Digitally Notarized Documents in Brazil

Remote writes: "As of next year, Brazilians will be able to obtain notary-authenticated digital documents and have them sent over the Internet (English) . You can also obtain a CD or floppy from a notary office, containing your document encrypted with an assymetric key. The key generation, though, demands that one shows up in person at the notary office for ID verification. This was made possible by legislation that recognises public-key encrypted documents and signatures as legally valid. This is one first step, and I don't see why this wouldn't be applied to things like contracts, invoices, wills, etc. Brazilian Notary and Register Association claims that one can even print as many copies of, say, your driver license as desired, though I don't see how this part would work..."

With all these

[nervlord1]

With all these laws being passed left and right towards internet and computer related technologys, i cannot work out which bloody country is the most technology and freedom with technology friendly of them all. Germany used to be my favorite, but with the recent DNS mess, i really dont know Anyone have any comments on this?

Worried

[Ricardo+Lima]

I don't know, but as a brazilian, I'm quite worried about this. One thing is to digitally sign digital documents, but to sign digitally sign real documents and allow anyone to print them as authentic copies! This opens a large space to fraud! If I'm able to print a document, why couldn't I change it before I print it, for instance? And what would make this document that I printed in my computer a really authenticated copy? I sense a lot of frauds coming...

Re:Worried

[ralmeida]

If I'm able to print a document, why couldn't I change it before I print it, for instance?

I haven' read the article, because it's currently down. But I believe it works like this: you take your documents and they will be signed by the notary office -- you will receive a digitally signed document in a floppy or CD.

You can then send that copy through e-mail, e.g., or print it. You can still change it and print it, but the digital signature will be ruined. If a police officer check the validity of the document, he will se that it was changed.

Re:Worried

[Ricardo+Lima]

And how could the police officer validate the digital signature? He would only look at the printed paper and it would seem all right to him.

Digital signatures only work with digital documents. A digital signature is a hash of the entire document signed with a private key ( in this case the notary's key ). When you print the document, how could you check the signature? Should you scan it back so a computer could validate it again? How could you be sure that what I scanned would generate the same bits of the original? Actually, you can't! So we would always have a bad signature!

Re:Worried

[Brazilian+Geek]

Don't forget that we - 'zilians - are a society based on paper. I work for a bunch of burocreaps and despite my futile attempts at introducing them to the wonders of sending memos to other sectors via email or our intranet BBS those f*cks preffer to print the stuff out and hand them out.

This law won't work - it may have passed but it'll be ignored as most of our other laws are by TPTB. That's my prediction.

Re:Worried

[ralmeida]

Perhaps the "printed" copy will be only a bar-coded document. All the "gambé" (police officer) has to do is scan the document. A display in the bar-code scanner could show your information and check the signature.

Anyway, just the possibility of sending documents in digital form through the internet makes it worth, IMO.

Re:Worried

[vidarh]

The signature can be made from the text of the document with whitespace removed. It can trivially be entered back into a computer and verified.

Obviously this wouldn't work anywhere where you would need to have a picture, or a representation of a handwritten signature. In that case you would need to be able to present a digital version of the document.

Re:Worried

[swillden]

but this notarys should be REALLY SECURE to make this system work

Nah, the whole notion of notaries is quite bad from a security standpoint, whether the signatures are digital or not. Nearly anyone can become a notary, the only verification the notary verifies is your ID and the only thing he or she does is place a stamp and a signature on a piece of paper. Each step is vulnerable to fraud and forgery.

However, that's okay, because the purpose of a notary isn't to provide absolute, ironclad proof. The purpose is to provide evidence that can be weighed in court against all the other bits and pieces of evidence, including the sworn testimony of the notary. For example, by itself, a notarized will making you the sole heir of the Howard Hughes fortune would obviously get you nothing except maybe an indictment for forgery. Add to that the testimony of the notary and some evidence to show that you were in fact Howard's best buddy and that he'd often talked of giving his fortune to you and you might begin to have a case. OTOH, a notarized bill of sale showing that you paid your brother $1000 for his old stereo would be all a small claims judge would need to make your (now-estranged) brother hand over the JVC.

