[HOLD] PDF Advanced Electronic Signatures, and Why Your Business Needs Them
This is a secret URL preview of an unreleased article.
The PDF format has supported digital signatures for a long time, and PDF 2.0 introduced support for advanced electronic signatures: a series of improvements over a classical digital signature to make signatures more secure, valid for a longer time, and compliant with the latest global recommendations and standards. This article will explore what they are and what your business can do with them.
What’s a PDF Advanced Electronic Signature?
A PDF advanced electronic signature (PAdES) is a specification from the European Telecommunications Standards Institute (ETSI) that makes a digital signature in digital transactions similar in validity to a handwritten signature. A PAdES signature offers more security than a regular digital signature and can be augmented with additional data, which means that a signed PDF can be verified over long periods of time, even after certificates have expired.
The next sections will explore in more detail the use cases solved by PAdES.
Learn more: Electronic Signatures in a PDF
More Protection for the Signer’s Identity
With a regular digital signature, the signer’s identity (certificate) is stored outside of the signed data and is thus subject to substitution attacks. This is because the certificate itself is not part of the signed data and is therefore not verifiable.
For example, a malicious certificate authority (CA) could issue a certificate to someone with the public key of someone else. If the certificate isn’t protected by the signature, an attacker can substitute one certificate with another and the PDF would appear to be signed by someone else.
PAdES solves this problem by storing the certificate as part of the signed part of the digital signature. If you receive a PDF document with a PAdES signature that has a substituted certificate, the validation result will show a clear error.
Knowing When the PDF Was Signed
Another problem that a regular PDF digital signature has is that it’s not clear when the document was signed. In general, the signing time comes from the clock of the signer’s computer and, as you can imagine, it’s easy to change it and trick someone into thinking a document was signed before or after it was actually signed.
PAdES solves this problem by introducing the concept of secure timestamping. A secure timestamp is issued by an external trusted service that certifies a particular document existed before a specific point in time. As the secure timestamp is a digital signature in itself, it offers the same security features. A PDF document can be timestamped by either the signer or the recipient — both of these processes are outlined below.
Timestamped by the Signer
This is the most common scenario. If the signer has internet connectivity and access to a timestamp service URL, then when the PDF document is signed, the digital signature will contain a secure timestamp. When that signed document is verified in the future, the time contained in the secure timestamp will be used instead of the clock of the signer’s computer, thereby providing all the interested parties with higher confidence regarding the claimed signing time.
Timestamped by the Recipient
If the signer didn’t have internet connectivity at the time the PDF was signed, the recipient of the document can still timestamp it. The way this is done is by adding a special kind of invisible PDF signature that only contains the secure timestamp information.
Long-Term Preservation of Digital Signatures
When working with regular digital signatures, sometimes business processes may require that the validity of a digital signature can be reassessed during a period of time long enough that some certificates may have expired or been revoked (because the person who signed it left the company, for example). Or maybe the algorithms used to create the signature are now considered insecure and need to be updated.
PAdES solves this problem by storing all the data needed in the verification of a digital signature. That includes the sequence of certificates that link the signer’s certificate to the trusted root, as well as information about the revocation status of these certificates. This information can be included in the digital signature itself or, preferably, in the PDF document so as to save space in the signature. ETSI recommends that a regular digital signature is augmented by PAdES with the following references:
-
The sequence of certificates used to validate a digital signature
-
The revocation data for all those certificates
-
The certificates used to validate a secure timestamp, if present
For increased security, once these references have been added to the PDF, they can be timestamped by any recipient of the PDF document by following the steps mentioned here.
The Lifecycle of a PDF Advanced Electronic Signature
The previous sections explained the instances where a regular PDF digital signature falls short and how a PAdES signature can help. Based on this, we can say that PAdES introduces the concept of the lifecycle of a digital signature to business processes. The lifecycle of a digital signature is a set of steps beginning with the point the signature is generated and continuing to the point where it’s discarded.
To illustrate this, consider the following sample scenarios of digital signing that show the lifecycle of a digital signature in practical terms.
Scenario 1: A person generates a digital signature and, during the process, a timestamp server is contacted to augment the signature with a secure timestamp that certifies when this person signed the document.
Scenario 2: The same person, instead of timestamping the signature at signing time, decides to let the people who receive the document timestamp it. A person who receives the signed document could then validate the signature and contact a timestamp service to add a timestamp that certifies that the signature existed before a particular date and time.
Scenario 3: A person is interested in preserving a signed PDF for a long time. To do so, they validate the digital signature and, if the signature is valid, store all the data required to validate it in the PDF. Optionally, they can protect the validation data by adding a new secure timestamp to the document.
Conclusion
PAdES is a set of regulations and extensions that improves upon traditional PDF digital signatures and produces digital signatures that are more secure and valid for longer periods of time.
This article has explored how PAdES accomplishes the above. We recommend using PAdES signatures for all electronic transactions.
Does your business need advanced digital signatures to use in your electronic transactions? Feel free to contact us, as we’re specialists in digital signatures and their specific technical requirements in the European market.