PalmTop offers legally binding E-signatures 79
mulan writes "Following the approval of S.761 (Millennium Digital Commerce Act), PalmTop has released software which will do just that. Using a Palm app and a Windows-based conduit, digital documents may be legally signed via the Palm device. Pricipal markets include online vendors. This could also help reduce fruadulant credit card transactions on the Internet. " It's not just PalmPilots either - custom solutions are/will be supported, including IBM's WorkPad. However, until Oct. 31, you can get free copies for the Palm (OS3 or better).
future = GATTACA (Score:1)
How secure is it anyway? (Score:5)
With all the devices out there not requiring any signature (gas pumps), not requiring validation of ID or signature (grocery store) or any proof that you are who you say you are - what's the use or the value of a written signature anyway these days?
According to the local police, a ring of credit card thieves moved into this area recently. They would get the card numbers (trash, receipts, etc.) and make mail-orders for goods that they could later sell (sports shoes, car parts). They would ship UPS to the card user's home address, then call up UPS and ask if they could pick up the order at the UPS station instead. They would go in and "sign" for the goods and be well on thier way before anyone was the wiser.
In no case was there any validation of signature in this process. And who was going to be expert enough to "validate" it if there were? In these days of credit and debit cards, a written signature is an anachronism.
Now, an electronic binary signature (public key anyone?) would be interesting.
Just rambling,
-bill rankin
Re:Mr. Industry? It's the clue phone for you... (Score:2)
A shape forgery is reasonably easy. A shape, style, and speed forgery, OTOH, is unprecedented.
At the same time, I can see an opportunity for me to forge my own signature -- I could record my signature and hack it into the Palm, and make the PalmOS imitate that exact pen movement whenever I enter a grafitti stroke. Then I can deny that I signed a given document, and show reasonable doubt by demonstrating that someone could have used the pen echo.
I don't see much chance for someone aside from me being able to steal my authentication, though. Even with that signature imitator, they'd still have to get my Palm away from me (here, Billy! Here's a free Palm Vx!) and get me to tell them my passcode.
-Billy
Re:Mr. Industry? It's the clue phone for you... (Score:2)
Sixty bits is actually getting halfway reasonable, but there's more -- my speed in making the signature is also characteristic. You're ignoring that in your (lack of) analysis. I'm not going to attach numbers to that for now; the speed there can vary immensely, though, so it's a substantial factor.
This pseudo-analysis ignores the fact that most people don't sign with an almost straight line at constant drawing speed, but rather sign something which once looked like their name. Thus, 60 bits is a strict lower bound. Considering that this digital signature method also depends on a pregenerated key (passphrase protected), this signature seems to me to be quite solid (in theory; of course, we know that the code isn't public).
Now, you point out that Joe User is revealing parst of his private key with every signature. This is true, but with the addition of the preencoded key brute-forcing the signature becomes very unattractive.
Signed, BilOey JnxlY
(William Tanksley)
Re:Mr. Industry? It's the clue phone for you... (Score:2)
Sixty bits is actually getting halfway reasonable, but there's more -- my speed in making the signature is also characteristic. You're ignoring that in your (lack of) analysis. I'm not going to attach numbers to that for now; the speed there can vary immensely, though, so it's a substantial factor.
This pseudo-analysis ignores the fact that most people don't sign with an almost straight line at constant drawing speed, but rather sign something which once looked like their name. Thus, 60 bits is a strict lower bound.
And do you know what the worst part is? The signature isn't part of the key -- it's transmitted fully publicly. The signature is simply a visual (and technicly analysable) proof that the person who originally registered the appropriate password actually approved of the document. This is something that normal authentication systems don't have -- a means of checking what person is associated with the secret key.
In order to compromise this system, an external attack would have to discover the passphrase AND forge the signature well enough to both look recognisable and analyse as belonging to the victim.
