S E C T I O N
Newsletter
About Newsletter
Editorial
IISSM News
Training Programme
Book Review
Book Reference
Responses
Article
Monthly Summary
Print Newsletter
HomeNewsletterArticle
Volume No. 5,   Issue No. 3,   August 2006

Digital Signature

Computer-based alternative to traditional signatures

By Mr. P. Benjamin, Security Consultant, India

Historically legal concept of "signature" is that it recognizes any mark made with the intention of authenticating the marked document. Current practice calls for all transactions to be formalized in a manner that assures the parties of their validity and enforceability. Such formalization usually involves documenting the transaction on paper and signing or authenticating the paper. Traditional methods, however, are undergoing fundamental change. Computer-based information can also be utilized differently than its paper counterpart. For example, computers can "read" digital information and transform the information or take programmable actions based on the information. Information stored as bits rather than as atoms of ink and paper can travel near the speed of light, may be duplicated without limit and with insignificant cost.

In today's commercial environment, establishing a framework for the authentication of computer-based information requires a familiarity with concepts and professional skills from both the legal and computer security fields. Combining these two disciplines is not an easy task. Concepts from the information security field often correspond only loosely to concepts from the legal field.

To understand the value of digital signatures in legal applications, it may be worthwhile to go through an overview of the legal significance of signatures and then examine how, with some legal and institutional infrastructure, digital signature technology can be applied as a robust computer-based alternative to traditional signatures.

Signatures and the Law

A signature is not part of the substance of a transaction, but rather of its representation or form. Signing writings serve the following general purposes:

  • Evidence: A signature authenticates a writing by identifying the signer with the signed document. When the signer makes a mark in a distinctive manner, the writing becomes attributable to the signer.
  • Formality: The act of signing a document calls to the signer's attention the legal significance of the signer's act and fulfills the formal requirements for legal transactions.
  • Approval: As defined by law or custom, a signature expresses the signer's approval or authorization of the writing, or the signer's intention that it has legal effect.

To achieve the basic purposes of signatures outlined above, a signature must have the following attributes:

  • Signer authentication: A signature should indicate who signed a document, message or record, and should be difficult for another person to produce without authorization.
  • Document authentication: A signature should identify what is signed, making it impracticable to falsify or alter either the signed matter or the signature without detection.

Signer authentication and document authentication are tools used to exclude impersonators and forgers and are essential ingredients of what is often called a "nonrepudiation service" in the terminology of the information security profession. A nonrepudiation service provides assurance of the origin or delivery of data in order to protect the sender against false denial by the recipient that the data has been received, or to protect the recipient against false denial by the sender that the data has been sent. Thus, a nonrepudiation service provides evidence to prevent a person from unilaterally modifying or terminating legal obligations arising out of a transaction effected by computer-based means.

Like a handwritten signature, a digital signature can be used to identify and authenticate the originator of the information. A digital signature can also be used to verify that information has not been altered after it was signed. Digital signature technology generally surpasses paper technology in all these attributes. To understand why, one must first understand how digital signature technology works.

What is a Digital Signature

A digital signature is an electronic signature to be used in all types of electronic information transfer. Digital signatures are based on mathematical algorithms. These require the signature holder to have two keys (one private and the other public) for signing and verification. A verifiable, trustworthy entity called certification authority creates and distributes signatures.

How the Technology Works

Digital signatures are created and verified using what is known as “public-key cryptography,” which employs an algorithm using two different but mathematically related “keys,” one for creating a digital signature (by encrypting) and another for verifying the digital signature (by decrypting). These two keys are collectively termed as ‘asymmetric cryptosystem’. The complementary keys of an asymmetric cryptosystem for digital signatures are termed the private key and the public key. The private key is known only to the sender and is used to create the digital signature. The public key is ordinarily more widely known and is used by a relying party to authenticate the digital signature. Although many people may know the public key of a given sender (signer) and use it to verify that sender’s signature, they cannot discover that sender’s private key and use it to forge digital signatures. The sender accomplishes the process of creating a digital signature. The receiver of the digital signature performs the verification of the digital signature.

The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature:

Digital Signature Creation

Signing: To sign a document or any other item of information, the signer first delimits precisely the borders of what is to be signed. The delimited information to be signed is termed as the message. Another fundamental process, termed a "hash function," is used in both creating and verifying a digital signature. A hash function is a mathematical algorithm which creates a digital representation or "fingerprint" in the form of a "hash value" or "hash result" of a standard length which is usually much smaller than the message but nevertheless substantially unique to it. The hash function in the signer's software is used to compute a hash result unique to the message. The signer's software then transforms the hash result into a digital signature using the signer's private key. The resulting digital signature is thus unique to both the message and the private key used to create it.

Typically, a digital signature (a digitally signed hash result of the message) is attached to its message and stored or transmitted with its message. However, it may also be sent or stored as a separate data element, so long as it maintains a reliable association with its message. Since a digital signature is unique to its message, it is useless if wholly disassociated from its message.

