What information is contained in the ESP. What is an electronic signature, what is it for, its types and use

Like all people, subscribers data networks may not trust each other or behave dishonestly. They can forge other people's messages, deny their authorship or impersonate another person. These problems become especially urgent in connection with the development of electronic commerce and the possibility of paying for services via the Internet. Therefore, in many communication systems, the recipient of the correspondence must be able to verify the authenticity of the document, and the creator of the electronic message must be able to prove its authorship to the recipient or a third party. Therefore, electronic documents must have an analogue of a conventional physical signature. The signature must have the following properties:

1. the signature is reproduced by only one person, and its authenticity can be certified by many;
2. the signature is inextricably linked with this message and cannot be transferred to another document;
3. once the document is signed, it cannot be changed;
4. it is impossible to refuse the signature, that is, the person who signed the document will not be able to claim later that he did not sign.

Asymmetric Algorithms encryption can be used to form digital (electronic) signature( digital signature ) - a unique numerical addition to the transmitted information, which allows you to verify its authorship. Electronic digital signature(EDS) is a fixed-length bit sequence, which is calculated in a certain way using the content of the signed information and the secret key.

When generating a digital signature, either the entire message is encrypted in a special way, or the result of calculating the hash function from the message. The latter method is usually preferable, since the signed message can have a different size, sometimes quite large, and the hash code always has a constant, not very large length. Let us consider in more detail both options for the formation of EDS.

The simplest method is based, as with open encryption, on the use of a pair of interconnected keys (public and private). However, the roles of the private and public keys change - the signing key becomes secret, and the verification key becomes public. If at the same time the property is preserved that it is practically impossible to find the private key from the public key, then the message itself, encrypted with the secret key, can act as a signature. Thus, only the owner of the private key can sign a message, but anyone who has his public key can verify the signature.

Let, for example, user A wants to send a signed message to user B. The procedure for creating and verifying a signature consists of the following steps:

1. User A encrypts message M with his private key R and receives encrypted message C.
2. The encrypted message is sent to user B.
3. User B decrypts the received message C using user A's public key. If the message is decrypted, then it is signed by user A.

rice. 9.2.

Rice. 9.2.

As long as user A keeps his private key securely, his signatures are valid. In addition, it is impossible to change the message without having access to the private key of subscriber A; thereby ensuring the authenticity and integrity of the data.

The physical representation of a key pair depends on the specific system that supports the use of EDS. Most often, the key is written to a file, which, in addition to the key itself, may contain, for example, information about the user - the owner of the key, the expiration date of the key, as well as a certain set of data necessary for the operation of a particular system (for more details, see " Electronic digital signature"). Data about the owner of the key makes it possible to implement another important function of the EDS - the establishment of authorship, since when the signature is verified, it immediately becomes clear who signed this or that message. Typically, software products that perform digital signature verification are configured so that the result of execution appears on the screen in a form that is easy to read, indicating the user who signed, for example, like this:

"The signature of the order.doc file is correct (

On fig. 9.2 shows a diagram of the formation of the so-called digital signature with document recovery. Digital signatures with document recovery, as it were, contain the document being signed: in the process of verifying the signature, the body of the document is also automatically calculated. If the message was restored correctly during decryption, then the signature was correct. Digital signature with document recovery can be implemented, for example, using one of the most popular digital signature generation algorithms - RSA.

In the case of using a digital signature with document recovery, the entire message is signed, that is, encrypted. At present, this is not usually done in practice. Encryption algorithms with a public key are quite slow, in addition, a lot of memory is required to confirm the integrity of the message. In addition, almost all used algorithms for calculating the EDS are used to calculate a message of a predetermined standard length. For example, in the Russian digital signature generation algorithm GOST R34.10-94, this size is defined as 32 bytes. Therefore, to save time and computational resources, as well as for convenience, an asymmetric algorithm is usually used together with some kind of one-way hash function. In this case, first, using a hash function, a hash code of the required size is calculated from a message of arbitrary length, and then, to calculate the digital signature, the hash code obtained from the message is encrypted at the previous stage.

EDS, calculated from the hash code of the document, is called attachable digital signatures. Such digital signatures are some kind of numeric code that must be attached to the document being signed. The message itself is not encrypted and is transmitted in clear text along with the sender's digital signature.

If user A wants to send user B a message M , complete with an attached digital signature, then the procedure for creating and verifying a signature should consist of the following steps:

1. User A sends user B his public key U via any communication channel, for example, by e-mail.
2. User A, using some reliable hash function H, calculates the hash code of his message h = H(M) .
3. User A then encrypts the hash of the message h with his private key R and obtains a digital signature C.
4. The original message M, together with the digital signature C, is sent to user B.
5. User B calculates the hash code h of the received message M and then verifies C's digital signature using user A's public key.

This protocol can be represented as a diagram, as in

Electronic digital signature (EDS) is perhaps the most interesting application of public key cryptography. The basis of the electronic digital signature is the mathematical transformation of the signed data using the personal (secret) key of the author. An electronic digital signature, like any other data, can be transmitted along with the signed data, that is, the data protected by it. That is, for example, you can write an e-mail, sign it with a secret key and send it to a friend via open communications (via the Internet). EDS has such properties that if only one bit of information is (on purpose or accidentally) changed, then the signature will be unreliable (invalid). If the digital signature is valid, your friend can be sure that the letter is not distorted and, moreover, the author of the letter is you, and not someone else.

