Signatures to Go: A Framework for Qualified PDF Signing on Mobile Devices

Emina Ahmetovic, Thomas Lenz, Christian Kollmann

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung


Electronic documents are an important part of a business workflow. To assure the integrity, authenticity, and non-repudiation of those documents, both public and private sectors use qualified electronic signatures to sign PDF files. Benefits of the resulting qualified PDF signing are widely recognized, and there are many desktop and web applications used to sign PDFs. Those applications usually require additional hardware, such as smartphones, or smart cards, to assure a multi-factor authentication in the signing process. However, the prevalence of mobile devices in everyday life posed a need for public services, which can be executed on a single mobile device. In this paper, we develop a user-friendly and privacy-preserving framework for qualified PDF signing on mobile devices. We show the feasibility of our framework by implementing all
necessary components: the PDF processing application, the Trust Service Provider server-side, and clientside application. The main focus of these components is to preserve the privacy of users and to meet user expectations regarding the functionalities of PDF signing applications. Furthermore, we demonstrate the
practical applicability of our solution by integrating it into the productive Austrian e-Government system.
Lastly, we conclude the paper with extensive performance evaluation.
TitelProceedings of the 17th International Joint Conference on e-Business and Telecommunications -SECRYPT
Herausgeber (Verlag)SciTePress - Science and Technology Publications
ISBN (elektronisch)978-989-758-446-6
PublikationsstatusVeröffentlicht - 2020
Veranstaltung17th International Conference on Security and Cryptography - Virtuell, Frankreich
Dauer: 8 Juli 202010 Juli 2020


Konferenz17th International Conference on Security and Cryptography
KurztitelSECRYPT 2020

Dieses zitieren