ES2716308A1 - Method to authenticate a dynamic signature with the signed document using an electronic signature. (Machine-translation by Google Translate, not legally binding) - Google Patents

Abstract

Method to authenticate a dynamic signature with the signed document using an electronic signature. This disclosure refers to a method that captures the graph and the digitized signature of an autograph signature, and by applying a digestion algorithm on those values, a hash is obtained that is electronically signed by a second user who uses a certificate and a public key cryptography signature creation device. This method unmistakably associates the document and the electronic handwritten signature and guarantees its integrity. (Machine-translation by Google Translate, not legally binding)

Description

D E S C R I P C I O N

METHOD TO AUTHENTICATE A DYNAMIC SIGNATURE WITH THE DOCUMENT SIGNED BY AN ELECTRONIC SIGNATURE

SECTOR OF THE TECHNIQUE

The present invention pertains to the electronic document security sector.

It refers to a new procedure that makes an autograph signature on a digital board to adhere to a certain electronic document, and after capturing the graph and the scanned image, a hash of the electronic document and the file containing the data captured from the handwritten signature; The hash is electronically signed using an electronic signature certificate for public key cryptography. In this way the document and the electronic handwritten signature are unavoidably associated and their integrity guaranteed.

BACKGROUND OF THE INVENTION

Digital whiteboards, also known as Tablet have become popular in recent years and are being used to grant all types of signed consents, from the receipt of a package to a bank deposit.

However, contrary to popular belief, the reality is that the handwritten signature with which the signatory expresses its consent on the content of an electronic document is not stamped on it, nor is it even linked to it. Therefore, it is perfectly possible to associate that electronic handwritten signature with another completely different document than the signer was willing to accept, and without it being possible to detect that substitution.

This weakness that suffers from the technique of "electronic handwritten signature" also called "dynamic signature" is known, and many of the systems that are marketed in the market, try to resolve this weakness by sending the file containing the values of the electronic handwritten signature and the electronic document file to a remote server that is responsible for associating them, either by applying an encryption of public key or even developing an electronic signature. No existing procedure takes into account the presence of a second person, which is always the cession of use of the digital board and in whose presence the signatory produces his handwritten signature as an expression of willingness to accept the content of the document. The novelty of this invention is to develop an ingenious method in which two elements of high security are included in the system, such as the electronic signature device for public key cryptography and the electronic signature certificate, in this way, the subject that Now he was a mere transferee of an electronic board, being equipped with this technology and being present at the signing ceremony, intervenes in the same act as a witness, authenticating the handwritten signature, associating it in an indissoluble way with the electronic document and even, stating his presence as a witness when their identity is included in the electronic certificate used according to the X509 v3 standard.

There is extensive documentation that describes electronic signature systems based on public key cryptography, generation and use of electronic signature certificates. Currently these instruments are in common use and there are innumerable applications of open source code that allows to implement the method proposed in this invention. The technical reference standards are: ETSI TS 101 733, v.1.6.3, v1.7.4 and v.1.8.1. Electronic Signatures and Infrastructures (SEI); CMS Advanced Electronic Signatures (CAdES); ETSI TS 101 903, v.1.2.2, v.1.3.2 and 1.4.1. Electronic Signatures and Infrastructures (SEI); XML Advanced Electronic Signatures (XAdES); ETSI TS 102 778, v 1.2.1. Electronic Signatures and Infrastructures (ESI); PDF Advanced Electronic Signature Profiles; Part 1: PAdES Overview, Part 2: PAdES Basic - Profile based on ISO 32000-1, Part 3: PAdES Enhanced - PAdES-BES and PAdESEPES Profiles; Part 4: Long-term validation. RFC 5280 (X509 v3).