On January 10, 2002, the President of the Russian Federation approved the Federal Law "On Electronic Digital Signature". The adoption of the law provided the legal conditions for the use of an electronic digital signature in electronic documents, under which an electronic digital signature in an electronic document is recognized as equivalent to a handwritten signature in a document on paper and laid the foundation for the creation of a legally significant electronic document flow.

At the end of a paper letter or document, the executor or responsible person usually puts his signature. This action serves two purposes. Firstly, the recipient has the opportunity to verify the authenticity of the letter by comparing the signature with the sample he has. Secondly, a personal signature is a legal guarantee of authorship of a document. The latter aspect is especially important when concluding various types of commercial transactions, drawing up powers of attorney, obligations, etc. The same goals are pursued by the EDS (electronic digital signature), only documents (letters) and the signature itself in this case are assumed to be in electronic form.

Pursued goals

So let's say there are two users "A" and "B". What violations and actions of an attacker should the authentication system protect against.

Refusal

"A" claims that he didn't send a message to "B" when in fact he did. To exclude this violation, an electronic (or digital) signature is used.

Modification

"B" modifies the message and asserts that the given (modified) message was sent to him by "A".

Fake

"B" forms a message and asserts that the given (modified) message was sent to him by "A".

Active Interception

"C" intercepts messages between "A" and "B" in order to covertly modify them.

Digital signatures are used to protect against modification, forgery and masking.

Masking (imitation)

"C" sends "B" a message on behalf of "A". In this case, an electronic signature is also used for protection.

Repeat

"C" repeats the previously sent message that "A" sent earlier to "B". Despite the fact that all sorts of measures are taken to protect against replays, it is this method that accounts for the majority of cases of illegal withdrawal and spending of money in electronic payment systems.

The essence of a digital signature

It is well known that the digital signature of files or e-mail messages is performed using cryptographic algorithms that use asymmetric keys: the actual signature uses the "secret key", and to verify someone else's signature - the "public key". The keys are numbers of a sufficiently large length (from 512 to 4096 bits), mathematically related to each other.

The digital signature of a message (file, e-mail, network packets) is a fixed-length bit sequence formed from the text of the message using the secret key of its creator. The correctness of the signature is verified using the public key (see the figure "Formation and verification of the EDS"). Usually, along with the message, some of its "requisites" are also signed: the date and time of the creation of the message, (possibly) the version number of the message, the "lifetime" of the message. You can come up with other "application-critical" message parameters. The digital signature is sent along with the message, and usually becomes an integral part of it. The recipient of the message must have a copy of the sender's public key. Public key distribution schemes can range from a simple private key exchange to a complex, multi-layered "public key infrastructure" (PKI). If, when checking a digital signature, the recipient establishes its correctness, then he can be sure not only of the immutability and "relevance" of the message, but - most importantly - that the message was "signed" indeed by its author or sender. A message can carry multiple signatures that serve different purposes. In this case, each next signature is "superimposed" on the message along with all previous signatures. For example, in some "client-bank" systems, a payment order is signed by an "author" (an accountant, a client or another person authorized to make a payment) and a "sender" (a teller, an operator on duty or another person performing technical work on the transfer).

Certification Authority

The words "secret key" and "public key" were mentioned above. Where did they come from? They must be generated by the certification authority. A certification authority is a structure (organization) that manages certificates. The public/private key certificate is the following set of data:

The name of the subject or object of the system, uniquely identifying him in the system;

Public / private key of the subject or object of the system;

Additional attributes determined by the requirements for using the certificate in the system;

An electronic digital signature of the Publisher (Certification Authority), which certifies the totality of these data.

Thus, for example, a private key certificate contains the private key itself and additional information.

For each registered user of the information system, the certification authority generates two certificates - a private key certificate and a public key certificate. Moreover, the CA issues the first certificate in person only to the registered user (for example, on a diskette) and to no one else - this is the "signature". The second certificate is public, the CA publishes it in a public repository so that any interested user can find it without much difficulty.

Formation and verification of EDS

The sender of information, using a secret key and an asymmetric algorithm (EDS algorithm) pre-selected by agreement between subscribers, encrypts the transmitted information presented in digital form, and thus receives a digital signature of the data. Further, the sender of the information sends unencrypted information and the digital signature obtained by the method described above to the recipient via an open communication channel.

The recipient of the message, using the public key (which is publicly available) and the EDS algorithm selected by agreement between the subscribers, declassifies the digital signature. Then he compares the unencrypted information he received and the information received when decrypting the digital signature. If the digital signature has not been forged and the transmitted open information has not been distorted, then these two information must match exactly. If the signature is forged, then the received clear information and the information obtained during decryption will differ sharply.

Such a conclusion can only be guaranteed if the cryptographic algorithm chosen for the digital signature is highly secure, that is, by knowing the transmitted message and knowing the public key, it is impossible to recover the secret key (the key used by the signer) by any means.

