Chaining Electronic Seals
               An eIDAS compliant framework for controlling SSCD

                      Przemyslaw Blaskiewicz, Mirosław Kutylowski
                      Wroclaw University of Science and Technology 
                      
                      
The European eIDAS Regulation introduces an electronic seal as a legal solution necessary 
for the transition to a fully digital document flow. An electronic seal has to  authenticate 
the origin of the document and confirm the data contained in a digital document. 

A usage scenario of electronic seals -- e.g. confirming financial operations, issuing invoices, etc. -- 
may require much harder security measures than in the case of electronic signatures attributed to 
physical persons. Although we are going to use cryptographic digital signature schemes for both 
electronic signatures and electronic seals, in the case of electronic seals the impact of 
a security breach might be greater by an order of magnitude. 

One of the critical issues is maintaining control over the set of seals created by a device. 
The owner of the device must be sure that no seal has been created without his consent. 
On the other hand, it should be impossible to hide any seal created by the device, for example, 
in the case of controlling a bookkeeping database.

In this paper, we present effective solutions for 
chaining electronic seals. When a list of electronic seals is presented, one can check 
whether this is the complete list of all electronic seals created by a device over a given period of time. 
We also provide means for clone detection.

Unlike the previous solution, the proposed schemes do not require sharing any secret key with 
the seal creation device and the proof is not ``one-time'' only.


presented at ACIIDS'2022, to appear in conference proceedings, Springer Nature