Bogus digital signatures, Re: OT: utility account transfer frauds
George Ross
gdmr at dcs.ed.ac.uk
Tue, 15 Oct 2002 09:02:43 +0100
--==_Exmh_-1410496054P
Content-Type: text/plain; charset=us-ascii
> and Casper Dik added:
> > You must make sure you generate the document you sign; the other
> > party can then agree to the document but should never able to
> > determine the hash beforehand.
>
> Yup as well, although this is going to make contract signing fun.
Is it not sufficient that each party generate their own random string, sign
the concatenation of that string with the document, and publish the string
along with the signature. No-one is then signing anyone else's text, but
all can verify that everyone signed the same document.
(It would also be as well to insist on as simple a format as possible for
the document, so as to reduce the likelihood that different software will
display it differently, but that's another question...)
--
Dr George D M Ross, School of Informatics, University of Edinburgh
Kings Buildings, Mayfield Road, Edinburgh, Scotland, EH9 3JZ
Mail: gdmr@inf.ed.ac.uk Voice: +44 131 650 5147 Fax: +44 131 667 7209
PGP DSA: 1024/AD758CC5 B91E D430 1E0D 5883 EF6A 426C B676 5C2B AD75 8CC5
--==_Exmh_-1410496054P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Exmh version CVS 20020424
iD8DBQE9q8ujtnZcK611jMURAm/tAJ9Zv2pNFFt8kTdOKkZv5ws8WAjNIwCfTwTL
4MnMFf077V4MlmY5C0s0GV0=
=BJ8y
-----END PGP SIGNATURE-----
--==_Exmh_-1410496054P--