Abstract
Forward-secure signatures (FSSs) have recently received much attention from the cryptographic theory community as a potentially realistic way to mitigate many of the difficulties digital signatures face with key exposure. However, no previous works have explored the practical performance of these proposed constructions in real-world applications, nor have they compared FSS to traditional, non-forward-secure, signatures in a non-asymptotic way. We present an empirical evaluation of several FSS schemes that looks at the relative performance among different types of FSS as well as between FSS and traditional signatures. Our study provides the following contributions: first, a new methodology for comparing the performance of signature schemes, and second, a thorough examination of the practical performance of FSS. We show that for many cases the best FSS scheme has essentially identical performance to traditional schemes, and even in the worst case is only 2-4 times slower. On the other hand, we also show that if the wrong FSS configuration is used, the performance can be orders of magnitude slower. Our methodology provides a way to prevent such misconfigurations, and we examine common applications of digital signatures using it. We conclude that not only are forward-secure signatures a useful theoretical construct as previous works have shown, but they are also, when used correctly, a very practical solution to some of the problems associated with key exposure in real-world applications. Through our metrics and our reference implementation we provide the tools necessary for developers to efficiently use FSS.
Original language | English (US) |
---|---|
Pages (from-to) | 131-144 |
Number of pages | 14 |
Journal | Proceedings of the ACM Conference on Computer and Communications Security |
DOIs | |
State | Published - 2003 |
Event | Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003 - Washington, DC, United States Duration: Oct 27 2003 → Oct 31 2003 |
All Science Journal Classification (ASJC) codes
- Software
- Computer Networks and Communications