In the most developed countries, there is a practice of setting the EDS algorithm in the form of state standards. Such standards also exist in the Russian Federation. The encryption algorithm chosen in them is the result of a great work of cryptographers of various organizations.

Elliptic Curves

The Elliptic Curve Algorithm is an improvement of the El Gamal scheme, which was often used earlier to work with EDS. A new version of the ElGamal scheme uses the apparatus of elliptic curves over a finite field of p-elements, which are defined as the set of pairs of numbers (x, y) (each of which lies in the interval from 0 to p-1) satisfying the comparison (numbers a and b are fixed and satisfy some additional condition): y^2 = x^3 + ax + b mod p.

The new law of the Russian Federation "On Electronic Digital Signature" is precisely based on the procedures for developing and verifying a signature based on the mathematical apparatus of elliptic curves. High cryptographic qualities were previously confirmed, which guarantee, while keeping the secret key of the signature, the impossibility of forging it for several decades, even taking into account the development of computer technology and the corresponding mathematical algorithms.

Secret and Public Keys

EDS can perform its functions only if the signer has some information that is not available to unauthorized people. This information is similar to the key in encryption and is therefore called the "private key of the electronic digital signature". The task of keeping a private key secret is essentially the same as keeping an encryption key secret, since knowledge of the signature's private key corresponds to a blank piece of paper signed by the owner of the private key, on which the attacker can write any text that will be attributed to the owner of the private key. The owner of the signing key should keep the private key secret and immediately demand the suspension of the signing key certificate if there is reason to believe that the secret of the signature private key has been violated.

Like any cipher, key, the secret key must meet the requirements accepted in cryptography. In particular, the possibility of selecting a key should be excluded. In modern cryptography, for the production of keys, special equipment is used, which makes it possible to produce keys, the probability of random selection of which is about 10-70-10-80, that is, the selection is practically excluded.

Each "secret key" has its own "public key", which is used by the persons receiving the messages. The public key corresponding to a specific secret key is generated by the sender of the message using special software embedded in the EDS tools, and is either distributed in advance to other network subscribers, or is included in the signed message, or is available on some server.

A user using EDS public keys to verify the signatures of other network subscribers must be able to clearly determine which of the public keys belongs to which user. In case of errors at this stage of the EDS operation, it is possible to incorrectly determine the source of the message with all the ensuing consequences. It is important that information about ownership of a public key by a specific user be documented, and this registration should be carried out by a specially designated responsible authority.

The document certifying the signature is called the EDS public key certificate (signature certificate). It confirms that the public key of the EDS belongs to the owner of the secret key of the signature. Such a document must be issued by the signing public key certification authority.

The presence of such a document is important in resolving disputes about the creation of a particular document by a specific person. In order to exclude the possibility of making changes to key certificates by users when transferring them via communication channels, the certificate in the form of electronic data is signed by the digital signature of the certification center. Thus, the certification center performs the functions of an electronic notary, it must confirm the legitimacy of the signed electronic document. Therefore, such a notary, like an ordinary public notary, must perform his functions on the basis of a license issued by a state body.

Good EDS algorithm

First of all, the EDS algorithm must be "strong" in terms of the level of protection against signature forgery. Compared to information encryption, in which "weak" algorithms lead to the reading of information, "weak" EDS algorithms lead to signature forgery. Forgery of an EDS in its consequences can be equivalent to forgery of a handwritten signature.

So, for an EDS algorithm to be good, it must be strong. "Strong" algorithms, of course, include algorithms adopted as state standards. They most fully satisfy a wide variety of requirements, including the requirement to provide with their help a high level of protection against signature forgery.

The first Russian EDS standard was approved by the State Standard of Russia and put into effect in 1994.

Comparing the EDS algorithms in the standards of Russia and the USA, one can note their coincidence in terms of the ideas underlying these algorithms. This applies to both the old signature standards and the new ones. This circumstance can be considered as an indirect confirmation of the high special qualities of the selected domestic EDS algorithms and the impossibility of forging a signature in real time.

In order for the EDS algorithm to be good, it is also necessary that it be conveniently implemented on computer technology. The signature procedure itself should take minimal time and not delay the process of processing documents in electronic document management. Algorithms adopted as state standards generally satisfy this requirement.

EDS funds

A few words about the technical means that implement the EDS. The complex mathematical transformations mentioned above (encryption of information, its hashing, confirmation of the authenticity of an EDS, production of EDS keys) must be carried out in a relatively short time and, as a rule, is implemented by software or hardware and software, which are called EDS tools.

Imitation protection

As mentioned above, with the help of a digital signature, the problem of imitation is solved. Imitation protection of data in processing systems is understood as protection against the imposition of false data. Almost always, at some stages of its life cycle, information is outside the zone of direct control over it. This happens, for example, when data is transmitted over communication channels or when they are stored on computer magnetic media, physical access to which by unauthorized persons is almost never possible to exclude.

Thus, it is not possible to physically prevent unauthorized changes to data in the vast majority of real systems for their processing, transmission and storage. Therefore, it is extremely important to timely detect the very fact of such changes - if such accidental or deliberate distortions are detected in time, the losses of system users will be minimal and limited only by the cost of "empty" transmission or storage of false data, which, of course, in all real situations is immeasurably less than the possible damage. from their use. The goal of an attacker who imposes false information on the system is to pass it off as genuine, and this is possible only if the very fact of such an imposition is not detected in time, so simply fixing this fact nullifies all the efforts of the attacker.

