e-Sign Glossary

Cryptography
A branch in mathematics and computer science that deals with algorithms for data security on their various layers and consolidates them mathematical.

Encryption
A way for hiding the meaning of a message by making it unreadable by mathematical functions that makes the message content seems as a sequence of signs referred to as Code. The code is not readable for those who do not hold the appropriate encryption key to restore it to its original state.

Encryption Key
The encryption key is the mean to decipher the encryption code. Each encryption key is unique to a specific cipher code.

Hash Algorithm – HASH – SHA 256
Cryptographic hash function is a one-way function that converts any length of code or input into a fixed length of output string. Cryptographic hash function is designed so that any change in the input string or code will change significantly the output string.
The hash algorithm function produces a fingerprint string of the file, much smaller than its original size.

SSL
The SSL security encryption method is designed for securing web pages. Web pages can only be secure when the encryption between the web pages and the browser is encrypted and the identity of the company or the person presenting the pages is given and can be verified.

HSM – Hardware Security Module
A dedicated cryptographic component which is located on the network or connected directly to a dedicated server. The HSM is used as a basis for the PKI infrastructure especially in enterprises.

The HSM component is responsible for:

  • Generate the organization private key securely
  • Protection of the private key
  • Managing the life cycle of the encryption key in a secure environment

Electronic Signature
Electronic signature or Digital Signature is a way for data encryption using a private encryption key. The private key is used for signing and the public key is used to verify the signature.

There is an injective match between the private key and the public key, the authenticator can be absolutely sure that it was signed only by the person who holds the corresponding private key.

Secure Electronic Signature
Electronic signature is considered secure only if it meets the following criteria:

  • The electronic signature is unique to the owner of the signature
  • It allows identification of the owner of the alleged signature
  • Was produced using a signing device under the sole control of the owner of the signature
  • It allows detecting any change made in the electronic message after the signature date and time.

Certified Authority (CA)

  • Identification : the CA verifies the identity of the entity in various ways
  • The CA shall ensure that the applicant will generate a pair of public and private keys and determine his password without any intervention of a foreign entity
  • The CA will issue a certificate accompanying the electronic document that confirms that the public key is of a particular person or entity
  • The CA will maintain hardware and software systems at a high level to the satisfaction of the Registrar ( it is not required from the body of the issuer itself )
  • The CA acts as a third party transaction ID verifier and serves as a trustee for both sides
  • The CA cannot keep private keys of the people identified by him
  • Certification Authority shall not issue an electronic certificate unless it has taken reasonable measures to identify the applicant, check the signature verification device and checked that the information in the application is correct and completed.
  • The CA will manage electronic certificates issued by stock and by stock revoked
  • To perform his duties the ca will only use reliable hardware and software products and solutions that provide reasonable protection against intrusion, disruption or damage and gives a reasonable level of availability and reliability.
  • The CA can revoke an electronic certificate according to the instructions written in the digital signature law

PKI
Public Key Infrastructure, the infrastructure that allows intelligent management of public encryption, key distribution and authentication data for users.

PKI consists of software, communication protocol, information security policy and asymmetric encryption mechanisms that works together to allow multiple users and entities to communicate securely.

The difference between PKI and encryption is that encryption technology is actually specifying the algorithm and the key required to encrypt the information, while the PKI is a secure communications infrastructure that defines the required components. Encryption is only part of the infrastructure.