Electronic Signature   mag. Janez Toplišek

The Comprehensive GLOSSARY of Electronic signing (and related terms)

There exists a considerable terminological inconsistency within the field of electronic signing. The most noticeable is blending/interlacing between digital and electronic signature; sometimes e-signature is used as synonym for d-signature etc. which is confusing (when it is not substantially explained).

Clear terminological conventions could support the research, application and above all, the legal regulation of this rapidly developing field.

You are invited to contribute and help in clarifying this glossary by: 

The final wording will be supported by the home-page holder Janez Toplisek. The contributors will be cited with their e-addresses (except they don't want to be, or they wish to be mentioned only by their name).
Other Languages: D: German SL: Slovenian

°°°°°°°°°°°°°°°°°°°°°° OTHER GLOSSARIES °°°°°°°°°°°°°°°°°°°°°°
 
Never finished!
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
ALLOGRAPH
D: der Allographum, SL: alograf
A signature made for a person by another; opposite to autograph. See: autograph
APPLICATION ACKNOWLEDGMENT
D: ……………….., SL: vsebinska potrditev
ASSYMETRIC [key] CRYPTOSYSTEM
D: ……………….., SL: asimetrično šifriranje
See: public key, private key
ATTRIBUTION OF DATA MESSAGE
D: ……………….., SL: poreklo sporočila
AUTHENTIC
D: authentisch, SL: avtentičen
AUTHENTICATION
D: ……………….., SL: overitev; preveritev
Authentication in a digital setting is a process whereby the receiver of a digital message can be confident of the identity of the sender and the integrity of the message. Authentication protocols can be based on either conventional secret-key cryptosystems like DES or on public-key systems like RSA. (http://www.verisign.com/faqs/id_faq.html#10)
See: authenticator
AUTHENTICITY (originator-, message-, document authenticity)
D: ……………….., SL: pristnost sporočila
AUTHENTICATOR
D: ……………….., SL: avtentifikator
AUTOGRAPH
D: der Autogram, SL: avtograf
See: allograph, handwritten signature
B C D E F G H I J K L M N O P Q R S T U V W X Y Z
BIANCO (in blanc)
D: die Blancounterschrift, SL: ………………..
BIOMETRIC IDENTIFICATION DEVICE
D: ……………….., SL: biometrična naprava za ugotavljanje istovetnosti
BIOMETRIC TOKEN
D: ……………….., SL: biometrični žeton
Characteristic (unrepeatable) pattern of biometric data.
BLANKET SIGNATURE
D: ……………….., SL: krovni podpis

A C D E F G H I J K L M N O P Q R S T U V W X Y Z
CERTIFICATE
D: ……………….., SL: podpisni certifikat
CERTIFICATE REVOCATION LIST (CRL)
A Certificate Revocation List (CRL) is a list of Digital IDs that have been revoked before their scheduled expiration date. There are several reasons why a key might need to be revoked and placed on a CRL. A key might have been compromised. When verifying a signature, one can check the relevant CRL to make sure the signer's key has not been revoked. (http://www.verisign.com/faqs/id_faq.html)
CERTIFICATE SIGNING UNIT (CSU)
D: ……………….., SL: ………………..
It is extremely important that private keys of Certifying Authorities are stored securely, because compromise would enable undetectable forgeries. One way to achieve the desired security is to store the key in a tamperproof box; such a box is called a Certificate Signing Unit, or CSU. The CSU would, preferably, destroy its contents if ever opened, and be shielded against attacks using electromagnetic radiation. Not even employees of the Certifying Authority should have access to the private key itself, but only the ability to use the private key in the process of issuing Digital IDs. (http://www.verisign.com/faqs/id_faq.html#26)
CERTIFICATION AUTHORITY (CA)
D: die Zertifizierungsinstanz, SL: izdajatelj podpisnih certifikatov
CHECKSUM
D: ……………….., SL: nadzorno število
CRL - see: Certificate Revocation List
CSU - see: Certificate Signing Unit

