Skip to main content Accessibility help
×
Home
  • Get access
    Check if you have access via personal or institutional login
  • Cited by 1
  • Print publication year: 2012
  • Online publication date: March 2012

7 - Digital signatures

Summary

Technical overview of digital signatures

Cryptography is the method of hiding the contents of a message, used from ancient times to the present. Encryption (or enciphering) is the process by which a plaintext (or cleartext) message is disguised sufficiently to hide the substance of the content. As well as ordinary text, a plaintext message can be a stream of binary digits, a text file, a bitmap, a recording of sound in digital format, audio images of a video or film and any other information formed into digital bits. When a message has been encrypted, it is known as ciphertext or a cryptogram. The opposite procedure, that of turning the ciphertext back into plaintext, is called decryption (or deciphering). In essence, contemporary cryptographic systems change one set of symbols that have meaning (binary data) into a second set of symbols that has no meaning, by means of a mathematical process. Cryptography is usually required to undertake a number of functions, the most important of which is authenticity, rather than secrecy. These functions are discussed below.

Authenticity

To ensure the authenticity of the information. When sending or receiving information or placing an order, both parties need to have assurance of the origin of the message. The aim is to corroborate the identity of the entity that sent the data, such as the computer (the identity of a person cannot be corroborated, because a person is not part of the communications process – the process only involves computers).

Adams, CarlisleLloyd, SteveUnderstanding PKI Concepts, Standards and Deployment ConsiderationsAddison-Wesley 2002
Kerckhoffs, A.La Cryptographie MilitaireJournal des Sciences Militaires 9
Piper, FredBlake-Wilson, SimonMitchell, JohnDigital Signatures: Security and ControlsInformation Systems Audit and Control Foundation 1999
Bohm, NicholasWatch What You SignDigital Evidence and Electronic Signature Law Review 3 2006
Anderson, Ross J.Security EngineeringWiley 2008
Sundt, ChrisPKI − Panacea or Silver Bullet?Information Security Technical Report 2000 5
Bilar, DanielKnown Knowns, Known Unknowns and Unknown Unknowns: Anti-virus Issues, Malicious Software and Internet Attacks for Non-technical AudiencesDigital Evidence and Electronic Signature Law Review 6 2009
Dumortier, JosVan Eecke, PatrickAnné, IlseThe Legal Aspects of Digital SignaturesInterdisciplinary Centre for Law and Information Technology 1998
Schneier, BruceApplied CryptographyWiley 1996
Young, Adam L.Yung, MotiMalicious Cryptography: Exposing CryptovirologyWiley 2004
Piper, FredMurphy, SeanCryptography: A Very Short IntroductionOxfordOxford University Press 2002
Ellison, Carl M. 1996 www.usenix.org/publications/library/proceedings/sec96/ellison.html
2002
Ferguson, NielsSchneier, BruceKohno, TadayoshiCryptography Engineering Design Principles and Practical ApplicationsIndianapolisWiley Publishing 2010
Wills, J. 1888
Ellison, CarlSchneier, BruceTen Risks of PKI: What You’re not Being Told about Public Key InfrastructureComputer Security Journal 16 2006
Krawczyk, PawełWhen the EU Qualified Electronic Signature Becomes an Information Services PreventerDigital Evidence and Electronic Signature Law Review 7 2010
Reynis, BernardBechini, UgoEuropean Civil Law Notaries Ready to Launch International Digital DeedsDigital Evidence and Electronic Signature Law Review 4 2007
Decker, JoanThe e-Notarization Initiative, Pennsylvania, USADigital Evidence and Electronic Signature Law Review 5 2008
Reiniger, Timothy S.The Proposed International e-Identity Assurance Standard for Electronic NotarizationDigital Evidence and Electronic Signature Law Review 5 2008
Jueneman, R. R.Robertson, R. J.Biometrics and Digital Signatures in Electronic CommerceJurimetrics J 38 1998
Švéda, PetrMatyáš, VáclavDigital Signatures and Electronic Documents: A Cautionary Tale Revisited 2004 V Upgrade
Moncur, WendyLeplâtre, Dr GrégoryPINs, Passwords and Human MemoryDigital Evidence and Electronic Signature Law Review 6 2009
Hoonakker, PeterBornoe, NisCarayon, PascalePassword Authentication from a Human Factors Perspective: Results of a Survey among End-UsersHuman Factors and Ergonomics Society Annual Meeting Proceedings 53 2009
Yan, JianxinIEEE Security and Privacy 2004 25
Sasse, M. A.Brostoff, S.Weirich, D.Transforming the “Weakest Link” – A Human/Computer Interaction Approach to Usable and Effective SecurityBT Technology Journal 19 2001
Schmeh, KlausCryptography and Public Key Infrastructure on the InternetWiley 2001
Smith, Richard E.Authentication from Passwords to Public KeysAddison-Wesley 2002
Rückert, MarkusSchröder, DominiqueLecture Notes in Computer Science 5671 2009
Roßnagel, HeikoZibuschka, JanIntegrating Qualified Electronic Signatures with Password Legacy SystemsDigital Evidence and Electronic Signature Law Review 4 2007 7
Reiniger, TimothyFrancoeur, Jacques R.Justice and Sheriff: Practical and Authoritative Methods for the Electronic Issuance of Officially Certified Documents in the United StatesDigital Evidence and Electronic Signature Law Review 7 2010
Kudryavtseva, Olga I.International Electronic EvidenceLondonBritish Institute of International and Comparative Law 2008
Kudryavtseva, Olga I.The Use of Electronic Digital Signatures in Banking Relationships in the Russian FederationDigital Evidence and Electronic Signature Law Review 5 2008
Dolzhich, AlexDigital Evidence and e-Signature in the Russian Federation: A Change in TrendDigital Evidence and Electronic Signature Law Review 6 2009
Kudryavtseva, Olga I.Digital Evidence and Electronic Signature Law Review 5 2008
Nordén, AnnaDigital Evidence and Electronic Signature Law Review 1 2004
2005
Eßer, MartinDigital Evidence and Electronic Signature Law Review 3 2006
Eßer, MartinDigital Evidence and Electronic Signature Law Review 6 2009
Frigeri, ValeriaQuinche, Manuel F.Digital Evidence and Electronic Signature Law Review 2 2005
Näslund, ViiveDigital Evidence and Electronic Signature Law Review 1 2004
Eßer, MartinDigital Evidence and Electronic Signature Law Review 4 2007
Gasser, ChristophPeters, StefanieSubmission of Evidence through Digital Documents in Swiss Civil LitigationDigital Evidence and Electronic Signature Law Review 3 2006
Gasser, ChristophDigital Evidence in the New Swiss Federal Code of Civil ProcedureDigital Evidence and Electronic Signature Law Review 6 2009