Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
The Internet

Congress Moving On E-Signatures 158

Silas writes: "Well folks, Congress is moving along with attempts to make digital signatures legally binding for online transactions, public and private." Many pros and cons if this goes through, but I'm definitely looking forward to reducing my mail.
This discussion has been archived. No new comments can be posted.

Congress Moving on E-Signatures

Comments Filter:
  • We're really privaledged to be witnesses to the birth of a new industry - forged digital signitures! Signatures of the rich and famous! Soon we'll be keeping autograph books in our PDA's. Wow, Tom Cruise's dig-sig has sooo many zeros!
  • by citizenc ( 60589 ) <cary@glidedesign . c a> on Friday June 09, 2000 @09:44AM (#1013397) Journal
    The article tells us that the senate is moving for digital signatures that are as legally binding as a pen and paper signature. Does that mean that current internet documents that are "digitally signed + legally binding" are, in fact, NOT legally binding? (Case in point: the Napster [napster.com]-getting-unbanned-by-Metallica declaration?)

    Does this mean that, in it's current state, a legally-binding, digitally-signed document does NOT exist?

    .- CitizenC (User Info [slashdot.org])
  • Pardon my ignorance, but how can digital signatures be that secure? I may store my private key in my account, but if some hacker gains root on my system, he would have my private keys. Can I then deny that I ordered that plastic dildo from sextoys.com?
    Not if said hacker doesn't have your passphrase, unless of course you stored the passphrase with your private key. At least PGP is this secure, I couldn't tell you about S/MIME.
  • Actually the DNA in Identicle twins starts diverging rather early on. Viruses are the main culprit.

  • Thank you for your concern, yes I
    have given it alot of of thought, & no
    my knee usually jerks in favor of new
    technologies. After extensive experiences
    with the possible consequences of liability
    accruing due to accidents & whatnot.
    I envision a magnetic strip card which
    empowers a $pay$ key. A decent attorney
    could probably make a complete fool of any
    victim who claims they accidentally left
    the card in the machine.
    On a world wide basis, most people
    prefer NOT to type in pass phrases, most
    kids know their parents *pin numbers*
    & in all likelihood the the machines
    will be confiquired to ALLOW accidents.
    I go beyond Murphy's Law to Masonic
    I think the first time a dirty toilet
    AUTOMATICALLY flushes your butt with filth
    you will begin to see some things ought to
    be under the explicit control of mortal men.

    You can make many new friends
    & rid yourself of strange maladies
    by shouting out in public places;
    "Damn Free Mason, female, fascist,
    freaks [O.E.S.]are burning my [insert
    correct body part here]
  • Being that I didn't specifically mention
    'electronic key legislation' the moderator
    who got my post couldn't understand that a child
    who accidentally activated a numerical key
    [probably several pages in length & therefore residing on the hard drive] might cause
    problems.[like kids who run up phone bills].
    So maybe I should spell it out with a paint
    roller for these Wunderkinde. Once them
    shysters smell money they'll probably have a
    [cash] button like [web] buttons etc sitting
    in the middle of your keyboard. If you think
    that Windows is a cheap piece of cr*p, try
    programming a pc that has been DELIBERATELY
    screwed up to avoid monetary tampering.
    When computers came out one men could
    put together a a neat program. Now with the
    **** fhat's been added it takes weeks for several
    guys to put together a program of any
    reasonable complexity. Wait til you need a
    4 year degree to run windows. This E key
    legislation is one big step toward creating
    a machine too important to be handled by
    unauthorized, non proffesionally trained personell. Does mring the picture into
    focus for ya. These free Mason technocrats bury
    everything in cr*p so deep they take
    the fun out of programming. [& money out of the
    pockets of thode not privy to the
    undocumented code that seems to make every
    thing work.]
    Does that put it more in focus for you.
    This legislation lies to casting a chill
    over a major area of productive power in the
    hands of the people of the World.
    Ok You Free Mason cupcakes want to play
    Perhaps this explains things in greater
    particularity for you. Howse Adolph?

    Since Geo. Washington, the officers of
    the Armed Forces have all been
    Free Masons, which may be why
    their Russian Brothers had our
    troop movements before our men did.
    VA doctors have found either
    chemical or biological
    justification for Desert Storm
    Syndrome. Perhaps our officers
    are punishing our men for what they
    did under orders. Done with a
  • I don't know as much about PGP encryption as I should, and would want to, but. My PGP passphrase is hellishly long. It's about forty characters. With spaces, capitalization, and several marks of punctuation. Brute-forcing it would take a awfully long time, I'd think.
  • The point was maybe that a combination of these could make it more difficult to crack. With more layers of encryption, you wouldn't know if you've actually partially decrypted the signature successfully or not, or would you? I'm awfully behind on this topic I'm afraid.

    - Steeltoe
  • Actualy, no.. Identical twins, for example have identical DNA, and I would suspect that 'consumer grade' DNA scanners in keyboards wouldnt beable to tell the difference beteween blood relatives

    Handwrighting expercts maintain that signatures are unique, and they may be. The problem is, that signatures can be forged.

    Actual fingerprints would not be a bad idea, nor would face, ear lobe, or retina scans, preferably with a combination of two or more of the above, in addition to a password.

  • by Greyfox ( 87712 ) on Friday June 09, 2000 @12:07PM (#1013405) Homepage Journal
    The Post Office would be perfect for this job. You've got a branch office in every city in the USA (Minimum requirement to be a city anywhere in the south is that there be a Post Office and a McDonalds.) Why not implement a scheme like this:

    1) Create a key in PGP or GPG.

    2) Put the public key on a floppy and take it down to the Post office.

    3) Show them your passport or your drivers license and Social Security card and give them the floppy and $5.

    4) They put it on their LDAP keyserver, accessable at ldap.usps.gov.

    5) Anyone wanting to authenticate your identity would check there.

    You could offer some really neat features in a system like this, such as the possibility of creating arbitrairly anonymous keys for use in handle based fora or Hotmail accounts. If your key is compromised, you'd just go to the Post Office and issue a cancel certificate. Ideally there'd be limitations of liability similar to what you get with credit cards if you issue a cancel certificate in a timely fashion after discovering your keys have been potentially compromised. Especially since most computers on the net are insecure.

