Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
The Internet

House Passes Digital Signature Bill 163

ElDaveo writes "Story on CNN.com: 'Forget pen and paper. In the 21st century, signing your John Hancock could be a mouse-click away. The U.S. House of Representatives has approved a bill that would allow U.S. consumers to electronically sign their name over the Internet.'" Good. Maybe now I won't need to deal with so much paper in the future. On the downside, maybe some script kiddie will hack my signature and find cool things to buy online.
This discussion has been archived. No new comments can be posted.

House Passes Digital Signature Bill

Comments Filter:
  • IANAL. Take this with a grain of salt.

    The only requirements, legally speaking, for a signature to be valid are that (a) the individual must mark the document in some way, and (b) the individual must intend for the mark to be affirmative. If you and I were to enter into a contract, either of us could sign with an X or as "Mortimer J. Humphries III" -- even if you sign with something that's not your real name, if it meets the two requirements above, it's a binding signature.

    So, in light of this, the Digital Signature Act (or whatever they're calling it) is really quite irrelevant. If you and I sign an electronic contract with digital signatures, and we both mark it affirmatively, then the signature is valid -- period. (The virtue of digital signature algorithms is in that the signatures are difficult to repudiate -- while anyone could sign a contract as "Robert J. Hansen", presumably only I could sign a contract with my OpenPGP private key.)

    In short, this legislation is unsurprising and unnecessary. Don't get your shorts in a knot over it; no matter how you cut it, digital signatures are already valid.

    However -- to the best of my knowledge, digital signatures have not passed any kind of a court test. Instead of waiting for the courts to establish that digital signatures are valid (a process which could take years), the Legislature has just informed the courts that digital signatures are valid.

    The last time I checked out the various digital signature acts, they (wisely) didn't specify algorithms to use, key management methods, etc. All they did was instruct the courts that digital signatures were valid, except in certain critical instances where physical signatures are viewed as more secure.
  • Presuming the telephone network is secure, particularly if you're not using digital signatures on it. ;-)

    Even if it's not, all the dial-out thing would do would be to confirm that someone at that phone number picked up the phone and said, "sure". The only way to really be sure it was him/her would be if you used a digital signature.

    Let's not even talk about how clunky this would be to implement. ;-)
  • I'm talking about fundemental weaknesses being found in the encryption algorithms. Pre-WWII algorithms were breakable by any cryptanalyst out there with relative ease, regardless of key size, for about 100 years. The only uncrackable system was Enigma. Enigma was busted in roughly 5-10 years, at which point, it didn't matter what was done.

    It is conceivable (and indeed, it's sort of expected) that at some point each of the algorithms out there will suddenly have simple solutions, at which case decryption will be trivial.

    Similarly, with the advent of things like quantum computing, key length might become irrelavent regardlesss.
  • "This can be relevant in a court case. How do you defend yourself and prove that a certain digital "signature" was not done by you. You can't. Repeat after me: "I cannot prove in court that I did not digitally sign a document." "

    And if someone puts on X on a contract claiming to be me (which a previous poster claimed was legally valid) how can I "prove" I didn't sign the document. I think you have the burden of proof backwards.

  • I can't count how many times over the last 7 or so years I've had to re-generate my PGP keyring because I've lost the keyfiles or the computer crashed, or I'd forgotten to back 'em up before wiping for a full re-install or some such thing.

    My problem has been key posession, mostly.

    I thought things looked good a few years back when the various Java ring/embedded Java toys started to make their presence felt (free Java rings for developers, hoo boy!), but these seem to have gone nowhere and are not in any open format that allows transportability - at least not that I know.

    So where do I keep my keys? Anyone know of a list of good resources for this sort of problem - I'd imagine it's a common one, probably solved by now with some Palm app or some such thing, but it's a real hassle to be platform-bound for key posession, so what're the solutions?

    These small info-button'esque issues are a bit of a drag, actually. Credit card companies got it right - the plastic Visa card is a pretty good hardware platform - but that's a whole different can of worms.

    Maybe I should consider getting my public key tattoo'ed on some nice private part of my body, unobtrusive-like. Ummm ... now I've typed it, maybe not.

    Private key jewelry, anyone?
  • It is interesting to observe the people here arguing about folks who don't understand the tech behind digital signatures. The real problem is that most techs don't understand the law behind signatures.

    Under our legal tradition, a "signature" is any mark or sign made by person to show that he intends to be legally bound. Thus, making an "x", placing your fingerprint in blood or even spitting on a piece of paper could be considered a signature. Under this principle, clicking your mouse on a button or icon within a program that is labelled, "Yes, I agree to the terms of this license and agree to be legally bound by them" could be deemed to be a signature.

    The legal function of a signature is nothing more than a symbolic gesture. Although the unique character of a person's written signature can be used to authenticate a document or the identity of the person who signed it, that is not the legal function of a signature.

    Authentication of contents and of the identity of the author of a document (or a file) are important functions, but there are means of accomplishing these functions quite apart from a signature. If someone employs an encryption algorythm to perform these functions, we should not call such algorythm or its output a "signature". To put it another way,

    authentication != signature
    signature != authentication

  • Here's the bill, HR1572 [house.gov].
  • Thanks for clarifying. What I meant to say --and it is off-topic for discussions of non-repudiation-- is that when you submit encrypted credit card numbers the corrupt employee on the other end can steal it, just as in a paper transaction.

    The inability of the secure server to know the senders private key is what makes for non-repudiation. Someone produced a document using a certain key, and YOU are the only one who knows that key, so it must have been you.


  • by Kesh ( 65890 ) on Tuesday February 01, 2000 @10:30AM (#1316545)
    The best reason to legalize digital signatures is for age verification purposes. Right now, the only way for a web site to verify a customer's age is if they provide a credit card #, a very poor method.

    With standardized digital signatures, a central resource can be created where you register your signature, along with enough data to verify your identity. This agency (probably a government one) can then act as a server for verification. When you attempt to access an 'adult' site, you submit your digital signature, and the site checks with the agency's server to compare the signature you provided with one on record at the agency. If it's a match, you're allowed in. If not, when the vendor requests verification, the agency's server would simply give them an error stating that you're not subscribed, and therefor not of age. (I call it a subscription, but no fees should be charged if it's a government run agency.)

    It's more secure than the credit card method, and finally makes it easier to simply enforce standard laws about providing such material to minors, since there would be a way for web vendors to verify their customer's age. Of course, this is difficult to enforce outside of sites that literally proclaim themselves to host porn; but for those who do, regular federal laws can be enforced without as much controversy. It might help get this 'Internet porn' media-hype off our backs.

    The biggest flaw is, like I said, someone has to run the confirmation agency, and that agency has to be able to verify your identity and age. The records at that agency should be very secure, and none of that would be given out to anyone verifying your age via signature... if you're not of legal age, that particular agency would simply deny you to sign up with their service, meaning you can't verify your age with the vendor.

    The other flaw is that vendors could use the public key service that allows your signature to verify other documents to figure out who you are, and keep a database, but this isn't any different from a regular porn shop keeping credit card records, so it's a moot point. You lose a little anonymity, but any company that fails to keep its records secure won't get much buisness in the long run anyway.

    This seems to be the best method for allowing adults to legally get what they want with the minimal amount of hassle, while preventing minors from doing the same (within reason... no system is perfect, yadda-yadda-yadda, this is just the best one I can think of that's not too arbitrarily restrictive.)

