Security and Trust in the Italian Legal Digital Signature Framework [chapter]

Stefano Zanero
2005 Lecture Notes in Computer Science  
The early adoption of a national, legal digital signature framework in Italy has brought forth a series of problems and vulnerabilities. In this paper we describe each of them, showing how in each case the issue does not lie in the algorithms and technologies adopted, but either in faulty implementations, bad design choices, or legal and methodological issues. We also show which countermeasures would be appropriate to reduce the risks. We show the reflex of these vulnerabilities on the
more » ... ed framework which gives legal value to digital signatures. We think that this study can help to avoid similar mistakes, now that under EU directives a similar architecture is planned or under development in most EU countries.
doi:10.1007/11429760_3 fatcat:3t5t26p5pbbr3bpaudoagysiiq