Digital technology has radically changed how companies do business―the postal system is no exception. The advent of the digital postage meter has transformed the processes for payment and revenue collection.

Digital Postage Marks (DPMs) provide the proof of payment as a piece of mail progresses through the postal system. They offer the potential for significant cost savings when compared with the use of legacy postage marks, due to their ease of reproduction and their machine-readability.

While it has become much easier to reproduce a Digital Postage Mark (DPM), it is much harder to confirm evidence of payment for use of that mark. This means that postal organizations risk losing revenue for pieces of mail that go out with fraudulent―or copied―digital postal marks. The revenue loss from any fraudulent use offsets any potential cost savings. This explains the interest by postal organizations in secure, yet cost-effective postage marks that would thwart fraud.

To prevent this fraud, digital signatures are used to encode digital postage marks and to prove the mark is valid. Signature size, however, is an important consideration, as it directly affects the size of the DPM that must go on a piece of mail. Equally important is the strength of the signature, which cannot be compromised.

This article examines the Elliptic Curve Pintsov Vanstone Signature scheme (ECPVS). Based on ECC, this method offers a signature size six times smaller than an RSA-based signature, yet still remains highly secure.


An Overview of the Process

To understand the importance of securing the DPM, we should take a step back and look at the postal process.

Company A generates digital postage marks for mail they send out to a number of different customer targets. The postal system verifies that the postage marks are valid and sends each piece of mail to its intended destination. However, fraud can occur when:

  1. An adversary, Eve, intercepts a piece of this mail, copies the DPM originally generated by company A, and uses it for her own purposes.
  2. Company A takes the DPM it generated legitimately for one piece of mail, and uses it fraudulently on other pieces of mail it sends out, thereby reducing its overall mailing costs.

In either case, each example illustrates the need for better authentication of the information contained within the DPM.

Using digital signatures to authenticate a DPM enables the verification of a postage mark. Each digital mark is tied to one specific piece of mail and cannot be re-used for fraudulent purposes. Terminals will never re-use a DPM. Digital postage verifiers will reject old, copied DPMs and can ultimately trace the origin of attempts to re-use copied DPMs.