Now, I can see a cool internal attack: capture your own signature, macro it, and use the same signature to sign two letters, one of which is trivial and in your control, the other of which you use to get something, then when payment is requested you dispute it on the basis that the signature is an obvious electronic copy of the one on this other letter.
In other words, forgery remains the same basic problem, but it seems a little easier to fight now, since the signature can be completely analysed (including speed info) and there's a passphrase/secret key involved.
Signed, BilOey JnxlY
(William Tanksley)
Re:Um, tell me why cut & paste isn't a security ri (Score:2)
Digital signatures are much better since they start by taking a digital checksum (e.g. md5sum) of the document being signed, and then sign this information with an RSA-style private key. Therefore, each document gets a different digital signature, and copy-pasting the signature block onto a different document will produce an invalid signature.
Another bonus is that if your private key (perhaps stored in a Dallas Semiconductor crypto iButton [ibutton.com]) is stolen, you can just revoke your public key so that no further signatures from that key are trusted.
Re:This is redundant... (Score:1)
It's trivial to swap the keys on the server, and in doing that you've blown the whole signature idea. You can send an email to me, but Bob's made sure i have his public key with your name attatched to it, so then he can send a completely different signed email and i'd never know the difference without a phone call...
You'd know the difference because Bob would be hard pressed to get his forged key signed by people in your web of trust.
Or how about i go through whatever paperwork is involved and get a keypair from the issuing authority, but given them all of your information instead. I now have a means of generating untraceable signatures.
Anyone who trusts a key based on only one signature is foolhardy. Good luck defrauding multiple signature authorities and tampering every single keyserver.
Re:Fraud protection. (Score:1)
Long days and no coffee make Rob a silly boy.....
Fraud protection. (Score:2)
The only way I can see that documents/transactions can certified as being accurate is if the verification takes place in front of you. This is why documents, such as passport applications, require witnesses from professionals.
Don't get me wrong, I am not looking for a situation where retina scans coupled with finger print technology are incorporated into everything under the sun, I just feel that more steps could be taken to ensure the authenticity of digital "signatures".
Perhaps implimentating a central register of "signature" verifiers - such as banks - is the way forward. A user would then digitally sign a web order with their Visa number on it and then the issuing bank - or maybe even the Visa people - would authorise against the signature. Okay, the administration of such a system would be a nightmare but not impossible!
With the current system announced by 3Com, the lack of platforms supported will be it's downfall. But hey, we knew that much anyway......
S.761, my @$$! (Score:1)
Forgive my flaming cyncism, but the way the legislative process really works in this country anymore is, it ain't really law until somebody sues and it's upheld. When I see a lawsuit over whether an e-sig is binding, I'll believe the technology's mature in all respects.
Fellow /.'ers, please feel invited to correct any ignorance on my part.
consumer protection (Score:1)
Re:Problems? I think not (Score:1)
You can find it on Amazon/BarnesandNoble/Fatbrain/wherever.
Re:Doesn't work on PalmPilot? (Score:1)
Wrong URL (Score:3)
Missing the Boat (Score:1)
I've thought for a while that what we really need is a system we can use over the phone, on paper applications, etc. What I'd like to see is some sort of centrally managed PKI (gov't, likely), that gives everyone a little credit-card calculator (like the SecurID tokens). Then, when they're giving an order, or signing a document, they give the number on the token (SSN or something), the date as displayed by the token, and the cryptographic hash of the two (as calculated by the token). Alternatively, the information requestor could provide additional numbers to enter into the hash (like an order number or something).
The recipient of the information would take all the data, do some crypto-magic on it, and validate it against the public key for the individual as defined in the big-brother database. If the signing date is too old (like they gave a date from two weeks ago), reject the signature.
If the DB says that the token was reported stolen on some date, and the signing date was after that date, reject the signature (if it was signed before, accept it, within normal parameters--like if you're checking a signature on record rather than processing a new order).
This provides a very secure, use-once, electronically verifiable signature in any medium -- web, telephone, vending machine, mail-in credit card application, whatever.
