Protecting the Creation of Digital Signatures with Trusted Computing Platform Technology Against Attacks by Trojan Horse Programs

IFIP Advances in Information and Communication Technology

Volumn 65, Issue , 2002, Pages 403-419

  Spalka, Adrian ^a   Cremers, Armin B ^a   Langweg, Hanno ^a  

^a UNIVERSITY OF BONN   (Germany)

Author keywords

Digital signatures; Trojan horse programs; Trusted computing platform

Indexed keywords

AUTHENTICATION; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; SECURITY OF DATA;

CRYPTOGRAPHIC PROPERTIES; DEGREE OF PROTECTION; KEY TECHNOLOGIES; MALICIOUS SOFTWARE; SOFTWARE PRODUCTS; TROJAN HORSE; TRUSTED COMPUTING PLATFORM; TRUSTED COMPUTING PLATFORM ALLIANCES;

MALWARE;

EID: 84904269073     PISSN: 18684238     EISSN: None     Source Type: Book Series    
DOI: None     Document Type: Conference Paper

References (17)

1. Balacheff, B., D. Chan, L. Chen, S. Pearson and G. Proudler (2000). 'Securing Intelligent Adjuncts Using Trusted Computing Platform Technology'. IFIP TC8/WG 8.8 4th Working Conference on Smart Card Research and Advanced Applications. pp: 177-195.
2. Bontchev, V. (1996). 'Possible macro virus attacks and how to prevent them'. Computers & Security 15(1996):595-626.
3. CERT Coordination Center (1999). CERT Advisory CA-99-02-Trojan-Horses. http://www.cert.org/advisories/CA-99-02-Trojan-Horses.html
4. Cremers, A. B., A. Spalka and H. Langweg (2001). 'Vermeidung und Abwehr von Angriffen Trojanischer Pferde auf Digitale Signaturen'. 7. Deutscher IT-Sicherheitskongress. Bonn, May 2001 [German]
5. Docherty, P., and P. Simpson (1999). 'Macro Attacks: What Next After Melissa?'. Computers & Security 18(1999):391-395.
6. European Parliament and European Council (1998). 'Directive on a Community framework for electronic signatures'. C5-0026/99 - 1998/0191 - (COD).
7. Ford, R. (1999). 'Malware: Troy Revisited'. Computers & Security 18(1999):105-108.
8. Hoffmeister, A., Cryptovision GmbH (2000). Personal communication.
9. Lacoste, G., B. Pfitzmann, M. Steiner and M. Waidner, ed. (2000) SEMPER - Secure Electronic Marketplace for Europe. Berlin et al: Springer-Verlag.
10. Lapid, Y., N. Ahituv and S. Neumann (1986). 'Approaches to Handling "Trojan Horse" Threats'. Computers & Security 5(1986):251-256.
11. Popek, G.J., and C.S. Kline (1977). 'Encryption Protocols, Public Key Algorithms and Digital Signatures in Computer Networks'.
12. R. A. DeMillo (1978). Foundations of Secure Computation. pp:133-153.
13. Pordesch, U. (2000). 'Der fehlende Nachweis der Präsentation signierter Daten'. DuD Datenschutz und Datensicherheit 24.2(2000):89-95. [German]
14. Schmidt, A. U. (2000). 'Signiertes XML und das Präsentationsproblem'. DuD Datenschutzund Datensicherheit 24.3(2000):153-158. [German]
15. Spalka, A., A. B. Cremers and H. Langweg (2001). 'The Fairy Tale of "What You See Is What You Sign". Trojan Horse Attacks on Software for Digital Signatures'. IFIP Working Conference on Security and Control of IT in Society-II. Bratislava, June 2001.
16. Stabell-Kulø, T. (2000). 'Smartcards: how to put them to use in a user-centric system'. HUC2K The Second International Symposium on Handheld and Ubiquitous Computing. http://www.pasta.cs.uit.no/publications/HUC2K.html.
17. Trusted Computing Platform Alliance (2000). TCPA Trusted Subsystem Specification Version 0.9. http://www.trustedpc.org.