Digital Signature and Blockchain
Blockchain technology offers a range of advantages over the internet, including capabilities related to ownership, authentication, security, and decentralization, among others. This environment provides an ideal platform for the evolution of Digital Signature solutions.
With the Trust-Transfer Digital Signature Solution, you can elevate the concept of Digital Signatures to new heights. This solution empowers various participants to engage with your documents, while ensuring you maintain control and visibility. Moreover, the solution fully complies with the security standards required by each country.
All requirements concerning authenticity, biometrics, geolocation, encryption, visibility control, availability, and more are encompassed within a single solution. This solution not only meets all your requirements but also facilitates interactions with other companies, even across different countries, thanks to the inherent nature of blockchain technology.
Before disseminating your public key to any recipients, it's submitted to a Certificate Authority. This entity validates your information and then signs your public key using its private key. Consequently, when anyone examines the certificate, they can ascertain that it was endorsed by someone they trust as a recognized Certificate Authority. Numerous entities operate across the globe, and governmental bodies often offer their own certification validations services.
Once you have your public key signed by a Certificate Authority (x.509 Certificate), you're ready to sign documents with your private key. When anyone validates the signature, they will find that the CA is certifying that the key belongs to you.
This process is widely used around the world, but it predates the creation of blockchain technology. Now, a superior solution is available.
Blockchain not only validates the signature and timestamps any action but also employs high-security standards. Moreover, it enables interoperability that is unparalleled by any other technology. When you use the trust-transfer Digital Signature Solution, your public and private keys become your wallet and blockchain private key. This allows you to enter the blockchain ecosystem, which, along with Smart Contracts and Trust-Transfer DSS, opens up a new world of functionalities and possibilities that were unimaginable until today
How it works today?
When the need arises to use a Digital Signature, a key pair comprising a private and public key is employed, often using the RSA (Rivest-Shamir-Adleman) algorithm. The public key functions to encrypt data that only the corresponding private key can decrypt. Conversely, the private key serves to sign data, making it possible for any public key to verify the authenticity.
Although you generate a key pair using your computer— a process that is relatively straightforward— the accessibility of this process raises a question: how can a third party (that doesn't know you) trust that the received public key indeed belongs to you? This is where a Certificate Authority enters the picture.
Key pair algorithm
A key pair algorithm is like a special lock and key system used online. It creates two keys: one to lock information securely (private key) and another to unlock it (public key). When you want to share something privately or prove it's really from you, you use these keys to make sure only the right people can read or trust the information.. Common options include RSA, DSA (Digital Signature Algorithm), and ECDSA (Elliptic Curve Digital Signature Algorithm).
x.509 Certificate
An X.509 certificate is like a digital ID card for your online actions. It confirms who you are and helps keep your online conversations safe. You send your public key (generated with any Key pair algorithm) along with your information to the Certificate Authority (CA), and they take that and uses it to create an X.509 certificate. This certificate includes your public key, the metadata you provided, and a digital signature from the CA's private key.
How trust-transfer works
In this scenario trust-transfer is handling the Payslips Employee's signing process.
Once the Payroll is executed and the Payslips generated, trust-transfer encrypts the payslip and generate an entry in the Employee Blockchain records. The Employee receives the document and can sign it just pressing a button. The document signed returns to the Employer signed for controlling. All these steps were stored, timestamped and certified by the Blockchain.
The Employee, before signing any document must generate a Pair Private/Public key and request a x.509 certificate to any Certificate Authority (CA), but trust-transfer helps and guides through the process. Once it's ready, trust-transfer creates an Smart Contract for the employee (that'll be the communication channel between the Employee and the Employer), and the Keys are stored encrypted for further use.
This signing process once stablished can be used for any document, signing or even workflow, because each document is tokenized so the signer can identify, approve or reject one by one. Also, as the document is signed, encrypted and stored in the Blockchain, it can be shared with any other Third Party around the globe if needed.