iDSIGN: A SECURE LIGHTWEIGHT NFC-BASED FRAMEWORK TO TAP AND DIGITALLY SIGN DOCUMENTS

Abstract

The growing dependence on digital systems for secure document exchanges requires ef- ficient, lightweight digital signature solutions. Conventional methods, frequently depen- dent on Public Key Infrastructure (PKI) and cloud-based servers, introduce considerable challenges. PKI solutions suffer computational overhead, complex certificate adminis- tration, and security weaknesses, whereas cloud-based servers are susceptible to threats like data breaches, man-in-the-middle assaults, and unauthorized access. These risks are especially concerning in resource-limited and mobile environments. Firstly, this work proposes iDSign, a novel secure and lightweight framework for digi- tal document signatures that utilizes Identity-Based Cryptography (IBC) and a modified lightweight Identity-based Transport Layer Security (iTLS) protocol. iDSign mitigates extensive certificate exchanges and reliance on susceptible cloud infrastructures by im- proving efficiency with tamper-resistant Secure Elements (SEs). The framework is adapt- able for various communication interfaces such as NFC, Bluetooth, and Transmission Control Protocol (TCP/IP), guaranteeing safe offline and proximity-based operations. Secondly, this work also proposes the design and implementation of the iHDoc ap- plication based on the iDSign framework for the mobile-based signing of documents. iHDoc leverages NFC-based Host Card Emulation (HCE) for secure two-way commu- nication and Bluetooth for effective post-authentication data transmission. NFC prox- imity reduces the risk of man-in-the-middle attacks and ensures the locality of refer- ence. The mutual authentication component of the iDSign framework is compared with an Rivest–Shamir–Adleman (RSA)-based configuration to evaluate performance in real- world mobile scenarios. The results indicate that iHDoc based on iDSign significantly surpasses the RSA-based mutual authentication configuration in terms of execution speed, storage efficiency, and compatibility with mobile devices. This thesis rigorously exam- ines iDSign’s security attributes, covering its resistance to assaults and forward secrecy while quantitatively evaluating its communication and computing overhead. The results confirm iDSign as a lightweight, secure solution to digital document signing that is ap- propriate for offline, resource-limited, and mobile contexts.