German Government Introduces Digital Signatures

bertvl writes: "From this article on CNN: Germany's federal government is introducing electronic signatures for its employees, a step it hopes will help make the security procedure generally accepted in the country. More than 200,000 employees of ministries and agencies will be able to sign electronic documents using a chip card with an encrypted key, giving them the same legal weight as paper documents with a handwritten signature, the federal Cabinet said in a statement Thursday."

more secure

[awing0]

This is definately more secure than any paper signature. Of course, both can be duplicated perfectly, the digital sig being a lot harder (depending on the key strength).

Re:more secure

[TicTacTux]

Well, it is just as secure as the underlying application. You might need both the key card plus a SecurID card that generates a one-time pad every minute.

With t-online's [amongst others'] questionable security record combined with the inherent strong security of a mainstream PC operating system (fail to remember its name) I give the system two months until 1st crack.

Then again, what's a fake sig under a decrete limiting the maximum parking time to two hours in some suburban street compared to a DoS attack against the root name servers...

Re:more secure

[DzugZug]

It is not very secure in that you can loose your card with the smart chip on it.

Re:more secure

[twinpot]

No necessarily so, as there is no sure way of telling whether the user was aware they were signing the "document".

With a conventional signature, once you ascertain that the signature is valid, and performed by that person, you can be reasonably sure that they were aware that they signed the document.

Re:more secure

It's 'lose' not 'loose'!!!

Logistics

[JohnHegarty]

Will keeping track of 200,000 signatures be a logistical nightmare. Plus I am sure it will be easily cracked by someone, and then there will be fake documents flying around, but now they will have legal status.

Re:Logistics

[Graymalkin]

Keeping track of 200k signatures will be a logistical nightmare? What the hell are you talking about? How many millions of credit and debit cards exist in the world? How many does a single bank issue? Cripe man. As for signing documents...that is just encryption. You have your public key off somewhere and keep the private key on a smart card. Your smart card would have an info file about you and contain your public and private keys (the private key being protected by a password or biometric key). You'd sign the document and add the signature as an attachment to a document. Somebody would get it and grab your public key from something as basic as an HTTP server and verify that the document they received was as you sent it. Easy to crack no. If you're using 128-bit encryption you're pretty set though it'd be even better to use larger keyspaces. Dnet's RC5-64 has been on since 1998 and still hasn't found the key. They're pumping through millions of keys per day. So easy to crack, no. Hard to maintain, no.

Re:Logistics

[Kierthos]

I don't know about you, but while my bank has my signature on file, I don't think they have the nice shiny handwriting recognition software that will enable them to determine that a particular signature of my name was written by me in the same style, written by me when I'm tired, written by me when my hands are cramped from working on minatures, forged by someone else, whatever.

Kierthos

Re:Logistics

[Graymalkin]

*shakes head*

If it was supposed to be funny it failed to be. If it was a serious statement turn your phone 90 degrees to the left and dial the number again.

Re:Logistics

[Basje]

They don't check on normal transactions, only in special cases (very large/unusual transactions or account transfers).

I remember as a student that we had a bank account that was in name of the dorm. One of us, the house-elder was in charge of it. This is a pretty common construction in dorms in the Netherlands.

In our dorm we had this one guy who did the finances. He had lived in there for almost 12 years. He had paid the phone bills and the beer bills all from our account. When he moved out, we wanted to transfer the account to another dorm member. Only then we found out that the account was still under control from someone who moved out 12 years ago. In the course of the 12 years, all payments (about 40 every month) had been made with an illegal signature!

So I'm pretty sure that most signatures are never checked. <grin>

Re:Logistics

[NightWhistler]

Actually, I saw a documentary about this about two years ago... They tried all kinds of fake signatures, in one case they even used a smiley... Almost all payments were carried out just fine...

Re:Logistics

[MCZapf]

Actually, I saw a documentary about this about two years ago... They tried all kinds of fake signatures, in one case they even used a smiley... Almost all payments were carried out just fine...

Yeah, but if someone forges a check from you, and you tell the bank, "I never wrote that check!" The bank can check the signature. If it's a smiley, I think they'll believe you.

Bypassing the system

[God+Takeru]

Oh, that's nice. Now, instead of having to pay the government to make laws I like, I can just pay someone to crack their digital signature.

A technically savvy government?

[Sobrique]

Ok, so what's the betting that these 'chip card signers' get used as coffee mats by 95% of of the people who they've been given to? :)

We already have it in Belgium

[arnwald]

Just last week I set up my life insurance,
and they used the chip in my bank card as a digital signature (together with the code).

The nice lady all explained me on how the Belgian State now accepts these digital signatures and how great that was.

Mind you, that I reside in a farmer community, I wonder how the farmers react ?

Greetings.

Re:We already have it in Belgium

Just last week I set up my life insurance,
and they used the chip in my bank card as a digital signature (together with the code).

The nice lady all explained me on how the Belgian State now accepts these digital signatures and how great that was.

Mind you, that I reside in a farmer community, I wonder how the farmers react ?

Well, since you live there, why don't you ask them?

Its nice to see it again

[Koim-Do]

That some people (such as the BiKom group mentioned towards the end), grasp any technological advancement as an opportunity to deprive "citizens" (see also: plebs) of their privacy (National ID cards, "citizen card", GPS in rented cars).

Re:Its nice to see it again

[tjansen]

In Germany everybody has a national id card, and I have never heard anybody complain about it. On the contrary, after WTC many people wondered that the US doesnt have one. The concept of not having an ID sounds very strange to most people here.

Re:Its nice to see it again

The Dutch government played it smart a couple of years ago. They wanted to introduce a mandatory national ID card but there was a lot of resistance, the public just would not accept it (last time they had one it was a German one). So the government just made it optional, but a valid form of ID. They also made it credit-card sized and very convienient (much easier to carry around than a passport or driving license (the only other forms of legally valid ID)). So the Dutch went out en masse and got their "optional" ID card. Won't be long now before the government says "Well 98% of you have it already so we might as well make it mandatory".

Re:Its nice to see it again

Is carrying a form of legally valid ID (passport, drivers licence) mandatory in The Netherlands? Does the ID card carry more information than the passport/drivers license ?

Re:Its nice to see it again

At the risk of sounding like a troll (which this is not), I think the US has a stronger tradition of personal freedom. Germany has had some historical autocratic/statist leanings and nationalism or the belief in the state has entertained some moments of popularity.

The US, on the other hand, has a strong tradition of distrusting its Government (and about half the time, justly so). These are the same folks who believe that the freedom to bear arms is what makes for a truly free and safe society.

I suspect the truth of it is that having a national ID card is useful to the government, but often in a good way. It does allow the government to track people more effectively, but not every aspect of that is disturbing. OTOH, I'm quite sure that sometimes governments (or their employees) do engage in disturbing activities including taking advantage of things the government knows about its people. But not having an ID card won't change that... just make it a bit more involved....

Re:Its nice to see it again

[tjansen]

At the risk of sounding like a troll (which this is not), I think the US has a stronger tradition of personal freedom.

You're certainly right, but the article was about laws in germany.

Germany has had some historical autocratic/statist leanings and nationalism or the belief in the state has entertained some moments of popularity.

50 years ago. Today nationalism and especially patriotism is not a very common phenomenon, and, compared to the US (or france, or..), the majority of germans are not patriotic at all. People watch movies like 'Pearl Habour' or people hanging US flags after 9/11 with disbelief. If a german would make a movie like this or put a german flag in a car people would call him right wing extremist...

But there is a certain amount of trust in the state and government that americans seem to lack though.

I suspect the truth of it is that having a national ID card is useful to the government, but often in a good way.

Why? It's not like there is somebody at every corner asking for your identity. Actually, in my whole life, I have been asked for my identity card by local authorities inside germany exactly once. And that was because a friend and me were driving next to a congress hall where a summit of european heads of state was taking place. There is no 'tracking' of people, if the police wants to know your identity they will find it out whether you have a identity card or not. Usually you need the id if you, for example, open a bank account, rent a car or things like this. In all these cases the companies already know your identity anyway and the id card is used as a proof.

Re:Its nice to see it again

[Teun]

Hmm, I'm Dutch and I have yet to see one of those ID cards.
I use my passport when at the bank or such and my drivers licence at the post office (these idiots don't accept a passport as ID!!)
To answer another question, in The Netherlands you always have to carry an ID as a foreigner and as a Dutch national only when you are in some special situations like at a football (soccer) game or other places where disturbances are not uncommon.

Alltoghether ID card carrying is indeed seen as a bad memory of the Nazi occupation. That's why Dutchmen are often getting in trouble in France where checks on ID are more common than in any other European country :-)

Re:Its nice to see it again

Dont know about the netherlands, but in germany it is mandatory. Many people dont carry one all the time, though, and AFAIK it's not an offence. On german ids are: surname, given name, date & place of birth, nationality, date of expiry, signature or bearer, address, height, colour of eyes, religous name or pseudonym, authority (issuer), a picture of the bearer and a number.

Re:Its nice to see it again

[germanbirdman]

Our national ID card is basically used in the exact same situations where in the US you would be asked for a drivers or non-drivers license.

That is:
- To prove who you are (open a bank account, etc)
- Buy alcohol or rent a video with an age restriction to prove your age

There is no other form of tracking taking place.

The only thing which sounds weird for people coming from abroad is that when you have a residence in a town, you have to go to the registration office and register.
You need to be registered to get a voting card so you can vote, so you can get a tax card every year so you can work (legally) (same thing as presenting your SSN card in the US), to receive unemployment benefits and stuff like that- also tpo ensure you are not getting it more than once.

The Germany are really paranoid about "Datenschutz" = Privacy issues, at least 10 times more than in the US.

American companies in the USA collect and exchange a lot more information than in Germany. The data gathering and exchange laws here are very very strict.

In the US, all a company needs is your SSN and they basically know your whole life history, In Germany that doesn't happen, while it is possible to find out if people have not been paying bills in the past. Negative financial data is tracked (Schufa) but you have a right to gain access to the information they store on you and if it is wrong and you can proove it, correct it. Also, data gets deleted automatically after so and so many years.
In the USA you are asked for your SSN almost everywhere, and the companies exchange the data. Here the companies (for example when signing up for a cell phone contract) gets the information from the central Schufa whether you have problems paying bills or not.

You can compare it to peer to peer and centralized networks. While p2p is great for "broadcasting" information, it is very bad for privacy critical data, because with p2p you have no control over who has the data.

Re:Its nice to see it again

[tjansen]

Negative financial data is tracked (Schufa) but you have a right to gain access to the information they store on you and if it is wrong and you can proove it, correct it.

Also important to note is that nobody can request data from or give data to Schufa without your written permission. (No bank will give you a credit without this permission though)

That's final proof..

[Rob+Kaper]

The German government just get it. First they send 52-page colour booklets promoting open source to all businesses in the country, then they give a large sum of money to add more security and encryption in mutt and KMail, and now this!

Re:That's final proof..

[swillden]

now they set up official documents for simple forged signatures

Care to describe the method by which these signatures can be forged? Doing so will grant you instant fortune and fame...

Haven't they figured out that the UK and USA have been reading all their secrets since 1942?

