Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A B B's provider Berlin New York Sydney Potential risks Reading Modifying Copying Intercepting Cape Town Rome Helsinki Electronic Signatures 1

Areas of application for electronic signatures Communicating with judicial bodies eg lawyers writing, signing, encrypting (safeguarding clients' secrets) and ing electronic claims and actions to the competent courts Communicating with public authorities eg individuals completing, signing, encrypting and ing electronic tax returns eg building contractors signing, encrypting and ing electronic bids in response to invitations to tender Communicating in the private sector eg customers communicating with companies, for instance for banking purposes eg strangers communicating via the Internet eg signing s Anywhere where legally binding declarations of will require a signature and where – trustworthy communications, – reliable identification, and – integrity of electronic data are a key factor, legally compliant electronic signatures can legally compliant electronic signatures be used. Electronic Signatures 2

Smart card Smart card reader (Internal/external) PC and smart card reader Smart card with signature key Communication link Appropriate software 3 Which components does a user need?

An electronic signature is the electronic equivalent of a handwritten signature; in other words, it can be used to cannot Electronic signatures cannot ensure the confidentiality of electronic documents. reliably verify that an electronic document has not been modified, reliably identify the person who has signed an electronic document, and verify both the INTEGRITY of an electronic document and the IDENTITY of the person who has signed it on a long term basis. INTEGRITY IDENTITY VERIFIABILITY Electronic Signatures 4 What does an electronic signature do?

Electronic Signatures IDENTITY  INTEGRITYVERIFIABILITY The INTEGRITY of a document is ensured in two stages: 1.A digital fingerprint, called a "HASH VALUE", is calculated from the electronic data in the document. The key characteristics of HASH VALUES are that a.each hash value calculated from the same document will always be the same, however many times it is recalculated, and b.each different document will invariably have a different hash value. 2.The HASH VALUE is attached to the document from which it was calculated. 5

Electronic Signatures IDENTITY  INTEGRITYVERIFIABILITY 6 1.The original HASH VALUE is separated from the document. 2.A new HASH VALUE, called the "reference HASH VALUE", is calculated from the electronic data in the document.  Verification How to verify whether or not a document has been modified: If the original HASH VALUE and the reference HASH VALUE are the same, then the document has not been modified. If the document has been manipulated, then the original HASH VALUE and the reference HASH VALUE will not be the same. INTEGRITY = OKINTEGRITY = violated

Electronic Signatures IDENTITYINTEGRITYVERIFIABILITY  Electronic signature A HASH VALUE is not personalised; in other words, the same documents will always have the same HASH VALUE, even if they have been produced by different people. Personalising a HASH VALUE, or "electronically signing" a document, means mathematically calculating a new value from the HASH VALUE using a secret (private) key; the secret key is unique to one person, which means that the personalised HASH VALUE is also unique to that one person. The secret key is called the "SIGNATURE KEY". A HASH VALUE personalised using a SIGNATURE KEY is also called an ELECTRONIC SIGNATURE. 7

Electronic Signatures INTEGRITYVERIFIABILITY  Certificate 8 An ELECTRONIC SIGNATURE is uniquely bound to one natural person by a "CERTIFICATE", the digital equivalent of an identity card: The CERTIFICATE contains details of the identity of the holder of the SIGNATURE KEY, details of the period of validity of the certificate, and a reference to the service provider issuing the certificate. Surname, forename Pseudonym (optional) Valid from: Valid until: Issued by: Certification service provider xy CERTIFICATE IDENTITY

Electronic Signatures INTEGRITYVERIFIABILITY  Signature verification key 9 A CERTIFICATE also contains details of the SIGNATURE KEY bound to the person named in the CERTIFICATE. This is done using a public SIGNATURE VERIFICATION KEY belonging to the SIGNATURE KEY. The issuing service provider electronically signs the CERTIFICATE to protect it against manipulation. Surname, forename Pseudonym (optional) Valid from: Valid until: CERTIFICATE SIGNATURE VERIFICATION KEY IDENTITY Issued by: Certification service provider xy

Electronic Signatures INTEGRITYVERIFIABILITY  Root certification authority 10 IDENTITY A body issuing a CERTIFICATE is called a "CERTIFICATION SERVICE PROVIDER". In electronic commerce CERTIFICATES are the (official) documents confirming the identity of a SIGNATURE KEY holder. This means that the CERTIFICATION SERVICE PROVIDERS have particular importance and responsibility in electronic commerce. The trustworthiness of a CERTIFICATION SERVICE PROVIDER is attested in a CERTIFICATE. The CERTIFICATES for CERTIFICATION SERVICE PROVIDERS are issued by RegTP, the "ROOT CERTIFICATION AUTHORITY".