Cryptographic hash functions

Cryptographic hash functions are commonly used to generate a message digest when creating a digital signature. Hash functions map a message to a fixed size hash value (hash value) in such a way that the entire set of possible messages is distributed evenly over the set of hash values. However, the cryptographic hash function does this in such a way that it is practically impossible to fit the document to a given hash value. Many good cryptographic hash functions have been invented today, such as MD5 and SHA.

The hash function used must "be able" to convert a message of any length into a binary sequence of a fixed length. In addition, it requires properties:

The message after applying the hash function must depend on each bit of the original message and on their order;

There is no way to recover the message from the hashed version of the message.

Comprehensive message protection

Since encryption protects messages from familiarization, and digital signature from substitution, it would be logical to use digital signature and combined encryption together to ensure more complete security. To do this, do the following.

At the preparatory stage, two friends, for example, create two pairs of keys: secret and public for asymmetric encryption, as well as private and public EDS keys. They exchange public keys, and then one sends the other a message signed with their private key.

Then the first friend generates a random symmetric encryption key K, which encrypts the sent letter, and only this.

Further, in order to be able to decrypt the message, he encrypts the key K (and sending the symmetric encryption key in the clear is in no case unacceptable) with his friend's public asymmetric encryption key and adds it to the encrypted message.

The second friend, having received the encrypted message, decrypts the key K with his secret key of asymmetric encryption, which then decrypts the letter itself.

And finally, he checks his EDS in this letter with the help of a friend's public key and makes sure that it came from his friend and in unchanged form.

It may seem inconvenient that you have to make too many keys. To solve this problem, the Diffie-Hellman algorithm (named after its authors Diffie and Hellman) is provided, which makes it possible, in particular, to use the same pair of EDS keys both for the EDS itself and for symmetric encryption.

XML format and EDS

XML, or eXtensible Markup Language, is now becoming the standard way to "transport" information on the Web. The main purpose of XML is to describe the structure and semantics of a document. It separates the description of the external representation of the document from its structure and content. XML is a flexible language that can be used for a variety of purposes while being able to interoperate with many systems and databases. But this format also has problems - they are related to security issues.

For the full use of XML, it is necessary to ensure the protection of information from involuntary or intentional distortions both on the part of users of information systems and during transmission over communication channels. Protection should be based on the following functions:

Authentication of interacting parties;

Confirmation of authenticity and integrity of information;

Cryptographic closing of transmitted data.

To ensure the specified information protection, it is advisable to use the methods of electronic digital signature (EDS) and data encryption. Moreover, as a rule, the EDS provides authentication, confirmation of authenticity and integrity, and data closure provides encryption. We are more interested in the EDS of XML documents.

The W3C is currently developing the XML specification - Signature Syntax and Processing (XML signature syntax and processing) and other related documents. It now has the status of a recommendation (http://www.w3.org/TR/xmldsig-core/). This document provides for the signature of both the entire XML document and part of it. Other documents related to XML signing are available at: http://www.w3.org/Signature/.

XML Security (Apache)

XML Security (Phaos): http://phaos.com/products/category/xml.html

Conclusion

In conclusion, I would like to note that today there are favorable conditions for a comprehensive solution of the problems of implementation and use of systems based on EDS. It is important to emphasize that a correctly implemented digital signature algorithm is a powerful means of protecting electronic documents from forgery, and when using additional cryptographic mechanisms, from unauthorized destruction of these documents.

Literature

M. E. Smeed, D. C. Branstead. Data Encryption Standard: Past and Future. / Per. from English / M., Mir, TIIER. - 1988. - T.76. - N5.

B. V. Berezin, P. V. Doroshkevich. Digital signature based on traditional cryptography // Information security, issue 2., M .: MP "Irbis-II", 1992.

W. Diffie. The first ten years of public-key cryptography. / Per. from English / M., Mir, TIIER. - 1988. - T.76. - N5.

Digital signature

Electronic digital signature (EDS) - details of an electronic document, designed to protect this electronic document against forgery, obtained as a result of cryptographic transformation of information using the private key of the electronic digital signature and allowing to identify the owner of the signature key certificate, as well as to establish the absence of distortion of information in the electronic document, and also ensures the non-repudiation of the signatory.

General scheme

The electronic signature scheme usually includes:

• user key pair generation algorithm;
• signature calculation function;
• signature verification function.

The signature calculation function, based on the document and the user's secret key, calculates the actual signature. Depending on the algorithm, the signature calculation function can be deterministic or probabilistic. Deterministic functions always compute the same signature given the same input. Probabilistic functions introduce an element of randomness into the signature, which enhances the cryptographic strength of EDS algorithms. However, probabilistic schemes require a reliable source of randomness (either a hardware noise generator or a cryptographically reliable pseudo-random bit generator), which complicates implementation.
Currently, deterministic schemes are practically not used. Even originally deterministic algorithms have now been modified to turn them into probabilistic ones (for example, PKCS # 1 added preliminary data transformation (OAEP) to the signature algorithm, which includes, among other things, noise).

