Abstract
This paper describes a method of increasing the trust in open computing platforms, such that a person can have confidence in producing a digital signature using open platforms.The process of using a digital signature to sign a digital document is well understood. Most descriptions assume the correctness of the process of signing a document within a computing platform. In an increasing connected world, this assumption is no longer true when open computing platforms are used. This paper proposes the signing of a document in a general-purpose computing platform using a trusted process. That trusted process creates a signature over a digital image that represents the document and uses a trusted display controller in the platform plus a smart card owned by the prospective signer. The trusted display controller is part of the video processing path, and can display video data on a monitor without interference or subversion by any software components at the platform. The smart card is able to authenticate the trusted display controller, and demonstrate to the signer the results of that authentication using the trusted display controller.The most unusual aspects of the method are: (1) a thumbnail image is stored in the smart card, and used as a surround or background for an image (on a display) that is to be signed; (2) the smart card signs image data on the authority of the trusted display controller, without direct authorisation from the signer.