Slashdot Mirror
PalmTop offers legally binding E-signatures
mulan writes "Following the approval of S.761 (Millennium Digital Commerce Act), PalmTop has released software which will do just that. Using a Palm app and a Windows-based conduit, digital documents may be legally signed via the Palm device. Pricipal markets include online vendors. This could also help reduce fruadulant credit card transactions on the Internet. " It's not just PalmPilots either - custom solutions are/will be supported, including IBM's WorkPad. However, until Oct. 31, you can get free copies for the Palm (OS3 or better).
The match should be close but not exact. The better systems do this.
That was the whole point of the movie! Ethan Hawke deceved the system through elaborate procedures.
Real signatures at least require some skill to forge... the appearance of the signature as well as pressure points, etc. Legally binding digital signatures can be traded by any 13 year old script kiddie and pasted onto anything over the net. Where is the security in this system. And can I opt out? i.e., no "digital" signaure from me is valid.
Oh come on! Inserting a tiny bit of randomization is utterly trivial. "No two identical signatures" is hardly a security measure.
Um, would this not require a database of every digital signature a person ever gave? How many things have you signed over your lifetime?
Even the most perfectly valid signature... can still be fake.
An ID that could be intercepted and can't ever be revoked would be disastrous.
I think some moderator is trying to start a reign of terror. A valid 1st post being redundent. and someone pointing this out is moderated down? what the fuck is this?
Might not be doable for long, the theives would have to forge ID's. Most shipping centers/depots will ask for your drivers license and compare it with the paperwork. I know for sure that this happens at FederalExpress and likely for UPS. Airborne... who knows?
So what does that HP organizer have to do with a Palm at http://www.palmtop.com? Is it based on PalmOS from 3com or is this just a really screwed up mistake?
than the comlete chain of evidence from certificate creation to each individaul signature. That's the same situation as paper signatures. Guess - governments around the world are legislating _equivalence_ of electronic signatures - and digital signatures beeing a small subset of the electronic signature category. Disputed, and repudiated signatures can, and will happen. Almost all CA and dig-sig implementations existing today would not stand up in court; - one reason is the use keyboard entered passwords, which is a flawed password entry mechanism. Secure password entry is needed (but then dig-sigs can become less important, so the vested interests won't let you do that) - A second reasons is most people don't store the signature _and_or_ certificate as well as the document afterwards. Without these, the entire document remains a figment of imagination. With them, the document chews up more space and bandwidth. Lyal
Just as with digitising handwritten signatures, you _need to_ store every digital signature (ie as in RSA style) anyway, and have access to the certificate that verifies that certificate. Worst case - someone changes their certificate every message. Plan of _lots_ of storage and archival space with this technology. Otherwise, there is no proof the document was ever signed in the first place let alone who originated it, unless your entire system can be proven to have high integrity over the signature verifying process and the entire archival and access control functions. Otherwise, all this is just hot air (?cold bits). Lyal
""Lastly, RSA is completely theoretical security."" Apart from Germany, I am not aware that anyone has actually designed/deployed practically secure and reliable digital signature systems. The Federal US ACES progam may, but it is unclear if that will actually occur. Singapore is probably also close. The rest are just hot air right now - the published standards only sove the easy problems, and leave real commercial and legal needs dead cold. Lyal
1. Just get a seond certificate issued in your name. Now prove you didn't sign those messages - they bear your name therefore you're guilty 2. I bet the sync/data backup tools on the Palm platform put a copy of th certificate/private key on the user's hard disk - or can be "upgraded" to do so. In either case, it's all over, red rover! Lyal
Several issues
-Handwritten signatures work, and _you_ are in control of the technology. -In PKI the _programmers_ are in control of the signatue creation - you just have to hope they are trustworthy. Most people and programmers are trustworthy, but...
-PKI is useless until _all_ implementations are equally trustworthy. On the otherhand, as none are - perhaps that goal has already been met.
- You want governments to control PKI CA's, but (I'm guessing) probably don't not want them to control privacy and security through encryption controls and wiretap laws. When the differences in this conceptual stanceare reconciled, I'd like to know - 'cos I can't reconcile them in practice.
Lyal
A significant stumblock in electronic signatures still remains.
The technology standards don't address commercial or legal issues that are still outstanding (the hard problems - the "easy" technology level issues are pretty much sorted.)
No "accepted" processes and procedures have been defined that _could_ become widely adopted for digital signatures.
Digitised signatures could, if reliably bound to an individual document, are probably as good as on paper.
Lyal
Why are you working at K-mart? You sound sorta overqualified.