The dynamic signature also known as an electronic handwritten signature or biometric signature, is extensively documented and the models usually used are described in detail in the technical standards: ISO / IEC 19794-7: 2014 Biometric data exchange formats - Part 7: Signature / signature of time series data; ISO / IEC 29109-7: 2011 Conformity test methodology for biometric data exchange formats defined in ISO / IEC 19794 - Part 7: Signature / signature of time series data; ISO / IEC 29109-1: 2009 Generalized conformity test methodology. As in the case of the electronic signature, there are numerous free and freely-used applications that allow the implementation of the method proposed in this invention.

A comprehensive study has been made on existing patents and none of them describes the methods claimed in this invention, nor does it solve the weaknesses described above. Specifically:

Device, system and method for registering and authenticating handwritten signatures and archiving handwritten information, patent publication number ES2554686 T3. Describes a procedure whereby using an electronic pen, makes handwritten signatures that are registered in a remote server, in order to authenticate previously registered users.

Electronic authentication procedure of a corresponding handwritten signature, module and computer program, patent publication number ES2531240 T3. Describes the procedure of capturing a signature made locally, in order to authenticate the signature itself.

Procedure proposed by the patent publication number ES2377787 A1 "Guaranteed electronic signature method", which describes a procedure in which a remote server is responsible for guaranteeing the signature process performed locally by a signer.

The publication "Moderne Verfahren der Kryptographie" ("Modern cryptography procedures") Beutelspacher, Schwenk, Wolfenstetter, 3. Edition, 1999, Vieweg Verlag, contains a detailed description of public key cryptographic procedures.

The RSA cryptographic system described in U.S. Pat. No. 4,405,829 to Rivest et al. Describes an example of a public key cryptographic system methodology.

The European patent application "Method and system for implementing a digital signature" (EP1142194 A1) describes a method to perform the digital signature in a mobile station, but says nothing about the problem of non-repudiation.

The patent application 'Electronic document processing system and method of forming digital signature' (US 5465299 A) describes a method for creating 'versions' of a digitally signed document, in which each successive version is signed and includes the signature of the version previous.

The 'Method and apparatus for an adapted digital signature' patent (US 6615348 B1) describes an algorithm for generating user identities using a modified digital signature algorithm.

The 'Method and apparatus for validating a digital signature' patent (US 7178029 B2) describes a way to verify that a signature that includes a digital certificate is valid even if the digital certificate has been revoked. It's basically a time stamp service.

EXPLANATION OF THE INVENTION

The present invention solves the aforementioned problems when contemplating the intervention, in the same act in which the signatory makes his handwritten signature, of a second user that has an electronic signature certificate and a signature creation device that employs it to authenticate the electronic handwritten signature, also referred to as a dynamic signature. His intervention is based on applying his electronic signature of public key cryptography, on the hash obtained from the set of values that represent the electronic handwritten signature and the electronic document.

In order to achieve the objectives and avoid the drawbacks mentioned in the previous sections, this invention develops the following procedure:

1. In the market there are digital whiteboards that have sufficient computing and memory capacity to develop the method described in this invention on their own and without connection to any computing terminal. However, there are also digital whiteboards whose capacity is limited to picking up the handwritten signature that the signatory makes on its surface and transmitting it to a computer terminal that is responsible for developing the entire process that is not capable of taking over the electronic board. In no way affects one or the other system to the method described in this invention, being applicable to any of those options: autonomous blackboard or whiteboard connected to a computer terminal. The digital board or the computer terminal to which it may be connected, shows the signatory user an electronic document that is contained in his memory, or that is stored in a coupled device such as a pendrive, or stored in a remote server that is consulted with the corresponding communications protocol, in any of these options, the essential objective is that the signing user has the possibility to consult the document for which acceptance is requested.

