Cryptography Reference
In-Depth Information
other hand, digital signatures depend on a signature key and the underlying
data. The issue of 'uniqueness' is thus only relevant if we consider digitally
signing a fixed message. In this case the uniqueness of the digital signature
to an individual depends on how unique a signature key is to an individual.
Signature keys should be unique if they are generated properly. For example,
recommended parameters for RSA should provide at least the equivalent
security of a 128-bit symmetric key, which means that there should be at least
10
40
possibilities for a signature key. Since this number dwarfs the number
of people in the world, it is
extremely unlikely
that any two individuals will
generate the same signature key.
Capability for precise verification
. Handwritten signatures need an expert to
verify precisely (from prior samples) and are normally rather imprecisely
verified. On the other hand, digital signatures can be precisely verified by
application of the correct verification key.
Ease of forgery
. Handwritten signatures are easy to forge superficially, at least in
a way that would fool most of the people for most of the time, but hard to forge
in the presence of an expert. Digital signatures are very hard to forge if a sound
security infrastructure is in place. However, if the infrastructure fails then they
may be very easy to forge (for example, if an attacker obtains someone else's
signature key). This feature of digital signature schemes has the potential to be
quite concerning.
Security services
. It is questionable whether a handwritten signature
formally
provides any of our cryptographic security services. A handwritten signature
is normally a statement that the underlying data was seen and approved at
some moment in time by the signer. It can be simple to change the data after
a handwritten signature has been applied. The lack of message dependency
also potentially makes it easy to transfer a handwritten signature from one
document to another (see
ease of forgery
). Digital signatures do not have these
problems since their underlying message dependency provides data origin
authentication and non-repudiation, assuming that a supporting public-key
management system is in place.
Levels of security
. The security of a digital signature scheme can potentially be
set to different levels through the use of different lengths of signature key and
applying different levels of process checking within the underlying public-
key management system (see Chapter 11). Handwritten signatures do not
have such flexibility, although they too can be subjected to different levels of
checking (for example, witnessed or notarised signatures).
The human-computer gap
. Ahandwritten signature carries with it an implication
that the signer has seen the entire document that was signed, even if they
only sign a cover or the last page. However, a digital signature carries no
such implication. It is quite possible for a human to digitally sign data that
they have never seen, since the signing function is normally carried out by
a computer. The human thus needs to 'trust' that all the components of
