WYSIWYS
Encyclopedia
WYSIWYS is an acronym for What You See Is What You Sign, used in cryptography
to describe the property of digital signature
systems that the semantic content of signed messages can not be changed, either by accident or intent.
”, first publicly described by Diffie and Hellman (1976) in their classic
paper “New directions in Cryptography”, suggests that it is a computer-based equivalent of physical written signatures. Although there are similarities between handwritten and digital signatures there are
also fundamental differences. The main similarity is that both types of signatures can provide evidence
of authenticity of a document. The differences are due to the radically different nature of paper based
documents on the one hand and digital documents on the other. In paper-based transactions a document
consists of text printed as ink on a piece of paper, where the text represents the information and the paper
represents the storage medium. In this way the information and the storage medium are inseparable. The validity of a paper-based document is authenticated by a signature written in ink on the same piece of
paper. The signature serves as evidence of the signer’s agreement to the text on the paper, and the verification of signatures can be done directly without any complex instruments.
For digital signatures all of this
changes. Documents are immaterial because the information is represented by logical bit
s that can be
stored on, and copied to, any suitable electronic medium, and they only become meaningful to humans
when represented through an analogue physical medium such as a computer screen or a printout. The
validity of a digital document is authenticated by verifying that the digital signature logically
matches the bit string representation of the document. Because a digital document in its bit string form can not be
observed or interpreted directly by the signer, the digital signature should only serve as evidence of the signer’s agreement
to the high level semantic interpretation of the document, although technically speaking it represents the
signer’s agreement to the bit string document itself. For human signers, digital signatures should in fact be interpreted as an agreement to the analogue representation of documents e.g. on a computer screen. Highly complex instruments are now needed not
only for interpreting the document but also for producing the digital signature. The complexity of the instruments needed to interpret and visualize the digital document determines the semantic distance between its bit sting representation and its semantic interpretation.
It is relatively easy to change the interpretation of a digital document by implementing changes on the computer system where the document is being processed, and the greater the semantic distance, the easier it gets. From a semantic perspective this creates uncertainty about what exactly has been signed. WYSIWYS means that the semantic interpretation of a digitally signed message can not be changed, either by accident or by intent. This also means that a digital document to be signed can not contain hidden semantic content that can be revealed after the signature has been applied, because that would mean that the semantic interpretation of the document can change. WYSIWYS is a desirable property of digital signature systems that is difficult to guarantee because of the increasing complexity of modern computer systems. Various methods have been proposed to make WYSIWYS more robust.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
to describe the property of digital signature
Digital signature
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit...
systems that the semantic content of signed messages can not be changed, either by accident or intent.
Meaning
The concept of “digital signatureDigital signature
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit...
”, first publicly described by Diffie and Hellman (1976) in their classic
paper “New directions in Cryptography”, suggests that it is a computer-based equivalent of physical written signatures. Although there are similarities between handwritten and digital signatures there are
also fundamental differences. The main similarity is that both types of signatures can provide evidence
of authenticity of a document. The differences are due to the radically different nature of paper based
documents on the one hand and digital documents on the other. In paper-based transactions a document
consists of text printed as ink on a piece of paper, where the text represents the information and the paper
represents the storage medium. In this way the information and the storage medium are inseparable. The validity of a paper-based document is authenticated by a signature written in ink on the same piece of
paper. The signature serves as evidence of the signer’s agreement to the text on the paper, and the verification of signatures can be done directly without any complex instruments.
For digital signatures all of this
changes. Documents are immaterial because the information is represented by logical bit
Bit
A bit is the basic unit of information in computing and telecommunications; it is the amount of information stored by a digital device or other physical system that exists in one of two possible distinct states...
s that can be
stored on, and copied to, any suitable electronic medium, and they only become meaningful to humans
when represented through an analogue physical medium such as a computer screen or a printout. The
validity of a digital document is authenticated by verifying that the digital signature logically
matches the bit string representation of the document. Because a digital document in its bit string form can not be
observed or interpreted directly by the signer, the digital signature should only serve as evidence of the signer’s agreement
to the high level semantic interpretation of the document, although technically speaking it represents the
signer’s agreement to the bit string document itself. For human signers, digital signatures should in fact be interpreted as an agreement to the analogue representation of documents e.g. on a computer screen. Highly complex instruments are now needed not
only for interpreting the document but also for producing the digital signature. The complexity of the instruments needed to interpret and visualize the digital document determines the semantic distance between its bit sting representation and its semantic interpretation.
It is relatively easy to change the interpretation of a digital document by implementing changes on the computer system where the document is being processed, and the greater the semantic distance, the easier it gets. From a semantic perspective this creates uncertainty about what exactly has been signed. WYSIWYS means that the semantic interpretation of a digitally signed message can not be changed, either by accident or by intent. This also means that a digital document to be signed can not contain hidden semantic content that can be revealed after the signature has been applied, because that would mean that the semantic interpretation of the document can change. WYSIWYS is a desirable property of digital signature systems that is difficult to guarantee because of the increasing complexity of modern computer systems. Various methods have been proposed to make WYSIWYS more robust.