The notary system sucks from a security standpoint, but it works quite well in the real world. I suspect this digital notary thing would work the same, but that no one will use it.

Re:Worried

[drinkypoo]

And how could the police officer validate the digital signature? He would only look at the printed paper and it would seem all right to him.

Basically the only way to do this would be to have a sufficiently dense barcode which contained a signed ID number, and have a computer which the barcode was read with which would print out a picture of their ID for comparison, or at least their picture.

Others?

[imrdkl]

like contracts, invoices, wills, etc

Music files?

Re:Others?

[Twylite]

This technology allows for authentication. Given a file and a registry of public keys, you can be certain that the file is an identical copy of the one reviewed by the notary represented by the public key.

In the case of music, you could be certain that you have a copy of the genuine original, not a track modified by someone else. Artists and/or record companies could sign digital music files so that you know you aren't getting a modified version.

But this technology doesn't extend to copy control / protection. It does not consider the viewer/user at all, only the originator.

Already doing that for edifact.

[leuk_he]

This is really nothing new. we already use digitally signed and encrypted EDIFACT messages (Invoices) where a notary is used to give out the keys. The messages are then send over internet (unreliable ) but much cheaper then X-400 (now over 5.000 euro per month)

Doubtful...

[ebbomega]

Highly...

The reason stuff like this would work on stuff like official documents but not on stuff like music is because if one country imposed legislation on it, there would always be another country without it. And since filesharing expands beyond patrial (is that a word?) borders, all the music that supposedly gets encrypted would just be worked around by another country. It works on official documents because... well, there's no real public demand for online official documents because they don't exist yet. And since the media and the demand for the media isn't already in place, it's not uncontrollable.

Also, people are going to spend hour upon hour of playing with music files trying to crack the encryption because, well, people are more than happy to redistribute the music they own, as opposed to say their driver's license, which I don't think they really want to hand out to some guy on the street.

At least, that's how I see it.

The question of validity

[imrdkl]

An encrypted document is not valid except to the person(s) who hold the key to decrypt it. In this case, thats the owner and the notary. It also makes sense that notaries would be the first group to have signing rights for electronic documents which are owned by people that dont have their own key. Of course, it would be better to have one's own key for signing, then use the symmetric key which is agreed by both parties only for the encryption.

Alternatively, the document could be signed by both parties, but that kinda reduces the value of an individuals signature key, imho. In any case, a shared symmetric encryption key seems to me to be much like a notary stamp.

Disclaimer: the above may be a load of bunk. The site is slashdotted right now.

Why Digital Signatures Aren't Signatures

[fhwang]

Everyone interested in this subject should read Bruce Schneier's piece on the subject: Why Digital Signatures Aren't Signatures. The gist of his article is that although cryptography came verify that a document can from a given computer, it cannot verify that it came from a given person, or even that that person intended to sign that document. "The mathematics of cryptography, no matter how strong," he writes, "cannot bridge the gap between me and my computer."

Re:Why Digital Signatures Aren't Signatures

[leuk_he]

The article is not that good, but there are many many userful links below the article.

A lot of security is based on thrust. This is the main thing. Same thing goes for signatures. You can sign a paper but they thrust you that you did read (an can) the paper. Signatures can be faked as well.

And of course you can bridge the gap between you and the computer with biometric autorisation.

Re:Why Digital Signatures Aren't Signatures

[swillden]

And of course you can bridge the gap between you and the computer with biometric autorisation.

I don't think you read Schneier's article. The point is that you, the putative signer, never know what the computer, the real signer, is actually signing. How you authenticate yourself to the computer to unlock the signing key is irrelevant, and biometrics aren't really any better than other authentication mechanisms (from a security point of view, biometrics are actually very poor authentication mechanisms).

lot of security is based on thrust.

All security is based on controlling, quantifying and limiting trust. Schneier's point is that the trustworthiness of digital signatures depend absolutely on the trustworthiness of the software and hardware performing the signing operation. You have to trust that the key is stored securely, authentication of the user is performed securely (and correctly), that the signing operation is performed correctly and that the correct document (and *only* the correct document is signed. And if the computer in question is a standard, easily hackable PC running, such trust is almost impossible to justify.