A B D E F G H I J K L M N O P Q R S T U V W X Y Z
DIGITAL CASH
D: ……………….., SL: digitalna gotovina
DIGITAL ID
D: ……………….., SL: digitalni identifikator
Digital IDs or digital certificates are the binding mechanism of a public key to an individual or other entity. They allow verification of the claim that a given public key does in fact belong to a given individual. Digital IDs help prevent someone from using a phony key to impersonate someone else. In their simplest form, Digital IDs contain a public key and a name. As commonly used, they also contain the expiration date of the key, the name of the Certifying Authority that issued the Digital ID, the serial number of the Digital ID, and perhaps other information. Most importantly, it contains the digital signature of the Digital ID issuer. A Digital ID is issued by a Certifying Authority and signed with the Certifying Authority's private key. The most widely accepted format for Digital IDs is defined by the CCITT X.509 international standard; thus certificates can be read or written by any application complying with X.509. Further refinements are found in the PKCS set of standards and the PEM standard. (http://www.verisign.com/faqs/id_faq.html#10)
DIGITAL MULTISIGNATURE
D: ……………….., SL: digitalni skupinski podpis
See: threshold digital signature, digital signature
DIGITAL NOTARY
D: ……………….., SL: digitalni notar
DIGITAL PEN
D: ……………….., SL: digitalno pero
DIGITAL PROPERTY
D: ……………….., SL: digitalna lastnina
DIGITAL RIGHTS
D: ……………….., SL: digitalne pravice
DIGITAL SIGNATURE
D: ……………….., SL: digitalni podpis
See: electronic signature, digital multisignature
DIGITAL SIGNATURE SCHEME
D: ……………….., SL: shema (metoda) digitalnega podpisa
DIGITAL TIME STAMPING SERVICE (DTS)
D: ……………….., SL: storitev digitalnega časovnega overjanja
A digital time-stamping service (DTS) issues time-stamps which associate a date and time with a digital document in a cryptographically strong way. The digital time-stamp can be used at a later date to prove that an electronic document existed at the time stated on its time-stamp. To be reliable, the time-stamps must not be forgeable. Consider the requirements for a DTS of the type just described. First, the DTS itself must have a long key if we want the time-stamps to be reliable for, say, several decades. Second, the private key of the DTS must be stored with utmost security, as in a tamperproof box. Third, the date and time must come from a clock, also inside the tamperproof box, which cannot be reset and which will keep accurate time for years or perhaps for decades. Fourth, it must be infeasible to create time-stamps without using the apparatus in the tamperproof box. The use of a DTS would appear to be extremely important, if not essential, for maintaining the validity of documents over many years. In the future, it is likely that a DTS will be used for everything from long-term corporate contracts to personal diaries and letters. (http://www.verisign.com/faqs/id_faq.html)
DSS
D: ……………….., SL: ………………..
The Digital Signature Standard (DSS) is a cryptographic standard promulgated by the National Institute of Standards and Technology (NIST) in 1994. It has been adopted as the federal standard for authenticating electronic documents, much as a written signature verifies the authenticity of a paper document. The DSS was the first cryptographic standard developed under the regime established by the Computer Security Act, which was intended to limit the role of the National Security Agency (NSA) in the development of civilian standards. Documents obtained by EPIC under the Freedom of Information Act have demonstrated that the DSS development process was, in fact, dominated by NSA. (http://washofc.epic.org/crypto/dss/)

A B C E F G H I J K L M N O P Q R S T U V W X Y Z
ELECTRONIC COMMERCE
D: Elektronischer Geschäftsverkehr, SL: elektronsko poslovanje
ELECTRONIC DOCUMENT
D: ……………….., SL: elektronska listina (zapis, sporočilo)
ELECTRONIC ENVELOPE
D: ……………….., SL: elektronska ovojnica
See: header, footer
ELECTRONIC FORMAT
D: ……………….., SL: elektronski format
ELECTRONIC MESSAGE
D: ……………….., SL: elektronsko sporočilo
ELECTRONIC MONEY
D: ……………….., SL: elektronski denar
ELECTRONIC SIGNATURE (ESIG)
D: ……………….., SL: elektronski podpis
General (generic) expression for all kinds of electronically made signatures. See: digital signature, electronic card, digital pen, PenOp, encryption…
ENCRYPTION
D: ……………….., SL: enkripcija, šifriranje, zakrivanje
Encryption is the transformation of data into a form unreadable by anyone without a secret decryption key. Its purpose is to ensure privacy by keeping the information hidden from anyone for whom it is not intended, even those who can see the encrypted data. (http://www.verisign.com/faqs/id_faq.html)
ENCRYPTION KEY
D: ……………….., SL: šifrirni ključ

