Difference between revisions of "Digital Signature"
(→Solutions) |
|||
(30 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
==Full Title or Meme== | ==Full Title or Meme== | ||
− | A [[Digital Signature]] is a string of bits created by a cryptographic process that is extremely difficult to create without access to a [[Private Key Component|Private Key]]. | + | A [[Digital Signature]] is a string of bits created by a cryptographic process that is extremely difficult to create without access to a [[Private Key Component|Private Key]]. Note that each legal jurisdiction adds their own tweaks to this definition. |
==Context== | ==Context== | ||
− | * Nearly all of our digital lives | + | * Nearly all of our digital lives depend on the ability to make a mark that can be known to have been '''intentionally''' made by the [[Subject]]. |
− | * A ( | + | * A (semi)legal definition is a mark or sign made by an individual on an instrument or document to signify knowledge, approval, acceptance, or obligation.<ref>The Free Dictionary by Farlex https://legal-dictionary.thefreedictionary.com/signature</ref><blockquote>The term signature is generally understood to mean the signing of a written document with one's own hand. However, it is not critical that a signature actually be written by hand for it to be legally valid. It may, for example, be typewritten, engraved, or stamped. The purpose of a signature is to authenticate a writing, or provide notice of its source, and to bind the individual signing the writing by the provisions contained in the document.<blockquote></blockquote>Because a signature can obligate a party to terms of a contract or verify that the person intended to make a last will and testament, the law has developed rules that govern what constitutes a legally valid signature. The Internet and other forms of telecommunication have created the need to transact legally binding agreements electronically. Almost all states have passed laws that recognize the validity of [[Digital Signature]]s.</blockquote><blockquote>In the absence of a statutory prohibition, an individual can use any character, symbol, figure, or designation he wishes to adopt as a signature, and if he uses it as a substitute for his name, he is bound by it. For example, if a contract refers to "William Jones" but Jones signs his name "Bill Jones," the contract is still enforceable against him. An individual can also use a fictitious name or the name of a business firm. A signature might also be adequate to validate an instrument even if it is virtually illegible. The entire name does not have to be written, and the inclusion of a middle name is not significant.</blockquote> |
+ | * [https://www.tuckerlaw.com/2020/03/27/are-electronic-signatures-legally-enforceable/ Are Electronic Signatures Legally Enforceable?] 2020-03-27 <blockquote>To qualify as an enforceable electronic signature, there must be evidence of the signer’s intent to execute or accept the agreement. This is typically accomplished by requiring the signer to take affirmative action, like typing their name or drawing their signature using a mouse or touchscreen. As long as the signer’s intent to agree to the contract can be discerned from the record, an electronic signature is likely to be enforceable. Courts in some states have enforced contracts where a party’s intent to accept the terms of the agreement were evidenced by email exchange or text message, even though there was no drawn or typed signature. </blockquote> | ||
==Problems== | ==Problems== | ||
* Not all [[Subject]]s are legal entities, so the meaning of the signature would be unclear. | * Not all [[Subject]]s are legal entities, so the meaning of the signature would be unclear. | ||
− | * [[Private Key Component|Public/Private Key]] technology is itself subject to attack and so the meaning of a | + | * [[Private Key Component|Public/Private Key]] technology is itself subject to attack and so the meaning of a secure public key technology is subject to revision from time to time as technology advances. |
+ | * Technologists somehow got the idea that they could define what a signature means. This is demonstrably untrue. | ||
+ | * The contents of the document signed are a key determinate as to what a signature means. This cannot be changed by wishful thinking. | ||
+ | ** For example the level of assurance of an identity statement carries information about the level of verification that was applied by the signatory. | ||
+ | ** If a signed document as to the proofing provided to a named subject is included in a signed token, It seems appropriate that the inner signature is taking responsibility for the Identity proofing. | ||
+ | ===Revocation=== | ||
+ | Revocation is an idea from the credit card industry of the 1950's. The idea was that a cred card (or a driver's license) has an expiration date, but that the authorization implied in that credential can be revoked by the issuer. Revocation depends on the legal contract that applied to the grant. When it is permitted, there is a ceremony that the issuer must complete for the revocation to be effective. All conditions must be met. | ||
+ | # The original grant of authorization must clearly state the conditions for revocation. | ||
+ | # The conditions for revocation are followed by the issuer. | ||
+ | # The verifier can access the state of the grant. | ||
