Electronic Digital Signature algorithms (EDS) make it possible (i) to sign documents using a digital signature using user-defined private keys and (ii) to check authenticity of electronic digital signatures using public keys. The association between a particular public key and a particular user is verified using a digital signature of a trusted key distribution centre in the form of a digital certificate. A pair of unique keys is generated for each user—a private key and a public key of the electronic digital signature. Typically, a user is supposed to keep the private key n confidence and can use it for signing e-documents.
The disadvantages of the electronic digital signature are the requirement of use some media to reliably store the private key (as it is almost impossible to remember an individual private key due to its large size) as well as safekeeping of the media itself and the need to remember the password for the private key. Another problem is the lack of compatibility between different EDS algorithms, software and hardware, which is a significant constraint for a broader application of digital signatures. Another serious problem is a psychological bather for transition to paper-free document management technologies based on EDS.
There is a known method disclosed in a patent application entitled “Method of signing of documents with electronic AD signature and device for implementation of this method”, bearing a Russian patent No. 3398334. The disclosed method allows for signing documents with AD signature without preliminary generation of personal user-defined electronic signatures. The identity of the user who signed an electronic document is verified based on the user-specific biometric data which is an integral part of the particular electronic document being signed and which cannot be used for any other electronic document of the same format.
The disadvantage of this method is low reliability. For example, if an electronic document is delivered to EDS device from a computing apparatus with pre-installed malicious software (generally known as hacker software), the malicious software can be configured to cause one document to be displayed to the user for signature and a different document actually to be signed. Thus, there remains a possibility, that the user can inadvertently sign an electronic document other than the one which is displayed on the screen and which the user believes she or he is actually signing. For this very reason, this prior art method contemplates, rather than inputting the documents for signing from a computer, but rather from auxiliary devices, such as a bar-coder, a scanning device or a digital camera, which is not a user-friendly practice because it requires the electronic document to be printed prior to EDS.