Electronic signatures and digital signatures are inherently different. Digital signatures are one of the electronic signature technologies, but the two are also very close. The signatures mentioned in the electronic signature law usually refer to "digital signatures".
To understand what an electronic signature is, you need to start with traditional craftsmanship or stamping.
In traditional business activities, in order to ensure the safety and authenticity of the transaction, a written contract or official letter must be signed and sealed by the parties or their responsible persons, so that both parties of the transaction can identify who signed the contract and ensure that the person who signed or sealed the contract. Recognizing the content of the contract, the contract can only be recognized in the law as useful. In the virtual world of e-commerce, contracts or documents are expressed and transmitted in the form of electronic documents.
On electronic documents, traditional handwritten signatures and seals cannot be performed, so it is necessary to rely on technical means to replace them. Electronic signatures are electronic technical means that can identify the real identities of buyers and sellers on both sides in electronic documents, ensure the safety and authenticity of transactions, and ensure the safety and authenticity of transactions.
Legally speaking, the signature has two functions: that is, to identify the signer and to indicate the signer's approval of the content of the document. The United Nations Conference on Trade and Development's "Electronic Signature Demonstration Act" defines an electronic signature as follows: "refers to data electronically contained in, attached to, or logically related to a data message that can be used to identify and The signatory associated with the data message and the signatory indicating that the signatory approves the information contained in the data message"; in the European Union's "Electronic Signatures and Structured Directive" on the rules? "" Electronically attached or logically related to other electronic data. Data, as a method of identification" is called electronic signature.
There are many technical means to complete electronic signatures, but now compared with the sophisticated, the electronic signature technology widely used in advanced countries in the world is still the "digital signature" technology. Since adhering to technology neutrality is a fundamental principle of making laws, there is no reason to say that public key cryptography is the only technology for making signatures, so it is necessary to define a more general concept to accommodate future technology development. However, the signature mentioned in the current electronic signature law usually refers to the "digital signature".
The so-called "digital signature" is to generate a series of symbols and codes through a certain cryptographic operation to form an electronic cryptogram for signature, instead of a written signature or seal. Usually the verification of craft signatures and book seals is incomparable. "Digital signature" is an electronic signature method with the most widespread use, the most sophisticated skills and the strongest operability in e-commerce and e-government. It adopts standardized procedures and scientific methods to determine the identity of the signer and the recognition of the content of an electronic data. It can also verify whether the original text of the document has changed during the transmission process, and ensure the integrity, authenticity and non-repudiation of the transmitted electronic document.
The digital signature is defined in the ISO7498-2 specification as: "Some data attached to the data unit, or a cryptographic change made to the data unit, this data and change allow the receiver of the data unit to recognize the origin of the data unit and the integrity of the data unit and to maintain the data from being falsified by a person such as the recipient". The American Electronic Signature Specification (DSS, FIPS186-2) explains the digital signature as follows: "The result of computing data using a set of rules and a parameter, with which the identity of the signer and the integrity of the data can be recognized". According to the above definition, PKI (Public Key Infrastructino public key infrastructure) provides a password change that can provide data units, and enables the receiver to identify the origin of the data and verify the data.
The central executive organization of PKI is the electronic certification service provider, commonly known as the certification organization CA (Certificate Authority). The central element of PKI signature is the digital certificate issued by the CA. The PKI services it provides are authentication, data integrity, data confidentiality and non-repudiation. Its method is to use the public key of the certificate and the corresponding private key to encrypt/decrypt, and to generate the signature of the digital message and verify the signature.
Digital signature is to use public key cryptography and other cryptographic algorithms to generate a series of symbols and codes to form electronic cryptography for signature, instead of writing signatures and seals; this electronic signature can also be technically verified, and the verification accuracy is Verification of artisan signatures and book stamps is unmatched in the physical world. This signature method can be authenticated in a large group of trusted PKI domains, or interspersed with multiple trusted PKI domains, and it is particularly suitable for secure authentication and transmission over the Internet and WAN.