+ | Common forms of revocation of digital certificates are (1) certificate revocation lists, (2) online access to the state of the certificate. At a fundamental level revocation is non-deterministic, but these work-arounds seem to be adequate for the problem at hand. | ||
+ | |||
+ | ===Repudiation=== | ||
+ | |||
+ | One feature of a good legal contract is that one party cannot repudiate the contract without legal cause. Typically the valid causes are listed in the contract so that both sides can determine if the repudiation is valid. The courts are the final authority over any attempt at repudiation. A [[Digital Signature]] is termed non-reputable if an acceptable means is provided to prove its validity in a court of law. | ||
==Solutions== | ==Solutions== | ||
+ | * Trust federations can create legal documents that define the meaning of a document and be included by reference in that document. | ||
+ | * Samuel M Smith crated a taxonomy of trust carried by a signature. This is helpful for technologists, but, in and of itself, has no impact on the meaning of a signature.<ref> Samuel M. Smith, ''Universal Identifier Theory'' gitbhub (v1.32 2020-10-23) https://github.com/SmithSamuelM/Papers/blob/master/whitepapers/IdentifierTheory_web.pdf</ref> He was worried about the basis for trust, this page is focused primarily on the concept of enforceability. Still the concepts are valuable for architects, if not for lawyers. | ||
+ | # Persistent Authorization Model = Any signed statement that is signed with the set of authoritative keys at the time of its signing, is valid until revoked (rescinded) with another signed statement that is signed with the set of authoritative keys at the time of the signing of the revocation statement. | ||
+ | # Ephemeral Authorization Model = All statements signed with the set of authoritative keys at the time of their signing are automatically revoked when that set of authoritative keys are rotated. | ||
+ | # Some Authorizations are Persistent, and Some are Ephemeral (Hybrid) Model = Any presentation of a signed statement with persistent authorization must include a reference to its location in the VDR (log) to determine the authoritative keys at the time (location) in the VDR when the statement was signed. The signed statement is authorized until revoked (rescinded) with another signed statement that is signed with the set of authoritative keys at the time of the signing of the revocation statement. If the VDR location reference is absent in the presentation, then the authorization is assumed to be ephemeral and the verifier uses the current authoritative keys to verify the authorization status of the signed statement. | ||
+ | # Rotate the Identifier not the Keys Model = A signed statement's authorization is persistent until the ephemeral identifier associated with the authoritative keys has been rotated. Rotation of the identifier effectively rotates the authoritative keys. | ||
+ | |||
+ | ===Zero Trust=== | ||
+ | Sam's paper also listed the features of a zero trust architecture which are: | ||
+ | # Network Hostility. = The network is always hostile, internally & externally; Locality is not trustworthy. Solutions must provide means to mitigate network layer security vulnerabilities (man-in-the-middle, DNS hijacking, BGP attacks). | ||
+ | # E2E Security.= Inter-host communication must be end-to-end signed/encrypted and data must be stored signed/encrypted. Data is signed/encrypted in motion and at rest. | ||
+ | # E2E Provenance. = Data flow transformations must be end-to-end provenanced using verifiable data items (verifiable data chains or VCs). Every change shall be provenanced. | ||
+ | # Verify every-time for every-thing. = Every network interaction or data flow must be authenticated and authorized using best prac- tice cryptography. | ||
+ | # Authorization is behavioral. = Policies for authentication and authorization must be dynamically modified based on behavior (reputation). | ||
+ | # No single point of trust. = Policies for authentication and authorization must be governed by end-verified diffuse-trust distributed consensus. Policy is protected by diffuse trust. | ||
+ | # Hosts locked down. = Hosts or host components executing any of the logic mentioned above must be locked down. Any changes to the host execution logic or behavior must be fully security tested and vali- dated over the respective possible combinations of hardware and software platform. This means locking down key management and cryptographic operations on the devices. This includes key generation and storage, as well as signature generation and signature verification. These may benefit from the use [[Hardware Protection]] of some form as a trusted execution environment (TEE) either generally or specially as in a trusted platform module (TPM) or a hardware security module (HSM). In addition to key management and cryptographic operations, special security measures must be implemented regarding secure execution of the application logic (e.g. code injection, insecure object references, cross-site/service request forgery, cross-service script- ing, etc.). | ||
==References== | ==References== |
Latest revision as of 15:29, 26 July 2024
Contents
Full Title or Meme
A Digital Signature is a string of bits created by a cryptographic process that is extremely difficult to create without access to a Private Key. Note that each legal jurisdiction adds their own tweaks to this definition.
