Cryptography Reference
In-Depth Information
the process of legal codification: should it be considered an inherent char-
acteristic of cryptographic systems or something to be adjudicated within
the legal domain proper? Furthermore, non-repudiation would eventually
serve as a powerful rhetorical resource in apportioning burdens of proof,
an issue with important consequences in establishing the power relation-
ship between litigating parties—consumers, businesses, service providers.
Finally, in the threat model inherited from the analysis of cryptosys-
tems, both users and adversaries are endowed with the resources and
motivations of national security agencies. The model does not provide for
finer gradients of risks that would account for a cost-risk analysis of con-
tractual relationships and the appropriateness of distinct security solutions
for different risk factors. Such a one-size-fits-all approach eventually proved
a liability. In spite of repeated predictions to the contrary, the market for
public-key infrastructures never took off, as businesses could not account
for the costs and organizational complexity of applying military-grade
technology to civilian-grade risks.
This then was the ground covered by the cryptographic signature model
in the mid-1990s, as it prepared to make its debut on the legal scene. The
next two chapters account for the reception of the model, first by the legal
scholars and regulators tasked with updating centuries-old rules of evi-
dence for the information age and later by the professions centered around
the production of documentary evidence—including contracts, identifica-
tion, and property.
