19
Risks of data manipulation and theft Gateway verage route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A B B's provider Berlin New York Sydney Potential risks Reading Modifying Copying Intercepting Cape Town Rome Helsinki Electronic Signatures Electronic Signatures 1

Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Embed Size (px)

Citation preview

Page 1: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Risks of data manipulation and theft

Gateway

Average route travelled by an email sent via the Internet from A to B

Washington DC

A's provider

Paris

A BB's provider

Berlin

New York

Sydney

Potential risks

Reading

Modifying

Copying

Intercepting

Cape Town

Rome

Helsinki

Electronic Signatures

Electronic Signatures11

Page 2: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Areas of application for electronic signatures

Communicating with judicial bodies• eg lawyers writing, signing, encrypting (safeguarding clients' secrets) and emailing

electronic claims and actions to the competent courts

Communicating with public authorities• eg individuals completing, signing, encrypting and emailing electronic tax returns• eg building contractors signing, encrypting and emailing electronic bids in response to invitations to tender

Communicating in the private sector• eg customers communicating with companies, for instance for banking purposes• eg strangers communicating via the Internet• eg signing emails

Anywhere where legally binding declarations of will require a signature and where

– trustworthy communications, – reliable identification, and – integrity of electronic data

are a key factor,

can legally compliant electronic signatures legally compliant electronic signatures be used.

Electronic Signatures

22

Page 3: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

Smartcard

Smart card reader

(Internal/external)

• PC and smart card reader

• Smart card with signature key

• Communication link

• Appropriate software

33

Which components does a user need?

Page 4: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

An electronic signature is the electronic equivalent of a handwritten signature;

in other words, it can be used to

Electronic signatures cannotcannot ensure the confidentiality of electronic

documents.

• reliably verify that an electronic document

has not been modified,

• reliably identify the person who has signed

an electronic document, and

• verify both the INTEGRITY of an electronic

document and the IDENTITY of the person

who has signed it on a long term basis.

INTEGRITY

IDENTITY

VERIFIABILITY

Electronic Signatures

44

What does an electronic signature do?

Page 5: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

IDENTITYINTEGRITY VERIFIABILITY

The INTEGRITY of a document is ensured in two stages:

1. A digital fingerprint, called a "HASH VALUE", is calculated from the electronic data in

the document.

The key characteristics of HASH VALUES are that

a. each hash value calculated from the same document will always be the

same, however many times it is recalculated, and

b. each different document will invariably have a different hash value.

2. The HASH VALUE is attached to the document from which it was calculated.

55

Page 6: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

IDENTITYINTEGRITY VERIFIABILITY66

1. The original HASH VALUE is separated from the document.

2. A new HASH VALUE, called the "reference HASH VALUE", is calculated from the

electronic data in the document.

Verification

How to verify whether or not a document has been modified:

If the original HASH VALUE and the

reference HASH VALUE are the same,

then the document has not been modified.

If the document has been manipulated, then

the original HASH VALUE and the reference

HASH VALUE will not be the same.

INTEGRITY = OK INTEGRITY = violated

Page 7: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

IDENTITYINTEGRITY VERIFIABILITY

Electronic signature

A HASH VALUE is not personalised; in other words, • the same documents will always have the same HASH VALUE, even if they have been

produced by different people.

Personalising a HASH VALUE, or "electronically signing" a document, means• mathematically calculating a new value from the HASH VALUE using a secret (private)

key; the secret key is unique to one person, which means that the personalised HASH

VALUE is also unique to that one person.

The secret key is called the "SIGNATURE KEY".

A HASH VALUE personalised using a SIGNATURE KEY is also called an

ELECTRONIC SIGNATURE.

77

Page 8: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

INTEGRITY VERIFIABILITY

Certificate

88

An ELECTRONIC SIGNATURE is uniquely bound to one natural person by a "CERTIFICATE",

the digital equivalent of an identity card:

The CERTIFICATE contains

details of the identity of the holder of the

SIGNATURE KEY,

details of the period of validity of the

certificate, and

a reference to the service provider issuing

the certificate.

Surname, forename

Pseudonym (optional)

Valid from:

Valid until:

Issued by:

Certification service provider xy

CERTIFICATECERTIFICATE

IDENTITY

Page 9: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

INTEGRITY VERIFIABILITY

Signature verification key

99

A CERTIFICATE also contains details of

the SIGNATURE KEY bound to the person named in the CERTIFICATE.

This is done using a

public SIGNATURE VERIFICATION KEY

belonging to the SIGNATURE KEY.

The issuing service provider electronically signs the

CERTIFICATE to protect it against manipulation.

Surname, forename

Pseudonym (optional)

Valid from:

Valid until:

CERTIFICATECERTIFICATE

SIGNATURE VERIFICATION KEY

IDENTITY

Issued by:

Certification service provider xy

Page 10: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

INTEGRITY VERIFIABILITY

Root certification authority

1010IDENTITY

A body issuing a CERTIFICATE is called a "CERTIFICATION SERVICE PROVIDER".

In electronic commerce CERTIFICATES are the (official) documents confirming the identity of a

SIGNATURE KEY holder.

This means that the CERTIFICATION SERVICE PROVIDERS have particular importance and

responsibility in electronic commerce.

The trustworthiness of a CERTIFICATION SERVICE PROVIDER is attested in a CERTIFICATE.

The CERTIFICATES for CERTIFICATION SERVICE PROVIDERS are issued by

RegTP, the "ROOT CERTIFICATION AUTHORITY".