  • Interesting too that one organization now has control over the most lucrative domain names and the most well used authentication service. Perhaps the making for another monopoly.
  • Response to comments made:
    • Passphrase cracking It is absolutely true that even brute force methods reveal passphrases in a few weeks, if not minutes, depending on the creativity of the passphrase. This means that it is important for two conventions to be followed:
      • Change passphrases, every, say, 2 weeks. This is only a minor inconvenience; it can be done without generating a new key pair on most encryption systems (e.g. GnuPG), which is a big plus when keys must be signed by other parties.
      • Stipulate certain passphrase qualities on entry, to somewhat counter user carelessness/stupidity.
    • Persistence of personal data Most companies keep hard records anyway, though they require back-breaking work to search and cross-index instead of using a few script commands. However, the objection is valid in the sense that digital signatures and watermarks have optimal fidelity and are difficult to dispute, unless a breach of security can be demonstrated. Any con with enough practice can replicate a handwritten signature such that even experienced counterfeit-detection experts have difficulty spotting a fake.
    • Cracking and signatures Encryption is not a far leap from digital authentication; SSL is considered secure, and soon all transactions will be considered so if they travel over IPSec or the ilk. In terms of public confidence, concerns for both sides of cryptography in commerce must be addressed, particularly if the same encryption platform is used for authentication and encryptions, as with OpenPGP.
    • Confidence in identity Ideally, getting a trust certification for a key pair should be as easy as getting a driver's license or passport ... er, bad examples. Say, if you already have a driver's license or passport, you could go to a notary and have his/her well-known key sign yours. If proper passphrase practices are implemented, then this should be a one-time inconvenience (unless you want multiple keys).

    *** Proven iconoclast, aspiring epicurean ***
  • As sad as it is, many people will start to store passphrase on there computer. We are talking about the general public here.
    How many programs will 'intergrate' the ability to 'sign' a document with the push of a button?
    If someone else sits at your computer, the software wont know.
    I suspect some clever person will find away to eMail someone an eMail that signs itself, then replies to the sender, without the sighner knowing.
    The ways to abuse this is staggering.
  • Actually I would use me thumb print as a 'passphrase'. I wouldn't want to use that kind of varification for Credit card or atm's tho.
    "give me your wallet" "ok" snick "now give me your thumb..."
  • The difficulty of prime factoring is not the only, and should not be the only algorithms to implement digital signatures. Maybe we need one based on the knapsack problem or something else.

    Any good promising candidates around?

  • "Before anyone even considers making digital signatures legally binding, how about requiring this binding to only take effect if the document was signed by an approved smart card? Make it a parameter of the signature, and make it illegal to write software or create unapproved smart cards that set that parameter."

    Pardon my ignorance, but how in the world would you prevent people from creating illegal smart cards to forge digital signatures? Seems to me that this solution just creates new avenues of digital fraud.


  • By the time they've decided on this, we'll have computers fast enough to factor the primes, crack the keys, and render this technology useless.

    I'm sure that this was not the point of your post, but unless the actual algorithm is broken (which means discovering the true nature of primes, or at the very least a solution to factoring numbers easily, which is closely related) there is no real danger here.

    If the computers are that fast, then they will also be fast enough to compute larger keys at a usable speed.


  • How do we keep ourselves safe in a time when anyone with a pen can forge our handwritten signatures? The answer is, all signatures are insecure and legally contestable, and the process is a real bitch if you've ever been through it.
  • > Hey, we still consider encryption "munitions."
    That's so stupid! I know there is also lots of bullshit in french cryptography laws, but I believe it was recently fixed. Not sure, however. But I've no time now to search documentation about this.

    > I wonder if it's legal for a US e-signature to be used in a non-US country?
    I'm afraid it depends mainly of your congressmen.

    Slightly off-topic, but I want this [osslaw.org] to be voted.

  • "This is NOT spam! One of our subsidiaries which you have done business with received your legally binding signature...to withdraw from our mailing list, merely click the link below, where you will receive instructions to verify your decision to op-out by providing your (wait for it)..."

    Ask for the verification.

    Even if a luser was stupid to sign an "opt-out decision", that alone couldn't verify the so-called "original" request for the spam. I'd be more worried if the spammer asked instead for the luser's private key... and the luser actually handed it to them!

  • Good point... many times it's not the algorithm that's the problem, it's how people go about the exchanging of keys, storing the keys, etc, that compromise a system.
  • Were those electronic documents even digitally signed in the first place? I think not.
  • Making digital signatures legally binding scares the shit out of me.

    Keep in mind that, even with current 'legaly binding' signatures, you can potentialy always go to court and say "I diddnt sign that".

    Because of this, important contracts require a witness (who could also potentialy say "I diddnt see him sign that, and someone forged my name too!"), and realy important contracts need to be signed and notarized by something like a Notary Public, a Comissioner of Oathes, or even a judge.

    When I say "require" I dont mean "legaly necessary" but "expected" and/or "required" by the other entity involved in the contract to do business with you. IANAL (and working on lay Canadians idea of the law (but this is all prety basic, and basied on English Common Law anyway)) but since there is always the "I diddnt do it" escape, important contracts will always require a third party.

  • What, since Microsoft won't move to Canada, Congress is?
  • I haven't read the bill yet (finals coming up and all), but one of the problem I see here is what is the trusted database/mechanism for authenticating a digital signature.

    A goverment database? I'm out.

    A private corp? I'm out.

    RSA as a digital signature? Only secure for a subset of messages (see IEEE press's Contemp Cryptography(?) for that attack).

    If you're responsible for your own digital sig, how do you change it if/when a pratical attack comes out for your algorithm/protocol?

    Just a thought. Please kick my ass if I'm wrong.
  • You would be one of the exceptions.
    PLus when 'convience' addons begin appearing,and they will, anytime a system is unattended, someone could enter that computers owner into a legally binding contract.
    Imagine the exploits for that?
  • finally I can sign contracts online. Getting out of my chair to go mail something has always been the bane of my existence. Oh wait, I guess this means that I'll have to actually "sign" for those purchases, huh?

  • In an interview on CNN or MSNBC last night about online stalkers there were two major points made. First is never give out any information about yourself. Second was that all packets should be signed with your social security number of all things. Don't these seem mutually exclusive to anyone else?

    On a side note, social security numbers are not required to be a US citizen, in fact as long as you don't work for the government and don't keep money in any institution regulated or associated with the FDIC there is no need. On a side note the same goes for paying taxes. If this regulation goes through then in essense what is said by requiring a social security number for internet access is that it is a privledge and not a right for a citizen to possess. Scary thought to think that we may not have a right to communicate. Just some things to think about.

  • Boy, it's always such a treat when the government decides to regulate something else! Where would we be with out regulations... more free and less paranoid? naaaah.
    www.chowda.net [chowda.net]
  • Nobody has 'root' on my system.

    Wrong. Everybody has root on your system, in fact you have no way to prevent people from having root on your system. If a Linux application gives a local user unrestricted access to the computer, it's a horrible security bug that causes frantic warning emails to fill inboxes and newsgroups worldwide. If a Windows application manages to restrict a local user's access to the computer, it's a technological marvel built on a shaky foundation.

    That is because I don't run a time-sharing system,

    Unless you're really using DOS, this is untrue. BeOS and Windows9x are both multitasking systems, and Windows at least provides better mechanisms than Linux for allowing malicious processes to *hide* themselves from the user.

    where the whole system is structured so that multiple users can wait poised to do things I don't approve of.

    What, you've never heard of Back Orifice, NetBus, BO2K, or even the trojan "movie file" that's been bouncing around the net this morning?

    My single-user operating system (BeOS, Windows 9x, DOS, whatever OS you choose to hate, Slashdotters) doesn't have a root account.

    Yes it does. Root is the *only* account it has.

    The only way to get that power on it is to sit down at it.

