What to use? Digital signature?

Question

Sorry I couldn't find the best heading for this question. Following is my requirement.

I a working on a project which deals which large amount of money transactions to different account. The system automatically transfers money to accounts of A,B, C etc etc,, But before this is done Some one from A,B or C should approve(electronically) the amount to be transferred.

What do you think is the best way of doing it? I want the system to send a file (PDF of something) which is digitally signed (?) and the authorised person from A,B and C should check and confirm that the amount is correct.

Since the amount is high I must make sure the file sent out by the system is not tampered and at the same time I also want to make sure the file (reply) sent by A,B or C is also not tampered . What is the best way to achieve it? Any ideas?

Answer 1

You'll want to look into MACs (Message Authentication Codes). There are a number of libraries out there for various languages that implement common algorithms such as HMAC.

EDIT: See also DSA (http://en.wikipedia.org/wiki/Digital_Signature_Algorithm), which is a popular algorithm for digital signatures, and is fully implemented in the standard .NET framework (System.Cryptography namespace).

Answer 2

Digital Signatures is what you are looking for. Adobe PDF (since you mentioned pdf) allows you to sign the pdf in the free Adobe Reader version and verification is also done automatically, as soon as you open the pdf document.

The difference between DigSig and (H)MACs as posted by Noldorin is, that MACs use symmetric encryption, where you require a secure channel to exchange the key, whereas in a PKI environment that secure channel is not required.

It depends how you want to distribute your keys.

Answer 3

My first reaction would be Digital Signatures - but they have a fatal flaw: they are digital data that could be compromised by a careless user.

If that is a concern you can go for the process that South African banks use, a one-time password. This password is transferred to them via a means that is not involved in the transaction (in South Africa this is by SMS, which I strongly recommend). We first type in a username and password, and then get the OTP via SMS which we then need to type in for any transactions that lead to money leaving our accounts.

Strong forms of security (in increasing effectiveness) include (I am no expert, but I do know a few):

• Knowledge (A password)
• Possession (A cell-phone SIM card that can receive SMSes, or a USB thumbdrive with a certificate)
• Location (A computer with a hardware-based certificate management system, CellID)
• Time (OTP expires, transaction must occur at specific time)
• Identity (A fingerprint reader - effectively a password - but insanely long)
• Uniqueness (A fibre-optic cable encoded in the polarization of the photons)

From what I know if you have any three of those you can be comfortable with your security. Adding more increases security exponentially, but also increases the inconvenience factor. The banks use Knowledge, Possession and Time in South Africa - and phishing really doesn't work against South African banks.

Hope this helped you out a little.