Signing digital documents in hostile environments

Digital signature is nowadays a consolidated machinery allowing the management of electronic documents with full legal power. In this scenario, digital signature represents thus the key issue on every process of document dematerialization toward which both private and public organizations, as well as simple citizens, are moving quickly. Unfortunately, digital signature suffers from a severe vulnerability, directly deriving from the potential untrustworthiness of the platform where the signature generation process runs, enabling a set of possible dangerous attacks. The basic reason of this vulnerability is that an even secure smart card is anyway a handicapped computer, since it misses I/O devices so that there is no trusted control about the link between the document to sign and the digest received from the smart card. Exploiting such a weakness, the attacker can intrude in order to obtain signed documents with no intention from the subscriber. The problem is inherently unsolvable, provided that the current signature infrastructure, as well as its legal value, are maintained. In this paper we propose a new approach to contrasting the above problem, from which we derive two techniques with different features in terms of efficiency and robustness. The nice feature of our proposal, beside its effectiveness, is that it totally preserves the current software and legal infrastructure.