The Fairy Tale of 'What You See Is What You Sign' - Trojan Horse Attacks on Software for Digital Signatures
نویسندگان
چکیده
Software for the creation of digital signatures performs a delicate task. The signatory has to trust the manufacturer of the software that it will work in the intended way. Signing a document electronically will have legal consequences in a growing number of countries, therefore the security of the signing software is an important issue. In the past, Trojan horse programs have shown to be of growing concern for end-user computers. Software for digital signatures must provide protection against Trojan horses attacking the legally relevant signing process. In a survey of commercially-of-the-shelf signature software programs we found severe vulnerabilities that can easily be exploited by an attacker.
منابع مشابه
Robust WYSIWYS: A Method for Ensuring that What You See Is What You Sign
The security of digital signatures depends not only on the cryptographic strength of the digital signature algorithms used, but also on the integrity of the platform on which the digital signature application is running. Breach of platform integrity due to unintentional or intentional malfunctioning has the potential of wrongly imposing liability on, or wrongly taking liability away from signin...
متن کاملProtecting the Creation of Digital Signatures with Trusted Computing Platform Technology Against Attacks by Trojan Horse Programs
Digital signatures are a key technology for many Internet-based commercial and administrative applications and, therefore, an increasingly popular target of attacks. Due to their strong cryptographic properties an attacker is more likely to subvert them with malicious software, ie Trojan horse programs. We show that by fusing two techniques, our WORM-supported reliable input method and the Inte...
متن کاملEditorial: What Is Brain Mapping?
G20 World Brain Mapping Initiative (Neuroscience/N-20) is Putting Brain Mapping on the top of Global Economic Issues The Society for Brain Mapping, Therapeutics, and Brain Mapping Foundation are propelling therapeutic advances in Nano-Neurosurgery, Nano-Bio-Electronics, Artificial Intelligence, Neuro-Supercomputing and ‘cross-pollination’ among the bio-medical sciences and engine...
متن کاملIt Ain’t What You Do (But the Way That You Do It): Will Safety II Transform the Way We Do Patient Safety; Comment on “False Dawns and New Horizons in Patient Safety Research and Practice”
Mannion and Braithwaite outline a new paradigm for studying and improving patient safety – Safety II. In this response, I argue that Safety I should not be dismissed simply because the safety management strategies that are developed and enacted in the name of Safety I are not always true to the original philosophy of ‘systems thinking.’
متن کاملجستاری میان رشته ای در اصول طراحی اتاق خواب با استناد به آموزه های نَقلی مکتب اسلام
The Holy Quran and hadiths as the most important Islamic religious texts have significant capacities in various fields of human knowledge which have been often neglected. Among the issues raised in this religious texts are some of architectural problems. One of these problems is quality of bedroom design. In this article, this problem will be probed by citing verses and hadiths to deduct bedroo...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 1998