A Method for Detecting the Exposure of a Secret Key in Key-Insulated Scheme

Dodis et al proposed a key-insulated signature scheme in 2003. In the scheme, total lifetime of a certificate is divided to time periods and different secret keys are used for each time period. The master secret key is stored in the physically secure device and is not used for signing directly. The different secret keys are used for signature in each time period and they are refreshed by a computation with the master key. Therefore, the scheme can minimize the damage caused by a secret key's exposure. However, it can not protect the user from the secret key's exposure perfectly. The authors propose a method which can detect even a single illegitimate signature due to the exposure of a secret key in the key-insulated scheme.