DOCSLIB.ORG

Digital Signatures for Dummies®, Cryptomathic Special Edition

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Digital Signatures for Dummies®, Cryptomathic Special Edition These materials are © 2017 John Wiley & Sons, Ltd. Any dissemination, distribution, or unauthorized use is strictly prohibited. Digital Signatures Cryptomathic Special Edition by Chris Allen and Steve Marshall These materials are © 2017 John Wiley & Sons, Ltd. Any dissemination, distribution, or unauthorized use is strictly prohibited. Digital Signatures For Dummies®, Cryptomathic Special Edition Published by: John Wiley & Sons, Ltd., The Atrium, Southern Gate Chichester, West Sussex, www.wiley.com © 2017 by John Wiley & Sons, Ltd., Chichester, West Sussex Registered Office John Wiley & Sons, Ltd., The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ, United Kingdom All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted by the UK Copyright, Designs and Patents Act 1988, without the prior written permission of the Publisher. For information about how to apply for permission to use the copyright material in this book, please see our website at http://www. wiley.com/go/permissions. Trademarks: Wiley, For Dummies, the Dummies Man logo, Dummies.com, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Ltd., is not associated with any product or vendor mentioned in this book. LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: WHILE THE PUBLISHER AND AUTHOR HAVE USED THEIR BEST EFFORTS IN PREPARING THIS BOOK, THEY MAKE NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS BOOK AND SPECIFICALLY DISCLAIM ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. IT IS SOLD ON THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING PROFESSIONAL SERVICES AND NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. IF PROFESSIONAL ADVICE OR OTHER EXPERT ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL SHOULD BE SOUGHT. For general information on our other products and services, or how to create a custom For Dummies book for your business or organization, please contact our Business Development Department in the U.S. at 877-409-4177, contact [email protected], or visit www.wiley.com/go/ custompub. For information about licensing the For Dummies brand for products or services, contact BrandedRights&[email protected]. ISBN 978-1-119-42289-1 (pbk), ISBN 978-1-119-42290-7 (ebk) Printed in Great Britain 10 9 8 7 6 5 4 3 2 1 Publisher’s Acknowledgments We’re proud of this book and of the people who worked on it. Some of the people who helped bring this book to market include the following: Project Editor: Martin V. Minner Production Editor: Siddique Shaik Editorial Manager: Rev Mengle Cryptomathic Project Manager: Executive Editor: Katie Mohr Stefan Hansen Business Development Representative: Frazer Hossack These materials are © 2017 John Wiley & Sons, Ltd. Any dissemination, distribution, or unauthorized use is strictly prohibited. Table of Contents INTRODUCTION ............................................................................................... 1 CHAPTER 1: Why Digital Signatures Are Relevant Now .............. 5 Why Use Digital Signatures? ................................................................ 5 A Tool for Building Confidence ........................................................... 7 Rules of the Game ................................................................................ 8 CHAPTER 2: Demystifying the Technology .......................................... 11 Security Is A PAIN ............................................................................... 11 Availability ...................................................................................... 12 Privacy ............................................................................................ 12 Authentication ............................................................................... 13 Integrity .......................................................................................... 13 Non-repudiation............................................................................ 13 Putting it all together .................................................................... 14 The Science of Encryption ................................................................. 14 Encryption and Digital Signatures .................................................... 16 Public-key cryptography ............................................................... 16 What is being signed? ................................................................... 18 It’s a matter of trust ...................................................................... 19 A word on blockchains ................................................................. 20 The Need for Digital Certificates ...................................................... 21 CHAPTER 3: A World of Possibilities .......................................................... 23 Where the Business Models Stand Now ......................................... 23 Defining Digital Signature Formats .................................................. 25 The PAdES format ......................................................................... 25 The XAdES and CAdES formats ................................................... 26 Building the Architectural Frameworks ........................................... 27 Are You Signing What You See? ........................................................ 28 Why Remote Signature Server Solutions Are Preferable ..............30 PKI becomes invisible ................................................................... 30 Certificate expiration and revocation are no longer issues .......31 The end of blacklists ..................................................................... 31 Independent timestamping is no longer required ...................32 Remote signing works on the latest smartphones and tablets ..................................................................................... 32 What it all means .......................................................................... 32 Table of Contents iii These materials are © 2017 John Wiley & Sons, Ltd. Any dissemination, distribution, or unauthorized use is strictly prohibited. Europe Pioneers the Regulatory Framework .................................. 