Shhh... don't tell them the Enigma was broken. If they find out they might switch to a better encryption system.

Re:That's final proof..

[Hard_Code]

"Care to describe the method by which these signatures can be forged?"

*PUNCH* *SCUFFLE* I now have your card and can sign anything as if I were really you and it would be legally binding. Have a nice day.

Re:That's final proof..

[swillden]

Only if you also got my password. And only for about five minutes until I report my card stolen and have the certificate revoked.

Just because you haven't thought something all the way through, don't assume no one else has either.

Re:That's final proof..

[osgeek]

You forgot the part where they somehow managed to get the required PIN as well. Then you forgot the part after that where the victim simply lets authorities know that he had been robbed. Then you forgot the part where that certificate is electronically revoked so that the crook can't fool anyone.

Compare and contrast this with traditional signatures which don't even require the punch and scuffle to forge. Then, add in future possible safeguards like biometric confirmation of identity through fingerprints and retinal scans.

Learning is best done with your mouth closed. (and stop typing)

Re:That's final proof..

you forgot your part where you try to spare your life by giving the crook the pin and then he kills you anyway. of course at this point, he may as well just held up a bank.

The flaw in all security systems ...

[Big+Dogs+Cock]

... is people. How many people are going to go for a dump, leaving their keycard on their desk? Practically everyone where I work wanders off at some point leaving their PC logged with their (Notes) mail running. This could lead to hours of fun. Similarly, passwords/phrases get shared, borrowed etc.

Unless you use biometrics (I don't generally leave my fingers on my desk when I go to lunch), the stupid-factor will always play a part. The legal status of digital signatures will only really be clarified when the first case comes to court with the defense: "someone else must have used my key".

(OT) Oh, and would people please learn to spell "definite". It's like "finite" with a "de" on the front (quickly checks for typos).

Re:The flaw in all security systems ...

[Tazzy531]

Very true...but look at it like this. How many people leave their credit cards sitting around? If it's just a card, it could fit easily into a wallet.

Re:The flaw in all security systems ...

[Kierthos]

More then you'd think. Credit card fraud is still a major problem, and you're giving people yet another plastic card to lose, misplace, what have you. Even the scams that shouldn't work anymore because they're so old still work on occassion, like writing a credit card company and telling them you moved and lost your card during the trip. 99.99% of the time, they won't fall for it, but all you need is that one time.

And how easily are wallets lost or stolen? God help you if you get mugged...

Kierthos

Re:The flaw in all security systems ...

[mgblst]

Yeah, true, but how often is your credit card stolen by the people you work with?

Re:The flaw in all security systems ...

[swillden]

I don't generally leave my fingers on my desk when I go to lunch

But you leave your fingerprints on your desk, on your fork at lunch, on your car...

Even more important (because it's not necessarily possible to fool a fingerprint scanner with the data provided by a print) if fingerprints were a part of day-to-day electronic security, you'd be accustomed to planting your finger on scanners twenty times per day. It only takes one bogus scanner, or even one legitimate scanner that is poorly implemented, and your security is history.

Re:The flaw in all security systems ...

[knuffelbeer]

Unless you use biometrics (I don't generally leave my fingers on my desk when I go to lunch), the stupid-factor will always play a part.

You may not leave your fingers, but you leave a hell of a lot of fingerprints. Fingerprints are easy to gather. Retina scans are much harder but do not adress other issues of using biometric data for authentication.

You cannot trust biometric data to be secret. You can't use it to replace passwords because you can't chage it and I'm afraid people put too much value on biometric data.

To me the distinction between "something you have", "something you know" and "something you are" has always been vague. In most practical places they can be reduced to eachother. A hand can be replaicated artificially (are->have). A onetime password system kan be described in terms of an initial vector (have->known). A password you can write down (know->have). Etc.

Re:The flaw in all security systems ...

[Big+Dogs+Cock]

Granted. Again, the stupidity factor will strike eventually. Nothing is ever totally secure.

BTW I remember when ATMs were new, there were a couple of cases of folks setting up a "temporary ATM" (mutant offspring of a PC and a filing cabinet) locked to the outside of a (closed) bank which just read cards and recorded PINs (giving back the cards with a "sorry no money" message). People fell for it, and with the PIN + all the card info, the bastards were well away. Stupidity strikes again.

Re:The flaw in all security systems ...

[4of12]

It only takes one bogus scanner, or even one legitimate scanner that is poorly implemented, and your security is history.

For sure.

That's the part that's always bothered me about even the seemingly super secure authentication based on biometric data combined with some piece of data from your memory.

The only remedy to this (and, again, it's not foolproof) that I see is to make devices accountable for at least as strong authentication as the people, from the backbone routers all the way down to the devices on the furthest edge.

I think it's technically possible to get the devices mutually authenticated to the degree where social engineering is the weakest link in the web of trust.

Re:The flaw in all security systems ...

[swillden]

The cost of such a maximal-security-at-every step approach would be astronomical.

It's just as good and much more cost-effective to rely on end-to-end security for authentication and privacy and to leave the network as a simple transport mechansim, IMNSHO.

Correction to CNN (bad coding)

[bildstorm]

CNN incorrectly reported the prices as yen. The should be Euro

Not ¥ but €

I bet lots of Japanese wish that ¥60 was close to $53....

(This is just like the use of duel instead of dual, when they asked Nicole Kidman about her dual citizenship. CNN has really gone downhill.)

Germany

[Supa+Mentat]

You know Germany seems to be one of the technological world leaders. They just decided to phase out all nuclear power in favor of wind power by the year's end and it looks like they'll do it. The acceptance of digital signitures is a huge step in helping the internet reach its full potential for changing the way we live our lives. Germany is taking this first step. What I want to know is: who are the politicians making all of these progressive decisions and what affect are they having in the EU Parliament? Are other European countries following Germany's lead in these type of issues? I know that German business law strongly favors big business, are there any other laws or policy that a liberal would take issue with in Germany? What is the state of Linux use in Germany? I ask all this because I'm looking at an offer for a research position at the Max Planck Institute in Munich (I'm sorry _Munchen_:).

Re:Germany

[Supa+Mentat]

I'm sorry, looks like Belgium was first with the digital signiture being leagal. My mistake.

Re:Germany

i do not agree. germany is nothing but the best country in the world!

you think they have lost world war 2 but in fact they have won. they control all of europe and most of asia under a cover of secrecy.

Re:Germany

Oh sir, you are wrong.

Re:Germany

[DullTrev]

What I want to know is: who are the politicians making all of these progressive decisions and what affect are they having in the EU Parliament? Are other European countries following Germany's lead in these type of issues?
The unsatisfactory answer is sometimes. Sometimes you get progressive politicians (from a variety of countries) pushing useful policies, but equally you sometimes get clueless politicians pushing rubbish. If you'd like to know more about what the EU is doing with the "information SOciety", try this link.

Re:Germany

[dunkelfalke]

german politicians and laws are equally stupid, trust me. if you coud read the heise.de (c't magazine) newsticker you'll often see that. all the technology thingies are damned staying in the labs and being tested for years and decades. one good thing though: linux ist quite strong here, mostly suse.

yes i live in germany

Re:Germany

<RANT>

I have a real problem seeing the Germans get out of Nuclear any time soon. In some states like Bavaria a major part of the Electricity comes from nuclear. It would be a 20 year+ project to realise it. If they are lucky the Current Govt. will manage to close one or two nuclear plants IF they get reelected. If they don't the Christ Democrats which are ultra conservatives who think GW Bush's enviromental policies are to compromising will scrap the whole thing.

Now that I have lived here for a year I can say that this chip thing sounds really German, they have a compulsive need to regulate everything. About the only thing you do not need to fill out a form and get a liscense to do yet is to break wind allthough that will soon require a pollution liscense. The law favours big business allright and this to the point that it can take upto 10 working days to cache a checque. Basically the Law favours Banks and Businessess at the Expense of the consumer at every turn. If the Christ Democrats come to power Germany will probably become the worlds first country with a Genetic finger print embedded in the national ID, and a free for Corporations to use Genetic database. Y'know for "Risk Management of employees". All in all the Germans should thank god the Conservatives were not in power when the WTC strike happened. The plans for new Security measures the Social democrats came up with were bad enaugh I do not even want to imagine what the Christ Democrats would have cooked up.

</RANT>

Re:Germany

[Reinout]

What I want to know is: [...] What is the state of Linux use in Germany?

Germany is home to an awful lot of linux development. SuSE is from Germany, as an example. The government is also active, sponsoring the GnuPG pgp-like developement. Top government officials (like "secretary of state") opening the LinuxTag for 2 or 3 years in a row now.

There's a lot of debate currently on whether the Reichstag (the German parliament) should switch to linux. It's kinda funny, even people from the same party are disagreeing, one proclaiming the gospel of linux, the other (being half sponsored by Redmond) denouncing it as a threath to Germany's software industry as a whole :-)

The best tip is to look at heise. They also've got english news now. Look at what's going on there. That 'heise' publishes two of Europe's best-regarded computer magazines, one for home-use (c't), one for professional use (iX).

Reinout

Re:Germany

[dunkelfalke]

i second that. this is really true.

Re:Germany

[GrafZahl]

A lot of lobbying takes place through:

http://www.linux-verband.de/ and

http://fsfeurope.org/

In comparison to the UK, Germany is way ahead when it comes to Linux in commercial or govermental environments. When quoting for a Free Software solution in Germany you normally don't have to explain the whole 'free as in free speach, not free beer' malaki.

IBM Germany and SuSE are also very active trying to convince government organisations to employ Free Software where ever they can.

There is also a big decission coming up whether to use free Software on the backend and / or on desktops for the parliament and its members. If you google for it you should be able to find quite some stuff about it.

There is one odity. There is one fraction in the EU that promotes the use of FS and in parallel there are initiatives that go against it by trying to intriduce weired patent laws.

Come to think of it, IMHO France and Germany are Europes biggest promoters for FS in governmental organisations.

Rgds,
REB

Re:Germany

[Gerein]

Not that I would agree with your generally praise of germany (although it sounds good :-)), but in this point you were right. Germany passed digital signature laws in 1997 already, being the first state in the world to do so.

Re:Germany

Well probably you never heard of a tiny european country by the name of Slovenia, but here, the legislation for digital signing was passed more than a year ago. The goverment institutions use smartcard digital signatures in regular work for quite some time now. For about 4 months it's possible for the general population to request a dig. sig. of their own, which is also issued by the goverment CA.

So what I'm trying so say is countries don't lead, individuals do

Re:Germany

[GrafZahl]

There's a lot of debate currently on whether the Reichstag (the German parliament) should switch to linux.

Burning my karma here, but please don't call it Reichstag. The building is the old Reichstag, but it has got nothing to do with the current use of it. The Nazis are gone a long time ago and now they call it 'Der Bundestag' in the Reichstag building.

The Germans use Reichstag to describe the building. The political institution Reichstag is gone a long time ago.

Rgds,
REB

Re:Germany

[Gerein]

It would be a 20 year+ project to realise it.

Well, it is! They just don't build new ones, and the existing nuclear plants are being phased out.