    Or to get you to run a trojan Word document, VBscript, or executable (like millions of people have, for multiple different trojans), or to get you to run a malicious ActiveX applet, or to exploit a buffer overflow in any of a number of old versions of IE, NetMeeting, various FTP daemons...

    You're not going to be allowed to do that, by the way.

    Oh, you've never let anyone else sit down at your computer? You've never even left your computer alone while you weren't in the room? You're not a common case, you realize that?

    Besides, who needs to sit down at your computer? I just need to burn my trojan backdoor to a CD-R and stick it in your drive, if you're one of the 99% of users who hasn't disabled autorun.

    Or hell, I just need to sell you some nice closed source software or give you some shareware with a proprietary internet protocol, and upload whatever I want in the data stream. How many different companies wrote software that's installed on your computer? Do you realize that every one of those companies have "root" access? Do you trust all of them?
  • If your private key is stolen then it's a matter of decrypting your password. Ever tried L0phtcrack?

    this is why where possible (e.g. G?PGP etc) it is better to use passphrases mine are all at least 4 words +, with numbers and non \w chars, easier to remember as well.

    and yeah i know, most people aren't going to do this . . .

    means you are going to have to be damn sure about anyone you let near your pc as well (repair persons/tech support/consultants etc), it's a fairly trivial matter to put in a keyboard logger and they might just doing this job for a couple of weeks and then off to a nice mansion in the country. right now the greatest protection you have is that most of the stuff on your (private) pc just isn't worth the hassle.

    and a higher level of security on the majority os will be essential, take for e.g. the trojan mentioned on a previous thread, now it just sends your ip and dun details, maybe the next version will just stay quiet for a day or 2 waiting for some real juice.

    do we really need this? it makes things more conveniant, but how conveniant do we want life anyway, just imagine in the future when your most important descision is choosing baby's new chair, with inbuilt massage to prevent muscle atrophy and drip lines for food and caffeine.

  • IIR, there have been court cases where cryptographically signed business documents have been treated as "hand signed." This occurred many years ago, I believe around 1995. I have also recalled recent cases where online shrink-wrap licenses have been upheld for a very limited domain - mainly IP protection.

    In my mind, an online shrink-wrap licenses carry very little weight and I have no problem clicking "Yes, I agree" without reading an agreement. It's simply to easy to argue that another user posed as you. Web-crawler's can easily SUBMIT whatever is expected and a computer program cannot legally enter into such an agreement.

    It's kind of scary to think that online sites may move to legally binding cryptographic signatures. Imagine a feature built into the tag that allows a user to digitally sign the POST data... Then you may end up having to read more legal agreements than actual online content. Slashdot may require you to use this feature or you automatically become "Anonymous coward." etc, etc. The possibilities are endless and many are not very encouraging.
  • by / ( 33804 ) on Friday June 09, 2000 @09:31AM (#1013428)
    This is one of those areas of the law where all we need is a standard to agree upon, and it doesn't matter too much what exactly that standard is. It's no more oppressive than having governments regulate what gauge the railroads use.
  • You're kidding of course. The knapsack problem
    has a long history of cracks. Look it up.
  • by Greyfox ( 87712 ) on Friday June 09, 2000 @09:31AM (#1013430) Homepage Journal
    Marvel at the snail like pace of the makers of our laws. By the time they've decided on this, we'll have computers fast enough to factor the primes, crack the keys, and render this technology useless.

    Keep up the good work, guys...

  • Actually even fingerprints can be forged. There are an awfull lot of issues here that need to be raised. What if some company starts using your electronic signature for purposes other than what you originally sent it in for? What protections exist? What recouse for fraud? Will this lead to a Federal Department of Signatures? Is this a federal or a state issue? Gee, we have enough issues to keep us busy for the next 50 years. Just because France and Italy have legalized it doesn't mean that the USA should jump off that cliff.
  • Your child turns on the computer to do a
    book report & winds up with a toyota &
    a date with a $1000 hooker.
    The moral of this story is don't
    type your homework on a cash register.

    Accursed Scum

    You can be played like a puppet by
    stimulating your internal organs with
    the effects of a MICROWAVE LASER

  • Don't give them any ideas... No, seriously, that's probably one of the best ideas for a way to stop piracy - to have to e-sign the EULA in order for the software to work. (I know, I know, it'll be cracked soon enough...)
  • I'm sure there will be many posts here about the dangers of digital signatures, and forger, and loss of privacy, etc... most of them both valid and rational. But be sure to consider the plus side as well.

    Whenever you purchase something online: a cd, a book, software, etc.. you are entering into a contract with the person/company selling you that item. If you purchase an item in a store, you must either provide cash or credit card with a signature. This adds validity to these contracts which protects both the merchants and the consumer in the case of fraud/bad merchandise/insert other *bad thing* here.

    This also enable more sophisticated business to transpire online as well. Opening up stock trading accounts. Purchasing real estate. Leasing cars. All things that require specific contracts, and which involve mail delays if the persons involved are not physically close to each other.

    Yes forgery and privacy issues will be found here, but Guess what? Cases of forgery and violation of privacy occur with written contracts too.

    I think this a necessary thing, which like all other things, must be used carefully and with both eyes open.

  • The way PGP gets around this is the your PRIVATE key is actually encrypted, with the password that you supply. Your Private Key is decripted, used to sign your message, and then the decrypted key is purged from memory. You see, the average password that people try does NOT have anywhere near 4096 (or even 1024) bits of entropy

    So, even if they GET your private key, they still have to crack THAT - now if you picked a GOOD password, that'll be HARD

    a REAL good password might be something like


    but that's kinda hard to remember

    a BAD password would be "Clinton"

    and OK Password might be

    This,## Is a\\ someWhat678OK,.Passwrd

  • Making digital signatures legally binding scares the shit out of me.

    Why is that any more scary than signatures made from scraping ink across paper? Don't you know children are taught how to do that? Why, a clever person could use that ink scraping knowledge to forge a signature.

  • The simple way to get around having to crack the keys is just going to the client and copying the keys straight. Now the forger has an exact copy of the keys needed to make digital signatures for John Doe

    How do you sign the messages with John Doe's private key without his passphrase? If J.D. was stupid to have a simple or easily guessable passphrase that's his fault, or if he were stupid to store the passphrase on the same computer as the private key.

  • Big deal; you can do that in real life, too. Unless the US has suddenly become a police state and the entire society is based on mistrust, there is no reason for this to be 100% secure.
  • by / ( 33804 )
    But not if the law explicitly enumerates the key length. And it's not one of those things that can be conveniently indexed against inflation, for example.
  • Yeah, I was wondering the same thing. Can a click be considered a binding signature when you can go and sign documents with an "X" in meatspace? (Not that one would want to, but as far as I know, making a mark is just as valid a signature as writing your name [IANAL]...)


  • Could this inadvertently help make "click-wrap" software licenses more legally binding for software purchased over the internet? After all, with a digital signature, the click-wrap license now can be made into a signed contract.
  • congress needs to worry about lowering my taxes and not stupid crap like this.

