In non-face-to-face communications, such as e-mail communication, Internet browsing and telephone communication, it is important to be able to assure the identities of all or some of the entities involved in the communications. For example, in e-mail communication, it is important to be able to assure that e-mail goes to its intended recipient and that the sender is the entity that it claims to be. Also, in Internet browsing, it is important that the webpage is from the intended website. In the so called “phishing” attacks, an e-mail sender (phisher) uses other entities' identities to send e-mail to other people. For instance, a “phisher” could send an e-mail which is claimed to be from a bank to a recipient asking the recipient to login to a bogus website and give out sensitive information. The sensitive information is then collected by the “phisher”. In the so called “pharming” attacks, people are deceitfully directed to bogus websites. Using the same scheme, a “pharmer” can direct a wireless phone call to a bogus destination. Currently, there are no effective solutions for solving these problems. A method that can effectively perform identity authentication can help to fight against the problems.
Digital signature is a method for identity authentication. In this method, a hash function is used to produce a message digest of a message. Then the message digest is encrypted with the private key in a private/public key pair of the sender of the message. The encrypted message digest then is sent to the receiver of the message. The receiver uses the same hash function to produce a message digest of the message she has received. The receiver also decrypts the encrypted message digest she has gotten from the sender by using the public key in the key pair. Then the receiver tries to see if the decrypted encrypted message digest matches the message digest she has produced with the hash function. If they match, the receiver is assured of the identity of the sender. She is also assured the integrity of the message. Also, the sender of the message cannot deny that she has sent this message to the receiver. Theoretically, the digital signature method can be used to authenticate the sender of data and ascertain the integrity of the data. However, in reality, the effectiveness of this method is affected by many factors and it is not easy to verify a digital signature. First, the hash function used in a digital signature method requires that the data bit stream that is being sent be completely same as the data bit stream that is received in order for the digital signature method to work. Some e-mail systems may add symbols, including whitespaces to e-mail, which invalidates the digital signature. Secondly, a digital signature verifies only the syntax of data but not the semantics of the data. Because different systems could interpret a symbol differently, the data bit streams at the sending end and receiving end could have same syntax but different semantics. That means even when the data bit streams at the sending end and the receiving end are same, the presentations of the bit streams at the sending end and at the receiving end could be different, which means the meanings of the data at the sending end and receiving end could be different. For example, a piece of HTML code could be presented as different Web pages with different meanings by different Web browsers. In this case, the digital signature method is invalidated. S/MIME (Secure/Multipurpose Internet Mail Extensions), Open PGP and PGP/MIME are protocols and systems for sending and receiving signed and encrypted e-mail. In these systems, digital signatures are used to sign e-mail, therefore the systems inherit the problems with the digital signature method discussed above. Since a digital signature carries a serious authority, the use of this method in an open environment, such as the Internet with variety of browsers and mail systems, could be very misleading and causes adverse consequences.