The ultimate id is biomarker, and the ultimate biomarker is DNA, unless you have twin/clones running around. I thought the movie with instantaneous DNA match devices was unrealistic, but I can see commercial pressures in this direction.
With all the devices out there not requiring any signature (gas pumps), not requiring validation of ID or signature (grocery store) or any proof that you are who you say you are - what's the use or the value of a written signature anyway these days?
According to the local police, a ring of credit card thieves moved into this area recently. They would get the card numbers (trash, receipts, etc.) and make mail-orders for goods that they could later sell (sports shoes, car parts). They would ship UPS to the card user's home address, then call up UPS and ask if they could pick up the order at the UPS station instead. They would go in and "sign" for the goods and be well on thier way before anyone was the wiser.
In no case was there any validation of signature in this process. And who was going to be expert enough to "validate" it if there were? In these days of credit and debit cards, a written signature is an anachronism.
Now, an electronic binary signature (public key anyone?) would be interesting.
Just rambling,
-bill rankin
Why do you assume that the signature is stored or used as a bitmap? That would not only be more expensive in terms of storage, it would remove the ordering and speed information from the strokes.
A shape forgery is reasonably easy. A shape, style, and speed forgery, OTOH, is unprecedented.
At the same time, I can see an opportunity for me to forge my own signature -- I could record my signature and hack it into the Palm, and make the PalmOS imitate that exact pen movement whenever I enter a grafitti stroke. Then I can deny that I signed a given document, and show reasonable doubt by demonstrating that someone could have used the pen echo.
I don't see much chance for someone aside from me being able to steal my authentication, though. Even with that signature imitator, they'd still have to get my Palm away from me (here, Billy! Here's a free Palm Vx!) and get me to tell them my passcode.
-Billy
Figuring out the entropy of the signature is harder than that, though. Let's suppose your grid is 120x120 (that's the PalmPilot, so it's realistic). Let's say my signature is a straight line covering half the display -- 60 pixels with about one bit per pixel (because my hand will wander up and down about one pixel for every one I traverse).
Sixty bits is actually getting halfway reasonable, but there's more -- my speed in making the signature is also characteristic. You're ignoring that in your (lack of) analysis. I'm not going to attach numbers to that for now; the speed there can vary immensely, though, so it's a substantial factor.
This pseudo-analysis ignores the fact that most people don't sign with an almost straight line at constant drawing speed, but rather sign something which once looked like their name. Thus, 60 bits is a strict lower bound. Considering that this digital signature method also depends on a pregenerated key (passphrase protected), this signature seems to me to be quite solid (in theory; of course, we know that the code isn't public).
Now, you point out that Joe User is revealing parst of his private key with every signature. This is true, but with the addition of the preencoded key brute-forcing the signature becomes very unattractive.
Signed, BilOey JnxlY
(William Tanksley)
Figuring out the entropy of the signature is harder than that, though. Let's suppose your grid is 120x120 (that's the PalmPilot, so it's realistic). Let's say my signature is a straight line covering half the display -- 60 pixels with about one bit per pixel (because my hand will wander up and down about one pixel for every one I traverse).
Sixty bits is actually getting halfway reasonable, but there's more -- my speed in making the signature is also characteristic. You're ignoring that in your (lack of) analysis. I'm not going to attach numbers to that for now; the speed there can vary immensely, though, so it's a substantial factor.
This pseudo-analysis ignores the fact that most people don't sign with an almost straight line at constant drawing speed, but rather sign something which once looked like their name. Thus, 60 bits is a strict lower bound.
And do you know what the worst part is? The signature isn't part of the key -- it's transmitted fully publicly. The signature is simply a visual (and technicly analysable) proof that the person who originally registered the appropriate password actually approved of the document. This is something that normal authentication systems don't have -- a means of checking what person is associated with the secret key.
In order to compromise this system, an external attack would have to discover the passphrase AND forge the signature well enough to both look recognisable and analyse as belonging to the victim.
Now, I can see a cool internal attack: capture your own signature, macro it, and use the same signature to sign two letters, one of which is trivial and in your control, the other of which you use to get something, then when payment is requested you dispute it on the basis that the signature is an obvious electronic copy of the one on this other letter.
In other words, forgery remains the same basic problem, but it seems a little easier to fight now, since the signature can be completely analysed (including speed info) and there's a passphrase/secret key involved.
Signed, BilOey JnxlY
(William Tanksley)
Actually, a "digital signature" is a lot more secure than a physical one these days. Although it's hard to forge a written signature by hand, it's trivial to scan or photocopy it, and only moderately difficult to digitize it into X-Y plotter coordinates (to draw it with a real pen).
