Study and analysis of trustworthy systems supporting remote signing

Abstract

In the current digital world, digital signatures are steadily gaining foothold. They are used not only in security-critical situations but also in everyday formalities. For many decades, Public Key Infrastructures have provided a way to communicate securely, smart cards have been the technology securely storing and managing our digital identity and in charge of performing electronic signatures. A lot of signature services still rely on smart card based solutions, limiting the mobility and with poor usability, forcing the user to physically hold the necessary technology. During the last years, a few server-based digital signature solutions have been implemented, aiming to solve the shortcomings of the traditional PKIs. Several mobile digital identity solutions have been created, but only for specific scenarios. An alternative approach in this field intends to be fully compatible with any end-user device and use case, where the digital identity is hosted in a remote and secured centralized system. In this thesis a study, analysis and a proposed design of this scheme is performed in order to evaluate if it can reach a level of security equal to smart card based solutions, being able to perform and guarantee the highest level of electronic signature, those considered as qualified.