If they don't the Christ Democrats which are ultra conservatives who think GW Bush's enviromental policies are to compromising will scrap the whole thing.

Come on. The Christ Democrats are conservative, and I hope they don't win, but comparing their environmental politics with those of GWB?? Environmental support has always been very strong in germany, even with the Christ Democrats.

... that it can take upto 10 working days to cache a checque.

Maybe, because you're the only one, who does it? I've lived all my live in Germany, and I've used a checque only once! I got the money instantly... Who needs checques?

... with a Genetic finger print embedded in the national ID ...

Unfortunately you're right with this one. May very well happen. On a side note: In the moment the US is pushing european countries to introduce biometrical finger prints on the IDs, threatening to require visas for imigration again...

... a free for Corporations to use Genetic database ...

Very unlikely! Privacy concerns have been very strong in Germany, I could never imaginge the government to let corporations access a (hypothetical) genetic database!

Re:Germany

Just nitpicking, but:

The german parliament is called "Bundestag" ("federal council").

The "Reichstag" ("council of the empire") is just the building, the name deriving from the fact that it used to house the parliament when germany still had an emperor.

Re:Germany

[4im]

You know Germany seems to be one of the technological world leaders.

They're certainly no losers, but the general public's attitude has been rather anti-tech these past years.

They just decided to phase out all nuclear power in favor of wind power by the year's end and it looks like they'll do it.

Says who? Never heard about that one. Wouldn't be possible anyway, there's by far not enough wind power available (or to be made available) to come even close to replacing nuclear power, and certainly not by the end of the year. Sure, the green party hates anything that's got "nuclear" in it's name, but that's hardly rational. If I'd got moderator points, I'd have modded you a troll for this point.

The acceptance of digital signitures is a huge step in helping the internet reach its full potential for changing the way we live our lives. Germany is taking this first step.

Maybe. It's unfortunate, though, that they chose a system that's already been broken. IIRC they took quite some heat for it from clued guys, but they went ahead anyway.

What is the state of Linux use in Germany?

AFAIK, it's one of the highest levels on this planet. SuSE's from Nuernberg, and AFAIK they make more money than Red Hat.

I ask all this because I'm looking at an offer for a research position at the Max Planck Institute in Munich (I'm sorry _Munchen_:).

Good luck there.

Re:Germany

[Gerein]

The Germans use Reichstag to describe the building. The political institution Reichstag is gone a long time ago.

True. But to be nitpicking: Connecting the Reichstag with the Nazis in unfair. The Reichstag has been there long before the Nazis, it's been build in 1884!

Re:Germany

[palmersperry]

Says who? Never heard about that one. Wouldn't be possible anyway, there's by far not enough wind power available (or to be made available) to come even close to replacing nuclear power, and certainly not by the end of the year.

Well according to the BBC the Germans currently get about 3.5% of their power from wind (a 44% increase over the previous year), however (again according to the BBC) they currently get about 33% of their power from nuclear sources and the last plant won't be turned off for about 32 years ...

Re:Germany

[swoswo]

There's a lot of debate currently on whether the Reichstag (the German parliament) should switch to linux.

'scuse me, but Reichstag was the name of the German parliament in ancient days. The current parliament is called Bundestag. To make the confusion perfect, the Bundestag is sitting in a building called Reichstagsgebäude (Reichstags Building).

Re:Germany

Agreed completly

Re:Germany

[mgblst]

I'm not sure if removing all the Nuclear Power plants are such a great idea, just a politically popular one. Apart from this, I agree with your statement about the forward thinking of the German gov, its certainly got a lot better once they got rid of Kohl!

Re:Germany

[Pogue+Mahone]

(I'm sorry _Munchen_:)

That's München to you, sonny

If you really don't know your HTML that well, you could get by with Muenchen at a pinch.

Re:Germany

[PlotFive]

If you _really_ want to know what the EU is doing with (to?) the Information Society, try this link: www.statewatch.org

Re:Germany

Once it is established and contributing to a national DNA database is compulsory it is a short step to giving Corporations acess in the intrests of strengthening the National economy.

Yeah, and once you've established the death penalty, its a short step to allowing corporations to shoot unwanted employees rather than pay them severence.

Re:Germany

[Reinout]

> > It's kinda funny, even people from the same party are disagreeing, one proclaiming the gospel of linux, the other (being half sponsored by Redmond) denouncing it as a threath to Germany's software industry as a whole :-)

>Think about SAP and all the other big companies, is it a good idea to say their work has no value? because that is what you say when you use linux.

?? It's MS that directly links "linux" and "I don't want traditional software". That's not the way I think. I've happily dished out $$$ to VMware for their great product, for example. SAP does have it's value!

Reinout

Re:Germany

[Reinout]

You're right.

I half meant "every computer in that building", the other half was me being not German, but from the Netherlands :-)

Reinout

Re:Germany

[swillden]

that they chose a system that's already been broken

What? What system did they choose? I'd be very surprised if it wasn't RSA. Or did they choose some cards that have poor security? Please elaborate.

Re:Germany

[Bartmoss]

Our parliament is NOT the Reichstag.

Reichstag was the parliament of the Third Reich. Our parliament is called "Bundestag". It is housed in the Reichstag building.

Sorry to nitpick.

Re:Germany

[esonik]

Which Max Planck Institute in München ? There are 11 MPIs in München! Anyway, the decision whether to use Linux or not is usually made on the workgroup level (at least at the MPI where I was).

Re:Germany

[Hanno]

They just decided to phase out all nuclear power in favor of wind power by the year's end and it looks like they'll do it.

Not really. The new conservative candidate for the upcoming national election wants to stop this plan and go 180 degrees.

What is the state of Linux use in Germany?

Linux itself: Well, folks use it, that's it. There's no "we're Germans, we use Linux" mantra. However, the German government is currently replacing their old Windows NT based computer network and there is heavy lobbying going on by Microsoft Germany to stop them favouring Linux.

Re:Germany

[SMARTASS MODE]They are called "Christian" Democrats[/SMARTASS MODE]

Re:Germany

[dunkelfalke]

...I've lived all my live in Germany, and I've used a checque only once! I got the money instantly... Who needs checques?

yeah but if you pay with an ec card the bank still can play with your money for 3 days before forwarding the money to the shop.

...Very unlikely! Privacy concerns have been very strong in Germany, I could never imaginge the government to let corporations access a (hypothetical) genetic database!

very likely. most people don't give a damn about it, they say "ich habe nichts zu verbergen" - i don't hide anything. privacy concerns were some time in the past but not anymore...

Re:Germany

[angel'o'sphere]

Your post is correct and should probably mention KDE also ...

However: currently on whether the Reichstag (the German parliament) should switch to linux.

The Reichstag is gone with Hitler 57 years ago.

We have no Reichstag and never will get any again.

Our parliament is called Bundestag, freely translated: Parliament of the Federation.

"Reichstag" means: Parliament of the Empire.

Regards,
angel'o'sphere

Re:Germany

[kiwipeso]

> ?? It's MS that directly links "linux" and "I don't want traditional software". That's not the way I think. I've happily dished out $$$ to VMware for their great product, for example. SAP does have it's value!

I'd rather work with code that is secret and works than open code that sucks.
The main problem is the GNU, why should people have to give away their property just because some freek asks them to be "free".
Free software is a misnomer, it's more like socialist software than true freedom.

How can you trust the chip card?

The only way to be sure is to raise the hashed message to the proper power modulo p*q in your head.

Re:How can you trust the chip card?

[Jaborandy]

Why would you even trust the hash function?

-- Jaborandy
"I don't need to steeeenkin' computer"

credit authorization?

[MiTEG]

Here in the U.S., for me anyway, the most common reason for me to have to sign something is when I pay with a credit card, yet when I purchase something online, no signature is required. This could be great if used by e-commerce companies to verify the person making the purchase is indeed who they say they are.

Slightly off topic, but why are the currencies given in Japanese yen in the article if it is hosted on an American site and about Germany?

Re:credit authorization?

[BrookHarty]

Even thou something is digital and convenient, doesn't make it better.

6 out of the 10 local restaurants don't accept check cards, credit cards or checks. Some even have a ATM machine so they don't have to take credit cards. (Nice 1.00-3.50 charge too) My local gas station is 20-35 cents cheaper per gallon, but if you use a credit card or check card they charge you a sur-charge and a use charge.

I find its quicker, and faster to carry a couple bux, no standing in line to pay with my card, no atm fees, no additional charges.. Convenience makes Banks lots of money. If I pay with cash at the computer store, if I return it I get my cash back, if I pay with credit card, it takes 2-3 days for me to get my money credited.

-
I want my M-Life.

Re:credit authorization?

[caesarsgarten]

The EU has stated its intend to proliferate digital signature for promotion of e-commerce. One has to view the step of the german government in this light. Currently there is not a market for digital-signature solutions just because nearly nobody owns a certified key. Chipcards combined with a passphrase have proven to be quite secure since this technology ist used by several banks for couple of years now. Currently documents you receive from the goverment don't carry a signature, at least in the most of the cases. So even a weak signature would add a signifcant amount of security. But we must not be too optimistic. Two years ago they launched a service for filing your tax in an online process. That turned out to be a bad joke. After completing the process you had been able to print a "tax-digest" that was intended to been attached to the usual documents. They just promised that provided this additional work would speed up the processing. Bad news: The converse was true and the service was shut down after few weeks dur to severe security flaws! Euro & Yen: Both Currency-symbols seem to be composed of a "=" sign, maybe the diference is too delicate for the average CNN writer:-)

Re:credit authorization?

6 out of the 10 local restaurants don't accept check cards, credit cards or checks. Some even have a ATM machine so they don't have to take credit cards.

And why exactly is this a bad thing? An ATM-cash usually accepts digital money too, which can be stored on the ATM-card. Credit cards and cheques are obsolete. They are only useful for travelling and online shopping. And even the latter category will go away, if finally somebody comes up with a decent e-cash solution.

The entire business model of this Startup.com Company (The Movie) would be totaly ridiculous in most parts of europe for this very reason. Why pay a parking ticket with your credit card via some website, when you can transfer the money online and almost instant via your banks free of charge internet banking service?

Re:credit authorization?

[swillden]

This could be great if used by e-commerce companies to verify the person making the purchase is indeed who they say they are.

Don't overstate the case. Use of the card doesn't verify that the person holding is "is indeed who they say they are", but only that the card is associated with the persona being claimed. Someone else could be using the card. Cards should require a password before they'll operate, so maybe it means the person using the card has both X's card and X's password, which is good evidence that the person *is* X, but doesn't guarantee it.

And (to head off the inevitable incorrect followup) replacing the password with a biometric scan wouldn't verify it either.

Paper is still more secure.

[bildstorm]

Paper easily collects fingerprints and body fluids. You may not be able to perfectly verify that signature, but you should be able to verify whether or not someone actually held the paper.

Keycards are great, but only if used in conjunction with biometrics.

Re:Paper is still more secure.

[Kierthos]

One, I don't want to know what fluids you're leaving on documents around your office.
Two, have you ever seen how many people handle some documents?
Three, depending on the type of paper, fingerprints may or may not show up better.
Four, like anyone wants to do a compartive DNA scan, even if it would work on something like finger oils, or a fingerprint match just to determine if they sent a document?