  • I just found out (in an unrelated conversation at work) that a friend of mine hacked into my dorm computer three years ago, when I was running Win95 (I forget what release) and it had a remotely exploitable SMB service. Good thing I didn't keep anything sensitive on it at the time, huh?
  • I realize that it's not as simple as cut and paste, and perhaps I should have explained that.

  • A guy on my department has written about these - the basic problem is that if somebody does figure out a way to imitate your hand/signature/retinal characteristics (and, remember, they can get access to the data because the whole data has to be stored for comparison, not just a signature) you're in trouble. It's rather difficult to get a new, non-compromised retina :)
  • It's not the digital signatures, but who controls the certificate authorities that scare me.

    After that, it's just a matter of legislating that to provide certain services or present certain content you need a government certificate or you can't do business.

  • Perhaps the best way to implement this would be to use your thumb print as your private key. That way replicating your private key is virtually impossible.

    Of course if you were to disfigure/lose your thumb I guess you couldn't enter any more contracts electronically.

    /me sees hordes of people injuring their thumbs before installing new Microsoft products.

  • Except that France bans encryption, so e-commerce becomes considerably more risky.

    I seem to remember that you can disable most of the *cough* security features in Windows NT by simply setting your location to France in the Date/Time control panel.


  • No more, no more, I believe. But I don't have more time, computer auto deconnection in 30 seconds.

  • Ssssssh, quiet! You might scare people saying stuff like that...

  • Okay, so much for the pro-anonyminity ./ crowd.

    I for one, do not want any company whose purpose is profit, to have access to MY DNA. It's really that simple.

    And until the effectiveness and security of the digital signature is proven, I won't be filing too many mortgages over the net.

    I'm not even supposed to BE here today!"

    LOL! Clerks! I use this line at work all the time and no one gets it. :P
  • by Eil ( 82413 )

    I have a question... although these may not be exactly the same thing as what we're dealing with in the post...

    I know that some chain retail stores require you to sign a digital touch-screen of some sort with a stylus as a way to verify a credit-card transaction. And I believe some shipping companies (UPS, etc) also do the same thing to confirm package receipt.

    Are these technically legally binding or are they only intended to suit the needs of the entity in question?
  • I just have one thing to ask. I agree that a digital signature is probably a good thing, however, I have to ask.. How will it be implimented? I mean, is it to be like PGP's public/private key system so you can verify that when you give the public portion of your signature to the document, they can verify it against the private half to prove it was you? What's to stop someone snooping an insecured web-transaction from getting this 'public portion' of your signature and reusing it?

    IF this is to be implimented properly, I would think it'd have to go on this methodology.. You have a public and private half of your digital signature. The public half is not just two static halves of the same key, like PGP is, but rather your signature plus the timestamp of when it was signed. That way anyone using it would have to act almost immediately to get the signature done right and keep it as valid. Using a static public key would be plain insane to prove without a certainty of a doubt that it was you and not someone who happened to see your key or hack your harddrive.

    Another question.. what software would do the signatures? Would it be multiplatform, or Windows only? Would the software be even something the user would need? The very NATURE of the Web is anonymity, to change it and say that doing a transaction over an anonymous webpage now has your signature on it had better be really darn good, else any script kiddie with a few public tools could sign your soul to the devil (as it were). This goes doubly true if you're now going to be held legally bound to the contract in hand.

    I, for one, want to see this implimentation before I would ever consider using it. Mearly stating that e-signatures are now legally binding is like saying your neighbor is now married to your wife. Unless you have a good way to prove it, I see this as a situation of the government attempting to quell fears while not grasping the whole implication and practicality of it all.

  • Along the same lines as the 4th argument "When I get a signed email from some beautiful celebrity who wants to go out with me, how do I know it's her?", who's going to be the repository for all these signed public keys? The government? Verisign? Any of the other authentication services? Are they going to do so for free, or are you going to have to pay to get a digital signature?

    Maybe I'm thinking about this in the wrong perspective. When I think of 'e-signature', I'm thinking an electronic version of your signature, ie: something you already possess and will uniquely identify you (within a small margin of error). Are E-Signatures going to be something that most people will have, or are they going to have to register with a signature company in order to get one? I tried browsing over to the named congressional links page from this one, but didn't quite find out what the definition of this term was to be.

  • I consider this premature. Yes, the technology is ready, but companies seem unable to deploy this kind of technology reliably.

    Even in the area of credit and charge cards, where billions of dollars are lost to fraud, companies still use completely unsecure systems.

    I have also had several experiences where companies have duplicated electronic records, swapped electronically stored signatures, etc. With paper, fraud is quite possible, but with electronic signatures, both fraud and programming accidents are possible.

    And, should there be a dispute, the situation in court is also disadvantageous for the consumer with electronic signatures. With paper, you can always ask them to produce the record. With electronic signatures, it ends up being your security expert against theirs, and they can afford to pay a lot more for their experts.

  • like the bible says
    there will be
    no buying or selling without the mark.
    so where is the churches on this ?
    i consider government a religion minus prayer.
    Its easy to fore see the future
    you will have a unique signiture (identifier)
    you will sign and post your taxes with it
    you will do all transaction with it
    you will be tracked by it

  • How can they make digital signatures legally binding without describing what "digital signatures" are? Will there be any minimum standards of key length? Who sets the standards? The federal government? The states? Will we use RSA hashes? A mish-mash of different schemes?

    Who issues the keys? Can we make them up ourselves with a random key generator? How do you ensure each person gets exactly one key? Who signs the keys - a web of trust, or some government agency? What happens if that key is compromised?

    If the government wants us to use a certain standard, will they release source code for all to work from? I personally would not trust most companies' implementations of digital signature schemes. I would not trust software that implemented digital signatures unless it was open-source, AND thoroughly peer-reviewed. It's far to easy to create security loopholes.

    And if we don't watch out, companies could use it to make us sign EULAs, or register software. I'd be wary of any kind of "automatic" signing software. I want to be there at the keyboard verifying it each time with a pass phrase or some such. And I need to be sure that what I'm signing is actually what the computer tells me I'm signing - it would be easy for some software to pull the bait-and-switch.

    These issues need to be worked out before the law can be put into effect.
  • by Somnus ( 46089 ) on Friday June 09, 2000 @10:00AM (#1013459)
    The increases in efficiency and organization are obvious. However, people are uncomfortable with the supposed security flaws. Some issues which I consider myths:
    • It's all over if a cracker takes my private key! Well, would he/she not still need a passphrase? Just make sure passwords are not cached (this, I admit, is the weak link). Also, you can issue revocation certificates; even if someone else knows the passphrase and has your key, they cannot revoke a revocation certificate.
    • Then the government/corporation/slashdot-satan-for-today will know who I am! Yes, just like with your handwritten signature on any official document, esp. those requiring notarization.
    • My encrypted stuff can be cracked! This takes an immense amount of computer power, and most people are simply not that important. How would you encrypt things at all without computer cryptography? You could be like Richard Feynman, and create codes with your spouse to send encrypted hand-written love letters, but I personally don't have the time or mischievious inclination for that.
    • When I get a signed email from some beautiful celebrity who wants to go out with me, how do I know it's her? That's why all public keys that matter are themselves signed by authentication services, like VeriSign. For personal keys, use these services or maybe the notaries at your local banks will catch on to another money-making opportunity.
    Any disagreements? Am I missing any critical factors?