As an expression of his willingness to accept what is recorded in the document, he makes a handwritten signature using a pointer or tactile pen, which is applied on the surface of a digital screen to make the signature on it, it also has the possibility of including a handwritten text to make a "considering", a "reservation", or a "mention" or any other statement, including reviewing your own identity as a name and identity card, this information is collected in the image of the firm and / or in The graph A dynamic signature processing software installed on the digital board or computer terminal is responsible for capturing the graph and / or the digital image resulting from that plot.The graph is understood as the set of values that make up the pattern biometric of the signer, usually the parameters that this software can capture, according to the sensitivity of the digital screen, are: the pressure, the angle of writing, speed, acceleration, the formation of letters, the shape of the initial and final strokes, the position and shape of tildes, points and punctuation, time position, speed, acceleration and the direction of the signature features. Since in some countries sensitive information is considered, the computer application can be configured to capture or not capture the graph, or even encrypt it without affecting the method of this invention. The image of the digital signature and / or the graph are collected in a computer file.

A computer application and a cryptosystem installed on the digital board or in the computer terminal generates the fingerprint (hash) of the document and the graph and / or the digital image resulting from the autograph signature of the signer. To obtain the hash of the files. There are numerous open source and widely documented cryptosystems capable of performing the hashing, in the preferred embodiment of this invention one of the most used is used. Known Bouncy Castle, there are also multiple public digestion algorithms that allow secure hashes, all of them widely documented, being the most usual SHA2, used in the preferred embodiment of this invention. The application that includes all the computer logic to provide users with an interface and calls necessary to the cryptosystem, is an extremely simple software development, there are numerous open source projects on the Internet that perform this process, in the preferred embodiment has been developed using the Java programming language.

The second user, using the digital board or the computer terminal, uses the interface of the computer application to select his electronic signature certificate, which can be stored on the digital board, or on the computer terminal, or on a token connected to the computer. the digital tablet itself, or it can even be stored in a Remote Electronic Signature Certificate Server. Once the certificate has been selected, using a computer keyboard or a virtual keyboard, if you use the digital board, enter the signature preparation PIN. The computer application and the cryptosystem have the necessary computer logic to intervene as a signature creation device, proceeding to authenticate the hash by creating an electronic signature. It also contemplates the possibility that previously this user, holder of the electronic signature certificate, using the computer keyboard or virtual keyboard, may have entered a handwritten text to make a "considering", a "reservation", or a "mention" or any other statement, this text will be included in a record that may or may not also include a predefined text, in case of including a record, the hash algorithm will include this act.The inclusion or not of this act in no way affects the method described In this invention, the software necessary for the computer application and the cryptosystem to be a signature creation device, is a very elementary technology, with open source code on the Internet and widely documented, no expert knowledge is required and is accessible to an inexperienced programmer , as well as the development of a virtual keyboard and the necessary interface so that the user can write what they want. The generation of the minutes does not require any relevant specification, it can be collected in a simple file txt, or xml, or pdf, or doc, ennada affects the objective pursued.

BRIEF DESCRIPTION OF THE DRAWINGS

To complement the description that is being made and in order to help a better understanding of the characteristics of the invention, a set of drawings is included as an integral part of said description, in which the following has been represented:

Figure 1 illustrates a graph capture scheme (17) and digital signature (18) of an autograph signature (13), showing the components involved: the digital board (1), touch pen (12), the computer program (5) ) that captures the values of the signature autograph (13), the computer application (6) that shows the electronic document (3) to the signing user (11).

Figure 2 illustrates a scheme for generating a hash (19) of the document (3), of the captured data (17) and (18) of the handwritten signature (13), and elaboration of the electronic signature (16) that authenticates the hash (19) using an electronic signature certificate (4). The components that intervene are shown: the digital board (1), the cryptosystem (7) that is invoked by the computer program (6) to generate the hash (19), the signatory user (15) that has a signature certificate electronic (4) and uses the virtual keyboard (27) to enter the PIN (14) that produces the electronic signature (16) authenticating the hash (19).

