Digital Signatures
The aunthenticity of many legal, financial and other documents is determined
by the presence or absence of an authorized handwritten signature. And
photocopies do not count. For computerized message systems to replace the
physical transport of paper and ink documents, a method must be found to allow
documents to signed in an unforgeable way. The problem of devising a
replacement for handwritten signatures is a difficult one. Basically what is
needed is a system by which one party can send a signef message to another
party in such a way the following conditions hold:
•The receiver can verify the claimed identity of the sender
•The sender cannot later repudiate the contents of the message
•The receiver cannot possibly have concocted the message himself
The first requirement is needed for example in financial systems. When a
customer’s computer orders a bank’s computer to buy a ton of gold, the bank’s
computer needs to be able to make sure that the computer giving the order really
belongs ot the company whose account is to be debited. In other words, the
bank has to authenticate the customer. The second requirement is needed to
protect the bank against fraud. Suppose that the bank buys te ton of gold, and
immediately thereafter the price of gold drops sharply. A dishonesdt customer
might sue the bank, claiming that he never issued any order to buy gold. When
the bank produces the message in court the customer denies having it. The
property that no party to contract can later deny having signed it is called
nonrepudation. The digital signature schemes that we will now study help
provide it. The third requirements is needed to protect the customer in the event
that the price of gold shoots up and the bank tries to construct a signed message
in which the customer asked for one bar of gold instead of one ton. In this fraud
scenario, the bank just keeps the rest of the gold for itself.