Search:  
 Location: Home / Email Privacy / Digital Signatures Site Map 
· Email Privacy
   · PGP
   · SSL
   · Digital Signatures
   · Remailers
   · Trojans
   · Viruses
   · Mail Anatomy
· Privacy Tips
· FAQ
· Test Your Email
· Remailers List
· Useful Software
· Useful Links
· Stay Invisible
· Public Web Proxies
Link Exchange

Digital Signatures

What is a Digital Signature?

A digital signature is a term used for marking or signing an electronic document by a process meant to be analogous to paper signatures, but which makes use of a technology known as public-key cryptography. In other words, it's a digital code that can be attached to an electronically transmitted message that uniquely identifies the sender and insures that the document has not been altered in any way since the sender has signed it.

Why Should I Use Digital Signature?

The processes of creating a digital signature and verifying it accomplish the essential effects desired of a signature for many purposes:

  • Signer authentication.
    If a public and private key pair is associated with an identified signer, the digital signature attributes the message to the signer. The digital signature cannot be forged unless the signer loses control of the private key (the "compromise" of the private key), e.g., by means of divulging it or losing the media or device in which it is contained.
  • Message authentication.
    The digital signature also identifies the signed message, generally with a much greater certainty and precision than paper signatures. Verification reveals any tampering, since the comparison of the hash results (one made at signing and the other made at verifying) shows whether the message is the same as when signed.
  • Affirmative act.
    Creating a digital signature requires the signer to use the signer's private key. This act can perform the "ceremonial" function of alerting the signer to the fact that the signer is consummating a transaction with legal consequences.
  • Efficiency.
    The processes of creating and verifying a digital signature provide a high level of assurance that the digital signature is genuinely the signer's. As for modern electronic data interchange ("EDI"), the creation and verification processes are capable of being completely automatic (sometimes referred to as "machinable"), and the human interaction is required in an exception case only. Compared to paper methods such as checking specimen signature cards - methods so tedious and labor-intensive that they are actually rarely used in practice - digital signatures yield a high degree of assurance without adding greatly to the resources required for processing.

What The Technology Of Digital Signature Uses

Digital signatures rely on certain types of encryption to ensure authentication. Encryption is the process of taking the message that one computer is sending to another and encoding it into a form that only the other computer will be able to decode. Authentication is the process of verifying that information is coming from a trusted source. These two processes work hand in hand for digital signatures.

Public Key Cryptography in Digital Signatures

Digital signatures are created and verified by cryptography, the branch of applied mathematics that concerns itself with transforming messages into seemingly unintelligible forms and back again. Digital signatures use what is known as "public key cryptography" which employs an algorithm using two different but mathematically related "keys": one for creating a digital signature or transforming data into a seemingly unintelligible form, the other key for verifying a digital signature or returning a message to its original form. Computer equipment and the software which use two those keys are often referred to as an "asymmetric cryptosystem".
The complementary key of an asymmetric cryptosystem for digital signatures is arbitrarily termed the private key, which is known only to the signer and is used to create the digital signature, and the public key, which is generally more widely known and is used by a relying party to verify the digital signature. If many people need to verify the signer's digital signatures, the public key must be available or distributed to all of them, probably by the means of publicating it in an on-line repository or directory where it is easily accessible. Although the keys of the pair are mathematically related, it is almost unable to derive the private key from the public key. Thus, although many people may know the public key of a given signer and use it to verify that signer's signatures, they cannot discover that signer's private key and use it to forge digital signatures.

Hash Function in Digital Signatures

Another fundamental process, named a "hash function", is used in both creating and verifying a digital signature. A hash function is an algorithm which creates a digital representation or a "fingerprint" in the form of a "hash value" or a "hash result" of a standard length which is usually much smaller than the message's length but nevertheless substantially unique to it. Any changes to the message lead to producing an invariably different hash result when the same hash function is used. In the case of a secure hash function, sometimes termed a "one-way hash function", it is computationally infeasible to derive the original message from its hash value. Hash functions therefore enable the software for creating digital signatures to operate on smaller and predictable amounts of data, while still providing robust evidentiary correlation to the original message content, thereby efficiently providing assurance that there has been no modification of the message since it has been digitally signed.

How Digital Signature Works

A digital signature is generated by your email software and your private key, working together. Your message's signature generates according to standards either SMIME or PGP, so the receiver must also have that standard supported. The SMIME standard is supported by Netscape Messenger (a part of the Netscape browser), and Outlook Express, which comes with Microsoft's Internet Explorer. Eudora supports PGP but not SMIME, yet. R5 of Lotus Notes also supports SMIME.

