At present, there are many technical means to realize electronic signature, such as digital signature based on public key cryptography; Or use unique identification marks based on biometrics, such as fingerprints, voiceprints or retinal scans; Pattern recognition of electronic images of handwritten signatures and seals: cryptographic codes representing identity (symmetric algorithm); Computers based on quantum mechanics and so on. However, the relatively mature electronic signature technology widely used in advanced countries in the world is still digital signature technology based on PKI. Due to the principle of technology neutrality in legislation, the signature mentioned in the current electronic signature law generally refers to "digital signature". It is a special form of electronic signature.
The so-called digital signature is to use a series of symbols and codes generated by some cryptographic operation to form an electronic password to "sign" instead of writing a signature or seal. Technically, this kind of electronic signature can also be verified by algorithm, and its verification accuracy is unmatched by manual signature and seal in the physical world. In ISO7498-2 standard, digital signature is defined as: some data attached to a data unit, or cryptographic transformation of the data unit, which allows the receiver of the data unit to confirm the source and integrity of the data unit and protect the data from being forged by people (such as the receiver). The definition of digital signature in American Electronic Signature Standard (DSS, FIPS 186-2) is that data is calculated by using a set of rules and a parameter, and the identity of the signer and the integrity of the data can be confirmed by this result. According to these definitions, digital signature has become the most widely used, most mature and most operable electronic signature method in e-commerce and e-government. It uses standardized procedures and scientific methods to identify the signer and approve the electronic data content. It can also verify whether the original text of the file has changed during transmission, and ensure the integrity, authenticity and non-repudiation of the transmitted data.
Related links:
/Xunzi /hot/2005 10/2898_2.html