A B C D F G H I J K L M N O P Q R S T U V W X Y Z
FACSIMILE (facsimile signature, signature stamp, rubber-stamped signature, rubber handstamp)
D: ……………….., SL: faksimile, odtis s štampiljko
FINGERPRINT
D: ……………….., SL: identifikator podpisnega ključa
FUNCTIONAL ACKNOWLEDGMENT (confirmation)
D: ……………….., SL: potrditev prejema

A B C D E G H I J K L M N O P Q R S T U V W X Y Z

A B C D E F H I J K L M N O P Q R S T U V W X Y Z
HANDWRITTEN SIGNATURE (autograph, signed in (permanent) ink, ink autograph, holographic signature, legal signature, paper signature, genuine signature, original signature, signed in his own handwriting, (full) personal signature, sign. written in full, actual (handwritten) signature, his own signature, handscribed signature)
D: ……………….., SL: lastnoročen podpis
HASH FUNCTION
D: ……………….., SL: postopek izdelave skrajšanega izvlečka
A hash function is a computation that takes a variable-size input and returns a fixed-size string, which is called the hash value. If the hash function is one-way, i.e., hard to invert, it is also called a message- digest function, and the result is called a message digest. The idea is that a digest represents concisely the longer message or document from which it was computed; one can think of a message digest as a "digital fingerprint" of the larger document. Examples of well-known hash functions are MD4, MD5, and SHS (see Question 9.4). Although hash functions in general have many uses in computer programs, in cryptography they are used to generate a small string (the message digest) that can represent securely a much larger string, such as a file or message. Since the hash functions are faster than the signing functions, it is much more efficient to compute a digital signature using a document's message digest, which is small, than using the arbitrarily large document itself. (http://www.verisign.com/faqs/id_faq.html)
HEADER (~area, ~information)
D: ……………….., SL: čelo (~sporočila)
HEADER INFORMATION
D: ……………….., SL: glava elektronskega sporočila, čelno polje, čelo, čelni zapis
HOUSE POLICY
D: ……………….., SL: hišna politika (način delovanja)

A B C D E F G I J K L M N O P Q R S T U V W X Y Z

INTERNAL MESSAGE VERIFICATION
D: ……………….., SL: notranja verifikacija sporočila

A B C D E F G H J K L M N O P Q R S T U V W X Y Z

A B C D E F G H I K L M N O P Q R S T U V W X Y Z

KEY PAIR
D: ……………….., SL: parna ključa

A B C D E F G H I J L M N O P Q R S T U V W X Y Z

A B C D E F G H I J K M N O P Q R S T U V W X Y Z
MESSAGE DIGEST
D: ……………….., SL: skrajšani izvleček sporočila
MD2, MD4 and MD5 (MD stands for Message Digest) are widely used hash functions designed by Ron Rivest specifically for cryptographic use. They produce 128-bit digests and there is no known attack faster than exhaustive search. MD2 is the slowest of the three; MD4 is the fastest. MD5 has been dubbed "MD4 with safety belts" by Rivest, since it has a more conservative design than MD4; the design gives it increased security against attack, but at a cost of being approximately 33% slower than MD4. MD5 is the most commonly used of the three algorithms. MD4 and MD5 are publicly available for unrestricted use; MD2 is available for use with PEM. Details of MD2, MD4, and MD5 with sample C code are available in Internet RFCs (Requests For Comments) 1319, 1320, and 1321, respectively. No feasible attacks on any of the MD algorithms have been discovered, although some recent theoretical work has found some interesting structural properties. (http://www.verisign.com/faqs/id_faq.html)
MESSAGE INTEGRITY
D: ……………….., SL: neokrnjenost sporočila

