Digital signatures: How it s done in PDF

Similar documents
EDTA, itext and INBATEK Conference. Bangkok, July 27, 2017

UELMA Exploring Authentication Options Nov 4, 2011

eidas-compliant signing of PDF

EXBO e-signing Automated for scanned invoices

ETSI TS V1.2.1 ( ) Technical Specification

Electronic Seal Administrator Guide Published:December 27, 2017

BlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE. Cryptographic Appliances with Integrated Level 3+ Hardware Security Module

Public Key Infrastructure PKI. National Digital Certification Center Information Technology Authority Sultanate of Oman

Digital Certificates Demystified

INSTRUCTION FOR OPERATION WITH DESKTOP SIGNER

Resolution of comments on Drafts ETSI EN to ETSI EN May 2014

IFY e-signing Automated for scanned invoices

CSE 565 Computer Security Fall 2018

PKI Knowledge Dissemination Program. PKI Standards. Dr. Balaji Rajendran Centre for Development of Advanced Computing (C-DAC) Bangalore

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Overview & Specification

FIS and DCS User Guide - Supplement

Signature Validity States

Certificateless Public Key Cryptography

Lecture 2 Applied Cryptography (Part 2)

Background. Network Security - Certificates, Keys and Signatures - Digital Signatures. Digital Signatures. Dr. John Keeney 3BA33

Transforming the Document Signing Process

SSL/TSL EV Certificates

Information Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1

ETSI TS V1.8.3 ( ) Technical Specification. Electronic Signatures and Infrastructures (ESI); CMS Advanced Electronic Signatures (CAdES)

Implementing FAA Form electronically

Who s Protecting Your Keys? August 2018

Electronic Signature Format. ECOM Interoperability Plug Test 2005

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

ETSI TS V1.3.1 ( )

Intertek esignature Customer Reference Document

CS 425 / ECE 428 Distributed Systems Fall 2017

Policy for electronic signature based on certificates issued by the hierarchies of. ANF Autoridad de Certificación

ETSI TS V1.5.1 ( )

ETSI TS V1.1.1 ( )

EUROPEAN STANDARD Electronic Signatures and Infrastructures (ESI); PAdES digital signatures; Part 2: Additional PAdES signatures profiles

ETSI TS V1.2.2 ( )

The most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who

Ten Risks of PKI : What You re not Being Told about Public Key Infrastructure By Carl Ellison and Bruce Schneier

Kurose & Ross, Chapters (5 th ed.)

Electronic and digital signatures in Adobe Sign for government.

Getting to Grips with Public Key Infrastructure (PKI)

Leveraging the LincPass in USDA

Interagency Advisory Board Meeting Agenda, February 2, 2009

Acrobat Security Administration Guide

ETSI ESI and Signature Validation Services

Axway Validation Authority Suite

ETSI TS V1.1.1 ( )

Cryptography and Network Security. Sixth Edition by William Stallings

ETSI ES V1.1.3 ( )

Technical Specification Electronic Signatures and Infrastructures (ESI); CMS Advanced Electronic Signatures (CAdES)

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

About & Beyond PKI. Blockchain and PKI. André Clerc Dipl. Inf.-Ing. FH, CISSP, CAS PM TEMET AG, Zürich. February 9, 2017

ETSI TS V1.3.1 ( )

Xolido Sign Desktop. Xolido Sign Desktop. V2.2.1.X User manual XOLIDO. electronic signature, notifications and secure delivery of documents

KeyOne. Certification Authority

Cryptography (Overview)

Overview. SSL Cryptography Overview CHAPTER 1

KeyA3 Certificate Manager

Public-key Cryptography: Theory and Practice

PKI Credentialing Handbook

Understanding HTTPS CRL and OCSP

Server-based Certificate Validation Protocol

DBsign for HTML Applications Version 4.0 Release Notes

Key Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature

Chapter 9: Key Management

Digital Certificates. PKI and other TTPs. 3.3

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

ETSI Electronic Signatures and Infrastructures (ESI) TC

HARDWARE SECURITY MODULES (HSMs)

ISO/IEC INTERNATIONAL STANDARD

AlphaTrust PRONTO - Transaction Processing Overview

Digital Signatures: How Close Is Europe to Truly Interoperable Solutions?

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

1.264 Lecture 28. Cryptography: Asymmetric keys

Garantía y Seguridad en Sistemas y Redes

Add or remove a digital signature in Office files

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Ref:

Thales e-security. Security Solutions. PosAm, 06th of May 2015 Robert Rüttgen

PKI Services. Text PKI Definition. PKI Definition #1. Public Key Infrastructure. What Does A PKI Do? Public Key Infrastructures

Public Key Infrastructures

DIGITALSIGN - CERTIFICADORA DIGITAL, SA.