Kierthos

Re:Paper is still more secure.

[bildstorm]

I never said that paper was easier, just inherently more secure.

Most people leave oils, small flakes of skin, and prints on almost everything they touch. I remember reading at some point that over 90% of house dust is skin.

DNA tests aren't easier, but it's hard to do a DNA test on an electronic sig.

Aditional Reading

[Metrollica]

Can be found here.

Legal Weight

[Mike+Connell]

Surely the 'legal weight' will be determined by the courts: It's only a matter of time before somebody signs something (or appears to), and then denies any involvment. Excuses (true or not) of "My card was stolen", "They made me tell them the key", "I don't know what you're talking about" will presumably be uttered (in german). Cryptogram has covered the problem that "the key isnt the person" in the past.

If the first 10 cases all end up with courts deicing that there isn't enough evidence that the person did actually "sign" the document, there surely won't be much legal weight? A paper signature means little if there is sufficient doubt about it's authenticity, I dont see how that's going to change here.

As an aside, I like the last line of the CNN piece:

Bitkom called instead for a "citizens' card," with chip and electronic signature, for all Germans.

Yeah Baby! I can't see anything bad happening down that road!

Re:Legal Weight

[aCC]

It's only a matter of time before somebody signs something (or appears to), and then denies any involvment. Excuses (true or not) of "My card was stolen", "They made me tell them the key", "I don't know what you're talking about" will presumably be uttered (in german).

Hmmm... very strange argument. Why is that different to hand signatures then?

Same excuses the other way round (and as courts probably here them very often):
"My signature was faked." (Event though it looks the same)
"They made me sign it."
"I don't know what you're talking about."
uttered in any language.

It doesn't matter if it was done digital or analog. The legal situation isn't worse. It only got better, because you have more security features. It's quite easy to fake a hand signature, but it's nearly impossible to fake a digital signature...

Re:Legal Weight

[Alsee]

Why is that different to hand signatures then?

The difference is that if someone swipes your digital card they can make perfect signatures. If someone forges a paper signature it can be analyzed.

-

Re:Legal Weight

Bitkom called instead for a "citizens' card," with chip and electronic signature, for all Germans.

Yeah Baby! I can't see anything bad happening down that road!

Well, considering the fact that we germans already have a national ID card (which is a good thing, IMHO) an electronic signature card seems to be the logical extension.

After all, before I had to leave signatures too, didn't I?

Once people (or government, secret service) start collecting and perusing this information without a very goo reason, then is the time to worry (and fight against it!)

Re:Legal Weight

[aCC]

The difference is that if someone swipes your digital card they can make perfect signatures.

What about the PIN? It's not as easy as that.

Re:Legal Weight

[Alsee]

What about the PIN? It's not as easy as that.

You're kidding, right?
Sure, requiring a PIN helps, but please.
The simplest PIN attack is "shoulder surfing". If you want to get sophisticated you catch someone typing their PIN with a video camera and study it later. If people are allowed to choose their PIN, there is an obscene probability that it is either their birthdate, address, or phone number (all of which you probably have if you snatched their wallet/purse).

-

Re:Legal Weight

[aCC]

Missing the point. We are not talking about how secure PINs are, we are talking about if a hand signature is more secure than a digital encrypted key on a card with PIN.

So, you say a hand signature that you probably show several times a day and that a lot of people know or can very easily get, is more secure than a card that has to be stolen plus a PIN that has to be sneaked out before? I don't think so.

Re:Legal Weight

[Alsee]

So, you say a hand signature ... is more secure than a card that has to be stolen plus a PIN

It depends what you mean by secure. If you type your name here I can forge your signature without ever having seen it. I can't do that with your digital signature. But anyone knowledgeable can look at the signature and see it's forged. You can prove you didn't sign it, and they have a lead in trying to catch me. If I have a copy of your signature and am an expert forger things get more difficult, but expert analyisis may prove you didn't sign it.

If I catch your PIN on camera and swipe your card I can make a perfect signature. You have no way to even try to prove you didn't sign it.

And the topic of the thread was how much legal weight a digital signature would have, compared to paper signature. In my oppinion a paper signature would have to carry more weight in court.

Don't get me wrong, I'm definitly pro-technology. This thing is pretty cool.

-

Re:Legal Weight

[swillden]

If I catch your PIN on camera and swipe your card I can make a perfect signature. You have no way to even try to prove you didn't sign it.

Sure he does. Just like handwritten signatures, any digital signature should be treated as a piece of evidence, not as an absolute verification. If you go to court to dispute a contract that someone claims you signed, there are *many* pieces of evidence to consider, including eyewitness accounts, your motives and the likelihood that you would have signed this particular contract, character witnesses, your own history, whether or not you actually recieved any benefit of the contract in question (e.g. the merchandise), etc.

If your digital signature card is lost or stolen, you need to report it as soon as possible. The simple act of reporting it will significantly limit your liability (and, in a proper solution, should also nearly eliminate the chance that anyone will believe the fake signature, since they should be checking key revocation databases). For people who sign something then claim their card was compromised to get out of it, the subsequent investigation will consider the details mentioned above plus the details of the claimed loss or theft.

It is possible that someone might get away with invalidating a contract once or twice, just like it's possible to get away with ripping off your credit card issuer once or twice. Establish a pattern of abuse, though, and you're sunk. Doing it just once or twice isn't beneficial enough to prevent you from having to work, unless the sums are substantial, in which case the scrutiny will be intense.

Digital signatures, when understood and applied properly, are slightly (slightly!) stronger than hand-written signatures. Perfect digital forgeries may arguably be easier than perfect hand-written forgeries, but imperfect forgeries (the norm) are far, far harder. In any case, the situation is close enough to the same that digital signatures can easily carry the same legal force as a handwritten signature. You only get into trouble if you expect them to be stronger.

Re:Legal Weight

OTOH, samples of signatures of employees are usually on public display in e.g. German banks.

Re:Legal Weight

[Alsee]

I certainly agree digital signatures are useful. I just think paper signatures would have more weight in court. If you are trying to distinguish between a case of "forged signature" or "false denial of signature" at least you have a piece of evidence to examine.

-

Won't happen across the US government

[NaCh0]

Its nice to see this happen as a large scale experiment. We'll have to watch to see how the non-geek workers handle it. But, for cost reasons alone, I don't see the US government implementing anything like this on a wide basis for at least 10 years.

Brian

Re:Won't happen across the US government

[Tazzy531]

It might happen sooner than you think. Last week they were reporting that the government was moving towards a standardized drivers license. This idea of digital signature could work well in that system. But I agree, the US has been pretty bad with bureacracy..

Re:Won't happen across the US government

[NaCh0]

The card itself is simple. It will be much harder for the government to coordinate a reliable infrastructure (databases, card readers, etc). That is why I think we won't be seeing it anytime soon.

Of course, there are all of the people problems. The system will have to be highly usable. Today, people can't even handle encrypted email (without physical tokens) because it is too hard. I would be much more positive if someone could show me software that put digital signatures/crypto in terms that a regular person could understand. The current GUIs that wrap around PGP/GPG don't cut it because they assume you understand the underlying process.

Brian

fun and games

[Perdo]

It's all fun and games until someone steals your digital identity. Just ask all the posters who rate an imposter here. Or ask Signal 11 (7608).

signal ll (150330)
Signal 69 (159601)
Signal 11 (160141)
Signal Eleven 11 (196051)
Signal 12 (196465)
Signal seven 11 (196530)
Signal 1| (196903)
Signal%2011%20 (198994)
Signal 13 (199065)
Signal 10 (199067)
Signal 14 (199492)
Signal%2011 (199508)
Signal l1 (199916)
Signal 11 on. . (200800)
nbsp;Signal 11 (200811
Sìgnal 11 (200815)
Signal 11_bork2 (202783)
Sìgnal ll (203092)
Signal (203244)
Signal 11_bork1 (203709)
Signal II (221055)
Signal 111 (248325)
Signal 1I (255479)
Signal Eleven (261043)
Signal Nine (442438)
by Signal 11 (200808)

Re:fun and games

[jawad]

You forgot all the "Noise 11" type names too. Quite a few parodies of that guy. (He's on Kuro5hin now, right?)

Re:fun and games

[Alsee]

who rate an imposter here

I don't have an imposter here (that I know of, hehe), but I had one back on MPlayer.

The imposter was A1see. The MPlayer font for "one" and "lowercase L" were impossible to distinguish. The only way to tell the difference was to copy the text and paste it in another window.

The imposter was actively trying to make trouble for me. Cursing, lying, starting arguments. Sigh.

-

Re:fun and games

[-brazil-]

It's all fun and games until someone steals your digital identity.

As soon as you notice it, you put that on record, and any signatures done with that key after that date will be considered invalid.

Re:fun and games

But how do you prove who you are after they've taken your identity,
it'll be just like the movie "The NET"

okay, it wont be.

Project �gypten (Free Software Sphinx-Clients)

[hany]

Project Ägypten (Free Software Sphinx-Clients):

The Sphinx project launched by German authorities aims to improve secure email exchange. The projects technological base is the protocol 'TeleTrust e.V. MailTrusT Version 2'. This includes the standards S/MIME, X.509v3 and others.

Proprietary products are already on the way, but with the project Ägypten there is now also a Free Software solution going to be realized for popular mail user agents (sphinx-enabling KMail and mutt are essential goals).

The Free Software companies Intevation, g10 Code and Klarälvdalens Datakonsult AB are contracted by the German 'Bundesamt für Sicherheit in der Informationstechnik (BSI)' to incorporate the Sphinx protocols into Free Software MUAs. Background is to ensure availability of alternatives to proprietary desktops.

Interesting illustration . . .

[servasius_jr]

According to the article's illustration, the Germans will digitally sign their names by writing a long, free-floating string of binary in the air with an ordinary pencil. Evidently the technology being used is both more advanced and more bizarre than anything I've ever seen.

Re:Interesting illustration . . .

[Tazzy531]

Just like what was posted on here yesterday.

Thoughts on the perfect ID card..

[ShaniaTwain]

G'damn, but this is a tough issue (I'm speaking generally here) How do you:

(1) Insure that no one can fake your identity

(2) Insure that no one can conglomerate data from your identity

It seems to me that both (1) and (2) are desireable, yet mutually exlusive. How do you insure anonimity with a definite ID? These two issues have never been smashed together with such power before. Digital technology gives us the possibility for either (1) or (2), but can it ever give us both? Are they mutually exclusive? Is it either anarchy or buttonhole ID facism?

.. Personaly I would opt for Anarchy for myself, and button-hole facism for everybody else.. (for safety's sake of course).. How 'bout you?

Re:Thoughts on the perfect ID card..

[NaCh0]

The system will have to work on the principle of "good enough."

People can already fake your paper signature today.

People already do conglomerate data about you.

But sometimes the benefit for the masses outweighs the 0.01% that will have a problem.

Unfortunately, with computer systems like these, if a problem is general, you don't lose 1 person's data, you lose *everybody's* data. That is something the institution offering the service will have to deal with.

Brian

Re:Thoughts on the perfect ID card..

[ShaniaTwain]

Huh?

