What is the signature. From blood drop to EDS

Yes, it is a smiley. The person uses the emoticon as a personal signature.

There is a legend that earlier, in order to make a deal, it was enough to “give the word” and “hit your hands”. Today, at times, you can hear that both the signature and the stamp mean nothing.

Information technologies are in a hurry to help, and in order to somehow streamline the process of identifying and securing transactions, they are trying to introduce an electronic digital signature. And very soon everyone will have the chip inserted in each SIM card and there will be an EDS and it will be possible to enter into transactions without a passport of physical presence. Well, if you lost your phone, then you lost your apartment (joke).
')
The secret MegaLabs laboratory from MegaFon has long been conducting experiments on the “crossing” of EDS and sim-cards. We present to your attention a little history of "signatures".

Quill pen

Kant's signature

Mitnick's Signature

A signature is a unique collection of characters written by hand, using certain design techniques that serve to identify a person.

In Russian legislation there is no regulation on personal signatures. With signatures mess, in general.

A good signature (personal signature) has the following properties.

• Fake resistance.
  
• Repeatability.
  
• Identifiability (a signature usually resembles a person’s first name, last name or nickname).
  
• Speed ​​writing.
  

Tugra is a special type of signature, practically a work of art.


Tugra Mahmud II, the elements are shown in order of discharge; the color indicates their meaning according to the words: “Mahmud Khan, son of Abd al-Hamid, victorious forever”

The downside of the "signature"

The French priest was tried and burned a little, and a certain document was presented to the court as evidence of his guilt - “an agreement with the Devil”, as if signed by the defendant.


In the “pact”, Urben Grandier “made an agreement” with a number of demons, including Satan, Lucifer, Astaroth, Leviathan, and Beelzebub, to receive “the love of women, the flowers of virginity, the mercy of monarchs, honor, pleasure, and power”.

Now there is a graphological examination and verification of the signature , so you can not be afraid of the fire.

About a fake of signatures on Habré

But technology can also serve "intruders."


We forge your signature with the help of a hinge mechanism. Kempe theorem
Bond James Bond. Robotic fake handwriting for marketers and social engineers

Stamps

The seal of documents refers to the additional requirements that a simple written form of a transaction must meet (article 160 of the Civil Code of the Russian Federation). Such additional requirements may be made only in cases specified by law, other legal acts or by agreement of the parties. At the same time, the presence of the signature of the person making the transaction in simple written form on a document expressing the content of the transaction is a mandatory requirement in all cases.


Named bas-relief print baiwen, read from top to bottom, from right to left: Ye Hao Ming Yin (literally "Print E Haoming")


Pintaderas from Ancient Mexico and Ecuador

From the Neolithic to the present, ceramic stamps are used, which are called in archeology of Pintadera (from pintadera, from pintar - to write with colors, to depict). With their help, patterns were applied on various surfaces, including the human body.


Imprint of the seal of the Don Cossacks, 1704 (left) and the standardized seal (kit.) Of the PRC organizations (right).


State seal of Ivan the Terrible, XVI century (left) and pine seal on the order, on the label or “tail” of the English Act of 1638 (right).

Biometrics

Here are many Indians can not write. Then the mustache and tail of the "fingers" come into play. "Signature" of the document in 1952.

An electronic signature can also refer to electronic forms of identity verification, for which a biometric “signature” or identification is used by recognizing human biological characteristics. For such signatures, a method is used when certain biometric indicators or their combination are used as a supporting document. These can be fingerprints, hand geometry (finger length and palm size), patterns of the iris, or patterns of the retina. All of them are assembled using electronic sensors of a certain type.

Since these physical characteristics are unique for each person, any of them, theoretically, can be used as an electronic signature. Using biometric indicators of this type as passwords is useless, since they cannot be changed if they are compromised. However, this data may be suitable as a type of electronic signature.


The only negative is that they have already learned how to forge them, and today there are very few guarantees that the person who allegedly signed the document is the one who owns the biometric signature.

Unfortunately, it is easy to replace any of these indicators during the formation of a repeated electronic signal and present it to the computer system responsible for attaching the electronic signature to the document as confirmation. Data interception technologies are often sufficient for this.

