Judicial Studies Board - Publications: Digital Signature Guidelines, July 2000

Keeping secure the means of authenticating and of proving integrity

Can anyone other than the signatory use his private key?

82. In a case in which the signatory denies that he has signed an electronic document which appears to bear his signature the court will have to examine what may have happened to the private key, password and any other technology or information necessary to sign documents digitally. This will mean examining their care from the time they were dispatched or given to the signatory to the time when they appear to have been used to create the disputed signature. For example if the signatory runs a small shop the evidence would cover questions such as whether an employee or customer could have obtained the smart card and found out the password or whether the card was kept locked in a drawer to which only the proprietor had a key and it had not been broken open.

Authentication and integrity check at the time of the transaction

Has the signatory or someone else used the signatory’s private key?

83. This stage covers the use of the private key to sign the electronic document (including the use of a password and any biometric technique), verification of the signature by the receiver, his check of the certificate’s validity and of its suitability for the transaction.

84. There may be an issue as to whether the signatory in fact signed the electronic document. The party relying on the signature will have carried out the verification process described in paragraph 22. If that party is prudent it will have stored the received electronic document together with the accompanying digital signature and certificate. The disputed electronic document, signature and certificate could be adduced in evidence and the judge could be provided with signature verification software so as to be able to carry out the verification process. Alternatively hearsay evidence may be admitted to the effect that this check has been carried out and as to its result. The verification process and certificate will only show that the alleged signatory’s private key effected the signature. It will not prove who used it. The alleged signatory may adduce evidence such as that contemplated in paragraph 82 that somebody else could have used it. Alternatively there may be a suggestion that the creation of the key pair by the CA was insecure in that employees of the CA could have used the private key. This would raise matters dealt with in paragraphs 72,75 and 76.

Has the content of the document been altered after signature?

85. In a civil case if there is a dispute as to whether or not the content of the document has been altered the judge may be satisfied on the balance of probabilities that there has been no alteration of the content if the signature verification process is satisfactory. As explained in paragraph 22, that process establishes not only which private key was used to sign the document but also, by reason of the identical summaries, that it has not been altered. However, it may be necessary in some cases to investigate whether the key pair and software used to sign the document are reliable, whether they worked properly or whether they could have corrupted the content of the document. Similar issues may arise in relation to the software and other equipment used by the receiver in the verification process. Technical standards, such as those mentioned in paragraphs 76-78, may be relevant to such issues. Expert evidence may be required, for example, in a criminal case in which a defendant maintains that incriminating material was added to an electronic document after he had signed and sent it. In order to make the jury sure that the defendant signed the incriminating information the prosecution would call evidence analogous to that adduced in relation to DNA. The expert would deal with the statistical likelihood of two documents having the same summary. The evidence would have to establish that the likelihood is so small that the jury can safely disregard it.

Did the signatory sign what he intended to sign?

86. If the allegation is that the document was altered before it was signed then the assurance level of the verification processes will not be relevant. The court may have to examine the content of documents stored on the signatory’s computer. If there is an allegation that he has been tricked into signing a document containing something other than he intended to sign, then the security of the signatory’s computer and its connections to a network such as the Internet may also have to be investigated. Technical standards may be relevant to such matters.

Has the certificate been revoked?

87. Authentication at the time of the transaction includes a check with the CA or with a repository whether the certificate is valid. This is carried out on-line by the receiver’s computer. If the certificate has been revoked the receiver will not do business in reliance on it.

Is the certificate suitable?

88. The receiver will also want to be sure that the certificate is suitable for the transaction undertaken. There may be limitations on the matters of which it purports to provide evidence. For example, the receiver may want to know the signatory or signatory’s age. The certificate may only vouch for their identity and therefore would not be evidence as to the signatory’s age. The certificate may limit the CA’s liability to a figure below the value of the transaction and so the receiver may decide not to do the business with the sender. If a signatory or, as is more likely, the person with whom they are communicating wants the certificate to prove the signatory’s address then the CA will enter into a specific agreement to cover this in the certificate. Indeed certificates may be used for many purposes, for example, a certificate may represent that the signatory is creditworthy up to a certain level or that the CA itself guarantees the value of a transaction. Whether or not the certificate, or rather the CA, does perform such a function will be a matter for investigation in each case.

Revocation of the certificate

89. It may be necessary to revoke the certificate in various circumstances. A certificate would have to be revoked if the signatory dies, if the signatory or an employee or agent of the signatory retires or is dismissed, changes their name, ceases trading or undergoes any other significant change of circumstance or if the smart card with the private key has been stolen or if the signatory suspects that someone else knows the password or private key.