Do you think it truely is only 0.01% that would have a problem with fake sig's / conglomerate data? I'm not talking about the idea of the problem.. I'm talking about the proverbial full mess. Someone fakes your ID.. Someone tracks you through publicly accesible data and makes life 'difficult' for you because they disagree with your stance on such-and-such an issue.. if this happens (OK- granted that is still the idea of the problem) do you really think that only 0.01% of the population would care? Even in the theoretical stage, is it only 0.01% of the population that cares?? Am I realy one of those tinfoil hat wearing paranoid weirdo's that thinks that something is problem regardless of the facts? .. Wait.. Don't answer that.

Re:Thoughts on the perfect ID card..

[NaCh0]

Do you think it truely is only 0.01% that would have a problem with fake sig's / conglomerate data?

Yes, give or take a few tenths of a percent. ;)

Why you ask? Because it can already happen today.

To turn the onus back on you, do you seriously think that a determined person can't make your life difficult based on your online information right now? Just think of those 1-800-search and other people finder services. A stranger will turn over personal[*] information to anyone with $39.95!

And I also think that when you're talking about people who care, you need to seperate out those who think privacy would be "nice" and those who care enough to do something about the situation.

Brian
[*] At least I consider it personal information.

Re:Thoughts on the perfect ID card..

How do you keep someone from faking your manual siganture?

Re:Thoughts on the perfect ID card..

[twinpot]

Yep, insuring would be a good option, to ENSURE that if this does happen, you're covered ;-)

Re:Thoughts on the perfect ID card..

Personaly I would opt for Anarchy for myself, and button-hole facism for everybody else.. (for safety's sake of course).

That pretty well sums up the political philosophy of the typical slashbot.

Re:Thoughts on the perfect ID card..

[j7953]

How do you insure anonimity with a definite ID?

See, if you want to keep something anonymous, you definitely shouldn't sign it.

Usually you sign something to give more legal weight to e.g. a contract. It's actually a very good idea to know the identity of whom you make business with, especially if it's a contract that you feel requires the extra legal trustworthyness that a signature gives to it.

Also note that you cannot comglomarate data simply by knowing a name. You can collect e.g. all the purchase data of your customers (if you have their names, e.g. in online or mail order business), but you can also do that without a digital signature. Digital signatures don't give you access to all data the person has ever signed, only to the things he or she has signed and sent to you. But those documents you also have when they're signed on paper.

I'm not saying this is a non-issue -- digital signatures definitely make tracking easier. But in this case, I'd say the advantages by far outweigh the dangers.

what about theft?

[BladeMelbourne]

What happens if someone steals your card? It is like forging a signature, although harder to deny.

Wouldn't thumb or retinal scans be more secure (maybe more expensive though?)

Re:what about theft?

[Drone-X]

What happens if someone steals your card? It is like forging a signature, although harder to deny.

I suppose you'd do the same thing as always -- tell the cops your ID was stolen. The key would then be invalidated and you'd get a new one.

Re:what about theft?

[karlm]

I think the key is encrypted with a pin number on the card.

You need the pin AND the card.

Unfortunately, they don't have sufficiently advanced biometric technology to implement signatures yet. You just don't send a picture of your retina along with the signature, as this would be too easyto replay (with a slight photoshhop rotation, magnifiction, ad shift to make it less obvious). They need much better parametrization and specialized threshold hashing algorithms for bioetric data so they can actually use your retinal scan/fingerprint as a symetric encryption key for encrypting your pin-encrypted public signing key on the tamper-resistant card.

Without better biometric data hashing algorithms, you'd never be able to get your decryption key generated the same twice, so you'd never be able to decrypt your signing key. Iiiiiiit's a dificult problem, and there's ongoing research, but replay attacks and trust issues are a huge problem right now.

A good next step

[nsample]

Regardless of your views on "net-widening" and "freedom" and "tracking" and the like, this is the next logical step for genuine security.

Good security should consists of three parts:

1. Something you have
   
2. Something you know
   
3. Something you are

Now it seems the German government has two out of the three (know+have), which is one (or two!) better than most of the world. Now all they need are retinal scanners, and they're set!

Like I said, it may not be a Good Thing® they end up with, but whatever it is... it's a lot closer to "secure" than anything else.

Re:A good next step

hey i read that article on security focus too...way to be original!

Re:A good next step

[swillden]

Good security should consists of three parts:...

The definition of "good" here is very important. "Good" for legal signatures is a much lower standard than "good" for launching nuclear weapons. Signatures have the advantage that there's all kinds of scrutiny that can happen later, to determine if anything shady happened.

For digital signatures, biometrics are unnecessary, intrusive and don't add as much seucurity as you think they do. For really high-security applications, it's possible to take the steps needed to make biometrics a valuable addition, but this is not the case for consumer applications.

Re:A good next step

[seaan]

A common quote, and as usual, make over broad claims. The three "factors" have, know, are) are a method of establishing a confidence factor of the identification of a person (or machine actor). They are only a small part of a secure system.

It is easy to think of other basics needed by a secure system; such as a method to enroll identification information (how does the system know what you are, should have and know); a permissions systems (Fred can't withdraw money from Joe's account); and an audit system (how did account "0s|\/|ma" get created and used?).

Does anyone know how strong the encryption is?

[voronoi++]

If the encryption is not strong enough to deter the majority of fraudsters, then I'd steer clear.

I'd hope they use some kind of pin code in addition to the "chip card". I also hope you can cancel a "chip card" if it gets stolen...
If someone fraudulently uses your digital signature that better not be binding!

Re:Does anyone know how strong the encryption is?

Yes and with the internet you can easily cancel your card, with your, eehrm, stolen card.

Damn, that kitty made me do it again :/

//lean

So what's the difference with a phisical ID...

[lay]

...after all?

I know you americans don't have ID cards, but we have them in Portugal and allways had, so we don't tend to consider them as forms of major control, even though they are.

The point here is that if you loose your wallet and someone gets ahold of your ID card, you can be in a lot of trouble if it gets misused.

I have heard of stories from people I know that lost their ID and found themselves being chased by stores that claimed people had bought stuff there, paid the first entrance fee and never paid the rest. And that is the least that you can expect, even if you report your ID being missed 5 minutes after you loose it.

We, at least, don't have that many legal mechanisms to prevent situations like those, but I would bet it's a matter of time until there is a case of stolen digital ID.

The German government, by giving incentive to open source applications like encription and security are aware of these problems. So if they actualy exist? They existed well before things went digital, so you can expect a few cases of stolen ID before things get smooth.

Nice move here in Europe, btw. First GEANT, now this, really love the way things are popping up after a lot of foundation work.

Lay

Weakly typed languages will bring us armageddon

Re:So what's the difference with a phisical ID...

[swillden]

I have heard of stories from people I know that lost their ID...

The use of a password to activate the card should greatly reduce the incidence of this sort of thing.

Still, it can and *will* happen, even if less, and while replacing your whole wallet with a single card (the ultimate, if not logical, limit of smart card use) might seem convenient the downside of losing that one card gets to be really, really large.

Re:German Teen Introduces Digital Signatures Fraud

I don't think a German Teenager needs a fake id to buy porn or beer, nobody asks for it in the first place unlike in the "land of the free" where you get id'd even if your 35.

Re:Germany / EU Directive

[CyberQ]

It is not really a innovative step by the German government alone. All EU member states have to transform the EU directive on e-commerce into national law. According to the directive the member states have to make sure that most contracts (very few exceptions) can be closed online. The German government just tries to extend this rule to public law.

Oh yeah, and there's the European Citizenship!

[lay]

So, like all you are aware of, citizens from European countries have phisical and economic mobility troughout the member states. And we have a common currency now too. So, since Belgium already has a system like this too, the next logical step would be to implement this troughout the whole Europe, which I bet has already been tought.

Any other European country that has a system like this? What are the chances of all these systems being interchangeable?

It's nice that a government from another member state can digitaly ID you... isn't it? :-)

Lay

Weakly typed languages will bring us armageddon

Re:Oh yeah, and there's the European Citizenship!

[Savage-Rabbit]

Knowing the Germans they will produce a system that is so Peculiarly German it can not interact with anything else. In most of the rest of Europe where I have been the predominant form of payment is Plastic Credit Cards. In the Scandinavan countries you can even pay (electronically) for a Taxi with a VISA card. Here in Germany Credit cards are little known and frowned upon and only major shopping centers take them. The Germans use Money Cards with chips on them, you stick it into a auomatic bank machine and load the chip with cash, then you better not stick the card in your back trouser pocket. Because if the card gets bent too hard the contacts from the chip in the card to the interface on the card surface can get torn and, say, 200 Euros are trapped on your chipcard and lost.

Re:Oh yeah, and there's the European Citizenship!

[Flambergius]

> Any other European country that has a system like this?

Finland has had a digital version of a ID card since 1999 (1998?). It's been a bit show in gaining wide use. I don't think it has been really pushed by the gov and also businesses have their own solutions for eCommerce etc.

Can't comment on technicalities because I have't bothered to find out.

--Flam

Re:Oh yeah, and there's the European Citizenship!

Here in Germany Credit cards are little known and frowned upon and only major shopping centers take them

BS. Credit cards may be frowned upon (as they generate additional costs) but you can pay with them in most small stores. Most locals don't however, they use the EC card (which will be phased out). OTOH I never heard about the Money Card you mentioned.
One famous exception is the Aldi supermarkets, they only accept cash because non-cash payments take far too long (they have long queues at the checkout anyway). Aldi doesn't even have those bar code scanning cash registers because the the people working there can type in the prices faster than moving them across the scanner.

Re:Oh yeah, and there's the European Citizenship!

[germanbirdman]

True, we don't use credit cards.

But while all "debit" cards ("EC-Karten") have (well, at the moment they still do, see below) a money-chip on them, only like 0.5% of the people use them.
Every shop that accepts the "Geldkarte" (money chip) also accepts payment by "EC-Karte" either by signature or with a PIN number. The difference is, paying with EC-Karte on not with the chip on it, the money is deducted from your checking account, and not the chip which means you don't need to have the chip loaded. And virtually noone has any money loaded at all on it.

I only have roughly 3 Euros on my "Geldkarte", it is very handy for paying parking fees. I put 5 Euros on it (10 DM) when I got the card almost 2 years ago, and have not put any money on it since then. In fact, because the Geldkarte (money chip)is only being used by 0.5% or even less of those who have them, banks are already starting to issue cards again without the chip on it.

The Dutch use their money chips (ChipKnip) like mad though.

In related news

[jsse]

Hong Kong's Government has implemented PKI infrastructure for digital signature for their citizens. However, there has a fundamental fault in the system - not being thoughtful in distributing the root CA. First the root CA is not embedded in the browsers we commonly use, or have a upper root CA, which is included in browser, signed their root CA. They even allow citizen use floppy to transfer the CA issued to computer...hmm....

Anyway, the technology is mature, the things yet to be done are policy-making and legalese. Nothing is 100% secure, the CA issuer must bare the legal responsibility and liability. I wish they'd one day realize what is the legal implication of such a faulty CA system.

Re:Germany / EU Directive

[Gerein]

The German government just tries to extend this rule to public law.

