10 Electronic Signature
10.1 Guaranteed electronic signature

From a cryptographic point of view, an electronic signature is understood as a set of partial cryptographic functions that ensure identification, authentication, integrity, and undeniability. Mathematically, the electronic signature is just one large number.

The following figure shows the process of creating a secured electronic signature. The numbers in the figure indicate the steps of the process of creating a guaranteed electronic signature.

image
The process of creating a guaranteed electronic signature

Any digital data such as text (PDF, TXT, DOCX, RTF, XLSX, ...), image (BMP, JPG, GIF, PNG, ...), audio (WAV, MP3, FLAC, (AVI, MPG, ...), executable files (EXE, COM, ...), and more, can be signed electronically. Essentially, anything can be signed electronically.

The following figure shows the process of verifying the guaranteed electronic signature. The numbers in the figure indicate the steps of the verification process of the guaranteed electronic signature.

image
Verification process for guaranteed electronic signature

The secured electronic signature ensures integrity of the messages and documents transmitted, identification of the communicating parties, authentication of the communicating parties (i.e. verification of their identification), undeniability and unrefusability.

However, the guaranteed electronic signature does not guarantee the legal acceptability of the signed documents.

The eIDAS Regulation defines the guaranteed electronic signature in Article 3 (11), if it fulfills the conditions in Article 26, then:

  1. It is clearly associated with the signatory.
  2. It enables identification of the signatory in relation to the data message.
  3. It (the guaranteed signature) has been created and attached to the data message by using tools that the signatory can keep under his/her exclusive control.
  4. It is attached to the data message to which it relates in such a way that any subsequent data change can be detected.