Preventing specific cases of digital signature forgery and repudiation

  • I
  • Thread starter tade
  • Start date
In summary, digital signatures, specifically RSA technology, can prevent problems such as signature forgery and false identity claims. By using public-key cryptography, it is mathematically impossible to create a forged signature or modify a signed document without the signer's private key. However, it is important for individuals to keep their private key secure in order for the digital signature to be effective.
  • #1
tade
721
26
We're looking at some specific cases here, and I'm interested in how mathematics can prevent certain problems from arising.

So let's say that a party is requesting peoples' signatures. And one problem is that said party might attempt to forge the signatures.

And another problem is that a signatory might want to deny and repudiate that he gave his signature and claim that that party forged the signature, while the actual fact is that he really did give his signature.

So I was wondering about when it comes to the mathematical methods of creating digital signatures, how do they prevent these mentioned problems from arising?

I guess its also a given that any method which solves one of the problems also solves the other one.
 
Last edited:
Mathematics news on Phys.org
  • #3
This sounds like something that a blockchain would be good for. It can make the transactions/communications permanently recorded in an immutable way. It would help to verify whether a signature has been forged and whether a real signature had been sent. Because it is decentralized, it is hard for any one person to cheat.
 
  • #4
FactChecker said:
This sounds like something that a blockchain would be good for. It can make the transactions/communications permanently recorded in an immutable way. It would help to verify whether a signature has been forged and whether a real signature had been sent. Because it is decentralized, it is hard for any one person to cheat.
oh i see
what about something which doesn't rely on a whole network
 
  • #6
tade said:
i see, how safe is it from the party requesting signatures trying to forge them
As far as someone claiming a false identity I don't see what can be done about that. Even implanting a chip in every brain at birth wouldn't do it, as the parents might be faking it.
 
  • #7
Hornbein said:
As far as someone claiming a false identity I don't see what can be done about that. Even implanting a chip in every brain at birth wouldn't do it, as the parents might be faking it.
hmm, i was thinking about, let's say that a company tells you, "Look Hornbein, you agreed to this deal, here's your signature!", and they produce their issued document with your signature on it, which they forged. And they're trying to apply some type of pressure tactic on you.

now the topic that i'm thinking about is digital signatures, how to mathematically deter such forgery
 
  • #8
tade said:
hmm, i was thinking about, let's say that a company tells you, "Look Hornbein, you agreed to this deal, here's your signature!", and they produce their issued document with your signature on it
If you are not generally familiar with public-key cryptography, you will want to read up on it.

Without knowing the signer's private key, it is mathematically impossible to create an RSA signature for a document, to modify a document after it has been signed, or to copy a valid signature from a properly signed document to a fraudulent one. Thus, when you are presented with a document with your signature on it, there are only three possibilities:
1) You signed it
2) Someone else signed it using your private key
3) The person presenting the document has broken the public key encryption scheme and is taking a break from the more lucrative activity of draining the entire world's financial systems for their benefit just to hassle you.

The math ensures that these are the only possibilities. The realistic possibility for fraud is #2 - the math can't protect if you don't keep your private key private.
 
  • Like
Likes jbriggs444, FactChecker and Filip Larsen
  • #9
Nugatory said:
If you are not generally familiar with public-key cryptography, you will want to read up on it.

Without knowing the signer's private key, it is mathematically impossible to create an RSA signature for a document, to modify a document after it has been signed, or to copy a valid signature from a properly signed document to a fraudulent one. Thus, when you are presented with a document with your signature on it, there are only three possibilities:
1) You signed it
2) Someone else signed it using your private key
3) The person presenting the document has broken the public key encryption scheme and is taking a break from the more lucrative activity of draining the entire world's financial systems for their benefit just to hassle you.

The math ensures that these are the only possibilities. The realistic possibility for fraud is #2 - the math can't protect if you don't keep your private key private.
I am not an expert on this subject, but I'm not sure that this addresses the problems that the OP mentions. If the recipient claims that he has received the signature, then he has a signature of some kind. One question is whether he can (or must) show that it was once encrypted at all. Does this solve that issue?
 
  • #10
FactChecker said:
One question is whether he can (or must) show that it was once encrypted at all
Digital signing is different from encryption, if that is what you mean. Usually you form a secure hash of the content you want to sign and then encrypt the hash with your private key. Anyone else getting a copy of this signed hash can then decrypt it with your public key (proving someone with access to the private key signed it), and then compare the unencrypted hash with the calculated hash of the content.
 
  • Like
Likes FactChecker
  • #11
FactChecker said:
I am not an expert on this subject, but I'm not sure that this addresses the problems that the OP mentions. If the recipient claims that he has received the signature, then he has a signature of some kind. One question is whether he can (or must) show that it was once encrypted at all. Does this solve that issue?
The signature is a string of gibberish-looking bits that when decrypted with the alleged signer’s public key yields a valid hash of the document. This string of bits can only have been created by someone possessing the signer’s private key.
 
