Supervised Usage Of Signature Creation Devices

We propose an effective scheme for controlling usage of secure signature creation devices (SSCD). With cryptographic means we assure that an inspector can check whether an (ordered) list of signatures at hand is the complete list of signatures created by the device. Our scheme is devoted to some applications like automatic creation of invoices or contract signing by a legal representative of a company.The inspection procedure is probabilistic with no false-negatives and low probability of false-positives. It requires extra private keys known only by the inspector. So it cannot be executed by the holder of an SSCD - this has to prevent testing integrity of the list after list manipulations searching for a false-positive result.Our solution works for a wide class of signatures based on Discrete Logarithm Problem without any changes of the signature format.We provide formal security proofs as well as discuss implementation issues.