Page 11: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

1111INTEGRITY VERIFIABILITY

Verification

IDENTITY

How to verify an electronically signed document:

DOCUMENT

CERTIFICATESigner

ISSUERCertification

serviceprovider xy

The SIGNATURE VERIFICATION KEY in the CERTIFICATE of the signer is used to verify the

INTEGRITY of the document.

SIGNATUREVERIFICATION KEY

INTEGRITY

Page 12: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

1212INTEGRITY VERIFIABILITY

Verification

IDENTITY

How to verify an electronically signed document:

DOCUMENT

SIGNATUREVERIFICATION KEY

INTEGRITY

CERTIFICATECertification

serviceprovider xy

ISSUERRegTP

INTEGRITY

The SIGNATURE VERIFICATION KEY of the CERTIFICATION SERVICE PROVIDER in the

CERTIFICATE of the issuer is used to verify the INTEGRITY of the CERTIFICATE.

CERTIFICATESigner

ISSUERCertification

serviceprovider xy

Page 13: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

1313INTEGRITY VERIFIABILITY

Verification

IDENTITY

How to verify an electronically signed document:

DOCUMENT

SIGNATUREVERIFICATION KEY

INTEGRITY

CERTIFICATECertification

serviceprovider xy

ISSUERRegTP

INTEGRITY

CERTIFICATESigner

ISSUERCertification

serviceprovider xy

IDENTITY

As the CERTIFICATE binds the SIGNATURE VERIFICATION KEY to the signer, confirming the

INTEGRITY of the CERTIFICATE also confirms the IDENTITY of the signer.

Page 14: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

1414INTEGRITY VERIFIABILITY

Verification

IDENTITY

The trustworthiness of CERTIFICATES is similarly verified:

SIGNATUREVERIFICATION KEY

INTEGRITY

CERTIFICATERegTP

ISSUERRegTP

INTEGRITY

CERTIFICATECertification

serviceprovider xy

ISSUERRegTP

IDENTITYIDENTITY

CERTIFICATESigner

ISSUERCertification

serviceprovider xy

The IDENTITY of the CERTIFICATION SERVICE PROVIDER is verified using RegTP's

CERTIFICATE.

Page 15: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

INTEGRITY

CERTIFICATERegTP

ISSUERRegTP

INTEGRITY

CERTIFICATECertification

serviceprovider xy

ISSUERRegTP

IDENTITYIDENTITY

CERTIFICATESigner

ISSUERCertification

serviceprovider xy

INTEGRITY

IDENTITY

RegTP's CERTIFICATE, called the "ROOT CERTIFICATE", can be verified directly.

1515INTEGRITY VERIFIABILITY

Verification

IDENTITY

The trustworthiness of CERTIFICATES is similarly verified:

Page 16: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

CERTIFICATERegTP

ISSUERRegTP

INTEGRITY

IDENTITY

1616INTEGRITY VERIFIABILITY

Valid document

IDENTITY

A document has a valid signature where the INTEGRITY of the

DOCUMENT

CERTIFICATESigner

ISSUERCertification

serviceprovider xy

INTEGRITY

IDENTITY

INTEGRITY INTEGRITY

IDENTITY

CERTIFICATECertification

serviceprovider xy

ISSUERRegTP

has been verified. These checks are made automatically.

Page 17: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

1717INTEGRITY VERIFIABILITY

Trust centre directory service

IDENTITY

A list is kept of all the CERTIFICATES needed to verify an electronically signed document.

A list, called a "CERTIFICATE REVOCATION LIST", is also kept of all the CERTIFICATES that have been revoked.

A CERTIFICATE can be revoked if, for instance, the SIGNATURE KEY of the holder identified in the CERTIFICATE has been stolen. As soon as a CERTIFICATE has been revoked, it cannot be used to create a valid electronic signature.

The DIRECTORY SERVICE and the technical components used by a CERTIFICATION SERVICE PROVIDER to produce certificates are located in a particularly secure environment, called a "TRUST CENTRE".

The list of CERTIFICATES and the CERTIFICATE REVOCATION LIST together form the DIRECTORY SERVICE. The DIRECTORY SERVICE is available to anyone at any time(24 hours a day) for information for validity checks.

Page 18: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

1818INTEGRITY VERIFIABILITY

Infrastructure

IDENTITY

All the elements contributing to the VERIFIABILITY of ELECTRONIC SIGNATURES

are termed "CERTIFICATION INFRASTRUCTURE" and include:

NationalROOT CERTIFICATION

AUTHORITY – State –

CERTIFICATIONSERVICE PROVIDERS

– Private –

USERS– Institutions, companies,

private individuals –

issues certificates for

issue certificates for

ROOT CAGermany

CA 1 CA n...

ROOTCountry XY

Page 19: Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A

Electronic Signatures

1919INTEGRITY VERIFIABILITY

Long term signatures

IDENTITY

In order to create the equivalent of handwritten signatures, electronically signed documents must remain VERIFIABLE over long periods of time (decades):

This means that the DIRECTORY SERVICE of each CERTIFICATION SERVICE PROVIDER must operate reliably over a period of years and must be interoperable with other DIRECTORY SERVICES in the same INFRASTRUCTURE.

In addition, all the procedures and technical components used must have been comprehensively verified in order to guarantee a high level of security for electronically signed documents on a long term basis.

The new Electronic Signatures Act takes full account of these special circumstances by creating a framework that ensures the security of electronic signatures.

RegTP's TRUST CENTRE was the first to meet the stringent security requirements of the Act. It forms the core of Germany's CERTIFICATION INFRASTRUCTURE for electronic signatures.