    *** Proven iconoclast, aspiring epicurean ***
  • Is this the same bill that had other gems "expediting" business transactions over the net, e.g., allowing companies to send e-mail in lieu of paper mail, even certified mail, without requiring any type of proof of delivery to the receipient?

    The risks of that should be obvious. I already get enough crap from companies insisting that they gave me plenty of notification of rate changes/fee changes/etc in the 5-point print on the bottom of a statement bundled with "valuable information" on return address labels, travel clubs, $10 'CD' players!, and similar junk. Now they can just eliminate even that step and just mail it to me at "friend@public.com" and it's totally my fault that the message is dropped as spam by either my ISP or myself. *sheesh*

    I must remember. No email is ever misdirected. No email is ever lost. All mail I received should be carefully reviewed, in its entirety, for important information. I must always run attached Office and VBS documents - it might contain a self-extracting signed document concerning some critical financial issue such as my long distance charges (which average less than $20/month). And in a totally unprovoked dig, MS Exchange only has problems because of all of those unconfigurable sendmail servers. :-)
  • I know that pen & ink signatures ca be forged, but a digital sig would (at least now) would be FAR TOO easy to copy. They're going to make this easy for the morons with their first computers (Presario) to use. What does that mean? It'll have to be less secure. People would rather it be easy than secure.

    So let's say that someone intercepts a digital signature on a Non-Disclosure Agreement or somesuch and then types up an agreement saying that they've already given you $X in cash and in exchange you agree to give up your house and then tacks that intercepted sig onto the bottom. You'd actually have to spend money on a lawyer to keep your house.

    Until we have universal standards for STRONG crypto, I think that this is a BAD idea.

  • Yes, we will have legally binding digital signatures, produced by software with EULAs (made enforceable by UCITA) that disclaim all liability for their security holes and prohibit their competitors and third parties from the very sort of peer review that is considered essential in cryptography.
  • IANAL but I work for them. We constantly have docs that people have to sign off on. Everyone involved knows exactly who the other person is, and by the time the agreement or whatever is finished, they all know that then someone has to print it and then it starts the "fedex chain" where it has to be mailed from one person to the next to get their signatures. Usually it's just a signature page they return to us anyway, and if we were unethical could change the document and then attach their sig page. Instead, if this law goes through, the doc never has to be printed. It just gets e-mailed to the people that need to sign it, if someone wants to forge something like that, it will take a hell of a lot of leg work on their part. Not that it's not possible. We already to this to a certain extent with Adobe Acrobat pages - they aren't legally binding but we have a pretty good idea that they are legit.
  • Let's face it -- 99% of the populace, whether they use Windows (and I'm sure Microsoft will be so kind as to provide a VBScript hook for signing documents or at least publishing private keys, so that virus writers will have a new source of fun), or whether they use Linux (how many desktop-role Linux boxen do you know of that you would consider 100% secure?) is operating insecurely. And that insecurity is going to spell trouble if digital signatures are legally binding, because it opens up a whole new class of forgeries.

    *I* would not consider *any* box, regardless of operating system, platform, etc., to be 100% secure. The main issue with security, aside from the fact that -any- security system can be cracked, has to do with the loose nut behind the mouse. Sorry, but when a security system relies on human intervention, well, humans just aren't very secure. :)

    Yes, a written signature requires human intervention, but there is certainly less vulnerable than password-based security. With digital signatures, anyone who can physically access your private key, which usually means anyone who can get into your box (i.e., type yoru login and password in somewhere), can get to your digital signature. At least with written signatures, your actual human presence is required (excluding of course forgeries which are another matter entirely, that's why for certain legal documents we require them to be notarized or otherwise certified by a third party).

  • "It's all over if a cracker takes my private key! Well, would he/she not still need a passphrase? Just make sure passwords are not cached (this, I admit, is the weak link). Also, you can issue revocation certificates; even if someone else knows the passphrase and has your key, they cannot revoke a revocation certificate. "

    My encrypted stuff can be cracked! This takes an immense amount of computer power, and most people are simply not that important. "

    If your private key is stolen then it's a matter of decrypting your password. Ever tried L0phtcrack? It can brute force crack passwords on my P2 450 pretty damn quickly. You cannot guarantee that people will have hard passwords. As time goes by, computational power will make any of todays cryptography obscelete (sp?).

    For a revocation to work, surely you would need to know when your keys were stolen? It's not going to be acceptable that you can revoke all existing documents that you've signed.

    "Then the government/corporation/slashdot-satan-for-today will know who I am! Yes, just like with your handwritten signature on any official document, esp. those requiring notarization. "

    Yes, but unless the hand written document is scanned and annotated, a computer-based search will not turn it up. Of course, this is the biggest problem doing anything on the internet. Records of people's postings to the Usenet will be available for the rest of their life, forming a profile that might incorrect of where they are at that point in time.

    "When I get a signed email from some beautiful celebrity who wants to go out with me, how do I know it's her? That's why all public keys that matter are themselves signed by authentication services, like VeriSign. For personal keys, use these services or maybe the notaries at your local banks will catch on to another money-making opportunity.

    That's assuming that there is a failproof validation method when issuing the keys. What's to stop somebody creating a false profile in the same way we have domian name squatters registering internet domains in advance?

    I scanned my signature in so that I could attach to faxes from my computer. I've been very careful not to email documents to people with signature though. Of course... it could still get stolen now.
  • Making digital signatures legally binding scares the shit out of me.

    2 reasons why it doesn't scare the shit out of me...

    1. Here in the UK we have had binding 'digital signatures' for a while - a faxed signature (digitally transmitted, remember) is legally equivalent to an original signed document here.

    2. Surely forging a digital signature carries the same penalties as forging a written one - so we are gaining, not losing security here (as all those anti-forging laws will now apply).

    - Andy R.

    sig... Y2K, only 47.5 years left to fix those bugs!

  • Consider the current alternative: a scribble on a piece of paper? Yeah, that's secure.

    Hopefully they will make this concept legal while not requiring a specific implementation - that way folks who care to can keep the implementation up to date. I trust folks like Visa, etc, to stay on top of this. It is in their best interest (by a long shot) to make this kind of thing work well.
  • I'd expect that if digital signatures become recognized, more contracts will start requiring witnesses -- the importance threshold for notarization will drop. The notary public business could really boom.
  • by werdna ( 39029 ) on Friday June 09, 2000 @07:12PM (#1013475) Journal
    . . . these electronic signature laws are wildly overhyped.

    There is a vast amount of authority (citations available upon request) strongly suggesting that legal formalities for a signed writing (the so-called statute of frauds) are satisfied by an electronic communication annotated or logically associated with a character or characters manifesting an intent to authenticate (legally, not technically).

