Seeking a Practical Guide to Digital Signatures?

← Back to Stories (view on slashdot.org)

Seeking a Practical Guide to Digital Signatures?

Posted by Cliff on Wednesday May 22, 2002 @07:46PM from the your-name-in-bits dept.

ScuzzMonkey asks: "I work for a small company trying to streamline some business processes in Washington State. As a part of this initiative, we're considering implementing a 'paperless' contracts system. In order for this to work out, on our end, we need a legally acceptable method of electronically signing the contract documents that we receive via fax from our sub-contractors (at this time, they will still be signing manually; this may eventually move to e-mail and digital signatures on their end as well as they become more capable of dealing with us on that level). On the face of it, this seems pretty straightforward. I set up some sort of certificate or some such for our employees responsible for signing these documents, and they simply review the TIFF attachment that comes in from the fax software and 'sign' it with their digital signature via a selected program. With the passage of the E-Sign Act (PDF) in 2000, it seems like this should be every bit as solid in court as a written signature. But while I've been able to find quite a lot of information on the web about the theoretical ramifications of this law, there's not much on practical implementations. What sort of software should I use? Do I need a third-party issued certificate? If so, do I just need one for the company, or one for each signer? What certificate authorities would you recommend? Do some certificates work with some software but not other software? What about this program from the state? Has anyone done this successfully yet? Any other stumbling blocks I should be aware of here, either legal or technological?"

25 of 65 comments (clear)

Min score:

Reason:

Sort:

First question: by ObviousGuy · 2002-05-22 20:06 · Score: 2, Interesting

Are your customers willing to do this? While I'm sure there's a contingent out there that is willing to dive in and get rid of all the face to face visits and FedEx packages, I'm not so sure that they number past a few. Most companies that I have the pleasure of dealing with would much rather seal decisions with a pen than email.

A Google search on this topic pops up quite a bit of broken links. :-(

--
I have been pwned because my /. password was too easy to guess.
1. Re:First question: by ScuzzMonkey · 2002-05-23 02:27 · Score: 2
  
  It's going to be a requirement. We're in a position where we can dictate something of the sort; we already require them to check scheduling via our website, so they all have some sort of PC to work on. Additionally, provided I go with PGP or something similar, the software they will need to authenticate the signatures is free and I should be able to provide a simple guide to set it up properly.
  
  I'm actually more worried about the larger companies we deal with (GE and the like). They are the most technologically advanced, but also the most entrenched and the least likely to bargain with us.
  
  --
  No relation to Happy Monkey
Use GnuPG by redcliffe · 2002-05-22 20:56 · Score: 2, Insightful

It signs messages and files just fine. What's wrong with using it?
1. Re:Use GnuPG by An+Audience+of+One · 2002-05-22 22:03 · Score: 2, Insightful
  
  It signs messages and files just fine. What's wrong with using it?
  The problem you have with this is not the signing itself, but with key trust relationships. Basically I can create a key with any name & email address - how do you know that it is actually me? There are several methods to solve this. Either you have to meet in person and give them the key there, or it has to be signed by a mutually trusted 3rd party. Meeting in person usually defies the point of public key encryption - you might as well just use symmetric if you can give them the key. The second option is a trusted 3rd party - but who do you trust that much, if you recall there was a slashdot story a while back (can't find the link) about Verisign signing dodgy Microsoft certificates.
  Gnupg actually uses a web of trust system - if you have verified someone's key in person, and you have signed it to say you trust it, then it assumes you trust any key they sign. This introduces another weak point though. Even if you only sign keys after personally verifying fingerprints, do all the people who you've signed?
  There are several program out there you can use, but if you are interfacing with customers using this, either you verifying their signatures, or they checking yours - there are going to be 2 problems. Do they trust the tech in general, and are they prepared to trust it, and how do you trust each other's keys. There probably needs to be a high profile 3rd party that you can both trust to authenticate against - but are there any at the moment for use with general signing tools? (Something like the certificates used in https/SSL, probably)
2. Re:Use GnuPG by redcliffe · 2002-05-22 23:32 · Score: 2
  
  GnuPG does this. I sign all my messages with GnuPG, and verify that the messages I recieve are from the person I think they're from. I rarely use GPG for encryption.
3. Re:Use GnuPG by ScuzzMonkey · 2002-05-30 09:21 · Score: 2
  
  I've just given it a try per your suggestion, and as it happens, there is a lot wrong with using it! Unless I switch the entire company over to Linux (on the agenda, but not this month ;) ), I can't find a decent front-end to tack it onto!
  