WRONG! Digitial signatures were equal to written ones in Germany long before the EU directive. IIRC germany was actually the first state in the world to pass such laws.

Who do you think was the strongest supporter of the EU-directive? The german security requirements were actually much harder than those now demanded by the EU. Many big companies, who had already invested in the needed infrastructure (setting up an CA in a secure building, etc.) were pretty much pissed after the laws got relaxed with the EU-directive.

The new thing now is, that the german government is trying to push the use of digital signatures, because the adoption has been really low.

As credible as paper signature - not one bit more

[Circuit+Breaker]

I just hope they don't consider it more credible than paper signatures, because it isn't.

Sure, the math is safe, but the use isn't. When I digitally sign a document, I don't actually do it myself - I ask a device to do that - a device of which, regardless of common beliefs, I have very little control (About as much control as one might have on their employee - you can ask them to do something, and it will usually look as if they did it, but that doesn't imply anything).

European curreny in CNN article

[tundog]

According to CNN.com, the EU seems to be using the Japanese Yen as currency....

Cheers,

me

p.s. Uh, I think they ment Euro...i.e.

Almost certainly less secure

[DougP]

To believe that you're signing the document on screen, you have to trust every element of hardware and software between the screen and the card (at least). All an attacker needs to do is to introduce a suitable trojan/virus on the computer holding the document - probably a PC, probably running windows - and when you try to sign something, replace your doc with one of their choosing. For a system that doesn't demand password entry for each crypto operation - and that can drive users nuts - the attacker can get both the real and other document(s) signed, making it hard to notice.

You can have the most tamperproof card and break-proof algorithm you please, but if you plug it into a standard PC, you are open to all the attacks we hear about every day ...

Re:Bypassing your comments sound better.

[God+Takeru]

I love anonymous coward posts. Their tendency towards being both insightful and constructive...it just brightens my day to know that I can be insulted by someone with bad grammar and not be allowed to know who it is.

e-government

[swoswo]

As far as I know the signatures are intened to be used for so called e-government with public authorities. That means to register via email at the record section etc. What do you think about this aspect?
The chip card thing is just to make it harder to find private keys on hard disks...

Re:e-government

[lukecs]

Are you sure its not just a method of tracking spam and people that send hate mail?

Signatures by cards?

[GdoL]

That remainds a lot the old and still on use seal of authentication. You stamp a seal on a document an it will be legal. The problem with seals and cards is the fact they can be forged, stolen, misused by rugue employees, etc.

The use of digital signatures will be a good breakthrought to the German Gov on the digital era but only the first step, or they will have to dela with a lot more problems.

don't forget to vote

in this cnn poll. wither or knot the megaslothians consume the starving fedorites, is nearly irrelevant (except to the hatters).

getting their (aol's) 30+ million users onto a penguinized desktop would be (we think) quite relevant. no FUDging now.

God save the queen. fud is nearly dead? on to the desktop. perception is 9/10 of permission.

more secure, yeah right!

[kiwipeso]

The german government's encryption has been continually broken for 60 years, do you really think this is a good idea?
see http://www.gchq.gov.uk and ask yourself if you trust these people when they can sign official documents of the german government.

Re:As credible as paper signature - not one bit mo

[Pitchfork]

The german government is well aware of the fact that a computer is a hackable device. There are laws for the public key infrastructure PKI to be government accepted and it just goes far beyond trust in the certification issuer. The computer that creates the keys has to be sealed off and what not all, i do not know all of this stuff, since this was all decided a few years ago.
About the chipcard in itself not being safe but only in conjunction with a safe computer, there were plans to build chipcard readers with to not reveal the private key to the PC but only tell the PC whats needed for the encryption job. And this is also done after the user entered a PIN code on the keyboard of the chip card reader (and not on the keyboard of the PC). But I do not know, to what level the protection of the home PC is enforced to get the digital signature legally accepted.

This is the result of a european directive

[bmp]

This decision is the result of an EU directive on e-commerce, and not a german initiative. The European Union is a confederation of 15 european states that has federal-like institutions : a government (the commission), a president (currently Mr. Aznar), a central bank and common currency, a common foreign, defense and economic policy, a parliament, etc. But as it is not officialy federal yet, i.e. it is not declared as a state (national pride, y'know), the parliament cannot make laws. In theory. In fact, the EU is a stealth federation, a non-official yet sovereign state, as all member states have the duty to turn EU directives into laws (France was recently condamned for being reluctant to apply a european directive). And there are many discussions today in the EU institutions about open source, Linux, e-commerce and so. I would expect a directive soon encouraging the use of open source software for administrations in the EU. Stay tuned!

Why Digital Signatures Are Not Signatures

[fhwang]

Damn, I could've sworn it was just yesterday that I posted this article to another discussion here on /.

Everyone who's praising the German government on being all tech-savvy and forward-thinking and blah-blah-blah should first read Bruce Schneier's thoughts on the subject: Why Digital Signatures Are Not Signatures.

In a nutshell, he says this: Cryptography can do quite a bit to guarantee that a given signature came from a given computer. It can do absolutely nothing to guarantee that that signature represents the person it purports to represent. To quote Schneier: "The mathematics of cryptography, no matter how strong, cannot bridge the gap between me and my computer."

It's all good and well for governments to embrace new technology, but only if they don't cause major fuckups in the process.

Re:Why Digital Signatures Are Not Signatures

[BlueWonder]

While I appreciate Schneier's scepticism about such an important issue, I don't fully agree with him. From his article:

Mathematically, it works beautifully. Semantically, it fails miserably. There's nothing in the description above that constitutes signing. In fact, calling whatever Alice creates a "digital signature" was probably the most unfortunate nomenclature mistake in the history of cryptography.

There is always a semantic gap between a "signature" and a "declaration of intention". It is not an inherent property of a hand-written name under some text to mean "I agree", but it is widely agreed in our society that such a hand-written name constitutes some form of agreement. The society could accept the same for digital signatures, so I don't really see the difference.

Re:Why Digital Signatures Are Not Signatures

[swillden]

It's a different semantic gap. The gap in the handwritten case is that it's not necessarily clear what the signer meant to say about the signed document. The gap in the digital case is that it's not necessarily even clear which document the signer meant to sign. That's a very large difference.

Re:Why Digital Signatures Are Not Signatures

[BlueWonder]

The gap in the digital case is that it's not necessarily even clear which document the signer meant to sign.

Unless malicious software is involved (i.e., it presents document X to the user to be signed, and when he inserts his smartcard, it really uploads document Y to the smartcard), I don't see why this is unclear. To the contrary, it is next to impossible to alter a digitally signed document in an undetectable way, while this is quite easy for manually signed paper documents.

Re:Why Digital Signatures Are Not Signatures

[swillden]

Yep, malicious software is the issue. It's really very hard to defend against. Ultimately the device that displays and hashes the document for signing must be a very trustworthy device. This probably means tamper-resistant hardware, security certifications, etc. It can be done, but it's not easy.

And forget trying to do it securely on a PC running Windows and MS Outlook, set up by a technological illiterate and connected to the Internet 24x7.

Re:Why Digital Signatures Are Not Signatures

[BlueWonder]

It can be done, but it's not easy.

I never said it was easy, but since you seem to agree with me that it is not impossible, you maybe also agree that Schneier's "digital signatures are not signatures" is a bit exaggerated.

And forget trying to do it securely on a PC running Windows and MS Outlook

Forget doing it on any PC. :-) BTW, I find it kind of scary how it is actually done in Germany...

Re:Why Digital Signatures Are Not Signatures

The second step is to have access to your encrypted private keys through biometrics. This is a strong and secure combination, and turns automagically your cons into pros.

You can even use use Biometric Authentification Signature (Hand writing signature recognition) and the old processes integrate so smoothly that your average secretary does not even need to know what the hell is PKI. Sign and go.

Re:Why Digital Signatures Are Not Signatures

[zeugma-amp]

I'm suprised that I haven't seen any discussion here regarding the fact that the government will apparently issue you both your public and private key material. This is the wet dream of governments all over the world regarding encryption.

Where is the key material going to be kept? I surely hope that database is not going to be succeptable to hackers. I wonder how long it will be before fake keys are available on the black market? Want a key that says you're Johannes Rau? Pay the right amount and it's yours! With the likely poor PIN usage, cracking the keys to enable the production of bogus cards will be trivial.

GAK (Government Access to Keys) is not a good idea at all, as governments can't be trusted. They aren't as motivated to protect your reputation/money/identity as you would be.

Re:Why Digital Signatures Are Not Signatures

[swillden]

Actually I don't think Schneier exaggerated; he was criticizing the common implementation approach, and he was dead on. If I recall his article correctly, he did mention that it could be done with some sort of single-purpose personal signing device which displayed the document, authenticated the user and created the signature. So he also admits that digital signatures can be useful when done properly, but that doing them properly is harder than most people think.

Re:Why Digital Signatures Are Not Signatures

[Llywelyn]

What Counterpane is predominantly discussing is the concept of being able to sign things with, say, PGP. This is a Bad Idea(tm) for the reasons mentioned in the article: nonetheleast of which involves automation.

What Germany is discussing requires both a smart card and a PIN. Automating that is difficult at best and limits the damage one individual to do and the frequency with which they can do it.

This, of course, is dependant on a variety of protocols and equipment that they use, but it is not exactly related to what Scheiner is talking about.

Right, but this is a bit different...

[lay]

Banks don't often check small amounts. With me they've only checked signatures in checks above 200 Euros. Anything lower than that they'd just paid.

Thing here is that, in order for a system of digital identification to get widespread adoption, the public has to have trust . Who's going to be in favour of a system that people will initially perceive as being insecure (because it's not them that are signing, "it's a computer") , especialy with all the news about trojans and security breaches in networked systems?

The point is that people are on the other side of digital ID, they're not thinking "Oh, good, I can have documents digitaly signed and save me a whole lot of trouble", they're thinking more in the lines of "Hey, and if someone..."

They will have to check and double check and triple check to guarantee that the system is secure, otherwise they will have a very hard time trying to implement it a second time after they loose public trust.

Why are ATM machines and credit cards widely accepted by the public? On top of the convenience, they offer a (limited) liability for the damages that can come from its misusage, otherwise people would carry plain good old-fashioned cash anywhere they went.

Education in Germany

[sireenmalik]

I have been thinking of writting about this and today one slashdotters question has prompted me to finally take it up.
I am doing M.Sc.Information Technology at the Uni of Stuttgart. Its a very good program as it includes technical subjects like IP Networks, Telecomm Networks,Distributed Systems, Mobile Communictions, DSP, Embedded Systems, etc etc as well as non-technical courses such as Law, Business Management, Innovation and Technology Management, etc.
The whole program is in English!!!! Infact there are many universities here which are offering such programs. for more info this website . Check out the "free Education" link. Yes, the education is totally free here.
In our course on Law, there was a very strong emphasis on "Digital Signatures". You can say that it has been taken up consciously on all levels and its not an overnight decision. A long well thought out process.
Thoughts on One-Way Authentication : As far as i know the E-Card + PIN code combination is the only secure solution, otherwise all one-way authentication schemes can be hacked. I dont about other banks but atleast Deustsche Bank is using a combination of same technique for their internet banking. You have log-in/password to login onto your account, but to make the actual transaction one has to enter a unique id which is sent by DB through regular mail( you get 50 transaction ids ). This is again a hybrid solution.
Of all the countries, i think, Germany has made the most secure and wise use of technology.

