digital signatures bearbetet
TRANSCRIPT
-
8/8/2019 Digital Signatures Bearbetet
1/23
Julia Wilk (FHV NRW) 1
Digital Signatures
-
8/8/2019 Digital Signatures Bearbetet
2/23
Digital Signatures
Julia Wilk (FHV NRW) 2
Structure
1. Introduction
2.
Basics3. Elements of digital signatures
4. Realisation in public authorities
5. Conclusion
-
8/8/2019 Digital Signatures Bearbetet
3/23
Digital Signatures
Julia Wilk (FHV NRW) 3
1. Introduction
What is a Digital Signature?- A Digital Signature is a type of asymmetric cryptography used
to simulate the security properties of a handwritten signature on
paper.
- Sometimes also used: Electronic Signature (here synonymic)
Why is it important for E-Government?- Handwritten signature often required in public law
- Digital signature can replace it
- More possibilities of electronic services:
Cost savings
Saving Time
-
8/8/2019 Digital Signatures Bearbetet
4/23
Digital Signatures
Julia Wilk (FHV NRW) 4
2. Basics
2.1. Law
Germany: Signaturgesetz in 1997- Precondition for safe and legally binding electronic
signatures
- Regulates specifications for using digital signatures
Europe: EU Signature Directive- Unification of different signature laws in the EU
(especially different security levels)
- Basis for changes of the German law in 2001, 2005and 2007
- Changes made the law conform to the Europeandirective
-
8/8/2019 Digital Signatures Bearbetet
5/23
Digital Signatures
Julia Wilk (FHV NRW) 5
Law: Different Signatures
1. Electronic signature- Data in electronic form which are attached with other electronic data
and which serve as a method ofauthentication
2. Advanced electronic signature
- Means an electronic signature that is also
- uniquely linked to the signatory,- capable of identifying the signatory,
- linked to the data to which it relates that any change of the data isdetectable.
3. Qualified digital signature
- based on a qualified certificate of a Certification Authority (CA)
- Germany: sole signature that is equal to a handwritten signature (126a BGB)
4. Qualified digital signature with accreditation
- Like a qualified signature, but furthermore CA was accredited voluntarily
Proof for comprehensive technical and administrative security
-
8/8/2019 Digital Signatures Bearbetet
6/23
Digital Signatures
Julia Wilk (FHV NRW) 6
2.2. Security Properties
-
8/8/2019 Digital Signatures Bearbetet
7/23
Digital Signatures
Julia Wilk (FHV NRW) 7
Security Properties of handwritten messages
Authenticity
- Nobody should impersonate someone he doesnt is
Integrity
- A message can not be falsified unnoticed
Obligation
- The signature has to assure legal certainty
Confidentiality- No person except the receiver should be able to read
the message
-
8/8/2019 Digital Signatures Bearbetet
8/23
Digital Signatures
Julia Wilk (FHV NRW) 8
3. Elements of digital signatures
3.1. Basic functionality
3.2. Hash functions and hash results
3.3. Asymmetric encryption
3.4. Certification
3.5. Users realisation
-
8/8/2019 Digital Signatures Bearbetet
9/23
Digital Signatures
Julia Wilk (FHV NRW) 9
-
8/8/2019 Digital Signatures Bearbetet
10/23
Digital Signatures
Julia Wilk (FHV NRW) 10
3.2. Hash functions and hash results
Solution: Not the document itself, but its hash result gets
signed
Hash function:= algorithm which creates a digital
representation in the form of a hash result of a standardlength which is usually much smaller than the message
but substantially unique to it
Hash function also known as digital fingerprint
Premises for hash functions:- Hash function has to be unique
- One-way-property
-
8/8/2019 Digital Signatures Bearbetet
11/23
Digital Signatures
Julia Wilk (FHV NRW) 11
3.3. Asymmetric encryption
Basic: a pair of keys, namely a private key and apublic key
Premises:- Private key has to be saved, e.g. using a chip card
with a PIN
- Public key can be accessible for everyone, but itsowners identity has to be identifiable withoutproblems to guarantee authentication (certificate)
- Not possible to generate the Private key by knowingsomeones Public key
-
8/8/2019 Digital Signatures Bearbetet
12/23
Digital Signatures
Julia Wilk (FHV NRW) 12
3.2. Encryption: Proceeding
Generating messages digest (hash result)
Using Public Key to encrypt hash result
Result of the encryption: digital signature
Sender sends- message,
- digital signature and
- certificate to receiver
Receiver wants to check
- Integrity Generating hash result, compare it to the senders hash result and
decrypting the message with the senders public key
- Authenticity
Can be checked by means of the certificate
-
8/8/2019 Digital Signatures Bearbetet
13/23
Digital Signatures
Julia Wilk (FHV NRW) 13
3.2. Encryption: Proceeding
-
8/8/2019 Digital Signatures Bearbetet
14/23
Digital Signatures
Julia Wilk (FHV NRW) 14
3.4.Certification
Important for authenticity:
