What is a Digital Signature?
A digital signature is an advanced and secure form of an electronic signature. It is used to validate the signer’s identity and authenticity of the signed document or file.
The common way of creating a digital signature is by using Public Key Cryptography (PKC). Systems using PKC are also called Public Key Infrastructures (PKI).
PKI is a proven technology and is the most widely used technique for providing digital verification of electronic data, like documents or transactions.
This technique uses an asymmetric key pair comprised of one Secret key and one Public key. The secret key which is used for signing is always kept safe and could be known only to an entity who is signing the document or data. The public key which is used for verification can be (and usually is) published online. In general, to check if the Digital signature is properly signed by someone, all that is needed is a Public key.
The digital signature provides three basic facts:
Authentication – Proof of origin, who actually signed the document. Digital signatures are linking the user’s signature to an actual entity or person, which can be surely identified.
Integrity – It is always prime interest to keep the data safe and unchanged in transit. The sender and receiver of a message have a crucial need for confidence that the data has not been altered during transmission. Since Digital Signature is comprised of the hash calculated from the data (document or file) signed by the user’s Secret key if any bit of the signed document is changed the Digital Signature becomes invalid. This makes Digital Signature a 100% reliable proof of integrity.
Non-repudiation – A confident proof that someone signed a particular data or document which cannot be denied. Furthermore, the entity who has signed it, cannot deny that action at a later time. Simple possession of secret keys at a safe uncompromised place is enough proof of signing origin.
What is different with uFR Series?
Common PKI and DS scenario is to use smart cards with the contact interface. The contact interface is a decades-old technology that has many flaws. The biggest ones being: contact pads are prone to physical damage and need frequent changes; the process of inserting cards into a contact reader takes a long time; users often leave their contact cards inside the reader because it is bothersome to insert it every time.
We are using only the Contactless interface of smart cards. This makes the digital signing process much quicker, simply by taping a card on the reader.
We provide complete API and SDK examples with source codes for easy and quick integration of our products into your PKI and Digital Signing scheme.
Using our software examples you can easily sign any data and check that signature later.
Most common cases use RSA as an encryption algorithm. In addition to RSA, we also implemented the ECDSA (Elliptic Curve Digital Signature Algorithm), which is the next generation of Digital Signatures. It’s much lighter, faster, and more secure. At this moment we support nearly all curves approved by NIST (National Institute of Standards and Technology).
Furthermore, we provide the PKCS module for integration into Adobe Acrobat Reader, so you can easily sign your PDF documents with few clicks using our uFR Series devices.