2012 | OriginalPaper | Buchkapitel
The Role of Data Integrity in EU Digital Signature Legislation — Achieving Statutory Trust for Sanitizable Signature Schemes
verfasst von : Henrich C. Pöhls, Focke Höhne
Erschienen in: Security and Trust Management
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
We analyse the legal requirements that digital signature schemes have to fulfil to achieve the
Statutory Trust
granted by the EU electronic signature laws (“legally equivalent to hand-written signatures”). Legally, we found that the possibility to detect subsequent changes is important for the Statutory Trust. However, detectability was neither adequately nor precisely enough defined in the technical and legal definitions of the term “Data Integrity”. The existing definition on integrity lack a precise notion of which changes should not invalidate a corresponding digital signature and also lack notions to distinguish levels of detection. We give a new definition for Data Integrity including two notions: Authorized changes, these are changes which do not compromise the data’s integrity; and their level of detection. Especially, the technical term “Transparency” introduced as a security property for sanitizable signature schemes has an opposite meaning in the legal context. Technically, cryptography can allow authorized changes and keep them unrecognisably hidden. Legally, keeping them invisible removes the Statutory Trust. This work shows how to gain the Statutory Trust for a chameleon hash based sanitizable signature scheme.