33 Authentication assurance: The three levels .............................. 34 Signatures: Qualified and Advanced .......................................... 35 Digital Signature Law in the U.S. ....................................................... 37 Laws in Other Jurisdictions ................................................................ 38 CHAPTER 4: Your Deployment Strategy ................................................ 39 Digital Strategy Is Yours to Own ....................................................... 39 Getting Help ........................................................................................ 40 Checklists and Pointers to Consider ................................................ 41 Your business strategy ................................................................. 42 Commercial factors/influences ................................................... 42 User experience ............................................................................ 42 Security ........................................................................................... 43 Legal admissibility ......................................................................... 43 Integration effort .......................................................................... 43 Scalability/extensibility/operability ............................................. 44 Reputation and experience ......................................................... 44 Ongoing management ................................................................. 44 Commercial Considerations .............................................................. 45 CHAPTER 5: You’ve Signed, Now What? ................................................. 47 Seeing What’s Been Signed ............................................................... 48 Archiving for the Long Term ............................................................. 49 PAdES Baseline Profile ................................................................. 50 Long-Term Archival with Timestamps (LTA) .............................. 50 Dealing with Threats .......................................................................... 52 Hands off my private key! ............................................................ 53 The human factor ......................................................................... 54 Direct social engineering.............................................................. 56 Man-in-the-browser attack .......................................................... 57 Legal Matters: Liability and Non-Repudiation ................................ 57 Getting Consumers to Buy In ............................................................ 59 CHAPTER 6: Ten Ways Cryptomathic Can Help You..................... 61 iv Digital Signatures For Dummies, Cryptomathic Special Edition These materials are © 2017 John Wiley
Load more

Recommended publications
  • Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard V1.2.3
    Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard v1.2.3 Phong Q. Nguyen CNRS/Ecole´ normale sup´erieure D´epartement d’informatique 45 rue d’Ulm, 75230 Paris Cedex 05, France. [email protected] http://www.di.ens.fr/˜pnguyen Abstract. More and more software use cryptography. But how can one know if what is implemented is good cryptography? For proprietary soft- ware, one cannot say much unless one proceeds to reverse-engineering, and history tends to show that bad cryptography is much more frequent than good cryptography there. Open source software thus sounds like a good solution, but the fact that a source code can be read does not imply that it is actually read, especially by cryptography experts. In this paper, we illustrate this point by examining the case of a basic In- ternet application of cryptography: secure email. We analyze parts of thesourcecodeofthelatestversionofGNUPrivacyGuard(GnuPGor GPG), a free open source alternative to the famous PGP software, com- pliant with the OpenPGP standard, and included in most GNU/Linux distributions such as Debian, MandrakeSoft, Red Hat and SuSE. We ob- serve several cryptographic flaws in GPG v1.2.3. The most serious flaw has been present in GPG for almost four years: we show that as soon as one (GPG-generated) ElGamal signature of an arbitrary message is released, one can recover the signer’s private key in less than a second on a PC. As a consequence, ElGamal signatures and the so-called ElGamal sign+encrypt keys have recently been removed from GPG.
    [Show full text]
  • Office of State Controller, and the North Carolina Department of The
    Office of State Controller, and the North Carolina Department of the Secretary of State, and North Carolina Department of Cultural Resources, Division of Archives and Records Digital Signature Policy Guidelines Version 1.1 March 2014 Contains corrected links to documents Table of Contents 1 Introduction ........................................................................................................................... 3 1.1 Purpose of Guideline ........................................................................................................ 3 1.2 Scope ............................................................................................................................... 3 2 Electronic Signature Background ........................................................................................ 3 2.1 Legislation ........................................................................................................................ 3 2.2 Definitions ......................................................................................................................... 4 2.3 Definition of an Electronic Signature* ................................................................................ 5 2.4 Electronic Signature versus Digital Signature ................................................................... 6 3 Expectations for Electronic Signatures ............................................................................... 7 3.1 Intended Goals ................................................................................................................
