The Last Line of Defence in Case of Signing Key Compromise 
                
                     Przemyslaw Blaskiewicz, Miroslaw Kutylowski, Marcin Slowik
                           Wroclaw University of Science and Technology

                           
The standard approach for  electronic signatures and seals  is that  Secure Signature Creation Devices
are responsible for confidentiality of secret keys and remain under sole control of their owner. 
The eIDAS Regulation of EU follows this approach. However, once the private key gets compromised 
(e.g. by a faulty design  of the signing device or powerful cryptanalysis of the public key), 
then the signature model becomes a deadly trap.   

We address this problem by creating a second line of defence -- when the  signing key gets compromized 
we can still fish out the signatures created by  a signature device. The proposed approach of signature-in-signature 
can be implemented in the standard Schnorr signature and can remain hidden until  the examination of signatures 
after the signing key compromise.

Keywords: eIDAS, advanced electronic signature, electronic seal, SSCD, Schnorr signature, 
key compromise, forgery


Publication: ESORICS'2021 (poster track)