocol---OCSP.]]   Myers M. Ankney R. Malpani A. Galperin S. and Adams C. 1999. RFC2560: Internet public key infrastructure online certicate status protocol---OCSP.]]","DOI":"10.17487\/rfc2560"},{"key":"e_1_2_1_23_1","volume-title":"Proceedings of the 7th USENIX Security Symposium","author":"Naor M.","unstructured":"Naor , M. and Nissim , K . 1998. Certificate revocation and certificate update . In Proceedings of the 7th USENIX Security Symposium ( San Antonio, Texas).]] Naor, M. and Nissim, K. 1998. Certificate revocation and certificate update. In Proceedings of the 7th USENIX Security Symposium (San Antonio, Texas).]]"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/501983.501988"},{"key":"e_1_2_1_25_1","volume-title":"Proceedings of NDSS","author":"Perrig A.","year":"2001","unstructured":"Perrig , A. , Canetti , R. , Song , D. , and Tygar , D . 2001. Efficient and secure source authentication for multicast . In Proceedings of NDSS 2001 .]] Perrig, A., Canetti, R., Song, D., and Tygar, D. 2001. Efficient and secure source authentication for multicast. In Proceedings of NDSS 2001.]]"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/359340.359342"},{"key":"e_1_2_1_27_1","unstructured":"RSA Laboratory. 2002. PKCS &num;Lv2.1: RSA cryptography standard.]]  RSA Laboratory. 2002. PKCS &num;Lv2.1: RSA cryptography standard.]]"},{"key":"e_1_2_1_28_1","volume-title":"Advances in Cryptology---CRYPTO '89","author":"Schnorr C. P.","year":"1989","unstructured":"Schnorr , C. P. 1989 . Efficient identification and signatures for smart cards . In Advances in Cryptology---CRYPTO '89 . 239--252.]] Schnorr, C. P. 1989. Efficient identification and signatures for smart cards. In Advances in Cryptology---CRYPTO '89. 239--252.]]"},{"key":"e_1_2_1_29_1","volume-title":"Advances in Cryptology---CRYPTO '2001","author":"Shamir A.","unstructured":"Shamir , A. and Tauman , Y . 2001. Improved online\/offline signature schemes . In Advances in Cryptology---CRYPTO '2001 . 365--367.]] Shamir, A. and Tauman, Y. 2001. Improved online\/offline signature schemes. In Advances in Cryptology---CRYPTO '2001. 365--367.]]"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/11426639_2"}],"container-title":["ACM Transactions on Internet Technology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1189740.1189743","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,12,28]],"date-time":"2022-12-28T18:30:06Z","timestamp":1672252206000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1189740.1189743"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007,2]]},"references-count":29,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2007,2]]}},"alternative-id":["10.1145\/1189740.1189743"],"URL":"https:\/\/doi.org\/10.1145\/1189740.1189743","relation":{},"ISSN":["1533-5399","1557-6051"],"issn-type":[{"value":"1533-5399","type":"print"},{"value":"1557-6051","type":"electronic"}],"subject":[],"published":{"date-parts":[[2007,2]]},"assertion":[{"value":"2007-02-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}