In lieu of an abstract, here is a brief excerpt of the content:

90 Chapter 4 hindered the development of cryptographic technologies. When the mediating role of models goes unrecognized, scientific practice becomes blind to the trade-offs inherent in the process of abstracting away the unruliness of the phenomenal world. Phil Agre has articulated the consequences of such an epistemological stance in his analysis of the role of metaphor in the field of artificial intelligence: “Any practice that loses track of the figurative nature of its language loses consciousness of itself. As a consequence, it becomes incapable of performing the feats of self-diagnosis that become necessary as old ideas reach their limits and call out for new ones to take their place. No finite procedure can make this cycle of diagnosis and revision wholly routine, but articulated theories of discourses and practices can certainly help us to avoid some of the more straightforward impasses.”77 Such articulated theories might prove quite relevant to cryptographers. They might help them account for how models evolve and mutate in response to the constantly shifting boundaries between theory and practice . Indeed, such shifts have already occurred with respect to the proof model under which the correctness of cryptographic schemes is ascertained . Chapter 7 investigates the struggles of the community as it debates how to best adjust the model while maintaining the epistemological integrity of its practices. Conclusion This chapter gradually built a fuller picture of the cryptographic signature model. Based on the mechanics of public-key encryption, the model involves distinct steps of signature creation and verification, supposes an underlying infrastructure for key distribution and revocation, and posits specific threats to which cryptographic signature schemes must be resistant . Without yet attempting to evaluate the fitness of the model, we are nevertheless in a position to examine some of the (inevitable) abstractions and simplifications built into it. In attempting to create a digital analogue of handwritten signatures, what did the definitions of the signature process, of the three security services, and of the threat model foreground, what did they relegate to the background? First, in the model, the evidential value of signatures is wholly derived from the verification process. Though it merely outputs a binary answer— either the signature is valid or it is not—the verification process encom- The Equivalent of a Written Signature 91 passes broader semantic and technical complexity. On the one hand, though there may be multiple causes to a signature’s failure to verify, (i.e., incorrect key or modifications to the signed message), it is not possible to distinguish these causes given the output of the verification process itself. On the other hand, a fundamental dimension is strikingly absent from the scene of signature as portrayed by the model (see figure 4.1): time. Bob may well verify Alice’s signature shortly after she produced it, but verification in the context of litigation may occur years afterward. Signed documents and their evidential qualities will have to be digitally preserved for durations that will vary according to record-keeping requirements. These durations may range from a few years (tax documents) to the lifetime of individuals and institutions (blueprints for nuclear reactors). Furthermore, cryptographic signatures model data integrity at the bit level; that is, modification of a single bit of a digitally signed document results in failed verification. However, the extreme sensitivity of this measure poses significant challenges. The conflicting mechanics of digital preservation and signature verification will have important implications for the forensic usability of cryptographic signatures, implications that I further examine in chapter 6 in the context of the French notarial profession. The taxonomy of entity authentication partitions identification techniques in three distinct classes: something the claimant knows, possesses, or is. The literature classifies cryptographic keys in the first category; yet, accessing and manipulating 300-digit numbers necessarily requires that they be stored on a computing device (desktop, smart card, mobile phone), itself secured through password or biometric identifiers. Users’ agency over their private signing keys is thus likely to be more complex than assumed by the model. Furthermore, the taxonomy fails to account for the specificity of handwritten signatures as the bodily performance of a certain secret knowledge. Unlike a fingerprint or a retina pattern, a signature results from a volitional act. Handwritten signatures are something someone does to express assent or commitment in a performance paradoxically each time unique, yet identical. The third security service provided by digital...

Share