#44 Drive in piece darling, the keys are inside

What is a Signature Party? On "digital notary", where information security experts spend their time, and how it all relates to "Via Dolorosa".

Photo by SpaceX on Pexels.com

A few years ago, I had to sign a notary on some legal document. After some clarifications, someone referred me to a notary who is "admittedly a lawyer, but he is actually really fine". Remember in one of the last posts I wrote about how easy it is to be a programmer? So maybe it's really easy to be a programmer, but there's nothing like being a notary to make money from nothing.

Anyway, this notary apologized that he takes two hundred NIS for each signature (and six signatures were required), but he has nothing to do about it because that is the law. Indeed, best job in the world. One thousand NIS at one stroke. I remember that even then I did not understand why not make this whole story of signatures digital, it is so obvious.

A good few years have passed since then, and indeed the world has advanced to digital signatures. Even schools have moved on to send requests for approvals by email. Last year it was permits to go on trips and the like, and now unfortunately it comes down mostly to corona permits. Banks and even some government ministries also allow digital signatures. Everyone except the Bar Association, I wonder why?

Anyway, this whole digital signature thing is very nice. Saves a lot of paperwork and going to all kinds of offices, and the truth is I have no idea how we would get through the corona if it were not possible to do so many things online.

Of course, the high-tech world, and especially the fin-tech, are an important and central part of this wonderful digital revolution. Without us this whole segment of digital signatures would not have been possible. But the truth is, that we may have made a terrible mistake here. We made the business too simple, and mostly too free. We had to invent a "digital notary" and make some money from the whole business.

Just before I will be accused of superficiality and a lack of understanding of how things are going (which is probably true), let's reveal a bit of this bluff called digital signature. According to Wikipedia: "A digital signature is a cryptographic method, which aims to verify the identity of the sender of a file sent from one computer to another." Or in other words, instead of a stamp we have an awfully long and awfully secret number, called a key. And using all sorts of math and software tricks it "seals" the file.

OK. Let's say we understand.

What is important to remember is the notion of the keys. This whole business of information security and digital signatures is based on these long, secret keys and how to keep them secrets. Once the evil hacker managed to get his hands on the keys, it's Game Over. All that is left to tell him is "Drive in peace darling, the keys inside" (a very famous Israeli phrase from the sketch "The Recruited Car" by the “Pale Tracker”).

But the whole idea with the keys and signatures is relevant not only to online shopping or transferring money from account to account. Also, in software development, and especially in the transition from the development stage to "production", a place of honor is reserved for the keys.

Anyone who understands cyber and information security a bit (and among us, who would say he does not understand it, or at least an expert? Look here) knows that any self-respecting software should be signed with super-secret and super-long keys before releasing it to customers so it can not be hacked. Well, then where's the catch? So here's the catch: in order to sign the software you need to get a software security expert to "sign" the software, indicating that everything is fine. That we passed all the tests and code reviews, and that we did not insult the expert at the last meeting. And now go catch him (you got the double meaning?)

Now imagine, a bug fix at the very last-minute moment, everyone works like crazy. Found the problem at two in the morning, the fix is ready at four in the morning. With some miracles we manage to pass all the builds and the automatic tests and …? Now everyone has to wait for the security expert to come and sign the software.

What's more, in recent years they have come to the conclusion that one signature is not enough. And you need several signatures to release a version, and of course you need signatures of at least three different experts, as if this is a nuclear missile launch. Now go get the signatures of three experts. It's worse than a travel form. Experts call it a signature party. Yes, yes, there really is such a thing.

And worst of all, that sometimes the expert gets up on the left side in the morning, and does not want to sign your version, because you touched some corner of the software and now maybe there is a shard of a tiny hole of a potential security issue here. In short, he disqualifies your version. Then you run to fix, and compile, and fix the compilation errors, and compile again, and work on the build and all the "Via Dolorosa" again, only to find out that the expert went to some conference (Security professionals spend most of their careers at conferences) and she will only be tomorrow.

Finally, all I have left to wish you when you are due to release the next version is that you have a good signature finale … (Jewish blessing for "Yom Kippur").

[Based on a real case]

And the smart engineer says: Digital files cannot be made uncopyable, any more than water can be made not wet (Bruce Schneier)

And the smart engineer says more: If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology (Bruce Schneier)

להשאיר תגובה

הזינו את פרטיכם בטופס, או לחצו על אחד מהאייקונים כדי להשתמש בחשבון קיים:

הלוגו של WordPress.com

אתה מגיב באמצעות חשבון WordPress.com שלך. לצאת מהמערכת /  לשנות )

תמונת Twitter

אתה מגיב באמצעות חשבון Twitter שלך. לצאת מהמערכת /  לשנות )

תמונת Facebook

אתה מגיב באמצעות חשבון Facebook שלך. לצאת מהמערכת /  לשנות )

מתחבר ל-%s