Date of Award
5-30-2003
Document Type
Thesis (Master's)
Department or Program
Department of Computer Science
First Advisor
Sean Smith
Abstract
Often, the main motivation for using PKI in business environments is to streamline workflow, by enabling humans to digitally sign electronic documents, instead of manually signing paper ones. However, this application fails if adversaries can construct electronic documents whose viewed contents can change in useful ways, without invalidating the digital signature. In this paper, we examine the space of such attacks, and describe how many popular electronic document formats and PKI packages permit them.
Recommended Citation
Kain, Kunal, "Electronic Documents and Digital Signatures" (2003). Dartmouth College Master’s Theses. 32.
https://digitalcommons.dartmouth.edu/masters_theses/32
Comments
Listed in the Dartmouth College Computer Science Technical Report Series as TR2003-457.
A revised version was published as follows:
K. Kain, S.W. Smith, R. Asokan.
"Digital Signatures and Electronic Documents: A Cautionary Tale."
Advanced Communications and Multimedia Security,
pp. 293-307, September 2002. Kluwer Academic Publishers.
http://portal.acm.org/citation.cfm?id=647802.737169
http://www.cs.dartmouth.edu/~sws/pubs/ksa02.pdf