    And of course, this has no legal effect on Usenet or mailing lists, since subscribing to such content is just like subscribing to Playboy... you made your intent clear by requesting it in the first place; whereas web shops are like physical stores that you could wander into by accident without knowing what they were (until you saw the dildo display, at least :) ). At that point, it becomes the vendor's responsibility to shoo kids right back out the door.

    Please, feel free to comment... I'd like to know just how many people think this would be practical and/or effective.
  • I agree with your point and wish that tech people would stop confusing cryptographic authentication with "signatures". This has the potential to lead to some very bad legislation. I do not know if the law is still on the books, but a few years ago the State of Utah enacted a statute which DID specify methods of cryptography required in order to contstitute an electronic signature.
  • A colleague says that to break 156 bit encryption takes a network of Cray's 5-months.

    It will thus not be so easy to forge an encrypted signature by using a script.

    It is much more likely that a corrupt employee with access rights on the other end will read and or sell the number, but it is beyond the capability of computers to force humans to be honest.
  • That's why you have the equivalent of a digital notary. Different systems work different ways, but essentially it always boils down to another party "vouching" for your signature (saying it's really you), and signing your signature.

    One thing that is fairly easy to prove is that the same signature was used for multiple documents. So, for example, one could say, "well, if it wasn't you, then who signed for the mortgage on your house???!?!"
  • by Skapare ( 16644 ) on Tuesday February 01, 2000 @12:11AM (#1316551) Homepage
    I haven't seen the details of the bill. However, what electronic signatures are about is that a cryptographically strong hash digest of the document encrypted by your private key, forming a resultant certificate that could only (to the extent the encryption used is strong in this regard) be created with your private key. Your public key is then used to decrypt the certificate, producing a result identify to the regenerated hash digest of the document.

    You want to buy a house. You find one on the web for sale, and after doing the virtual tour, you decide to buy. You create a document which is an offer to buy the house. You sign the document with your key and send it to the seller. The seller verifies that you indeed signed the document and decides to accept your offer. She then creates a new document accepting the offer (with all the other stuff attached), and signs it with her key, and returns it to you. You make plans to move in.

    In theory it can work. In practice there may be many pitfalls that have not been tested out. If people fail to understand how cryptographic signing works, they could fail to verify that the expected person did indeed sign the document. Human error can still foul things up, and we all know the power of computers is most effective at amplifying human screwups.

    I recall a philosophy class I had in college where the professor asserted that there were many things computers simply will not be able to tell us. I immediately rebutted saying, there may indeed be such things, but computers still have the power to make people believe what it says, truthful or otherwise.

    I am particularly concerned about things like legal notifications being sent to you via e-mail. For very important documents, even postal delivery is not good enough. Some require a return receipt, and some require identity verification (not so much for privacy, but to verify that delivery was made) for delivery. What mechanisms do we have in place, or just have, that can do all this?

    What if I get a court summons delivered electronically in a format that isn't a standardized format, and because of that I am unable to read it (even though the e-mail system has already acknowledged delivery of the mail in which it was an attachment)? One thing we definitely need here is to make sure that any delivery of such things absolutely must be in an open and widely implemented format.

    E-mail addresses are not as fixed as postal addresses. If you change ISP, you may end up with a new e-mail address. Or would you feel good about getting your jury duty letter on Hotmail? But then, in about 10 years we'll be serving on juries electronically, anyway.

    Not everyone is yet wired. And that probably won't be the case for quite a while. How will they get their important legal e-mail?

    My biggest concern, however, is, as you can guess, security. And guess where the least secure computers tend to be.
  • You obviously don't understand Public Key Cryptography. The real fear is that most of the general public doesn't, and probably never will. If this bill becomes final law, how many cases will there be that some people, trying to go along with this, will even accept an unsigned document, not knowing that the whole idea is to use technology that is resistance to forgery. And even if they do have it and try to use it, will they use it right?
  • If I am served a summons to appear in court, where the server attests to the delivery, this is on paper, usually in an envelope, which I can no doubt read by simply performing a common practice of opening the envelope and reading the document. When the server attests that the summons was delivered, this is normally acceptable by I have a real opportunity to read it.

    I don't know if this law goes so far as to allow the delivery of a summons by e-mail, but it may, given its broad nature to include notifications. I suspect it will just be a matter of time until courts become more experienced with electronic delivery, which they are now about to do, before even summons could be delivered this way.

    My concern is that I might not be able to read what was successfully delivered to me. On paper we have basically one way of reading and writing. By computer we have thousands.
  • I've introduced PGP to a number of workplaces, and thanks to the admirable efforts of the pgp people, using pgp is now relatively easy for even the average semi-computer literate office worker. But for those same computer semi-illiterates, the concepts behind what you're actually doing when you click the 'sign this' button in the email window are still not that clear..

    As a consequence, and despite my best efforts, I've seen people put their private keys on shared servers, email the wrong key to friends, you name it. I'm dying to be able to eliminate a couple of absolute bottlenecks in my workplace caused by the need for 'original' copies of signed documents to be physically moved from one location to another, but the software used has to be made a bit more idiot-proof first.

    I can't in conscience accept a digitally signed document from a user who I know for a fact put their private key up on a shared server just last week. Until I know that that user has either grasped the basic concepts (and has a new key..), or is using software which protects him from his own ignorance, I'm going to have to continue to deal with paper sigs. Others may not feel like being so paranoid or ethical.
  • That would be a visit to the town hall ...electronically, of course.

    I'm not really concerned about the business I transact online. I understand cryptography enough to feel safe with much of it. I know the processes involved to make things private, to identify and verify, and to make non-reputable.

    My concern is in others that fail to take the proper steps, and assume identity and/or non-reputability when it is not there, and the impact that can have if the transaction was not really conducted by me.
  • Could you imagine how many loopholes lawyers can find, claiming ignorance in a signature dispute?

    As my father the lawyer always says: "Ignorance of the law is not a defense". (Think "but officer, I can prove I never saw the 25 MPH sign" -- doesn't matter.)

    What the hacking community often forgets is the mutability of law and human trust. "The Law" may be strong, but it is much more flexible than your compiler when you leave off a semicolon. My father and grandfather would routinely allow others to "forge" their signature on documents. (not the really important ones, but still). The reasoning goes: if I say it is my signature, then it is my signature, even if my hand did not hold the pen. This is not some agreed-upon thing, just a trick of trust they exploited to save them time signing letters.

    Crackers of all stripes destroy trust, whether they are script kiddies or social engineers.

    I say encourage the technology (I want my online real-estate broker!), and enforce responsible usage.
  • I believe the principle of the law is to say that the mere fact that a signiture is digital is not usable to debunk it. So if you argue that it's not valid because it is digital (and this is your only argument) the could would see no defense from you. If the signature is fraudulent because someone else produced it (maybe they broke into your computer and got your keys), or if the signature isn't actually signed by you (because the other party failed to verify it), then you have a case. Hopefully the law isn't going to make it indefensible.

    So if it is indeed you that typed your name in the box, then it's valid. If it is not you, then it's not valid. The determining factor is whether it is or is not you who typed it in. This kind of thing would in fact be weak without some other evidence. But if, and when, they can show that you typed it in, this is now as valid as having scribbled something on a piece of paper. The point of typing it in is not about proving it was you (as indeed many people know how to type your name in that box), but about proving that you (if it was you) intended to assert this.