What's wrong with this idea? (aside from the obvious issues of actually making it happen)? I probably forgot to mention one or two things, as I've never bothered to write this down before (I've thought about it off and on for the last few years), but if anyone can tell me why this can't work, I'd love to hear it...
-----
david.
This is redundant... (Score:2)
No matter how much progess we make on the digital signature front, we still need to ask if we can trust who is in charge of managing the keys.
It's trivial to swap the keys on the server, and in doing that you've blown the whole signature idea. You can send an email to me, but Bob's made sure i have his public key with your name attatched to it, so then he can send a completely different signed email and i'd never know the difference without a phone call...
Or how about i go through whatever paperwork is involved and get a keypair from the issuing authority, but given them all of your information instead. I now have a means of generating untraceable signatures.
At least with current signatures, there's handwriting analysis available, which can generally tell if the signer of the document is trully the signer... It doesn't stop copying and pasting, but until i encounter my own forged signature, I feel much more comfortable with real sigs rather than digital ones.
Lastly, RSA is completely theoretical security. It's security rests in the difficulty of factoring large prime numbers. If next year a researcher at IBM discovers the way factor them and announces it to the world, okay, all of our digitally signed documents are invalid, but that's not so bad...
What if the NSA/CIA/FBI/IRS, or anyone else figures that out, but neglects to tell anyone else? That's my main gripe.
Re:This is redundant... (Score:2)
A court would probably not rule my signature was valid if the keypair used to sign/verify it was yours. It would need to be in a trusted repository. Otherwise, I could make 5,000 keys with different people's email addresses/ID's and create a script that cross signed them all. They'ed all very in the web of trust i created. If i had a few of those keys signed by people outside my web, who were genearlly trested, or at least not known to have done bad before, I'd be golden...
What i'm thinking is that a central board will generate the keypairs and divy them out to people who request them... That's bad. But using current PKI would also be incredibly cumbersome. How many different keyservers exist?
Re:On Checking (Physical) Signatures... (Score:1)
Lack of software, download problem... (Score:2)
I'm not sure how useful this is going to be; I dual-boot and am in Linux most of the time (since I found sync utilities for my Palm), and even when I'm in Windows, I don't have Word on it--I don't have the hard drive space! On the other hand, I can get a legitimately-registered copy of Office 2000 from my school, if I just had the space on which to put it...guess I'm going to have to see about getting one of those 12-gig hard drives to move all my games onto...
Well, I'll just have to see how useful this turns out to be. At least it's free (until October 31).
If the PenOp people are smart, they'll soon come out with plugins and packages for other popular wordproc applications, including the Linux ones. I've written their tech support address to ask about that possibility, and would suggest that anyone else with an interest in this new technology do the same. Maybe if they perceive demand, they'll do it sooner.
On Linux Support (Score:2)
The email address is support@penop.com [mailto].
On Checking (Physical) Signatures... (Score:2)
As someone who works a register at K-Mart (just got back from a four-hour shift today, in fact), I've had a bit of time and cause to ruminate on this subject.
My K-Mart accepts credit cards (of course) and debit cards. As a matter of policy, register operators are supposed to verify signatures on receipts against signatures on back of cards (and ask for ID if the card is unsigned). It's kind of an annoying hassle for both operator and customer ("Why do you have to compare my signature? Doesn't the picture on the license look enough like me?"), which is why a lot of checkout operators don't do it (especially with the new PINpads we've got that let customers run their own cards through). But I do, and occasionally get complimented on my perspicacity by the customers.
The thing is, a lot of the time the signatures don't look a darned thing alike, and what am I supposed to do? Some people just don't sign the same from signature to signature; am I supposed to deny them their purchase based on their inability to duplicate a scrawl?
