DSO: Dependable Signing Overlay Conference Paper uri icon


  • Dependable digital signing service requires both high fault-tolerance and high intrusion-tolerance. While providing high fault-tolerance, existing approaches do not satisfy the high intrusion-tolerance requirement in the face of availability, confidentiality and integrity attacks. In this paper, we propose Dependable Signing Overlay (DSO), a novel server architecture that can provide high intrusion-tolerance as well as high fault-tolerance. The key idea is: replicate the key shares and make the signing servers anonymous to clients (and thus also to the would-be attackers), in addition to using threshold signing. DSO utilizes structured P2P overlay routing techniques to provide timely services to legitimate clients. DSO is intended to be a scalable infrastructure for dependable digital signing service. This paper presents the architecture and protocols of DSO, and the analytical models for reliability and security analysis. We show that, compared with existing techniques, DSO has much better intrusion-tolerance under availability, confidentiality and integrity attacks. Springer-Verlag Berlin Heidelberg 2006.

published proceedings

  • Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

author list (cited authors)

  • Gu, G., Fogla, P., Lee, W., & Blough, D.

citation count

  • 2

complete list of authors

  • Gu, Guofei||Fogla, Prahlad||Lee, Wenke||Blough, Douglas

publication date

  • January 2006