Digital Signatures That Can't Be Forged

You check your E-mail to start the day, and the message from the chief executive is a shocker: The company is being restructured, and large-scale layoffs are planned. But the CEO never saw this message. It was a prankster's bad idea of a joke.

So far, corporations have largely been spared this sort of assault, known as "spoofing." But students at colleges have caused widespread confusion by sending phony E-mail notes announcing the resignation of administrators and canceling exams. Computer-security experts say that as the business usage of E-mail grows and as more messages travel across the Internet and other public links, mail forgery is sure to grow.

The good news is that a solution is at hand, one that would not only make E-mail more secure but could clear the way for a broad expansion of electronic commerce. The technique is called a digital signature, and it lets you know for sure just who sent a message.

The trick is a bit of mathematical legerdemain that uses a pair of numbers, called the private and public keys, to encrypt and decode messages. Let's say Alice wants to send Bob a message. Once she has written her note, the computer reduces the text to a string of 128 seemingly random characters and tacks this "digest" onto the end of the message. The system then encrypts the digest using Alice's secret private key.

When Bob receives the mail, his computer uses the same technique to turn the text into a digest. It then looks up Alice's public key, and plugs it into a formula that can restore Alice's digest to its original appearance. Unless the digests match, either Alice didn't sign the message or the text was tampered with in transit.

This method can do far more than make sure that E-mail is authentic. Digital signatures could replace handwritten ones on a wide array of business and legal documents, from purchase orders to court filings to tax returns. The results could be an explosion in electronic transactions, with the potential for greater efficiency and lower costs.

So why aren't more businesses doing it? The first requirement for widespread use is that the whole process be automatic and unseen, generating a warning only if the signature program detects a problem. The corporate-communications program in Lotus Notes functions that way, but few other popular software products do.

Signed communications between companies also require that they have a simple and secure way to look up each other's public keys. Northern Telecom Ltd. and National Semiconductor Corp. have started services to manage key information, and easy ways to sign messages will be incorporated into future versions of Microsoft Mail and Lotus cc:Mail, although neither company will give a date. The use of digital signatures will be limited until this infrastructure is built.

STANDOFF. That construction job may be slowed, however, by a war over standards. Most business applications of digital signatures have been built around the patented technology of RSA Data Security Inc. The federal government is requiring agencies--and some contractors--to use an approach developed by the National Institute of Standards & Technology called the Digital Signature Standard (DSS). Not only are the two incompatible but RSADSI claims that DSS infringes on its patents. NIST denies the claim, but RSADSI President James Bidzos says he is prepared to sue any company that uses DSS. The result is a standoff in which "everyone will sit and wait," says Stephen T. Walker, president of Trusted Information Systems, a Glenwood (Md.) computer-security company.

Business needs authentication of E-mail--digital signatures--for electronic commerce to really take off. But until this legal mess is

cleaned up, development of the technology will remain hobbled.

Before it's here, it's on the Bloomberg Terminal.