|Editor's Note: First published January 2004, this document has been updated November 2010 with greater clarity on the difference between a key holder and owner, and the fact that a private key need not be attached to any device (though often is, to make it easier to use).
People who do business on the Internet require security and trust. In electronic commerce and communication you can't see the person you are speaking with, you can't see the documents that prove one's identity, and you can't even know if the web site you are connected to belongs to the society it says. You must also ask yourself: is this indeed the contract my business partner has sent to me or has someone unauthorized seen and changed it before it reached my desk? What will happen if I have problems with the contract and I must take it to a court of law?
To answer these juridical necessities the European Union adopted a community framework for electronic signatures some time ago (directive 1999/93/EC of the European Parliament and the council of December 13, 1999, on a community framework for electronic signatures) that has been implemented in various European countries. The European directive is used for business in which European partners (persons or societies) or public administrations are involved. It also means that if an American organization enters into an electronic contract with a European society it has to respect European requirements to ensure the contract is valid. This paper will address these issues and then provide an overview of current trends within various countries in Europe.
Introduction to digital signatures
A digital signature, also called an electronic signature, means data in electronic form that is used for security and trust in electronic business and communications. It is nowadays based on applied cryptography with asymmetrical keys. Imagine the door of a house with a two key deadbolt: the key you use to enter (public key) is not the same one required to exit (private key) so if a thief gets in the house he won't be able to exit. With digital signatures your private key, made with mathematical data associations and used to write your text, is different from the public key the addressee uses to read it. Therefore, even if the reader manages to decode the reading key, he won't have any information about the writing key.
The electronic signature working principle is this: you create some text, the text is encrypted by your private key using a mathematical relationship, you send the encrypted text, the reader who receives the text uses your publicly available key (connected to the private key) to open it, and she is then sure the text is original and it is written by you. A key does not need to be attached to any device, but often is stored on one to make it easier to use. Thus, a private key used as an electronic signature generally resides on a smart-card in a smart-card reader that is installed in the signatory's personal computer.
The principle of use is the same for every kind of digital signature, but the value of each key is different for many reasons:
- Some keys are easier to decrypt than others, depending on the quality of algorithms and on the number of bytes used.
- The organization who provides the keys may have or not some technical or economic requirement to be an accreditated Certification Authority and their public reputation and respectability may or may not be an issue.
- There may be a value limit on a signature, such as cases where a signatory is only allowed to sign contracts up to a specified amount, or the signature is valid only for contracts made with specific countries.
European law (directive n.93/1999, hereinafter referred to as "dir.") provides three kinds of electronic signatures, each with different juridical value:
- electronic signature (also called a weak electronic signature or light electronic signature): "means data in electronic form which are attached to or logically associated with other electronic data and which serve as a method of authentication" (art. 2.1 dir.). It uses asymmetrical key cryptography. It is used for authentication, to be sure the person who sent the text is the electronic signature's holder, however you can't be sure she is also the key owner. A key holder is an entity that has the practical use of the electronic signature, whereas the key owner is the person who has the explicit right to use it. Usually a key holder would be a server that creates signatures on, for example, a company's software. The company or employee would be the key owner. This explicit difference stems back to Roman times, and the rights of a signature holder versus its owner forms the basis of civil law for many countries, European and otherwise. One must be clear on the difference. There are also cases where a key holder could be a person, though this is less likely. For example, if a manager is the key owner, her secretary could be the electronic signature's holder who has the actual signature key and devices -- however the secretary could sign something contentious using her manager's authority. Note that an electronic signature is admissible as evidence in legal proceedings, but the judge must decide how much value it has.
- advanced electronic signature: "means an electronic signature which meets the following requirements:
- [a] it is uniquely linked to the signatory;
[b] it is capable of identifying the signatory;
[c] it is created using means that the signatory can maintain under his sole control; and
[d] it is linked to the data to which it relates that any subsequent change of the data is detectable" (art. 2.2 dir.).
An advanced electronic signature has more significant value than an electronic signature: it guarantees the integrity of the text, as well as the authentication. The juridical value it has is for integrity: one is sure the text received is the same that was sent, and that no hacker had changed it. The judge must consider the text unexpurgated and nobody can deny its integrity.
