Article

Trustworthiness of signed data

Authors:
To read the full-text of this research, you can request a copy directly from the author.

Abstract

Use of digital signatures is not as straightforward as one would like to see it. We have to be aware of the fact that computers sign all elec-tronic documents on behalf of humans and only few computers can be considered as fully trustworthy. Visual representation of file for-mats can be dramatically changed by settings of a viewer or a text processor. Users cannot be absolutely sure that they sign only the data visible on their computer screen. Proprietary signature solutions are not fully compatible as there are no standards. This paper reviews the problem of the document content inter-pretation. Introductory section reviews problems related to the use of digital signatures in practice. The second section briefly summa-rizes necessary cryptographic assumptions and gives an overview of signature functional properties. The third section discusses questions and possible ways of an interpretation of documents content. The fourth section suggests design principles for trustworthy electronic document structure.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the author.

... Zero distance assured Digital Transformations: Syntax, Alphabet, Encoding … State of affairs as grasped by the signer Signer's Intentionality lies here Relying Party's Intentionality lies here State of affairs as grasped by the RP Semantic Distance Triggering Observation Analog Signal Digital Signature applied here Syntactic component Syntactic component Parsers & Protocols Binary Component Digital Signature verified here Syntactic Distance Triggering Observation Analog Signal Parsers & Protocol . EXHIBITING THE PROBLEM ON THE COMPUTATIONAL TRANSFORMATIONS LEVEL Before we try to analyse how the structural reliability of a syntactic component can be traced and evaluated, we give some examples that exhibit the basic problems of computational transformations on the syntactic level [11] [12] [13]. A. False positives: Documents with external references Every digital component (even in its simplest form) has several external references such as encoding protocols, character mappings, formatting rules, dynamic content or image compression and transformation algorithms. ...
Full-text available
Article
The action of digitally signing has several intrinsic weaknesses that introduce syntactic and semantic distance between a signer and a relying party. As a result, digitally signed documents cannot be trusted and thus be widely deployed in pervasive environments. We evaluate the syntactic robustness of digitally signed documents by exploiting one key quantitative measure (the structural informativeness) and by comparing several qualitative characteristics of various alternative syntaxes. We are then able to identify which is the more reliable and simpler to transform syntax that will enhance the pervasiveness of signed documents, while it can be used in resource-constraint mobile devices. At the same time, digitally signed documents must preserve their security characteristics and their formatting and layout capabilities in order to achieve an enhanced level of trust on the semantic part of communication and thus be ubiquitously integrated with human users.
Full-text available
Article
Digital signatures provide a valuable tool for secure internet trading by ensuring data authenticity and integrity and most importantly by enforcing commitment and non-repudiation for the transacting parties. The action of digitally signing has, however, several intrinsic weaknesses that introduce syntactic and semantic distance between a signer and a relying party. As a result, digitally signed messages cannot be fully trusted and hence nor can they be widely deployed in e-commerce applications. The syntactic robustness of digitally signed documents is evaluated by exploiting one key quantitative measure -structural informativeness- and by comparing several qualitative characteristics of various alternative syntaxes. In this way, one is able to make decisions regarding the reliability of the syntax that will enhance the appropriateness of signed documents in specific internet-based e-commerce applications. At the same time, digitally signed documents must preserve their security characteristics and their formatting and layout capabilities in order to achieve an enhanced level of trust on the semantic part of communication and thus be trusted by e-commerce human users.
Book
Cryptography, in particular public-key cryptography, has emerged in the last 20 years as an important discipline that is not only the subject of an enormous amount of research, but provides the foundation for information security in many applications. Standards are emerging to meet the demands for cryptographic protection in most areas of data communications. Public-key cryptographic techniques are now in widespread use, especially in the financial services industry, in the public sector, and by individuals for their personal privacy, such as in electronic mail. This Handbook will serve as a valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography. It is a necessary and timely guide for professionals who practice the art of cryptography. The Handbook of Applied Cryptography provides a treatment that is multifunctional: It serves as an introduction to the more practical aspects of both conventional and public-key cryptography It is a valuable source of the latest techniques and algorithms for the serious practitioner It provides an integrated treatment of the field, while still presenting each major topic as a self-contained unit It provides a mathematical treatment to accompany practical discussions It contains enough abstraction to be a valuable reference for theoreticians while containing enough detail to actually allow implementation of the algorithms discussed Now in its third printing, this is the definitive cryptography reference that the novice as well as experienced developers, designers, researchers, engineers, computer scientists, and mathematicians alike will use.
Article
Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper suggests ways to solve these currently open problems. It also discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures
Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. European Parlament, 1999.