I, as a cashier, would feel a lot better with some sort of digsig pad (kind of like the folks at Best Buy and Circuit City have, I suppose) with an LCD display signature device--something that would take the customer's signature and flash a little thingie on the screen saying "Verifying..." on it and then verify it against the credit card company or bank's database. After all, we do this already with debit cards or the MICR reader on checks. It would be less work and less responsibility for us (and less likelihood that the #%$@^!! register printer would choose to eat the credit card slip instead of printing it out). And I think the customers would feel better, too, knowing that their signature was being checked on, and not just eyeballed by fallible cashiers with pressure on them to get to the next person in line.
(And maybe that way it would also eliminate those credit card slips we have to have signed for the bank to authorize the transactions. Card number, expiration date, and signature, all in the same place...talk about a security risk!)
This could change our lives... (Score:5)
"Omigod! You're Mel Gibson! Can I...can I get your autograph?"
"Why, sure."
(fumbling with Palms)
beep!
"Wow, thanks! I'll...never erase this!"
Re:Bad idea... (Score:2)
On the same token, I highly doubt that this company would try and sell a system that is advertised as secure without putting in a lot of thought into the system as a whole, and ensuring protection against fraud.
Not a good assumption. Go read Applied Cryptography. There are a lot of companies that have gone and put out systems that were advertised as secure that in reality were almost trivially breakable. I want to know all the details about their system before deciding whether it's secure or not. If the details aren't disclosed, it's not secure.
It ain't the phone, it's the notepad beside it (Score:1)
1) Uh, common law?
2) The fact that more people in the world can write than own computers, esp. Palm Pilots?
3) The fact that there are a lot of people who fear machines, and would rather accept a signature as a wo/man's word of honour?
4)Lotsa other reasons, too. But 1 and 2 are the biggies.
PPoE
Re:Windows-only? (Score:1)
No kidding. Anybody running Win98 as their web server has more pressing security issues to worry about than digital signatures.
Though it's a step in the right direction, I don't think that this is the program that's going to make digital authentication of documents a reality. The best solution for digital signatures has been and continues to be public-key encryption (PGP, et. al.).
I think that the intention, or eventual direction, of this is sort of a melding between key encryption and physical signatures.
\//
Re:Problems? I think not (Score:2)
The first problem is the classic one: key management. Tons has been written about it, but it usually boils down to either (1) central "approved" authority (== govt), or (2) a web of trust (a la PGP). Both approaches have serious problems, IMHO, and key management continues to be a big mess.
The second problem is also the classic one: poor passphrases. Again, well-known, and again, hard to do something about.
Plus the third problem, which just popped into my mind: Let's say Alice gives me a digitally signed note saying "Dear bank, please give to the bearer $10". Fine. I go to the bank and get $10. Rinse, repeat as desired. In other words, what to do about multiple copies of a signed document?
Kaa
Re:Problems? I think not (Score:2)
You can't just copy a digital signature from another document because it is inextricably linked to every bit in the signed document. The process for document D is as follows:
1. Take a cryptographic Hash of D to get H(D) (It is very hard to make another D with the same H(D))
2. Prompt user for passphrase P. Take a hash of passphrase H(P) and use it to decrypt the encrypted private key E(H(P), private). So, D(H(P), E(H(P), private) ) == private
Encrypt H(D) with the signer's private key and include it as the signature. E(private, H(D)) == signature
3. Now anyone who knows the public key of the user can verify the signature by decrypting the signature using the user's public key and hashing the document itself and then comparing. E(public, signature) == H(D) =?= H(D)
If it matches, the signature is valid, if one bit is changed in D, then it is incredibly unlikely that the H(D)'s will match.
I do agree that a poor implementation and poor passphrases from the user do make this scheme a bit troublesome. Assuming good passphrases are used, you would need to borrow the pilot and subvert it in someway. Or... look for emissions from the pilot and try to steal the passphrase or private key that way. Either are more likely to work than breaking the signature scheme.
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -----Benjamin Franklin
How to use it (Score:1)
The fact that you can only sign Word and Adobe documents (as of right now) limits the real useage of this. What about spreadsheets, other word processors, Accounting software (ie: invoices and cheques)?