Sealing: The next step is to encrypt the information which is done with a fast symmetric key that is uniquely generated for this purpose and then the symmetric key is encrypted with the receiver’s public key. Now only the private key of the receiver can recover the symmetric key, and thus decrypt the check (message). A digital version of the envelope has thus been created.

Delivering: The digital envelope is electronically sent to the receiver and the verification process begins.


Digital signature verification

Receiving: The encrypted digital envelope arrives at the destination. The receiver of the check decrypts the one-time symmetric key by using the receiver’s private key. Then the check is decrypted using the one-time symmetric key. Once this is completed, the verification process begins.
Verifying: Verification of a digital signature is accomplished by computing a new hash result of the original message. Then, using the sender’s public key and the new hash result, the verifier checks whether the digital signature was created using the corresponding private key, and whether the newly computed hash result matches the original hash result. The software will confirm the digital signature as ‘verified’ if the sender’s private key was used to digitally sign the message and the message was unaltered. If verification cannot be made, the software will identify that verification has failed.

Satisfying Legal Requirements

The processes of creating a digital signature and verifying it accomplish the essential effects desired of a signature for many legal purposes:

  • Signer authentication: If a public and private key pair is associated with an identified signer, the digital signature attributes the message to the signer. The digital signature cannot be forged, unless the signer loses control of the private key such as by divulging it or losing the media or device in which it is contained.

  • Message authentication: The digital signatures identify the signed message with far greater certainty and precision than paper signatures. Verification reveals any tampering, since the comparison of the hash results (one made at signing and the other made at verifying) shows whether the message is the same as when signed.

  • Non-repudiation. Creating a digital signature requires the signer to use his private key. This alerts the signer that he is consummating a transaction with legal consequences, decreasing the chances of litigation later on.

  • Integrity. Digital signature creation and verification processes provide a high level of assurance that the digital signature is that of the signer. Compared to tedious and labour-intensive paper methods, such as checking signature cards, digital signatures yield a high degree of assurance without adding resources for processing.

Digital signatures have been accepted in several national and international standards developed in cooperation with and accepted by many corporations, banks, and government agencies. The likelihood of malfunction or a security problem in a digital signature cryptosystem designed and implemented as prescribed in the industry standards is extremely remote, and is far less than the risk of undetected forgery or alteration on paper or of using other less secure electronic signature techniques.

Certifying Authority

To verify a digital signature, the verifier must have access to the signer's public key and have assurance that it corresponds to the signer's private key. However, a public and private key pair has no intrinsic association with any person; it is simply a pair of numbers. Some convincing strategy is necessary to reliably associate a particular person or entity to the key pair.

As electronic commerce increasingly moves from a bilateral setting to the World Wide Web on the Internet, where significant transactions will occur among strangers who have no prior contractual relationship and will never deal with each other again, the problem of authentication/nonrepudiation becomes not merely one of efficiency, but also of reliability. An open system of communication such as the Internet needs a system of identity authentication to handle this scenario.

The solution to these problems is the use of one or more trusted third parties to associate an identified signer with a specific public key. That trusted third party is referred to as a "certifying authority" who certifies with the issue of digital certificates.

Indian Scenario

When digital certificates were first launched, very few industry analysts were optimistic about adoption rates as India has traditionally been slow in adopting new technologies. But with the gradual adoption in diverse sectors, digital certificates are slowly but surely making their presence felt in India.

The certifying authorities are appointed by the Controller of Certifying Authorities, set up under the aegis of the Ministry of Information Technology. Currently, the Indian market has four players in the arena—SafeScrypt, IDRBT, TCS and NIC—who are licensed by the government to issue digital certificates. The certifying authorities issue certificates to individuals and companies to identify and authenticate the sender—as well as the date—using public key inscription. The controller's job is to see whether the certifying authority has the required infrastructure, adequate security, and processes in place. The number of digital structures is also likely to grow to one million, based on each certifying authority issuing at least 100,000 signatures. Internet banking is likely to be the biggest gainer, as authentic communication is possible through digital signatures. With digital certificates, banks can increase the acceptability of services to consumers.

Challenges and Opportunities

Digital signature technology opens up a whole new range of possibilities for business transactions carried through electronically. The ability to transmit electronic messages carrying legal binding signatures will allow businesses to conduct transactions and to enter into binding contracts entirely by electronic means. The prospect of fully implementing digital signatures in general commerce offer promising solutions to the problems of:

  • Imposters, by minimizing the risk of dealing with imposters or persons who attempt to escape responsibility by claiming to have been impersonated;

  • Message integrity, by minimizing the risk of undetected message tampering and forgery, and of false claims that a message was altered after it was sent;

  • Formal legal requirements, by strengthening the view that legal requirements of form, such as writing, signature, and an original document, are satisfied, since digital signatures are functionally on a par with, or superior to paper forms; and

  • Open systems, by retaining a high degree of information security, even for information sent over open, insecure, but inexpensive and widely used channels.

Go Top

Israeli airport technology detects intent of terrorists

By David Brinn May 08, 2005

Not many terrorists walk into an airport waving a banner announcing who they are. They don't carry handguns or try to conceal explosives as they debark from an international flight into the United States. And just as rarely do they have police records.

