E-Commerce has a bright future. My digital signature can be trusted because I calculate the signature based on my private key and the message, only I could have signed the message, because only I know my private key. OK, I will be honest, I do not actually calculate anything; my computer does. So, when you trust my digital signature, you are trusting that my desktop computer did what I wanted.
Unfortunately, our computers are not trustworthy. They can be compromised by a virus, a worm or a Trojan. Once any kind of malicious software has gained a toehold, it can install other components, maybe downloading them as required. Often, a private key is stored, encrypted, in a file on the local hard disk. When we want to sign a document, we enter our passphrase, but a keystroke logger can capture that, and the malicious software can then use it to sign anything it likes. We can increase the security by not storing the private key on the hard disk - it can be stored on a floppy disk, or USB token, or smartcard. This reduces the window of opportunity for the attacker, but how many documents could be signed between the moment I enter my passphrase and when I remove the media? More advanced smartcards can perform the signature calculation on the card, and require the passphrase for every signing event. However, I still do not know if the document signed is the one I wanted signed, or the one the malicious software used to replace it.
This is not a criticism of digital signatures, but an exploration of their limitations. Using a private key stored on removable media to create a signature is probably the most secure method we have of doing e-Commerce today. However, most sites are using far weaker methods, passwords and credit card numbers. Digital signatures are dependant on the security of the computer used to do the signing, but the weaker methods are also dependant on the security of the remote server, and of the communications. Many sites use SSL, but the reassuring lock icon at the bottom of the browser window only tells you that you have a secure connection, not who to. How many users click on the icon and check the certificate details?
A lot of business is being done over the Internet with these insecure methods. Ironically, this is because they are known to be insecure, customers are happy to use their credit cards online because, if it goes wrong, they can object and the merchant takes the loss. So far, the extra Internet business has outweighed the losses for the merchants. This is changing: on one hand, online crime is increasing, and on the other hand better systems are becoming cheaper and more available. I recently signed my tax return using a digital certificate stored on my new Hong Kong ID card, in a smartcard reader that cost a third of what it did a few years ago. There are valid privacy concerns about national ID cards, particularly when they are being introduced as a badly thought-through measure in the "War on Terror" (knowing someone's identity does not tell you their intentions), but I have been given, for free, a secure place to store my digital certificate, and the reader to access it is now cheap. I now have a much more secure way of doing e-Commerce than risking my credit card number over an SSL connection to a server that might not be secure. The problem is that I have to take responsibility for anything signed using my key, non-repudiation means I cannot just say, "it wasn't me" and let the merchant take the loss. Which brings us back to our untrustworthy computers - how can I be sure that my computer is going to sign what I want, and only what I want? Not just my computer, if we are aiming at pervasive e-Commerce, I should be able to walk up to a computer anywhere, in an Internet Café, or my business partner's offices, and know I can use it to sign exactly what I want.
If these problems cannot be solved, dark clouds of e-Crime will engulf e-Commerce.
Great efforts are being made to secure our computers: Microsoft has its Trustworthy Computing Initiative, Linux advocates are saying that their Open Source model is superior in terms of avoiding introducing vulnerabilities, and in fixing them efficiently. Many vulnerabilities are being found and fixed, on the one hand this is a success for improving our computers security, but it also shows the failure - there will always be another bug to be found, another vulnerability to fix. Even if we do achieve the perfectly secure computer, we will not know it. Worse, every new software package we install may have undiscovered vulnerabilities, or may, in combination with our other installed software, create new vulnerabilities. Our desktop computers are highly complex, and complexity is the enemy of security.
Furthermore, end users have no foolproof way of telling if their computer has been compromised. They can install all the vendor's security patches, and update their anti-virus software, but every message they see, right down to the reassuring "No viruses found" dialog could be faked by malicious code. A user in an Internet Café is in an even worse position - they have no idea what was installed, or who is maintaining it.
Perhaps trusted readers would be a solution. We could have a device with a screen, about the size of a PDA, with a built-in smartcard reader that probably plugs into a USB port. Its function would be simple: accept a text-only document through the USB connection, display it on the screen, and sign it using the inserted smartcard, returning the signature by the USB. Make the case tamper-evident, and publish the software for review. The Government would certify units; they would definitely not be updateable. This would make them immune to viruses, because they would have limited functionality: they can sign documents; they cannot change their own software. The primary design objective would be to make the functionality as simple as possible, so there will be fewer programming errors, and so the code will be easier to audit.
Why don't I suggest incorporating the display screen into the certificate storage device? The PDA-seized device can be built with today's technology, but fitting a readable display and keyboard into something as easy to carry as a smartcard would be difficult. There are other issues to work out: what about accessibility for the disabled, and support for the full range of Unicode characters?
People could use such a trusted reader anywhere they found it, read the document on the screen, and, when they were satisfied, insert their smartcard for the signing with complete confidence that they knew what was being signed. Perhaps the sun can shine on e-Commerce.