Magyar Elektronikus Aláírás Napja

The Hungarian Association for Electronic Signature (MELASZ), INTEGRITY Ltd. and the Institute for Computer Science and Control (SZTAKI), as well as the Council of Hungarian Internet Providers (ISZT) are launching the “Electronic Signature Day” event for establishing a new tradition. The idea came from the fact that Bill Clinton signed the U.S. Electronic Signature Act on June 30, 2000, so that day has been known as “ESIGN Day” in the United States.
The organizers goals are the following:

to promote electronic signatures as widely as possible in Hungary also,
to be available current, professional knowledge of electronic signatures and seals in a user-friendly manner, and
to create a forum where important information can be disseminated for all interested parties from firsthand.

The presentations cover a historical overview of the electronic signature field as well as the legal and technological changes that have taken place in recent years. Current curiosities of electronic signatures are presented on this event every year, and an insight into the future solutions can also be gained.

One of the cornerstones of a trusted economy is the field of electronic authentication, electronic signing and sealing technologies. In these areas, we have numerous research and development, which ensure that electronic authentication procedures will be used continuously in everyday life in the future.

Start	End	Person	Organization
9:00	9:10	Ferenc, dr. Kósa	Hungarian Association for Electronic Signature
9:10	9:20	Pál, Ormos	Institute for Computer Science and Control
9:20	9:30	Tibor, Dravecz	Council of Hungarian Internet Providers

Start	End	Presenter	Organization	Topic	Summary
9:30	10:00	Barna, Gaál	Ministry of Interior Department of E-Government	e-Administraton: Future in Present	The presentation highlights the e-government developments in the field of e-administration that have recently been completed by the Ministry of the Interior and can be used in day-to-day practice. Moreover the participants get a short overview of the ongoing developments also.
10:00	10:30	Balázs, dr. Bencsik	Supervisory Authority for Regulated Activities Cybersecurity Supervision	National Cyber Security Certification and the Hungarian PQC Regulation	The presentation covers the recent changes in the national cyber security certification and describes the background of the Hungarian Post Quantum Crypto regulation.
10:30	11:00	Imre, dr. Dósa	MKB Bank	Another Contracting Method - Handling Mixed Signatures	In Hungary, the authorities and economic organizations are obliged to use electronic procedures. Private individuals also have the option of using a qualified electronic signature, either with an e-ID card or with a service provider signature. The spread of this is awaiting. Therefore, it is an exciting legal challenge to create mixed (paper and electronic) documents so that their probative value remains adequate.
11:00	11:15		Coffee break
11:15	11:35	Péter, dr. Gerhard	Budapest City Archives	Problems of Authentic Long-Term Preservation of Electronic Records in Archives	The aim of the electronic archival system developed in the Hungarian National Archives and the Archives of the Capital City of Budapest is managing of electronic records, providing online services for researchers, publishing the digitalized papers online and preserving e-born records for a long time. The archiving of electronic records and the long-term preservation of their integrity and availability, even after this framework has been established, face a number of difficulties. The presentation covers the usability of digital archival files for the general public and tries to present the difficulties faced by archives in preserving electronic records in a problem-oriented way.
11:35	11:55	Nóra, dr. Sylvester	National Media and Infocommunications Authority Supervisory Department of Electronic Services	The Role of the Supervisory Authority in Ensuring the Reliability of Trust Service Providers and Trust Services	The presentation introduces the supervisory authority infrastructure set up for the control of trust services and also covers its operational features. Based on the legal background, possible sanctions are also presented.
11:55	12:15	Attila, Rozgonyi	Microsec	RSApocalypse? How long can we use the usual algorithms?	During the presentation, the audience will learn about the cryptographic solutions (RSA, ECC) widely used today and the deadlines set by the relevant standards in the European Union. We will also discuss the security and future of each algorithm and what these deadlines mean in practice for the end users of the respective solutions.
12:15	12:35	Gábor, Hirsch Attila, Paksi	Thales	Market trends through the manufacturer's glasses	Thales is one of the world's leading manufacturers in the Identity and Access Management and Privacy markets. New features required by the market are constantly incorporating into its diversified product portfolio. In our presentation, we give an overview of the most anticipated or already developed new features in our products, and trends in the market.
12:35	12:55	Kinga, dr. Madocsai Orsolya, dr. Szabó	SimpLEGAL Madocsai Law Firm InvestCEE LegalTech Consultancy	LegalTech - Where Are We in the Field of Digital Contracting?	Closely related to eSignatures, contract management and eArchiving provide significant added value in terms of more transparent and more effective administration of business processes. The presentation highlights the challenges we can face in doing business in digital contracting and the practical solutions that have been developed in recent years.
12:55	13:45		Lunchbreak

