Standard disclaimers apply. I'm not a lawyer, this isn't legal advice. My opinions don't represent my employer. It's not my fault if you do something stupid and get in trouble.
In my previous post, I discussed getting a GPG keyring set up. I intend to continue in that vein, and explain email crypto/signing, the web of trust, document protection, and a few other fun topics around communications security -- but first, I want to stop and take a moment to discuss nonrepudiation.
According to techtarget.com:
Nonrepudiation is the assurance that someone cannot deny something. Typically, nonrepudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated.GPG provides us with nonrepudiation via document signing. Document signing is a fairly simple process. Briefly, when a document is signed, a hash is taken of it's contents. A hash is a "one-way" mathematical algorithm that will take (generally) text data as an input, and return a unique string of letters and numbers. This algorithm will always generate the same output, given the same input. Changing even one character of the input will result in a different output. Hashes are "one-way" algorithms, in that there is no process (other than brute force) to derive the original document from the hash. For example, here is a SHA256 hash of this blog-post thus far:
228b9c49367a740073866f77ff09363ff3dbf62eda194b2b8a5660fe5bb5802eIf you were to copy everything from the disclaimer at the beginning of the post through the ":" at the end of the last paragraph, and pass it through shasum -a 256, you should receive the same long string of numbers and letters that I pasted above. After a hash of the document being signed is taken, it is encrypted with the author's private key. This means that anyone who possesses the author's public key can decrypt the hash. We have now accomplished two things:
- The hash proves that the document has not been modified in any way since it was signed.
- The ability to decrypt the hash with the author's public key proves that the document was signed by an individual possessing the author's private key.
This all seems great, so back to nonrepudiation -- I hate it when someone tries to say they never told me something when I have evidence that they did. Let's look at an illustrative example.
Alice sends an (unsigned) email to Bob, approving a new project. Bob begins work on the project, but ultimately fails to deliver. The business questions Bob as to why he "wasted" company funds on his failed project, so he produces the letter from Alice approving it. The business then approaches Alice, who immediately denies sending the email. We are now in a position of he-said/she-said. Bob claims Alice sent the email, Alice claims that Bob forged it.
If Alice had signed the original email, GPG would have provided nonrepudiation -- Alice could have no longer denied that she sent the email to Bob.
Many sources (the manual linked in the previous article, for instance) recommend signing all emails all the time. I would, however, encourage the reader to think about their own situation before deciding to sign all emails all the time. In a business setting, it may be appropriate to implement a policy mandating that all emails are signed. In a professional setting, we are expected to be accountable for what we say. There are other situations, however, in which nonrepudiation may not be desirable.
Nonrepudiation is a double-edged sword. By demanding signing of others, you gain assurances that they are, indeed, the author of what you are reading. By signing documents yourself, you are irrefutably certifying that you wrote them. It all boils down to one thing, really -- don't sign anything you wouldn't want to say under oath. In the event your communications came before a court, it would be almost impossible to claim that you weren't the author. This is especially true if there was continued use of the key after the communication was sent, as this shows that the key was under your control, and you had no suspicion of compromise (or else you would have issued that revocation certificate we made last article!).
To conclude -- mean what you say, say what you mean, and think before you sign documents.
No comments:
Post a Comment