Digital signatures are much better since they start by taking a digital checksum (e.g. md5sum) of the document being signed, and then sign this information with an RSA-style private key. Therefore, each document gets a different digital signature, and copy-pasting the signature block onto a different document will produce an invalid signature.
Another bonus is that if your private key (perhaps stored in a Dallas Semiconductor crypto iButton) is stolen, you can just revoke your public key so that no further signatures from that key are trusted.
It's trivial to swap the keys on the server, and in doing that you've blown the whole signature idea. You can send an email to me, but Bob's made sure i have his public key with your name attatched to it, so then he can send a completely different signed email and i'd never know the difference without a phone call...
You'd know the difference because Bob would be hard pressed to get his forged key signed by people in your web of trust.
Or how about i go through whatever paperwork is involved and get a keypair from the issuing authority, but given them all of your information instead. I now have a means of generating untraceable signatures.
Anyone who trusts a key based on only one signature is foolhardy. Good luck defrauding multiple signature authorities and tampering every single keyserver.
Sorry, I don't appear to have been making much sense there but I think that you got the general gist of it......:-)
Long days and no coffee make Rob a silly boy.....
The problems with current digital verification systems is that they rely on the user to provide the security. Passwords, PGP Keys, Signatures, PIN numbers can all be written down, copied, monitored or grapped.
The only way I can see that documents/transactions can certified as being accurate is if the verification takes place in front of you. This is why documents, such as passport applications, require witnesses from professionals.
Don't get me wrong, I am not looking for a situation where retina scans coupled with finger print technology are incorporated into everything under the sun, I just feel that more steps could be taken to ensure the authenticity of digital "signatures".
Perhaps implimentating a central register of "signature" verifiers - such as banks - is the way forward. A user would then digitally sign a web order with their Visa number on it and then the issuing bank - or maybe even the Visa people - would authorise against the signature. Okay, the administration of such a system would be a nightmare but not impossible!
With the current system announced by 3Com, the lack of platforms supported will be it's downfall. But hey, we knew that much anyway......
Forgive my flaming cyncism, but the way the legislative process really works in this country anymore is, it ain't really law until somebody sues and it's upheld. When I see a lawsuit over whether an e-sig is binding, I'll believe the technology's mature in all respects.
Fellow /.'ers, please feel invited to correct any ignorance on my part.
"How many light bulbs does it take to change a person?" --BMcC-->
Hi, the main problem with this is consumer protection. The threshold to do something that is legally binding is lowered tremendously (blatant assertion, I know).
Go read "Applied Cryptography" for answers to all your questions, including the "brand new" wrinkle you just thought of (that everybody else in the industry thought of and solved years ago.)
You can find it on Amazon/BarnesandNoble/Fatbrain/wherever.
Pilot and Palm Pilot are probally refering here to the old, old ones. It probally should have said Pilot and Pilot Pro or something. They are talking about pre Palm 3.
The URL to the site should be http://www.penop.com
I've thought for a while that what we really need is a system we can use over the phone, on paper applications, etc. What I'd like to see is some sort of centrally managed PKI (gov't, likely), that gives everyone a little credit-card calculator (like the SecurID tokens). Then, when they're giving an order, or signing a document, they give the number on the token (SSN or something), the date as displayed by the token, and the cryptographic hash of the two (as calculated by the token). Alternatively, the information requestor could provide additional numbers to enter into the hash (like an order number or something).
The recipient of the information would take all the data, do some crypto-magic on it, and validate it against the public key for the individual as defined in the big-brother database. If the signing date is too old (like they gave a date from two weeks ago), reject the signature.
If the DB says that the token was reported stolen on some date, and the signing date was after that date, reject the signature (if it was signed before, accept it, within normal parameters--like if you're checking a signature on record rather than processing a new order).
This provides a very secure, use-once, electronically verifiable signature in any medium -- web, telephone, vending machine, mail-in credit card application, whatever.
What's wrong with this idea? (aside from the obvious issues of actually making it happen)? I probably forgot to mention one or two things, as I've never bothered to write this down before (I've thought about it off and on for the last few years), but if anyone can tell me why this can't work, I'd love to hear it...
-----
david.
But from several earlier discussions, so please don't moderate it as such...
No matter how much progess we make on the digital signature front, we still need to ask if we can trust who is in charge of managing the keys.
It's trivial to swap the keys on the server, and in doing that you've blown the whole signature idea. You can send an email to me, but Bob's made sure i have his public key with your name attatched to it, so then he can send a completely different signed email and i'd never know the difference without a phone call...
Or how about i go through whatever paperwork is involved and get a keypair from the issuing authority, but given them all of your information instead. I now have a means of generating untraceable signatures.