Context
- Nearly all of our digital lives depend on the ability to make a mark that can be known to have been intentionally made by the Subject.
- A (semi)legal definition is a mark or sign made by an individual on an instrument or document to signify knowledge, approval, acceptance, or obligation.[1]
The term signature is generally understood to mean the signing of a written document with one's own hand. However, it is not critical that a signature actually be written by hand for it to be legally valid. It may, for example, be typewritten, engraved, or stamped. The purpose of a signature is to authenticate a writing, or provide notice of its source, and to bind the individual signing the writing by the provisions contained in the document.Because a signature can obligate a party to terms of a contract or verify that the person intended to make a last will and testament, the law has developed rules that govern what constitutes a legally valid signature. The Internet and other forms of telecommunication have created the need to transact legally binding agreements electronically. Almost all states have passed laws that recognize the validity of Digital Signatures.
In the absence of a statutory prohibition, an individual can use any character, symbol, figure, or designation he wishes to adopt as a signature, and if he uses it as a substitute for his name, he is bound by it. For example, if a contract refers to "William Jones" but Jones signs his name "Bill Jones," the contract is still enforceable against him. An individual can also use a fictitious name or the name of a business firm. A signature might also be adequate to validate an instrument even if it is virtually illegible. The entire name does not have to be written, and the inclusion of a middle name is not significant.
- Are Electronic Signatures Legally Enforceable? 2020-03-27
To qualify as an enforceable electronic signature, there must be evidence of the signer’s intent to execute or accept the agreement. This is typically accomplished by requiring the signer to take affirmative action, like typing their name or drawing their signature using a mouse or touchscreen. As long as the signer’s intent to agree to the contract can be discerned from the record, an electronic signature is likely to be enforceable. Courts in some states have enforced contracts where a party’s intent to accept the terms of the agreement were evidenced by email exchange or text message, even though there was no drawn or typed signature.
Problems
- Not all Subjects are legal entities, so the meaning of the signature would be unclear.
- Public/Private Key technology is itself subject to attack and so the meaning of a secure public key technology is subject to revision from time to time as technology advances.
- Technologists somehow got the idea that they could define what a signature means. This is demonstrably untrue.
- The contents of the document signed are a key determinate as to what a signature means. This cannot be changed by wishful thinking.
- For example the level of assurance of an identity statement carries information about the level of verification that was applied by the signatory.
- If a signed document as to the proofing provided to a named subject is included in a signed token, It seems appropriate that the inner signature is taking responsibility for the Identity proofing.
Revocation
Revocation is an idea from the credit card industry of the 1950's. The idea was that a cred card (or a driver's license) has an expiration date, but that the authorization implied in that credential can be revoked by the issuer. Revocation depends on the legal contract that applied to the grant. When it is permitted, there is a ceremony that the issuer must complete for the revocation to be effective. All conditions must be met.
- The original grant of authorization must clearly state the conditions for revocation.
- The conditions for revocation are followed by the issuer.
- The verifier can access the state of the grant.