PREFERRED EMBODIMENT OF THE INVENTION

A preferred embodiment of the system described herein essentially comprises the following elements:

a) A digital slate (1), with computing capacity (processor and RAM) for which a Microsoft Surface Pro tablet with an Intel Core i5 processor, which has an integrated video camera (20), has been chosen. also a GPS positioning device (22), and an internet connection with the NTP v.3 protocol according to the RFC 1305 standard, configured to obtain the time (25) with a secure time source hora.roa.es (24), access to a Time Sealing Unit of ANF TSA CA tsu1.anf.es to obtain a TimeStamp (26), 8GB RAM, non-volatile ROM (2) of 256GB SSD, which contains: an electronic document (3), a store in PKCS format # 15 that stores an electronic signature certificate X-509 v.3 (4) with its private key pair; a computer program (5) capable of capturing the graph (17) and / or digital image (18) of the signature autograph (13); a computer application (6) incorporating: a user interface that allows the document to be displayed to the signing user (11), a space reserved on the screen to produce the handwritten signature (13) by means of a tactile pen (12), a procedure that allows select the electronic signature certificate (4) and enter the PIN (14) of generation of electronic signature through a virtual keyboard (27), the computer logic necessary to interoperate with a cryptosystem (7) to elaborate hash (19) and intervene as signature creation device (29); a cryptosystem (7) based on the cryptographic library Bouncy Castle, which offers a wide collection of APIs containing the main algorithms for symmetric cryptographic processes AES (8) for symmetric encryption and asymmetric algorithm RSA (9) for electronic signature development, and that has a digestion algorithm for SHA2 hashing (10). The selected digital board (1) has sufficient capacity to install and execute all the computer logic, but a board could have been chosen that did not have that capacity, but that connected to a computer terminal (28) as a personal computer, the system would also be effective, without affecting the method described in this patent, it could even happen that the computer program (6) does not contain any box to draw on it the signature autograph, and that the signing user (11) will sign directly on the entire surface of the digital slate (1), or that an intelligent pdf file could be used to include directly on one of its layers the marks or texts transcribed by any of the two users involved in the transaction: signatory and witness. None of the assumptions affects the method described in this invention.

b) A signatory user (11) in possession of a tactile pen (12).

c) A witness user (15) in possession of the electronic signature certificate (4) of which he / she is the owner, and with the knowledge of the signature activation PIN (14) that allows the electronic signature to be drawn up (16).

d) The computer program (5). It has been developed using the StepOver signing API https://www.stepoverinfo.net/. It is a programming interface designed to be used with any individual application for the electronic signature of PDF and PDF / A documents. The signatures API introduces the graph (17) and the image of the signature (18) captured electronically, in addition to the digital signature (16) in the signed document. Using this signature API, the computer program can be created. In addition to this API, there are other similar APIs that are widely documented, including programs that are already free.

e) The computer program (6) that incorporates user interface, an application in Java has been developed. This software has all the required logic and the ability to interoperate with the cryptosystem (7)

The following procedure is performed:

1. The electronic document (3) is shown to the signing user (11) through the screen of the Tablet (1) so that it can be reviewed.

2. The signatory user (11), using the touch pen (12) makes the signature autograph (13) on the Tablet (1).

3. The computer program (5) proceeds to capture the graph (17) and the image of the signature (18).

4. The witness user (15) using the Tablet (1), and using the Computer Program Interface (6), select the electronic signature certificate (4) and enter the PIN (14) using the virtual keyboard (27).

5. The computer program (6) using the cryptosystem (7) generates a hash (19) of the electronic document (3), the graph (17), and the image of the electronic handwritten signature (18).

6. The cryptosystem (7) electronically signs the hash (19) obtaining an electronic signature (16). In this way all the files are associated and their integrity is guaranteed. In this configuration, the witness user has not been allowed to select electronic document file or values of the electronic handwritten signature from which the hash is obtained (19). This automation has been carried out as a security measure to prevent human error, fortuitous or intentional, but nothing prevents this selection from being included without affecting the method written in this invention. This method contemplates the possibility that the electronic signature certificate (4) is stored in a Remote Server of Centralized Certificates as allowed by Regulation (EU) 910/2014 eIDAS, in which case the cryptosystem that acts as a creation device signature is on that remote server and, therefore, the hash (19) is sent by secure channel SSL or TLS to that server to be signed, according to the eIDAS Regulation is the

one

qualified service provider of trust that manages this remote server, which provides the system with the necessary technical procedures to communicate PIN and hash, as well as to receive the resulting electronic signature. Nothing prevents including the use of this remote server without affecting the method described in this invention.

