Schneier: Why Digital Signatures are not Signatures (was Re: CRYPTO-GRAM, November 15, 2000)
Peter Wayner
pcw at flyzone.com
Fri Nov 17 05:46:19 PST 2000
>
Schneier's piece does a good job of listing some of the problems with
digital signatures, but he really throws the baby out with the
bathwater when he concludes that "Digital signatures aren't
signatures." This has been his habit lately. The book _Secrets and
Lies_ is filled with plenty of handwringing about how no computer
security system is ever going to be good enough.
The standards he applies to digital signatures are much too severe. I
think that even pen-and-ink signatures wouldn't pass, a conclusion
that would lead to the strange sentence, "Signatures aren't
signatures and they can't fulfill their promise."
The law is very vague about the definition of signatures. It's simply
a mark that is made with the intent of binding yourself to a
contract. That means the old 'X' scratched on a piece of paper can
still bind the illiterate. Mathematicians and computer security folks
will probably recoil in horror about the circularity of the whole
scheme, but that's the best the law could develop during the
pen-and-ink years.
It is certainly possible to concentrate upon the ways that digital
signatures can fail. Anyone who finds out the secret key can forge
signatures with impunity. Anyone who hacks into a system can sneak
things past a signer. But these techniques can also work with
pen-and-ink signatures. Kids frequently learn to forge their parents'
signatures on notes, tests, and permission slips. Skilled forgers can
be quite adept. Most managers develop a stupid quick scrawl that is
simple to copy.
Pen-and-ink signatures are also easy to abuse. You can trace another
signature. You can use a projector to place an image of the signature
on a paper for tracing. You can cut and paste the signature using
scissors and glue before you photocopy the paper. The opportunities
are easy to exploit. To put it as Bruce does, a pen-and-ink signature
does not authenticate the link between Alice and the paper.
To make matters worse, pen-and-ink signatures do not preclude someone
from changing the inside of a contract. That's why each side of the
deal keeps a copy. If one copy disappears, though, all bets are off.
Anyone can insert pages, replace pages, and generally create mayhem.
At least digital signatures are not this easy to subvert.
There is a well established network of signature experts who testify
in court. While I guess it's sad that digital signatures will lead to
a similar cadre of professional expert cryptographers, I'm not
willing to simply state that digital signatures shouldn't be
considered signatures. Unfortunately, this can be all that we have
sometimes.
--
--------------------------
Tune to http://www.wayner.org/books/ffa/ for information on my book
on Free Software.
More information about the cypherpunks-legacy
mailing list