So, if we talk specifically about fingerprints, the Japanese professor with a group of graduate students was able to fake all the fingerprint readers that can be found on the market, using conventional food chemistry, using a little ingenuity and candy gel from which to make marmalade cubs. And they didn’t need any actual fingers to successfully trick all these devices. In addition, several German journalists at CeBit Conference were able to fool several models of iris scanners using improvised masks.

Electronic digital signature

In 1976, Whitfield Diffie and Martin Hellman first proposed the concept of "electronic digital signature", although they only suggested that EDS schemes could exist ("New Directions in Cryptography")


In 1977, Ronald Rivest, Adi Shamir and Leonard Adleman developed the RSA cryptographic algorithm, which can be used to create primitive digital signatures without additional modifications ( A method for digital signatures and public-key cryptosystems )

After RSA, other EDS were developed, such as Rabin's digital signature algorithms ( GHR , Secure Hash-and-Sign Signs Without the Random Oracle ), Merkle .


In 1984, Shafi Goldwasser, Silvio Mikali and Ronald Rivest were the first to strictly define the security requirements for digital signature algorithms. They described the models of attacks on digital signature algorithms, and also proposed a GMR (provable-resistant) scheme that meets the described requirements ( Goldwasser-Mikali cryptosystem ).

Russia

In 1994, the Head Office of Communication Security of FAPSI developed the first Russian EDS standard - GOST R 34.10-94 “Information Technology. Cryptographic protection of information. Procedures for the development and verification of electronic digital signature on the basis of an asymmetric cryptographic algorithm " .

In 2002, the GOST R 34.10-2001 standard of the same name, based on calculations in the group of points of an elliptic curve, was introduced instead of GOST R 34.10-94 to ensure greater crypt endurance of the algorithm. In accordance with this standard, the terms "electronic digital signature" and "digital signature" are synonymous.

January 1, 2013 GOST R 34.10-2001 is replaced by GOST R 34.10-2012 “Information technology. Cryptographic protection of information. Processes of formation and verification of electronic digital signature. "

EDI

In Russia, a legally significant electronic signature certificate is issued by a certification authority. The legal conditions for the use of electronic digital signature in electronic documents are regulated by the Federal Law of the Russian Federation of April 6, 2011 No. 63- “On Electronic Signature”.

After the formation of electronic signature in electronic document flow between credit organizations and credit bureaus in 2005, the infrastructure of electronic document circulation between tax authorities and taxpayers began to develop. The order of the Ministry of Taxes and Levies of the Russian Federation of April 2, 2002 No. BG-3-32 / 169 “Procedure for the submission of a tax return in electronic form via telecommunication channels” began to work.

Many Russian companies carry out their trading and procurement activities on the Internet, through e-commerce systems, exchanging the necessary documents in electronic form, signed by ES.

This greatly simplifies and accelerates the conduct of competitive trading procedures. By virtue of the requirements of the Federal Law of April 5, 2013 No. 44-FZ "On the contract system ...", government contracts concluded in electronic form must be signed with a strengthened electronic signature.

From July 1, 2013, the Federal Law of January 10, 2002 No. 1-FZ became invalid, it was replaced by the Federal Law of April 6, 2011 No. 63-FZ “On Electronic Signature”. As a result, the definition of three types of electronic signatures was introduced:

A simple electronic signature is an electronic signature that, through the use of codes, passwords or other means, confirms the fact that an electronic signature has been generated by a certain person.

An enhanced unqualified electronic signature is an electronic signature that:

• obtained as a result of cryptographic transformation of information using an electronic signature key;
  
• allows you to identify the person who signed the electronic document;
  
• allows you to detect the fact of making changes to an electronic document after its signing;
  
• Created using electronic signature tools.
  

An enhanced qualified electronic signature is an electronic signature that matches all the characteristics of an unqualified electronic signature and the following additional features:

• The key for verifying the electronic signature is specified in the qualified certificate
  
• electronic signatures are used to create and verify electronic signatures, which have received confirmation of compliance with the requirements established in accordance with 63-
  

From January 1, 2013, citizens will be issued a universal electronic card in which a reinforced qualified electronic signature is embedded.

It is said that in America the law “on digital signature” was signed with a digital signature. Some anonymuses are purchased by SIM cards “free” from EDS to use, and for a business, EDS and EDI saves a lot of time, so there is technology to be.