2

there is something I am missing in understanding of digital signatures and was hoping someone could clear it up for me.

A digital signature is to verify something has not been modified and came from a person.

So say I somehow intercepted an xml file with a signature on it. I rip the signature out, then make some edits to the file. Then I generate a new signature for this file, and send it to who it was going to. They check the reference and yep it checks out. The file was not tampered with. But it was, only the signature was also tampered with. This must not be possible, so, what gigantic piece am I missing in this puzzle?

Deduplicator
  • 44,692
  • 7
  • 66
  • 118
evenprime
  • 99
  • 10

1 Answers1

3

If the recipient would accept the document signed by anyone, then your approach would work. But the signature is usually used in conjunction with some other identification data, which makes replacing a signature meaningless.

Eg. when the user sends the signed report to the tax office, the report contains his name and the signature must contain his name. And this signature proves that John Doe has authorized or composed this report himself. If you replace the signature, it will contain your name, and the recipient of the report would compare the name in the report and the signature and reject the document.

Another example is SSL authentication of the server. The server presents the signed certificate that contains the domain name or IP address of the server (the procedure is more complicated, and I am omitting the details here). The client compares the data in the certificate with the address it connected to, and decides if he can trust the server or not.

Eugene Mayevski 'Callback
  • 45,135
  • 8
  • 71
  • 121
  • Thank you for the reply. In the first case, isnt all that information in the signature as well? Organization, name, etc. So I would make a cert with all that same info. In the second case, well, ya got me there. – evenprime Jul 16 '13 at 14:54
  • 1
    @evenprime You can make the certificate with information contained in the data, but you can't make the recipient trust it (unless you are a globally recognized Certificate Authority yourself). Read about certificate chains for details. – Eugene Mayevski 'Callback Jul 16 '13 at 15:14
  • Thank you eugene. this is the piece I was missing. This could still be possible if it was a self signed certificate I think. – evenprime Jul 16 '13 at 15:36
  • 1
    If it was a self-signed certificate, the receiver would not normally trust it unless the receiver explicitly added that self-signed certificate to a list of trusted certs beforehand. – gtrig Jul 16 '13 at 22:52