A digital signature is the cryptographic implementation of an electronic signature. With the help of the digital signature, electronic documents can be signed digitally. The aim is to prove the identity of the signer beyond doubt and to ensure the integrity of the electronic message. The digital signature uses cryptographic processes based on private and public keys. It can replace the handwritten signature of a paper document.
What is a digital signature?
To better understand the terms “electronic signature” and “digital signature”, it is first necessary to draw a distinction between the two, as they are often used synonymously. The electronic signature, also known as the electronic signature, is a legal term. It describes electronic processes in which other electronic data is added to electronic data in order to verify the identity of the originator and ensure the integrity of the information. It is possible to distinguish between general, advanced, and qualified electronic signatures. The technology used for the signature, the term electronic signature does not specify.
A digital signature is an implementation form of electronic signature that uses cryptographic methods with private and public keys to sign a message. Digital signatures can be used to create secure electronic signatures in accordance with legal requirements.
Different types of electronic signatures
Legally, three different types of electronic signatures are defined by the eIDAS Regulation (European Union Regulation on Electronic Identification, Authentication and Trust Services), which has been in force in Europe since 2018. These are:
- The general or simple electronic signature,
- The advanced electronic signature
- The qualified electronic signature
Each type of signature meets certain requirements. The highest requirements are placed on the qualified electronic signature. A simple electronic signature does not have to meet any special requirements. However, it is not legally verifiable. For example, the name of the author under an e-mail is a simple electronic signature.
Advanced electronic signatures enable the signatory to be uniquely identified. Legally, the party relying on a signature has the burden of proving that the digital signature and identifiers are genuine. A qualified electronic signature is based on a qualified certificate and was created with a secure signature creation device (SSCD). Legally, the qualified electronic signature can replace the written form of a signature on paper.
How the digital signature works
To create a digital signature, a unique and non-reversible hash value is first generated from the message to be signed. The signer encrypts the hash value with his private key and adds the resulting string (the signature) to the message. The recipient decrypts the signature using the signer’s public key and compares the hash value received with the hash value calculated from the message itself.
If both values match, the signature is correct and the identity of the signer and the integrity of the message are assured. If the message has been modified after signing or if someone has signed the message with a different private key, the check returns an error at the recipient’s end.
A prerequisite for the applicability of the procedure is that the public key can be uniquely assigned to the signer and that only the signer is in possession of the private key. Public Key Infrastructure (PKI) can be used to ensure that these requirements are met.
Areas of application for digital signatures
Typical areas of application for electronic signatures are:
- Legally secure exchange of electronic information, for example, by e-mail
- Electronic online tax returns via Elster
- Processing online tenders
- Ensuring the authenticity and integrity of software
- Online banking
- Electronic voting systems