Like most of you, I sign stuff a lot.
Like many of you, I’m usually a bit embarrassed when I do it. My signature has devolved from a relatively legible cursive “Noah Stephens-Davidowitz” when I was in high school to my college “Noah S-D” to my post-graduation “N S-D” to my current series of four squiggles, which one might be persuaded are loosely derived from my initials together with a hyphen.
My business partner, Thomas, told me (I think only half-jokingly) that it was unacceptable for signing contracts with our clients. He accused me of just writing the number 900 lazily and sloppily. (I personally think it typically looks more like 907, but that day, I concede, it looked pretty 900ish.) Even people delivering food to my apartment, who only ask for my signature to protect themselves in the unlikely event that I later claim to have not received my food, have asked me to confirm that my signature is in fact a signature.
I would post an image of it for my readership to laugh at, but I suppose that that would be a bit of a security vulnerability.
But, isn’t that incredibly silly? I have in my mental possession four vaguely defined squiggles. For some reason, I’m forced to show people my squiggles all the time as some sort of confirmation that I, Noah Stephens-Davidowitz, am agreeing to something . And, it’s not just with delivery guys; I use my squiggles for extremely important interaction with governments, clients, my bank, etc. But, in spite of the fact that I show this thing all the time, I’m also keenly aware of the fact that posting it publicly on the internet is a terrible idea.
All of this is in case I at some point I say “No, I never agreed to that.” Because of my signature, a slick lawyer could then confidently respond “But, if you didn’t agree to that, then why are these four squiggles here? Who but you could have squiggled four times on this piece of paper in such a way?”
Touche, slick lawyer.
Well, who could have made those squiggles?
First, there’s anyone who’s ever seen my signature. I don’t want to post my signature online because, if I did, anybody with a printer could forge my signature on any document. But, every delivery guy who’s ever been to my apartment, every client with whom I’ve worked, my current and former landlords, every waiter or cab driver or cashier who’s swiped my card, and a whole army of secretaries have all had access to my signature anyway. Any one of them could forge my squiggles on any document that they wanted. They might use a scanner and a printer, or they might just carefully trace them out with a pen.
A secure signature should instead somehow incorporate what I’m agreeing to, so that someone with the ability to create one of my signatures only has the ability to forge my signature on one document. So, my signature shouldn’t just say “Hi, I’m Noah S-D;” it should say something like “Hi, I’m Noah S-D, and on April 5th at 4:12 PM, I accepted this delivery of six salmon avocado rolls, a piece of tamago, six unagi rolls, a miso soup, and a ginger ale.” I might, for example, try writing something like that out in cursive for each thing that I want to sign. And, maybe my way of writing out all that stuff in cursive will be pretty unique so that if someone else were to try to write “Hi, I’m Noah S-D, and I agree to give this nice man my bank account” on some piece of paper somewhere, they might not write it like I would.
But, that brings up another very unsatisfactory aspect of my signature: I don’t really believe that it’s particularly hard for somebody to write like me. I think there are some experts who do in fact believe this, and maybe they’re right. As best I can tell, the basic argument is that people vary in all sorts of ways in how they hold and move a pen. So, when I draw my squiggles naturally, lots of things about how I hold and move the pen might be unique. While I’m able to create these subtleties without even intending to, they might be very hard to recreate naturally for others. (Of course, with a scanner and a printer or with tracing paper, they’re trivial to recreate.)
But, lots of people have lots of different signatures–Some people write with almost perfect handwriting, while others write things that don’t even look like letters; some vary their signatures a lot. And, since most laymen (myself included) aren’t very convinced that these things are particularly hard to forge, I don’t think people take them very seriously. (My mother once made a point of signing a bill as “Joe Schmoe” to show that her signature meant nothing.)
Isn’t there something that we all know that only I could create easily?
Yes. These two problems are solved quite elegantly and simply by exploiting some things that are extremely unique to me and come quite naturally to me: My face and voice. If I want to prove that I said something, I can simply record myself saying it! Any person who speaks English can look at a video and determine whether or not it’s me in the video and what I’m saying. So, that’s really easily verifiable. Since I walk around with my face and voice all the time and nobody else does, I’m the only one who can make such a video easily. So, it’s hard to forge. (Maybe not for identical twins, I suppose.)
Of course, this requires the hardware to record a video and the memory to store it. YouTube, which has over a billion videos on it, provides some strong evidence that this is doable, but it’s a non-trivial infrastructure problem if we want everyone in the world to do it. Even just for me, with a smart phone that can record video and put it online, the process is still a bit too slow and cumbersome to use at the grocery store. Just saying “On April 5th and 4:40 PM, I purchased one box of Froot Loops” at the checkout counter while someone videotapes me seems sort of annoying. However, this might still be the best way for us to sign important things that are worth the effort.