    The courts most likely will still have to struggle with the issues of fraud and the technology of cryptography.
  • How do you prove a digital signature(DS) was not sent from you? Just because you step away from your computer are you suddenly liable if someone else fires off a transaction with your DS?
    If I leave my check book out, that doesn't mean it's ok for someone else to use it, and if they do, most cases's it's relatively easy to prove that it's not your signature.
    remember, it's illegal to enter a premises without proper permition or cause, even if the door is wide open.
    Until we develop away to have true security on the web, all bets will always be off.
  • is people.
    All this technology will be automated for your convience, so when someone else steps up to your system, how does anybody know its not you? for example:
    I select a purchase, click verify on the browser, now I just committed you to a contract of some sort. how do you prove it was not you who made the purchase?
    an eMail is sent to you. your son downloads the eMail, and puts your notice in the wrong folder. Now you are legaly bound to a letter you never have even seen.the list for both accidental and intentional error is huge. The tachnology is there to do the transaction, but no safeguards have been developed.
  • I think that everything can be hacked (what did they say about DVD?) and that therefore it's somewhat dangerous to can sign everything digitally.
  • I can see that a signature would identify someone as having agreed to a contract, but how does this help people on the web? Outpost.com doesn't need my signature when I order from them, does any e-tailer?

    Maybe this will mean more government paperwork can be done online, such as tax filing, but other than that I don't really see too many benefits to digital signatures.
    ___________________
  • by Anonymous Coward
    I can't believe that our Congress enacted such a brain-dead bill. It only goes to show how un-tech-savvy they are. Sure, my signature might be hard to duplicate in real life -- you've got to mimic my hand motions, etc. But in the digital world, my signature is just a series of ones a zeroes, which can be copied by anyone with half a mind to do so. I can't believe that someone can now pretend that they're me simply by having the impulse to spend a few minutes putting together the right pattern of bits.... Or just copying them from me the first time I'm stupid enough to sign something online. Identity theft is already a huge problem, and this will only make it worse.

    We've got to do something about this. We've got to send a strong message that paper signatures are the only way to go for the forseeable future, if we want to have any semblance of confidence in the authenticity of every document important to us.
  • 4096 bit PKI is no better than your password used to protect the private key.

    And passwords as subject to dictionary attack.



    Finally, a digital signature has no intrinsic way to prove you did it. By contrast, a handwritten signature can be shown forensically to be consistent with all other signatures known to have been made by you.

    In the case of disputed digital signatures, it is your word against that of someones machine.
    Guess who wins?

    I have no idea either - but I'm not trusting my electronic life to such uncertainty!


    Lyal

  • >Which is easier to forge? A digital signature, or pen and ink signature? I would guess the latter.

    which is easier to steal? i would guess the former. its easier to remember that you signed something in pen and paper then to remember that you mouse clicked it when your testifying in court.

    i dont know how hard/easy it is to forge a signature in front of the so called handwriting experts. (because i know nothing about that)

    as to a digital signature, how paranoid do you have to be about such a sensitive piece of data?
  • Okay, I'll admit it. I'd be scared to use a digital signature that's as legally binding as a pen and paper one. While you do make some good points I just can't trust encryption with anything real important. We've all seen what can be cracked if enough people put their minds to it. For this to work there will need to be a standard and there's a good chance that ether the US Gov. or Microsoft will try and design that standard. Frankly, I trust neither.
  • What scares me about digital signatures is a combination of insecure cryptography, lack of privacy, and the nature of proof in today's court system.

    A good friend of mine recently pointed out to me that in the case of - say - credit card purchases, the credit card companies have the burden of proof that you actually made the purchase they are charging you for. If you didn't do so, then they need to refund your money, assuming that you made a good faith effort to dispute their claim. This is not the case with signatures.

    If the House bill makes digital signatures the equivalent of physical signatures, then the burden of proof is shifted to the supposed signatory. Didn't sign that promissory note for $150,000? Well, who did? It's got your digital signature on it! Meanwhile, some cracker's run off with your money and put it in a Swiss bank account.

    Hardly what I want to see.

    I, for one, will avoid digital signatures until it's fairly clear that the technologies are in place to certify that what bears my digital signature actually was signed by me. With all the nonsense that has been going on these days, I'm not sure I'd even trust biometrics for digital signatures.

    My $0.02.

  • It seems like this may once again be a case where some non-technical (insert derrogatory noun) heard a buzzword and decided to enact it into law. "Gee.. digital signatures.. I can scan my signature and sign documents with it!"

    I imagine the origial intent was to use PGP signatures (real digital signatures) or some competing cryptographic algorithm. Alas, a little JPEG sure looks a lot more cute that an encryped stream of bytes.

    Do your part to save society. Convince your local representative that outlawing politicians will increase their ratings in the polls.

  • There are (of course) security risks, but not as you describe it.

    Let's see what happens if X publishes my public key, without having my private key. If X encrypts a document with his own private key and someone else tries to decode it with my public key, the result will be garbage, thus proving that X is not related to me.

    However, there still are some problems. If X gets hold of my private key, he can indeed identify himself as me.

    Another related point: with some math and some tools I can create my own private/public keypair, and announce that it is the pp keypair of my neighbour. So, in order to verify that the pp keypair is really mine, a third party must guarantee that the keypair belongs to me. (Just like the government guarantees that I'm me by issuing passports.) However, a while ago there was an article on /. by Bruce Schneier [counterpane.com], where he argues that we're not yet ready to have such third parties.
  • I think you should have a look at the following (German) page: http://www.iks-jena.de/mitarb/lutz/security/pgpfaq .html#3.5 I didn't find an english page so fast, sorry. They say something about the 'blacknet' key (a PGP key) which was cracked in 3 months (and that was 5 years ago).
  • It's funny how this happens almost immediately after the relaxing of crypto standards, not to mention the recent effors to encourage people to file in their tax returns online.

  • well, my password to outpost was, let's say, longer than six characters, and it included capital, lowercase, numbers, and various punctuation. It is basically a random lot of chars that I forced myself to memorize. If people pick stupid passwords I guess that's their problem.

    But with your example about not being able to prove that I ordered a specific item, that I could say it was a bug in their software, why couldn't I just do the same thing with a digital signature? They say "Sign for this disk drive," then they have the signature on file, couldn't I just still say it was an error? That their record with my acceptance had been corrupted somehow? I still think it's a lot different from somebody having a paper copy with my signature. How do I know they won't take my signature and append it to some order for 200 computers? I don't know, it seems like there are a lot of problems with this idea.

    more info is required.
    ___________________
  • There are brute-force password attacks on PGP key files - fast as well, much faster than key-cracking.

    About as fast as l0pthcrack, actually

    With PGP key file-stealing rojans around, PGP is definitely suspect as a trust tool - still good for confidentiality, uses right.

    Lyal
  • How many financial transactions occur using RSA?
    Almost none, as there is no accepted standards for financial transactions using PKI (ignoring SET, it's a joke).
    Over 16 billion DES protected transactions (ATM, POS etc) occurred in the US in 1997.

    Tell me which has market share and reliability?

    Lyal
  • "Do you have any proof of this? Point out exactly where in the bill it says this, please."

    The Mastercard/Visa rule changes put all the liability onto the cardhoolder under SET.
    Unless you can prove you didn't generate the elelctronic transaction, you're stuck with the bill! No questions
    No-one has any idea on how to prove you didn't create a digital signature.
    Meanwhile, hacking attacks to steal a copy of your Private key are almost trivial today.

    Lyal
  • Well, with an ink signature you have more possibilities:
    - graphological experts detecting a fake signature
    - you have an alibi, e.g. you were not at the place of signing

    As to the burden of proof: if someone has a valid digital signature from you, it's your task to prove its incorrectness, isn't it?