    [Show full text]
  • Security Analysis and Trust Models in Wireless Networks Lela Mirtskhulava
    Security Analysis and Trust Models in Wireless Networks Lela Mirtskhulava [email protected] Department of Computer Sciences Faculty of Exact and Natural Sciences Iv. Javakhishvili Tbilisi State University University str., 13, Georgia In the given work, we analyse the serious weaknesses recently discovered in WPA2 (Wi-Fi Protected Access 2) in October 2017 and KRACK (Key Reinstallation Attack) attack on WPA2 announced by Computer Science Scientists. The KRACKs were introduced to abuse design flaws in cryptographic protocols to reinstall an already-in-use key. Several types of cryptographic Wi-Fi handshakes are affected by the attack. There are different forms of trust to address different types of network security problems and reduce risk in certain conditions. This paper explores the trust models applied by various cryptographic schemes: a) the web of trust employed by Pretty Good Privacy (PGP) where users using their own set of trusted public keys, b) Kerberos, a secret key distribution scheme using a trusted third party, c) certificates, which allow a set of trusted third parties to authenticate each other and, by implication, each other's users. Each of the above mentioned trust models differs in complexity, scope, scalability and general applicability. Which model of trust to apply in certain circumstances and types of wireless networks are discussed in the given paper. It describes the major security issues and their techniques of building trust model by monitoring network behavior. It is intended to use secure and faster cryptographic solution for Wi-Fi networks security by using an open source public-key NTRU cryptosystem that uses lattice-based cryptography.
    [Show full text]
  • Signature Validation Procedures and Policies
    ETSI TS 102 853 V1.1.2 (2012-10) Technical Specification Electronic Signatures and Infrastructures (ESI); Signature validation procedures and policies 2 ETSI TS 102 853 V1.1.2 (2012-10) Reference RTS/ESI-000074rev Keywords electronic signature, security, trust services ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice Individual copies of the present document can be downloaded from: http://www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http://portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http://portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media.
    [Show full text]
  • SIGMA: the 'Sign-And-Mac' Approach to Authenticated Diffie-Hellman and Its Use in the IKE Protocols
    SIGMA: the `SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and its Use in the IKE Protocols ∗ Hugo Krawczyky June 12, 2003 Abstract We present the SIGMA family of key-exchange protocols and the \SIGn-and-MAc" approach to authenticated Diffie-Hellman underlying its design. The SIGMA protocols provide perfect forward secrecy via a Diffie-Hellman exchange authenticated with digital signatures, and are specifically designed to ensure sound cryptographic key exchange while supporting a variety of features and trade-offs required in practical scenarios (such as optional identity protection and reduced number of protocol rounds). As a consequence, the SIGMA protocols are very well suited for use in actual applications and for standardized key exchange. In particular, SIGMA serves as the cryptographic basis for the signature-based modes of the standardized Internet Key Exchange (IKE) protocol (versions 1 and 2). This paper describes the design rationale behind the SIGMA approach and protocols, and points out to many subtleties surrounding the design of secure key-exchange protocols in general, and identity-protecting protocols in particular. We motivate the design of SIGMA by comparing it to other protocols, most notable the STS protocol and its variants. In particular, it is shown how SIGMA solves some of the security shortcomings found in previous protocols. ∗A shortened version of this paper appears in the proceedings of CRYPTO'03. For further information related to the SIGMA protocols see http://www.ee.technion.ac.il/~hugo/sigma.html yEE Department, Technion, Haifa, Israel, and IBM T.J. Watson Research Center. Email: [email protected] 1 Contents 1 Introduction 1 2 Preliminaries: On the Security of Key-Exchange Protocols 4 2.1 Overview of the security model and requirements .