- advanced electronic signature which is based on a qualified certificate and which is created by a secure-signature-creation device (also called a secure digital signature, strong digital signature, or qualified digital signature). The secure-signature-creation device (also called a Certification Authority or CA) must have the technical standards needed to ensure the key can neither be forced nor reproduced in a reasonable time, one that is longer than the validity period for the signature. These requirements are clarified by the "Electronic Signature Committee", which helps commission for technical subjects.
The standards required for a qualified signature are significant: keys, software, smart-cards and every other device necessary must be of the latest science and technology (according to the juridical concept of "meliores scientia et conoscientia"). This means the latest technology must be used, such as Windows XP instead of Windows 98, but it also includes using known best practices. The requirements for qualified certificates (annex I, dir.) are:
- [a] the indication that the certificate is issued as a qualified certificate;
[b] the identification of the Certification Authority and the State (European or foreigner) in which it is established;
[c] the name (or pseudonym) of the signatory, to identify her/him;
[d] signature-verification data which correspond to signature-creation data under the control of the signatory;
[e] the indication of the period of validity of the certificate;
[f] the identity code of the certificate; and
[g] the advanced electronic signature of the certification-service-provider (Certification Authority).
The qualified signature may also contain other elements, such as the provision for a specific attribute of the signatory. This means that, for example, a lawyer of a certain society, or a manager of a joint-venture may hold a qualified signature. There can be a limitation on the scope of use of the certificate, such as stipulation that contracts can only be signed with specific countries such as the United States. Additionally, there can be limits on the value of transactions for which the certificate can be used, such as the ability to sign contracts up to a maximum of $10,000 USD.
This type of digital signature has a strong juridical value: it warranties authentication, integrity, confidentiality whereby only the addressee can read it because the key is very difficult to decrypt. It also provides non-repudiation, where the sender can't say she didn't send the message, and the addressee can't say he didn't receive it. A strong digital signature is very useful for business: you are sure of the identity of the signatory, the content of the text, the confidentiality of your business, and the elements you would have in any eventual legal action. No hacker can read the text, modify it, or take the place of the signatory. The judge can't make decisions on the juridical value of this qualified signature: it is fixed by the law and nobody can refute it. This kind of electronic signature has a high value, but it must be used in a correct way and thus the signatory has some duties to perform.
Duties of a qualified electronic signature user
- Keeping duty. The signatory has to keep the smart-card and the other tools necessary for a digital signature safe to avoid unauthorized use. Generally smart-cards are kept inside strong-boxes, but they are also protected by a pin code. If you don't secure your signature tools you are responsible for their unauthorized use. For example: you leave your smart-card on the desk in your office, the pin code is written on the smart-card, and the room is open with many people walking around. Someone enters your office and uses your smart-card to do some shopping. Do you have to pay for this unauthorized shopping? Yes, because you didn't sufficiently protect your strong electronic signature tools. You can only initiate legal action against an unauthorized user if you find her or him. This duty can be understood best using an analogy from typical credit cards laws.
- Information duties. You have to inform your Certification Authority about the limits of the signature, consisting of its use and/or value limits before the smart-card is given out. You have also to inform your Certification Authority as soon as possible about any loss of value in the digital signature, on every circumstance it depends. Here are a few examples of a loss of value: the signatory was one of your employees and now she is retired, the smart-card was stolen from the strong-box with the pin code, or the signatory society had gone bankrupt. In all these cases, if you don't inform the Certification Authority you are responsible for any unauthorized use.
There are other good examples of information duties: let's say your subordinate can sign contracts for up to $10,000 USD and he has a strong digital signature. You didn't indicate this value limit to the Certification Authority, so no limit is written into the qualified certificate. The subordinate signs a contract for more than a million dollars. Can you say this contract is void? No, because you didn't inform your Certification Authority and consequently the Certification Authority didn't inform its third parties, such as its commercial partners. You can only mitigate your losses with the subordinate, and not with the organization that entered into the contract with you.
