At FGI, we continue to wonder why GPO has never said that they will avoid using “Digital Rights Management” (DRM) tools to authenticate government publications. DRM technologies, which are designed for use by the entertainment industry to protect content from copying, are (or should be) antithetical to open, freely available, reusable government information. A different way to authenticate a digital document is with a “cryptographic hash.”
[A] cryptographic hash algorithm is a highly complex math formula that can be used to create digital signatures and authenticate data to ensure it hasn’t been tampered with.
[NIST] is looking for “unclassified, publicly disclosed” algorithms that would be “royalty-free” and “capable of protecting sensitive government information well into the foreseeable future.”
— NIST announces competition for new cryptographic hash algorithm, by Ellen Messmer, Network World, 01/23/07
Such “digital signatures” (each one essentially a string of numbers) could even be included in library OPAC records along with a link to the algorithm so that any user could verify the authenticity of any document using open tools that run on any platform.
- NIST Wants Comments on Draft â€˜Hashâ€™ Requirements, NIST. January 23, 2007
- Announcing the Development of New Hash Algorithm(s) for the Revision of Federal Information Processing Standard (FIPS) 180â€“2, Secure Hash Standard. Notice and request for comments., DEPARTMENT OF COMMERCE, National Institute of Standards and Technology, [Docket No.: 061213336â€“6336â€“01] Federal Register Vol 72, no. 14, January 23, 2007, p. 2861.
See also: Draft requirements for new hashing standard open for comment, by William Jackson, GCN, 01/23/07
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.