1993-10-25 - Digital Signatures

Header Data

From: Karl Lui Barrus <klbarrus@owlnet.rice.edu>
To: cypherpunks@toad.com
Message Hash: 95e5709bba2498c73d22c5244d7b4fa7d7b27f3643d151ffb39fa08d0324bef3
Message ID: <9310252258.AA15045@flammulated.owlnet.rice.edu>
Reply To: N/A
UTC Datetime: 1993-10-25 22:59:11 UTC
Raw Date: Mon, 25 Oct 93 15:59:11 PDT

Raw message

From: Karl Lui Barrus <klbarrus@owlnet.rice.edu>
Date: Mon, 25 Oct 93 15:59:11 PDT
To: cypherpunks@toad.com
Subject: Digital Signatures
Message-ID: <9310252258.AA15045@flammulated.owlnet.rice.edu>
MIME-Version: 1.0
Content-Type: text/plain


Earlier, L. Detwiler posted a message which listed some desirable properties
of digital signatures.  (I won't comment on the rest of the post since I'm 
behind in list mail and haven't read up).

Signatures (real and digital) ideally have the following properties, and 
maybe others:

1) Unforgeable.  The presence of the signature shows the signer attached 
it on purpose.  Also, the signature should convince another party that the
signer signed the document (i.e. the signature can be linked to somebody
or a pseudonym or whatever satisfies the recipient).

2) Not transferable.  If the signer signs one document, it should be
impossible to transfer the signature to another document.  (Beware
signing random documents - see a previous post on the "Notary Protocol"
or Judith Moore's paper on protocol failures).  In the digital world,
transfering a signature should make it invalid.

3) Can't repudiate.  The signer can't claim he/she did not in fact sign
a document which bears the signature.

4) Can't alter.  A document which is signed can't be altered without
invalidating the signature.  I don't know if a signed contract with 
white-out, strike-outs, and various inserted edits is still valid, but a 
good digital signature should contain information (secure cryptographic
hash like md5, md4, snefru, snefru256, etc.) about the text signed.
For instance, PGP and RIPEM signatures contain an md5 hash of the message
text, so altering the document after it's signed will invalidate the

Version: 2.3a