At least with current signatures, there's handwriting analysis available, which can generally tell if the signer of the document is trully the signer... It doesn't stop copying and pasting, but until i encounter my own forged signature, I feel much more comfortable with real sigs rather than digital ones.
Lastly, RSA is completely theoretical security. It's security rests in the difficulty of factoring large prime numbers. If next year a researcher at IBM discovers the way factor them and announces it to the world, okay, all of our digitally signed documents are invalid, but that's not so bad...
What if the NSA/CIA/FBI/IRS, or anyone else figures that out, but neglects to tell anyone else? That's my main gripe.
It's a part-time job to help pay for my college education. Pays better than on-campus work.
Editor Emeritus and Senior Writer, TeleRead.org
Well, I downloaded the software--or tried to, at least. I got about 900K into the 1.2-meg download before I accidentally caused the download to abort, and couldn't get back in to download it again. Oh well, I'll try again this evening.
I'm not sure how useful this is going to be; I dual-boot and am in Linux most of the time (since I found sync utilities for my Palm), and even when I'm in Windows, I don't have Word on it--I don't have the hard drive space! On the other hand, I can get a legitimately-registered copy of Office 2000 from my school, if I just had the space on which to put it...guess I'm going to have to see about getting one of those 12-gig hard drives to move all my games onto...
Well, I'll just have to see how useful this turns out to be. At least it's free (until October 31).
If the PenOp people are smart, they'll soon come out with plugins and packages for other popular wordproc applications, including the Linux ones. I've written their tech support address to ask about that possibility, and would suggest that anyone else with an interest in this new technology do the same. Maybe if they perceive demand, they'll do it sooner.
Editor Emeritus and Senior Writer, TeleRead.org
The email address is support@penop.com.
Editor Emeritus and Senior Writer, TeleRead.org
(I guess it's too late in the day for this message to have much chance of getting moderated up to where many people will read it. Oh well.)
As someone who works a register at K-Mart (just got back from a four-hour shift today, in fact), I've had a bit of time and cause to ruminate on this subject.
My K-Mart accepts credit cards (of course) and debit cards. As a matter of policy, register operators are supposed to verify signatures on receipts against signatures on back of cards (and ask for ID if the card is unsigned). It's kind of an annoying hassle for both operator and customer ("Why do you have to compare my signature? Doesn't the picture on the license look enough like me?"), which is why a lot of checkout operators don't do it (especially with the new PINpads we've got that let customers run their own cards through). But I do, and occasionally get complimented on my perspicacity by the customers.
The thing is, a lot of the time the signatures don't look a darned thing alike, and what am I supposed to do? Some people just don't sign the same from signature to signature; am I supposed to deny them their purchase based on their inability to duplicate a scrawl?
I, as a cashier, would feel a lot better with some sort of digsig pad (kind of like the folks at Best Buy and Circuit City have, I suppose) with an LCD display signature device--something that would take the customer's signature and flash a little thingie on the screen saying "Verifying..." on it and then verify it against the credit card company or bank's database. After all, we do this already with debit cards or the MICR reader on checks. It would be less work and less responsibility for us (and less likelihood that the #%$@^!! register printer would choose to eat the credit card slip instead of printing it out). And I think the customers would feel better, too, knowing that their signature was being checked on, and not just eyeballed by fallible cashiers with pressure on them to get to the next person in line.
(And maybe that way it would also eliminate those credit card slips we have to have signed for the bank to authorize the transactions. Card number, expiration date, and signature, all in the same place...talk about a security risk!)
Editor Emeritus and Senior Writer, TeleRead.org
Ten years down the road..."
"Omigod! You're Mel Gibson! Can I...can I get your autograph?"
"Why, sure."
(fumbling with Palms)
beep!
"Wow, thanks! I'll...never erase this!"
Editor Emeritus and Senior Writer, TeleRead.org
On the same token, I highly doubt that this company would try and sell a system that is advertised as secure without putting in a lot of thought into the system as a whole, and ensuring protection against fraud.
Not a good assumption. Go read Applied Cryptography. There are a lot of companies that have gone and put out systems that were advertised as secure that in reality were almost trivially breakable. I want to know all the details about their system before deciding whether it's secure or not. If the details aren't disclosed, it's not secure.
Why is a scribble considered legally binding?
1) Uh, common law?
2) The fact that more people in the world can write than own computers, esp. Palm Pilots?
3) The fact that there are a lot of people who fear machines, and would rather accept a signature as a wo/man's word of honour?
4)Lotsa other reasons, too. But 1 and 2 are the biggies.
PPoE
It doesn't mean much now, it's built for the future.
