Papers

https://www.cs.dartmouth.edu/~sws/abstracts/ksa.shtml     Last modified: 08/27/03 11:56:52 AM

K. Kain, S.W. Smith, R. Asokan.
``Digital Signatures and Electronic Documents: A Cautionary Tale.''
Advanced Communications and Multimedia Security. Kluwer Academic Publishers. Pp. 293-307.
September 2002.

Abstract

Often, the main motivation for using PKI in business environments is to streamline workflow, by enabling humans to digitally sign electronic documents, instead of manually signing paper ones. However, this application fails if adversaries can construct electronic documents whose viewed contents can change in usefulways, without invalidating the digital signature. In this paper, we examine the space of such attacks, and describe how many popular electronic document formats and PKI packages permit them.

Download

PDF

See Also

Kain thesis

Back to home page Maintained by Sean Smith, sws@cs.dartmouth.edu