[17319] in cryptography@c2.net mail archive
Re: Digital signatures have a big problem with meaning
daemon@ATHENA.MIT.EDU (Anne & Lynn Wheeler)
Thu Jun 2 13:03:28 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 01 Jun 2005 10:37:51 -0600
From: Anne & Lynn Wheeler <lynn@garlic.com>
To: dan@geer.org
Cc: Ian G <iang@systemics.com>, cryptography@metzdowd.com
In-Reply-To: <20050601140759.91BCC1BF97D@absinthe.tinho.net>
dan@geer.org wrote:
> On the one hand a digital signature should matter more
> the bigger the transaction that it protects. On the
> other hand, the bigger the transaction the lower the
> probability that it is between strangers who have no
> other leverage for recourse.
>
> And, of course, proving anything by way of dueling
> experts doesn't provide much predictability in a jury
> system, e.g., OJ Simpson.
the bigger the transaction that the digital signature verifies .... the
more the relying party is going to be interested in fundamental
integrity issues surrounding the digital signature generation
from 3-factor authentication paradigm
* something you have
* something you know
* something you are
simple digital signature verification is basically "something you have"
authentication ... implying that the originator has access to and use of
the corresponding private key (in addition to the transaction not having
been modified in transit).
fundamental issues surrounding digital signature can be the integrity
level of the infrastructure preventing compromise of the private key aka
is the private key protected in a software file, is the private key in a
hardware token, was the private key generated in a hardware token and
can never leave the hardare token. also if it is a hardware token, is a
pin/password also required to make the token operate correctly i.e.
knowing characteristics of the hardware token, the relying party might
be able to infer two-factor authentication and assess the risk/threats
involved.
also what is the integrity level of the infrastructure in which the
digital signature was generated ... for instance some of the EU finread
standard
http://www.garlic.com/~lynn/subpubkey.html#finread
which try and specify the minimum constraints for generation of a
digital signature on a financial transaction.
this isn't so much proving anything ... this is risk management ... what
is the likelyhood/exposure of a compromise for the relying party ... or
security proportional to risk
http://www.garlic.com/~lynn/2001h.html#61
standard types of things that you would find at financial institutions
and/or insurance institutions.
part of the confusion possibly is because of the extensive deployment of
PKI literature ... which tends to focus the attention on the
certification process ... as opposed to the integrity of the
authentication process. the issue is that for the majority of business
operations ... the PKI certificate process tends to be duplication of
extensive relationship management business process that they already
have in use (and therefor is redundant and superfluous) ... and there is
much less focus on the basic risk, threat and vulnerability issues
related directly to the authentcation.
and as i've frequently postulated ... that same may have an interest in
creating semantic confusion ... implying that because the term "digital
signature" includes the word "signature" ... that it somehow bears some
relationship to human signatures.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
