Flux rss

Electronic signatures

Introduction to the concept of electronic signatures

The paradigm of electronic signatures (also called digital signatures) is a process that makes it possible to guarantee the sender's authenticity (authentication function) and verify the integrity of the received message.

Electronic signatures also feature a non-repudiation function, that is, they make it possible to ensure the sender really sent the message (in other words, they keep the sender from denying he sent the message).

What is a hash function?

A hash function is a function that makes it possible to obtain a hash (also called a message digest) of a text, that is, a fairly short series of characters representing the text it hashes. The hash function must be such that it associates just one hash with a plaintext (this means the slightest modification to the document will cause its hash to be modified). Moreover, it must be a one-way function so the original message cannot be retraced from the hash. If there is a way to find the plaintext from the hash, the hash function is said to have a "trapdoor".

creating a document\'s fingerprint using a hash function

As such, the hash can be said to represent the document's fingerprint.

The most widely used hash algorithms are:

  • MD5 (MD meaning Message Digest). Developed by Rivest in 1991, MD5 creates a 128-bit fingerprint from a randomly sized text by processing it in 512-bit blocks. It is common to see downloaded documents from the Internet accompanied by an MD5 file: this is the document's hash that makes it possible to verify the document's integrity)
  • SHA (for Secure Hash Algorithm) creates fingerprints that are 160 bits long.
    • SHA-1 is an improved version of SHA dating from 1994 and producing a 160-bit fingerprint from a message with a maximum length of 264 bits by processing it in 512-bit blocks.

Integrity verification

By sending a message along with its hash, it is possible to guarantee a message's integrity, that is, the recipient can make sure the message was not altered (intentionally or by chance) during the communication.

ensuring integrity using the document\'s fingerprint

When receiving the message, the recipient simply has to calculate the received message's hash and compare it with the hash accompanying the document. If the message (or the hash) was falsified during the communication, the two fingerprints will not match.

Data sealing

Using a hash function makes it possible to verify that the fingerprint corresponds to the received message, but nothing proves the message was actually sent by the person claiming to be the sender.

To guarantee the message's authenticity, the sender simply has to encrypt (we generally say sign) the hash using his private key (the signed hash is called a seal) and send the seal to the recipient.

document sealing function

When receiving the message, the recipient simply has to decrypt the seal with the sender's public key, then compare the hash obtained with the hash function with the hash received as an attachment. This seal creation function is called sealing.

More information



Last update on Thursday October 16, 2008 02:43:18 PM.
This document entitled « Electronic signatures » from Kioskea (en.kioskea.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the licence, as this note appears clearly.

Results for

Cryptography - The SET protocol SET (Secure Electronic Transaction) is a protocol that was developed by Visa and MasterCard and that uses the SSL standard. SET is based on the use of an electronic signature from the buyer and a transaction involving not only the buyer and the... en.kioskea.net/crypto/set.php3
E-Business - Electronic Data Interchange (EDI) Electronic Data Interchange (EDI) can be defined as the exchange, between computers, of data regarding transactions by using networks and standardized forms. The information from the computer system of the issuer travels via networks to the computer... en.kioskea.net/entreprise/edi.php3
E-Business - Introduction to electronic commerce The term "Electronic commerce" (or e-Commerce) refers to the use of an electronic medium to carry out commercial transactions. Most of the time, it refers to the sale of products via Internet, but the term eCommerce also covers purchasing mechanisms... en.kioskea.net/entreprise/e-commerce.php3

Results for

How to add signature under ThunderBirdHow to add signature under ThunderBird Thunderbird allows you to input your signature or a text at every mail that you send automatically. To create your signature , first of all, right click on your desktop and select “NewContent... en.kioskea.net/faq/sujet-583-how-to-add-signature-under-thunderbird
[Debian] Apt-get : NO_PUBKEY / GPG error[Debian] Apt-get : NO_PUBKEY / GPG error When updating the Debian based system, it may happens that the apt-get displays an error message like: W: GPG error: ftp://ftp.debian.org/ testing Release: The following signatures couldn't be... en.kioskea.net/faq/sujet-809-debian-apt-get-no-pubkey-gpg-error
Installation of Firefox 2.0+Java+flashInstallation of Firefox 2.0+Java+flash with command line Introduction Firefox Installation Creating Environnement Download firefox and signature Firefox Installation Using Desktop Icon For Gnome For KDE From the menu PLUGIN... en.kioskea.net/faq/sujet-853-installation-of-firefox-2-0-java-flash
Voir les réponses

