Scenario is I received documents as a PDF along with an MD5 hash. Problem is how do I store these? Thought is to store the document and MD5 separately so that anyone with access to the document does not also have access to MD5 file? I need to ensure neither the document or the MD5 are altered? Is there a better way to do this?
Asked
Active
Viewed 457 times
2
-
Is the assurance important to only you or to show to someone else? Is there a reason no party can use the digital signature features of the PDF file format? – Spencer Joplin Apr 29 '18 at 04:01
-
It will be important if anyone ever contests the validity of the documents. If there is a court case. – Cooper Strong Apr 30 '18 at 15:33
-
I suggest asking at Law.SE, since this is as much a legal question as an infosec question. – Spencer Joplin May 01 '18 at 17:18
2 Answers
2
If possible, have the sender sign them using PGP instead of just providing MD5 hash.
If that is not possible, than the second best thing would be to verify the hash and then sign the document using your own PGP key.
In both cases, you can store the signature in a file next to the PDF. This will allow you to verify the documents were not changed.
Peter Harmann
- 7,858
- 5
- 21
- 28
-
I do not think they will, but just to be sure I understand. If they sign the MD5, no one could tamper with it, because it would have to be re-signed is that correct? – Cooper Strong Apr 30 '18 at 15:34
-
@CooperStrong Not really, I meant signing the document directly. There is no reason to use the MD5 and it would be less convenient to sign the MD5. However, if you need the MD5 for some reason and you don't want to generate it again from the document, then yes, you can sign the MD5 as well. – Peter Harmann Apr 30 '18 at 15:41
-
You don't sign the document, you hash the document and sign the hash. That's why you see
-----BEGIN PGP SIGNED MESSAGE---- Hash: SHA1on the header of any signed data. Signing is an expensive operation, so you will want to do it on a few bytes. Hashing a multiple MB document is not optimal if you can SHA256-hash it and sign the hash. – ThoriumBR Apr 30 '18 at 19:44 -
@ThoriumBR Of course, I meant feeding the file to PGP an letting it make the hash, because unless there is some feature I am not aware of, you can't sign anything directly. So if he signed the MD5, he weould be signing a hash of an hash. Bit redundant IMO. – Peter Harmann Apr 30 '18 at 21:12
0
If you really want to make sure neither the document or the hash has been tampered with, you could:
Check the hash on submission
When you receive the file and the hash, recalculate the hash to see if they match. If they don't, you got a file corruption (more likely) or a tampering (less likely).
Sign the hash
Sign the MD5 hash using a private key. Store the hash and the signature. The signing can (and should) be done outside the storage server: create an API endpoint that will receive a MD5 hash string and return a signed string containing the hash and signature. Lock down this server as much as possible, and if requirements demand it, use an HSM (Hardware Security Module).
Check the hash and signature later
If someone changes the hash, the signature will not match. If someone changes the document, the hash will not check. Signature checking can be done anywhere, as you will use the public key to check for tampering.
The only way to change the document and pass all tests is to steal your private key, change the document, recalculate the hash and re-sign it with the stolen key.
