Signing the document content is not enough: A new attack to digital signature

Author

Buccafurri, Francesco ; Caminiti, Gianluca ; Lax, Gianluca

Author_Institution

DIMET Dept, Univ. of Reggio Calabria, Reggio Calabria

fYear

2008

fDate

4-6 Aug. 2008

Firstpage

520

Lastpage

525

Abstract

Digital signature represents the only valid method to give signed electronic documents probative value at least as traditional documents with handwritten signature. The above claim has a full counterpart with the current law system of most countries, so that the process of document dematerialization has been already started relying on the current infrastructures as well as the current juridical regulations, with strong attention towards common interoperability rules. As a consequence, the issue regarding the vulnerabilities of digital signature is particularly important. This paper presents a new attack to digital signature not based on the insertion of instructions in the document to sign but in the same way producing a non-static visualization of the signed document, with the purpose of producing (legal) effects different from those desired by the signer. The paper proves the attack by example and gives a possible way to contrast it.

Keywords

digital signatures; digital signature; document content signing; document dematerialization process; electronic documents; nonstatic visualization; Application software; Contracts; Cryptography; Digital signatures; Lab-on-a-chip; Law; Legal factors; Protocols; Smart cards; Visualization;

fLanguage

English

Publisher

ieee

Conference_Titel

Applications of Digital Information and Web Technologies, 2008. ICADIWT 2008. First International Conference on the

Conference_Location

Ostrava

Print_ISBN

978-1-4244-2623-2

Electronic_ISBN

978-1-4244-2624-9

Type

conf

DOI

10.1109/ICADIWT.2008.4664402

Filename

4664402