0000000433f07816-dmarc-requ...@listserv.ua.edu (Paul Gilmartin) writes: > I don't understand digital signatures beyond what I just read in: > https://en.wikipedia.org/wiki/Digital_signature > > ... Digital signatures are equivalent to traditional handwritten > signatures > in many respects, but properly implemented digital signatures are more > difficult to forge than the handwritten type. ... > Paper contracts sometimes have the ink signature block on the last page, > and the previous pages may be replaced after a signature is applied. ... > > But it seems that all such schemes depend on being able to authenticate > a public key from some certificate authority. It doesn't appear that a > digitally signed document can be entirely self-contained. > > So is a signature any more secure than an independently verifiable checksum, > or just more practical?
trivia: digital signature is the hash of the document (SHA-2) that has been encrypted with the private key. On reception, you recompute the hash, decrypt the digital signature with the corresponding public key and compare the two hashes. One of the original motivations for public/private key was to get around some of the secret key distribution problems (which has to be hidden and never divulged). Public key had be publicly distributed (w/o needing to hide). People can use the public key to encrypt stuff and send it to you ... and only you can decrypt it (with the private key). You can encrypt stuff with the private key ... and people can decrypt it (like digital signature) with public key ... and know it came from you ... since only your private key could have encrypted something that is decryptable with your public key. we worked on the cal. state electronic signature legislation ... one of the things is that "digital signatures" aren't true human signatures in the legal sense ... "digital signatures" can be used for authentication (in the same way pins and passwords) ... but need some additional features to qualify as a legal signature. In that sense, might claim that they were purposefully called "digital signatures" in an attempt to try and inflate their perceived value (justify charging billions) Last project we did at IBM was HA/CMP ... and was working on commercial cluster scalenup with RDBMS vendors and technical scaleup with national labs. Old post about Jan1992 meeting in Oracle CEO conference room on commercial cluster scaleup http://www.garlic.com/~lynn/95.html#13 within a few weeks of the meeting, cluster scaleup was transferred, announced as supercomuter and we were told we couldn't work on anything with more than four processors. Possible contributing faster was that the mainframe DB2 people were complaining if I went ahead, it would be at least 5yrs ahead of them. We leave IBM a few months later. A little while later, two of the Oracle people (from the Jan1992 meeting) have left and our at small client/server startup responsible for something called "commerce server". We are brought in as consultants because they want to do payment transactions on the server, the startup had also invented this stuff they called "SSL" they want to use, the result is now frequently called "electronic commerce". Somewhat for having done "electronic commerce" we get sucked into X9 financial standards organization working on new standards. During this time, I wrote extensively about how it was trivial to use public/private key in lieu of passwords ... w/o digital certificates. The problem was that the digitial certificate industry was floating $20B business case on wall street ... basically $100/certificate/annum/person. We were also brought in to help wordsmith cal. state legislation ... at the time they were working on electronic signature (and under heavy pressure by the certificate industry to mandate digital certificates), data breach notification, and "opt-in" personal information sharing. Electronic signature and data breach notification passed ... but "opt-in" (institutions could only share your information with explicit record of you of approving) got pre-empted by "opt-out" provision added to GLBA (institutions could share your information unless they kept a record of you objecting). some discussion of financial transaction standard that can do public key authentication w/o digital certificate http://www.garlic.com/~lynn/x959.html#x959 One of the scenarios was electronic payment transaction where they wanted to append a digital certificate to every transaction that was at least 100 times larger than the transaction size. Partly because I ridiculed the idea, some of X9 started a compress digitial certificate work item ... to try and get the digital certificate bloat down to only 20-50 times larger. Then I wrote a detailed analysis showing how to eliminate the payload bloat by appending to every transaction a digital certificate compressed to zero bytes (had all the same detail, just didn't occupy any space). -- virtualization experience starting Jan1968, online at home since Mar1970 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN