Key-spoofing attacks on nested signature blocks
Author
Christianson, B.
Low, M.R.
Attention
2299/3609
Abstract
For a given signature block and any other data, there exists a key which produces the same signature block. The threat that this poses to schemes which use nested signature blocks as pointers to other tokens is identified, using a theft-proof capability mechanism as an illustration. A modification to public key certificates is then proposed to eliminate this threat.