I started to implement a secure digital signature system based (mostly) on commodity hardware a while back. Unfortunately the project was cancelled before it was finished, but here's what we had to do:

• Use a secure crypto card for key generation, storage and access control (the IBM 4758 (don't let the recent bad press fool you, it's an extremely secure device)). A naive person would think we're done here, and then some.
• Use a stripped-down version of an open source operating system, thoroughly reviewed. We were going to use an old Linux kernel (from the days when it was smaller and simpler). The source had to be reviewed line by line, and the policies and procedures that had to be set up around how this code was stored and how modifications were tracked were very onerous.
• Write and thoroughly review the document display and signing software.
• Build the OS and software on a secure build server and burn it onto a CD. Run an MD5 hash of the CD contents and burn a few copies of another bootable CD whose only function is to verify the first CD (using the hash). Distribute the verification CDs to appropriate, trusted, people, who store them in personal safes. Put the first CD in a lockbox in a vault. Distribute keys to the lockbox to appropriate, trusted, people who don't have verification CDs.
• Remove all drives from the PC except for one CD-ROM drive and one floppy drive, configure the BIOS to boot only from the CD-ROM drive and set a BIOS password. Lose the password.
• Place the entire PC in a custom-built, TEMPEST-shielded, lockable cabinet, with only the CD-rom drive, floppy drive, keyboard and LCD display (not CRT) exposed. The keyboard must be entirely inside the cabinet except for the keys. No cabling can be exposed, except the power cord. Put the cabinet in a secure room and tightly control access to it.
• When you want to sign something, write the document on a floppy in ASCII text, find someone with a lockbox key and someone with a verification CD.
• Retrieve the system CD. Boot the secure PC off the verification CD. Insert the system CD for verification. Assuming it verifies correctly, unplug the PC, insert the system CD and your floppy and power the PC back on. The system will read your document, display it on-screen, then ask you to identify yourself. You specify your username and passcode, which are passed to the 4758 along with the document. The 4758 checks your credentials, hashes and signs the document and passes the signature back to the PC, which writes it to the floppy.
• Return the system CD to the vault.

There are obviously a lot of other issues I didn't mention, such as the policies and procedures around key generation, who is given signing privileges, how public keys are distributed to relying parties, how certification is done, etc., etc., etc.

Of course, very few situations require this level of security. But there are also fairly few situations where there's any point in using software-based signing on a general-purpose PC.

And biometrics make absolutely no difference to any of this. Biometrics are to security like syntactic sugar is to a programming language.

Re:Why Digital Signatures Aren't Signatures

[leuk_he]

Unfortunately the project was cancelled before it was finished, but here's what we had to do:...

How far did you get.. and what kind of organisations is this?

(from a security point of view, biometrics are actually very poor authentication mechanisms.)

Could you explain this? Because biometics are going to be a very important issue to prove you are you.

In my opinion it proves the point "Person A" was behind this device at that time. If fixes the gap between the PC and person. I do understand it does not yet prove that person did read the document he signed. (And the pc can be hacked, and a standard pc is much more hackable than your solution)

Re:Why Digital Signatures Aren't Signatures

[swillden]

How far did you get.. and what kind of organisations is this?

Sorry, can't tell you.

Could you explain this? Because biometics are going to be a very important issue to prove you are you.

But they don't.

If you look closely at the processes involved in biometric authentication you see there are many points where they're vulnerable to attack. I won't go into all of the details, but I'll try to give you an overview.

• Capture. To begin with we have to capture your biometric scan initially, associate it with you and get it into the database. This is pretty easy to secure, but it has to be done.
• Template storage. That biometric scan has to be stored somewhere. An attacker who can gain access to the database can insert his own template. Less obviously, he can do a denial-of-service attack by corrupting yours, which can open up a whole range of new social attacks. Also, templates can't be stored in hashed form like passwords, because template matching is fuzzy.
• Scanning. When you authenticate yourself, a scanner grabs biometric information via some sort of scanner and converts it to a string of bits. If compromised, the scanner can mess with it in all sorts of ways.
• Transmission. In many cases the scanner must transfer the biometric data to another system for comparison (this other system may be directly attached to the scanner, but it's still a separate unit). It can be modified, or, far worse, copied. Once the attacker has a copy of your scan data he can replay it at will to impersonate you. It's important to realize that he doesn't need to make a phone finger or retina. It's much easier to bypass the scanner and just send the bit string in directly. A scanner that timestamps and digitally signs and encrypts the data would help.
• Comparison. Some system must compare the scan with the template. Another good place to attack, particularly since this system must have access to the template database.
• Other compromise. Your body is a rather visible and accessible thing, which makes it a bad thing to use as a password. Your fingerprints are left everywhere, you can be tricked into allowing an attacker to scan your retinas in a variety of ways.

