Electronic document authentication

摘要

Digital signature techniques such as the Rivest-Shamir-Adleman (RSA) scheme can be used to establish both the authenticity of a document and the identity of its originator. However, because of the computationally-intensive nature of the RSA algorithm, most digital signature schemes make use of a checksum technique to summarize or represent the document, and then digitally sign the checksum. Message authentication codes (MACs), based on the Data Encryption Standard (DES), are often used for this purpose. It is shown that cryptographic checksums that are intended to detect fraudulent messages must be on the order of 128 bits in length, and the ANSI X9.9-1986 message authentication standard is criticized on that basis. In addition, architectural arguments are advanced to illustrate the advantages of a checksum algorithm that is not based on the use of cryptography and does not require the use of a secret key. Manipulation detection codes (MDC) are defined as a class of checksum algorithms that can detect both accidental and malicious modifications of an electronic message or document, without requiring the use of a cryptographic key.