So how can US officials go about identifying potential terrorists? A new solution is Israel's Suspect Detection Systems (SDS) - a company that has developed an advance automated filtering tool for identifying potential suspects with hostile intentions among masses of tens of thousands visitors.

Consider it a personal polygraph machine, that will make air travelers infinitely safer, says SDS CEO Shabtai Shoval, a former division manager at Comverse Technology who founded SDS along with former head of the Israel Police's polygraph division Yeshayahu Horowitz and former deputy Mossad chief Amiram Levin.

"Our system makes an initial assessment within three minutes. If the system identifies a suspect, he can be sent to a personal agent to complete the investigation," Shoval said. Shoval explained that the inspiration his journey from Comverse to airport security was spurred by the September 11 attacks, as well as a viewing of a Tom Cruise movie.

"I happened to see the movie Minority Report - with Tom Cruise. I thought to myself, how great it would be to be able to prophesize a crime before it happens," he told ISRAEL21c.

"Among my staff in the telemarketing division of Comverse were two people formerly from the Shabak (Israel's General Security Services). After 9-11, we said to ourselves, maybe we should change direction toward the field of homeland security. 'What's the major problem that 9-11 has presented to the world,' we asked?

"Our conclusion was the fundamental issue that international terrorism has gotten sophisticated enough to enable terrorists to get into the target country without any weapons and with their own identity. Therefore, they can then create a strategic terror attack from within, without carrying in any means with them," he said.

Built to replace human selectors or random check ups of visitors, the SDS-VR-1000 is a device based on the assumption that sophisticated terrorists might not be included in suspect lists and will not carry weapon or explosives when they approach a checkpoint.

"We came to this conclusion two years ago - and since then, that idea has only been reinforced with the Spanish train explosion and the Chechnyan school takeover. It plays out again and again. International terrorists are getting inside a country without weapons, under their own identity and are succeeding in changing history," said Shoval.

According to Shoval, there are two basic ways to combat this threat – either through good intelligence, or through being able to detect them when they try to enter a country.

"Intelligence is a problem - since most potential terrorists haven't been on a suspect list. So you need to look for intention. This has to be done with the handicap of not being able to look for weapons, since carrying a weapon into the US, for example, would be stupid since it's so easy to obtain weaponry once they're inside," he said.

"If only you could have each person trying to enter the US go through a polygraph test with a specialist, you could prevent terrorists from entering - but of course that's not realistic. But, can we create a machine – that uses the basics of polygraph technology - that works automatically without the specialist, and takes only three minutes?"

The SDS system does just about that. It is based on the belief that the terrorist's fear will be reflected in measurable psycho-physiological parameters.

"As they say in the movies, we have the technology to do this - to use artificial intelligence in software to imitate polygraph capabilities It took a long time -two years - and lots of trial and error through tests conducted in Israel. But we've achieved a success rate of 95%," said Shoval.

The way it works is that the passenger approaches the machine - they put their passport on a scanner and their other hand on a sensor. He is then presented with an array of written questions in the language indicated by the passport (or in an audio mode with earphones if requested). A special detector then measures physiological responses.

"What is does is collect objective data out of the passenger's ID - and it analyzes the data compared to the subjective data it collects while the passenger is asked different questions," said Shoval. "The process takes approximately three minutes, and the passenger either receives a transfer printout authorizing him to advance to the next stage of entry to the country, or an announcement that he is required for further questioning. A monitoring official will then escort the passenger to another area for further questioning."

The system has been approved by the Israeli security apparatus, and an experimental version is going to be tested this year in an American airport.

"We've passed all the lab tests in Israel - with the involvement of various security involvement - and now this year, it will be field tested in Israel and in the US. Once it's on the market, each system will cost approximately $200,000 and will service about 40,000 per year. We're talking to Boeing and Accnture about partnerships as well as looking for a VC strategic investor in the US," said Shoval.

According to Shoval, the SDS system is a truly unique product, one that could only have been developed in the cultural and political climate of his country - and he lists three reasons why.

"First, it's based on the methods developed by the Shabak and El Al, Israel's national carrier.

Second, the field tests in Israel were unique -only here can you find a population (in Gaza) where 95% of the population has been in an ongoing conflict with their authorities. It's a fine tuning issue to find which people among those 95% are actual terrorists. If you cross that barrier, there's no place in the world where it can't work. Even in Iraq, only about 30% of the population have been involved with confrontations with the US Army and ruling Iraqi forces.

"And third - it took Israeli boldness to go ahead with a plan involving full contact polygraph with civilians, a concept that the US would not have been able to initiate. Americans chose not utilize human selectors - partly due to budget, and partly because it's difficult to educate the selector how to define between the different kinds of profiling. Here, our system is doing it for you - there's no human element involved.

"It's like a robot selection process - we don't make the decision to take someone out of line and put him in jail - we only take someone for further investigation. There's no profile selecting and no human rights violations," he said.

We've created a single-track minded machine - it can do just one task - ID a terrorist."

@ 2001-2004 ISRAEL21c. All rights reserved.

Courtesy: Email dated May 9, 2005, from Mr. Mayer Nudell, CSC, USA.

Go Top