Start	End	Presenter	Organization	Topic	Summary
13:45	14:05	Áron, Szabó	Hungarian Association for Electronic Signature	Post-Quantum Cryptography - or What Can we Expect After the NIST PQC Decision?	After the US Standardization Organization (NIST) completes its 6-year quantum-safe algorithm selection (PQC) process, it can begin planning for updates to systems that use cryptography. But what is the expected turnaround time for this big shift? What are the steps to do this? If there is support for large cryptographic libraries, atomic operations, what are the issues at the protocol level? Why is pqcrypto a headache for the latest version of SSL / TLS, TLS v1.3? What are the application-specific areas where the use of pqcrypto needs to be further considered (e.g. small and fast solutions for IoT devices, solutions supporting homomorphic encryption for e-voting or systems performing statistical calculation on sensitive (e.g. health) data)? We are looking for answers to these questions in the lecture based on our current knowledge.
14:05	14:25	Viktor, Varga	Microsec	eIDAS 2.0 and Attributes	The lecture covers two topics. In the first half, the changes in eIDAS2 and the problematic issues of the new draft will be presented. The second half presents the status of the standardization of the attribute provision (currently in progress), based on the latest status, covering the issues of EUID Wallet (ETSI TS 119 462), attribute providers (ETSI TS 119 471) and attribute formats (ETSI TS 119 472).
14:25	14:45	Tamás, Paulik	Microsec	The Role of Electronic Identity Cards in the Provision of Modern Trust Services	One of the biggest challenges for trust service providers is the identification of end users, which is typically allowed today for solutions that require the presence of trust service staff and do not allow for a high degree of automation with adequate security. The use of ID cards and eID technologies in general opens the door to automated identification and automated, scalable certification. The presentation presents the practical implementation of e-ID based identification and certificate issuance through a case study.
14:45	15:05	Sándor, Dr. Szőke	Hungarian Association for Electronic Signature	Qualified Website Authentication Certificates: What Does (Could Do) eIDAS 2.0 Bring?	With the entry into force of the eIDAS Regulation, the EU set requirements for website authentication certificates, extending its activities to an area that was not previously subject to external requirements. The mainly technical standards and specifications were developed by market participants and independent PKI experts in the field. The new requirements did not win the favor of all stakeholders, and years of negotiations have not yielded satisfactory results, so the most critical EU requirements have been set out as requirements in the draft eIDAS 2.0 Regulation. The presentation briefly describes the positions on the most controversial points and the expected consequences.
15:05	15:15		Coffee break
15:15	15:35	Tibor, Dravecz	Integrity	Misuse of digital signatures and digitally signed documents - how can we protect against it?	Digital signatures or a digitally signed documents, as well as documents with a traditional signature, can be misused. Some of the ways in which traditional paper-based documents are known to be used in an analogous way are possible, and some of us also face new challenges, although digital signatures typically allow for better and more secure use. In addition to the possibility of obtaining a private key by an unauthorized person, authenticity, integrity, non-repudiation and other requirements can be ensured, it is not necessary for complete security to depend on a single factor, on the private key. Other levels of protection can be integrated into the communication or systems, such as the X.509 PKI system with DNSSEC DANE or blockchain-based security solutions. However, even without obtaining a private key, it can be abused in many ways, such as misleading the signer or the reader of a signed document by seemingly signing or reading something other than what was actually signed. Technically, there is a known solution for almost everything - although it may not be widespread, not used or not yet standardized enough - but a lot of abuses can take advantage of the lack of knowledge, carelessness and negligence.
15:35	15:55	Nándor, Kürtössy	ICDL Office of John von Neumann Computer Society	ICDL and the New Version of DigComp	The European Union released the version 2.2 of the DigComp framework (The Digital Competence Framework for Citizens) on 17 March 2022, which already includes the eIDAS Regulation and requires to be familiar with the related knowledge. In this presentation, we will show how the Hungarian ICDL Office ensures the compliance with this new DigComp version by renewing the ICDL electronic authentication, electronic signature module.
15:55	16:15	Sándorné, dr. Bánhidi	Hungarian Association of Teachers for Informatics	Electronic Signature in Small Business Enterprises and Pupils in Secondary Schools	The societal diffusion of a knowledge-intensive technology depends highly on the education associated with it. In the presentation, we show the role of ISZE in disseminating knowledge related to electronic signatures, covering the experiences of the courses implemented so far among micro and small entrepreneurs, as well as the possibilities of secondary school students' involvement.
16:15	16:30	Péter Máté, dr. Erdősi	Hungarian Association for Electronic Signature	Estonian signature solutions and accessibility	The presentation shows Estonian electronic signature examples using more than 99% of the Estonian population to create electronic signatures on a daily basis. Estonia is one of European Member States. This, of course, also means that these services are accessible for the entire population. It means that accessibility has to be paid attention to by a government that wish to target the entire population with digital services.
16:30	17:00	Zoltán, Bencze	MELASZ-SZTAKI-Integrity	Quiz Game Announcement of Results

Start

End

Presenter

Organization

Topic

Summary

13:45

14:05

Áron, Szabó

Hungarian Association for Electronic Signature

Post-Quantum Cryptography - or What Can we Expect After the NIST PQC Decision?

After the US Standardization Organization (NIST) completes its 6-year quantum-safe algorithm selection (PQC) process, it can begin planning for updates to systems that use cryptography. But what is the expected turnaround time for this big shift? What are the steps to do this? If there is support for large cryptographic libraries, atomic operations, what are the issues at the protocol level? Why is pqcrypto a headache for the latest version of SSL / TLS, TLS v1.3? What are the application-specific areas where the use of pqcrypto needs to be further considered (e.g. small and fast solutions for IoT devices, solutions supporting homomorphic encryption for e-voting or systems performing statistical calculation on sensitive (e.g. health) data)? We are looking for answers to these questions in the lecture based on our current knowledge.