Network Computingwww.networkcomputing.com

	Print Full Article Print This Page Download the PDF E-Mail This URL

Creating digital signatures with public key (asymmetric) cryptography uses two different but mathematically related keys: A private key encrypts a message, and a public key decrypts it. The private key is known only to the signer and is used to create the digital signature. The public key is distributed widely or kept in an online repository and is used to verify the signature. If the system is designed properly, deriving the private key from the public key to forge a signature is very difficult. In fact, the risk of loss due to a fraudulent or invalid signature is inversely proportional to the number of bits used in the signing algorithm.

A hash function (algorithm) is used to create and verify digital signatures. The algorithm operates on a message to create a digital representation or a fixed-length hash value unique to a particular message. Then you sign the hash value with a private key using, for example, the DSA (Digital Signature Algorithm) or RSA algorithm. The resulting signed hash becomes the digital signature.

The signature can be verified by referring to the size of the original message using the public key that corresponds to the private key. Any change in the message would produce a different hash result using the same algorithm. Although this ensures that a signature will match a certain message, an enterprise may still lack the confidence that the signature identifies the party to be bound to the message. For example, someone might be sitting at your computer with direct access to your private key. Using a PKI system with tokens can add the requisite assurance.

Validating a Document's Integrity Click here to enlarge

Certificates are public documents that should always conform to the X.509 standard. They can be stored on a hard drive, in a browser or directory, or on a token. A token, such as a smart key or smartcard, can create a digital signature with a private key without revealing the private key (see "Security Tokens," August 20, 2001). Digital signatures can be created on a computer without a token. However, this exposes the private key to potential theft by direct access to the computer or from a virus like the Love Bug, which was designed to compromise user credentials.

Using a digital signature generated from a token in a PKI system would make repudiation of a contract very challenging. By entering a passphrase known only to the token and the signer, a signer engages a ceremony to authorize a token to make a digital signature. Hence, a potential fraud would require physical access to the token and knowledge of the passphrase.

You can build a PKI system. It is, however, a complex security initiative that can be costly and time-consuming to implement for users and customers. Alternatively, you could buy a commercial product or service from companies such as Baltimore Technologies, Entrust or VeriSign (see "In PKI We Trust," September 3, 2001).

Configuring a PKI system for digital signatures sets up an electronic ceremony to authenticate documents, identify the signature parties, and reduce the risk of repudiation and loss from invalid or fraudulent signatures. A PKI system can instill trust that a signature was created from a unique token and authorized by a certain signer known to a CA.

For low-volume, high-value transactions you may still want to meet to create a binding agreement between parties. But for high-volume, low-value transactions, e-signatures in a PKI system can enable e-commerce transactions and pave the way for other services to add trust and security in agreements.