Encryption. INST 346, Section 0201 April 3, 2018

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Internet Engineering Task Force (IETF) Request for Comments: 5754 Updates: 3370 January 2010 Category: Standards Track ISSN:

Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks

The Information Technology (Certifying Authority) Regulations, 2001

CertDigital Certification Services Policy

Security and Certificates

Cryptography MIS

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Send documentation comments to

SignCloud. Remote Digital Signature System

6 Public Key Infrastructure 6.1 Certificates Structure of an X.509 certificate X.500 Distinguished Name and X.509v3 subjectalternativename

BlackBerry Enterprise Solution Security

CCNA Security 1.1 Instructional Resource

INFORMATION TECHNOLOGY COMMITTEE ESCB-PKI PROJECT

CertAgent. Certificate Authority Guide

Transcription:

Digital signatures: How it s done in PDF

Agenda Why do we need digital signatures? Basic concepts applied to PDF Digital signatures and document workflow Long term validation

Why do we need digital signatures? Integrity Authenticity Non-repudiation 3

Integrity I paid a forged invoice and lost 30K! 4

Authenticity Why am I, Emperor Constantine I, in this picture? I never transferred authority to the Pope! 5

Non-repudiation I didn t do it! 6

Three goals Integrity we want assurance that the document hasn t been changed somewhere in the workflow. Authenticity we want assurance that the author of the document is who we think it is (and not somebody else). Non-repudiation we want assurance that the author can t deny their authorship. 7

Basic Concepts Hashing algorithms Encryption algorithms Certificate Authorities (CA) Digital Signatures 8

Concept 1: Hashing Hashing algorithm a cryptographic hash function to turn an arbitrary block of data into a fixed-size bit string. Available algorithms MD5: Ron Rivest (deprecated) SHA: SHA-1: NSA (phased out!) SHA-2: NSA / NIST SHA-3: Keccak (made in Belgium!) RIPEMD: KULeuven 9

Concept 1: Integrity check using hash Hash generation Document AF1B4C...D34E Compare! Secure server or website AF1B4C...D34E Hash retrieval 10

Concept 2: Encryption Assymetrical key algorithms Encryption Digital signatures 11

Concept 2: Some name-dropping Public key cryptography standards PKCS#1: RSA Cryptography Standard (Rivest, Shamir, Adleman) PKCS#7: Cryptographic Message Standard (CMS) PKCS#11: Cryptographic Token Interface PKCS#12: Personal Information Exchange Syntax Standard PKCS#13: Elliptic Curve Cryptography Standard (ECDSA) Federal Information Processing Standards (FIPS) DSA: Digital Signature Algorithm (DSA) European Telecommunications Standards Institute (ETSI) CMS Advanced Electronic Signatures (CAdES) 12

Concept 3: Certification authorities 13

Concept 3: Example Self-signed: Signed by Adobe: Signed by GlobalSign: Signed by GlobalSign 14

Concept 3: Example 15

Concept 3: Green checkmark PKCS#12: Personal Information Exchange Syntax Standard public and private key are stored in a file PKCS#11: Cryptographic Token Interface Public and private key are stored on a device In the context of PDF: Certified Document Services (CDS): Adobe s root certificate Adobe Approved Trust List (AATL): Trusted root certificates (since Acrobat 9) 16

Concept 1 + Concept 2 + Concept 3 Producer Provides data as-is: [A] Provides hash of data, encrypted using private key: [B] Provides public key Consumer Creates hash from data [A]: hash1 Decrypts hash [B] using public key: hash2 If (hash1 == hash2) document OK! 17

Goals met? Integrity Hashes are identical Authenticity Identity is stored in public key provided by CA A timestamp can be added Non-repudiation If hash can be decrypted with public key, the document was signed with the corresponding private key 18

Differences between EU and US In the US, we make a distinction Electronic signatures don t necessarily involve PKI Digital signatures when a PKI infrastructure is involved In Europe, we speak of electronic signatures As a synonym for digital signatures All laws and regulations take this wording There s no sharp distinction between electronic and digital signatures (which leads to confusion) We always speak of digital signatures 19

Applied to PDF ISO 32000-1 ETSI TS 102 778 (PAdES) ISO 32000-2 20

Standards ISO ISO-32000-1 (2008) based on PDF 1.7 (2006) ISO-32000-2 will define PDF 2.0 (2016) ETSI: TS 102 778 (2009-2010) PAdES 1: Overview PAdES 2: Basic CMS based (ISO-32000-1) PAdES 3: Enhanced CAdES based (ISO-32000-2) PAdES 4: LTV Long Term Validation PAdES 5: XAdES based (XML content) PAdES 6: Visual representation guidelines ETSI: TS 103 172 (2011-2013) PAdES Baseline Profile 21

Signatures in PDF There are no bytes in the PDF that aren t covered other than the PDF signature itself. (*) The digital signature isn t part of the ByteRange. The concept to initial a document doesn t exist; you sign the complete document at once, not on a page per page basis. (*) 22

What s inside a signature? ISO-32000-2: At minimum, the PKCS#7 object must include the signer s X.509 signing certificate. This certificate is used to verify the signature value in /Contents. Best practices (should also have): Full certificate chain Revocation information (CRL / OCSP) Timestamp %PDF-1.x... /ByteRange... /Contents< DIGITAL SIGNATURE Signed Message Digest Certificate chain Revocation information Timestamp >... %%EOF 23