I found at first that it was difficult to sign your Palm when it was in the cradle, but through experimentation I found that you can start the signing process, remove your Palm from the cradle, sign on the dotted line, place you palm back into the cradle and then click the OK button to upload the signature to the document...
I wonder when it will support IR transfer... that would make things a lot easier (and a lot more usefull, ie: IR transmitter/recievers in ABM machines... sign to get your money)
Are these schmucks doing what I think they are? (Score:1)
Why not go over to a public-private key method of signing document? When I sign something, you don't need an intermediate party as long as you have some way of getting my key (which can be handed over in person, or extracted from dozens of publically run sights). My key can of course be compared to my digital fingerprint (which is on both the sig file of my emails and my business cards).
The whole notion of using handwriting to validate documents is an outdated idea that should be done away with once and for all. Just use pgp or (gpg) or whatever. Makes life simpler. Less open to abuse. Its already there.
Just my 2c.
IBM Workpad == Palm (usually) (Score:3)
Just for reference, the IBM workpad's are just rebranded Palms (III's, V's) 'cept the Workpad z50 which is a CE mini-laptop.
Re:Doesn't work on PalmPilot? (Score:1)
--bdj
Re:Did any of your bother to READ the site? (Score:1)
'nuff said. ;-)
--bdj
Windows-only? (Score:2)
Pardon? What an inane restriction; limiting this software to webservers only running Win32 operating systems is going to severely limit its use. A vast majority of the webservers out there are running Apache or other U-ix-based servers. Does anyone running a website on Windows 98 really have a need for digitally authenticated documents?
Though it's a step in the right direction, I don't think that this is the program that's going to make digital authentication of documents a reality. The best solution for digital signatures has been and continues to be public-key encryption (PGP, et. al.).
Case where you CAN run it on a Palmpilot (Score:1)
Re:Did any of your bother to READ the site? (Score:1)
I didn't put in a serial number and still received the info.
Then again, serial number wasn't one of the _required_ options... i think it's just for market tracking more than security (the form I mean, not the application
Now I must go hide from the grammar police, my participle is dangling.
Workpad == Palm (Score:1)
IBM Workpads are Palm devices. They are just OEM units from 3COM with the IBM logo and a black case. BTW, there is no such thing as a PalmPilot anymore. They dropped the 'Pilot' with the release of the Palm III. The actual PalmPilot units will NOT work with this as they are running PalmOS 2.0, unless they have had the 3COM 2M w/ IR upgrade installed.
Re:future = GATTACA (Score:1)
So I'm not sure it's the solution.
"There is no surer way to ruin a good discussion than to contaminate it with the facts."
Re:It ain't the phone, it's the notepad beside it (Score:1)
That's what I'm questioning. Why a signature is considered unique and unreproductible, whereas a digital signature is still up in the air.
Fancy that. The signature program runs on a Palm Pilot. Kinda invalidates the thought that they're doing that instead of PKi because it's easier.
They fear machines, yet they buy Palm Pilots?
"There is no surer way to ruin a good discussion than to contaminate it with the facts."
Re:Mr. Industry? It's the clue phone for you... (Score:2)
I didn't mean they were necessarely stored as bitmaps, but I was questioning the resulting keyspace.
Say your grid is 50x50. Each pixel is either black or white. That means 2^2500 possibilities. It seems impressive, until you consider the number of contraints on it; for instance, you'll never have a completely black grid. Most of the time, the black dots will be connected into a line. If the pen point is fat, you'll always have a black point next to another. If you know the person's name, it's another indication of what the signature will be like.
So, in effect, it's a rather big keyspace, but with so many restrictions (not to mention you can know what the keyspace is like, just by finding the person's signature, which is not secret!) that in the end it's worthless next to traditional digital certificate keyspace.
It's like showing your private key in public, but you hide out bits of it. Any security administrator will tell you it's not just stupid, it's an invitation to a crack.
