Digital Signatures for e-Government  -- a Long-Term Security Architecture
                         P.Blaskiewicz, P.Kubiak,  M.Kutylowski,  
    
The framework of digital signature based on qualified certificates and  X.509 architecture  
has many security risk.  Moreover, the fraud prevention mechanism is fragile and does not 
provide strong guarantees that might be regarded as necessary for flow of legal documents. 

Recently, mediated signatures has been proposed as a mechanism to effectively disable 
signature cards. In this paper we propose further mechanisms that can be applied on top 
on mediated RSA, so that we obtain signatures compatible with the standard format, but provide 
security guarantees even in the case when RSA becomes broken or the keys are compromised. 
Our solution is well suited  for deploying a large-scale, long-term digital signature system 
for signing legal documents. Moreover,  the solution is immune to kleptographic attacks as only 
deterministic algorithms are used on user's side.

accepted for  E-FORENSICS 2010

to be published in LNICST