Pardon? What an inane restriction; limiting this software to webservers only running Win32 operating systems is going to severely limit its use. A vast majority of the webservers out there are running Apache or other U-ix-based servers. Does anyone running a website on Windows 98 really have a need for digitally authenticated documents?
No kidding. Anybody running Win98 as their web server has more pressing security issues to worry about than digital signatures.
Though it's a step in the right direction, I don't think that this is the program that's going to make digital authentication of documents a reality. The best solution for digital signatures has been and continues to be public-key encryption (PGP, et. al.).
I think that the intention, or eventual direction, of this is sort of a melding between key encryption and physical signatures.
\//
I still think problems.
The first problem is the classic one: key management. Tons has been written about it, but it usually boils down to either (1) central "approved" authority (== govt), or (2) a web of trust (a la PGP). Both approaches have serious problems, IMHO, and key management continues to be a big mess.
The second problem is also the classic one: poor passphrases. Again, well-known, and again, hard to do something about.
Plus the third problem, which just popped into my mind: Let's say Alice gives me a digitally signed note saying "Dear bank, please give to the bearer $10". Fine. I go to the bank and get $10. Rinse, repeat as desired. In other words, what to do about multiple copies of a signed document?
Kaa
Kaa
Kaa's Law: In any sufficiently large group of people most are idiots.
You can't just copy a digital signature from another document because it is inextricably linked to every bit in the signed document. The process for document D is as follows:
1. Take a cryptographic Hash of D to get H(D) (It is very hard to make another D with the same H(D))
2. Prompt user for passphrase P. Take a hash of passphrase H(P) and use it to decrypt the encrypted private key E(H(P), private). So, D(H(P), E(H(P), private) ) == private
Encrypt H(D) with the signer's private key and include it as the signature. E(private, H(D)) == signature
3. Now anyone who knows the public key of the user can verify the signature by decrypting the signature using the user's public key and hashing the document itself and then comparing. E(public, signature) == H(D) =?= H(D)
If it matches, the signature is valid, if one bit is changed in D, then it is incredibly unlikely that the H(D)'s will match.
I do agree that a poor implementation and poor passphrases from the user do make this scheme a bit troublesome. Assuming good passphrases are used, you would need to borrow the pilot and subvert it in someway. Or... look for emissions from the pilot and try to steal the passphrase or private key that way. Either are more likely to work than breaking the signature scheme.
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -----Benjamin Franklin
Well I downloaded and installed this application...
The fact that you can only sign Word and Adobe documents (as of right now) limits the real useage of this. What about spreadsheets, other word processors, Accounting software (ie: invoices and cheques)?
I found at first that it was difficult to sign your Palm when it was in the cradle, but through experimentation I found that you can start the signing process, remove your Palm from the cradle, sign on the dotted line, place you palm back into the cradle and then click the OK button to upload the signature to the document...
I wonder when it will support IR transfer... that would make things a lot easier (and a lot more usefull, ie: IR transmitter/recievers in ABM machines... sign to get your money)
Why not go over to a public-private key method of signing document? When I sign something, you don't need an intermediate party as long as you have some way of getting my key (which can be handed over in person, or extracted from dozens of publically run sights). My key can of course be compared to my digital fingerprint (which is on both the sig file of my emails and my business cards).
The whole notion of using handwriting to validate documents is an outdated idea that should be done away with once and for all. Just use pgp or (gpg) or whatever. Makes life simpler. Less open to abuse. Its already there.
Just my 2c.
It's not just PalmPilots either - custom solutions are/will be supported, including IBM's WorkPad.
Just for reference, the IBM workpad's are just rebranded Palms (III's, V's) 'cept the Workpad z50 which is a CE mini-laptop.
--bdj
'nuff said. ;-)
--bdj
Pardon? What an inane restriction; limiting this software to webservers only running Win32 operating systems is going to severely limit its use. A vast majority of the webservers out there are running Apache or other U-ix-based servers. Does anyone running a website on Windows 98 really have a need for digitally authenticated documents?
Though it's a step in the right direction, I don't think that this is the program that's going to make digital authentication of documents a reality. The best solution for digital signatures has been and continues to be public-key encryption (PGP, et. al.).
For those of us using the older models, eg. Palm Professional, we're SOL to run this software... *Unless* you've got one of the upgrades that effectively makes your Palmpilot Pro a Palm III. I'm using the Pager upgrade, which lets me run PalmOS3.x so it looks like it's not going to be a problem. Before someone smacks me for stating the obvious, new users come here too... why, I remember when I was a new user... that innocent smile, that gleam in my eye... Oh wait, that was the day they dropped Ecstasy into my morning Coke. Nevermind. :)
Well, if they use the serial number of the Palm to seed the password, then I wonder what effect not filling it in has. :) )
I didn't put in a serial number and still received the info.