Electronic Signatures 11 INTEGRITYVERIFIABILITY  Verification IDENTITY How to verify an electronically signed document: DOCUMENT CERTIFICATE Signer ISSUER Certification service provider xy The SIGNATURE VERIFICATION KEY in the CERTIFICATE of the signer is used to verify the INTEGRITY of the document. SIGNATURE VERIFICATION KEY INTEGRITY

Electronic Signatures 12 INTEGRITYVERIFIABILITY  Verification IDENTITY How to verify an electronically signed document: DOCUMENT SIGNATURE VERIFICATION KEY INTEGRITY CERTIFICATE Certification service provider xy ISSUER RegTP INTEGRITY The SIGNATURE VERIFICATION KEY of the CERTIFICATION SERVICE PROVIDER in the CERTIFICATE of the issuer is used to verify the INTEGRITY of the CERTIFICATE. CERTIFICATE Signer ISSUER Certification service provider xy

Electronic Signatures 13 INTEGRITYVERIFIABILITY  Verification IDENTITY How to verify an electronically signed document: DOCUMENT SIGNATURE VERIFICATION KEY INTEGRITY CERTIFICATE Certification service provider xy ISSUER RegTP INTEGRITY CERTIFICATE Signer ISSUER Certification service provider xy IDENTITY As the CERTIFICATE binds the SIGNATURE VERIFICATION KEY to the signer, confirming the INTEGRITY of the CERTIFICATE also confirms the IDENTITY of the signer.

Electronic Signatures 14 INTEGRITYVERIFIABILITY  Verification IDENTITY The trustworthiness of CERTIFICATES is similarly verified: SIGNATURE VERIFICATION KEY INTEGRITY CERTIFICATE RegTP ISSUER RegTP INTEGRITY CERTIFICATE Certification service provider xy ISSUER RegTP IDENTITY CERTIFICATE Signer ISSUER Certification service provider xy The IDENTITY of the CERTIFICATION SERVICE PROVIDER is verified using RegTP's CERTIFICATE.

Electronic Signatures INTEGRITY CERTIFICATE RegTP ISSUER RegTP INTEGRITY CERTIFICATE Certification service provider xy ISSUER RegTP IDENTITY CERTIFICATE Signer ISSUER Certification service provider xy INTEGRITY IDENTITY RegTP's CERTIFICATE, called the "ROOT CERTIFICATE", can be verified directly. 15 INTEGRITYVERIFIABILITY  Verification IDENTITY The trustworthiness of CERTIFICATES is similarly verified:

Electronic Signatures CERTIFICATE RegTP ISSUER RegTP INTEGRITY IDENTITY 16 INTEGRITYVERIFIABILITY  Valid document IDENTITY A document has a valid signature where the INTEGRITY of the DOCUMENT CERTIFICATE Signer ISSUER Certification service provider xy INTEGRITY IDENTITY INTEGRITY IDENTITY CERTIFICATE Certification service provider xy ISSUER RegTP has been verified. These checks are made automatically.

Electronic Signatures 17 INTEGRITYVERIFIABILITY  Trust centre directory service IDENTITY A list is kept of all the CERTIFICATES needed to verify an electronically signed document. A list, called a "CERTIFICATE REVOCATION LIST", is also kept of all the CERTIFICATES that have been revoked. A CERTIFICATE can be revoked if, for instance, the SIGNATURE KEY of the holder identified in the CERTIFICATE has been stolen. As soon as a CERTIFICATE has been revoked, it cannot be used to create a valid electronic signature. The DIRECTORY SERVICE and the technical components used by a CERTIFICATION SERVICE PROVIDER to produce certificates are located in a particularly secure environment, called a "TRUST CENTRE". The list of CERTIFICATES and the CERTIFICATE REVOCATION LIST together form the DIRECTORY SERVICE. The DIRECTORY SERVICE is available to anyone at any time (24 hours a day) for information for validity checks.

Electronic Signatures 18 INTEGRITYVERIFIABILITY  Infrastructure IDENTITY All the elements contributing to the VERIFIABILITY of ELECTRONIC SIGNATURES are termed "CERTIFICATION INFRASTRUCTURE" and include: National ROOT CERTIFICATION AUTHORITY – State – CERTIFICATION SERVICE PROVIDERS – Private – USERS – Institutions, companies, private individuals – issues certificates for issue certificates for ROOT CA Germany CA 1CA n... ROOT Country XY

Electronic Signatures 19 INTEGRITYVERIFIABILITY  Long term signatures IDENTITY In order to create the equivalent of handwritten signatures, electronically signed documents must remain VERIFIABLE over long periods of time (decades): This means that the DIRECTORY SERVICE of each CERTIFICATION SERVICE PROVIDER must operate reliably over a period of years and must be interoperable with other DIRECTORY SERVICES in the same INFRASTRUCTURE. In addition, all the procedures and technical components used must have been comprehensively verified in order to guarantee a high level of security for electronically signed documents on a long term basis. The new Electronic Signatures Act takes full account of these special circumstances by creating a framework that ensures the security of electronic signatures. RegTP's TRUST CENTRE was the first to meet the stringent security requirements of the Act. It forms the core of Germany's CERTIFICATION INFRASTRUCTURE for electronic signatures.