The signature verification function checks whether the given signature matches the given document and the user's public key. The user's public key is publicly available, so anyone can verify the signature on the document.

Since the documents to be signed are of variable (and rather large) length, in EDS schemes, the signature is often placed not on the document itself, but on its hash. Cryptographic hash functions are used to calculate the hash, which ensures that document changes are detected when the signature is verified. Hash functions are not part of the EDS algorithm, so any reliable hash function can be used in the scheme.

EDS algorithms are divided into two large classes: conventional digital signatures and digital signatures with document recovery. Ordinary digital signatures must be attached to the document being signed. This class includes, for example, algorithms based on elliptic curves (GOST R 34.10-2001, DSTU 4145-2002). Digital signatures with document recovery contain the signed document: during the signature verification process, the body of the document is also automatically calculated. This class includes one of the most popular algorithms - the message authentication code, despite the similarity of the tasks being solved (ensuring the integrity of the document and non-repudiation of authorship). EDS algorithms belong to the class of asymmetric algorithms, while authentication codes are calculated according to symmetrical schemes.

Security

The digital signature provides:

• The identity of the source of the document. Depending on the details of the document definition, fields such as “author”, “changes made”, “timestamp”, etc. can be signed.
• Protection against changes to the document. Any change to the document (or signature) accidentally or intentionally will change the hash and therefore invalidate the signature.
• The impossibility of renunciation of authorship. Since it is possible to create a correct signature only if the private key is known, and it is known only to the owner, the owner cannot refuse his signature on the document.
• For enterprises and commercial organizations, the submission of financial statements to government agencies in electronic form;
• Organization of legally significant electronic document management.

Possible attacks on the EDS are as follows ...

Signature forgery

Obtaining a fake signature without having a secret key is a practically unsolvable task even for very weak ciphers and hashes.

Forgery of a document (collision of the first kind)

An attacker can try to match a document to a given signature so that the signature matches it. However, in the vast majority of cases, there can be only one such document. The reason is as follows:

• The document is a meaningful text.
• The text of the document is formatted according to the established form.
• Documents are rarely formatted as Plain Text - a file, most often in DOC or HTML format.

If the fake set of bytes has a collision with the hash of the original document, then the following 3 conditions must be met:

• A random set of bytes should fit a complexly structured file format.
• What the text editor reads in a random set of bytes should form text formatted according to the established form.
• The text should be meaningful, literate and relevant to the topic of the document.

However, in many structured datasets, you can insert arbitrary data into some service fields without changing the look of the document for the user. This is what criminals use to forge documents.

The likelihood of such an incident is also negligible. We can assume that in practice this cannot happen even with unreliable hash functions, since documents are usually large in size - kilobytes.

Getting two documents with the same signature (collision of the second kind)

Much more likely to be an attack of the second kind. In this case, the attacker fabricates two documents with the same signature, and at the right time replaces one with the other. When using a reliable hash function, such an attack must also be computationally difficult. However, these threats can be realized due to weaknesses in specific hash algorithms, signatures, or errors in their implementations. In particular, in this way it is possible to carry out an attack on SSL certificates and the hashing algorithm

Social attacks

Social attacks are aimed at the "weak link" of the cryptosystem - a person.

• An attacker who steals a private key can sign any document on behalf of the owner of the key.
• An attacker can trick the owner into signing a document, for example using a blind signature protocol.
• An attacker can replace the owner's public key (see key management) with his own, impersonating him.

EDS algorithms

• American Digital Signature Standards: ECDSA
• Russian digital signature standards: GOST R 34.10-94 (currently not valid), GOST R 34.10-2001
• Ukrainian standard for electronic digital signature: DSTU 4145-2002
• RSA standard
• Schnorr scheme

Key management

Legal aspects

In Russia, a legally significant certificate of electronic signature is issued by a certification center. The legal conditions for the use of an electronic digital signature in electronic documents are regulated by the FEDERAL LAW OF 10.01.2002 N 1-FZ "ON ELECTRONIC DIGITAL SIGNATURE"

Use of EDS in Russia

After the formation of the EDS when used in electronic document management between credit institutions and credit bureaus in 2005, the infrastructure of electronic DOW between tax authorities and taxpayers began to actively develop. The order of the Ministry of Taxes and Duties of the Russian Federation dated April 2, 2002 N BG-3-32 / 169 “Procedure for submitting a tax return in electronic form via telecommunication channels” began to work. The procedure for submitting a tax return in electronic form via telecommunication channels determines the general principles for organizing information exchange when taxpayers submit a tax return in electronic form via telecommunication channels.

The Law of the Russian Federation of 10.01.2002 No. 1-FZ “ON ELECTRONIC DIGITAL SIGNATURE” sets out the conditions for using an electronic digital signature, the features of its use in the areas of public administration and in the corporate information system. Thanks to the electronic digital signature, now, in particular, many Russian companies carry out their trade and procurement activities on the Internet, through the "Electronic Commerce Systems", exchanging with counterparties the necessary documents in electronic form, signed with an EDS. This greatly simplifies and speeds up the competitive trade procedures.