  • Like
Likes FactChecker
  • #12
Nugatory said:
The signature is a string of gibberish-looking bits that when decrypted with the alleged signer’s public key yields a valid hash of the document. This string of bits can only have been created by someone possessing the signer’s private key.
So the actual "signature" is the still encrypted data. The readable signature does not count.
The fact that the public key can decrypt the "signature" implies that it must have been you who encrypted it with the private key.
 
  • #13
FactChecker said:
So the actual "signature" is the still encrypted data.
Technically you can say it is encryption because is uses an cryptographic cipher, but since the goal is to allow anyone to decrypt the signature it does not provide confidentiality like encryption schemes normally would imply for lay-persons.
FactChecker said:
The readable signature does not count. The fact that the public key can decrypt the "signature" implies that it must have been you who encrypted it with the private key.
I assume you here refer to information identifying the signer. For digital signatures to provide non-repudiation you need a separate trust system to establish the connection from, say, your name and other information identifying you as a legal person, to your public key. You can of course simply include the public key in the signature so anyone can checked it to be "well-formed", but for non-repudiation someone else trusted by both participants also needs to establish your public key by a separate mean, like using certificate chains (i.e. a trusted third-party that signs your public key certificate to prove you are an identified entity with that party).
 
  • Like
Likes FactChecker
  • #14
Filip Larsen said:
Technically you can say it is encryption because is uses an cryptographic cipher, but since the goal is to allow anyone to decrypt the signature it does not provide confidentiality like encryption schemes normally would imply for lay-persons.

I assume you here refer to information identifying the signer. For digital signatures to provide non-repudiation you need a separate trust system to establish the connection from, say, your name and other information identifying you as a legal person, to your public key. You can of course simply include the public key in the signature so anyone can checked it to be "well-formed", but for non-repudiation someone else trusted by both participants also needs to establish your public key by a separate mean, like using certificate chains (i.e. a trusted third-party that signs your public key certificate to prove you are an identified entity with that party).
Good point. I think I understand it. So, a better version of my statement would have been:
The fact that EDIT the public key your public key, verified as assigned only to you by some authority, can decrypt the "signature" implies that it must have been you who encrypted it with the private key.
 
  • #15
FactChecker said:
The fact that [..] your public key, verified as assigned only to you by some authority, can decrypt the "signature" implies that it must have been you who encrypted it with the private key.
Yes, as Nugatory listed up that is one of the possibilities, and its the possibility any practical useful signature scheme (complete with choice of hash, cipher and protocols) intends to be the most overwhelmingly likely to be true.

There are in fact a few more possibilities a scheme must address for non-repudiation, namely public key revocation (often solved by using both a trusted revocation service and time notary service) and considerations for the secure hash to be susceptible for hash collisions. On top of that the practical signature scheme should also consider operational security as a whole. For instance, in my country it was deemed too unsafe for the general public to have our private keys for the public identity and signature system on our own computers (because this would then be an obvious attack vector for, say, criminals) so instead they are all stored on special hardware at the operator of the public infrastructure for this. All this is just to say that in these days there is a lot of details in a practical signature scheme that needs to fit together in order for it to convincingly provide actual non-repudiation with virtually zero chance of false positives or negatives.
 
  • Like
Likes FactChecker

FAQ: Preventing specific cases of digital signature forgery and repudiation

What is digital signature forgery?

Digital signature forgery occurs when an unauthorized individual creates a digital signature that appears to be legitimate, thereby impersonating the original signer. This can undermine the integrity and authenticity of digital communications and transactions.

How can I prevent digital signature forgery?

To prevent digital signature forgery, use strong cryptographic algorithms and key management practices. Ensure that private keys are securely stored and protected from unauthorized access. Implement multi-factor authentication and regularly update security protocols to adapt to emerging threats.

What is repudiation in the context of digital signatures?

Repudiation refers to the ability of a signer to deny having signed a document or transaction. In digital signatures, it poses a risk if the signer can claim they did not authorize the signature, potentially leading to disputes over the validity of the signature.

How can repudiation be prevented in digital signatures?

To prevent repudiation, use a robust digital signature framework that includes non-repudiation features. This involves maintaining a reliable audit trail, timestamping signatures, and using trusted third-party certification authorities to verify the identity of signers.

What role do public key infrastructures (PKI) play in preventing forgery and repudiation?

Public Key Infrastructure (PKI) is crucial for establishing a secure environment for digital signatures. It provides a framework for managing digital certificates and public-private key pairs, ensuring that signatures can be verified and linked to the correct identity, thus preventing forgery and supporting non-repudiation.

Similar threads

Replies
5
Views
867
Replies
3
Views
3K
Replies
3
Views
1K
Replies
2
Views
10K
Replies
0
Views
2K
Back
Top