Score:0

Can I copy digital signature for malicious purpose?

gb flag

I am reading Cryptography. I have multiple questions to ask.

  1. I signed my QR code with my private key so that people can verify it's mine. QR code has data which is public. I have this QR code on my document. Problem is, can an attacker copy this signature of this QR code on the document, and create a fake document with same QR code signed by me ? I assume signature just a sequence of characters after signing the data. Though he doesn't have my private key, he has copy of signature signed by me which can be verified with my public key? Is this possible ? How do I make a document unforgeable in this case?

Any help would be appreciated.

fgrieu avatar
ng flag
Welcome to crypto-SE! [edited]
Score:2
ng flag

I'll read "data which needs no security" as meaning "public data", which is signed, and encoded along the signature in the QR-Code.

Anyone can put a QR code that contains the original public data and signature on any document. That will pass verification against the original public key, with the original public data recovered by the scanner. A photocopy or a sharp photo shown by a smartphone will typically do¹ (that's often a feature).

Digital signature prevents alteration (not duplication) of the data that's signed. More in detail: The standard definition of a secure signature scheme is Existential UnForgeability under Chosen Message Attack [EUF-CMA]. In essence, it says that adversaries given the public key, and message/signature pairs (including for messages of their choice), can not produce a valid signature for any other message. That implies an attacker (assumed lacking private key and signing device) can not both pass verification against the original public key, and alter the public data recovered by the scanner. It does not prevent an adversary from submitting the original data and signature, which will pass a signature check.

We can't avoid cloning a 2D code. Other technologies like Smart Cards, or some more advanced paper-based technologies², can prevent cloning.


¹ Also, with practically all readers, the QR-code can be visually different, including significantly larger or smaller, another color, rotated, partially changed, and with slightly less or much more pixels by changing parameters of the encoding. With some readers it's also possible to mirror, invert contrast, or change from QR-code to another 2D code such as Aztec, DataMatrix, PDF417.

² It has been proposed to encode in the signed QR-code some hard-to-exactly-reproduce characteristic of the paper, and reject the QR-code if there's no match on verification.

Mani Varma Indukuri avatar
gb flag
By the definition of a secure signature scheme, an attacker (without the private key) can not both pass verification against the original public key and alter the public data recovered by the scanner. I didn't get this line. Attacker needn't alter the data. He can copy data and signature from original QR code and use it in another document right. So, when he sends this fake document claiming a genuine doc, the verifier verifies signature with public key of person who signed with private key. This way he can deceive. Is this possible?
fgrieu avatar
ng flag
@Mani Varma Indukuri: I have expanded the answer on the limited goal and formal definition of a secure signature scheme.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.