An Automatic Signature Scheme Using a Compiler in Distributed Systems

Whe-Dar LIN  Jinn-Ke JAN  

Publication
IEICE TRANSACTIONS on Communications   Vol.E83-B   No.5   pp.935-941
Publication Date: 2000/05/25
Online ISSN: 
DOI: 
Print ISSN: 0916-8516
Type of Manuscript: Special Section PAPER (IEICE/IEEE Joint Special Issue on Autonomous Decentralized Systems)
Category: Communication and Computer Architecture/Assurance Systems
Keyword: 
computer virus,  virus protection,  digital signature,  automatic signature scheme,  

Full Text: PDF>>
Buy this Article




Summary: 
A novel protocol scheme is proposed here to compile a program or run a software package. It is a modification where a file can be detected by checking the consistency of the original file with its accompanying digital signature. When an executable program is created it may get infected with some viruses before the signature is attached to it. The infection cannot be detected by signature verification and the origin of the infection cannot be specified either. We propose a signature scheme that let one can sign right in atomic step after the creation of an executable program. Our security-related and cryptographic protocol is used to establish secure communication over insecure open networks and distributed systems. When a server compiles a source program, the compiler automatically creates both the executable program and its signature. Thus no virus can infect the executable programs without being detected. In our proposed signature scheme, the server signature is created a set of proxy secret integers, which is calculated from a compiler maker's secret key. Each server compiler is possessed by its corresponding client user and it is used only when a server secret value is fed into it. The infections of files can be detected by the ordinary server digital signatures. The proposed signature scheme together with the digital signature against infection in the preprocessing step enables us to specify the origin of the infection. Besides that, we also provide the message recovery capability to recover the original file to save the infected files. The most natural extension of this novel protocol scheme is a server-based signature that integrated together with application packages will allow client and the server to commit themselves to one another.