So, in short, with this thing, they're going to great lengths to provide a security system which is, well, total crap compared to any moderately-strengthed cryptosystem.
But it sounds cool, so I bet the layman will say, 'Oh! THAT's what they meant by digital signature!' and swallow it up. It's not impressing this cryptogeek, however.
"There is no surer way to ruin a good discussion than to contaminate it with the facts."
Mr. Industry? It's the clue phone for you... (Score:3)
Why is a scribble considered legally binding? A handwritten signature is much more easy to counterfeit than a strong digital signature using PKi.
It seems to me like this is bending backwards to get some sort of digital signature of documents. Why is it that they have to use a Palm front-end to collect a signature? What's to prevent from capturing the signature as a JPG and then putting it elsewhere? What I mean is, some sort of pixelised display is not a valid way to sign a digital document.
Why not use a simple PKi architecture for signatures? The keyspace is certainly larger than a low-res collection of pixels. You don't have to do signature recognition.
It's a sad fact that the industry is taking forever to understand digital signature and identification. It's the same thing for e-commerce, for instance... Yes, you can get cracked. But you can also get tapped when saying it aloud on a phone line. Yet the first case flares up the imagination, whereas the later is just seen as a pretty unimaginative technical feat.
What I want is a central digital authentification authority, be it run by the Government or what have you. Then we can dispense with the petty scribbles.
I want my... I want my PKi...
"There is no surer way to ruin a good discussion than to contaminate it with the facts."
Problems? (Score:3)
"Yes, I _am_ sure I want to sell this property to this person for $1.00."
Bad idea... (Score:1)
how secure? (Score:1)
How is the system supposed to circumvent the obvious problems that have already been pointed out...?
Word 2000 crashes... (Score:1)
PalmPilot Pro w/ 2mb/IR upgrade and OS 3.3
Current status of E-SIGN legislation (Score:2)
The "Following the approval of S.761 (Millennium Digital Commerce Act)" bit is a little misguiding, I believe. As far as I can tell (disclaimer - I'm a legal ignoramus) the laws governing the use of digital signatures remain unchanged.
If you ask me, this is EXTREMELY importantant legislation. What defines an acceptable digital signature? Who (current debate seems to concern state/national authority) defines acceptable use of digital signatures? Etc.
I think this subject deserves immediate and intense attention by people wise to the issues. E.G. the
Re:Your != You (Score:1)
As far as digital signatures go: I don't see a whole lot of use for this in my life, but it beats using a thumbprint for anything. I don't know how widespread this is, but many banks in this area now require a thumbprint if you go in to cash a check and you are not a customer of said bank.
Small money contracts (Score:1)
I can imagine it being very convenient - you step up to a vending machine (or some other service-providing device), it sends you a small signed contract via an infrared link, you review the contract (which might include details like transferring $x from your bank account to theirs), you sign it by putting your finger on a finger-print reader built into your device (which is used to unlock a possibly longer, randomly-generated private key) and then both parties can transmit the contract to their respective banks (or maybe the vending machine will take care of that, since it's more important for the machine to make sure that payment is taken care of before delivering the goods...)
There's probably lots of variations on this kind of thing - having a biometric sensor installed on your "personal electronic device" which allows you to unlock keys sounds like a very convenient method of authentication & encryption. And if somebody steals your "PED", they'd have to steal your fingers too, for it to do them any good.
IBM WorkPad = PalmPilot (Score:1)
Re:Bad idea... (Score:1)
Your != You (Score:2)
"1) You physical Palm device"
[cries]
I proof-read that submission twice! Can't someone invent a program that can keep me from looking like such an idiot on a regular basis?
Serious (however off-topic)...has anyone ever ranked the number one typo on the Internet? I would be shocked if it isn't you/your...
- JoeShmoe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Did any of your bother to READ the site? (Score:4)
If you read the Product information, you can plainly see PenOp software can verify the identity of the signer using biometrics (such as signature dynamics and fingerprints), digital ids (such as Entrust certificates), and infometrics (such as passwords. I also noticed when I went to download a copy that it is appear to be keyed to your Palm's serial number. You get a PIN to unlock the software that will probably be matched to this serial number...
