Online Version - Last Updated - 20 Jan 2012 |
 |
| Home |
| |
| Procedures and Resources for Authors |
|
| Information and Resources for Volume Editors |
| |
| Orders and Subscriptions |
| |
| Published Articles |
|
| Upcoming Volumes |
| |
| Contact Us |
| |
| Useful External Links |
| |
| CRPIT Site Search |
Robust WYSIWYS: A Method for Ensuring that What You See Is What You Sign
Josang, A. and Alfayyadh, B.
The security of digital signatures depends not only on the
cryptographic strength of the digital signature algorithms
used, but also on the integrity of the platform on which the
digital signature application is running. Breach of platform
integrity due to unintentional or intentional malfunctioning
has the potential of wrongly imposing liability on,
or wrongly taking liability away from signing parties. This
problem is amplified by the fact that digital signatures may
be generated on platforms that are not under the control of
the signing party, and that there can be strong financial
incentives for trying to manipulate the systems used for
digital signatures. In practice it is extremely difficult to
assess the integrity of a general purpose computing platform,
so that digital signing on such platforms in principle
is untrustworthy. This paper describes a method for robust
WYSIWYS (What You See Is What You Sign) that
ensures the integrity of digital documents and their digital
signatures. This method can only be directly applied to
documents written with traditional ASCII characters. For
more advanced formatting a specific layout de nition language
must defined.
Cite as: Josang, A. and Alfayyadh, B. (2008). Robust WYSIWYS: A Method for Ensuring that What You See Is What You Sign. In Proc. Sixth Australasian Information Security Conference (AISC 2008), Wollongong, NSW, Australia. CRPIT, 81. Brankovic, L. and Miller, M., Eds. ACS. 53-58.
(from crpit.com)
(local if available)