  I tried the only one I could find, WinPT, and it just flat out doesn't work on my set up. I might be able to fiddle with it, but frankly, if it doesn't work out of the box, it's no use--I need something fool proof enough that both employees and contractors can double-click 'Setup' and start using. Don't even talk to me about teaching them the command line. Unless you've got alternative front-end recommendations, this is a dead-end for commercial use.
  
  --
  No relation to Happy Monkey
4. Re:Use GnuPG by redcliffe · 2002-05-30 09:33 · Score: 2
  
  The old NAI PGP program for windows was quite good for integrating with outlook and outlook express. It's what I use on Windows. Unfortunately it's no longer for sale, but if you go to pgp.com there is a company that has bought the product line. You might be able to find a product there that may suit and be compatable with GnuPG.
  
  David
5. Re:Use GnuPG by ScuzzMonkey · 2002-05-31 02:54 · Score: 2
  
  Thanks for your help with this... I had already found the Network Associates site (pgp.com) and they've discontinued the product line but wrapped the technology into McAfee products... but they are really overkill for what I need. The best site I've found so far is www.pgpI.org, where they maintain the international version and it works fine, but not with GnuPG on Windows. I would happily use the standard PGPi distribution, but due to its evolution, it would require licensing for commercial use, via Network Associates, who no longer offer such a thing as far as I can tell!
  
  At any rate, as comprehensive as pgpi.org is, they do not show any Windows compatible front-ends for GnuPG, so as attractive as it is from a licensing perspective, it's probably not an option. I appreciate your taking the time to follow up on the conversation, though.
  
  --
  No relation to Happy Monkey
6. Re:Use GnuPG by redcliffe · 2002-06-01 16:00 · Score: 2
  
  BTW I've just been stuck with the same situation, or similiar. I'm using a GnuPG 1.06 win32 binary release, with Mozilla+Enigmail. Enigmail is a plugin for Mozilla mail that use GPG. Works pretty good. Mind you you have to use the commandline stuff for import, export and signing of keys. Anyway, it can't be too far away from having a good solution for this on Windows. Thanks,
  
  David
Look at IBM Lotus Notes by Elfod · 2002-05-22 21:05 · Score: 3, Informative

This is exactly the kind of thing Lotus Notes was designed for - it's had digital signatures from the start and can handle faxes as images.

Paperless office is what Notes all about.

Two points tho:

It's expensive, but very secure

The FAX solution is an add on product offered by many vendors.
Your best path, especially if you have no Notes experience, is to get a consultancy (IBM could recommend you one) who have done this before to give you proposal which you can then compare to alternate non-notes solutions.

--
Fnord! Any sufficiently undocumented code is indistinguishable from magic.
1. Re:Look at IBM Lotus Notes by ScuzzMonkey · 2002-05-23 02:34 · Score: 2
  
  Hmm... well, I suppose, but I've already got 90% of what I think I need for the system. We've had fax software for ages, and there are completely free PGP variants I can download for signing. I hate to drop coin on a huge Notes installation project, throwing the company into transition turmoil in the process, and see my break-even point in cost-benefit race away into the future.
  
  If this were from scratch, in a completely non-wired company with no existing infrastructure, that may well be an excellent option. But I want to leverage what I have already, or it starts to not really be worth it.
  
  Thanks!
  
  --
  No relation to Happy Monkey
2. Re:Look at IBM Lotus Notes by pthisis · 2002-05-23 06:04 · Score: 2
  
  It's expensive, but very secure
  
  _If_ you trust Lotus/IBM, who have been known to put backdoors into their export versions to give the NSA substantial portions of the encryption keys. And their code hasn't been vetted by the security community. And your actual level of security is highly dependent on your key management scheme.
  
  Not to say it's a bad idea, but "Notes is very secure" is a pretty glib answer.
  
  Sumner
  
  --
  rage, rage against the dying of the light
3. Re:Look at IBM Lotus Notes by pthisis · 2002-05-24 04:57 · Score: 2
  
  Good points but I guess it all depends on whether the stuff you're doing makes you a criminal in the eyes of the gov., whether you think a competitor has some control over a portion of the gov., whether IBM wants to buy you
  It's not even a question of doing something illegal or fearing some nutcase government conspiracy--individuals within the government can use their priviledged access against you. Witness yesterday's revelation that a pair of FBI agents may have been (they haven't stood trial yet) using FBI data to manipulate the stock markets. Or the current case involving an agent accused of feeding information to the mob.
  As soon as individuals have the information, it's only as secure as they're willing to make it. And that was my point. As I said, if you're protecting $100 secrets and you think it costs $10,000 to corrupt the agents who could get at your data, that's probably fine (unless, of course, your secretary also has a copy of the key and can be bribed for $20....) But you need to understand those tradeoffs.
  
