Security Basics mailing list archives
Re: Electronic signatures and watermarking?
From: Martín Villalba <famafcs () gmail com>
Date: Thu, 28 Oct 2004 16:54:27 -0300
Perhaps you could try with Steganography. Basically, you can hide a text inside an image and encrypt it. That way, you can probe it's authenticity, since any modification to the image will make your text unreadable. It also works backwards, ie, you can probe you created the image since you are the only one who knows the password to the hidden text. However, there are some details you should consider: although it will certainly work with changes made to the begining of the image, I haven't checked what happens with modifications in the bottom of the document (if your text is short enough, it may not use the bottom lines, but I'm just guessing. You should try it yourself). To try it check the link at the bottom of the mail. Also, if you want something better, you can try with a SHA or MD5 hash. Basically, a hash is a function wich takes a binary input and returns a binary output, but if you make even a small change to the original image you get something completely different as output. As you can see, you can scan an image and store (in a safe place) the hash, so if you want to check if it has been modified all you have to do is run again the hash and compare the outputs. There are different hash algorithms, SHA and MD5 are the most populars, and also there are different implementations of each one (some are safer, some have been cracked). Note that both methods work only once you have scanned already the image, but if you want to scan the same document twice and check if they match none of the two algorithms will work, but I guess that's not what you want to do. Steganography demo: http://www.cs.vu.nl/~ast/books/mos2/zebras.html On Tue, 26 Oct 2004 08:10:01 -0700, Spencer, Mark <mspencer () evidentdata com> wrote:
On business documents (those that still live in the paper world) where public/private keys and signature verification are unavailable, is there a way to make an electronic signature (a handwritten one that has been scanned in) more secure? Possibly by watermarking? Anyone can scan in a handwritten signature and paste it into a document, but I'm curious about how one might watermark or otherwise secure it. Thanks! Mark
Current thread:
- Electronic signatures and watermarking? Spencer, Mark (Oct 26)
- Re: Electronic signatures and watermarking? xyberpix (Oct 28)
- RE: Electronic signatures and watermarking? Adrian Floarea (Oct 28)
- Re: Electronic signatures and watermarking? Ghaith Nasrawi (Oct 29)
- Re: Electronic signatures and watermarking? GuidoZ (Oct 28)
- Re: Electronic signatures and watermarking? Atom 'Smasher' (Oct 28)
- RE: Electronic signatures and watermarking? Scan America (Oct 29)
- Re: Electronic signatures and watermarking? Martín Villalba (Oct 28)
- Re: Electronic signatures and watermarking? PCSage Information Services (Oct 29)
- Re: Electronic signatures and watermarking? xyberpix (Oct 28)