Electronic signature, what is it? - Level Extreme

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

Electronic signature, what is it?

Message

From

24/12/2002 13:46:36

Alex Wieder
Tasmanian Traders
Hoboken, New Jersey, United States

To

22/12/2002 21:38:40

Chen Nan
AFRIMS
Bangkok, Thailand

General information

Forum:

Visual FoxPro

Category:

Other

Title:

Re: Electronic signature, what is it?

Miscellaneous

Thread ID:

00735316

Message ID:

00735668

Views:

8

>Hi All,
>
>We will be carrying out the largest HIV vaccine clinical trial (a US Department of Defense project). US Food and Drug Administration has very strong requirements concerning electronic signature if we want our electronic records to be accepted by FDA. I am doing system requirements analysis at this moment and have very little knowledge on electronic signature. I would really appreciate explanations on what an electronic signature is, how can it be implemented in a database (especially in an VFP + MS SQL Server based application) and where can I find more information. Thank you!
>
>Chen

Hi Chen,

An electronic signature is an authentication method to prove that a document does indeed come from a specific source.

If I remember correctly, the technology used to generate digital signatures is the PGP algorithm (Pretty Good Privacy), in which you have a public key, which is a "password" that you publish for other to encrypt their messages with and send to you, and there is a PRIVATE key, which is what you use to decrypt those messages.

Now that you understand the difference between private and public keys, let's move on.

Again, this is from memory...

A hash function is a mathematical function that will create a unique string or number based on a text message. It doesn't encrypt anything per se, but as it is designed, a small changed in the original document will result in a big difference in the hash value. Look at it as a checksum on steroids.

After you're done creating the document to be signed, you create a hash of it, and encrypt this hash with your PRIVATE key. This is the digital signature.

Then, when the recipients gets the document along with the signature, they can verify that the signature matches the document. For this they use a special verification function, into which they input the hash of the original document (which they can generate just like you did before), and applying your public key to this hash they can verify whether the signature that you sent them was indeed generated by you (using your private key) and the document that they received.

In essence, it has nothing to do with someone's personal signature, but rather with cryptography.

Hope this helps!

Alex

Low-carb diet not working? Try the Low-food diet instead!

Click here to load this message in the networking platform