Then again, serial number wasn't one of the _required_ options... i think it's just for market tracking more than security (the form I mean, not the application
Now I must go hide from the grammar police, my participle is dangling.
>It's not just PalmPilots either - custom >solutions are/will be supported, including IBM's >WorkPad. However, until Oct. 31, you can get >free copies for the Palm (OS3 or better).
IBM Workpads are Palm devices. They are just OEM units from 3COM with the IBM logo and a black case. BTW, there is no such thing as a PalmPilot anymore. They dropped the 'Pilot' with the release of the Palm III. The actual PalmPilot units will NOT work with this as they are running PalmOS 2.0, unless they have had the 3COM 2M w/ IR upgrade installed.
I didn't mean they were necessarely stored as bitmaps, but I was questioning the resulting keyspace.
Say your grid is 50x50. Each pixel is either black or white. That means 2^2500 possibilities. It seems impressive, until you consider the number of contraints on it; for instance, you'll never have a completely black grid. Most of the time, the black dots will be connected into a line. If the pen point is fat, you'll always have a black point next to another. If you know the person's name, it's another indication of what the signature will be like.
So, in effect, it's a rather big keyspace, but with so many restrictions (not to mention you can know what the keyspace is like, just by finding the person's signature, which is not secret!) that in the end it's worthless next to traditional digital certificate keyspace.
It's like showing your private key in public, but you hide out bits of it. Any security administrator will tell you it's not just stupid, it's an invitation to a crack.
So, in short, with this thing, they're going to great lengths to provide a security system which is, well, total crap compared to any moderately-strengthed cryptosystem.
But it sounds cool, so I bet the layman will say, 'Oh! THAT's what they meant by digital signature!' and swallow it up. It's not impressing this cryptogeek, however.
"There is no surer way to ruin a good discussion than to contaminate it with the facts."
Why is a scribble considered legally binding? A handwritten signature is much more easy to counterfeit than a strong digital signature using PKi.
It seems to me like this is bending backwards to get some sort of digital signature of documents. Why is it that they have to use a Palm front-end to collect a signature? What's to prevent from capturing the signature as a JPG and then putting it elsewhere? What I mean is, some sort of pixelised display is not a valid way to sign a digital document.
Why not use a simple PKi architecture for signatures? The keyspace is certainly larger than a low-res collection of pixels. You don't have to do signature recognition.
It's a sad fact that the industry is taking forever to understand digital signature and identification. It's the same thing for e-commerce, for instance... Yes, you can get cracked. But you can also get tapped when saying it aloud on a phone line. Yet the first case flares up the imagination, whereas the later is just seen as a pretty unimaginative technical feat.
What I want is a central digital authentification authority, be it run by the Government or what have you. Then we can dispense with the petty scribbles.
I want my... I want my PKi...
"There is no surer way to ruin a good discussion than to contaminate it with the facts."
I forsee a lot of difficulties with using the Palm signature. If someone gets their hands on one person's digital signature on disk (or ram card or whatever else), they can use their authentic signature all over the place.
"Yes, I _am_ sure I want to sell this property to this person for $1.00."
OFTC: By the community, for the community
What stops some one from copying that signature to a file and using it whenever they feel like? If this passes there'll be wide spread fraud all over the place.
"Imagination is the only weapon in the war against reality." -Jules de Gautier
Hey moderator, guess what? If it's the first post in a dicussion (and it doesn't say "First Post! Ph33r my sk1llz!"), it's _not_ redundant...
"Nobody owns the fucking words man." - James Dean
Anyone know how secure this kind of thing is? What type/level of encryption is required for the new law?
How is the system supposed to circumvent the obvious problems that have already been pointed out...?
Can your IM do this?
Has anyone actually gotten this thing to work? If I insert a signiture box into a new doc, then try and sign it, Word 2000 promptly crashes. Of course, I'm not surprised...
PalmPilot Pro w/ 2mb/IR upgrade and OS 3.3
This is the most recent info on the status of current legislation regarding e-signatures that I could find during my lunch hour: http://www.techlawjournal.com/internet/19991014.ht m
/. public. Get this on people's radar screens!!! Else don't complain when the federal government passes some kind of fatally misinformed legislation.
The "Following the approval of S.761 (Millennium Digital Commerce Act)" bit is a little misguiding, I believe. As far as I can tell (disclaimer - I'm a legal ignoramus) the laws governing the use of digital signatures remain unchanged.
