I would take issue with the fact that the digital signature is a secure electronic signature or that it can guarantee the authenticity of the party signing it.
It is pointed out that the digital signature uses passwords and encryption to protect the integrity of the signature. This means that the actual party to release the private key -- to "sign" the message/document -- submits a password. The authenticity of the party is therefore as secure as the password that released the key.
The best way to guarantee the authenticity of the message author and the source of the device containing the secret key, is to protect the secret key with a biometric, which practically, conveniently and inexpensively, can now be implemented in a network context.
Then we will truly have a secure electronic signature, which, to bring some tradition back to the signature process, could also be used to attach to the message, a digitized signature of the party signing the document.
Do you disagree with this analysis?
You're part right, part wrong, as has been the history of security. Sure, adding the extra layer of biometrics will significantly improve security, but only until the chosen biometric has been compromised.
What do you do when the fingerprint database that drives your biometric security is compromised by a trusted insider or hacker (and don't tell me it won't happen)? Do you call all your users, apologize for the inconvenience and ask them to chop off their fingertips so you can issue new ones?
No security is foolproof, and sometimes you reach a point when security becomes so complicated and multi-layered that users prefer the risk of no security at all.
One of the few biometrics I would trust is voice verification. Sure it's got its problems, like background noise and bad colds (though not as bad as some think), but it's a secure approach to biometrics because it's so dynamic.
It doesn't just compare the user's voice to a recorded template, it issues a challenge and response that requires an intruder to not only know the password needed to initiate the verification process, but also be able to repeat the randomly generated numbers in the user's voice, in exactly the right sequence, at exactly that time and no other. So what if they steal the template -- it's only one of the cylinders in the lock.
Security can never be described in absolutes -- and the words "virtually" and "almost" should always (almost) be included in solutions.
Biometrics is almost the best way to guarantee the authenticity of a message (as long as a hacker isn't holding a gun to the user's head and forcing them to scan their fingerprint), but I wouldn't want to bet my fingertips on it.
This was first published in February 2002