In Moscow, within the framework of the implementation of the GTsP (City Target Program) "Electronic Moscow", an Authorized Certification Center of JSC "Electronic Moscow" (http://www.uc-em.ru) was established to solve the problems of coordinating work and attracting investments in the implementation of the City Target programs.

Use of EDS in other countries

The system of electronic signatures is widely used in the Republic of Estonia, where an ID-card program has been introduced, with which 3/4 of the population of the country is equipped. In March 2007, elections to the local parliament, the Riigikogu, were held with the help of an electronic signature. 400,000 people used the electronic signature when voting. In addition, with the help of an electronic signature, you can send a tax declaration, a customs declaration, various questionnaires to both local governments and state bodies. In major cities, monthly bus tickets can be purchased with an ID-card. All this is done through the central civic portal Eesti.ee. The Estonian ID-card is mandatory for all residents over the age of 15 who live temporarily or permanently in Estonia.

Notes

Federal Law No. 149 - Federal Law of July 27, 2006 "On information, information technologies and information protection" - http://uc-em.ru/download/02.doc

Federal Law No. 126 - FZ of July 07, 2003 "About communication" - http://uc-em.ru/download/03.doc

Decree of the Government of the Russian Federation No. 319 dated June 30, 2004 "On approval of the Regulations on the Federal Agency for Information Technologies" - http://uc-em.ru/download/05.doc

Decree of the Government of Moscow No. 495 - PP of June 19, 2007 "On Approval of the Regulations on the Head Certification Center of the City of Moscow" - http://uc-em.ru/download/06.doc

Decree of the Government of Moscow No. 249 - PP of April 10, 2007 "On approval of the procedure for the work of executive authorities of the city of Moscow, government agencies and state unitary enterprises of the city of Moscow with electronic documents signed with an electronic digital signature" - http://uc-em.ru/download/07.doc

Decree of the Government of Moscow No. 997 - PP of December 19, 2006 "On approval of the procedure for the use of an electronic digital signature by the executive authorities of the city of Moscow and state customers when placing a state order of the city of Moscow" - http://uc-em.ru/download/08.doc

Decree of the Government of Moscow No. 544 - PP "On Approval of the Regulations on the System of Authorized Certification Centers of Executive Authorities of the City of Moscow" - http://uc-em.ru/download/09.doc

Decree of the Government of Moscow No. 450 - PP of July 6, 2004 "On additional measures to ensure the effective use of budget funds in the formation, placement and execution of the city state order and the creation of the Unified Register of Contracts and Bidding of the City of Moscow" - http://uc-em.ru/download/10.doc

Decree of the Government of Moscow No. 299-PP dated May 11, 2004 "On approval of the Regulations on the procedure for organizing the issuance and revocation of certificates of keys of electronic digital signatures of authorized persons of executive authorities of the city of Moscow" - http://uc-em.ru/download/11.doc

Decree of the Government of Moscow No. 1079-PP dated December 30, 2003 No. "On the authorized body in the field of the use of electronic digital signature in information systems of executive authorities of the city of Moscow" - http://uc-em.ru/download/12.doc

On the definition of authorized certification centers - http://uc-em.ru/download/14.doc

Links

• www.ECM-Journal.ru - Blogs and articles. Just about electronic document management

see also

• Regular signature
• Fast digital signature

Wikimedia Foundation. 2010 .

See what "Digital Signature" is in other dictionaries:

digital signature- DRC Data added to a data block, or cryptographic transformation of a data block, which allows the recipient of the data to verify the origin and integrity of the data block and provide protection against fraud, for example, by the recipient. ... ... Technical Translator's Handbook

digital signature- 3.25 digital signature: A cryptographic transformation that, when associated with a data element, provides services of origin authentication, data integrity and non-repudiation of the signer. … … Dictionary-reference book of terms of normative and technical documentation- a numeric value calculated from the text of the message using the sender's secret key, and verified by the public key corresponding to the sender's secret key. Certifies that the document comes from the person whose digital signature... ... Explanatory Dictionary of the Information Society and the New Economy

The style of this article is not encyclopedic or violates the norms of the Russian language. The article should be corrected according to the stylistic rules of Wikipedia. Electronic signature (ES) information in electronic form attached to other information in electronic ... ... Wikipedia

- (EDS, digital signature, electronic signature, English digital signature), a cryptographic tool, an analogue of a signature that allows you to confirm the authenticity of an electronic document created using a computer (see COMPUTER). EDS represents ... ... Encyclopedic Dictionary, O. N. German, Yu. V. Nesterenko. The textbook was created in accordance with the Federal State Educational Standard in the areas of training `Information Security` and `Mathematics` (qualification `Bachelor`). IN…

• Director of Information Service No. 07/2017 , Open Systems. Director of Information Service (CIO.ru) is a magazine for managers responsible for the ideology, strategy and implementation of business information support, heads of IT departments of enterprises ... electronic book

Hello! Electronic document management all over the world is gradually replacing paper. This is the answer to the question of why an electronic signature is needed.

In accordance with paragraph 2 of Art. 434 of the Civil Code of the Russian Federation, an agreement in writing can be concluded by exchanging electronic documents transmitted via communication channels that make it possible to reliably establish that the document comes from a party to the agreement.

Therefore, provisions on electronic signature are an integral part of modern legislation.