If you ask me, this is EXTREMELY importantant legislation. What defines an acceptable digital signature? Who (current debate seems to concern state/national authority) defines acceptable use of digital signatures? Etc.
I think this subject deserves immediate and intense attention by people wise to the issues. E.G. the
--Lawrence Lessig for Congress!
I don't know about the rest of the net, but on /. I think the number one mistake is lose/loose. Not actually a typo, but it is everywhere. Every day or two it rears its ugly head.
As far as digital signatures go: I don't see a whole lot of use for this in my life, but it beats using a thumbprint for anything. I don't know how widespread this is, but many banks in this area now require a thumbprint if you go in to cash a check and you are not a customer of said bank.
This ties into a story I remember seeing on /. earlier, about work to allow paying from small computing devices like cell phones & palmtops.
I can imagine it being very convenient - you step up to a vending machine (or some other service-providing device), it sends you a small signed contract via an infrared link, you review the contract (which might include details like transferring $x from your bank account to theirs), you sign it by putting your finger on a finger-print reader built into your device (which is used to unlock a possibly longer, randomly-generated private key) and then both parties can transmit the contract to their respective banks (or maybe the vending machine will take care of that, since it's more important for the machine to make sure that payment is taken care of before delivering the goods...)
There's probably lots of variations on this kind of thing - having a biometric sensor installed on your "personal electronic device" which allows you to unlock keys sounds like a very convenient method of authentication & encryption. And if somebody steals your "PED", they'd have to steal your fingers too, for it to do them any good.
Not much porting effort there...
"Did any of your bother to READ the site?"
= -=-=-=-=-=-=-=-
"1) You physical Palm device"
[cries]
I proof-read that submission twice! Can't someone invent a program that can keep me from looking like such an idiot on a regular basis?
Serious (however off-topic)...has anyone ever ranked the number one typo on the Internet? I would be shocked if it isn't you/your...
- JoeShmoe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
NOTE TO SLASHDOT: Update the news article to include the proper URL...it's PenOp not PalmTop.
= -=-=-=-=-=-=-
If you read the Product information, you can plainly see PenOp software can verify the identity of the signer using biometrics (such as signature dynamics and fingerprints), digital ids (such as Entrust certificates), and infometrics (such as passwords. I also noticed when I went to download a copy that it is appear to be keyed to your Palm's serial number. You get a PIN to unlock the software that will probably be matched to this serial number...
So to those people whining about fraud...this is not about sending a bitmap image of your signature around. That tech has existed on the Palm for years (TealPaint is a good one) and is not newsbreaking in any way.
This is secure because, in order to pretend to be you, someone would need:
1) You physical Palm device
2) The ability to sign a document in the same biometrical (if that's a word) manner...not just looking at it and copying it visually
3) A pin number to verify their identity
4) A copy of the conduit on your home PC, which probably has the other part of a digital key.
I'm no expert but the "something you have + something you know" approach in a very good one. You need a physical device and detailed information about how a person signs and/or what their PIN is.
Please, people, avoid making uninformed comments on your interpretation of how you think a system might in fact sorta kinda maybe work. =)
- JoeShmoe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
Was anyone else confused by these two paragraphs?
Users must have a host computer or a Web site running on Microsoft Windows 95, 98 or NT 4.0 to use the PocketSign program. In addition, the palm-top device must use the Palm OS 3.0 operating system and have a Palm HotSync Cradle or HotSync cable connection.
While the program works with at least four different lines of palm-top organizers, it does not support the Pilot and PalmPilot organizers.
So it doesn't work on the PalmPilot but it needs PalmOS 3.0? I really don't get it.
On another topic, I hope they release some of the specifications for how they prevent someone from copying the signature from the certificate and then just using it to sign another one. All of these details might be in the pa tent they've filed, but I think the patent is generic.
-no broken link
It certainly is the week for Palm news, isn't it?
--
Max V.
There should be a moratorium on the use of the apostrophe.
Max V.
NeXTMail/MIME Mail welcome
I sure hope that they will have a good technique to deal with fraud. It would not be hard to forge someones electronic signature.
The concept is wonderful. I'm so sick of having to do half of my business on the web only to have to wait for an application or something else to hit snail mail before I can continue. I had to do this with my online back, with E-Trade, with credit cards and with my credit report. Mostly financial information needs a true signature to complete. While this is a great step in the right direction.. almost.. there is a problem. We not only have someone storing a signature on file to use elsewhere but the criminal aspect is immense. So you require realtime signatures ? Fine, I could code a program to take your signature and not only "re-write" it real-time, but vary it slightly from each signature so that it appears not to be a carbon copy. It's going to be almost impossible to do this realistically. I would almost prefer, for my own safty, that this not be legally binding. Signatures would have to be "disputable" like credit card transactions are now.
