Digital Signature

From MgmtWiki
Revision as of 13:08, 24 May 2021 by Tom (talk | contribs) (Solutions)

Jump to: navigation, search

Full Title or Meme

A Digital Signature is a string of bits created by a cryptographic process that is extremely difficult to create without access to a Private Key.

Context

  • Nearly all of our digital lives depends on the ability to make a mark that can be known to have been make by the Subject.
  • A (sem-)legal definition is a mark or sign made by an individual on an instrument or document to signify knowledge, approval, acceptance, or obligation.[1]
    The term signature is generally understood to mean the signing of a written document with one's own hand. However, it is not critical that a signature actually be written by hand for it to be legally valid. It may, for example, be typewritten, engraved, or stamped. The purpose of a signature is to authenticate a writing, or provide notice of its source, and to bind the individual signing the writing by the provisions contained in the document.
    Because a signature can obligate a party to terms of a contract or verify that the person intended to make a last will and testament, the law has developed rules that govern what constitutes a legally valid signature. The Internet and other forms of telecommunication have created the need to transact legally binding agreements electronically. Almost all states have passed laws that recognize the validity of Digital Signatures."
    In the absence of a statutory prohibition, an individual can use any character, symbol, figure, or designation he wishes to adopt as a signature, and if he uses it as a substitute for his name, he is bound by it. For example, if a contract refers to "William Jones" but Jones signs his name "Bill Jones," the contract is still enforceable against him. An individual can also use a fictitious name or the name of a business firm. A signature might also be adequate to validate an instrument even if it is virtually illegible. The entire name does not have to be written, and the inclusion of a middle name is not significant.

Problems

  • Not all Subjects are legal entities, so the meaning of the signature would be unclear.
  • Public/Private Key technology is itself subject to attack and so the meaning of a secure public key technology is subject to revision from time to time as technology advances.
  • Technologists somehow got the idea that they could define what a signature means. This is demonstrably untrue.
  • The contents of the document signed are a key determinate to what a signature means. This cannot be changed by wishful thinking.
    • For example the level of assurance of an identity statement carries information about the live of verification that was applied by the signatory.

Solutions

  • Samuel M Smith crated a taxonomy of trust carried by a signature. This is helpful for technologists, but, in and of itself, has no impact on the meaning of a signature.[2] He was worried about the basis for trust, this page is focused primarily on the concept of enforceability.

Zero Trust

Sam's paper also listed the features of a zero trust architecture which are:

  1. Network Hostility. = The network is always hostile, internally & externally; Locality is not trustworthy. Solutions must provide means to mitigate network layer security vulnerabilities (man-in-the-middle, DNS hijacking, BGP attacks).
  2. E2E Security.= Inter-host communication must be end-to-end signed/encrypted and data must be stored signed/encrypted. Data is signed/encrypted in motion and at rest.
  3. E2E Provenance. = Data flow transformations must be end-to-end provenanced using verifiable data items (ver- ifiable data chains or VCs). Every change shall be provenanced.
  4. Verify every-time for every-thing. = Every network interaction or data flow must be authenticated and authorized using best prac- tice cryptography.
  5. Authorization is behavioral. = Policies for authentication and authorization must be dynamically modified based on behav- ior (reputation).
  6. No single point of trust. = Policies for authentication and authorization must be governed by end-verified diffuse-trust distributed consensus. Policy is protected by diffuse trust.
  7. Hosts locked down. = Hosts or host components executing any of the logic mentioned above must be locked down. Any changes to the host execution logic or behavior must be fully security tested and vali- dated over the respective possible combinations of hardware and software platform. This means locking down key management and cryptographic operations on the devices. This in- cludes key generation and storage, as well as signature generation and signature verification. These may benefit from the use of some form of trusted execution environment (TEE) either generally or specially as in a trusted platform module (TPM) or a hardware security module (HSM). In addition to key management and cryptographic operations, special security measures must be implemented regarding secure execution of the application logic (e.g. code injection, insecure object references, cross-site/service request forgery, cross-service script- ing, etc.).

References

  1. The Free Dictionary by Farlex https://legal-dictionary.thefreedictionary.com/signature
  2. Samuel M. Smith, Universal Identifier Theory gitbhu (v1.32 2020-10-23) https://github.com/SmithSamuelM/Papers/blob/master/whitepapers/IdentifierTheory_web.pdf