The Hungarian Association for Electronic Signature (MELASZ), INTEGRITY Ltd. and the Institute for Computer Science and Control (SZTAKI), as well as the Council of Hungarian Internet Providers (ISZT) are launching the “Electronic Signature Day” event for establishing a new tradition. The idea came from the fact that Bill Clinton signed the U.S. Electronic Signature Act on June 30, 2000, so that day has been known as “ESIGN Day” in the United States.
The organizers goals are the following:
The presentations cover a historical overview of the electronic signature field as well as the legal and technological changes that have taken place in recent years. Current curiosities of electronic signatures are presented on this event every year, and an insight into the future solutions can also be gained.
One of the cornerstones of a trusted economy is the field of electronic authentication, electronic signing and sealing technologies. In these areas, we have numerous research and development, which ensure that electronic authentication procedures will be used continuously in everyday life in the future.
The first Electronic Signature Day conference was a success in 2021
Following the greetings, the morning program gave the interested participants a glimpse into the future, where the speakers asked questions about the opportunities we will have after the proliferation of quantum computers, what we need to do for using intelligent vehicles safely, what should we do if we want to increase the security of electronic mails, and how to credibly prove that a particular role belongs to a particular person.
The afternoon program presented the regulatory environment from a historical and technological perspectives, i.e. the regulatory demands arising from the introduction of electronic signatures in Europe in 1999, European and global obligations and issues for trust service providers, and the legal and technological implications of advanced electronic signatures based on biometry.
The legal outlook was closed by a presentation on the intertwining and future indispensability of technology and the legal career. In the education section, we were able to get an idea of what was happening in the ECDL electronic authentication module, and to make sure that it was possible to transfer technological knowledge at the national level that could bring about serious social change. During the conference, participants were able to get answer of a number of questions, and there was an opportunity to make and develop professional relationships.
The last section of the conference was the quiz section with 29 questions, the top three of those who gave the correct answers became richer with valuable gifts. Regarding the attendance data, after the registration of almost 100 people, most of them were logged in during the morning (66 people), but 50 people were on average curious about the presentations in the afternoon also.
The organizers are confident that the participants have been enriched with a number of useful information, and we will be able to successfully organize - now with a personal presence - the second conference in 2022.
|9:10||9:20||Pál, Ormos||SZTAKI / HunCERT|
|9:30||10:00||Imre, dr. Dósa||Budapest Bank||In the presentation we discuss the challenges that a banking environment faces if it wants to implement the general acceptance of qualified electronic signatures with legal compliance in practice.|
|10:05||10:35||Áron, Szabó||MELASZ, eGroup||The presentation focuses on the effects of quantum computers and other quantum-based devices on cryptography and discusses some related efforts. We also summarize recent major events. Highlighting two examples, we describe where “quantum-safe” algorithm selection process is currently taking place in NIST, moreover where and how quantum-based chips have appeared in our everyday devices.|
|10:40||11:00||Attila, Rozgonyi||MELASZ||Although nearly fifty years have passed since the first publication of the study describing the RSA operational procedure, this algorithm is still the most commonly used in public key cryptographic implementations nowadays. This is partly due to the fact that the procedure is still considered safe, but this will not necessarily be the case forever due to the continuous increase in computing capacity and the emergence of new approaches - the aim of the presentation is to present this issue. The presentation elaborates on the current regulation of the algorithm, the expected future trends, and reflects on a new study published by the University of Frankfurt about the practical application method of which makes RSA allegedly breakable.|
|11:05||11:25||Roland, Kraudy||MELASZ, Microsec||More and more of our devices (e.g. telephone, refrigerator, bicycle computer) communicate with each other and with the devices of others. Why would our car be an exception? What to look for in an intelligent car that cooperates with its environment, which is not a problem with a smart refrigerator? What makes this communication secure and how we can trust the messages we received without compromising our privacy. In my presentation, I also try to answer these questions.|
|11:30||11:50||József, Kadlecsik||Wigner Research Centre for Physics||The digital signature technology has been used for a long time in the world of electronic mail. A good example of this is DKIM. DKIM allows the receiving party to be able to verify that the email actually received from the alleged domain, it was actually sent by the owner of that domain. In the lecture we describe the basics of this technology.|
|11:55||12:15||Dániel, Marczisovszky||Integrity||The presentation shows how to make TLS communication (web, email, etc.) even more secure with the Domain Name System (DNS) and relying on its security add-on, called DNSSEC, and how to publish public keys in DNS. In addition, we outline that there may be an alternative universe in which it is not necessary to use central CAs, and we also talk about how traditional CA-based and DNS-based - so-called DANE-based - technology can work in paralel.|
|12:20||12:40||Tibor, Dravecz||Integrity||In addition to the X.509 standards-based world of digital signatures, the PGP world is an alternative universe that can provide secure and efficient key sharing method without using central CAs, and is now truly possible through the Domain Name System (DNS).
