AdES stands for Advanced Electronic Signature, which embraces a family of eIDAS-compliant standards for digital signatures including PAdES, CAdES and XAdES. This article discusses a framework which aims to extend the AdES standards to facilitate the implementation of digital signatures in mobile and other distributed computing environments. It puts particular emphasis on server-assisted signing and validation.
The advanced electronic signature formats (AdES) were published by the European Telecommunication Standarisation Institute ETSI. To comply with the eIDAS regulation on electronic signing, digital signature services must be implemented following these formats. The term AdES refers to the result of serializing structures compliant with CAdES, XAdES or PAdES.
The Shortcomings of a "Simple" AdES Solution
The standards for creating and validating advanced digital signatures are defined in ETSI EN 319 102-1 and specified in ETSI EN 319 122 , ETSI EN 319 132, ETSI EN 319 142-1 and 2 as well as ETSI EN 319 162. (see our articles on PAdES, CAdES, XAdES, AsIC and eIDAS for more details)
They build on the assumption that all steps required for the creation and validation of advanced digital signatures are carried out in one single IT-system local to the user, e.g. by using a local signing device interfaced to a local personal computer.
However, today, with so many business transactions being conducted via a mobile device, many market solutions require signature creation and validation through remote systems that are accessible via a mobile or traditional network.
Extending AdES for Mobile and Distributed Environments
This is where the proposed AdES framework for mobile and distributed environments ETSI SR 019 020 V1.1.1 enters the stage. It sets particular focus on the following 3 use cases:
a) Local signing use cases where the signing key is held within the signer's personal device.
b) Server signing use cases where the signing key is held in a signature server.
c) Server Validation of signatures where the digital signature is verified by a remote server.
Below we have a look at some examples of the processes involved in the different use case scenarios.
a) Local Signing Scenarios
When AdES is created with a signing key contained on a personal device, the following scenarios are applicable:
L1: Digital signature value generation in personal device
The personal device, such as a mobile phone only produces the value for the digital signature. The document then exists on the said personal device and the digest is computed by the message signature service provider (MSSP). The personal device computes the digital signature and the MSSP builds the AdES structure.
L2: Digital signature value generation in personal device with application provider/MSSP interaction
This scenario applies to when the document exists at the application provider. MSSP computes the digest, the personal device computes the digital signature value and the MSSP builds the AdES structure.
L3: AdES completely generated on personal device
This scenario is similar to L2, but takes a higher level approach with the personal device computing the digital signature value and generating the entire AdES.
b) Server Signing Scenarios
When AdES is created with a signing key contained on a shared server, the following scenarios are applicable:
S1: Generation of AdES on a server
The personal device runs client software, which requests AdES generation from a signing service that contains the user’s signing key from its cryptographic security module.
S2: Generation of AdES in a multi-channel server
This scenario is an extension of S1, where authentication and activation of the signature creation process is accomplished by using different channels.
c) Validation Service Scenario
The following scenario to manage AdES validation in mobile environments is becoming more common as mobility in business continues to increase:
- A signed document is received by the user on his personal device
- The validation service protocol client provides signature validation on the personal device
- A signature validation request is generated and submitted by the client to the remote validation service
- AdES of the document is validated by the validation service
- The validation response is built and submitted
- Validation is presented to the user of his personal device
Increasingly, signing systems comprise security-critical applications such as public service procedures, or financial transfers. Standards and regulations will evolve to keep pace with changes in technology advancements and user demands. The use of flexible frameworks that can be deployed in different scenarios will help business meet the challenges of maintaining trust and ensuring security for both businesses and their customers. We are convinced that such frameworks will further foster the acceptance and diversity of signing scenarios and thus spur business usage.
Cryptomathic is a trusted provider of centralised server signing solutions, for advanced and qualified electronic signatures, with a long record of implementations for governments, banks and internationally active companies.
References and Further Reading
- Selected articles on Digital Signatures (2014-16), by Ashiq JA, Guillaume Forget, Peter Landrock, Torben Pedersen, Dawn M. Turner and Tricia Wittig
- A Digital Agenda For Europe (2010), by the European Commission
- REGULATION (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC(2014) by the European Parliament and the European Commission