  • test
  • DO NOT FOLLOW THIS [slashdot.org]
  • DO NOT FOLLOW THIS [slashdot.org]
  • Actually, that ain't the bill. If you look at that bill's info on Thomas [loc.gov], you'll see that HR 1572 hasn't been touched since May.

    This is the real bill [loc.gov], HR1714.

  • Yes, but the same is true of handwritten signatures as well.

    There are several authentication models out there. One of them is the "flat" model, where you have a single authority that everyone trusts. For example, verisign offers a service where you go to a notary, and get authenticated, with photo ID and real signature, and all that, and mabye a witness. Then verisign will sign your digital key, so people that trust verisign can trust your key.

    The other model is called a "web of trust". Essentially, you sign the keys for anyone who you know whose key it is. So if your friend gives you his key on floppy disk, you can sign it. All the signatures get sent to a keyserver. So for example, let's say that person A knows person B, who knows person C, who knows person D. Person A does not know persons C or D. Then, one day, person A needs to use person D's key for some reason. Person D's key is signed by person C, whose key is signed by person B, who you trust. So you can give marginal trust to person D. If there are multiple trust paths to the key in question then it gets more trust. The problem with the 'web of trust' model is that it assumes ubiquitous use.
  • some people, trying to go along with this, will even accept an unsigned document

    You bring up an interesting point here that I haven't seen mentioned before with regard to encryption or authentication of any sort. I've never seen discussion of any way to make sure a document's been validated or to prove that you've validated it.

    My knowledge of security is rudimentary at best, but if they were to decrypt the original hash with the original signer's public key and reencrypt it with their private key, would that second signature provide any sort of proof that they had checked the signatures?

    I've also seen something about two keys being needed to decrypt a document, or 4 keys out of a pool of 7 being required to decrypt, etc. Would this provide a workable basis for any such scheme?
  • This law would mean that everything that would normally require you to send a paper copy with a signature to someone, can now be done by sending an email.

    This includes subscriptions to magazines, filling out insurance forms, etc. So, effectively, you won't have to use the postoffice all that much anymore.

    This isn't likely to change e-commerce anytime soon, since this law is an American one. So, any e-commerce business that wants to sell anything outside the USA would have to use the 'old' system, eg. giving the credit card number and expiration date is sufficient.

    Being Dutch, I hope our governement passes a law on this soon. However, our prime minister doesn't even know how to handle a mouse, so I won't hold my breath ;-)

  • Clueless legislators should not be making laws about subjects they do not understand. Of course, that has never stopped them before, but....

    A signature is supposedly unique to the individual, therefore unambiguously identifying the signer as the person who has agreed to a contract. We know that signatures can be forged, but it is difficult to do well, and to be sure, one could also use a fingerprint as a seal.

    But a "digital signature" is different -- it is not unique to the individual, but something more akin to a "corporate seal." That is, the signature is an external thing, a key stored on some medium, which is theoretically protected against unauthorized use by the party to whom it belongs.

    It is worse than this, a corporate seal is registered with the state, there is no ambiguity as to who is authorized to use it. But is a digital signature similarly registered? Would you WANT your signature to be registered by the state?

    But in the absence of this, anyone can create a signature purporting to belong to anyone else. I can create a key pair claiming to be owned by William Gates III, and you cannot know it is fake unless you confirm with him directly that the public key belongs to him (verifying the fingerprint, as well).

    Now, you may already know all of this, and hopefully you do if you use public key authentication. But does Congress understand this? I doubt it sincerely -- and by making digital signature binding without requiring a non-digital confirmation of the signature, they open a real can of worms.
  • I'm sorry, but I just have to post the link again. A while ago there was an article on /. regarding such third parties; in this article [slashdot.org] Bruce Schneier argues that we currently can't trust any such third party.

    Example: I don't remember if he mentions it, but a while ago some german hackers were able to get a false ID from Verisign.


    I wonder if the government has read this article. IMHO if they want digital signatures to be legally acceptable, they should also be the third party (as with passports).


    As for your signature-comparing: what I've got hold of another person's private key?


    Of course, when dicussing e-commerce stealing a key won't help you much. I order fourty books from an online shop and pretend to be someone else. This 'someone else' refuses to pay, saying he never ordered the books. They look at the shipping address and hey, the books were sent to me! It might ring a bell...


    The same goes for your mortgage example: "well, if it wasn't you, then who signed for the mortgage on someone else's house???!?!"
    "I don't know someone else, I've never seen the house, it's fourhunderd miles from here. Why would I pay someone else's mortgage?"
    "Hmm, you've got a point."
  • And the scripture you get this from???
  • So far, we have things like PGP signatures online, which is all fine and dandy - Good Things. It tells us that the person who sent it truely is, well, the person who sent it.

    In the real world, handwritting does the same essential thing.

    Now, if we were to combine the two in some manner, we would, IMO, have a viable way to perform all types of transactions online. It would be a visual signature - for the technically un-inclined - and a digital PGP type code for those who need to check for the accuracy of the signature. I imagine there could be a plugin type application for validifying them asthere is with PGP. The PGP-like ID would be possibly placed within the image in HEX, or some oher method. Maybe a digital 'watermark'.

    We shall see, hmmmm?

    -------
    CAIMLAS

  • It is much more likely that a corrupt employee with access rights on the other end will read and or sell the number


    If you use public/private key encryption, the person on the other side will only see your public key (which is already public, hence the name :-) and a document signed with your private key.
    Thus, in order for the malicious employee (MA) to sell your private key, the MA first has to find it, which is not easy.


    As an aside, the MA does know the contents of the signed document, enabling him to find your private key using a known-plaintext attack. AFAIK this makes the search somewhat easier, but it still requires a lot of effort.
  • What keeps somebody from publicizing their public key as my public key, and thus being able to sign documents with their private key to pretend to be me?

    Most public key implementations has some form of key-signing method, whereby a third party can sign your key public key, thereby certifying that you are who you say you are

    The big problem with this, is how can you trust the person who's signing? Thats where the concept of having well-known Certifying Authorities (such as Verisign [verisign.com]) who validate your identity, then sign your public key.

    This is a pretty common occurrence in the RSA world (such as web server ssl certificates etc)and these days Thawte [thawte.com] also has something in place like this for PGP keys.


    --

  • I've found an English page on which they desribe that a RSA key was cracked using 400 MIPS-years in 1995 and that they think a company spending big efforts on it can crack every 512 bit RSA encryption. Look at: PGP Attacks [physics.ubc.ca]
  • "

    So, in light of this, the Digital Signature Act (or whatever they're calling it) is really quite irrelevant. If you and I sign an electronic contract with digital signatures, and we both mark it affirmatively, then the signature is valid -- period. (The virtue of digital signature algorithms is in that the signatures are difficult to repudiate -- while anyone could sign a contract as "Robert J. Hansen", presumably only I could sign a contract with my OpenPGP private key.)" The critical point in that statement is "you and I". Indeed, if we both do it, it's perfectly allright and your statement is correct. More accurate however would be: "a holder of my key and a holder of your key".

    See, a physical signature is a property of a person, while a digital signature is a property of a key (together with an algorithm). Now everyone with my key can do the same "signature" and there is no expert in the world who can detect a difference.

    This can be relevant in a court case. How do you defend yourself and prove that a certain digital "signature" was not done by you. You can't. Repeat after me: "I cannot prove in court that I did not digitally sign a document."

    I'm not a lawyer, but I have the feeling that it is an important feature of a signature that you can prove it's done by a certain individual. And digital signatures are lacking this feature.