So to those people whining about fraud...this is not about sending a bitmap image of your signature around. That tech has existed on the Palm for years (TealPaint is a good one) and is not newsbreaking in any way.
This is secure because, in order to pretend to be you, someone would need:
1) You physical Palm device
2) The ability to sign a document in the same biometrical (if that's a word) manner...not just looking at it and copying it visually
3) A pin number to verify their identity
4) A copy of the conduit on your home PC, which probably has the other part of a digital key.
I'm no expert but the "something you have + something you know" approach in a very good one. You need a physical device and detailed information about how a person signs and/or what their PIN is.
Please, people, avoid making uninformed comments on your interpretation of how you think a system might in fact sorta kinda maybe work. =)
- JoeShmoe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Re:Bad idea... (Score:1)
You're right. I guess sometimes I (naively) forget that companies sometimes (or maybe most times) are out to make money and not serve the greater good of us all. Plus, it's almost always a good rule to never assume anything.
I want to know all the details about their system before deciding whether it's secure or not. If the details aren't disclosed, it's not secure.
I agreee. The main point (which I should have stuck to) that I was trying to get across was that it is premature to discuss security without knowing details.
Re:Bad idea... (Score:2)
On the same token, I highly doubt that this company would try and sell a system that is advertised as secure without putting in a lot of thought into the system as a whole, and ensuring protection against fraud. And if the system is insecure, I'm pretty such that the Slashdot-er's will be the first to find that out and make it known to the world, thus preventing the so called wide spread fraud.
Once again the world is saved by Slashdot.
Re:Mr. Industry? It's the clue phone for you... (Score:1)
(I'm not a specialist, BTW, but I did have to do a basic crypto coding job recently so I had to figure out the basics).
Re:Did any of your bother to READ the site? (Score:2)
I'm still confused here....
Looks like a great idea for home-based browsers looking to verify themselves over the Web. The combination of physical device (the Palm) and biometrics (the scribble) are connected to the user's browser, and that connects to the vendor via the 'Net.
So what happens in a traditional walk-in shop ?
Do I walk in and sign the shop's Palm on the counter (losing the secure digital signature), or do I walk in carrying my own Palm and dock it into the shop's cradle ? As a retailer, I seem to be choosing between either rather poor security (scribble alone) or requiring all my customers to carry their own Palms. I can see this as an in-house application for workflow, quality control etc., but I can't see it affecting retailing in the near future.
Also (a minor point) what happens when a Palm dies and the signature is serialed to that Palm ? If yours hasn't croaked at least once, you've been lucky.
It'll never replace the tattooed barcode....
Re:Problems? (Score:1)
Doesn't work on PalmPilot? (Score:1)
Was anyone else confused by these two paragraphs?
Users must have a host computer or a Web site running on Microsoft Windows 95, 98 or NT 4.0 to use the PocketSign program. In addition, the palm-top device must use the Palm OS 3.0 operating system and have a Palm HotSync Cradle or HotSync cable connection.
While the program works with at least four different lines of palm-top organizers, it does not support the Pilot and PalmPilot organizers.
So it doesn't work on the PalmPilot but it needs PalmOS 3.0? I really don't get it.
On another topic, I hope they release some of the specifications for how they prevent someone from copying the signature from the certificate and then just using it to sign another one. All of these details might be in the pa tent [penop.com] they've filed, but I think the patent is generic.
Wow... (Score:1)
--
Max V.
Problems (Score:1)
Good concept but very difficult to authenticate (Score:2)
SL33ZE, MCSD
em: joedipshit@hotmail.com
Digital Signatures, Certificates, and Legalities (Score:1)
The signature provides a record of sorts, which is why it became common.
