Changes between Version 2 and Version 3 of security/electronic_signatures


Ignore:
Timestamp:
Feb 28, 2013, 4:41:02 PM (11 years ago)
Author:
Sam Habiel
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • security/electronic_signatures

    v2 v3  
    66An example is in order: how do you know if the text of a TIU note is the same as what the original user entered?
    77
    8 == Implementation in FOIA VISTA ==
    9 Various parts of FOIA VISTA accomplish this using the encryption and decryption functionality. The encryption algorithm used is a stream cipher (I am not exactly sure which one). For TIU documents, the cipher algorithm uses the document's checksum of document contents as one of the vectors in the algorithm to encrypt the signer's name and title. If the document is modified outside of TIU, the user will see gibberish for these two fields.
     8== Implementation in VISTA ==
     9Various parts of VISTA accomplish this using the encryption and decryption functionality. The encryption algorithm used is a stream cipher (I am not exactly sure which one). For TIU documents, the cipher algorithm uses the document's checksum of document contents as one of the vectors in the algorithm to encrypt the signer's name and title. If the document is modified outside of TIU, the user will see gibberish for these two fields.
    1010
    1111For example, this is a typical signature:
     
    2525Other VISTA packages, notably Radiology, implement the same functionality, using other vectors for encryption.
    2626
     27== Use in VISTA outside of the VA ==
     28The FOIA process removes sensitive security related algorithms from VISTA. As a result, those using VISTA outside of the Veteran's Administration have had to supplement this. I have surveyed all the external VISTAs and here is what I found on how they were replaced:
     29||Item||WorldVistA||OpenVista||vxVista||
     30||Access/Verify Hash||Reversible Hash||None||MD5 Hash
     31||Electronic Signature Hash||None||Restore VA Routine||MD5 Hash
     32||Encryption/Decryption||None||Restore VA Routine||Blowfish symmetric block cipher
     33
     34As you can see from this table, both OpenVista and WorldVistA have done badly (it's not known whether the OpenVista version is even legal) while vxVista has done the best.