A B C D E F G H I J K L N O P Q R S T U V W X Y Z

NON-REPUDIATION (incontestability)
D: ……………….., SL: nezatajljivost

A B C D E F G H I J K L M O P Q R S T U V W X Y Z
ONE-WAY FUNCTION
D: ……………….., SL: ...................
A one-way function is a mathematical function that is significantly easier to perform in one direction (the forward direction) than in the opposite direction (the inverse direction). One might, for example, compute the function in minutes but only be able to compute the inverse in months or years. A trap-door one-way function is a one-way function where the inverse direction is easy if you know a certain piece of information (the trap door), but difficult otherwise. (http://www.verisign.com/faqs/id_faq.html)
OPEN ELECTRONIC ENVIRONMENT (polygamous environment, non-trusted environment, hostile environment, many-to-many)
D: ……………….., SL: odprto elektronsko okolje

A B C D E F G H I J K L M N P Q R S T U V W X Y Z
PARAPH
D: ……………….., SL: parafa, okrajšani podpis
PASSWORD (pass phrase)
D: ……………….., SL: geslo, tajni izraz (stavek)
PEM (Privacy-Enhanced Mail)
PEM is the Internet Privacy-Enhanced Mail standard, designed, proposed, but not yet officially adopted, by the Internet Activities Board in order to provide secure electronic mail over the Internet. Designed to work with current Internet e-mail formats, PEM includes encryption, authentication, and key management, and allows use f both public-key and secret-key cryptosystems. Multiple cryptographic tools are supported: for each mail message, the specific encryption algorithm, digital signature algorithm, hash function, and so on are specified in the header. PEM explicitly supports only a few cryptographic algorithms; others may be added later. DES in CBC mode is currently the only message encryption algorithm supported, and both RSA and DES are supported for the key management. PEM also supports the use of Digital IDs, endorsing the CCITT X.509 standard for Digital ID structure. The details of PEM can be found in Internet RFCs (Requests For Comments) 1421 through 1424. (http://www.verisign.com/faqs/id_faq.html)
PEN-OP (r)
D: ……………….., SL: tehnika podpisovanja z digitalnim peresom (r)
PGP
D: ……………….., SL: ameriški program za digitalno podpisovanje/šifriranje
Pretty Good Privacy (PGP) is a program of encrypting messages so that the message can be read only by the intended recipient. It also allows for the implementation of a system of digital signatures. While there are many different programs available which can handle encryption--some of which may meet ISO standards--this is one which is widely used on the Internet. (http://www.complaw.com/pgp.html)
PIN (personal identification number)
D: ……………….., SL: ………………..
PLAINTEXT SIGNATURE
D: bloße Namenswiedergabe, SL: navedeno ime kot podpis
POLYGAMOUY ELECTRONIC ENVIRONMENT
D: ……………….., SL: poligamno, odprto elektronsko okolje
PRIVATE KEY
D: ……………….., SL: zasebni ključ
PROXY SIGNING
D: ……………….., SL: nadomestni podpis
PUBLIC KEY
D: ……………….., SL: javni ključ
PUBLIC-KEY ENCRYPTION
D: ……………….., SL: način podpisovanja s simetričnima ključema, pri čemer je eden od njiju javen
Public-key cryptography was invented in 1976 by Whitfield Diffie and Martin Hellman in order to solve the key management problem. In the new system, each person gets a pair of keys, called the public key and the private key. Each person's public key is published while the private key is kept secret. The need for sender and receiver to share secret information is eliminated: all communications involve only public keys, and no private key is ever transmitted or shared. No longer is it necessary to trust some communications channel to be secure against eavesdropping or betrayal. Anyone can send a confidential message just using public information, but it can only be decrypted with a private key that is in the sole possession of the intended recipient. Furthermore, public-key cryptography can be used for authentication (digital signatures) as well as for privacy (encryption). (http://www.verisign.com/faqs/id_faq.html)

A B C D E F G H I J K L M N O Q R S T U V W X Y Z

A B C D E F G H I J K L M N O P R S T U V W X Y Z
REPOSITORY
D: ……………….., SL: register digitalnih podpisov
RSA
RSA is a public-key cryptosystem for both encryption and authentication; it was invented in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. It works as follows: take two large primes, p and q, and find their product n = pq; n is called the modulus. Choose a number, e, less than n and relatively prime to (p-1)(q-1), and find its inverse, d, mod (p-1)(q-1), which means that ed ? 1 mod (p-1)(q-1); e and d are called the public and private exponents, respectively. The public key is the pair (n,e); the private key is d. The factors p and q must be kept secret, or destroyed. It is difficult (presumably) to obtain the private key d from the public key (n,e). If one could factor n into p and q, however, then one could obtain the private key d. Thus the entire security of RSA is predicated on the assumption that factoring is difficult; an easy factoring method would "break" RSA. (http://www.verisign.com/faqs/id_faq.html)

A B C D E F G H I J K L M N O P Q S T U V W X Y Z

SIGNATURE VERIFICATION THRESHOLD
D: ……………….., SL: varnostni hišni prag
SINGLE-KEY CRYPTOSYSTEM
D: ……………….., SL: šifrirni sistem z enojnim ključem
SMART CARD (chip card)
D: die Chipkarte, SL: pametna kartica, čip kartica
SUBSCRIBER (private key holder)
D: ……………….., SL: lastnik podpisa

A B C D E F G H I J K L M N O P Q R T U V W X Y Z
TEST KEY
D: ……………….., SL: testni ključ

TIME-STAMPING
D: ……………….., SL: časovno žigosanje, digitalni notar, potrditev časa prejema, oddaje, prenosa...
See: digital notary
TRAILER
D: ……………….., SL: rep sporočila
THRESHOLD DIGITAL SIGNATURE SCHEME
D: ……………….., SL: hišni (skupinski) ključ
TRUSTED ENVIRONMENT
D: ……………….., SL: varovano, zaupno okolje
TRUSTED RECORDKEEPER
D: ……………….., SL: verodostojen shranjevalec zapisov

A B C D E F G H I J K L M N O P Q R S U V W X Y Z

A B C D E F G H I J K L M N O P Q R S T V W X Y Z

A B C D E F G H I J K L M N O P Q R S T U W X Y Z

A B C D E F G H I J K L M N O P Q R S T U V X Y Z

X.509
D: ……………….., SL: X.509 priporočilo
X.509 recommendations are to be found in Volume VIII of the CCITT Blue Book approved by the plenary session every four years. This section refers to the 1988 recommendations. X.509 is technically aligned with ISO 9594 Part 8. It is part of the family X. 500521 of recommendations covering Data Communication Networks Directory, i.e. a database of the network location of sets of objects (this can be e.g. an electronic mail address) in the real world. X.509 defines a framework (and in ASN.1 in an annex) for the provision by the Directory to its users of services for peer to peer authentication between entities, including the Directory itself. This framework specifies how authentication information is formed, obtained and used. Authentication certificates may be held within the directory and are obtained using the Directory Access protocol defined in X.519. Both Simple (Password) and Strong (based on asymmetric public key cryptosystems). Authentication are specified. No particular cryptographic algorithm is mandated but RSA is described in an informative Annex. X.509 also specifies the syntax (ASN.1) of a public key certificate, which is necessary when using asymmetric (or public) key cryptographic technology. (http://www.ewos.be/sec/gdss.htm)

A B C D E F G H I J K L M N O P Q R S T U V W Y Z

A B C D E F G H I J K L M N O P Q R S T U V W X Z


OTHER GLOSSARIES:  Back to GLOSSARY of electronic signing 
Signature / security:
* TriTeal Corp. (Fortezza)
* ARGE Daten, Austria
*
Internet / Cyberlaw Terms:
* Internet Glossary - Introduction
* FORMIS Dictionary
* NetLingo (TM) - A Dictionary of the Internet Language
* Glossary of Internet Terms
* Internet Glossary - What is
* Writing HTML Glossary
* NetGlos - The Multilingual Glossary of Internet Terminology
* The McGraw-Hill Internet Training Manual © Internet Glossary
*
Computing / Technical / Communications / Standards:
* Free On-line Dictionary of Computing, Denis Howe, UK
* Free On-line Dictionary of Computing, Gábor J.Tóth and Paul Mayer, Princeton, NJ
* Technical Glossary IceNH
* ISO Catalog
* Telecommunications and ISDN Glossary
* Internet File & Protocol Standards
* CNET: The Computer Network glossary

IS / EDI:
* EDIFACT Glossary
* IS Glossary

Legal / Others:
* InterNIC Directory of Directories Dictionaries
* The WWLIA Legal Dictionary
* The Jargon File, a comprehensive compendium of hacker slang
To the top  
 
Main home page Legal Informatics Electronic commerce  Electronic legal sources  Professional / Personal