<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=4052188&amp;fmt=gif">

The technology behind digital signatures is called PKI or Public Key Infrastructure. In order to go paperless in industries that rely on securing signatures for legal documents, there has to be a secure way to protect that digital signature for the end user as well as the business.

PKI uses asymmetric key-pair encryption. The only way to decrypt data encrypted with one key in the pair is by using the other key in the pair. This key pair is comprised of a public key and a private key. The public key, may be shared freely, as this key does not need to be kept confidential. The private key, on the other hand, must be kept secret. The owner of the key pair must guard his private key closely, as sender authenticity and non-repudiation are based on the signer having sole access to his private key. A Certification Authority, who confirms and verifies the identity of an individual before issuing a certificate, certifies the key pair. This forms the 'Digital Identity' for that individual. The certificate issued is called the 'Digital Certificate'.

public key encryptionThere are a few important characteristics of these key pairs. They are mathematically related to each other, it is impossible to calculate one key from the other. Therefore, the private key cannot be compromised through knowledge of the associated public key. Second, each key in the key pair performs the inverse function of the other. What one key does, only the other can undo. The private key is used for signing and decrypting a message or a document while the public key is used to verify or encrypt.

There are 7 basic steps that are taken in this process:

  1. An Individual applies to Certification Authority for Digital Certificate.
  2. CA proofs and identifies the individual and issues Digital Certificate.
  3. CA publishes Certificate to Repository.
  4. Individual digitally signs electronic message with Private Key to ensure Sender Authenticity, Message Integrity and Non-Repudiation and sends the message.
  5. The receiving party receives message, verifies Digital Signature with the individual's Public Key, and goes to Repository to check status and validity of Individual's Certificate.
  6. Repository returns results of status check on Individual's Certificate to verifying party.
  7. Digital certificates

There is a great need for imporved cyber-security in regards to electronic signatures. Higher education is one of the areas in which digital signature technology would greatly reduce the risks of attacks, viruses, and spam that colleges and universities face on a daily basis. Not only does this protect information handled online, but it reduces paper waste.

Using PKI technology, digital signature software offers unique solutions to real problems.

With extensive deployment in the federal government and among notable industry giants, a sound foothold in higher education, and significant new developments.

download our white paper on the differences between digital signatures and electronic signatures

 

You may also like

Product Release Solidifies SIGNiX as Market Leader for Secure Digital Signatures
Product Release Solidifies SIGNiX as Market Leader for Secure Digital Signatures
1 October, 2013

Electronic signature vendor updates its cloud service to make it faster and easier to get documents signed online. Octob...

Video: Happy Customers Show How to Sign Documents Online
22 April, 2013

We have a special treat for you today, a video that shows how to sign documents online with SIGNiX’s technology. The vid...

Steven Bettis Joins SIGNiX as New Senior Vice President of Sales
Steven Bettis Joins SIGNiX as New Senior Vice President of Sales
21 February, 2013

Bettis brings more than twenty years of sales and management experience to a growing digital signature company. CHATTANO...