Title :
Digital signature: does it really work for electronic documents?
Author :
Islam, M. D Saiful ; Rahman, M. Lutfar ; Khan, Muhammad Asif Hossain ; Hossain, B. M Mainul ; Karim, Muhammad Rezaul
Author_Institution :
Dept. of Comput. Sci. & Eng., Dhaka Univ., Bangladesh
Abstract :
Organizations of almost all sizes are discovering the value of "going digital" by converting their office documents to electronic documents. Many of these documents, including financial information, while papers, legal documents, and external communications, require expensive review and mark-up by internal and external workgroups. The main motivations or using PKI (public key infrastructure) in business environment (e.g., e-commerce) is to streamline workflow, by enabling human to digitally sign electronic documents, instead of manually signing paper ones. However, this approach fails if adversaries can construct electronic documents whose viewed contents can change in useful ways, without invalidating the digital signature. In this paper we have examined the space of such attacks, and have described how many popular electronic document formats and PKI packages permit them.
Keywords :
digital signatures; document handling; electronic commerce; public key cryptography; business environment; digital signature; electronic documents; financial information; legal documents; office documents; public key infrastructure; Art; Cryptography; Digital signatures; Humans; Law; Legal factors; Out of order; Petroleum; Protection; Public key;
Conference_Titel :
Multitopic Conference, 2004. Proceedings of INMIC 2004. 8th International
Print_ISBN :
0-7803-8680-9
DOI :
10.1109/INMIC.2004.1492926