Re:Education in Germany

If its anything like Holland then the education is only free for German citizens, or people who status is equivalent (refugees, etc).

I doubt very much that an American (for example) could just arrive in Germany and start a free University course.

Re:Education in Germany

The solution that the ABN-AMRO in the Netherlands uses for authentication is slightly different. They send you a "calculator". When you log-in, or to authenticate the transfer of funds, they display an 8 digit number which you must type in to the calculator. The calculator displays the response which you must type in to the web form. The calculator is further protected in that you must insert your bank card and enter you PIN before you can use it.

Re:Education in Germany

[alech]

To add to this comment, one might say: Education still is free here. It does not look like this is going to stay like this.

Unluckily, new laws are going to be passed which at least enable the different Laender to get study fees for people who study longer than "normal" (however that is measured)...

As for the PIN + TAN combination, all German banks I know of do it like this.

Re:Education in Germany

[alech]

Believe or not, in some parts of Germany, this "arriving and starting a free University course" is still possible.

You still need something like a student visa, though, which might not be that easy to get...

Re:Education in Germany

[sireenmalik]

Actually , i am from Asia. And i am doing it free of cost. I have fellow students from almost everywhere including USA!!!

Re:Education in Germany

[germanbirdman]

I think it is a good thing though that students have to start paying once they have passed a certain number of semesters (say expected time to be finished + 5 semesters or something) is a good thing.

I am saying this as a student.

"expected time to graduate" is always VERY VERY optimistic. I know of NOONE who has finished electrical engineering in the "expected" time of 9. The very best students we had finished it in 11. I am now in my 13th but will be finished soon.
That's why I am saying expected time + 5 or something.

There are some "students" who just use their student status to get the cheap transportation tickets and stuff and stay students for 15 years. There a quite a few of those.

Also, it adds an extra initiative "kick in the butt" to finally get those exams passed.

Be equally critical of new and old

[Mawbid]

When evaluating new systems, people tend to be critical, and rightly so; implementing the system is costly, and a lot could go wrong.

But I feel that often the risks and costs of the old system are not given as much weight.

Let's take an example. Some years back, an argument raged in my community about a proposed tunnel under a fjord. The tunnel would allow people to get to the other side in 6 minutes instead of following the outline of the fjord for 45 minutes on a narrow, winding, often steep road.

The risks of the the new system, the tunnel, got a lot of press. We were treated to many horrifying predictions, each fit for a disaster movie. The proponents of the tunnel pointed out that while the road does not make a good disaster movie, people regularly die in car crashes on it.

My observasion is that this argument got considerably less recognition than it should have if people had viewed the issue rationally.

In light of this, can we perhaps enrich the discussion on this particular new system (digital signatures) by identifying the risks and costs of the old system (handwritten signatures on paper).

I can see a few.

1) Signatures can be forged. It takes talent, skill and effort to do it well, but only rarely do you need to do it well, because the signature is rarely verified by anyone who actually knows how to do it. (It's not always verified at all. I saw a bogus check hanging in a store once, signed Donald Duck or something like that. The clerk had actually accepted this check as payment.)

2) The piece of paper needs to be in the same place as the signer. This can't always be arranged easily and sometimes people accept the dangerous alternative of doing business with no signature at all (or a weaker version of the digital signature, the pin code).

3) Handwriting recognition can't be automated (or has the software gotten good enough?), with the same results as in point 2 (think ATMs).

I'm thinking of things like online shopping and tax returns at the same time here, but to get a clear picture the applications of signatures should probably be categorized. Also note that I haven't decided in favour of digital signatures. I just want to promote this idea of mine that we should give equal weight to the risks and costs of the system already in place as to the risks and costs of the system being proposed.

The article is full of misinformation

[Florian+Weimer]

Unfortunately, the article misses the main point: Germany has been trying to build a PKI for governmental use since 1997 or so (when legislation was passed to make documents carrying some types of digital signatures equivalent to paper documents).

However, the 1997 law features very high requirements for CAs and the actual implementations of digital signing. Partly because of the high security standards (which look good on paper, but fails in practice--a certified solution was successfully attacked by compromising the hosting general purpose computer), and partly because of incompatibilities, acceptance of this type of signatures was extremely low.

The new digital signature law introduces a new kind of digital signature with lower security standards, and which does not necessarily require additional hardware. Although this is less secure (key theft might be possible), this approach seems to be practical.

At the same time, the compatibility problems are addressed in the Sphinx framework, where KMail and GnuPG are enhanced so that they can exchange messages with other Sphinx-compatible clients.

If I'm not mistaken, the German federal government announced recently that it would promote the use of the low security digital signature in non-critical areas of the federal government. I think this is a good idea; even a digital signature based entirely on software (and not on some smart card which fully implements an assymmetric crypto algorithm) provides more authentication than a simple phone call, and certainly much more non-repudiation (even more than an oral consultation). And this time, the rollout might actually succeed, if the clients get ready soon.

Germany is not the only one

[p00ntang]

Im working on a project in Sweden that is a collaboration between some of the largest banks in the country. At the end of 2002 all customers will be offered a digitial certificate they can use to sign contracts etc. with on the internet. In the first release the certificates will be "soft" but there are long term plans to incorporate them into cards once home card terminals become common.

Security?

[russianspy]

There is a fundamental difference between a "real" signature and a digital signature. Anyone can copy a "real" signature, with practice anyone can do it fairly well. In 99.9% of cases an expert can still say it is fake. Thus it is really difficult to do it well.

With digital signatures... well... all it is is just a number. The security is only as good as the security of your card (microchip, whatever). If someone has that, their "fake" signature is IDENTICAL to your own.

In one case the security is based on something that took years in all of us to develop. It's based on one of our characteristics that we are hard pressed to CHANGE. In another it's simply a number.

Electronic Notary

[kuma_act]

I am a law student and I recently took a class on e-commerce. In that class, we discussed electronic signatures, and the subset of electronic signatures known as digital signatures. I admit at the beginning that I know very little about the technology here, so please be gentle if I get the tech wrong. This is more of a post about how the law views this type of signature. In the U.S., with the exception of the states of Utah, Minnesota, and Washington, the state law Uniform Electronic Transactions Act (UETA) and the Federal E-Sign Act both define what an electronic signature is. Federal law normally supercedes state law, but in this case, it was written so that it parallels UETA and only takes effect if a state has no legislation in the area. Both UETA and E-Sign define an electronic signature as a sound, symbol, or process logically associated with the record executed by a person (this is the identity issue) with the intent to adopt (identity + intent) and authenticate (sign) the record (electronic substitute for a writing). This law is designed to make it so that electronic contracts can pass the statute of frauds, which require that a contract be in writing and signed by the party against which enforcement of the contract is sought. German law is different, as I understand it (If there are any Germans out there, please reply and correct any misstatements I make here). In Germany, a contract is not valid until it is notarized, giving it the backing of the state. The notary serves the purpose of actually seeing the person sign the written contract. In the U.S., very few types of contracts are required to be notarized (deeds transferring real estate, for example), but a notarized document is presumed to be valid. A digital signature, such as the Public Key Infrastruction (PKI) is similar to the notary function, because it brings in a third party (I tend to think of Verisign here, because the professor who taught this portion of the class was at one point an attorney for Verisign) to verify the identity of the person authenticating the document. PKI works like this (I apologize to those who know the technological details... this is an incredibly simplistic explanation, but for non-techies like me, it should suffice): Third party provides a private key to A. A creates a record and then authenticates it by using the private key to encrypt the message. The private key encrypts the message, and adds one line of non-encrypted text directing the receiver (B) to contact the third party. The third party provides B with the public key to decrypt the message sent by A. The decrypted message will only be readable if the message sent by A has not been tampered with. It's not surprising, then, given the German preference to have a contract verified by a notary, that the German government (and the EU, I might add) would prefer using PKI. Your third party acts as a notary verifying that it really was person A who sent the message. Earlier I mentioned that in the U.S., the law was UETA or E-sign, except in Minnesota, Utah, and Washington. The reason is is that those states enacted laws favoring PKI. Internationally, the United Nations Commission on International Trade Law (UNCITRAL) passed a model law that favors PKI. Under the model law, an electronic signature (under UETA, for example) is still usable, but if you use PKI, there is a presumption that the document is valid (which means that you had better have damn good evidence that it's not if you hope to prove it invalid). Since security is more of a technological issue, I'll leave that to wiser heads to discuss, although I will leave with a quotation from a good friend: "Locks are for honest people. If someone wants your stuff bad enough, they'll find a way in."

Re:Electronic Notary

[tschild]

In Germany, a contract is not valid until it is notarized, giving it the backing of the state. The notary serves the purpose of actually seeing the person sign the written contract.

That is not the case, actually. Buying groceries would be somewhat onerous if all contracts needed to be notarized. For most classes of contracts it is not even a requirement that the contract is in writing. Most Germans only need real estate sales and wills notarized. I suppose the formal requirements for contracts are roughly the same as in other European countries.

Big difference with smart cards

[coyote-san]

There's a huge difference once you introduce smart cards.

A desktop computer is often left unattended, and it's not unreasonable to believe that somebody could gain illicit access to the data and software.

In contrast, a smart card is designed to be carried on the subject's person, in wallet or purse. With better cards, you can't pull the private key off the card - all crypto is done on the card itself. And even if you steal the card and attempt to disassemble it, they're designed to make such attacks futile.

If you want to make it even stronger, since there will always be idiots who write their PIN number on the card itself, you can try the experimental systems that mix biometrics and smart cards. The smart card contains the shrouded private key, the biometrics are used to unlock it.

Re:Big difference with smart cards

[Birdie-PL]

Yes, I agree that smartcards make the system more secure.
But there are still possibilities to attack such system. In summary, all you need is to feed the smartcard with your (attacker's) data. Quick instruction follows.

1. An Attacker wants to sign document A as User X.
2. An Attacker gains access to any of the computers (presumably PC) used by User X and installs his trojan software.
3. User X creates some document D that he needs to sign.
4. User X clicks 'Sign' button and enters his passphrase/PIN/biometrics.
5. In normal situation the document D is passed to the smartcard and signed there.
6. The trojan software installed by the Attacker passes also document A to the smartcard and then sends it to the Attacker.
7. Attacker has obtained document A of his choice, (irrefutably) signed by User X. Voila.

Please note that even use of biometrics did not protect the user.

One protection is constructing the system around 'authorize once, sign once' principle.
It still can be circumvented, though, it's just more prone to be quickly discovered.

People set up to believe there's a problem!

[Fantastic+Lad]

The solution is fucking EASY. We were doing it for years. Centuries, in fact.

Step 1) DON'T participate in digital commerce. (SIMPLE! Use cash.)

Step 2) Go to a bank teller every time you need to withdraw cash. The tellers will get to know you and your routines. Unless an imposter physically looks and acts just like you, it will be very hard to rip you off through identity fraud.

