ComsignTrust glossary

So you like to know all the bits and pieces regarding the e Signature industry? You see the digital world as your world and you would like to know more especially on digital signature? well this is the place for you! welcome to ComsignTrust glossary, where you can find exactly what every professional term means and how it all comes together in the digital signature world.ComsignTrust glossary

This page will be updated from time to time with more terms and expressions regarding the exciting world of E signature. of course if you have any questions or remarks you can send and contact us directly here. So let’s begin:


A branch in mathematics and computer science that deals with algorithms for data security on their various layers and consolidates them mathematical.


A way for hiding the meaning of a message by making it unreadable by mathematical functions that makes the message content seems as a sequence of signs referred to as Code. The code is not readable for those who do not hold the appropriate encryption key to restore it to its original state.

Encryption key

The encryption key is the mean to decipher the encryption code. Each encryption key is unique to a specific cipher code.

Hash Algorithm – HASH – SHA 256

Cryptographic hash function is a one-way function that converts any length of code or input into a fixed length of output string. Cryptographic hash function is designed so that any change in the input string or code will change significantly the output string.
The hash algorithm function produces a fingerprint string of the file, much smaller than its original size.


The SSL security encryption method is designed for securing web pages. Web pages can only be secure when the encryption between the web pages and the browser is encrypted and the identity of the company or the person presenting the pages is given and can be verified.

HSM – Hardware Security Module

A dedicated cryptographic component which is located on the network or connected directly to a dedicated server. The HSM is used as a basis for the PKI infrastructure especially in enterprises.

The HSM component is responsible for:

– Generate the organization private key securely.

– Protection of the private key

– Managing the life cycle of the encryption key in a secure environment.

Electronic Signature

Electronic signature or Digital signature is a way for data encryption using a private encryption key. The private key is used for signing and the public key is used to verify the signature.

There is an invective match between the private key and the public key, the authentication can be absolutely sure that it was signed only by the person who holds the corresponding private key.

Secure electronic signature

Electronic signature which meets the following criteria:

– The electronic signature is unique to the owner of the signature.

– It allows identification of the owner of the alleged signature

– Was produced using a signing device under the sole control of the owner of the signature

– It allows detecting any change made in the electronic message after the signature date and time.

Certified authority (CA)

– Identification : the CA verifies the identity  of the entity in various ways

– The CA shall ensure that the applicant will generate a pair of public and private keys and determine his password without any intervention of a foreign entity.

– The CA will issue a certificate accompanying the electronic document that confirms that the public key is of a particular person or entity.

– The CA will maintain hardware and software systems at a high level to the satisfaction of the Registrar ( it is not required from the body of the issuer itself )

– The CA acts as a third party transaction ID verifier and serves as a trustee for both sides

– The CA cannot keep private keys of the people identified by him.

– Certification Authority shall not issue an electronic certificate unless it has taken reasonable measures to identify the applicant, check the signature verification device and checked that the information in the application is correct and completed.

– The CA will manage electronic certificates issued by stock and by stock revoked.

– To perform his duties the ca will only use reliable hardware and software products and solutions that provide reasonable protection against intrusion, disruption or damage and gives a reasonable level of availability and reliability.

– The CA can revoke an electronic certificate according to the instructions written in the digital signature law.


Public Key Infrastructure, the infrastructure that allows intelligent management of public encryption, key distribution and authentication data for users.

PKI consists of software, communication protocol, information security policy and asymmetric encryption mechanisms that works together to allow multiple users and entities to communicate securely.

The difference between PKI and encryption is that encryption technology is actually specifying the algorithm and the key required to encrypt the information, while the PKI is a secure communications infrastructure that defines the required components. Encryption is only part of the infrastructure.

Written by Chen Furstenberg

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *