Digital signatures have a big problem with meaning

Wed Jun 1 12:37:51 EDT 2005

dan at geer.org wrote:
> On the one hand a digital signature should matter more
> the bigger the transaction that it protects.  On the
> other hand, the bigger the transaction the lower the
> probability that it is between strangers who have no
> other leverage for recourse.
> 
> And, of course, proving anything by way of dueling 
> experts doesn't provide much predictability in a jury
> system, e.g., OJ Simpson.

the bigger the transaction that the digital signature verifies .... the 
more the relying party is going to be interested in fundamental 
integrity issues surrounding the digital signature generation

from 3-factor authentication paradigm

* something you have
* something you know
* something you are

simple digital signature verification is basically "something you have" 
authentication ... implying that the originator has access to and use of 
the corresponding private key (in addition to the transaction not having 
been modified in transit).

fundamental issues surrounding digital signature can be the integrity 
level of the infrastructure preventing compromise of the private key aka 
is the private key protected in a software file, is the private key in a 
hardware token, was the private key generated in a hardware token and 
can never leave the hardare token. also if it is a hardware token, is a 
pin/password also required to make the token operate correctly i.e. 
knowing characteristics of the hardware token, the relying party might 
be able to infer two-factor authentication and assess the risk/threats 
involved.

also what is the integrity level of the infrastructure in which the 
digital signature was generated ... for instance some of the EU finread
standard
http://www.garlic.com/~lynn/subpubkey.html#finread

which try and specify the minimum constraints for generation of a 
digital signature on a financial transaction.

this isn't so much proving anything ... this is risk management ... what 
is the likelyhood/exposure of a compromise for the relying party ... or 
security proportional to risk
http://www.garlic.com/~lynn/2001h.html#61

standard types of things that you would find at financial institutions 
and/or insurance institutions.

part of the confusion possibly is because of the extensive deployment of 
PKI literature ... which tends to focus the attention on the 
certification process ... as opposed to the integrity of the 
authentication process. the issue is that for the majority of business 
operations ... the PKI certificate process tends to be duplication of 
extensive relationship management business process that they already 
have in use (and therefor is redundant and superfluous) ... and there is 
much less focus on the basic risk, threat and vulnerability issues 
related directly to the authentcation.

and as i've frequently postulated ... that same may have an interest in 
creating semantic confusion ... implying that because the term "digital 
signature" includes the word "signature" ... that it somehow bears some 
relationship to human signatures.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com