SL33ZE, MCSD
em: joedipshit@hotmail.com
SL33ZE - Artificial Intelligence is No Match For Natural Stupidity -
Actually, a signature need not be your name scribbled down. Illiterate people without penmanship skills could just mark with an X. The concept of a signature is that there was an intent to sign. i.e. if I seal a deal with a handshake, it is the same, you seal a deal to confirm that everyone is on board.
s /fall98-papers/identity/linked-white-paper .html
The signature provides a record of sorts, which is why it became common.
A digital signature is NOT a human signature encoded. I worked on a paper compiling the laws on digital signatures, technologies involved, and applications. Some of our ideas were really cool, but I doubt will ever see the light of day because they protect users with a free market approach. Feel free to check out my group's paper if you're interested:
http://www-swiss.ai.mit.edu/6.805/student-paper
Anyway, the way it works does not depend upon anyone be trusted with the key. The private key is generated by you and (in theory) known only to you, but in practice, it is known to your computer and further encrypted with a password that you supply.
Now, everybody knows how Public Key Encryption works, right?
Say I have a Message in Clear-Text (M), a Private Key (K) and a Public Key (P).
If you send me a message, you encrypt it with my public key that everyone can know, we don't care.
E(M, P) = C (Cypher Text)
I then take the Cypher Text,
D(C, K) = M
and only I have the message.
However, PKI has another feature, authentication.
Okay, let's try the following:
E(M, K) = C (Message + Private Key -> Cypher Text)
D(C, P) = M and the message is recovered. With this method, anyone can read it, but if you know my public key, you can confirm that it was sent by me since only I have my private key. Now, in practice we'll use a cryptographic hash of a small size (128 bits makes forgery next to impossible... you want to try 2^128 variations on a message to convey the meaning you want until the hashes match?!?!?)
Where: H1 and H2 are related hashing functions...
H1(M, K) = CH1 (Cypher-hash)
H2(M, P) = CH2 Confirm(CH1, CH2) = true
alternatively you have an equation that inputs M, P, and CH and determines if it is valid. Zero knowledge proofs can extend this concept, but I won't pretend to understand them.
Basically, the idea is that by attaching a few bytes at the end of a message, other people can determine that it was send by you.
Now, when you get a digitally signed document, you usually have a HUGE attachment, why? Well, the problem with the digital signature is the public key.
i.e. Alice receives a signed message from Bob,
how does she get his Public key? More importantly, how to we get the public keys securely so nobody can spoof them?
i.e. Say that Slashdot.org decides to be a Certificate Authority (the keys to this scheme), and offers to stores keys. How does Alice know that the Public key listed for Bob is real and not someone pretending to be slashdot, or Bob, etc.
Here is the approach. I connect to a CA and create a new Private Key, Public Key combo. I send the Public Key to the CA, signed by my private key. They confirm that the Public Key matches the signed copy, and authenticate it. They then issue me a digital certificate which includes my information (ideally, when they are real, confirmed by me in person, but for now, just via e-mail for simple gee I have a certification certificates, but expect real authentication), my public key, and it is signed by the CA. If you trust the CA (set in your software) then you can trust the public key because the CA authenticated it.
Now this gets really interesting when CA Trust hierarchies get involved. i.e. slashdot the CA isn't trusted by default, so they work with a better known VA, say VeriSign who verifies their procedures. VeriSign then signs their certificate with authoritization. So, you get my certificate, signed by slashdot, signed by VeriSign, and if you allow VeriSign to sign for others... you get the idea...
Again the situation can bring the power to you. The premise of our paper is the notion of unbundled digital identities.
In the Real World, to buy alcohol I show a drivers license, which includes my picture (authentication) as well as address, DL# (SSN in some states), my age, the fact that I drive, etc., etc. This is a lot of information. We don't worry about it now because nobody at the liquor store is recording it. Digital Information, however, is almost always stored.
What we were working on was a procedure by which you can confirm to say a liquor store (it's unfortunant, but the main uses we found for it was booze and porn) that I am >=21, and nothing else, as well as ways to prevent people from trading certificates.
Check out the paper if you'd like and tell me what you think. It's long, feel free to skim it. We entered it for a legal conference, which accepted it, but we had a paperwork situation as it was over the summer and everyone was gone. The version for the legal conference is only 12 pages and gives you a background on the idea, the full paper has a LOT of info, including current laws on Electronic Signatures and Digital Signatures (VERY different). 12 pages, in rtf format:
http://web.mit.edu/covell/www/digid12.rtf
Alex