Digital signatures

Digital signatures are created by securely hashing data to produce a large number (or sequence of bytes) that uniquely identifies the contents (something akin to a DNA or fingerprint test for data) in such a manner that any change to the data would no longer produce the same number. This is typically called a secure hash of the data or a message digest. That number is then encrypted with a person's key to prove that it belongs to the person who is associated with the key. In public key cryptography, the hash is encrypted using the signer's private key; and to verify the digital signature, you use the signer's public key to decrypt the signer's hash, and then you recalculate the hash over the original data to see if the two hashes match. If they match, then the data has not changed since the digital signature was created, or the encryption key used is not correct.

Public key cryptography

Public key cryptography is a form of encryption that uses two encryption keys that are mathematically related to one another, yet one key cannot be derived from an analysis of the other key. Public key cryptography is often called asymmetric encryption because the key used to encrypt is not the same key that is used to decrypt. Typically, these two keys are called the public key and the private key. The idea is that the public key is the encryption key you can safely give to others (hence it's public) so that they can use that key to decrypt anything you encrypt with the associated private key. Obviously, for this to work, it is absolutely critical that you keep the private key secure. Most private keys themselves are stored on disk, servers or smart cards using password-protected keystore to avoid the key being accessed without your consent. With Yozons, your private keys are encrypted while on disk and can only be accessed by providing your password or by logging in via a single sign-on (SSO) system.

Do you need a PKI to use digital signatures?

No, a PKI is a complex set of evolving standards and technologies designed to distribute the public keys of parties so that recipients can verify digital signatures that have been created with a party's private key. The problem of sharing, revoking, distributing and authenticating the digital certificates used by a PKI quite complex and expensive. Nobody wants a signed document that checks out to be valid today, but later is found to be invalid because the certificate used has been subsequently revoked. Then you have security issues over people, computers, networks and card readers that can be hacked, divulging your private key and/or PIN/password. While this is a common problem for all e-commerce, the law in some overly aggressive countries preclude you from repudiating a digital signature based on PKI as if these known security issues can be ignored. This 100% faith in the security of technology, people and processes imposed by law is dangerous for its users.

In 1996 and repeated periodically thereafter, it was declared that PKI would be huge, followed by several years in which other pundits claimed it was dead. Neither has proven true. But adoption has been low because it's more than is necessary for nearly all business transactions, adding costs and complexity that few desire. Just ask yourself how many people do you know with a digital certificate and you'll see how hard it would be to rely on them today. Even your credit card companies, banks and brokerage firms find no use for a PKI to sign documents and authorize transactions.

By the way, a more limited and targeted form of PKI is used by most people daily: just visit a web site using HTTPS (SSL/TLS).

For those that still think a PKI is remotely secure or workable in practice, please read read Engineering Security (PDF)

On an oddly humorous note, here's a YouTube video that shows the first digitally signed international communique using smart cards in a Baltimore Technologies based PKI. Just watch President Clinton look over the shoulder to see the PIN entered by Prime Minister Ahern (also note how short and insecure the PINs are for both -- and the fact that a camera can record its entry easily from a distance), but the cream of the silly crop occurred when they exchanged their smart cards. If leaders of nations can't be trusted to do this correctly, you are right to wonder if regular folks will be better at it.

• Clinton was later impeached for perjury and obstruction of justice.
• Ahern eventually resigned over financial shenanigans.
• Baltimore Technologies eventually crashed despite once having a market cap of $13 billion.

You can learn more about the problems with PKI here, and for the X.509 standard here.

Do you need digital certificates to use a digital signature?

No. In fact, digital certificates themselves use digital signatures in their creation. Digital signatures only need some data, a hashing algorithm, and a private key to create them and a public key to verify them. Digital certificates, in fact, create a large headache because few people have them, they are expensive to acquire, they typically expire annually requiring that you acquire them repeated at additional costs, and if you lose them, they you have to revoke them, despite the fact that it's pretty rare that such revocations can be detected easily. Thus, once a digital certificate has been issued, it can be used even if you have lost control of your private key, so others will believe that documents signed with your stolen keys are still valid because the digital certificate check will come out okay. This is the reason why they expire so frequently, as a stopgap attempt to restrict the damage that can take place if your private key is lost. Unfortunately, stealing electronic data is hard to detect because, unlike house or car keys, if someone steals your private key, you will still be in possession of your private key, it just that others will also have them and can use them until the digital certificate expires.

Yozons eSignForms

eSignForms uses similar digital signature technologies behind a PKI, but it's removed the need to annually distribute certificates, exchange keys, install special software, muck around with email client or email server setups, or worry about keeping all users' computers secure. Yozons' technology is based on industry standard encryption and digital signatures, though with much more secure key sizes than others in the industry use. Yozons uses standard XML digital signature technology based on SHA-512 data hashes and 4096-bit RSA keypairs. Instead of revoking a digital certificate (which are rarely checked by most applications) or waiting for a year to pass and have them become invalidated, access to an account can be stopped immediately, thus immediately preventing further use of your private keys.

