Sender and receiver non-repudiation

Eugene Leitl Eugene.Leitl at lrz.uni-muenchen.de
Tue Jul 3 12:55:38 EDT 2001 

On Tue, 3 Jul 2001 Lynn.Wheeler at firstdata.com wrote:

> there is even simpler "misappropriation" ... that of virus on the machine
> ... how do you really know what your computer is doing.

The more control you have over your machine, and the environment, the more
security you have. By hiding sensitive tasks into armored compartments you
can push this way further, making it sufficiently secure for all practical
purposes.

> with paper signatures .... it is somewhat more clear-cut that the person
> signing a document ... is actually looking at the document they are
> signing. With digital signatures it becomes murkier ... how does somebody

But you are looking at a representation of a document, as rendered in the
frame buffer. If you're worried about your machine being compromised,
either use armored crypto hardware protected by clean
protocols/interfaces, or an air gap protected machine containing only the
barest OS essentials and crypto binaries, only transferring _passive_
(thanks to MS, it's essentially just plain ASCII) documents via
sneakernet.

For practical purposes you would use a smart card with a crypto processor
on it. I personally think it would be interesting to see what can be done
with polymer/OLED frame buffers printed directly on the top of a deep
embedded, which does both video and crypto directly in the framebuffer
compartment, and only talks via a fast packet switched network to the rest
of the (wearable) computer. The less code and state is in there, the less
potential for exploits.

> know that what they are looking at is the same thing that the computer is
> calculating a digital signature for.

-- Eugen* Leitl <a href="http://www.lrz.de/~ui22204/">leitl</a>
______________________________________________________________
ICBMTO  : N48 10'07'' E011 33'53'' http://www.lrz.de/~ui22204
57F9CFD3: ED90 0433 EB74 E4A9 537F CFF5 86E7 629B 57F9 CFD3




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list