Earlier this year, hackers breached into the servers of CCleaner, a famous tool with more than two billion downloads, and distributed an infected version of the application to millions of users. A few months before that, a similar attack on the update servers of MeDoc, a Ukrainian software company, enabled hackers to distribute updates infected with the Petya ransomware to tens of thousands of computers and trigger a global crisis.
Both attacks were successful not because of the breaches per se, but because the attackers were able to digitally sign their malicious apps to make them look legitimate. Digital signatures, the electronic equivalent of handwritten signatures and stamped seals, have become a cornerstone of online security. We use digital signatures to validate the authenticity and integrity of sensitive data such as emails, business documents, monetary transactions and software binaries.
Digital signatures enable receivers to verify the identity of the sender of data and serve as undeniable proof (non repudiation) of the source of information. In some jurisdictions, digital signatures are admissible as court documents.
However, despite the heavy burden that we place upon digital signatures, they are susceptible to some serious hacks and can be turned against us to do some very damaging things.
How do digital signatures work?
Digital signatures use the asymmetric cryptography (public/private keys) and the Public Key Infrastructure (PKI). For each user or entity, a certificate authority (CA) issues a public key, which is accessible to all. The corresponding private key is exclusively owned by the entity or person in question.
To digitally sign data, a party that is sending or publishing digital information creates a hash of the data, encrypts it with its private key and appends it to the document. Sometimes, complementary data such as digital timestamps are added to the digital signature. The receiving party can verify the integrity of the document by decrypting the signature with the sender’s public key and comparing it with its own hash of the document’s contents.
What can go wrong?
While digital signatures are a very effective method to prevent data tampering and impersonation, they’re only valid as long as you can keep the private keys secure. As soon as your private key falls into the wrong hands, your signature can be forged. Given the amount of trust we place on digital signatures and the sensitive tasks that we tie to them, their compromise can become very damaging.
In 2012, cybersecurity firm McAfee found over 200,000 pieces of malware with valid digital signatures. Valid signatures can fool users and even security tools into trusting a malicious application.
Companies and individuals go to great lengths to protect their signing keys, such as storing them in separate networks and machines, and limiting physical access to the machines where they’re stored. But as long as the private keys remain a single point of failure, it only takes a single incident to render digital signatures useless. This can be a malware such as Zeus, which scans infected computers and steals digital certificates, or it can be a human error, such as a careless employee who falls into a phishing trap.
How two-factor authentication secures digital signatures
Two-factor authentication (2FA) is a well-known method to protect users against digital identity theft. 2FA ties access to online accounts and information to having two or more tokens that prove ownership or permission.
Secret Double Octopus, a leading provider of 2FA technology, provides a solution that combines ease-of-use and advanced security. With Secret Double Octopus, access to digital signing keys can be tied to several factors, including passwords, specific devices and biometric data. This will make it exponentially harder to gain unauthorized access to keys or to replicate them.
Meanwhile, the Octopus Authenticator app provides a frictionless experience, removing one of the main barriers to adopting 2FA in organizations. In the background, Secret Double Octopus uses multiple channels to generate and validate its authentication tokens, making sure that the authentication and signing process can’t be intercepted or compromised through man-in-the-middle attacks or other known schemes.
Your digital signatures deserve to have protection that is on par with their critical value. Find out how you can protect the digital signatures of your organization with Secret Double Octopus today.