Step 3) Quit whining about convenience. Learn how to fucking budget!

Yeah, I know it's not as easy as all that. The world is being ram-rodded into a currency system which practically requires that you carry a corporate credit card. But that's only because people keep believing in the bullshit being fed to them. They keep eating it up! One of the most frustrating things in the world is to have your life shaped into pain by morons when you know better, and when they keep insisting that you're the foolish one.

Biometrics = Evil. (If you don't understand why, then sit the fuck down and figure it out!)

(-Most of the preceding was not directed at the poster. Just venting ire. Sorry.)

-Fantastic Lad

*grumble* We've been through this before

Digital Signature != Electronic Signature

The former is secure (depending on algorithm and key size), the latter is not.

The first one is something like PGP.
The latter is like the "I Accept" button on software EULAs.

So I don't know why people are talking about these being more secure than handwritten signatures. At least you can have handwriting analysis done on written ones and most of the time there is at least one witness and also a notary for the handwritten kind.

We discussed all this before when Clinton passed a law to make electronic signatures binding in the US. Remember?

Yay!

Finally I can revoke all those stupid German trademark laws without getting involved in politics.

Forged digital signatures?

[rice_burners_suck]

What about forged signatures?

xxxxxxxxxx O xxxxxxxxxx H xxxxxxxxxx xxxxxxxxxx W xxxxxxxxxx E xxxxxxxxxx L xxxxxxxxxx L xxxxxxxxxx.

Actually, I'm not done yet. I just wanted to say that we're moving towards a moneyless, paperless society. One day, and it might not be so far off in the distant future, there will be no money, and all documents will be electronic and signed with digital signatures. All your personal information will be stored on a so-called "chip card." This will be a sort of global identification card, which will simultaneously serve as:

• Identification:
  • Birth certificate.
  • Driver license, including complete driving record.
  • Whatever other licenses you might have.
  • Retinal scan, fingerprints, DNA, voice identification, and whatever other methods are invented.
• Money: (at this point, money will simply be credit)
  • Debit and credit card for all checking, savings and credit accounts that you have.
  • Record of every transaction you make, for tax purposes. (This will be so convenient because you won't have to balance your accounts anymore. It'll be done automatically. Of course, taxes will automatically be deducted from every transaction, so you don't have to worry about that anymore, either.)
• School:
  • Transcripts for every educational institution you attend.
  • Instructor comments.
  • In fact, every individual grade (for each assignment and test) will be recorded.
  • Attendance record.
• Medical:
  • Entire medical history.
  • Prescriptions.
  • Allergies.
  • Complete insurance information.
• Convictions. Need I say more?
• Global Positioning System:
  • Never get lost again, even if you want to. And of course, everywhere you go, you'll need your card, so you can't just leave it behind.
  • This will be so convenient because if you lose your card, it'll be found very quickly.

With tiny storage medium such as microdrives reaching capacities of a gigabyte or more, such a card is not far off. It could even come from the government already in a nice waterproof protective wallet. After a few years go by, they'll start implanting this technology in peoples' bodies, and sell you on the added conveniences, such as monitoring of your life functions, the impossibility of getting kidnapped, huge reduction in crimes, etc. That way, Big Brother can really be in control of your life.

Ok, now I'm done.

xxxxxxxxxx O xxxxxxxxxx H xxxxxxxxxx xxxxxxxxxx W xxxxxxxxxx E xxxxxxxxxx L xxxxxxxxxx L xxxxxxxxxx.

Re:Forged digital signatures?

[mindriot]

What kind of worries me much more is not the possibility of Big Brother like control, but rather that at some point in the future we might forget to provide 'fallbacks'. While an all-electronic card is nice, we would end up helpless in case of failure if there is no good old non-digital infrastructure.
Sometimes we can already notice such effects; recently, an ATM kept my mother's card because the software crashed and the ATM rebooted. The bank did not have technical service available to take care of that and could not give out money verifying the ID card only. Also, the bank employee did not know how to instruct the computer system to deal with good old paper withdrawal slips.
I really anticipate the day that I can do everything with just one card and one secure key, but if we don't keep emergency fallbacks, we might easily lock ourselves out.

Re:Forged digital signatures?

[mlk]

Hmm... reminds me of Dark Angel.
It's very good. based 10 yrs in the future where a Nuke knocks out all of the US's computer systems. All the monney in US banks held as 1s & 0s, become 0s.

mlk

New Zealand Government PKI

There is a discussion on authentication (digital signatures, biometric smart cards, etc) at
http://www.see.govt.nz/pki/authentication.html.

The ideal solution is a biometric fingerprint reader on the smartcard, which unlocks your digital signature for the transaction. Cost is still prohibitive, US$500.

Re:New Zealand Government PKI

[shadoelord]

and what if I cut your finger off?

-shad

People can learn

[Jaborandy]

I am required by my employer to wear my ID badge so it is visible at all times. I have to scan it to gain entrance to my building, and it is occasionally visually inspected on top of that. To make this process simple, almost all of us wear our IDs on retractor clips on our belts.

My ID badge also has a smart-card chip in it. I put in the reader on my desk, enter my PIN, and log into the computer/network. I am required to lock my workstation when I leave my desk even momentarily, and auto-lock behavior is enforced if I forget. I can be fired if I am caught cheating on these security practices. Turst me, that's motivation to do things right.

People can learn anything if it's in their best interests to do so.

--Jaborandy

German government and IT ministry information

[Michael+Wardle]

What I want to know is: who are the politicians making all of these progressive decisions

The German Government is a coalition between the Social Democratic Party and the Green Alliance.

On the Bundesministerium Wirtschaft und Technologie's (Federal Ministry of Economics and Technology's) site you can see more about who makes up the ministry. The BMWi's site also carries more information about this story.

Heise is a leading German news source. You'll find more information about similar technology news there.

The German CIA fact file has some more background about Germany.

Most of these sites have English versions, but there's not always the same level of detail. If you can stand its translations, it might be worthwhile firing up Babelfish or a similar translation service.

Chip in the card is?

Anything in silicon can be duplicated.
What is the chip in the card? maker, fips rating etc.
There are sites that explain how to probe the chip, after removing it from the card after a bit of fuming nitric acid, and how careless makers do not destroy test areas, and how they can be re-enabled, and how hac- er crackers can monitor the bus, lithium nicobate and more.
Very good cards are expensive. whats the bet a common cheapish commercial chip was used? not based on 0.13 micron?

thank you moderator

[kiwipeso]

It's about time someone realised I know what I'm talking about on encryption.

If anyone wants to use digital signatures, I recommend Blowfish as the algorithm. http://counterpane.com
Avoid all versions of DES and AES, there is a good reason NSA approved those algorithms as standards.

How it works in practice, confirmation please

This is how I figure it works.

* It's an assymetrical encryption system. You give out your public key to whomever wants it and you guard your private key, that's on your chipcard, with your life. The private key must never fall in the hands of someone else.
http://www.howstuffworks.com/encryption1.htm

* On your normal PC your private key is protected by a password/passphrase. This ensures that even if others get that file, it is made unreadable by the passphrase encryption.
However, if someone breaks into your computer, via internet or physically, they can install a keylogger/trojan to find out what you are typing and what your passphrase is. Now they can read your "unreadable" private key, it's stolen BAD!

* The only way to properly protect your private key is to disconnect your PC from the internet and physically protect it from break-in.

* The chipcard is not connected to the internet and it's very difficult to physically get to the info (you need big microscopes and micro wires etc.)
It will only give out information if it receives a certain PIN number (instead of a password). Much better protected info than on a magnetic strip.

* If the card-reader is connected to the PC/internet and you enter your PIN number through your PC keyboard then your PIN can, again, be intercepted/logged and your Private Key can be used if someone has your card, BAD!
So the card reader ABSOLUTELY HAS TO HAVE IT'S OWN KEYPAD TO ENTER THE PIN. Also if there is ANY display used, it has to be on the card reader ITSELF and not on your PC. The PIN must not be sent to your PC to check your input.
In addition the card reader has to belong to you so you know for sure that some strange/cracked card-reader doesn't log your PIN number.

Now what I don't understand, and I wish someone could explain to me, is.

What exactly comes out of the card? I've read this already:
http://www.zdnet.com/pcmag/issues/1507/pcmg0090. ht m

? The private key comes out of the card/reader into your PC to encrypt your hash. It can be intercepted and stolen. BAD!

? Your PC Hashes the message. The hash goes into your chipcard and it's encrypted there with your private key. The encrypted hash comes out of the chipcard and is attached to the message as your signature. This seems to work except, the unencrypted hash can be intercepted before it's sent to the chipcard and after it leaves. I'm no cryptographer but can't you calculate the private key from the encrypted message somehow if you have the original message? Probably not, because then Puplic Key Cryptography couldn't work :)

? Ok so above text block, I think, is the answer, but what about using your chipcard in untrusted card readers belonging to other people.
The only way I can see that this can be safe is if you really, REALLY keep your chipcard safe. In practice, this does not happen ofcourse. So you have to report it stolen and invalidate all future signatures coming from that card?

In other words, the safety of chipcards is that the person that steals your PIN cannot steal/copy your card/information on the card??? (unlike magnetic cards).
This does not seem the BEST way to do it, although much better than with magnetic cards.

Can someone please tell me if one of the above methods is used in the German/European system? Or if not, what other method is used?

Am I right in the assumption that the ULTIMATE method of signing stuff is a chipcard with BUILT IN KEYPAD/DISPLAY TO ENTER YOUR PIN. Then after you input your PIN, the card will encrypt a hash within the next 20 seconds. I think some company has already made a display on a credit card with Light Emitting Polymer.

OR

You use a very portable card reader with built in keypad and display, that has a robust physical communication port to connect to someone else's computer and sign something that way. Wireless seems a bad move because of additional security concerns.

I'm just guessing here, anybody have the real answer? Thanks.

Re:How it works in practice, confirmation please

[sireenmalik]

It is asymmetric and it is also ONE-WAY authentication as opposed to the TWO-WAY authentication which actually takes care of the problems you mentioned above.
All one-way schemes suffer from the same problem and thus can be hacked. Even "retina signatures", "thumb-prints" etc are after all converted to binary data and thus can be hacked!!
The only known secure solution in 1-way is the combination of CARD+PIN code. That is the "private key" is in the card but the access to the card is through the PIN code. This combination you can see in many shapes.
However, i have tried to break the 2-way authentication algorithms and till this point there is no success. There are relatively much more secure. for more info,take a look at this applet.
uni of stuttgart
this is self explanatory(allow sometime for the applet to load)

Re:Germany / EU Directive

[CyberQ]

WRONG! Digitial signatures were equal to written ones in Germany long before the EU directive. IIRC germany was actually the first state in the world to pass such laws.

Sorry, but you are partly mistaken: Germany was among the first nations to introduce a Digital Signatures Act (Signaturgesetz in German) in 1997 but it only set a standard for digital signatures. So they existed but could not be used where public and civil law required a "signature". This changed on the 1st of August 2001 with another law. Now you can use digital signatures where a handwritten signature was required before - with a few exceptions (see article 126 paragraph
3 of the German Civil Code [BGB]).