    [Show full text]
  • Enhance Qualified Electronic Signatures with What You See Is What You Sign QES and WYSIWYS Service - Powered by Cryptomathic and Swisscom
    Solution Brief Enhance Qualified Electronic Signatures with What You See Is What You Sign QES and WYSIWYS Service - Powered by Cryptomathic and Swisscom Qualified remote signing and Solution benefits WYSIWYS - hosted eID services The best way to deliver Qualified Electronic Signature ü Offer Advanced or Qualified (QES) services across different channels is to use Electronic Signatures compliant with remote signing technology. It integrates smoothly the Swiss signature law, ZertES, and the with any web application and does not require any EU eIDAS regulation on trust services. software install, plug in or additional components and can be used anywhere, at any time, from any device ü Improve the users’ signing with browsing capacity. Qualified remote signing experience for all channels incl. web provides the highest legal value and international portals, desktop applications, mobile & acceptance, while What You See Is What You Sign tablet platforms (WYSIWYS) technology delivers a seamless user experience with strong non-repudiation. Combining ü Demonstrate unrivalled non- QES with WYSIWYS is a strong enabler for businesses repudiation with WYSIWYS to provide ultimate security, trust and convenience funcionality with online transactions. This is exactly what the Cryptomathic – Swisscom solution offers, namely the ü Eliminate smartcards, card readers possibility to offer Advanced or Qualified Electronic and local software install Signatures using a zero-footprint remote signing hosted service, featuring WYSIWYS functionality. ü Solve data
    [Show full text]
  • Situație Cu Obiectivele Autorizate Din Punct De Vedere Al
    MINISTERUL AFACERILOR INTERNE Exemplar nr. 1 DEPARTAMENTUL PENTRU SITUAŢII DE URGENŢĂ Nr. 40212 din INSPECTORATUL GENERAL PENTRU SITUAŢII DE URGENŢĂ Târgu Jiu INSPECTORATUL PENTRU SITUAŢII DE URGENŢĂ “LT.COL. DUMITRU PETRESCU” AL JUDEŢULUI GORJ OBIECTIVE AUTORIZATE DIN PUNCT DE VEDERE AL SECURITĂŢII LA INCENDIU PE ANUL 2009 NR. NR. AUTORIZAŢIE DENUMIREA ADRESA/DENUMIREA CONSTRUCŢIEI CRT DE SECURITATE TITULARULUI PENTRU CARE A FOST EMISĂ LA INCENDIU AUTORIZAŢIEI AUTORIZAŢIA DE SECURITATE LA INCENDIU 1 898001 SC. DUDU SRL Cabana turistica montana 04.02.2009. 0251/471021 NOVACI, RINCA, STR. I ROIBU, NR.23 2 898002 SC. RODNA SRL Spatiu comercial P+1 04.02.2009. 0253/321607 TG-JIU, ALEEA PIETII, NR. 1. 3 898003 SC. TDG VILCEA Spatiu de depozitare 04.02.2009. SRL TG-JIU, STR. E. TEODOROIU, NR. 516 0722/207977 4 898004 SC. DUDU SRL Cabana turistica montana 05.02.2009. 0251/471021 NOVACI, RINCA, STR. I ROIBU, NR.23 5 898005 SC. EDILTERA SRL Pensiune turistica 15.02.2009 0353/806421 TG-JIU, STR. GRIVITEI, NR.26. 6 898006 SC. COLGORJ SRL Motel 20.02.2009. 0724/459974 TG-JIU, STR.JIULUI, NR. 3. 7 898007 SC. VEOLARIS SRL Pensiune turistica 20.02.2009. 0723/519369 RINCA, STR. I ROIBU, NR. 74 8 898008 SC. NAZIRA SRL Sp. Comercial 02.04.2009. 0253/223966 TG-JIU, STR.BARAJELOR. 9 898009 SC. ALEX Pensiune turistica 02.04.2009 &ANDREEA RINCA, NR 116 10 898010 SC. EVRIKASA Pensiune Agroturistica 09.04.2009. 0740/275554 COM. POLOVRAGI 11 898011 ZERNOVEANU Pensiune turistica 24.04.2009. LAVINIA COM. BAIA DE FIER, SAT.
