Handwritten signatures are an interesting idea.  Since it is something we reproduce over and over, it will always be slightly different.  Even if I try my hardest 100 times and take the two which look the closest to my eye, a computer could probably distinguish between each and every one of them.  Just in the nature of how pens and paper work- the correlation between the amount of ink coming out of the pen versus how hard you press, the smoothness of the stroke versus how quickly you drag the tip of the pen across the paper- a signature is inherently unique every time it is made.  How are we feeling that day? Did the signatory feel weak and sluggish, or vigilant and precise? These things will all play a role into how a signature can vary on a given day relative to what it has looked like previously (and what it looks like ideally to the signatory).

Beyond using evidence like other handwritten language on other parts of a piece of paper which is signed, it is hard to be certain that this signature is not fraudulent. Some more obvious proofs of ownership can be unreasonable requirements in certain circumstances signatures are needed in, such as watching someone sign their name.  If you see them do it, you can be certain it was the person who was standing there who signed it.

After looking at these aspects of handwritten signatures, I’m reminded of something I heard recently at a monthly Bay Area chapter meeting of TOOOL (The Open Organization Of Lockpickers), which can be generalized to include signatures: “Locks [in reference to cheap master locks] are only a protection against honest people”.  That is to say, a signature is not a fool proof method.  They can be faked.  I think the ways in which signatures are used today pushes the envelope of their power.  The accountability that a Financial Accountant has for company records which their handwritten signature is on can leave them in federal prison for years if they are false.

Digital Signatures are somewhat different.  They use cryptography to help prove the identity of the signatory.  They are more of an assertion along the lines of “I am John Doe because I can provide some special information to you that everyone knows only John Doe can compute…”. As long as people keep their private keys safe (which is a lot to ask in a world where 15 year old British teenagers are dumping government databases using fully-automated SQLi fuzzing!)

So for the pessimist or luddite, in this sense, digital signatures do not provide any advantage over handwritten signatures.  How can we be sure at any given moment that John Doe’s private key is still safe and has not been compromised?  If it was compromised, did he detect it? We can’t be sure.

One of my main gripes about RSA is this (I promise this relates back to signatures): Ok.  So we have this absolutely amazing crypto algorithm.  It kicks all kinds of ass.  The underlying protocol to our communication is strong, and unfeasibly breakable.  But the layers built on top of it are less secure.  Our connections can be MITM’ed on the LAN.  Browser sandbox exploits are commonplace today.  This problem can be seen from the perspective of digital signatures.  The underlying infrastructure to our signature is strong, however social engineering is often one of the easiest attack vectors to exploit, and physical security is not far behind it.