6

I have recently been the victim of having my medical record tampered with by the organisation holding it. Under state law I have a legal right to submit information to be included in my medical record, but I cannot request any information to be deleted (including information I have submitted). I plan on generating a notice to be inserted advising anyone - and any other entities who might obtain access - of the tampering.

Considering the organisation is hostile and may attempt to tamper with the notice as well, I figured cryptographically signing it with my PGP key would be the perfect solution. However, the organisation exclusively uses a paper-based record system.

The notice:

  • must be output in paper form
  • should be A4 sheets
  • must be in a legible format for the content of the notice to be immediately readable (ie. easily read by non-technical persons)
  • must be able to support several physical pages of plaintext at a standard font (ie. if the content of the notice were to be printed as is, it would be several physical pages long)
  • must be able to be verified in the future in some manner (ie. by another entity), possibly with/without my involvement in authenticating it
  • must be kept confidential, subject to the same confidentially as with the rest of my medical record (the content of the notice cannot be external to the medical record and obviously cannot exist publicly)
  • must be capable of being verified after being [photo]copied in the future
  • may be damaged (ie. stapling, wear-and-tear, etc...)

What issues might I run into if I generate and sign the notice?

daniel
  • 161
  • 2
  • 3
    If this organization has complete control of the record, can they not remove your new entry (including any digital signatures) completely? Or perhaps refuse to enter it in the first place? – Numeron Jun 16 '16 at 04:01
  • 1. the information I submit to be included must be included verbatim if I request it to be. 2. the organisation cannot legally refuse to include it, and also has to provide me with a legal notice of including it. – daniel Jun 16 '16 at 04:15
  • 4
    There are 2 scenarios here - A) They aren't going to tamper with your entry and B) They are going to tamper with your entry.... In scenario A, you don't need a signature and in scenario B they can remove the signature or even not submit your entry in the first place. If you believe that being provided with a legal notice is going to force them to follow the guidelines then you fall into scenario A. If not then you fall into scenaro B. In either case a signature isn't going to help you unfortunately. – Numeron Jun 16 '16 at 04:43
  • Good points. I guess I am looking at this from the case where another organisation obtains a copy of my record from the hostile organisation. If the entire notice is removed I can claim tampering (via the legal receipt they provide). If the content of the notice is modified I can claim tampering by verifying with the signature. If the signature is removed or modified... that's where I was thinking I could calculate the hash for the notice before submitting it. I publish the hash separately in a public place, then use it to verify the integrity of the notice + sig if it becomes an issue. – daniel Jun 18 '16 at 05:52

2 Answers2

1

What issues might I run into if I generate and sign the notice?

Not considering the practical issues with paper-based digital signatures, let's consider what an attacker could do with your signed message. Consider the attacker a man in the middle: he's broking the information between you and possible readers of the records.

  • Obviously he cannot modify it maintaining a proper signature.
  • He is able to suppress the message, not handing it over to people reading the records.
  • He is able to replace the document by another, unsigned and modified copy.

You can hardly change anything about these, unless the reading party is expecting a signed statement.

There are some practical, technical issues with digital signatures: you must be able to derive an exact digital copy of the analog paper-based document, even the tiniest change will result in broken signatures. OCR is not a proper method of doing so, although compare with the publishing of PGP's source code having each line annotated with a checksum. The signature itself makes things even worse, being a rather large (for human readers) unstructured pile of hexadecimal or Base64-like encoded data (at least, this is the obvious representation likely to be chosen).

Encoding in a machine-readable manner (like QR codes) will enable proper reproduction of the signed message, but prevent humans from reading the documents immediately. There is no standard for digital signatures on paper-based documents, and I'm not aware of any applications providing easy access. You'd have to put everything together using several components, describe the workflow and the reading party would have to do everything in reverse: I would not expect people in medicine being able to understand such technical documentation, and additionally also have a proper understanding of cryptography required to analyze any issues and possible attacks.

Jens Erat
  • 23,446
  • 12
  • 72
  • 96
  • Assuming the reader expects a signed message, I guess what I am asking is to what extent I will need to document how the notice was constructed in order to account for anything (ie. \r\n vs \n), and what impact having the notice physically printed will have at present or in the future. – daniel Jun 18 '16 at 06:03
  • 1
    Sticking with well-documented standards you should not have issues once you achieved an exact digital copy. For example, OpenPGP defines newline handling for text documents already. The issue will merely be a "how can I get an exact digital copy of printed documents without _any_ errors". – Jens Erat Jun 19 '16 at 09:15
1

The proposed signature is not evidence of tampering

Tamper resistance is a feature of signing process, not of a signature mechanism.

Your current situation, as I understand, is that some authoritative organization is holding information (that you currently have access to) A, and you're afraid that can assert that the true version of that information is (and always was) B.

Your proposal, as I understand, is to amend that information with a signature that essentially asserts "I, daniel, have signed A on ".

Assuming that you manage to do this in a secure manner, it by itself doesn't prevent that risk - since the signature is made by you and not approved by the "authority", all it proves is that you possesed the signed information. Just as without the signature, they can claim that the true version is B, despite your (signed) claims about A.

If you want to achieve non-repudiation, you must get them to properly sign a copy of this data and distribute it to you. This may be unfeasible.

However, as this problem is not conceptually new, it also has a classic solution - in general, notarial certification of copy of these records would provide solid legal evidence of future tampering. It wouldn't prevent tampering as such (exactly as digital signatures wouldn't), but it could make the risk of detection and conviction high enough to deter people from that crime.

Peteris
  • 8,369
  • 1
  • 26
  • 35