    In other words, the e-mail:

    "Dear bill.

    I will buy 1000 Model K frobozinators at $600 per frobozinator to be delivered FOB Tampa no later than thursday. Terms: 2% 10/net 30.

    Love, Maria"

    would very likely be enforceable under the common law and the UCC -- even if no encryption or other technical encryption was used. Requirements for signature under the common law are amazingly lax. An X, a fold or tear made in the paper, another's name, a shaving on a cow or even a footprint can constitute a signature.

    The reason for an e-commerce statute is to make any question clear beyond cavil, so to clear the way for lawyers to permit BIG deals to be done without a signed writing. Imagine a few dozen lawyers at a $100M closing. The boss for the buyer smiles and signs "Minnie Mouse," or an "X," citing the case law suggesting that the signature is binding. Maybe so, you would say if you represented the other side, you would nevertheless ask a literate counterpart on the other side to sign the document "properly."

    Its about eggs in baskets. The law should get out of the way of the technology used for signatures, and ratify any actual manifestation of an intent to sign. (electronic documents raise interesting proof issues, but so do traditional physical documents) The risk of misauthentication and the like is a different question to be decided by those who would USE the signature technology, not by those who enforce the agreements into which the parties otherwise clearly entered.
  • I registered for my trademark online with the USPTO. Instead of actually signing the document, the form prompts you to type your name in a text field 'affirming that all the previously entered information is true,etc'. If that's not a digital signature, I dont know what is. How can they do this if it is not legally binding?

  • by Kaa ( 21510 ) on Friday June 09, 2000 @10:44AM (#1013485) Homepage
    It's all over if a cracker takes my private key! Well, would he/she not still need a passphrase?

    (1) Most people "for convenience" would store their passphrase (heh, dream on. It's going to be a password, something like 'secret') on their hard drive, right next to the key itself.

    (2) Even if by some stange twist passwords would not be stored on the same hard drive, possession of keys gives you the ability to brute-force passwords off-line. This is highly practical and successful (AFAIK >70% passwords cracked in real-life tests)

    Then the government/corporation/slashdot-satan-for-today will know who I am!

    That's the wrong objection -- mostly they know who you are anyway (a signature from an unknown party is basically worthless). The point is that in the brave new world a record of your actions would be already digitized and stored on a drive/tape somewhere. This makes it os-so-convenient to cross-index and store this stuff for enternity -- just in case, you know...

    My encrypted stuff can be cracked!

    And what does this have to do with the validity of electronic signatures?

    When I get a signed email from some beautiful celebrity who wants to go out with me, how do I know it's her?

    You don't. All a public-key system guarantees is that the entity which signed this particular message has been in possession of a certain private key. There is nothing which associates a number (key) with a person. This, of course, makes the whole thing vastly more complicated than most people imagine. What you call "authentication services" help but a lot of problems still remain.

  • It's an issue of speed, and ease. It runs a little like the 'Why copy music?' argument.

    A real forger has to take significant effort to produce a work that is not easily dismissed. Additionally, the real forger has a significant time investment.

    A script kiddy has no significant effort or time investment to produce the same work.

    Think about banks. If I wish to close my account, walking away with a $10K cashiers check, the process laboriously checks identification, the signature, and whither it makes sense. Shit, I have the odd problem with my bank calling me because a check I endorsed for deposit while riding in a moving vehicle doesn't seem to match. When the electronic bank provides the same service based on my new DigiSig 2.0, some script kiddy walks away with my savings account.
  • Key points Loosly translated:
    Public-key cryptograhpic digital signature has now become the main tool, using current technology, of assuring the integrity and the source of electronic documents, therefore replacing the handwritten signature in tradiditonal documents.

    bla bla bla
    Therefore exchanging public and private electronic documents with the same value as their corresponding paper documents is now a reality.
    The document goes on to list that certificate holders must be registered and readily consultable, administered by a central authority.
    Pretty cool for a country where its still legal to abuse a woman as long as she's your wife
  • Federally mandated digital signatures will make my identity more secure. I will be able to PROVE that I didn't sign that credit card application, so I don't owe money for the bill.

    Really? What happens when someone steals your keys and starts making copies and handing them out as party favors? This isn't any different from a handwritten signature except that it can be less secure if you don't pay attention. The only difference is that you can submit papers with your signature on them digitally.

  • This also could mean that it would now be possible to do paperwork online. Now you could actually submit legally binding forms to the gov't online, and it would be perfectly legal.

    It's much easier to send a request to have your car registered through the internet directly to the Registry (guess which New England state I live in :-) then it is to go and stand in line for an hour to pass them a single sheet of paper and then leave.

    This could also mean you would now have to "digitally sign" the license agreements for all those computer programs. This could have a down side.

  • Secure digital signature is already legally binding in Italy since 1997. Here is some info (in Italian) [www.aipa.it]
  • by Zigg ( 64962 ) on Friday June 09, 2000 @09:35AM (#1013505)

    Making digital signatures legally binding scares the shit out of me.

    Let's face it -- 99% of the populace, whether they use Windows (and I'm sure Microsoft will be so kind as to provide a VBScript hook for signing documents or at least publishing private keys, so that virus writers will have a new source of fun), or whether they use Linux (how many desktop-role Linux boxen do you know of that you would consider 100% secure?) is operating insecurely. And that insecurity is going to spell trouble if digital signatures are legally binding, because it opens up a whole new class of forgeries.

    Let's pretend, for a moment, that most programmers are good at implementing cryptography and would never, ever write a program that allowed a key to be compromised by its use. (Hell, I don't trust any programs I write with my private keys.) Even if you've got good cryptography software, where you store your keys is probably going to be compromisable by an enterprising cracker.

    Before anyone even considers making digital signatures legally binding, how about requiring this binding to only take effect if the document was signed by an approved smart card? Make it a parameter of the signature, and make it illegal to write software or create unapproved smart cards that set that parameter.

  • You are confusing legal issues here. The concern (legally) over EULAs do not relate to lack of a signature. Some remedial business law:

    You do *NOT* as a matter of course require a signature to enter into a contract. Period. If I offer to sell my rabbit to you for $50 bucks, and you say yes, we have an enforceable contract under the law of 49 states (I am not sure about Louisiana law, but who is?).

    A signature is only required, generally, when a specific provision of law or common law (known as the statute of frauds) requires it. The most typical scenarios are:

    (1) transfer of rights in land; and
    (2) transfer of goods in excess of $500.

    (Which is why software licenses often expressly provide that they do not involve the SALE of software).

    There are a few additional scenarios relevant to copyright license rights -- exclusive licenses or transfer of copyrights itself (as opposed to copies of a work or the sale of a license in the work).

    Accordingly, the vast majority of EULAs do not require signatures. (Although this is an argument frequently raised against them by lay audiences). An e-signature provision would not raise new legal issues.

    The issue with EULAs is the dual arguments that: (1) I never agreed to the EULA; (2) I only agreed to the EULA after I had already paid for and received my copy of the work, hence there is no consideration for the EULA; and (3) Under the UCC, the timing of the post-sale writing, which materially changes the agreement, violates Section 2-207 (battle of the forms) and is therefore unenforceable.