    [Show full text]
  • Retea Scolara
    Nr Cod 1 1831106235 2 1841105456 3 1861100027 4 1852101941 5 1852101959 6 1852101923 7 1852101932 8 1852101977 9 1881106007 10 1861105638 11 1861105751 12 1861105914 13 1882106735 14 1861105484 15 1861105398 16 1861105588 17 1861100018 18 1861105977 19 1861105611 20 1861105864 21 1861105968 22 1861105353 23 1861105439 24 1861104664 25 1861106205 26 1862101331 27 1862101376 28 1862101408 29 1862101236 30 1862101281 31 1862101245 32 1862105276 33 1862104094 34 1862100488 35 1862100895 36 1862100823 37 1862100868 38 1862100918 39 1862100927 40 1862100945 41 1862105285 42 1862105222 43 1862105204 44 1862105294 45 1862105258 46 1862105077 47 1862105199 48 1862104809 49 1862105163 50 1862105059 51 1862105181 52 1861104596 53 1861105543 54 1862104777 55 1862102938 56 1862102567 57 1862103586 58 1862102635 59 1862106431 60 1862102047 61 1862105136 62 1862103134 63 1862100497 64 1862104058 65 1862102671 66 1862103835 67 1862104203 68 1862100606 69 1862103826 70 1862102282 71 1862103785 72 1862100651 73 1862103966 74 1862100122 75 1862102083 76 1862100434 77 1862101679 78 1862104239 79 1862101661 80 1862103283 81 1862103844 82 1862100981 83 1862103238 84 1862103912 85 1862103618 86 1862100407 87 1862100303 88 1862102133 89 1862100416 90 1862101091 91 1862103179 92 1862103532 93 1862103627 94 1862103609 95 1862103306 96 1862104379 97 1862102531 98 1862103107 99 1862104402 100 1862104483 101 1862101584 102 1862101566 103 1862102617 104 1862105095 105 1862104013 106 1862104949 107 1862103342 108 1862106485 109 1862102196 110 1862103021 111 1862104456
    [Show full text]
  • Date Calitative Despre Școlile Gimnaziale Gorj
    Date calitative despre școlile gimnaziale Gorj Media Media diferenţelor Media mediilor la Număr mediilor de mediei mediilor Maximul Minimul Cod Judeţ evaluarea școli absolvire evaluarea diferenței diferenței naţională cls. 5-8 națională - absolvire 5-8 GJ 115 8,43 7,02 -1,58 -3,13 -0,12 Național 5.867 8,59 6,79 -2,16 -7,11 0,26 Diferenţa mediei Media mediilor Media mediilor la mediilor Rang după Cod Număr de Rang după Judeţ Nume Mediu de absolvire cls. 5- evaluarea evaluarea diferență pe Şcoală elevi diferență pe țară 8 naţională națională - județ absolvire 5-8 GJ 112 SCOALA GIMNAZIALA "C-TIN. SAVOIU" TG-JIU 143 U 8,91 8,79 -0,12 1 40 GJ 113 SCOALA GIMNAZIALA "CONSTANTIN BRANCUSI" TIRGU-JIU 50 U 8,76 8,64 -0,12 2 41 GJ 155 SCOALA GIMNAZIALA BARBATESTI 25 R 8,36 8,15 -0,22 3 61 GJ 207 SCOALA GIMNAZIALA PRIGORIA 23 R 8,03 7,70 -0,32 4 110 GJ 115 SCOALA GIMNAZIALA "GHEORGHE TATARASCU" TIRGU-JIU 99 U 8,72 8,33 -0,39 5 142 GJ 104 COLEGIUL NATIONAL "TUDOR VLADIMIRESCU" TG-JIU 46 U 9,28 8,87 -0,40 6 151 GJ 135 LICEUL TEHNOLOGIC TURCENI 77 U 8,84 8,40 -0,43 7 168 GJ 110 SCOALA GIMNAZIALA "SF.NICOLAE" TIRGU-JIU 63 U 8,69 8,21 -0,48 8 195 GJ 177 SCOALA GIMNAZIALA DUMBRAVENI, CRASNA 16 R 8,21 7,68 -0,53 9 224 GJ 188 SCOALA GIMNAZIALA HUREZANI 16 R 8,51 7,98 -0,53 10 229 GJ 103 COLEGIUL NATIONAL "SPIRU HARET" TG-JIU 52 U 8,86 8,31 -0,55 11 242 GJ 178 SCOALA GIMNAZIALA RADOSI, CRASNA 9 R 8,40 7,76 -0,64 12 302 GJ 218 SCOALA GIMNAZIALA SLIVILESTI 43 R 8,18 7,51 -0,67 13 332 GJ 105 LICEUL VOCATIONAL DE MUZICA SI ARTE PLASTICE "C-TIN BRAILOIU" TG-JIU
    [Show full text]
  • Global Guide to Electronic Signature
