论文信息 - What You See is Not Always What You Sign

What You See is Not Always What You Sign

A fundamental aspect of computer systems is that displaying nd signing a digital document are separate and unlinked processes. In addition, the same digital docum ent can be displayed differently on different systems. As a consequence it is difficult to determine what ex ac ly has been signed, both from the signer’s and the verifier’s point of view. This paper discusses how con fusion about the meaning of digitally signed documents can occur, and proposes some mitigation strategi es.

Audun Jøsang | Dean Povey | Anthony Ho

[1] William J. Caelli,et al. Signature Stripping: A Digital Dilemma , 2001, J. Inf. Law Technol..

[2] Stephen Smalley,et al. The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments , 2000 .

[3] Armin B. Cremers,et al. The fairy tale of''what you see is what you sign , 2001 .

[4] Dean Povey,et al. The Problems with Secure On-line Banking , 1998 .

[5] P. T. Barry,et al. Abstract syntax notation-one (ASN.1) , 1992 .

[6] Whitfield Diffie,et al. New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.