Public Key Infrastructure (PKI)

PKI has been around for a long time, but it has not taken off except in a few high security niches. The reason is that PKIs are complex, very expensive and suffer interoperability issues. The costs and pains of creating, distributing and keeping digital certificates secure on thousands of computers has been too high to make it cost effective except in small, closed networks. In a PKI, it is important to train all users how to keep their certificates secure (even when they upgrade their computers, have them serviced, replace a hard drive or when a virus strikes), install special software on every computer, and then exchange the public keys of all parties involved. Needless to say, PKIs simply have failed to scale outside of specialty networks. PKIs are typically composed of an LDAP directory, a Certificate Authority (CA), a Registration Authority (RA), Certificate Revocation Lists (CRL) that can get unwieldy when they are checked, Online Certificate Status Protocl (OCSP) in order to check certificates in real-time, digital certificates (issued to all parties before they can use the PKI, with the CA's root certificates being distributed to all parties before as well), and special software that's designed to work with a given implementation of a PKI.

Digital certificates

In a PKI, someone determines if you can be trusted or not and issues you a digital certificate when they have determined that you can be trusted. Because there are so many parties who want to use digital signatures, it is hard to distribute the public keys of these parties. Instead, they simply distribute the CA's certificate, and then use the CA's private key to digitally sign your public key. Thus, applications that know about the CA certificate can trust your public key is valid if the CA digital signature validation is okay. Digital certificates typically have a specific lifetime (usually one year) and a specific purpose. Therefore, it is likely that a given person would have to keep many digital certificates for a single person handy, and they'd have to keep these certificates forever in order to validate signatures at a later date. Unfortunately, as new certificates are issued yearly, each person will also have to keep the multiple certificates for the other people over time.

RSA

RSA is a public key cryptosystem invented by Rivest, Shamir and Adleman (hence the R.S.A. initials) in 1977. It is the dominant top public key encryption algorithms used by businesses today. The RSA algorithm was patented in the United States by RSA Security, but that patent expired in 2000 and so the algorithm is now royalty free. Most systems rely on 1024 bit keys, whereas Yozons uses 4096 bit keys for dramatically added strength over time. The RSA algorithm relies on the complexity of factoring very large prime numbers. While it's an encryption algorithm, it's most widely used for digital signatures. Because RSA is comparatively slow for traditional encryption, when it is used, it's often paired with a symmetric encryption algorithm, such as AES, in which the data is encrypted using the faster AES, and then the much smaller AES key used is encrypted with the RSA algorithm.

DSA

DSA is the Digital Signature Algorithm and was adopted by the U.S. Federal Information Processig Standard (FIPS) for the Digital Signature Standard (DSS). However, RSA continues to be the de facto standard for digital signatures. DSA is considered to be far more vulnerable to attack than RSA because it is computationally intensive.

ElGamal

ElGamal is another public key cryptosystem, but is primarily used to establish common keys and not to encrypt messages. It was invented by Taher Elgamal and was never patented. It's biggest drawback is that the encrypted message becomes twice the size of the plaintext, so standard symmetric encryption is usually used and that key is then encrypted with ElGamal. It is based on the discrete logarithm problem. DSA is based in part of this algorithm.

SHA

SHA is the Secure Hashing Algorithm. It's not a type of encryption, but is a way of creating a small value out of very large data sets (the hash or message digest). Most digital signature systems employ SHA-1 in order to condense the size of a plaintext into a much smaller (160 bits or 20 bytes long) value that can then easily be encrypted using a signer's private key to create a digital signature. Note that secure hashing is a one-way algorithm in that you cannot ever retrieve the original data by analyzing the hashed value. However, any changes to the original data will result in a different hashed value, thus it creates a simple way of determining whether two sets of data are the same or not. Yozons makes use of SHA-512 for its digital signatures.

MD5

MD5 is another hashing algorithm created by Rivest of MIT and one of the creators of the RSA algorithm. It produces a 128 bit message digest, and while quite popular, it's generally not considered to create unique hashes of the same quality as SHA-1.

PGP

Pretty Good Privacy (PGP) is one of the most widely used encryption standards for email. It was created by Phil Zimmermann in 1991 and is defined by the OpenPGP Working Group of the IETF standard RFC 2440. PGP is excellent software, but it requires that all parties purchase and install supported software, generate their encryption keys, and then exchange those keys in a secure way. If you forget the password that protects your keys, you will forever lock yourself out from your own documents and data!

PGP supports digital signatures that ensure the validity of a message or a file, but does not support multiple, legal electronic signatures to be applied, nor does it allow you to send a document and request the other party to sign your document.

S/MIME

S/MIME is based on PKI so it suffers the same problems and high costs. Like PGP, it also just digitally signs the message created by the sender. S/MIME is built into most email clients, including the ever popular Microsoft Outlook, but it's rarely used because of it's reliance on PKI. S/MIME was developed by RSA Security.