  However using open source does mean you can be sure it really is well written, unless someone throws a grid computer at it...
  _if_ it's widespread enough and mature enough that the community has had time and inclination to thoroughly examine it. I don't think you want to trust an algorithm or a complex system just because you've examined it yourself and think it's secure, even if you're Ron Rivest or Bruce Schneier. But components like PGP, ssh, and SSL have been examined pretty well and you can expect to have a good idea of how secure they're considered by the security community; the most popular open-source implementations have been examined closely as well, (even they still turn up minor problems from time to time).
  Of course, whatever you choose you have to implement it correctly.
  Sumner
  
  --
  rage, rage against the dying of the light
The weak link is the human by Far� · 2002-05-22 21:19 · Score: 3, Informative

The technical aspect of digital signature is well-known. OpenPGP and variants do everything you need.
The problem is that you can't keep those keys in a secure server watched 24/24 by armed guards --- you must hand them out (or hand a key to a key to a key) to the actual humans who will have to use them, and there you have a weak link in your security chain: how can you prove that the key can't be stolen? Or are you willing to be liable for anything signed with a stolen key?
Things can be enhanced by having some kind of physical key (a credit card or better, one of those small round things that you put in an actual keyring) attached to every person, to unlock his keys; usable only with his personal password at a secure desk within the walls of the company. Usual protection against Tempest are useful, to prevent anyone from stealing your passwords, etc.
If you find a cost effective way to manage digital signatures, you might find that you can make an awful lot of money selling the process to other companies, as part of streamlining their internal IT processes.
Just my .002 mg of gold worth.

--
-- Faré @ TUNES.org
Reflection & Cybernet
1. Re:The weak link is the human by ScuzzMonkey · 2002-05-23 02:31 · Score: 2
  
  Good point; thanks, I'll have to consider that.
  
  --
  No relation to Happy Monkey
Bruce Schneier on digital signatures by return+42 · 2002-05-23 02:12 · Score: 3, Informative

He makes some good points here: Why Digital Signatures Are Not Signatures
1. Re:Bruce Schneier on digital signatures by ScuzzMonkey · 2002-05-23 02:38 · Score: 2
  
  This is exactly what I'm not looking for--I've already dredged up all kinds of theoretical discussion of digital signatures, for and against. I want some practical advice.
  
  --
  No relation to Happy Monkey
Re:Talk to a lawyer by ScuzzMonkey · 2002-05-23 02:59 · Score: 2

I fully intend to have our lawyers go over this; however, I want to have a complete process to pitch at them so they can review the whole thing. If I talk to them before I have the technologies and processes lined up, they won't really be able to evaluate it properly--I could end up putting something into it later that might invalidate what they thought was kosher. So, you're right, I haven't talked to them yet--but that WILL be happening before the system goes live--just after I work out what the system is.

--
No relation to Happy Monkey
Re:Faxes and Signatures Don't Mix by ScuzzMonkey · 2002-05-23 03:08 · Score: 2

Sorry if I was unclear--the fax is coming the other direction. They sign (physically) and fax back to us, where we sign, digitally. We can provide that back to them on disk, via FTP, or e-mail, or a host of other ways--but we're NOT trying to fax a digital signature at any point of the process.

--
No relation to Happy Monkey
smart cards by coyote-san · 2002-05-23 04:09 · Score: 2

You have the right idea, but your technology is about a decade out of date.

You can get smart cards/crypto cards or dongles that keep the keys on the card. It's *never* revealed, and all crypto is done on the card or dongle. They aren't expensive - I bought a set of 5 cards for $100, and the Linux development kit including reader was under $100.

However this system use PKIX, not OpenPGP, and the infrastructure is different.

--
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
1. Re:smart cards by pthisis · 2002-05-23 06:10 · Score: 2
  
  You have the right idea, but your technology is about a decade out of date.
  
  You can get smart cards/crypto cards or dongles that keep the keys on the card. It's *never* revealed, and all crypto is done on the card or dongle.
  
  Until someone reads the key back off the card, which has been done with cheap ($50) hardware for "tamper-proof, unreadable" smart cards.
  