So you see, from a security point of view, a biometric scan is just a password that's not well-secured, is complicated to use (technically complicated, not complicated to the user) and can't really be replaced once compromised (you only have ten fingers, two eyes, etc.) Most of the above compromise points apply to passwords as well, and most can be adequately closed, but, overall, a well-chosen passphrase, never written down and only entered into a secured terminal is more secure than biometric authentication.

Of course, the best authentication is three-factor (something you have, something you know, something you are).

Re:Swiss Cheese...

[Tim+C]

Slashdot had an article about Brazil a couple months ago explaining about how their government was planning to break the patent on an AIDS drug because they couldn't agree with the manufacturer on a price.

Here are a few statistics for you:

• Brazil has the highest number of people with AIDS in Latin America, at around 200,000
  
• a quarter of Brazil's annual AIDS treatment budget of $300m is spent on the drug in question (nelfinavir)
  
• breaking the patent would allow them to save $34.8m per year, and so improve the level of care provided
  

(Sources: http://news.bbc.co.uk/hi/english/business/newsid_1 505000/1505163.stm and http://asia.cnn.com/2001/WORLD/americas/08/22/aids .drug/)

Your comparison with Cipro is, imho, spurious. There have been what, a dozen cases of anthrax in the US since 11/9, which have lead to about 4 fatalities? On the other hand, Brazil is facing an AIDS problem of epidemic proportions. Yes, I realise that anthrax could have been a real problem, and so in the face of this potential problem the US government started making threats. Well, Brazil's problem is very real, and only going to get worse. The length of time remaining on the patent is immaterial.

I'm not against patents, just their misuse, and in my opinion charging too much for a drug that is so vitally needed is immoral and an abuse of the patent system.

Cheers,

Tim

Re:Swiss Cheese...

[vidarh]

This is bullshit. Brazils laws allow the government to use compulsory licensing in the face of a medical emergency. Notice: Compulsory licensing, not "breaking" the patent. What this means is that they can force the manufcaturer to license a product at a reasonable price if they refuse to do so by their own choice in the case where the country faces a medical emergency.

This is legal in Brazil, and a part of the terms you enter into when applying for a patent.

A patent isn't some god-given right, but a privilege granted by a country for a limited period of time, provided that you fulfill whatever restrictions the particular country has placed on patents. In this case: They have to be prepared to accept compulsory licensing.

Now, perhaps you believe that hundreds of thousands of people dying of AIDS doesn't constitute a medical emergency... In that case I'll just think you're an asshole.

Either way, you are wrong that Brazil won't pay for the drugs - under the terms of their compulsory licensing law still pay licensing fees.

Print your own driving licence

[Cardinal+Biggles]

Brazilian Notary and Register Association claims that one can even print as many copies of, say, your driver license as desired, though I don't see how this part would work..."

Well, if you have an image containing a bar code that is a digital signature of the data (name,date of birth,expiry date etc) on the licence, made by the government's secret key, anyone with a barcode scanner and a palmtop that can run PGP or something can validate the document. All you need is the government's public key.

I think that would be a very elegant way to save money, while making the production of false documents more difficult.

Re:Swiss Cheese...

[vidarh]

"Simply by modifying behaviour"?

Talk about being a complete idiot.

You obviously don't realize how difficult it is to get an entire country to change behaviour. ANY country.

Do you realize the cost of giving enough information to a population the size of Brazils that is thorough enough that people will change their behaviour?

Can you show me any country that has managed to get rid of HIV and AIDS by getting people to change behaviour? Let alone any country as poor as Brazil.