  • Exactly. If Phil Zimmerman did his work properly, non-brute force attacks against PGP signatures should be impossible without the ability to factor large numbers very quickly. Since as far as we know, nobody has a method of rapidly factoring large numbers, PGP signatures are theoretically uncrackable by anything other than brute-force. The times to do this to any reasonable cryptoscheme with a sufficiently large key are astronomical. Unless there are severe problems with the implementation (dubious but not impossible...the Nazis were pretty confident in enigma, too), or this cluster was cracking a key of length ~56 bits, they would have to be the greatest mathemeticians living or dead. If someone had managed to crack a pgp signature in that short a time, the news would be causing tidal waves in the worlds of encryption and mathematics.

    In any case, public-private key encryption is the only way this electronic signature thing could possibly function. I wonder how long the US government will take to realise that this just won't fly on DES.

    It's somewhat possible that the US government has a new encryption standard prepared for this. One that could allow federal organistions to acquire your private key through backdoor channels. Now what would they call something like that, do you think?
  • The problem with digital signatures is that as soon as someone finds a way to hack them, and this is proven in court, then a certain degree of "deniability" is instantly endowed upon every contract ever signed; because there are no witnesses to the digital signing, anyone who wants to claim "it wasn't me who signed" is perfectly free to do so and get out of a contract they signed. Even worse is the fraud that will result. If the digital signature in any court case can be called into question, then instantly all digital signatures will become useless - the point of having a signature is to have proof of non-repudity. And it only takes one hacked signature to render useless all signatures! At least paper signings must be disproved on a case by case basis. Those companies who built their business model on the digital signature may find their contracts utterly worthless when this does (and it will) happen.
  • the thing that interested me was that the poll [cnn.com] ("Should e-signatures be legal signatures") was slpit 54/46 Yes/No when I voted. what does this indicate? lack of trust in digital signatures? lack of understanding? or does just no one care enough to be bothered?

  • The problem is not the difficulty to break the signature scheme (i. e. to break the hash function used), but to establish procedures that regulate what happens if
    • a key is stolen (and used against you)
    • a key needs to be retracted before the normal expiry date (e. g. if you think it might have been stolen
    • someone you trusted who authenticated other parties turns out to be not trustworthy - your entire "web of trust" might collapse due to this (e. g. if some official certification authority turns out to be corrupt)
    The first two problems are partly of technical nature, since security holes in computers will always exist, but the more difficult aspects are social implications and laws that regulate how these signatures apply to real life.
  • "maybe some script kiddie will hack my signature..."

    This would give new meaning to the term "script" kiddie, now wouldn't it? Great, another thing for the media to screw up :>

    -Gabe
  • are secondary to we the corportations...
    I find these bills amazing, as they're almost designed to increase commerce without regards to the cost of citizens.
    This law may, in time, turn out to be a good and just law, but still I wonder whom the laws are written for, the coporations or the people.

    -----
  • Good. Maybe now I won't need to deal with so much paper in the future. On the downside, maybe some script kiddie will hack my signature and find cool things to buy online.

    Offtopic, I know, but...

    After all the bitching and complaining,
    all the attempts to get people to use the correct word,
    you know the war is over when someone who should know better doesn't.

    =(
  • by werdna ( 39029 ) on Tuesday February 01, 2000 @03:58AM (#1316618) Journal
    Several posts thus far have accused the Congress of being "brain-dead" or "ignorant" of technological issues. While the conclusion may be true, this bill is not evidence therefor. Indeed, far to the contrary, this bill is an extraordinary step: Congress is getting government OUT OF THE WAY of technologists and the marketplace.

    To the contrary, these postings manifest a lack of understanding of the *legal* purpose and effect of a signature (which is all that the bill addresses). One post stated:

    Signing a document has two purposes:

    * authenticity
    * non-repudability


    However true this might be for practical uses of signatures, the signing of a document for legal purposes has nothing whatsoever to do with either "feature," as they appear to be understood here. ("Authentication" doesn't mean what I think he thinks it means.) Indeed, nothing about paper-on-ink signatures, which are trivially forged and transferred from one document to another, provides either of the cited functions.

    And it is certainly true that a panel of computer lawyers at the ABA (and the state of Utah) felt that a set of express standards for signatures by electronic means to assure authentication of and non-repudiability by the signer. On the other hand, the clear trend today in state legislatures is instead to adopt more minimalist bills, such as the one that passed the House, that simply assure that electronic instruments are treated no more or less formally as paper writings. Here's why:

    In almost all of the United States, we still have a body of law entitled the "Statute of Frauds," which provides that certain types of agreements (e.g., sale of goods > $500, transfer of real estate) are unenforceable unless a "sufficient memorandum" is signed by the party against whom enforcement is sought. Other laws likewise require formalities for certain documents, such as deeds, wills, assignments of certain kinds of intangible property and the like be signed by certain parties.

    Here, the purpose of these laws is, supposedly, to avoid swearing matches by giving the world an incentive to make physical, tangible manifestations of the subject matter of the agreement. But the effect of the law is that a market participant, even though he had agreed in full to a contract and even if he fully intended at the time to go through with it, may actually avoid its enforcement later on the purely technical ground that there exists no writing signed by him.

    Interestingly, except for certain instruments, the tangible manifestation is not as important as the fact that it was made: you could enforce a document with credible testimony that a signed writing existed in the past. In any case, it is that manufacture of that manifestation that is important for legal policy.

    The signature itself, for legal purposes, does not serve to authenticate who was the document's signer, or to avoid repudiation: it is merely to authenticate the document as the one agreed to by the parties -- to distinguish, for example, a draft from the "real thing." The legal technicalities of signature are few. The following have all been found to be valid:

    - printing an "X"
    - making a scratch on the paper
    - shaving a name on the side of a cow
    - writing someone else's name
    - typing your name
    - asking Western Union to type your name

    which of course does nothing to identify the signer or to assure non-repudiation. Nor does the common law require that document to be signed, if the signature is placed on another instrument (or bovine mammal) in such manner as to manifest intent to authenticate that document. Papers have been written with bizarre examples of what constitutes a signature. Under the UCC, a signature is any fixed tangible manifestation of an intent to authenticate the document.

    On the other hand, when I am attending the closing a zillion dollar sale of a chain of hotels, and the principal of the seller walks up to one of the documents, notes that he heard he could sign "Minnie Mouse" or scrawl an "X," on another piece of paper, I politely ask him (if he is not illiterate) to write his name in cursive on the contract itself. If he refused, I'd advise my client to consider putting off the closing.

    Why? Because while these methods of signature are legally sufficient if *he* in fact *intended* to sign, I might still someday need to use these documents to evidence those facts. The legal sufficiency of a document is an entirely different thing from the practical security that sometime, someday, he might change his mind and "misremember" why he signed "Minnie Mouse," or marked only a vertical line or "X." (Remember, it is all about the manifestation of an intent to authenticate.)

    On the other hand, for less signficant transactions, we hardly care one way or the other whether or not we can prove or disprove *WHO* signed the document or why -- we just want there to exist barely minimal legally sufficient documents to avoid a technical defense based upon the Statute of Frauds.

    Its all about Eggs in Baskets. The realities of the marketplace determine what "technologies" for signature an individual will use, and what "informal," but legally sufficient signatures will be accepted. Each buyer and seller will decide for himself and herself what to require of the other.

    Many valid signatures are commercially unacceptable for those reasons. On the other hand, while this is a non-problem, the concern is that a commercially acceptable signature might be held to be invalid! The law serves only to provide the minimum requirements for a signature to be valid (as opposed to "commercially acceptable.") The marketplace determined what technologies they will use and accept.

