What is a Signature?


Acceptance of pure function under existing legislation



Yüklə 336,78 Kb.
səhifə7/12
tarix28.07.2018
ölçüsü336,78 Kb.
#61617
1   2   3   4   5   6   7   8   9   ...   12

4.2 Acceptance of pure function under existing legislation


The existing legislation requiring signatures gives little indication of a move from form to function. Only two enactments have been discovered which make express provision for the signature of documents which will not be in normal hard copy form. Both appear to preclude the use of an electronic signature. The clearest is reg. 17 of the Road Traffic (Parking Adjudicators) (London) Regulations 1993124 which provides:


  1. ‘This regulation has effect in relation to any notice or other document required or authorised to be delivered to the proper officer and is without prejudice to regulation 5(3).



  2. Any such document may be transmitted to him by FAX or other means of electronic data transmission.



  3. ...



  4. Regulations 3(4) and 5(4)125 -

  1. shall in the case of a document transmitted by FAX, be satisfied if a copy of the signature of the relevant person appears on the transmitted copy; and



  2. shall not apply in relation to a document transmitted by other means of electronic data transmission.’

The regulation is interesting because it expressly permits documents to be transmitted electronically. However, by providing in sub-section (4)(b) that where the electronic transmission is otherwise than by fax the documents do not need to be signed, the legislature seems clearly to have assumed that those electronic documents are incapable of signature.


The other provision is contained in Order 50, rule 6A of the County Court Rules 1981126 which is headed ‘Signature of documents by mechanical means’. It provides:
‘Where by or under these rules any document is required to bear a person’s signature, that requirement shall be deemed to be satisfied if that person’s name is printed by computer or other mechanical means.’
The reference to printing seems to envisage that the computer is merely the means of applying the signature to a hard copy document, and thus offers no evidence of a move from form to function.

4.3 Electronic signature technologies127


The problem with electronic documents is that they represent their information content (text, graphics and control characters that define the document’s layout, emphasis etc.) as a set of numbers. When an electronic document is edited, the new version is saved to disk and replaces the old version. The change in the set of numbers cannot normally be discovered by examining the document itself.
An electronic signature is produced by performing a mathematical function on the document, or part of it, which identifies the signatory and authenticates the contents of the document. To be an effective signature, the modified document must be producible only by the maker, and any attempt to change the content of the document must invalidate the signature. Electronic signatures have been made possible by the advances in cryptography since the end of World War II.
An electronic document is merely a string of 1s and 0s, and can therefore be treated as a series of numbers.128 Encryption is carried out by performing a series of mathematical functions (an encryption algorithm) which has two inputs; the series of numbers which represents the document (the plaintext), and a key, which is itself a number. The result is a series of different numbers, the ciphertext. There are two distinct types of encryption algorithm:


  • single key or symmetric encryption; and



  • public key or asymmetric encryption.

Single key encryption uses the same key to encrypt and decrypt, and thus the key needs to be known to both the sender and the recipient of a document. Public key encryption uses two different keys, each of which will decrypt documents encrypted by the other key. This means that one key can be kept secret, while the other is made public. All effective electronic signature techniques require the use of a ‘one-way function’. This means that if a document, signed electronically by A, is sent to B, B must be able to decrypt the document or its signature element, but must not be able to re-encrypt it with A’s key.


All encryption can be broken given sufficient time and computing resources. The effectiveness of encryption as a method of signing electronic documents relies on the fact that it is computationally infeasible129 to break the encryption method, and thus become able to forge the signature, within a reasonable period of time.

4.3.1 Single key encryption


The most commonly used single key encryption system is some variant of the Data Encryption Standard (DES).130 DES is a complicated form of encryption which is normally effected in hardware, but in essence it requires a key which is common to sender and recipient and kept secret from all others. This key is used to scramble the document to such a degree that it is computationally infeasible131 to unscramble it without knowing the key. The fact that a document is DES encrypted can therefore provide extremely strong evidence that it could have emanated only from one or other of the keyholders. This, however, does not authenticate it fully as both parties have the key. Either could alter the contents of the document and then re-encrypt it. The alteration would be undetectable, and the court would still be left with two documents, each claimed to be authentic. However, techniques have been invented which enable one-way functions, encryption which can only have been performed by one of the parties, to be performed using DES and thus to create a digital signature of the electronic document.132

4.3.2 Public key encryption


One of the best known public key encryption methods is RSA.133 The two keys are formed of pairs of integers: ks and n for the secret key, and kp and n for the public key. The key pair kp and n is made public. A document is encrypted by breaking its digital form into blocks, each of which is treated as a single number, raising each number to the power of ks or kp (depending on whether the secret or public key is being used) and then calculating the result modulus n.134 The document is decrypted using the same algorithm with the other key pair.135
Thus:
(plaintext)ks mod n ciphertext

(ciphertext)kp mod n plaintext



The effective security of the RSA algorithm depends on mathematical proof of the fact that, because of the way kp, ks and n are derived, it is computationally infeasible to calculate ks knowing only kp and n.136
The RSA algorithm was originally devised to allow encrypted messages to be sent to the holder of the secret key, which only he would be able to decipher. However, because the algorithm is symmetrical it is also possible to encrypt a document using the sender’s secret key ks and decrypt it with the public key kp. This is the method used to effect a digital signature.137
In practice, encrypting an entire document using RSA is computationally expensive, and so a single key encryption system such as DES or IDEA is used to ensure that transmission of the document remains private, while RSA is used to make a digital signature by encrypting a smaller file which derives from the original document. Many encryption products which can be used to create digital signatures are now available, the best known of which is probably PGP.138


Yüklə 336,78 Kb.

Dostları ilə paylaş:
1   2   3   4   5   6   7   8   9   ...   12



Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©muhaz.org 2024
rəhbərliyinə müraciət
gir | qeydiyyatdan keç
    Ana səhifə
Dərs
Dərslik
Guide
Kompozisiya
Mücərrəd
Mühazirə
Qaydalar
Referat
Report
Request
Review

yükləyin