    As a matter of course, by the way, these arguments have failed. The only Circuit Court opinion directly on point is ProCD, which held that the agreements are enforceable at the end of the day. Other appellate opinions held certain provisions unenforceable under other rules of law, but not on the ground that no contract existed.

    Finally, note that "digitally signature" under the new law does not require any form of encryption or authentication. A simple typed "Love, Mom" will suffice.
  • The present electronic signature bill does not require a PKI at all. Electronic signatures can be a simple "Love mOM" typed at the end of an e-mail.

    Of course, there are sound commercial reasons for wanted to be able to prove authentication in court with the benefit of a PKI, but the law is enabling only (it permits encrypted signatures enforceability, but doesn't require this for enforceability).
  • If I sign something with a GPG/PGP/S-MIME/X509/... key stored on my harddrive, I know that there are 100 ways to steal this key (and 100 ways to snoop my passphrase...) so I would say this is *very* insecure and anyone (with enough time and money) surely would be able to sign anything he wants using these methods.

    But even if we assume, that I own a chipcard with embedded unbreakable public key encryption which hides my key from everyone (including myself, so I (or someone stealing my card) cannot store this key on some external media)... How can I be sure, that I'm really signing this contract in exactly the same form I am looking at on the screen right now?

    The Chaos Computer Club has demonstrated[1] how you can use someone's chipcard-reader over the net. Banks using chipcards for electronic banking are too miserly to use terminals which include some form of display (which might say: You are now signing a transfer of $1234...) for feedback right from the card.

    But I'm sure, when signing a contract of well... let's 20 pages of text, only some form of checksum will actually be transfered to the smartcard...

    Will the display then read: "You are signing a document whose md5-sum is 68b329da9893e34099c7d8ad5cb9c940?"...

    On the other hand, anyone can read my credit-card-number if he happens to find a copy of a receipt in some store's trash, so electronic signatures surely will improve the security of these transactions...

    [1]http://www.heise.de/newsticker/result.xhtml?u rl=/newsticker/data/nl-03.05.00-001/defaul t.shtml&words=Chipkarte
  • Yes it's feasiable because it's something the government needs desperately in order to automate its mountains of paperwork that it requires in order to maintain accountability to the public.

    The problem of forging or stealing digital signatures is of primary importance and concern (atleast it was back when I was working for a state court system). I don't think encrypted digital signatures are the way to go at all. I see government, in particular, using some sort of biometrics system to verify signatures (captured via pressure sensitive electronic pen and pad), voice, face, fingerprints, or iris and retinal scan.

    Here's some more general information for whomever is interested:

    www.finger-scan.com [finger-scan.com]
    www.facial-scan.com [facial-scan.com]
    www.retina-scan.com [retina-scan.com]
    www.hand-scan.com [hand-scan.com]
    www.voice-scan.com [voice-scan.com]
    www.signature-scan.com [signature-scan.com]

    - tokengeekgrrl
    "The spirit of resistance to government is so valuable on certain occasions

  • Strictly speaking, many types of contracts don't need *any* signature to be legally binding. Unless one is required by the Statue of Frauds all a court needs is proof that both/all parties agreed on mutually beneficial acts and that at least one part did an overt act in compliance with that understanding.

    In other words - a verbal contract. :-)

    *So*, in many cases if two parties exchanged digital signatures in the expectation that they were binding then they were, in fact, binding. If the contract was covered by the Statue of Frauds and they exchanged traditional documents stating that digital signatures would be considered binding for the purposes of the SoF, then these signatures would be binding. If they tried to use only digital signatures for something covered by the SoF, they were never binding.

    Even in the case where one party exchanged digital signatures with the expectation that they would not be binding, if the other party/ies thought they were doing a good-faith negotiation then these signatures would probably be declared binding for the purposes of a criminal complaint for fraud.

    The only thing this bill really does is 1) state that digital signatures are acceptable under the SoF, so you can buy real estate and the like with them, and 2) deny shady characters the chance to try claiming that the digital signature "wasn't really valid" in hopes that the other party will give up and walk away from a legitimate claim.
  • So let's say that someone intercepts a digital signature on a Non-Disclosure Agreement or somesuch and then types up an agreement saying that they've already given you $X in cash and in exchange you agree to give up your house and then tacks that intercepted sig onto the bottom.

    Unless I'm reading you very wrong, it would seem that you are unclear as to how a digital signature system would work. It's not a matter of just attaching some generic signature to the bottom of a file. The signature that is attached is a result of using your private key, which is never transmitted (and hence not intercepted) to encrypt a hash of the document being signed. If you removed the signature and attached it to a different document, if you even correct a spelling error in the document, the hash of the message is thoroughly altered, and thus the signature is no longer valid, since decrypting it does not produce the correct hash. Such a signature can thus not be "cut & pasted" onto any document, each signature has to be produced by a person with the private key and the document being signed.


    PS - This is not to say that there aren't problems with such a proposal - the cheif one, to my mind, being that everything rests in the security of the private key. But the argument you provide seems to, unless I am misreading you, be moot, since that is not how digital signatures operate.
  • I have many concerns, too.
    1. While handwriting analysis is more of an art than a science, it is rarely used in court when there is ny alternative. People comprehend the weakenesses, and it's easy to find counterexpert.
    2. They'll parade the "billion keys a second 'til the end of time" number, as they do (incorrectly) with DNA evidence. It will appear to be the strongest evidence imaginable -- even stronger than an eyewitness ID (which has been shown to be surprisingly weak)
    3. The crypto is a strong link in a weak chain, but it is the part that will be scrutinized in court and in the approval process. E-sigs are no better protected than the sum of the security flaws in the computer, account, human memory used to store passphrases and keys, etc. Expect the pasphrases to be protected as well as other important private data is - if so, a burglar or guest may find the Post-it under your mousepad and steal your identity
    4. I would prefer a *physical* e-card for signing over software solutions. Users (and jurors) would understand the use and protection of a physical objects, and its theft would be easily detectable. It can also present options in easily understood buttons.
    5. However, I expect legislators and citizens to strongly reject smart cards, leading to weaker security and privacy overall
    6. There has been a lot of work in cryptography to establish systems that are identifiable (this e-sig belongs to this identity and to this document), authenticatable (this e-sig must have been generated by this person), non-repudiable (cannot be denied), and anonymous (it is not necessary to know who I am for me to buy a newspaper -- I should be able to create completely anonymous accounts, and pay out of them), and user-controllable (the amount of info from the list above that is released in the transaction should be user controllable) I don't think legislators will incorporate all these features.
    7. I expect citizens or legislators to reject the card. However, and e-sig system that does not have these options will result in far less security and privacy for the citizens in the end.
    8. The fact that all this (and other, far more technical concerns) are not immediately obvious suggest that Citizens will not use/protect their signatures properly. People alredy 'sign without reading' all too often. This will make things much worse.
  • So what? I can now give assent to a contract over the net. But how we can keep others from 'forging' our signature on these new binding declarations is another issue entirely, and is the one we should be asking ourselves.