    Which brings us to the ESA. Assymetric encryption now provides (under certain circumstances) greater security to prove authenticity, which is an excellent reason to use electronic signatures in lieu of "traditional" technology, particularly for on-line transactions. On the other hand, it is not for the law to determine what technology should be used -- the law should only undertake to assure that a sig is valid and leave it to you and me to decide what we will accept.

    The mind-loss would be to adopt some 50 plus pages of specification as to what is and what is not a valid signature and providing an entire new kind of litigation on the formalities of a contract. "Sorry, you don't get to keep the house, your certification authority's license expired the day beforehand." Such technical defenses would be brain-loss at best.

    Whether a vendor should accept the following e-mail:

    "I will buy five million widgets at $25,000 apiece, 2%/10 net 30. love andy"

    is entirely up to him. Whether a court will enforce these price terms if Andy admits he sent it, on the other hand, is another issue entirely. On the other hand, if commercial exigencies make it practical and financially more efficient to permit that exchange by e-mail, the law should not get in the way.

    As an aside, it is almost certainly the case that the foregoing e-mail would satisfy the Statute of Frauds. Its just that in the absence of case law, a market participant can't be assured that it is. We abundance-of-caution-types would stick to pen-to-paper, even if it cost a bit more and took a bit longer, because we KNOW that the courts will accept that. It is for these people that this law exists -- to give them some comfort concerning what is almost certainly the law today -- there will be no technical defense to enforcing an agreement on the ground that the agreement was signed in electronic form. It is up to the market participants to determine if the mode of signature used gives them enough comfort that they will be able to prove that the document was in fact signed by the other party.

    Hat's off to a Congress that showed, in this case, a far greater savvy about electronic signatures than the ABA and many technologists. ESA does precisely what it is supposed to do, make crystal clear that a technical defense on the ground that an electronic document is not a "writing," and that a typed signature is not a "signature," while leaving it to the marketplace to decide what signature technology they will prefer to use.
  • Did the government not know about all the credit cards being stolen by the Russian hacker (Maxium or something...His name escapes me at this hour)? Or how MSNBC went and got 2,500 numbers just to prove that it's easy? What makes the government think that signatures will be secure than our own credit card numbers? Think...If I have your credit card number AND a signature, how impressive will that be? I'm sure this will not be unheard of if this bill goes into effect...Just another thing -not- to do online. Oh well.
  • First of all, for those of you who are concerned that this opens up some huge problem in security because bits can be copied easily, please read up on digital signatures and how they work. Rest assured that provided you use them properly, it is VERY hard for someone to add your digital signature to another document The key word is "use properly"! What bothers me is that most geeks focus on the encryption technology. The number of bits in the key. How many CPU years it would take to crack it. etc... Consider a steel door (crypto algorithm). It is x inches thick (key length) and you need such and such tools to break through which takes x hours... How safe do you think your wooden shed (MS Windows) becomes if you install the door there??? I hope you all realize what trojan horses and viruses can do to any "secure" algorithm if they get inside your Windows PC. Yes, they can sign any document without you knowing it. So what does the new law say? Are you responsible for all documents that your (trojan horse controlled) PC signs? Who has the burden of proof?
  • by chrome ( 3506 )
    If there is one thing that has been proved over the past 5 years in the 'encryption era' of the internet, it's that there is no such thing as unbreakable encryption.

    Someone with enough time on their hands, and enough CPU could crack any code in existance. The goalposts keep moving, so no matter what technology they come up with to protect your 'electronic signature', *someone* will work out a way to steal it, spoof it, whatever.

    Still, the old method wasn't foolproof either - forging signatures has been a skill most kids pick up when their about 10 and dont want to go to school ...

  • Surely it is better to try and legislate something like this than leave things as they are: currently, there is no form of verification for online purchases that I am aware of in general use.

    So, if some little hax0r gets his hands on my credit card details, he can buy as much as he likes. At least a digital signature, although not fully secure, adds more security rather than making things any worse?
  • Rating: -7 (Bullshit)
    However the data will be sent, there is bound to be some sort of option on programs to "Save my signature" so you dont have to write it out, but just have to confirm it.
    Of course this saved signature file could be modified, and thus you could have some pretty creative signatures.
    Here's a few examples...

    -Fractal Signature
    -Your highest Quake DM score signature
    -A Screenshot of your clan rocket jumping
    -A Naked woman
    -Your signature.

    Though I asume it will be transmitted as a point set, rather than a pixel map, But that just means it has to be black and white...

    I dont write by hand enough to have developed a signature, So I'll be drawing a small bunny holding a skull.
  • When you digitally "sign" a document your key is used to create a cryptographic checksum of the entire page. Neither the page nor your signature can be changed afterward. Changing even a single bit anywhere in the file will invalidate your signature.

    So any corruption will invalidate your order. I assume that they will present the order to your creditors and that creditor will double check your order to ensure that you signed the document.

    The only thing that this still doesn't save us from is ourselves. If someone lets others know their "pin" code and leaves their "ident" card laying around, they are going to get ripped off.

    And clever criminals may break into your machine and leave hacked code laying around that sends them your keys the next time you order something online.

    Won't it be nice trying to cancel your old identity and get a new identity assigned to you. And now none of your old web sites recognise you for you with your new identity.

    Cash is always good.
  • The problem with signatures is not that they can be forged. The problem goes a bit deeper. First of all you have to establish the truth about identity. In the real world you generally take somebodies written signature, because you can see the man and (if you're careful) because of a similar signature on a passport, drivers license etc.
    In the digital world there is a problem with this reasoning. As we all know it is extremely easy to fake an identity online. So, unless you deposit your unique key at a trusted source, which has checked the identity behind the sig, there is no way you can be sure if it is the person you think it is.

    In the Netherlands notaries are trying to get this position as a Trusted Third Party. They are allready in a legal position to do such a thing in the physical world and they now try to expand it to the digital world.

    Another, more scary thing IMHO, is to give everybody a uniquely identifying signature. This would be enforced by the state. It would probably be the most secure way, but also the least favorable...

  • Little nitpick: the is no Nobel prize in math...

  • Another thought occurs to me (2 in one day!!!)

    This entire strategy isn't designed to appeal to people of a technical disposition, who know the shortcomings both of ecommerce as a whole, and digital signatures in this context. This is a law pitched at Joe Public, in an attempt to make people less afraid of buying online.

    However, unless the entire scheme is implemented with the utmost care and attention, the confidence built with this legislation might be totally misplaced. If people end up losing money over this, by fraud, hacking or whatever, the bad publicity generated could well lead to a general loss of confidence in ecommerce and the internet as a whole.

    You don't need me to tell you what that would lead to, but hey: less revenue generated by advertising and commerce leads to less commercial interest, which may in the end lead to stagnation and a lack of interest in research and improvements in the 'net as a whole. Bad things! Now I don't want that, and I'm sure the American Government wants those e-taxable purchases rolling on through, so they do have a vested interest in making sure its done right. But we all know what happens when non-techies start making techy decisions... :o(
  • This is a critical step in making electronic filing of tax returns commonplace. The speed is not the only thing at stake here. There are the obvious security issues but, processing filings electonically will reduce the physical workload on the IRS filing centers dramatically. Reduction in workload combined with more timely processing and the continued increase in revenues should eventually translate into tax breaks for the masses.
    "For every complex problem, there is a solution that is simple, neat, and wrong."
  • In italy there is a law [senato.it] passed in 1997 that makes digital signatures legal not only to sign contracts but also when exchanging documents with the government. The local authorities (Municipalities, Regions etc) are setting up CA that will store the certificates. The first city to implement this process is (as usual) Bologna where the "beta" phase was supposed to end last year (I havent checked the status lately) You can get some info about this at this address [unibo.it]
  • Wow. I'm never putting a .sig on anything else again. ;)
  • Bah. It's easier to break 4096-bit encryption than forge my signature in ink so it could fool me.


