Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Electronic signatures and watermarking?

from [Martín Villalba] Network Security [Permanent Link]
Subject: Re: Electronic signatures and watermarking?
Date: Thu, 28 Oct 2004 16:54:27 -0300 
Perhaps you could try with Steganography. Basically, you can hide a
text inside an image and encrypt it. That way, you can probe it's
authenticity, since any modification to the image will make your text
unreadable. It also works backwards, ie, you can probe you created the
image since you are the only one who knows the password to the hidden
text.
However, there are some details you should consider: although it will
certainly work with changes made to the begining of the image, I
haven't checked what happens with modifications in the bottom of the
document (if your text is short enough, it may not use the bottom
lines, but I'm just guessing. You should try it yourself). To try it
check the link at the bottom of the mail.
Also, if you want something better, you can try with a SHA or MD5
hash. Basically, a hash is a function wich takes a binary input and
returns a binary output, but if you make even a small change to the
original image you get something completely different as output. As
you can see, you can scan an image and store (in a safe place) the
hash, so if you want to check if it has been modified all you have to
do is run again the hash and compare the outputs. There are different
hash algorithms, SHA and MD5 are the most populars, and also there are
different implementations of each one (some are safer, some have been
cracked).
Note that both methods work only once you have scanned already the
image, but if you want to scan the same document twice and check if
they match none of the two algorithms will work, but I guess that's
not what you want to do.

Steganography demo:
http://www.cs.vu.nl/~ast/books/mos2/zebras.html


On Tue, 26 Oct 2004 08:10:01 -0700, Spencer, Mark
<mspencer@evidentdata.com> wrote:

On business documents (those that still live in the paper world) where
public/private keys and signature verification are unavailable, is there
a way to make an electronic signature (a handwritten one that has been
scanned in) more secure?  Possibly by watermarking?  Anyone can scan in
a handwritten signature and paste it into a document, but I'm curious
about how one might watermark or otherwise secure it.

Thanks!

Mark
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: possible rooted systems, AndrewC
Next by Date:  Re: Allowing scanning from home, Brandon Foley
Previous by Thread:  RE: Electronic signatures and watermarking?, Scan America
Next by Thread:  Re: Electronic signatures and watermarking?, PCSage Information Services
Indexes:  [Date] [Thread] [Top] [All Lists]