Browser Extension for Digital Signature

Abstract

AbstractIn the current era, it is most crucial for the organisations to expand their operations in the market environment and economic situations for consumers and partners. Here, digital security plays an important role in establishing the trust between the enterprises and the consumers [1]. To secure the web content, at present, we are using secure socket layer (SSL) over HTTP. However, SSL tackles only a subset of security services. SSL does not offer non-repudiation services which is also an equally important security requirement. This non-repudiation service can be achieved by digital signatures. This digital signature technology helps us not only to have non-repudiation services but also to have integrity and authentication services. The problem here is integration of digital signatures into web applications which is not easy as there are multiple signature (Shailaja G, Phani Kumar K, Saxena A in Universal designated multi verifier signature without random oracles, pp. 168–171, 2006) [2] representations and different key storage formats. But we need to have a standardised approach to consume the underlying PKI services. Except the vendors adhere to the formats which are standard meticulously, interoperability between applications cannot be always guaranteed. To achieve these standard formats, we use various available PKCS standards developed by RSA Laboratories. The key requirements here are signature creation and verification, centralised architecture and flexibility to sign the web content. PKCS7 standard which is named as “Cryptographic Message Syntax Standard” is extensively used for the verification of digital signatures and certificates. For example, S/MIME uses this standard as the basis. PKCS12 [3] standard which is named as “Personal Information Exchange Syntax Standard” describes about transfer syntax for personal identity information, private keys and certificates. In this paper, the main aim is to discuss how to get signed the web content in its entirety or selectively with the help of a browser extension such that it provides digital signatures and integrity services to the web content and also provides convenience to the end-users to use these security services.KeywordsDigital signatureDigital certificateBrowser extension