5.Cryptography and electronic signatures are important for electronic transactions.
Cryptography is the science of codes and ciphers. Cryptography has long been applied by banks and government and is an essential tool for electronic commerce. Cryptography can be used as the basis of an electronic signature.
Encryption is the process of turning normal text into a series of letters and/or numbers which can only be deciphered by someone who has the correct password or key. Encryption is used to prevent others reading confidential, private or commercial data (for example an e-mail sent over the internet or a file stored on floppy disk).
An electronic signature is something associated with an electronic document that performs similar functions to a manual signature. It can be used to give the recipient confirmation that the communication comes from whom it purports to come from (“authenticity”). Another important use of electronic signatures is establishing that the communication has not been tampered with (“integrity”).
Public key cryptography is a form of cryptography that uses two distinct, but related, keys (known as a key pair): one key for “locking” a document, and a separate key for “unlocking” it. These keys are both large numbers with special mathematical properties.
Public key cryptography can be used to provide an electronic signature: the private key (which is only known to its owner) is used as the “lock” to transform the data, by scrambling the information contained in it. The transformed data is the electronic signature, which can be verified by “unlocking” it with the public key of the person who signed it. Anyone with access to the public key can check the signature, so verifying that it was signed by someone with access to the private key and also verifying that the content of the document had not been changed.
Public key cryptography can also be used to keep a communication secret: in this case the keys are used the other way round. The person sending the message would use the public key of the intended recipient to “lock” the message. Now only the corresponding private key can be used to “unlock” the message. This is what the intended recipient would use to read it. A third party would not be able to read the message without access to the intended recipient’s private key.
The data on this page is available in the alternative data formats listed:
All content is available under the Open Government Licence v3.0 except where otherwise stated. This site additionally contains content derived from EUR-Lex, reused under the terms of the Commission Decision 2011/833/EU on the reuse of documents from the EU institutions. For more information see the EUR-Lex public statement on re-use.