Many people still use the concept of "electronic digital signature", although this is not entirely true. Federal Law No. 1-FZ dated January 10, 2002 “On Electronic Digital Signature” became invalid in 2013.

Federal Law No. 63-FZ of April 6, 2011 “On Electronic Signature” (hereinafter referred to as the Law on ES) is in force.

For some time there was a transitional period when both laws were in effect.

The difference between the concepts of "electronic signature" and "electronic digital signature" is not only in the name. These are different technical and methodological approaches to the means of identifying persons in an electronic environment.

The concept and types of electronic signature

A broader concept is "electronic signature". It can be any designation that a person uses with the intention of signing a document.

Technical solutions can be either very simple, for example, inserting a scanned handwritten signature into an electronic document, or complex, based on cryptographic methods of protecting information from forgery.

An electronic digital signature is a type of electronic signature that uses cryptographic technologies that provide not only identification, but also the integrity of the message.

Conventionally, there are three approaches to the regulation of electronic signatures:

1. Regulation is tied to a certain technology, which is considered to be sufficiently reliable. In such cases, we are talking about electronic digital signatures. This approach has been used in Russia before. Now it is used, for example, in Germany, Italy.
2. The regulation is as neutral as possible to the technologies that can be used. The parties themselves determine the technology used to create an electronic signature and the degree of its reliability. This approach is used in the US and Canada.
3. A combination of these two approaches. In principle, the use of various technologies is allowed, but a special privileged type of electronic signatures is established that meets certain requirements. This approach is used in Russia now.

According to Art. 2 of the Electronic Signature Law, an electronic signature is information in electronic form that is attached to other information in electronic form (signed information) or is otherwise associated with such information and which is used to identify the person signing the information.

The law distinguishes three types of electronic signatures:

1. Simple electronic signature.
2. Enhanced unqualified electronic signature.
3. Enhanced qualified electronic signature.

It is worth noting in particular that Art. 4 of the Law on ES enshrines the right to use an electronic signature of any kind at its own discretion, except in cases where the law prescribes the use of a specific type of signature in certain cases.

Now let's talk more about each type.

Simple electronic signature

Such an electronic signature is created through the use of codes, passwords or other means and confirms the fact of its formation by a certain person.

This term includes:

• using a username and password to enter the personal account of the site;
• use of one-time passwords, sent in an SMS message when making a transaction;
• using an email address as an identifier.

1. It is contained in the electronic document itself.
2. The simple electronic signature key is applied in accordance with the rules established by the operator of the information system, within the framework of which the document was created and sent. In this case, the document must indicate the person who created it and sent it.

Many people are now shopping online. Usually, to place an order, you need to register on its website, which involves creating a username and password to enter your personal account.

It is the login and password that are the keys of a simple electronic signature. When placing an order, an electronic document is generated, in which the information system of the online store indicates the person who created and sent the order to the seller. This indication is a simple electronic signature.

Please note that the login and password are not the electronic signature itself, but the keys with which the signature is generated.

Is it possible to use a simple electronic signature to conclude a contract?

In accordance with Part 2 of Art. 6 of the Law on ES, an electronic document signed with a simple electronic signature is recognized as equivalent to a paper document signed with a handwritten signature only if the law or agreement between the participants in electronic interaction is directly indicated.

So far, the legislation provides for two cases when, in terms of legal force, a document signed with a simple electronic signature is equated to a paper document signed with a handwritten signature:

1. You can use a simple electronic signature when sending a request and other documents necessary for the provision of state or municipal services (part 3 of article 21.2 of the Federal Law of July 27, 2010 No. 210-FZ "On the organization of the provision of state and municipal services"). We use this type of signature on the Gosuslug portal.
2. This signature can be used by the insured by sending information to the insurer in electronic form in case of voluntary insurance (part 2 of article 6.1 of the Law of the Russian Federation of November 27, 1992 No. 4015-1 “On the organization of insurance business in the Russian Federation”).

The law is silent about the possibility of concluding contracts using a simple electronic signature. Therefore, it can be used if there is an agreement between the parties.

This can be interpreted not only as a requirement for the mandatory conclusion of a written agreement that allows the further exchange of electronic documents signed with a simple electronic signature.

The main thing is that the agreement takes place, is recognized by all participants in electronic interaction and complies with civil law.

If in response to an offer (proposal to conclude a contract) sent in electronic form using a simple electronic signature, an acceptance is sent (acceptance of an offer to conclude a contract) also in electronic form with the same signature or in the manner prescribed by the offer, this may also indicate that an agreement has been reached by performing conclusive actions.

In general, this is approximately what happens when ordering goods in an online store - before registering in a personal account, they are usually asked to put a mark in the checkbox indicating the buyer's consent to the offer.

The main disadvantage of such an electronic signature is that it does not allow establishing the immutability of an electronic document after it has been signed. When creating it, no cryptographic technologies are used.

When buying goods in an online store, the "login - password" link and the electronic document containing information about the order are not connected by means of cryptographic information conversion. Although in the above example, this is not particularly required. The order form on the site contains all the essential terms of the contract, and the risk of their unfair changes is small.

Enhanced unqualified electronic signature

An unqualified electronic signature (NES) is created as a result of cryptographic transformation of information using an electronic signature key.