The presentation shows that using popular mail client software with PGP, we can very easily authenticate previously unknown senders, send digitally signed emails to others when the recipients can easily verify the authenticity of our signatures.
It should be mentioned that with PGP we cannot create qualified signatures, i.e. one that results in a document with full probative force. From this, even PGP can be widely used as well, let’s face it, most of the documents we handle aren’t even fully probative, although their authenticity is still an important issue nonetheless.
|12:45||13:05||Attila, Rozgonyi||MELASZ, Microsec||The aim of the presentation is to present a subset of the certificates defined by the X.509 standard, which is rarely used in Hungary for the time being, but has many potential areas of use. During the presentation, the audience can learn about the general characteristics, structure and scope of attribute certificates. The presentation will also cover international standards and specifications for attribute certificates and the steps required to comply with them.|
|14:00||14:20||Balázs, dr. Rátai||MELASZ||The impact of the regulation of electronic signatures, which began in the EU Directive 93/1999, is extremely significant and complex. The presentation reviews the reasons leading to the creation of this regulation with the direct and indirect impacts of the emergence of it.|
|14:25||14:45||Sándor, dr. Szőke||MELASZ||Many international professional organizations deal with the development of technical standards and regulations in the field of PKI in parallel, not always in full harmony. The conditions for issuing PKI-based certificates for electronic signatures are regulated by EU-level and nationally issued standards. The trust service providers issuing those certificates must comply with a number of mandatory standards, but in order to improve the usability of the services, it is also advisable to take on additional requirements on a voluntary basis. Each set of requirements varies according to different principles and interests, which sometimes results in conflicts, which can put trust providers and users in a difficult position.
In my presentation, I would like to briefly present this ever-changing circle of regulation, including some recent concrete examples.
Finally, I propose a possible way to reduce or eliminate the dependency arising from the situation described.
|14:50||15:10||Sándor P., dr. Bartók||MELASZ||In this presentation, we discuss the legal and technical requirements for advanced electronic signatures, highlight the technology independence of the eIDAS Regulation and additional opportunities that arise from it. In doing so, we present the most important questions related to biometric electronic signatures and the answers that can be given to them.|
|15:15||15:35||Kinga, dr. Madocsai
Orsolya, dr. Szabó
|MELASZ, SimpLegal digital law firm
InvestCEE, LegalTech Consultancy
|The presentation shows in a practical approach, how and by what technologies enables the renewal of legal services and service providers which is currently taking place before our eyes. The presentation covers the change of approach to the renewal of legal services and what changes are expected in the future.|
|15:40||16:00||Szilvia, Rákosi||NJSZT ECDL Office||In the lecture, we revive the circumstances of the creation of the ECDL Electronic Signature module and present the results achieved since then. We also discuss future ideas of the NJSZT in connection with this module.|
|16:05||16:25||Sándorné, dr. Bánhidi||ISZE||The presentation shows the experience of a practical and ongoing training and also discusses its possible future implications. We will also look at the opportunities arising from the changes of the National Core Curriculum in 2020 and try to answer the question of whether we have all the necessary tools to enable everyone, beyond the digital natives, to participate actively and successfully in the digital world at the societal level.|
Hungarian Association for Electronic Signature (HAES/MELASZ)
Council of Hungarian Internet Providers (CHIP/ISZT)