  The real key is the human factors: don't let anyone get their hands on the key who you don't trust to keep it reasonably secure, and make sure that people understand how important it is.
  
  Also, remember that the current setup is only of marginal security; don't spend millions of dollars to make the digital signatures bulletproof when someone can either forge a paper signature, fast-talk the employees into authorizing a purchase/signature/whatever, or otherwise circumvent the crypto. The free tools (gpg/OpenPGP or openssl based S/MIME solutions), if properly implemented, are more than sufficient to force would-be imposters back to their old tried and true ways.
  
  In other words, worry more about how you implement the system (eg: key management) and how you train the users than about the particular cryptosystems and techie gadgets you choose.
  
  Sumner
  
  --
  rage, rage against the dying of the light
2. Re:smart cards by darkonc · 2002-05-25 11:58 · Score: 2
  
  I would suggest a combination of crypto card AND password to authenticate someone signing contracts, etc. That would make it harder (not impossible, but harder) for someone unauthorized to start signing off on (say) multi-million dollar contracts to clean one window.
  That having been said, the human factor is almost always the weakest link in any well-designed security system. Train, train, train --- and then have an occasional check to make sure that people don't still do silly stuff in spite of their training. (like giving their password to 'Mike from the security team', or writing it on their card).
  
  --
  Sometimes boldness is in fashion. Sometimes only the brave will be bold.
Policy, not just code by Phoukka · 2002-05-23 06:04 · Score: 2

The basis of a valid electronic signature is a combination of policy and code. As per Schneier's article and the E-Sig Act, deniability is the key factor. If you can provide the technology necessary to keep the means of signing secure, and can put in place a set of policies for which you have agreement on record, then you have a legally binding electronic signature.

The exact means you use to implement the technology, whether it be digital certificates or simple password authentication, is nearly irrelevant. Okay, you want to make it as secure as possible, and local regulations and/or your contracting partners may dictate your means. But aside from that, all you have to do is make sure that you have taken reasonable precautions to ensure that the signature corresponds to the person, and that intent to sign is implied in the signature. The first half is done through authentication of some sort. The second half is embodied in your company's documented policy.

For the policy, make sure that your company holds training sessions for all current and new employees who will use the system. Let them know that security of their job depends on the security of their passwords. If possible, get them to sign a form that spells out the policy, the usage, the consequences of misuse, and that they acknowledge that by using the system, the employee consents to be bound by the signature. We in healthcare call this informed consent . It maintains an audit trail that disallows deniability. The interesting point, on rereading the E-Sig Act, is that the employee may signal their intention not to be bound by the electronic signature -- but this must be written. In your policy, you may specify that the employees must agree to and comply with the electronic signature as a requirement for employment. At which point, you may remind them if they wish to withdraw their consent that they may be endangering their job in so doing.

As another poster mentioned, though, get a lawyer's (or insert other domain-specific expert here) advice on the topic. And, if you expect your electronic signature to be taken as valid by other companies, you must discuss the matter with them beforehand.
Why go half-way? by Shadarr · 2002-05-23 06:08 · Score: 2

Digitally signing an image of a paper form seems incredibly kludgey to me. By the time you've received the fax, signing digitally instead of printing and signing physically may not save you any time at all. Plus, how do you get any actual information out of the document? Do you have to print it?
If you're going digital, go all the way and use an e-forms vendor like PureEdge which can be filled out, digitally signed, verified and archived without ever having a printed copy. Plus it's XML so you can map the data directly into a database. If you're going to digitally sign something, sign the actual document rather than a snapshot of it.

--
Bite the hand.
1. Re:Why go half-way? by ScuzzMonkey · 2002-05-23 09:35 · Score: 2
  
  You may be right. But we're at a place where, while we can say to our vendors, "We're going to sign this stuff digitally; deal with it," we're not yet at a place where we can say "You guys need to sign this stuff digitally; deal with it." They just don't have that level of support in their organizations--in short, as hypocritical as it may seem, we're in a position where we can trust our signature enforcement (as per several posts above) but not necessarily their's. So we need to accept physical signatures.
  
  We still get significant savings from this, though. It reduces a TON of costs in storage, paper, forms management, and physical transportation (previously, signers would have to come back to the main office to sign contracts--now, we can e-mail it out and get it back same day when they are in the field). There's almost no reason that we would ever deal with hardcopy on our end--it's just as easy to review the documents on screen. Everyone and their dog has a TIFF reader.
  
  --
  No relation to Happy Monkey