This signature allows not only to identify the person who signed the document, but also to detect the fact that changes were made to this document after signing.

Unlike a simple electronic signature, an unqualified one, in addition to the identifying function, also performs a protective one.

This is where its benefits end.

To recognize a document signed by the NEP as equivalent to a paper document, either an indication of the law or a settlement of this point in the agreement of the parties is also necessary.

But technically, this signature is more “advanced”, respectively, and the degree of trust in the electronic document signed by it is higher. Therefore, an unqualified signature can be used in commercial relations to conclude supply, contract, service contracts, etc.

Most often, the NEP is used within the framework of a closed information system, which is used by counterparties.

An unqualified signature is sometimes used in the online banking industry. The signature verification key certificate is issued by the bank, which itself performs the functions of a certification center.

Transaction processing does not require the involvement of an external certification authority, and the signature's protective function allows you to fix the document at a certain point in time and track unauthorized changes if necessary.

Enhanced Qualified Electronic Signature

This type of signature corresponds to all the features of an unqualified electronic signature and is characterized by the presence of additional:

1. The signature verification key is specified in a qualified certificate issued by an accredited certification authority.
2. To create and verify a signature, tools are used that have confirmation of compliance with the requirements established by the Law on ES - they must be certified by the FSB of Russia.

The difference between a qualified and an unqualified electronic signature is obvious.

The status of an electronic document signed with a qualified electronic signature (QES) is much higher - by virtue of Part 3 of Art. 6 of the Law on ES, it is recognized as equivalent to a paper document signed with a handwritten signature and certified by a seal, unless the law expressly provides for an exclusively paper form of the document.

The presumption of the validity of the CEP, which is enshrined in the Law on ES, can only be refuted in court. The presumption is valid if 4 conditions are met (Article 11 of the Law on ES):

1. A qualified certificate has been created and issued by an accredited certification authority whose accreditation is valid on the date of issuance of the specified certificate.
2. A qualified certificate is valid at the time of signing an electronic document (if there is reliable information about the moment of signing an electronic document) or on the day of checking the validity of the specified certificate, if the moment of signing an electronic document is not determined.
3. There is a positive result of verification that the owner of the qualified certificate belongs to the qualified electronic signature with which the electronic document is signed, and the absence of changes made to this document after its signing is confirmed.
4. The CEP is used subject to the restrictions contained in the qualified certificate of the person signing the electronic document (if such restrictions are established, for example, by the maximum amount of the contract or its nature).

The possibility of verification by interested parties of the fact that the “public” key belongs to a certain person and the reliability of the technical means used to create the CEP is provided by the certification center. It establishes a link between an identified signer of a document and a specific "public" key.

In order for the certification center itself to be trusted, its mandatory accreditation is provided, which means confirmation by the Ministry of Telecom and Mass Communications of Russia of the center's compliance with the requirements of Art. 16 of the Law on EP.

A list of accredited CAs can be found at website of the Ministry of Telecom and Mass Communications of Russia.

The main task of the certification center is to create an electronic signature certificate and issue it to the applicant. To ensure that the certificate is linked to a real identity, the certification authority must establish the identity of the applicant. Therefore, a qualified certificate is issued upon his personal appearance with the presentation of identification documents.

The electronic signature verification key certificate is the most important document in the entire system of relations on the use of an electronic signature. The validity of the CEP itself depends on the validity of the certificate.

A certificate is a paper or electronic document that contains data that makes it possible to conclude that an electronic signature belongs to a specific person. It contains a public key that allows you to decrypt an electronic document signed with the sender's private key and make sure that the person who is declared in the certificate signed the document.

Also, the certificate allows you to perform the opposite procedure - to encrypt a message to ensure confidentiality, which can be opened and read only by the owner of the private key.

The owner of the certificate can be both an individual and a legal entity.

How to get an enhanced qualified electronic signature

First you need to decide what you need CEP for. There are many types of certificates and their purpose can also be different. As mentioned above, the certificate may contain certain restrictions on its use.

In addition, various requirements may apply to certificates for participation in auctions under 44-FZ, for working with the Rosreestr portal or in the GIS housing and communal services. You can usually find out about the requirements for a certificate for working with a particular information system from their representatives.

You can also use various online certificate selection services, for example, with this.

After that, in order to issue and receive an electronic signature, you can contact a specialist of an accredited certification center, who, based on the information about the information system, will determine the type of certificate you need.

The procedure for obtaining a certificate is approximately the following:

1. Apply for a certificate. Depending on the certification authority, an application can be submitted in different ways: through the website, by phone, by e-mail, or come in person.
2. Collection of the necessary package of documents for obtaining a certificate. What documents are required, you must be informed by a specialist of the certification center.
3. Payment for the issuance of a certificate and personal appearance at the certification center with a set of necessary documents. There the documents will be checked, then you will need to sign the contract.
4. After completing all the above formal procedures, you will receive a secure medium that looks like a regular “flash drive” containing a secret key and a certificate, or later you will receive an electronic certificate in your personal account on the website of the certification center.

And we must remember that the certificate has its own validity period, after which it must be renewed or reissued.

That's all, I hope the article was helpful. If so, please share it on social networks and also subscribe to