The hash (19) is obtained by the cryptosystem (7) through the corresponding call to the SHA2 digestion algorithm, which is applied as indicated above on the files electronic document (3), graph (17) and digital signature (18) . However, if the witness user (15) has entered a text with recital, mention, exception, or predefined text included in a record, the hash (19) will include this record. Nothing prevents including this information without affecting the method described in this invention.

The ETSI, ISO and RFC standards mentioned above include very detailed technical descriptions.

In addition to the method described in this preferred embodiment, this patent includes various claims whose processes, although very simple to carry out, presuppose important improvements over the main claim.

Claim 2. Practically all the Tablet (1) on the market incorporates a video camera (20) and there are numerous open source APIs that allow the operating system of the digital board (1) to take a photograph or even perform a Video recording. The format of the acquisition is always configurable, although usually JPEG format is used for an image file, or MP4 for a video file. The digestion algorithm can be used in any file format, it has no limitations in this respect. All the technology necessary to develop claim 2, is publicly available and widely documented, is accessible to any programmer no matter how inexperienced. There are other ways of programming computer logic, none affects the procedure or the claim.

Claim 3. Practically all the Tablet (1) on the market incorporate a GPS positioning device (20) that allows determining the geolocation of the Tablet at any time. There are numerous open source APIs that allow the operating system of the digital board (1) to read the geopositioning where it is located. The format of the acquisition is always configurable, although usually a simple TXT file is used. The digestion algorithm can be used in any file format, it has no limitations in this respect. All the technology necessary to develop claim 3, is publicly available and widely documented, is accessible to any programmer no matter how inexperienced. There are other ways of programming computer logic, none affects the procedure or the claim.

Claim 4. Practically all the Tablet (1) on the market incorporate Internet connectivity. There are numerous secure sources of time that are freely available and free. In Spain, the most used time source in the Laboratory of the Royal Observatory of the Navy (ROA) that allows us to determine the current UTC time (in English, Coordinated Universal Time) with a second accuracy. For the time query, the NTP public protocol is used, there are numerous open source APIs that allow these queries to be made. The information can be recorded in a simple TXT file. The digestion algorithm can be used in any file format, it has no limitations in this respect. All the technology necessary to develop claim 3, is publicly available and widely documented, is accessible to any programmer no matter how inexperienced. There are other ways of programming computer logic, none affects the procedure or the claim.

Claim 6. The inclusion of several signers in a sequential signature process requires an elementary computer logic, so simple that an inexperienced computer programmer can elaborate it. Basically it is only necessary to include a two buttons "continue process" "close process". Pressing "continue process" simply generates the electronic handwritten signature file and opens the possibility of making a new signature, clicking "close process" simply generates the file of the electronic handwritten signature, and ends the capture of signatures and continue the next step. There are other ways of programming computer logic, none affects the procedure or the claim.

The claim 7. The capture of the moment of time has already been explained in claim 4, this claim only requires an elementary computer logic, as simple as making a calculation of the time elapsed between the time that signed the user (11) and the moment in which the user wishes to sign (15), if the elapsed time is greater than a reference time that is recorded in a resource file to which the computer application has access (6) and which may be configured by the manufacturer or by the user of the application, the user (15) is prevented from signing. That is, the programmer only has to make a simple comparison and calculate if the elapsed time is less, equal or greater, if it is greater, stop the process. There are other ways of programming computer logic, none affects the procedure or the claim.

one

Claims (7)

