What is an electronic signature?
The electronic signature is the equivalent to the handwritten signature on paper documents and answers the following questions:
1. who is the signatory or author of the document?
(Authenticity / Copyright)
2. was the document changed after signing it?
(Integrity / Proof of tampering)
The safest variant with the highest evidential value is the so-called “qualified” electronic signature, which corresponds to the written form according to § 126 BGB (with a few exceptions). In addition, there are the so-called “advanced” and “simple” electronic signatures, which result in lower evidentiary values.
Distinction between “digital signature”
and “electronic signature
The terms “digital signature” and “electronic signature” are often used synonymously. This equation is simplistic and technically incorrect. “digital signature” is a technical term that describes a class of cryptographic (i.e. mathematical) methods. “electronic signature”, on the other hand, is a purely legal term, which was first used by the European Commission in a revised draft of EU Directive 1999/93/EC to avoid linking the legal regulations to a particular technology.
How does a digital signature work?
The technical procedure is based on the use of two different electronic keys (signature key pair), which are individually assigned to a user within a so-called Public Key Infrastructure (PKI):
1. the private key (private key or signature key) and
2. the public key (public key or signature verification key)
The public key is linked to a so-called certificate (= electronic identity), which contains certain information about the owner of the key pair. The mathematical function used when creating the key pair ensures that the private key cannot be calculated even if the public key is known.
Creating a signature
The signature key holder can sign files electronically with the private key To do this, a hash value is determined from the electronic document to be signed using a hash function. If the content of the document remains unchanged, the hash value calculation always leads to the same result. This hash value is encrypted using the private key and linked to the signer’s certificate and the original document. Together they form the electronically signed document.
Verifying a signature
The public key is used to verify the signature It decrypts the hash value encrypted with the private key. Regardless of this, the hash value of the present file is recalculated from the electronic original document. Now a suitable test software compares the two hash values. If the two values do not match, the present document has been changed. If the hash values are identical, proof is provided that the verified document is unaltered (integrity). The authenticity of the author of the document is determined by verifying the electronic signature of the certificate and the certificate validity online with the trust service provider.