    I don't understand why everyone thinks this is such a good thing. I think this is a travesty.


    Remember, encryption be damned, if it's digital it can be duplicated perfectly.

  • I am particularly concerned about things like legal notifications being sent to you via e-mail. For very important documents, even postal delivery is not good enough. Some require a return receipt, and some require identity verification (not so much for privacy, but to verify that delivery was made) for delivery. What mechanisms do we have in place, or just have, that can do all this?

    Well, for return-receipt, I would suggest something along the lines of the confirmation scheme currently used by many listservs. You sign the initial document via web. They consult your listed contact address with a central key registry and send both a confirmation and some arbitrary bits to that email address. You then sign the arbitrary bits and bounce them back via email. It is now presumable that the order was in fact placed by the person to whom the signing key belongs.

    Does this have security flaws? Yes. For example, it remains vulnerable to a man-in-the-middle attack between central key registry and merchant. However, this is a framework created in one minute; a security professional can no doubt generate something a bit more secure.

    It can be done using existing protocols and algorithms. I personally would like to see personal keys which are significantly bigger than the 128-bit junk used in the average browser; 2K might hold the line for a few years. (Yes, I know that bigger keys mean more encryption time. How many documents do you actually sign per day? Most people I know don't get past the single-digits.) There are issues in setting up infrastructure, and these must be resolved before you can get me to use such a system, but I think they could even be resolved correctly if people actually bother to think.

    Alik
  • Ed Foster over at InfoWorld has pointed out that a bill legitimizing electronic signitures could also have the effect of making valid the "click-wrap" licenses and agreements that we have all come to know and hate. Now you might have to actually read the page of dense fine print sigining over your first born child in return for being able to access the useless content of xyz.com. Before, it could be easily argued that the "I Agree" button did not constitute a signiture, and therefore no legally binding contract. Now, all those clauses ablsolving them of liability in case bad things happen to your data could "stick". (They might be unenforcable for other reasons, but this is beside the point.) This scares me infinately more than the security of these things.
  • Best Buy does that here. I hate digital handwritten signatures (I never sign my name, then again that doesn't matter). And, I really hate the idea of making digital key signatures legally acceptable.

  • And analog signatures are easily forged. Forgery is an ancient art.
  • There was no mention of PGP or anything else for verification. Faxes are considered legal given the lawmakers assumption that they originated with a phone call that is trackable.

    This would be a great development if there is a certified and secure method of factualizing an e-document. A web site that can actually vouch for the authentication of a document and its originator in a reliable way would be very useful. An e-notary republic is needed.

    A job for the post office?
  • How tough are PGP signatures to crack? If you make it more trouble than it's worth -- ie, nobody's going to spend $100,000 on computers to get at my crummy atm card with a $200 limit -- I can see how hacking may be averted. But then, there was some encryption that supposedly would have taken 50,000 years of computing time to crack and ended up taking only 35... may have been the latest distributed.net challenge, not sure... but the point is that everything is hackable but it's still a matter of time. Normal people won't use 35 years of computer time to crack digital signatures, unless it's worth a whole lotta money.
    ___________________
  • Lately we all have seen many problems concerning creditcard fraude through E-commerce sites. How is the U.S. House of Representatives able to prove it wouldn't happen to them? Everybody knows that the biggest exploit is still to be found. Everybody knows that every (large) application contains bugs.

    From my opinion a far better approach would be to have every state a couple of dial-out boxen which are also connected to the internet. With the appropriate software, a box will dial out to the client, sending login info, while the client sends approval back via this line. I'm not saying this is the perfect solution, however it is a far more secure option.


  • Ever hear of public key cryptography?

  • This is a big plus for the online retailers and a huge minus for the credit card companies. A credit card charge is only valid if the person's signature is there. That's right. All of those things that Amazon charged your card weren't really valid. However, if you choose to accept them and don't argue, they become valid. So if someone steals your card and goes on a shopping spree, the online retailers pick up the bill. On the other hand, if the signature is there, your card's insurance pays for it.

    Then again, IANAL.

    --

  • My first reaction was "Thank goodness, less dead tree hassle" Then I started thinking about wider consequences.

    An email (and possibly a http-post) would have to be regarded as a legal document. That means that there must be a foolproof way to determine identities. In legal terms I guess that also means accountability. That is: A good standard backed up by "The open source community" might not be accepted, while another standard backed up by megacorp inc would.

    If you control your own gateway you can do lots of funny things. Therefore some legislator might start thinking about licensing ISP:s and require that any legaly bounding post or mail must go through AOL and the likes. Someone "Big and responsible"

    Are we looking at a future where "signed e-mail" becomes a proprietary standard or am I just paranoid?

  • It is easy to scan or capture an image of a signature, apply colors, apply dithering to mimic a shaky hand, variants etc etc. For pen and ink some stealth detection techniques can be used. There needs to be a snail-mail form. Pre-printed stationary can have subtle changes to particular font characters or inter character spaces can be varied....if the form is forged it can be detected by trained visual inspection ....now who knows how to do the equivalent electronically.
  • Signing a document has two purposes:

    • authenticity
    • non-repudability


    The first tells you that the document is the real thing, and hasn't been altered in any way. A digitally signed document is slightly different to a pen and ink document in that the former will garauntee that the document has not being altered but does not tell you if you are looking at the original or a copy. A pen and ink document does not garauntee that someone has not tampered with your document after signing but does tell you that you are looking at the original.

    Non-repudability tells you that the person is who they say they are. Currently we have developed forensics to detect written forgery but as yet digital signature forgeries are 'perfect'. No doubt audit trails will be develop to enable similar forensic analysis for digital transactions. One thing to watch is the burden of proof. At the moment the consumer does not have to prove his signature is real in the event of a dispute, rather it is the other way around. Our sometimes rather blind faith in technology can swing this around (witness the protracted legal battles that *finally* persuaded banks to accept ATMs could make mistakes).

    Just some food for thought. You could do worse that examine the British legislation going through parliament and the intelligent debates going on there. One source is FIPR (http://www.fipr.org/).

    Phillip.

  • Even if the gov. approves digital signatures, what will the standard be? PGP, which I've used for a very long time, has gone commercial with McAfee, and Verisign digital signatures also cost money. And don't tell me we have to learn how to write our names by moving a mouse either!

    Seriously, there has to be a free option for personal online security, and someone should do something fast about it too! The fluorishing online economy does not need 14 conflicting standards all vieing (sp?) for the foremost usage in net commerce.

    =======all i have to say=======

  • How do I know they won't take my signature and append it to some order for 200 computers? I don't know, it seems like there are a lot of problems with this idea.


    You're wrong, because digital signatures don't work that way. The way to use digital signatures would be to have you sign your order. A digital signature is different from your meatspace signature: it relates to what is being signed. Don't forget, that digital signatures do two things: they authenticate the sender (yes, it was you who signed this) and they authenticate the message (yes, this is what you signed). So if outpost asked you to sign your order for 17 mousepads and then took that signature and put it on an order for 200 computers, the signature would not check out.

    --

  • I think this is a good point. Technology designed by humans will always tend to be defeatable by other technology also designed by humans. We see this in many other arenas of life as well: we have nuclear weapons, so do they; I have a Club, he has a freon can; I have a lock, he has a drill.