A digital signature is NOT a human signature encoded. I worked on a paper compiling the laws on digital signatures, technologies involved, and applications. Some of our ideas were really cool, but I doubt will ever see the light of day because they protect users with a free market approach. Feel free to check out my group's paper if you're interested:
http://www-swiss.ai.mit.edu/6.805/student-paper
Anyway, the way it works does not depend upon anyone be trusted with the key. The private key is generated by you and (in theory) known only to you, but in practice, it is known to your computer and further encrypted with a password that you supply.
Now, everybody knows how Public Key Encryption works, right?
Say I have a Message in Clear-Text (M), a Private Key (K) and a Public Key (P).
If you send me a message, you encrypt it with my public key that everyone can know, we don't care.
E(M, P) = C (Cypher Text)
I then take the Cypher Text,
D(C, K) = M
and only I have the message.
However, PKI has another feature, authentication.
Okay, let's try the following:
E(M, K) = C (Message + Private Key -> Cypher Text)
D(C, P) = M and the message is recovered. With this method, anyone can read it, but if you know my public key, you can confirm that it was sent by me since only I have my private key. Now, in practice we'll use a cryptographic hash of a small size (128 bits makes forgery next to impossible... you want to try 2^128 variations on a message to convey the meaning you want until the hashes match?!?!?)
Where: H1 and H2 are related hashing functions...
H1(M, K) = CH1 (Cypher-hash)
H2(M, P) = CH2 Confirm(CH1, CH2) = true
alternatively you have an equation that inputs M, P, and CH and determines if it is valid. Zero knowledge proofs can extend this concept, but I won't pretend to understand them.
Basically, the idea is that by attaching a few bytes at the end of a message, other people can determine that it was send by you.
Now, when you get a digitally signed document, you usually have a HUGE attachment, why? Well, the problem with the digital signature is the public key.
i.e. Alice receives a signed message from Bob,
how does she get his Public key? More importantly, how to we get the public keys securely so nobody can spoof them?
i.e. Say that Slashdot.org decides to be a Certificate Authority (the keys to this scheme), and offers to stores keys. How does Alice know that the Public key listed for Bob is real and not someone pretending to be slashdot, or Bob, etc.
Here is the approach. I connect to a CA and create a new Private Key, Public Key combo. I send the Public Key to the CA, signed by my private key. They confirm that the Public Key matches the signed copy, and authenticate it. They then issue me a digital certificate which includes my information (ideally, when they are real, confirmed by me in person, but for now, just via e-mail for simple gee I have a certification certificates, but expect real authentication), my public key, and it is signed by the CA. If you trust the CA (set in your software) then you can trust the public key because the CA authenticated it.
Now this gets really interesting when CA Trust hierarchies get involved. i.e. slashdot the CA isn't trusted by default, so they work with a better known VA, say VeriSign who verifies their procedures. VeriSign then signs their certificate with authoritization. So, you get my certificate, signed by slashdot, signed by VeriSign, and if you allow VeriSign to sign for others... you get the idea...
Again the situation can bring the power to you. The premise of our paper is the notion of unbundled digital identities.
In the Real World, to buy alcohol I show a drivers license, which includes my picture (authentication) as well as address, DL# (SSN in some states), my age, the fact that I drive, etc., etc. This is a lot of information. We don't worry about it now because nobody at the liquor store is recording it. Digital Information, however, is almost always stored.
What we were working on was a procedure by which you can confirm to say a liquor store (it's unfortunant, but the main uses we found for it was booze and porn) that I am >=21, and nothing else, as well as ways to prevent people from trading certificates.
Check out the paper if you'd like and tell me what you think. It's long, feel free to skim it. We entered it for a legal conference, which accepted it, but we had a paperwork situation as it was over the summer and everyone was gone. The version for the legal conference is only 12 pages and gives you a background on the idea, the full paper has a LOT of info, including current laws on Electronic Signatures and Digital Signatures (VERY different). 12 pages, in rtf format:
http://web.mit.edu/covell/www/digid12.rtf
Alex