Is electronic signature in jeopardy?

A week ago, the Czech media rather dramatically claimed that two Czech software engineers had cracked the electronic signature system - which is used to authorise digital documents on the Internet. Although it turned out later that the truth is a little different, the situation still looks serious. Vladimir Tax looked into the matter.

What happened is that two Czech cryptologists, Vlastimil Klima and Tomas Rosa, who work for the IT company ICZ, found a serious security flaw in the OpenPGP security format which is widely used throughout the world in digital signature systems.

PGP is a hybrid cryptosystem made up of four cryptographic elements and as such, is regarded as practically unbreakable. What Mr Klima and Mr Rosa discovered is a way to bypass the strong encryption and obtain the private signature key using a special programme. The attacker is then able to use someone else's electronic signature. I talked to Mr Klima and Mr Rosa and asked them how their discovery worked.

"Acquiring a private key is a trivial matter and takes about half a second on a normal office PC. It concerns a group of programs, which make use of the OpenPGP format and not only them. Our finding indicates that it potentially concerns all programs using the electronic signature. The premise of this attack is that the attacker is capable of changing records in files with the private key and thus acquiring one signed report with this changed key."

Radio Prague: How do you obtain the signature key?

"This serious bug is caused by incorrect implementation of the above-mentioned strong cryptographic techniques. AES, one of the latest strong algorithms, has been used in the attacked system. However, the protection appears to be illusory. We proved that attackers do not need to attack the strong cipher itself. They can simply bypass it as well as the secret user passphrase. A slight modification of the private key file followed by capturing a signed message is enough to break the private key. We emphasize that this task can be performed without any knowledge of the user passphrase. It is like if we built a wall with a photograph of the most secure bank safe in front of the safe and waited for a banker to put his key in our lock and use our safe."

Legislation on electronic signature has only recently been adopted in the Czech Republic, but implementing the law has lagged behind due to the non-existence of regulations to define the exact procedures and technology. Will this discovery affect the implementation of electronic signature in official documents?

"We hope so. We hope that it has drawn attention to the quality of the resources as well as the requirements of the law."

"I think every kind of commotion is not favorable to anything. On the other hand we feel that the decrees currently being prepared need a bit of commotion."

For the full description of the attack, see /www.i.cz/en/pdf/openPGP_attack_ENGvktr.pdf