Two files with the same MD5 digest
Posted Mar 3, 2007 19:10 UTC (Sat) by giraffedata
In reply to: Two files with the same MD5 digest
Parent article: Hunting for Rootkits
Signing a digest is the same as signing the document.
In what way? As we've shown here, fraud is possible when you sign the digest and not when you sign the full document. That's a big difference.
If I sign the full document, that means I encrypt the actual PDF with my private key and send the result to the salesman. He forwards it to Accounts Payable, which looks up my public key and decrypts it. The result is a PDF in which AP must see the same price I saw when I signed it.
People like to sign digests instead because it uses less resources. Sometimes the tradeoff is worthwhile.
To foil (or at least detect) the attack, YOU would have to deliver the contract ... to Accounts Payable yourself.
the other defense, at least to help you later in court, is to be sure to keep an archive copy of everything you sign.
Those defeat much of the purpose of the signature, either allowing me to defraud the vendor or leaving an open question of what the agreed price was. It would be no worse than paper, though, where the salesman can take the signature sheet off the $200 contract and staple it to the $4000 one.
Electronic signatures have the wonderful advantage over paper of non-repudiation. I can't deny that I authorized $4000 if I did.
to post comments)