The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature:
Digital Signature Creation - uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key. Generally speaking, a digital signature can be thought of as a numerical value represented as a sequence of characters and computed using a mathematical formula. The formula depends on two inputs: the sequence of characters representing the electronic data to be signed, and a secret number referred to as a signature's private key, associated with the signing party and which only that party has access to. The resulting computed value, representing the digital signature, is then attached to the electronic data just as a paper signature becomes a part of a paper document.
Digital Signature Verification- is the process of checking the digital signature by the reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key. Verifying also relies on a formula. Here, the formula depends on three inputs: the sequence of characters representing the supposedly originally signed electronic data, the public key of the signing party, and the value representing the supposedly authentic digital signature. The output of the formula is a simple answer: yes or no. 'Yes' signifies that the digital signature is indeed an authentic digital signature on the presented electronic data, and it is associated with the party linked to the public key being used.

digital_sign_001

This insures two critical results:

  1. The digital signature can be uniquely associated with the exact document signed because the first input is the precise sequence of characters representing that data.
  2. The signature can be uniquely associated with the signing individual because the second input is the private key that only that individual controls.

Digital Certificates

Digital signatures can assure that a document was signed by a person with a certain public key, but ultimately it may be important to know who that person is. Anyone can create a public key with common software and say that their name is X, their address is Y, and so on. How do you know if they're telling the truth?
There are two approaches for answering this question. Both involve certificates, which are digitally signed statements, that attest to the identity of a keyholder. The difference is that of who issues the certificates.

Certificate Authorities

One approach, which is most favored by governments and other hierarchical entities, uses formal certificate authorities (or CAs). To associate a key pair with a prospective signer, a certification authority issues a certificate, an electronic record, which lists a public key as the "subject" of the certificate, and confirms that the prospective signer identified in the certificate holds the corresponding private key. The prospective signer is called the "subscriber". A certificate's principal function is to bind a key pair with a particular subscriber. A "recipient" of the certificate desiring to rely upon a digital signature created by the subscriber named in the certificate (whereupon the recipient becomes a "relying party") can use the public key listed in the certificate to verify that the digital signature was created with the corresponding private key. If such verification is successful, this chain of reasoning provides an assurance that the subscriber named in the certificate holds the corresponding private key, and that this particular subscriber has created the digital signature.

The Web of Trust

The other approach, used by PGP, allows anyone to vouch for anyone else's identity. It is up to you to decide whom to trust. The user must decide whom to believe when a statement is made that a key belongs to a certain person. If someone you trust introduces someone else by vouching for the authenticity of his key, then you are more inclined to believe it than if you were introduced by a stranger. In the PGP approach, one person can sign another person's key, as a statement that the key belongs to the ostensive owner. The overall structure is called the web of trust.

Technically, there is no inherent advantage to one approach over another. You choice of the approach should be based on practical - and philosophical - considerations. Certainly, it is possible to use both systems together.

What Are The Weaknesses of Digital Keys?

No security system is perfect. Here is a list of the major weaknesses of this one:

  • Someone could steal your private key from your computer. Protecting your private key with a password is highly recommended, so that a stolen private key is worthless (and don't store the password on the same computer!).
  • The issuer of the certificate could give to someone else enough information about your certificate for the third party for the easy creation a copy of your private key. The issuer may be forced to do this by a government, alternatively, the issuer's security could be breached. You can avoid this by using a different approach, PGP (Pretty Good Privacy), where you make the certificate yourself. PGP also has got a stronger encryption. However, using an issuing authority (the SMIME approach) is handy if you lose your certificate. PGP is less trustworthy because no trusted third party (the issuer) guarantees that the certificate belongs to whom it says it does.
  • Digital signatures carry a lot more authority than a simple return address, because the forgery is so much more difficult. If you lose your certificate and password, you have a problem because mail with a digital signature is more authoritative. The best thing to do in that case would be to completely stop using the email address associated with the stolen certificate, and start again.
  • Some email clients are not compatible with the standard, such as older browsers and many of the web-mail sites. To the users of those the signature appears as an attachment full of weird text, and they get no validation of the signature. MIME is the standard for sending attachments, and SMIME means Secure MIME. It would be hard to send signed mail from a web-mail site.
  • The certificate could be forged or cracked. This is virtually impossible with today's computers if you are using US-level security. No one has reported breaking this security (although the only organisations with the a slightly realistic chance of breaking it would most certainly not report any success). Even "International" (i.e. exportable from the US) strength software is highly difficult to crack, although it doesn't have too long shelf life with the increasing power of affordable computers. Also, the factoring of large prime numbers, the heart of the system, is believed to be fiendishly difficult, but this has never been formally proven, despite of nearly fifty years of trying to do so (an algorithm for solving the problem has also eluded researchers, despite of even more intensive efforts).