- Update duties. No key is safe forever, because technology improves and develops such that a good quality algorithm now becomes a low quality algorithm over time. Moreover every mathematical key can be decrypted in a certain time. The digital signature is safe only during its validity period, which is set much shorter than the time an hacker needs to decrypt it. When the validity period is gone the digital signature is no longer safe and the Certification Authority won't warrant it any longer. You have to update your digital signature when the validity period is gone, and this update means the receipt of a completely new key. If you continue to use your strong digital signature after the end of the validity period, it loses its juridical value, effectively becomes a weak electronic signature.
Choosing a Certification Authority
To obtain a strong electronic signature you have to first refer to a qualified certification-service provider. In Europe, a qualified Certification Authority (annex II, dir.) must respect:
- technical requirements, as described by the Electronic-Signature Committee. This is to ensure reliability, the valid date and time for the certificate, and the immediate revocation of the signatures that have expired. The Certification Authority has to employ personnel who possess expert knowledge, use trustworthy systems and products, and take measures against the forgery of certificates.
- juridical duties. It must, in accordance with the national law of the relevant European Country, verify the identity of the signatory. Additionally it has to record every relevant detail concerning a qualified certificate, for a specified period of time (generally five to ten years), it cannot store or copy signature-creation data on the provided keys, and it must inform the person who wants a strong digital key about the contract and about the digital signature's legal value.
- economical requirements. the certification-server provider must have sufficient financial resources and coverage to bear the risk of liability for damages.
Obtaining a secure electronic signature
To obtain a strong digital signature you have to contact a qualified Certification Authority. The qualified certification-service provider list is available at the Electronic Authority for Public Administration for each European Union country, which consists of Italy, France, Spain, Germany, the United Kingdom, Luxembourg, Holland, Belgium, Portugal, Austria, Finland, Ireland, Denmark, Sweden, and Greece. Alternatively, one can contact the Electronic-Signatures Committee through the European Union online. The links provided are to the only official web sites that exist; where no link exists, the relevant country current does not have an official site for their public key infrastructure. Qualified Certification Authorities are diffused around the world, and they are in the list of one of the European Countries, but their value is automatically recognized in all Europe.
Current Trends in Europe
Each European Country must develop its own PKI, but some countries have been earlier to adopt it than others. Italy has a leading position because it was one of the first European countries to provide the technical measures required for strong digital signatures. It was the first to use secure digital signatures to connect all leaders of all government departments. In Italy's Justice Department, with over 40,000 employees there are already more than 10,000 strong digital signatures.
Finland uses biometric keys instead of smart-cards to produce strong digital signatures, but they are scarcely diffused. Currently, only about 1% of public employees have one, likely because the tools required are too expensive: Finnish strong electronic signatures have the same juridical value than other country qualified signatures, but Finnish keys are more expensive.
Spain uses strong digital signatures in relationships between their citizens and public administration and it is the only European country in which the qualified certification-service provider is also a public administration.
Germany is now giving secure digital signature tools to their public administration, and is working to ensure interoperability between the Certification Authorities. France is currently testing digital signatures in some public administrations. The United Kingdom is late in joining public key infrastructure; at the moment no public administration in the UK uses electronic signatures. Denmark is working for a PKI unitary for all public administrations, but at the moment only 2% of public employees have a digital signature. Austria has implemented the "Citizen Card", a smart-card for strong digital signatures used for social security and also for private business use. Holland is very late: it is the only European Country without a national law that covers the 1999 European Directive.
Electronic signatures are backed by valid European laws and thus qualified digital signatures have great potential. Strong digital signatures have great importance to all businesses who must do electronic transactions with European partners because they have a very deep juridical value. Once again, a secure digital signature warrants the authentication, integrity, confidentiality, and non-repudiation of a signatory; these are the most desired guarantees in e-business. Strong digital signatures thus have widespread use for high value e-commerce situations: everyone wants to be sure her/his contract is valid and there is no hacker interference.
The PKI situation in Europe is still not consistent across all countries, however. Some countries, such as Italy, Austria, and Spain have well-developed infrastructure already in place; others such as Finland, Denmark, Germany, and France are still testing their PKI solutions. Further, some countries such as Holland and the United Kingdom have not even started deploying their public key infrastructure.