Common forms of revocation of digital certificates are (1) certificate revocation lists, (2) online access to the state of the certificate. At a fundamental level revocation is non-deterministic, but these work-arounds seem to be adequate for the problem at hand.
Repudiation
One feature of a good legal contract is that one party cannot repudiate the contract without legal cause. Typically the valid causes are listed in the contract so that both sides can determine if the repudiation is valid. The courts are the final authority over any attempt at repudiation. A Digital Signature is termed non-reputable if an acceptable means is provided to prove its validity in a court of law.
Solutions
- Trust federations can create legal documents that define the meaning of a document and be included by reference in that document.
- Samuel M Smith crated a taxonomy of trust carried by a signature. This is helpful for technologists, but, in and of itself, has no impact on the meaning of a signature.[2] He was worried about the basis for trust, this page is focused primarily on the concept of enforceability. Still the concepts are valuable for architects, if not for lawyers.
- Persistent Authorization Model = Any signed statement that is signed with the set of authoritative keys at the time of its signing, is valid until revoked (rescinded) with another signed statement that is signed with the set of authoritative keys at the time of the signing of the revocation statement.
- Ephemeral Authorization Model = All statements signed with the set of authoritative keys at the time of their signing are automatically revoked when that set of authoritative keys are rotated.
- Some Authorizations are Persistent, and Some are Ephemeral (Hybrid) Model = Any presentation of a signed statement with persistent authorization must include a reference to its location in the VDR (log) to determine the authoritative keys at the time (location) in the VDR when the statement was signed. The signed statement is authorized until revoked (rescinded) with another signed statement that is signed with the set of authoritative keys at the time of the signing of the revocation statement. If the VDR location reference is absent in the presentation, then the authorization is assumed to be ephemeral and the verifier uses the current authoritative keys to verify the authorization status of the signed statement.
- Rotate the Identifier not the Keys Model = A signed statement's authorization is persistent until the ephemeral identifier associated with the authoritative keys has been rotated. Rotation of the identifier effectively rotates the authoritative keys.
Zero Trust
Sam's paper also listed the features of a zero trust architecture which are:
- Network Hostility. = The network is always hostile, internally & externally; Locality is not trustworthy. Solutions must provide means to mitigate network layer security vulnerabilities (man-in-the-middle, DNS hijacking, BGP attacks).
- E2E Security.= Inter-host communication must be end-to-end signed/encrypted and data must be stored signed/encrypted. Data is signed/encrypted in motion and at rest.
- E2E Provenance. = Data flow transformations must be end-to-end provenanced using verifiable data items (verifiable data chains or VCs). Every change shall be provenanced.
- Verify every-time for every-thing. = Every network interaction or data flow must be authenticated and authorized using best prac- tice cryptography.
- Authorization is behavioral. = Policies for authentication and authorization must be dynamically modified based on behavior (reputation).
- No single point of trust. = Policies for authentication and authorization must be governed by end-verified diffuse-trust distributed consensus. Policy is protected by diffuse trust.
- Hosts locked down. = Hosts or host components executing any of the logic mentioned above must be locked down. Any changes to the host execution logic or behavior must be fully security tested and vali- dated over the respective possible combinations of hardware and software platform. This means locking down key management and cryptographic operations on the devices. This includes key generation and storage, as well as signature generation and signature verification. These may benefit from the use Hardware Protection of some form as a trusted execution environment (TEE) either generally or specially as in a trusted platform module (TPM) or a hardware security module (HSM). In addition to key management and cryptographic operations, special security measures must be implemented regarding secure execution of the application logic (e.g. code injection, insecure object references, cross-site/service request forgery, cross-service script- ing, etc.).
References
- ↑ The Free Dictionary by Farlex https://legal-dictionary.thefreedictionary.com/signature
- ↑ Samuel M. Smith, Universal Identifier Theory gitbhub (v1.32 2020-10-23) https://github.com/SmithSamuelM/Papers/blob/master/whitepapers/IdentifierTheory_web.pdf