Results for

Attaching signature in OutlookHello, Can anyone be so kind as to describe how I can automatically attach signatures to Outlook messages that are sent from other Office Software such as Excel, or recommend a third party application if necessary.... en.kioskea.net/forum/affich-6058-attaching-signature-in-outlook
IE error signatureHello Qualy I had this problem too( suddenly the IE can not open the thread, and a message: Internet erroe, signature) And people advise me to do the following steps: -open IE -on the Tool->Internet options->advanced tab-> uncheck the enable third... en.kioskea.net/forum/affich-19677-ie-error-signature
Signature in outlook !Hello everyone! Does anyone know where Vista stores signatures for Outlook? en.kioskea.net/forum/affich-891-signature-in-outlook
Voir les réponses

Results for

Download Alpha DanceAll around you, wherever you go, whatever you make, you will always be facing words and of letters. Whether it is in paper or electronic version, your documents contain alphabetic characters. On your computer, letters and figures which you see in the... en.kioskea.net/telecharger/telecharger-634-alpha-dance
Download Some Txt to PDF ConverterDocuments PDF are formats most on and the most stable for the electronic transfers, since they cannot be changed. Because of this or that you do not risk changing by keeping the format of the text or the layout of the document. Some Text to PDF... en.kioskea.net/telecharger/telecharger-573-some-txt-to-pdf-converter
Download ATnotes The accros of post - it will be enraptured of this electronic version. ATnotes and a free program generating post - it on your office. It is situated in the bar of launching of the system require only little means. With ATnotes, you will not lose... en.kioskea.net/telecharger/telecharger-152-atnotes
Voir les réponses

Results for

Eye-shaped camera key step to electronic retina: studyA man peers through an iris recognition system in 2006. Inspired by the human anatomy, researchers in the United States have created the world's first curved electronic "eye" camera, according to a study released Wednesday. Inspired by the human... en.kioskea.net/actualites/eye-shaped-camera-key-step-to-electronic-retina-study-10591-actualite.php3
In US, electronic repo device stalls cars of late payersPeople check out vehicles for sale at a car dealership in Fontana, California. The credit squeeze that has helped put the brakes on the US economy is now stalling cars, as loan companies and automobile sellers install electronic repossession devices... en.kioskea.net/actualites/in-us-electronic-repo-device-stalls-cars-of-late-payers-10330-actualite.php3
Take-Two urges stockholders not to sell to Electronic ArtsFile photo shows visitors at the 2006 Electronic Entertainment Expo in Los Angeles. Take-Two Interactive urged shareholders on Wednesday to reject a takeover bid by Electronic Arts Take-Two Interactive urged shareholders Wednesday to reject a bid by... en.kioskea.net/actualites/take-two-urges-stockholders-not-to-sell-to-electronic-arts-10236-actualite.php3
Voir les réponses

Results for

E-Business - Electronic document management (EDM) EDM (Electronic Document Management or Electronic Content Management, ECM) covers the use of computerized means for the entire management of an electronic document (text file, spreadsheet, image, video, audio file, etc.). The goal of EDM is to suceed... en.kioskea.net/entreprise/ged.php3
Computer - Cathode Ray Tube monitor (CRT) Most monitors (computer screens) use cathode ray tubes (or CRT for short), which are glass vacuum tubes into which an electron gun emits a flow of electrons guided by an electrical field towards a screen covered in small phosphorescent elements. The... en.kioskea.net/pc/ecran-crt.php3
Protection - Uninterruptible Power Supply An uninterruptible power supply (UPS) is a device that protects electronic equipment from power uncertainties. A UPS is a device that is interfaced between the electric network (connected to utility power) and the materials that need protecting. The... en.kioskea.net/protect/onduleur.php3
Voir les réponses