January 27, 2009

Digital signing

This is in response to the NY Times article about archiving and crypto hashes:

The article presents this as being “new? technology, when in fact it is very mature technology. Hashing is a wonderful tool for digital signing. It is in extensive use by many software distributors as a sure-fire way of verifying that a piece of software is not corrupt or tampered with. As a core technology, hashes and crypto are bulletproof. The trouble lies in the implementation.

Two fundamental flaws exist. First, it is implicit that you trust the source that you obtained the digital signature from. Ironically, modern public key cryptography renders the transmittal of these signatures over the internet quite safe. The real danger lies in social engineering, which transcends computer security, and can only be defended against via behavioral changes, or spartan security procedures. The second problem was touched on more extensively in the article: the practical problems of archiving data for the long haul. Fancy digital signatures are of no use if your data is unreadable or stuck on obsolete data mediums. While I think that it is worthwhile to standardize a long-term data storage medium, I think a more practical solution is readily available to us: incremental backups. What I mean by this is that we should continuously be transferring our archival data to newer mediums of storage, so that it never gets stuck on an old tape drive that you can’t use.