Anne & Lynn Wheeler wrote:
... skipped (it was long :-)ok, this is a long posting about what i might be able to reasonable assume if a digital signature verifies (posting to c.p.k newsgroup):
the dual-use comes up when the person is 'signing" random challenges as purely a means of authentication w/o any requirement to read the contents. Given such an environment, an attack might be sending some valid text in lieu of random data for signature. Then the signer may have a repudiation defense that he hadn't signed the document (as in the legal sense of signing), but it must have been a dual-use attack on his signature (he had signed it believing it to be random data as part of an authentication protocol)I don't see here any problem or attack. Indeed, there is difference between signature in the crypto sense and legally-binding signatures. The later are defined in one of two ways. One is by the `digital signature` laws in different countries/states; that approach if often problematic, since it is quite tricky to define in a general law a binding between a person or organization and a digital signature. The other way however is fine, imho: define the digital signature in a (`regular`) contract between the parties. The contract defines what the parties agree to be considered as equivalent to their (physical) signature, with well defined interpretation and restrictions.
-- Best regards,
Amir Herzberg
Associate Professor, Computer Science Dept., Bar Ilan University
http://amirherzberg.com (information and lectures in cryptography & security)
begin:vcard fn:Amir Herzberg n:Herzberg;Amir org:Bar Ilan University;Computer Science adr:;;;Ramat Gan ;;52900;Israel email;internet:[EMAIL PROTECTED] title:Associate Professor tel;work:+972-3-531-8863 tel;fax:+972-3-531-8863 x-mozilla-html:FALSE url:http://AmirHerzberg.com version:2.1 end:vcard