There’s also the risk of someone forging a video. Right now, this isn’t really possible, but it probably will be soon. Check out what these people at the University of Illinois managed to do.
Still, this is a long way off from forging a video of me admitting to purchasing cereal. Plus, it’s way way better than the current system, where anybody can forge my signature fairly easy. If social norms and my lawyers allowed it, this is how I would sign all my important contracts right now, and I would ask people to show me the same courtesy. Unfortunately, this is not the case, so I’m stuck with my four squiggles.
Sufficiently nerdy readers will probably recognize that this blog post has a startling omission: cryptographic signatures. Indeed, as a budding computer science theorist, I naturally think those are the best solution. And, when I originally wrote this up, it mainly focused on that and simply used the video idea as a stepping stone to the more abstract notion of a digital signature.
But, I realized that my commitment to making very few assumptions about my readers’ prior knowledge and my strong desire to avoid handwaving necessitated an extremely long and boring post. So, I will, at some point, write up a more appropriate explanation of public-key cryptography in all its glory. Perhaps in that post I will explain how public-key signatures work, or perhaps I will use it as a reference for a separate post about them.
As penance, please accept my PGP public key and my signature (based on the current first draft of this post). I won’t sign my key itself because I don’t off-hand if RSA is considered secure with key-dependent messages. (I think maybe not?) Feel free to leave encrypted comments!
—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v2.0.14 (MingW32)
mQENBExxiv8BCADhxr3X9pXc0JucxZhPaVk6kZWyu8iZYy0dY9vaBBSYv+IvtEGT
OVH/vfBiYsk19NXjs21mXRKnzkcjFuvAWdBCMwjJduoxcrWeagls8zAWN7xQLjnm
MK85GVML48F3NO/cLiRXpaTYWm+NEilalG2JOUf9xTCVFBuSjxvKqZCfJRSXTJt+
Pwr124yLXowGuK4bhn0HXlDahfWqqUSc3q/WzwpwWtUpKgahhAGjNpnHt1JIhxkC
h5X7KrY+715eZwDeuWY5YVdte+4gtZaUSfsczWwjQY65cchN/raa2whtEr+/7YGF
gQejihkWpTqmx+0ZAa5DxMbb7rNFrZULSA0xABEBAAG0Gk5vYWhTRCA8bnNkNGV2
YUBnbWFpbC5jb20+iQE4BBMBAgAiBQJMcYr/AhsDBgsJCAcDAgYVCAIJCgsEFgID
AQIeAQIXgAAKCRBmnjbqoA0bNS3QB/9aWUqt5eDRRg54nxaxAmi64V+ejQAQOl+t
9hm1XJ+Rlqr+kMExfizsd29X1iKsDr9fAC4TkkwQp5vOimhZUPJ0ck6UpdWsjpJT
iJIMTRCCLf6ZHfuV14kdJSqVEk0lOp3BNxkk7rvYeEWk8/6D6ov3Kk3YXJ0Q1v9A
oJ3LwrG6+38Iy3gixx4TKOx3A89Jp5MNJHRwpc+dkOa/ZvjV84UsIuxWcn6sceyJ
hdCV6JJitE9Mc6Q2IyfzLeZ86LeGB9wbtmLSHeZj/V+Ukc+tMJnNBDwVuSvdjW13
Ppc6C2gcd6G+WwOQbFuVcXPGJD9dKIbaql1kp+PRHwR63PJ6J+vNuQENBExxiv8B
CADCT6nUfSlVcuheGTlQGeyBegEkbwn72mxeoTe0BUk3JeuGRJzzc8ThD6oUaZq2
ITWIBy/0aCDv93gSOv/7fq/YF8ZlSAINTmDCigBRw+ld5AHZ9Ox/FPt9LIHftWoh
fq+s+w1IpSzaHZcO5ob/vJnM2b8DznS1Fs/l3u4FP6Ojm8SvIDOTYK8v5wqDanJp
T9Vd2MeCz1XjjNQYrSoa36J8iN5nn1Tj+5FxgqF1J0iTjrH4nRY9W9QY2PV7jwjo
+KLIXLVFFtF7nKa3m9/EXeuQfnN/xurQCcW+Sbk6WpB0r8h6WNGgMGgNnBbdWimd
EszC84/GLTt/42WcDMchyvwZABEBAAGJAR8EGAECAAkFAkxxiv8CGwwACgkQZp42
6qANGzXpLAf/Wxcoi6wBXJ0zhlqha0iUsb6Z5jMbG400Wuk/+YT33/2T/2NUx5Kt
n+OZM4KmNPh5F0BpTVxo4WbTQTqC5opv0x+usGSUF4ulB4II7erW7zXVcFaIJ2B9
mqKVkEebEcv3Hd1OWu3cc72rvNCN8LtbdkbY6MN4HBeUev5BfBGH1FS0GY63GBsE
Cn0UCCtNv0HgJ2HvteRwfCMD/7+4ADNfXepvCwIpmNSWZmYPx/4StKFGzjnj0htr
AAxjruXm9DTkHeCHu/KDD1ODx/L2bsszlN6kq/z/E81z+5f56pVuwmFk0PQLzbnV
Cdz2JIiW0xrlfKgnIMB3k6sIgyq2Wjur2w==
=eVsa
—–END PGP PUBLIC KEY BLOCK—–
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2.0.14 (MingW32)
iQEcBAEBAgAGBQJPfhX5AAoJEGaeNuqgDRs1geQH/jxFfjWQiyMS4KP3zZuZTIr1
TzXSFqvMxI9Otsnqy3DGs8ncnEPllXMYrqp3YxGCEd+6d+lQyy3/ZyS0ViZpgKrL