    Nobody insists credit card numbers on shopping receipts be obscured by moire patterns or shredded by a "trusted" authority. In fact, in RL almost anyone you meet or interact with has the *technical* capacity to rip you off.

    I believe these problems will be addressed in the computer world, as they have been in RL, through social and legal means, not technological.
  • IANACryptographer, I just listen reeeel goood, and read the right stuff. The following is what I recall from an RSA2000 presentation:

    Actually, many digital sig algorithms are not as secure as you say; for example, almost all algos that don't spit out a piece of the intended original message along with the hash of it are vulnerable to what is called 'existential' forgeries--any collection of gobbledygook fed to the verification algo will spit out another collection of digitally signed gobbledygook. USeless, but interesting.

    More interesting is that if one is careful, many algos are vulnerable to a mathematical trick that if you can get someone to sign off on a few separate things, then tie them together, one can use the signatures of each part to create a signature of the whole. The parts may be acceptable in their own contexts; the whole may not be anything near acceptable.

  • We are all assuming this means something like PGP signing an e-mail message. Does it? Who knows when it comes to Congress (there was just a story a day or so ago that says many of them still don't use e-mail).

    I was at a web site and it asked me to "sign" an agreement by typing my name into a signature box. By typing my name in there, I agreee to the terms. Is that what these bafoons consider a digital signature?

    OK, let's assume this is a real digital private-key sort of a thing. What about the logistics? Who signs your key? The new Verisign/Thawte monopoly? May God help us all if so. Even if not, keep considering.

    We are talking about typical Americans here folks. The same flock()ing idiots that are my users that post their account password on their monitor, the same idiots like our students who get a sheet listing their ID and password and I end up finding them lying around in the cafeteria, halls, and classrooms later.

    A "real" digital signature using a private key is cool because it combines "what you know" with "what you have" (passphrase and the key respectively). Pass phrases will be passed around, and users will lose their keys and/or not protect them either.

    On the other hands, written signatures are about useless now anyway. How many of us have signed the new credit card terminals that are just basically digitizing your signature you scribble on the screen. I've always feared those tablets also record stroke and weight. If so, run that data through a plotting device with a traditional pen and crank out all of the "legitimate" signature copies that you want. (Which is why I always trash my signature when signing those stupid things by writing something signing it and inserting the name of the story over top of it like Ken 'best buy' Weaverling (but kind of overlapped).

  • Actually, the main thrust of this bill is to provide for a standardized, cross-state acceptance of digital signatures; mostly for legal documents and whatnot--electronic filing of court documents, yadda^3.

    As it is, each state has their own law or version of a law (UETA) that is for the most part incompatible with the other laws. So, a contract digitally signed in one state is invalid in another; which severely limits the usefulness of digital signatures, naturally.

  • I've seen banks routinely honor checks with no signature and checks with poorly forged signatures. Their policy appears to be that the only time a signature is verified by a human is when a transaction is challenged or when their own money is involved. Digital signatures might be an improvement.

    I always write checks with a ball-point pen. This makes it more difficult for someone to alter or forge a check. The ink isn't easily bleached and the paper records the pressure patterns of the writer.

  • Hmm. Conspiracy-minded much? I agree with the principle of watching out for Big Bro, but I can't quite get nervous about the scenario you fortell. Even with the increasingly awesome number crunching capabilities we have today, you are talking about one *hell* of a lot of data when you say every digital signature in existence. I doubt that anyone but the most significant of people will attract the attention and merit the resources necessary for such a feat.
  • No, they are talking about strong cryptography and public-key authentication. Basically you take a hash of the data (probably the date, credit card number, and amount; but could be anything) and then encrypt it with your private key. The data can be decrypted with the public key, verifying that the private key was the one to encrypt it. Or something like that.

    It has nothing to do with your actual signature.
  • Go to this page [gnupg.org] and read.

  • by coyote-san ( 38515 ) on Tuesday February 01, 2000 @07:57AM (#1316685)
    Something else the CNN article covered in the same segment (because it's in the same bill?) would allow companies to substitute email notification for pmail notification.

    There would be no requirement to send a paper copy of the document.

    There would be no requirement to obtain proof of delivery.

    The segment then had several talking heads - always from the industry - assuring us that only a few crackpots afraid of technology they don't understand were upset by the provisions of this bill. Most people *wanted* to be able to visit a web site and sign a contract for, oh, health insurance and get an immediate email confirmation.

    The critics raised dire (but always "unsubstantiated") fears that people would get nailed by late fees or policy cancellations because they never received the email notifications. In the worst case, they could lose their house to foreclosure.

    N.B., this is not something which only people who aren't making payments need to worry about, nor are these fears unsubstantiated by experience. It's a significant problem today - ask any victim of identity fraud.

    While a company should theoretically verify the digitial signature of all documents regarding change of address and change of signature, history shows that the companies will bend over backwards to "help" the customer who lost his information due to a disk crash while moving, lost it due to a virus, or a dozen increasingly more bizarre reasons.

    Considering the fact that I write so few checks (prefering direct payment) that I often forget to sign the laser-printed jets -- yet they are still accepted without a problem -- and the funny look I got from one bank rep who was critical of home printed checks because they were too easy to fake ("but that's why you have a sample of my signature!"), I doubt companies would ever check the signatures until the lawyers get involved in a dispute.
  • there's a good chance that ether the US Gov. or Microsoft will try and design that standard. Frankly, I trust neither

    I hear that! Let's call up the MPAA and get whoever they hired for CSS! First Class Security! Awwwww shit yeah!
    ------------------------------------------- ---------------
  • by X ( 1235 ) <x@xman.org> on Monday January 31, 2000 @11:59PM (#1316690) Homepage Journal
    First of all, for those of you who are concerned that this opens up some huge problem in security because bits can be copied easily, please read up on digital signatures and how they work. Rest assured that provided you use them properly, it is VERY hard for someone to add your digital signature to another document (unless the contents of that document are bit-for-bit the same as one you've already signed --in which case, who cares?).

    The concern I have is that this is based on what we CURRENTLY know about encryption technology. I've been reading up on the history of cryptography, and it really looks like a horse race between code makers and code breakers. The thing is, the code makers HAVEN'T been consistently winning. Indeed, if you look back in history prior to the 1970's, you'll find that there were very limited periods of time when code makers were winning, and frequently it was only for short periods of time.

    What's going to happen when the inevitable happens? Particularly if cryptographers don't have a new discovery to replace the broken approach. Once the infrastructure of using digital cryptography is in place, it's going to be hard to undo it (case in point: how companies/governments/individuals elected to avoid Y2K problems by simply pulling the plug?).

    I don't think this is a reason not to use digital signatures. I think it's a reason to start thinking NOW about how to handle the seemingly inevitable moment when someone figures out how to crack existing approaches... particularly if there is no replacement.
  • Actually, if a digital signature was used the process of authenticating you with Outpost.com would be significantly easier. Think about this: that password you used to login.. how long was it? With computers doubling in speed every 18 months, the necessary length of a password is increasing at the rate of about one alphanumeric every 18 months (based on the fact that people tend to use english passwords and they have limited entropy).

    Additionally, it's hard for Outpost.com to prove that you actually ordered a specific item. You can easily claim it was a mistake in their software and it looked like you were ordering something else. With a digital signature, there can be little doubt (barring a bug in your video driver ;-) that you saw exactly what you were signing for.

Every program is a part of some other program, and rarely fits.

Working...