    Global Guide to Electronic Signature Law: Country by country summaries of law and enforceability Table of contents Introduction 3 Germany 9 Republic of Korea 15 Definition of terms 4 Greece 9 Romania 9 Recommended practices for Hong Kong 10 Russian Federation 16 electronic agreements 4 Hungary 9 Singapore 16 India 10 Slovakia 9 Country summaries of Indonesia 11 Slovenia 9 electronic signature law Ireland 9 South Africa 17 Argentina 5 Israel 11 Spain 9 Australia 5 Italy 9 Sweden 9 Austria 9 Japan 12 Switzerland 17 Belgium 9 Latvia 9 Taiwan 18 Bermuda 6 Lithuania 9 Thailand 18 Brazil 6 Luxembourg 9 Turkey 19 Bulgaria 9 Malaysia 12 United Kingdom 9 Canada 7 Malta 9 United States 19 Chile 7 Mexico 13 Uruguay 20 China 8 Netherlands 9 Colombia 8 New Zealand 13 Croatia 9 Norway 14 Czech Republic 9 Peru 14 Denmark 9 Philippines 15 Estonia 9 Poland 9 European Union 9 Portugal 9 Finland 9 Republic of Cyprus 9 France 9 © Adobe Systems Incorporated 2016. This information is intended to help businesses understand the legal framework of electronic signatures. 2 However, Adobe cannot provide legal advice. This guide is not intended as legal advice and should not serve as a substitute for professional legal advice. You should consult an attorney regarding your specific legal questions. Introduction Electronic and digital signatures represent a tremendous opportunity for organizations to get documents signed and close deals faster. When rolling out e-signatures globally, you need to be aware of the variety of electronic signature laws across the globe. This guide gives you a great place to start.
    [Show full text]
  • Cryptomathic EMV CA
    Cryptomathic EMV CA EMV AND PKI A Regional EMV Solution The EMV standard is designed to provide an interoperability frame- work for payment cards. This covers many transaction types including credit, debit, contactless and mobile. Payment cards have been around for many years in various forms. The latest cards have become more sophisticated and now contain a microchip, which can store a wealth of information, including security information used for authentication and encryption. EMV card authentication is based on PKI (Public Key Infrastructure) but unlike traditional PKI, which is based on a standard called X.509, EMV EMV CA is a standard of its own. Even though EMV is a proprietary standard it The Cryptomathic EMV CA professionally manages all the Issuer's and is widely used across the globe, with billions of EMV smart cards issued Certification Authority’s tasks including: since its initial roll-out. • Lifecycle management of EMV Issuer CA (scheme issuers’) certificates • Issue certificates EMV Certification Authorities are central to the payment card framework, • Export certificates under which issuers and acquirers are certified by the payment schemes, • Revoke certificates acting as a trusted third party. A payment scheme can be a major • Certification authority CRL (Certificate Revocation List) international player such as MasterCard and Visa or it can be regional • Issuer CRL (Certificate Revocation List) or country wide, such as national debit schemes, which are found in many countries all over the world. Each payment scheme requires an Benefits EMV Certification Authority and the Cryptomathic EMV CA provides that Cryptomathic EMV CA offers all the features expected from professional exact functionality.
    [Show full text]
  • Etsi Ts 101 733 V2.2.1 (2013-04)
    ETSI TS 101 733 V2.2.1 (2013-04) Technical Specification Electronic Signatures and Infrastructures (ESI); CMS Advanced Electronic Signatures (CAdES) 2 ETSI TS 101 733 V2.2.1 (2013-04) Reference RTS/ESI-0001733version221 Keywords CAdES, e-commerce, electronic signature, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice Individual copies of the present document can be downloaded from: http://www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http://portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http://portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media.
    [Show full text]