Architecture types Server-side signing Client-side signing Deferred signing 24

Server-side signing Server Application Device %PDF-1.x...... %%EOF <</Type/Sig/ /Contents < >>> Signed Message Digest 25

Use cases on server-side signing Company signature Invoices Contracts Signing services in the cloud Docusign Echosign Security management responsibilities! 26

Client-side signing Device Application Client Signed Message Digest <</Type/Sig/ /Contents < >>> %PDF-1.x...... %%EOF 27

Use cases on client-side signing Desktop applications Adobe Acrobat Pro Adobe Reader (for Reader-enabled documents) Homemade, e.g. using itext In a web context PDF software runs on the client, e.g. using Java Web Start Access to the token or smart card through MSCAPI PKCS#11 Custom smart card library 1 signature / second Security User has smart card and PIN or USB token and passphrase 28

Deferred signing Client Device App Application Server %PDF-1.x... Signed Message Digest <</Type/Sig/ /Contents < >>>... %%EOF 29

Use cases on deferred signing Signing on an ipad/tablet App on the device has a low footprint Easy to integrate into a document management system Example: eazysign (Zetes) Disadvantage At most 1 signature / second You need to trust the server that the hash you receive is actually the hash of the document you want to sign. ISAE 3000 the standard for assurance of non-financial information. ISAE3000 is issued by the International Federation of Accountants (IFAC). The standard consists of guidelines for the ethical behavior, quality management and performance of an ISAE3000 engagement. Generally, ISAE3000 is applied for audits of internal control, sustainability and compliance with laws and regulations. 30

Digital signatures and workflow Author signatures Recipient signatures Locking fields / Documents 31

Serial signatures A PDF document can be signed more than once, but parallel signatures aren t supported, only serial signatures: additional signatures sign all previous signatures. %PDF-1.x % Original document DIGITAL SIGNATURE 1... %%EOF % Additional content 1... DIGITAL SIGNATURE 2... %%EOF % Additional content 2... DIGITAL SIGNATURE 3... %%EOF Rev1 Rev2 Rev3 32

Digital signatures: types Certification (aka author) signature Only possible for the first revision Involves modification detection permissions: No changes allowed Form filling and signing allowed Form filling, signing and commenting allowed Approval (aka recipient) signature Workflow with subsequent signers New in PDF 2.0: modification detection permissions 33

Other possible icons Signer s identity is unknown Document has been altered or corrupted 34

Certified by Alice 35

Read, approved and signed by Bob 36

Bob s signature invalidated by Chuck 37

Read, approved and signed by Carol 38

Read, approved and signed by Dave 39

Signature and lock broken by Chuck 40

Long-term validation Revocation Timestamps LTV 41

Certificates expire 2013 2014 2015 Expiration date 42

Certificates get revoked 2013 2014 2015 Revocation date Expiration date 43

CA: CRL and OCSP 44

Concept 3: Example Self-signed: Signed by Adobe: Signed by GlobalSign: Signed by GlobalSign 45

How to survive revocation / expiration? 2013 2014 2015 Revocation date Expiration date 46

Timestamps 47

What to do when: There s no CRL/OCSP/TS in the document? The certificate is about to expire in one of your documents? The hashing/encryption algorithm is about to be deprecated? 48

Document Security Store (DSS) %PDF-1.x... /ByteRange... /Contents< DIGITAL SIGNATURE Signed Message Digest Certificate >... %%EOF %PDF-1.x... /ByteRange... /Contents< DIGITAL SIGNATURE Signed Message Digest Certificate >... %%EOF DSS for DIGITAL SIGNATURE VRI, Certs, OCSPs, CRLs 49

Document-level time stamp %PDF-1.x... /ByteRange... /Contents< DIGITAL SIGNATURE Signed Message Digest Certificate >... %%EOF DSS for DIGITAL SIGNATURE VRI, Certs, OCSPs, CRLs %PDF-1.x... /ByteRange... /Contents< DIGITAL SIGNATURE Signed Message Digest Certificate >... %%EOF DSS for DIGITAL SIGNATURE VRI, Certs, OCSPs, CRLs DOCUMENT TIMESTAMP TS1 ETSI.RFC3161 50

%PDF-1.x... /ByteRange... /Contents< DIGITAL SIGNATURE Signed Message Digest Certificate >... %%EOF DSS for DIGITAL SIGNATURE VRI, Certs, OCSPs, CRLs DOCUMENT TIMESTAMP TS1 %PDF-1.x... /ByteRange... /Contents< DIGITAL SIGNATURE Signed Message Digest Certificate >... %%EOF DSS for DIGITAL SIGNATURE VRI, Certs, OCSPs, CRLs DOCUMENT TIMESTAMP TS1 DSS for TS1 DOCUMENT TIMESTAMP TS2 51

Questions? http://itextpdf.com SG: sales.isapdf.com +65 31 58 39 47 BE: sales.isbpdf.com +32 92 98 02 31 US: sales.iscpdf.com +1 617 982 646 52

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback