In Europe, we have been embarked since 1999 in a long journey towards a regulated world where a “good” electronic signature has to be delivered by a Trust Service Provider whose professionalism is verified by accredited auditors, they too regularly audited for their independence and expertise.
In 2008, a new model was proposed by Satoshi Nakamoto to build a different world where you can verify by your own means that a transaction exists and is valid, and a fortiori an electronic signature.
20 years since the European directive about electronic signature… and we’re stuck at the beginning of usage. Why?
Since 1999, the regulatory landscape in Europe (European directive 1999/93/CE, eIDAS regulation n°910/2014) has been centered on qualified signature, that confers the precious presumption of reliability to electronic signature. At the opposite, the validity of non-qualified signatures shall be demonstrated by their provider.
Signature repudiation cases have been very rare, and never required the provider to demonstrate anything. The signature market has though been totally subordinate to the slow construction and audit of qualified certification and signature services.
As a reminder, you will find below the security requirements applying to a qualified signature and generating constraints for the end-user (and signatory) :
- Prove their identity in a face-to-face with a “Registration Authority” (role of the Trust Service Provider). It means that a full digital process is not possible.
- Use a qualified hardware cryptographic token, meaning that bringing one’s own token is not authorized.
- Use an X.509 certificate delivered by a qualified “Certification Authority” (role of the Trust Service Provider). It means that I need to pay in any way the certification work made continuously by the provider.
The result is that qualified signatures are too expensive and too heavy, therefore, nobody uses them today.
Leaving qualified signature to rare use cases with high legal stakes, the market has turned to simple or advanced electronic signatures, as authorized by eIDAS regulation. Practically, the same qualified Trust Service Providers have built “lighter” solutions:
- Basic enrolment procedure via OTP sent by SMS, giving little assurance on the real identity of the signatory.
- No use of personal cryptographic tokens. In the best cases, Hardware Security Modules are used to create personal, short-term keys for single use just after enrolment. In other cases, a unique, generic key is used to sign in place of the signatory. Software keys tend to disappear though.
- Qualified, personal certificates cannot be delivered as they require face-to-face enrolment. To be compatible with Adobe Acrobat Reader, the unique and proprietary signed document viewer today, some providers use a service certificate issued by a trusted Certification Authority. These service certificates, referring to legal persons, don’t refer to the signatory’s identity.
In other words, the confidence level of the standard electronic signature has been seriously downgraded compared with eIDAS requirements for qualified signatures. We can then ask why pay so much for the qualification of providers who do not even use what they spend so much time to secure.
What’s so sad about not using qualified signature?
Today, in 2019, security stakes about electronic signature are still there and so strong :
- I want to avoid any signature repudiation, because I would need to demonstrate the validity of signature.
- I don’t want any compromise or replay attack.
- I don’t want any suspicion about the integrity of the content to sign.
- I don’t want any doubt about the identity of the signatory.
- I want to respect the privacy of my signatories and get the relevant level of identity evidence for my business stakes.
- I want to protect confidentiality of signed documents, including highly sensitive documents that cannot be disclosed outside from a circle of authorized persons.
… And we haven’t found the right compromise between security, user experience and economic viability yet.
Looking for new paradigm…
Leveraging Bitcoin potential, Woleet finds it possible to propose an alternative electronic signature, independent from any Trust Service Provider, but still secure and verifiable.
The concept of Trust Service Provider conflicts with the underlying principles of Bitcoin, where the need of trust is replaced by an open and distributed, though resilient and secure system.
Woleet signature relies on standards for cryptographic algorithms, key types, and key storage:
- Asymmetric keys cryptography (key pairs private / public).
- Standard algorithms and key sizes: SHA-256, ECDSA (256 bits).
- Protection of private keys via secure hardware (Ledger Nano S or X), already used in wallet applications of Bitcoin and other types of blockchains.
Additionally, Woleet leverages Bitcoin potential with:
- Timestamping provided by the Bitcoin network composed of multiple nodes agreeing on the time and sequencing of transactions.
- Proof creation via Woleet anchoring mechanism in Bitcoin blockchain, with an open standard (Chainpoint, OpenTimeStamps), so as to create proofs of signature that can be verified independently by anybody possessing the original signed document.
Finally, Woleet designed its signature solution to significantly enhance security:
- Preserve confidentiality of signed data: the original data remains in the customer information system, where it is cryptographically hashed and signed (via Woleet tools). Woleet only processes data hash, so that the proof anchored in Bitcoin blockchain does not contain the original document, but the hash. Even if all the validation tools are public, only the data owner can check the proof.
- Let the signatory master the disclosure of identity evidence: Bitcoin signature keys are pseudonymous, which allows to manage identity independently from the signature. Only the signatory can prove the possession of a signature key and consequently the signature of a document.
Woleet electronic signature fully complies with the European eIDAS regulation.
Great! But aren’t there any challenges in there?
As always, there is no perfect solution. But the Bitcoin field is quickly evolving, as well as Woleet developments, and we can expect a great number of improvements in the coming months.
Security of private keys
Within Bitcoin eco-system, like in any other domain using cryptographic keys, the security of private keys is crucial. Good hardware solutions exist today in the form of USB tokens and are widespread within Bitcoin community. Bigger hardware modules, similar to Hardware Security Modules used by Certification Authorities also exist. They can avoid deployment of cryptographic USB tokens within companies if they don’t have them already.
“On the Internet, nobody knows you’re a dog”. Identity management is out of the scope of Bitcoin. Private keys are pseudonyms that may not be linked to an identity. This is a great opportunity to let the signatory master how his/her identity information are disclosed. Meanwhile, a reliable signature needs to provide verified information on the signatory identity. At Woleet, we want to make compatible good enrolment solutions with the user privacy and decentralized models, such as “self-sovereign identity”.
Independent signature verification every time
Anybody can check the validity of a Bitcoin transaction (for example via https://blockstream.info/), and we think this shall be the case for an electronic signature: no unique proprietary tool to view the document and check the signature, no proprietary, unverifiable proof file. On the contrary, signature anchoring in Bitcoin blockchain is the standard way to prove the execution of the signature at a given date. The proof must be verifiable by everybody, provided they have access to the signed document and related proof receipt. Woleet is working on a way to maintain the signatory’s identity information in a decentralized and confidential way, replacing the current publication service of our identity management solution.
In the current state of technology, it is possible to make electronic signature with Bitcoin evidence in a reliable way, at least as well as the current european de facto standard. We drastically reduce the costs of electronic signature thanks to a highly scalable architecture and freeing ourselves from the costs of certification procedures. For the future, we see wonderful evolutions coming in the field of security, user privacy and proof interoperability. We are not afraid to innovate where a certification logic has raised so many barriers to usage.