EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Distributed signature

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#12828
Posted: 03/19/2010 09:42:21
by donato de philippis (Basic support level)
Joined: 03/19/2010
Posts: 2

I have many large files on a webserver which I need to sign using a private key in a smart card on a client pc. Is there a way to calculate the hash on the server, send only the hash data to the client, sign it locally, send it back to the server, "recombine" the signature wiht the original file to get a the signed file? Does SecureBlackBox support such a process?
#12829
Posted: 03/19/2010 09:56:56
by Eugene Mayevski (EldoS Corp.)

This is a possible, but very non-trivial task.

You would need to create custom CryptoProvider component which will perform Sign operation by sending the request to the client in some way.

We have a plan to offer a specialized client-server solution for this task, but this is a work that is currently in progress and the overall task itself is quite complicated (we would need to provide more functionality than you need in your particular scenario, so it will take us much more time than you would spend).


Sincerely yours
Eugene Mayevski
#12838
Posted: 03/23/2010 05:10:38
by irsantonio (Basic support level)
Joined: 02/15/2010
Posts: 8

We are also interested in that solution. Is it possible to inherit the builtin cryptoprovider and only modify hash signing?
#12839
Posted: 03/23/2010 06:39:46
by Ken Ivanov (EldoS Corp.)

Yes, that's how it is expected to be done. As a matter of fact, there is nothing complex in implementing it for a particular task (e.g., yours). However, as Eugene said, we have plans of implementing this functionality as an universal solution, and this, in turn, requires quite a bit of time.
#12840
Posted: 03/23/2010 06:49:55
by Eugene Mayevski (EldoS Corp.)

Yes, this is how it's done. You just override Sign method (signing is always done over some small data block such as hash).


Sincerely yours
Eugene Mayevski
#13728
Posted: 06/22/2010 06:16:12
by SmartAccess  (Standard support level)
Joined: 04/13/2010
Posts: 2

We have already implemented distributed signature between a .NET Web Service based on SecureBlackBox and a Java Applet in our digital signature services if you are interested.

The client applet only sign (RSA encrypt) the digest with the private key and the rest of the process is done in the server application.
#13944
Posted: 07/16/2010 06:34:52
by Qualisoft CQPD (Standard support level)
Joined: 03/13/2007
Posts: 55

Eugene i am interested in this new feature (Distributed signature). There are any release date (plan) for this new feature?

Can i override Sign method with .NET and make the modifications? or i need the Delphi (with source) version of SBB?

I can´r contact SmartAccess because the email link shows error: Access denied. The file /forum/send_message.php cannot be viewed

thanks
luis ricardo
Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.

Reply

Statistics

Topic viewed 1623 times

Number of guests: 2, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!