    How can we keep ourselves safe in a time where all but the beefiest encryption schemes are crackable on commodity machines and any determined script kiddy can clone a magstripe?
  • by c_a_moffitt ( 183159 ) on Friday June 09, 2000 @09:37AM (#1013526)
    Is anybody else afraid that these digital signatures could be applied to future software EULAs giving them actual real power?

    Please digitally sign here in order to install the software that you have already opened and can no longer return. Oh, this means you have already read the 50 pages of draconian fine print with your lawyer present.


  • "I say to let the market handle these things."

    If only we could. But note the word "legally" in "legally binding". If you and I have a contract signed with non-legally binding signatures, and one of us backs out the other one has no recourse.
    Wanna hook MAPI clients to your Tru64/AIX/Linux server?
  • Pardon my ignorance, but how can digital signatures be that secure? I may store my private key in my account, but if some hacker gains root on my system, he would have my private keys. Can I then deny that I ordered that plastic dildo from sextoys.com?

    Of course, this is not to say that traditional signatures aren't that secure. That's even more easy to fake, if you think about it.

    So what gives? Are we saying that both signatures are equally valid? One is more valid than the other? Whatever the case, we should recognize that the authenticity of the two are different, and treat with differing degrees of authenticity. Exactly how, I don't know. I would like to hear from the experts though, on how we should handle our digital signatures.

    Is the current infrastructure (i.e. none) on the net adequate? Do we need escrow services?

  • I am an InfoSec professional IRL, but this is not professional advice.


    Ref: point 2, "Remember when 128 bit keys was way too big to be factored? I do, and I'm all of 28 years old."

    128 bit keys were never considered too large to be factored. Various people were positing RSA-129 as being secure back in the '70s, but that was 129 *decimal digits*, not *binary digits*. (I may be off on the exact 129 figure--it was about that, though.)

    To brute-force a 128-bit number requires you check every prime through 2^64. This is not very difficult. Using an intelligent factorization algorithm will make factoring a 128-bit number trivial.

    To give a rough comparison, 2^20 is approximately equal to 10^6. 2^20 raised to the sixth power is 2^120, add on another factor of 2^8 (which is approximately 10^2)... you're looking at 10^6 raised to the sixth (10^36) with another factor of 10^2, for a grand total of 10^38.

    Factoring a 38-digit number is not very hard. Factoring a few *hundred* digit number is nontrivial. :)
  • Accually it's really not. Social Security numbers are only for US Citizens. If you give up your US citizenship you no longer have to pay taxes, be drafted, etc, etc, etc, nor do you have a social security number. Now this sounds BAD, but we are in all citizens of our repective states. To get a visa, drivers license, etc you need to be a state citizen, in fact 000-00-0000 is a legal SSN, as held by the Supreme Court that you can put on any job application. Being a US citizen is a contractual agreement, just as taxes are a contractual agreement, hence names like 'Tax Code' (which I recommend reading some time.) Because it is a contract you don't have to agree to the terms and withdraw from it; this is NOT so with state taxes. The social security fund that you use as evidence of needing a SSN, is again allowed under the contract, so if you are not a member of the contract you do not have to pay into it. It's very simple really.

    For further thought, think back to high school government. The Federal government can not make any laws they are not expressly allowed to by the constitution. This is why Federal taxes are not laws, and it is handled through a contract. It's some interesting reading. Take a look at the contracts and Supreme Court rulings around the turn of the century if you don't believe me, or anyone else who is interested can email me at ephraiml@crosswinds.net, I would be estatic to have further discussions.

  • by jcostom ( 14735 ) on Friday June 09, 2000 @11:22AM (#1013542) Homepage
    Bear in mind, I'm a former VeriSign employee. I didn't work in the PKI side of the house. I was the technical manager for the NE region in the security services division (formerly SecureIT).

    When you listen to PKI companies give their shtick about how wonderful PKI is and how it will save the universe, apply some simple common sense.

    1. Who holds your private key (besides you)? - If you use the VeriSign solution for digital certs (the one where they manage the CA for you), in addition to your users having their keys, so does VeriSign. If you roll your own, your users have their private keys, and probably also the administrator who gen'd it for them (for when the user accidently deletes their keys). How will users store their private keys? On their hard drives? Poor security, easily obtained by a ruthless 3rd party. Floppy? Unreliable medium, more susceptible to theft. Smart Card? Susceptible to theft.

    2. Remember when 128 bit keys was way too big to be factored? I do, and I'm all of 28 years old. Even with using 1024 bit keys, it's only a matter of a couple of years before many keys are useless. For the uninitiated, I've got your public key, and can find the prime factorization for a number that is your public key and your private key (for all intents and purposes, it's a bit more involved, but not THAT much more). If I compromise your private key in this way, you have no knowledge that I've done so (unless I'm a big moron about doing it), and I can freely digitally sign documents as if I were you. The signatures will even validate properly. Fun, huh? Maybe I'll buy some stuff over the net with your keys, and have it drop-shipped to a Mailboxes, etc. or some other such place.

    3. Complexity of the system - I don't know about everyone else, but my mother barely grasps the concepts behind sending email and pulling up a web page. How's she ever going to understand the how and why it's not only safe, but legally binding to use PKI technologies to enter into agreements?

  • IIRC a problem with earlier proposed legislation was that a digital signature would be legally binding, even if forged.

    In other words, if a cracker manages to use your signature, it is binding on you even if you can prove that it was a forgery! This is not the case for written signatures AFAIK.

    Does the new version have the same problem?
  • That's why they should make you sign in blood. DNA Testing would pretty much prove your identity should an argument ever arise.

    I wonder how hard it would be to run a DNA test on a strand of hair or something less intrusive and unsanatary. If you could store and use DNA for identity verification, you'd have a good 10 to 15 years of solid authentication after which time the cloning scene will probably render that test useless, too.

  • by Miou ( 115025 ) on Friday June 09, 2000 @09:40AM (#1013549)
    What I don't even see mentioned in the article is the verification process used to insure that the keyholder really is the person they claim to be.

    Anyone can create a key claiming to be someone else - the only way you know that the key really does represent the person it claims to be representing is if: a) the person gave you their public key in person, or b) there is an authority that "signs" the key, confirming that it is in fact from that person.

    Now, this is really no differant than the way things are today - anyone can sign a check as "Bill Gates," this is why Notaries exist. Are we going to extend the Notary system to have them sign public keys as well?

  • let's not be too negative yet. I still think could be a really interesting step, as long as appropriate measures are made to confirm the digital signature for important transactions. Just like a bank won't give you a big loan without you coming in in person so they can verify that you're real. It would be nice if we could get a setup like current credit cards - not 100% secure but if your signature gets compromised you have pretty easy recourse to have the damage undone.

    Is that feasible? Technically? Legally?

    Want to work at Transmeta? MicronPC? Hedgefund.net? AT&T?

Houston, Tranquillity Base here. The Eagle has landed. -- Neil Armstrong