Republished with permission from WatchGuard Technologies, Inc. Originally published March 9, 2001.
 
WatchGuard

Can We Trust Digital Signatures?

by Frederick M. Avolio, Avolio Consulting, Inc.

If you get e-mail from George W. Bush asking you to quit your job to join his Cabinet, you’d best think twice about marching in to your boss’s office to tell her off before you grab your stuff and walk out the door. E-mail messages are easily forged. Electronic data are easily modified. Yet, we are told, digital signatures provide a way to verify both. 

The US Electronic Signatures in Global and National Commerce Act went into effect on October 1, 2000. This so-called “e-signature” law allows for electronic signatures to be as legally binding as hand-written signatures. Will this usher in a new era of Internet e-business? Do digital signatures empower customers and businesses to do commerce online that was previously limited to paper with handwritten signatures? 

Not entirely. And I’ll tell you why I think that.First, though, for those of you who are new to this discussion, let’s define what digital signatures are. Those of you familiar with the concepts can skip down to the next subhead.

Anatomy of a Signature 

One way to quickly define the elements of a digital signature is by comparing them to a real-world process you're more familiar with. So here's an example.

When you sign the papers to buy a house, in front of a witness (typically a notary public) who is deemed trustworthy by all parties to the agreement, you take pen in hand and sign whatever papers are required. The intent is that the identity of the signer (you), and the authenticity of the documents (a loan or title to a particular piece of property), are verified by the third party (the notary) in a way that satisfies all involved parties. So, the notary may ask to see your Drivers License or passport to establish your identity. A lawyer or title company verifies that the property exists and is accurately described. The bank or its agent pays attention to the ratio of the property’s value to the amount of money loaned. All parties to the agreement trust that the system will work as designed and if it doesn’t, the title insurance policy will cover the costs to make it right.

Now, let's compare that process to an e-signature transaction. First, the proper term is “digital signature.” Second, a digital signature typically depends upon three elements: public key encryption, a Certificate Authority, and a digital certificate.

    In a digital transaction, the digital signature is data that represent your authority or approval the way your handwritten signature does (which, by the way, we call “wet signatures” when also talking about the digital kind). This string of digits is derived by running your entire document through a cryptographic algorithm and noting the result. Then any modification of that data---any at all---can be detected by running the document through the same algorithm. 

    The role of the notary is fulfilled by a Certificate Authority, who assures that all parties are who they claim to be and that all documents are genuine. The Certificate Authority (CA) vouches for your digital certificate, which is like ID the CA issued you. 

    Your digital certificate is implemented by public key cryptography. A digital certificate is simply special data that ties an individual (or a computer, router, or organization) to a public key. It’s outside the scope of this column to fully explain public key crypto, but in a nutshell, public keys are large, unique, integer numbers used in data encryption for confidentiality. They also provide someone reading data -- a file, e-mail, web page, etc.-- a way to know who created or sent the data such that the originator cannot deny it. 

If this column you are reading was digitally signed, you’d be able to tell that no one changed even one jot or tittle of it since I wrote it. Even if all someone did was change the punctuation on this sentence from a period to an exclamation point, or added an extra space between two of the words, you could tell. An added benefit to you is I cannot reasonably deny that I was the one who “sealed” it. So, it gives us two sides of the same coin: authentication (it came from me) with non-repudiation (I cannot deny it).

Thus, with digital signatures, we can order books, make airline reservations, and purchase software over the Internet without having to appear in person at Amazon.com, United Airlines, or CompUSA. 

The Reality

Whitfield Diffie and Martin Hellman are credited with inventing public key cryptography in 1976. The technology to digitally sign documents, e-mail, etc. has existed for years, as have mechanisms to issue digital certificates to individuals. The issuer -- a certificate authority (CA) -- digitally signs these certificates, to “seal” them.

But here's the problem: who certifies the CA? In theory, the digital certificate the CA issues ties an individual to a public key. But according to whom? There are no special requirements to fulfill before appointing yourself a CA. In March 2001, a background check triggered by the death of Lucent's director of recruiting startled Lucent officials when it uncovered the fact that the director had been a convicted felon who served prison time for one count of forgery and four counts of grand theft. He had lied about having a Ph.D. from Stanford, and evaded federal taxes for 11 years. But Lucent had trusted him to handle multi-million dollar contracts. If deception of this scale happens in real life, how can you trust a CA you've never seen? And how do we know that the “Fred Avolio” or “George W. Bush” on the digital certificate is the same Fred Avolio or George Bush you have in mind? We don't. As Bruce Schneier writes, "It is an article of faith that PGP doesn't ship a copy of my private key to someone else, who can then sign whatever he wants in my name."

Many companies, including Verisign, Entrust, IDCertify, and others, try to vouch for the authenticity of digital transactions. But there is no globally recognized authority structure.

What can we do? Is there no hope of achieving the authentication, and non-repudiation digital signatures promise? Well, there are many uses for digital certificates as implemented today. (In fact, you are using them already. The evidence is in your web browser. Go ahead and edit or remove the certificates that are preloaded in IE and Netscape Communicator. Then make an on-line purchase and see what happens.) Corporations can set up internal CAs, issue digital certificates, and start using them internally and with business partners, because your own employees and vendors can choose to recognize the people and the authority of your own company.

But for other purposes, such as paperless contracts or moving to Washington, DC on the basis of an e-mail invitation from the forty-third President ... I’d make a phone call or get it in writing. Digital signature technology has not fully matured. ##

More Information:

Bruce Schneier, “Why Digital Signatures Are Not Signatures,” Crypto-gram.

Lance Spitzner on the basics of digital signatures

Jalal Feghhi, Peter Williams, Jalil Feghhi, Digital Certificates: Applied Internet Security, Addison-Wesley Publishing Company, ISBN: 0201309807, 1998.