4lfmvhPBbE6dTIkVx2nN6/GkXxT+SNhdl5EqVoNCeHYLAtKaU3EXpwF+8CEJ0paF
ugSHuKMJIWpxokhHzkk1PUzd1+rDluY3zSi9sOjruNrGaDmbAyt1v0zl/dR8eSzX
l9iB97jS4gmQkS9YRRuPG7JokR2wZCWwsbn48JMDZrOc4e3DTwCeKzHswTmjGEwg
V+h4XwSBqWxpSuV6QIttqN3G2jfrww4q6xGFgsZbBEjfxsv+kBA4RSWCdR68WXA=
=fltY
—–END PGP SIGNATURE—–
Wonderful post. Surely signature by ‘squiggle’, as I also like to call it, must be one of the most archaic conventions still prevalent. We aren’t the only ones bemused.
But why no mention of good old fashioned, alphanumeric passwords? Obviously iris / fingerprint scanners could save a lot of password typing.. Of course, first the brick and mortar / public sector worlds need to catch up with basic technology. But what can you expect from a world where exams at school are still hand-written?
I’m not sure how I found my way here, but I trust from your sentiment that you’d be pleased to know AssetSwarm is striving to be part of the solution to the signature by squiggle problem!
Asset,
I’m happy to know you’ve independently come up with the same expression.
Unfortunately, Alphanumeric passwords/iris scanners are simply solutions to a different problem. Signatures are used to provide proof for any potential skeptics in the future that you agreed to some specific thing. Passwords/iris scanners are used to prove that you’re you right now to one specific person (whom you trust with your password/a scan of your iris).
In short, I can’t simply write my password on a contract because now my password is public, and I can’t attach a scan of my iris for the same reason. That sucks because you don’t want your password/iris to be public, and it doesn’t solve the problem of signature by squiggle because anyone who’s got your password or iris on one document can easily transport it to whatever document they want.
Any reasonable signature must differ depending on the document. A videotape of yourself reading the document out loud is a very natural solution. There are also some beautiful cryptographic solutions that I’ve been meaning to write about and hopefully will eventually.
Noah, this is fun. As much as I have every intention of finishing reading your immensely enjoyable ‘What’s Cancer’ post, these contractual issues are central to AssetSwarm’s raison d’etre.
in short (it would be a fine thing, if I could ever write anything short) I beg to differ; AssetSwarm is destined to extend beyond providing music recording contracts. We intend to cover everything that is traditionally signed in ink, but by substituting ink and paper for password and pixel. Best known as a ‘clickwrap’ agreement.
So there you have the crux of my argument. Most recording contracts have been signed not by iris scan, nor by encrypted password, but by pen.
AssetSwarm provides recording and music publishing agreements that are signed by password. None of our users are required to disclose their password to anyone but Google / Facebook / Paypal et al.’s software. (AssetSwarm uses OpenID – and so could those ridiculous things that the delivery driver brings). As soon as home plug-in iris readers have sufficient penetration, we’ll happily support those too!
If you can pick any possible holes in our solution to the squiggle-problem, we’d be grateful, though I imagine Google / Facebook / Paypal et al. would be better prepared to pay for them!
Keep it coming! – and much respect.
Sorry for the extremely late reply, AssetSwarm, but I guess I misunderstood your original point. It seems that you’re talking about cryptographic signatures, using a password/iris scan as the key. As I say at the end of my post, this is obviously the only real solution.