4

I have been thinking about digitally signed documents (Word files and PDF files) and can not get over the fact about - how can I securely know when the file was signed?

Scenario: If the date of the signature is saved in the file that I am signing. The voucher for the date is me. However, if someone steals my private key, and I revoke my Certificate, the thief can easily create a PDF file with a false date and sign that with my revoked key. The document will appear as being signed at the time, when my Certificate hasn't been revoked yet.

The only way I can think of to implement the signature date safely is by sending my signature to a "trusted" time server, which timestamps my signature and signs it. So in fact - I need a digitally signed document which vouches about the time of my signature.

Does Adobe just take Computer time, or does it get time from the Adobe server, or does it receive an Adobe-signed vouch for time?

Is there another - simpler way?

Gilles 'SO- stop being evil'
  • 20,442
  • 4
  • 54
  • 97
KrNeki
  • 97
  • 1
  • 5

1 Answers1

3

You can prove that a document was signed after a certain date by including data that was not known to anyone before that date, such as stock market data.

You cannot prove that a document was signed before a certain date by purely cryptographic means. Information doesn't go stale, so when you show a signature, it could have been signed at any time.

You can prove that a document was signed before a certain date by non-cryptographic means. Showing the signed document to someone (a trusted third party) is an easy way to do that: if you trust that entity to vouch for having seen the signature at a certain date, then the signature has to be older. The third party doesn't need to see the document, only its signature (containing a hash of the document); if you need to prove that the document was signed, you can reveal the document later.

None of this is what you need, though. You would like to prove that a document was not signed before a certain date — the date when your private key was stolen. The thief could create a signature and pretend that the signature had been made a long time ago (but they will of course not be able to prove it: it would be your word against his).

One way to accomplish what you want is to require that any valid signature be “notarized”: the recipient must be instructed never to trust your signature alone as genuine, only your signature validated by a trusted third party (the notary), which would demonstrate the existence of the signature at the date it was seed by the notary.

Gilles 'SO- stop being evil'
  • 20,442
  • 4
  • 54
  • 97