- Receiver of a message has to be sure that the public key he
uses really belongs to the sender
Solution: Certification Authority (CA)
- Independent, confidential
- Law causes premises for a CA
Certificate: comparable with a digital identity card
Document that shows someones identity doubtless
Three-stepped infrastructure guarantees authenticity:- Sender
- CA
- Authority that controls CA
-
8/8/2019 Digital Signatures Bearbetet
15/23
Digital Signatures
Julia Wilk (FHV NRW) 15
3.5. Realisation by user
Important for security: private key has to beabsolutely saved and only available for his user
Technical premises:- Chip card and PIN
High security level because of possession and knowledge
Cards available through bank branches, but they are onlymediators of accredited CAs
Encryption of the hash result is realised in a matter of
seconds
- Card reader
- Computer and corresponding software
-
8/8/2019 Digital Signatures Bearbetet
16/23
Digital Signatures
Julia Wilk (FHV NRW) 16
3.5. User acceptance
Citizens interests:- Doing as much as possible by using the internet
- Survey: 88 % of German citizens would like to do everythingconcerning public administration online to avoid waiting timesand save time
Today: Nearly every authority has got a homepage where youcan download forms or search for information
Problem: Forms often need to be signed handwritten
We learned: Only the qualified digital signature can replace ahandwritten signature
Using qualified signatures premises special equipment(remember chip card, card reader)
-
8/8/2019 Digital Signatures Bearbetet
17/23
Digital Signatures
Julia Wilk (FHV NRW) 17
3.5. User acceptance
Question: Are the citizens really willing to pay for theirwish to do as much as possible online?
- Costs for licences are estimated about 50 in Germany
- Solution: Equipment has to be all-purposed, it has to be
possible to use the equipment in other fields, like homebanking e.g.
Further problems:
- Administrative procedures often need original documents(like a family register or a birth certificate)
- If you do everything in a electronic way, the expert adviceof the official is missing which maybe causes mistakes
-
8/8/2019 Digital Signatures Bearbetet
18/23
Digital Signatures
Julia Wilk (FHV NRW) 18
3.5. User acceptance
Summing up:
- The more possibilities of using digital
signature equipment exist, the more will beestablished the digital signature and also the
citizens acceptance
-Electronic government offer is rising year byyear, so maybe also the success will rise with
it
-
8/8/2019 Digital Signatures Bearbetet
19/23
Digital Signatures
Julia Wilk (FHV NRW) 19
4. Realisation in public authorities
2001: only 4,8 % of German local
authorities use digital signatures
2006: 30 % use respectively qualified
signatures and qualified signatures with
accreditation
-
8/8/2019 Digital Signatures Bearbetet
20/23
Digital Signatures
Julia Wilk (FHV NRW) 20
Use of digital signatures in German cities (Survey by KGSt, 2006)
0
5
10
15
20
25
30
35
40
45
50
electronic
sign
ture
advanced
electronic
signature
qualifiedsignature qualified signature
w ith accreditation
don't know the
differ ences
usei
np
er
ce
nt
200.000
habitants
-
8/8/2019 Digital Signatures Bearbetet
21/23
Digital Signatures
Julia Wilk (FHV NRW) 21
5. Conclusion Offering and diffusion of digital signatures had grown in the
last years because of
- Unification of law in the EU
- Further development
- Increasing disposition of public authorities to engage in digital
signatures
Citizens vantages:
- Many transactions can be done from the computer at home
- Citizen is not bound to opening times and reachability of publicauthorities
Public authorities:- Saving costs in traditional sectors
- New technologies cause other costs and other resources likequalified employees
- Long-term: digital signatures can redound to more efficiency
-
8/8/2019 Digital Signatures Bearbetet
22/23
Digital Signatures
Julia Wilk (FHV NRW) 22
5. Conclusion
Security- Today things like the one-way hash function, asymmetric
encryption and sophisticated chip card system cause secure
proceedings
- The security standard has to be conformed to the computer
systems that get increasingly powerful Costs
- High costs are indispensable to guarantee a high security level
Users/Citizens Acceptance
- Chip card systems are easy to use
- High costs could reduce the success of digital signatures
- Necessary to coordinate standards to use a chip card system for many
different applications
-
8/8/2019 Digital Signatures Bearbetet
23/23
Digital Signatures
Julia Wilk (FHV NRW) 23
5. Conclusion
Summing-up:
- Today digital signatures are under way and
can only be seen as an amendment to
traditional procedures
- In the uture digital signatures will get more
and more important to guarantee an efficient
action of public authorities