Making The Sign

SMIME

First, you need a digital ID card called a digital certificate. Digital certificates, obtained by authorized third parties such as Verisign and Thawte, are essential for creating digital signatures.

dig_sign_011
Signing button in the MS Outlook

The following is a list of certifying authorities from which you can get a digital ID and read how-to for your software:

Thawte Certification
Thawte Certification offers free personal certificates for signing and encrypting email, these certificates are recognized and trusted by the majority of email clients that are in use on the Internet at present. Thawte is a global CA that has already certified 30% of the world's Internet e-commerce servers.

VeriSign
Verisign is a leading provider of digital authentication products and services. Through a special offer from VeriSign, email users can obtain a free trial digital ID that you can use to positively identify yourself to, or receive encrypted messages from, business associates, friends, and online services when you use secure email.

GlobalSign
GlobalSign is a Certification Authority (CA) that, with its private key issues, signs and manages digital certificates. The policy and the procedures GlobalSign uses for this are incorporated in the Certification Practices of GlobalSign (CPS).

BT
BT offers secure server certificates for companies with web sites and intranets, and personal digital certificates for the MS Outlook Express and Outlook. These certificates are issued under the VeriSign Global Trust Network, allowing global interoperability across intranet, extranet and Internet applications.

Pretty Good Privacy

PGP is the best alternative to certificates (known as the SMIME system). PGP is famous software, widely used for signing and encrypting email. It works very well with Outlook, Eudora, and Netscape. PGP offers even more powerful security than the US-standard SMIME certificate security.

Signing a Message Using PGP

Note:
I assume that you already have PGP. If not, read this topic - Getting PGP, Installing it and Basic key management

Signing a Message

PGP signing can be easily used with all types of mailers (even with web-based mailers).

dig_sign_0011

To sign an outgoing mail message, first compose it as usual, then click on the PGPtray icon and then on Current Window-Sign.

dig_sign_002

Here you can choose one of the keys available (the keys that you have created earlier), then you must type your password for this key. Pressing the "Next" button will begin the actual signing process.

dig_sign_003

PGP processes the message as desired, and replaces the cleartext message in the composition window with the encrypted message. You can then send the processed message in the usual way.

Verifying a Message

When you receive a message signed with PGP, it is very easy to verify it.

dig_sign_0041

Click on the "Decode and verify" PGP tool on the tool bar to decode the message and verify any attached signature.

dig_sign_005

PGP will copy the encrypted message to the Windows clipboard, decode it, and display it in the secure message viewer. But if the message was altered after the signing then the secure viewer displays the following.

dig_sign_007

Note:
If the mailer does not support window operations, then PGP can still be used by manually moving data to and from the clipboard. After composing the message, select the entire message, copy the text to the clipboard and use PGPtray Clipboard - Sign option. For decrypting a message do the same but "Clipboard-Decrypt and Verify" option instead of the "Clipboard-Sign".

Signing and Verifying a Message Using PGP plug-ins.

Signing and Verifying with PGP plugins is even easer. For sending a signed message, compose the message normally and click on the "Sign Message Before Sending" button at the top right corner of the new message window.

dig_sign_009

Or, click on the "Decrypt and Verify" button at the top right corner of the message viewer window if you want to verify the message.

dig_sign_010

The Other Ways to Insure Identity and Integrity

Although the digital signatures based on public key encryption are the most common, there are several other ways to authenticate a person or information on a computer.

  • Password.
    The use of a user name and password provide the most common form of authentication. You enter your name and password when prompted by the computer. It checks the pair in a secure file for confirmation. If either the name or the password does not match then you are not allowed further access.
  • Checksum.
    Probably one of the oldest methods of ensuring that the data is correct, checksums also provide a form of authentication since an invalid checksum suggests that the data has been compromised in some fashion.
  • CRC (Cyclic Redundancy Check).
    CRCs are similar in concept to checksums but they use polynomial division to determine the value of the CRC, which is usually 16 or 32 bits in length. The good thing about CRC is that it is very accurate. If a single bit is incorrect, the CRC value will not match up. Both checksum and CRC are good in preventing random errors in transmission, but provide little protection from an intentional attack on your data. The encryption techniques are much more secure.
  • Private key encryption.
    The use of a private key means that each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to the other computer. Using private keys requires that you know which computers will talk to each other and install the key on each of them. Private key encryption is essentially the same as a secret code that each of the two computers must know in order to decode the information. The code would provide the key to decoding the message.

Related Information

  • Crypto FAQ

    		•
    © 2003-2005 Glastonberry Inc. | Policy Powered by WebGUI | Staff Login