And I've already replied to the bullshit about "breaking" a patent before, and your lies about Brazil not paying.

Further, even if you do use protection, you don't have 100% protection against HIV. And even if you stick with only one partner, you have no guarantee that your partner does the same.

Security of the notary

[sporty]

We all do relalize, that if the security of the notary is compromised, it is easy to generate digital signatures. What makes it worse, is if the key is secretly compromised (i.e. downloaded)

Re:Swiss Cheese...

[radja]

so the brazilian population will either die because of no children, or because of AIDS.. nice choice. All cases of anthrax could have been prevented by a simple change in behaviour. Simply by using email and fax instead of physical letters. Besides.. humanity will survive if we all stop using physical letters, humanity will die if we all stop fucking.

You're right.. the situation is not even close: 1 is an epidemy with millions of infected people, and there is no cure yet. the other is a few separate cases, with 5 deaths up to now for a disease with a cure.

//rdj

There is a current infrastructure shortage...

[Curt+Cox]

Internet based services are way behind where they should be. Something as basic as timestamping is still having trouble getting of the ground after several years. Think of all the things that you should be able to accomplish, simply (although not necessarily freely) but just can't yet.

possible in any part of U.S.?

[shibboleth]

Is anyone doing online notarization in the U.S. anyone know? Is it even possible under any U.S state's current law?

I've been thinking it'd be nice if webmasters had a way to notarize information and then point to that notarization (on the notary's website, for credibility). This would a way to backup certain claims in a way easy for people to verify. Good idea?

solving the wrong problem?

[zatz]

If you are only trying to make it possible for one person to digitally sign documents with their own key, it can be much simpler than all that. Just write a module for a PDA that generates the key internally and can sign documents on it, and wave lots of warning signs at the user when they do something that would copy their private key off the PDA. If you never run the PDA software on anything you don't read first (or put any untrusted software on it), how can you screw up? Obviously you need a PDA where the data transfer can be adminstered from the PDA side, not the random-untrusted-PC side, but the software work for this seems like a lot less than custom-tailoring and auditing an entire linux kernel. You could even physically mangle the communication link so that it works in one direction only, and when you sign something, manually transcribe the result, which should be a reasonably short hex string. Or only sign hashes of documents (which is typical anyway) and also input the hash by hand, but then you have to trust the computer generating the hash, since you don't get to inspect the plaintext on the PDA as you sign it.

What are you concerned about Tempest radiation for, anyway? Maybe the system bus would leak information about the private key, but the _monitor_? All it should be doing is displaying the contract, and the contract doesn't need to be secret... indeed, it will not remain so if there is ever a dispute about the signers.

Re:solving the wrong problem?

[swillden]

Just write a module for a PDA that generates the key internally and can sign documents on it, and wave lots of warning signs at the user when they do something that would copy their private key off the PDA.

The system was going to be used for signing documents with extremely high value. A PDA-based solution could not have offered adequate security.

Obviously you need a PDA where the data transfer can be adminstered from the PDA side, not the random-untrusted-PC side, but the software work for this seems like a lot less than custom-tailoring and auditing an entire linux kernel.

Two things: First, you'd be surprised how small a Linux kernel can be. Second, we were doing the Linux kernel audit for another project anyway.

What are you concerned about Tempest radiation for, anyway?

I neglected to mention that digital signatures were not the only purpose of this system. It was also to be used for secure imports of symmetric key parts. The key parts were to be displayed on-screen.

Digital Signatures vs. Digital Notarization

[XNormal]

Digital Signatures as a direct replacement for pen signatures is really a bad idea. Basically, what an X.509 certificate says is "On [date] a public key [hash] was held by [individual or orgnaization] and I have absolutely no idea what hardware, software and security procedues [individual or organization] uses to protect it. Signed by [issuer]".

Digital Notarization is a much better idea. It's the equivalent of a notarization seal, not a pen signature. Digital Notaries are required to employ certain security measures or else they could lose their license and have their certificates revoked. A Notarized Digital Signature says "On [date], I have verified the identity of [individual or authorized representative of organization] and obtained their informed consent of the content of the following document [hash]. If necessary, I will testify to this fact in court. Signed [notary]".