CRFs for Digital Signature and NIZK Proof System in Web Services

AbstractWeb services are service-oriented computing technology which allows computers running different operating domains to access and share each other’s databases. Each web service is an application (like online business) which may require the private information of users. Thus, it will be important to preserve these web users’ individual privacy. The traditional approaches to achieve this goal in web security is to use the cryptographic technologies, such as digital signature, NIZK proof system. Whereas, some recent research results indicate that these cryptographic technologies may suffer from the algorithm substitution attack (ASA). ASA means that the cryptographic technology would be embedded some backdoor in the process of its implementation by the attacker, and with the backdoor information the attacker can steal the user’s private information. To address this problem, the concept of cryptographic reverse firewall (CRF) has been introduced, which could sanitize the messages inputting and outputting the user’s computer. In this paper, we construct the CRFs for the efficient Pointcheval-Sanders (PS) signature as well as the NIZK proof system.KeywordsWeb securityCryptographic reverse firewallDigital signatureNon-interactive zero knowledge proof systemAlgorithm substitution attack