With DocuWare, you can electronically sign your documents as part of any workflow. But how do electronic signatures actually work?
When you add a digital signature to a document, the process involves more than just putting a signature on a text. Most of the steps take place behind the scenes, controlled by software.
How a digital signature works
In simple terms, every type of electronic signature consists of data that is added to a document or file. With a Qualified Electronic Signature, the data added is generated in a particularly secure technical environment. In addition, a specially authorized and qualified authority/organisation has issued the signatory’s authenticated proof of identity – a digital certificate.
Signing then takes place in a public-key infrastructure in which an encryption procedure with two keys is used. One is a private key, which only the encrypting authority knows; and one is the public key. This key is added to the document in the signature certificate.
There are three steps involved:
1. Hash value calculated
From the data of the document or file, a mathematical formula is used to calculate a checksum, which is called a hash value. It works like a fingerprint for a document.
2. Hash value encrypted
This hash value is encrypted with the signer’s private software key (Private Key).
3. Document connected with encrypted hash value + certificate
The encrypted hash value and certificate are then attached to the document. The certificate contains the Public Key for decrypting the hash value, the information that this key is associated with the identity of the signer, and the validity of the certificate.