1. - Method to authenticate a dynamic signature with the signed document by means of an electronic signature, which includes: Step 1: There is a digital board (1), which connected to a computer terminal (28) or autonomously, has a computer program (6) that allows viewing an electronic document (3) contained on the digital board ( 1) or in the computer terminal (28), Step 2: The signing user (11) has a tactile pen (12), and a computer program (6) that allows the signatory user (11) to produce an autograph signature (13) on the surface of the digital board (1) ). Step 3. The computer program (5) performs a capture of the graph (17) and / or digitized signature image (18). Step 4: The digital board (1) or the computer terminal to which it is connected (28) includes the computer program (6) that includes the computer logic necessary to use a cryptosystem (7) that generates a hash (19) of the electronic document (3) and the graph files (17) and digitized signature image (18). Step 5: Characterized because in the signing act described above, a second user (15) who has an electronic signature certificate (4), and who uses a computer program (6) installed on the digital board (1) or computer terminal (28), which allows you to enter the PIN (14) and has the ability to activate a signature process on the hash (19), obtaining an electronic signature (16), which authenticates that hash (19), leaving thus, all the files are inseparably linked and the integrity of the files is guaranteed. 2. - Method according to claim 1, characterized in that in Step 2 and Step 4 further comprise: Step 2: The digital board (1), includes a video camera (20), and the computer program (6) includes the necessary logic so that at the time of making the signature autograph (13), the image of the signatory user (21) is captured at the time of signing. Step 4: The computer program (6) has the necessary computer logic to include the file of the user image (21) in the process of obtaining the hash (19), so that the image (21) is associated with the rest of files. 3. - Method according to claim 1, characterized in that in Step 2 and Step 4 further comprise: Step 2: The digital board (1), includes a GPS geo-positioning system (22), and the computer program (6) includes the necessary logic so that at the time of drawing the handwritten signature (13) it proceeds to capture the geographical position (23) of the signer at the time of signing. Step 4: The computer program (6) has the necessary computer logic to include the geopositioning file (23) in the process of obtaining the hash (19), in such a way that the geographical position (23) is associated with the rest of records. 4. - Method according to claim 1, characterized in that in Step 2 and Step 4 further comprise: Step 2: The computer program (6), includes a communication protocol with a secure source of time (24), and the computer program (6) includes the necessary logic so that at the time of preparing the signature autograph (13) it is proceed to capture the moment in time (25) in which the signature is being made. Step 4: The computer program (6) has the necessary computer logic to include the file from time to time (25) in the process of obtaining the hash (19), in such a way that the moment in time (25) it is associated with the rest of the files. 5. - Method according to claim 1, characterized in that in Step 4 and Step 5 further comprise: Step 4: The computer program (6), includes a communication protocol with an electronic time-stamping server (26), and the necessary computer logic to send the time-stamping server the hash (19) and receive a stamp of electronic time (26) that is indissolubly associated with that hash (19) Step 5: The computer program (6), includes a communication protocol with a one electronic time stamping server (26), and the necessary computer logic for the electronic signature (16) to include a time stamp. 6. - Method according to claim 1, characterized in that in Step 2, Step 3, and Step 4 further comprise: Step 2: The computer program (6) has the necessary computer logic to allow the intervention of several signatories (11), the process is based on the development of signatures sequentially, until the last signatory indicates that it is the last handwritten signature. Step 3: The computer program (5) performs a capture of the graph (17) and / or digitized signature image (18) of each signatory user (11) generating an independent file of each intervention. Step 4: The computer program (6), includes the necessary computer logic to generate the hash (19) including all the signature files of each one of the signatory users (11) 7. - Method according to claim 1, characterized in that in Step 2 and Step 5 further comprises: Step 2: The computer program (6), includes a communication protocol with a secure source of time (24), and the computer program (6) includes the necessary logic so that at the time of preparing the signature autograph (13) it is proceed to capture the moment in time (25) in which the signatory user (11) is making the signature, this information is stored in a memory position of the computer program (6). Step 5: The computer program (6) has the necessary computer logic so that before the second signatory user (15) draws up his signature, he makes a query to the safe source of time to determine the interval of time between when he signed the signing user (11) and the current moment. The logic incorporates a security time range that determines that upon passing the security time, it is prevented from signing the second signatory user (15). one