Robust WYSIWYS: A Method for Ensuring that What You See Is What You Sign

The security of digital signatures depends not only on the cryptographic strength of the digital signature algorithms used, but also on the integrity of the platform on which the digital signature application is running. Breach of platform integrity due to unintentional or intentional malfunctioning has the potential of wrongly imposing liability on, or wrongly taking liability away from signing parties. This problem is amplified by the fact that digital signatures may be generated on platforms that are not under the control of the signing party, and that there can be strong financial incentives for trying to manipulate the systems used for digital signatures. In practice it is extremely difficult to assess the integrity of a general purpose computing platform, so that digital signing on such platforms in principle is untrustworthy. This paper describes a method for robust WYSIWYS (What You See Is What You Sign) that ensures the integrity of digital documents and their digital signatures. This method can only be directly applied to documents written with traditional ASCII characters. For more advanced formatting a specific layout definition language must defined.

[1]  Karl Scheibelhofer,et al.  Signing XML Documents and the Concept of "What You See Is What You Sign , 2001 .

[2]  R. Asokan,et al.  Digital signatures and electronic documents: a cautionary tale , 2002, Communications and Multimedia Security.

[3]  Jörg Schwenk,et al.  Trustworthy Verification and Visualisation of Multiple XML-Signatures , 2005, Communications and Multimedia Security.

[4]  William M. Daley,et al.  Digital Signature Standard (DSS) , 2000 .

[5]  Audun Jøsang,et al.  What You See is Not Always What You Sign , 2002 .

[6]  Aaron Weiss Trusted computing , 2006, NTWK.

[7]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[8]  Arnd Weber,et al.  See What You Sign: Secure Implementations of Digital Signatures , 1998, IS&N.

[9]  Chris J. Mitchell,et al.  Dynamic content attacks on digital signatures , 2005, Inf. Manag. Comput. Security.

[10]  Audun Jøsang,et al.  Security Usability Principles for Vulnerability Analysis and Risk Assessment , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[11]  Ahmad-Reza Sadeghi,et al.  Trusted Computing , 2010, Handbook of Financial Cryptography and Security.

[12]  J. Darzentas,et al.  A framework for the analysis of the reliability of digital signatures for secure e-commerce , 2005 .

[13]  David Naccache,et al.  Cut and Paste Attacks with Java , 2002, IACR Cryptol. ePrint Arch..

[14]  Armin B. Cremers,et al.  The fairy tale of''what you see is what you sign , 2001 .