1 / 9

Evaluating Multiple Signatures: Policy Issues and Downgrade Attack Prevention

This document discusses critical aspects of multiple signature attributes, focusing on the evaluation of signatures under the threat of downgrade attacks. Key concerns include the removal of superior signatures and the implications of second pre-image attacks on compromised hash algorithms. The structure elements of multiple signatures are outlined, emphasizing processing methods, generation protocols, and evaluation criteria. The ongoing requirements for both intra- and inter-SignedData signature assessments are highlighted, with a focus on drafting a comprehensive policy by month-end. Future discussions are planned post-San Diego.

evadne
Télécharger la présentation

Evaluating Multiple Signatures: Policy Issues and Downgrade Attack Prevention

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Multiple Signature Document Jim Schaad Sean Turner Russ Housley

  2. Topics to be Covered • Multiple Signature Attribute • Policy Issues in evaluating Multiple Signatures

  3. Downgrade Attack • Downgrade attack requires: • Removal of all “better” signatures • 2nd pre-image attack on broken hash algorithm. • Does nothing for self issued downgrade attack.

  4. Structure Elements MultipleSignature ::= SEQUENCE { bodyHashAlg DigestAlgorithIdentifier, signAlg SignatureAlgorithmIdentifier, signAttrsHash SignAttrsHash, cert ESSCertIDV2 OPTIONAL}

  5. Processing • Generation • Algorithms are from the referenced signerInfo • Hash values set to zero for computation of this attribute • Uses multiple attribute values (one per reference and no self reference)

  6. Processing • Evaluation • Text to be written still • Reverse process by setting hash back to zero • Error text based on missing signer infos referenced from the attribute • May not care if algorithms referenced are “weak”

  7. Policy • Text still unwritten • Discuss requirements for intra- and inter-SignedData signature evaluation.

  8. Forward Looking • Should have draft by the end of the month • Look for last call after San Diego.

  9. Questions

More Related