Table of Contents
Electronic signature and digital signature
When talking about electronic signature and digital signature, some terms come up time and again. Examples are PadES, CadES, and XadES. These are all types of signatures, and it can be confusing to know what the difference is between them.
What is the electronic signature? An electronic signature is a tool used to identify and authenticate electronic documents. We can say that it is the electronic form of a handwritten signature. In fact, it is used in situations, such as when contracts are signed or official forms filled out, to verify the identity of the person providing the signature.
An electronic signature works by digitally signing a document with a code that is unique to the signer and then verifying that code against an online database. This ensures that the document is valid and authentic.
Electronic signatures are becoming increasingly popular due to the convenience they provide and the fact that they can verify the identity of parties involved in digital transactions.
According to official documents from the European Union, “‘electronic signature’ means data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign”. This definition come from the art. 3.10 of eIDAS Regulation.
On the other hand, ‘digital signature’ refers to “a mathematical and cryptographic concept that is widely used to provide concrete and practical instances of electronic signatures”.
In other words, digital signatures are a specific type of electronic signature, so not all the electronic signatures are digital signatures.
PadES, CadES, and XadES
PadES, CadES, and XadES are formats of the most common e-signature formats within the EU. Let’s learn more about each of them.
PAdES stands for PDF Advanced Electronic Signature and is the simplest format. In fact, affixing a PAdES electronic signature to PDF generates a cryptographic envelope that is itself a PDF. In other words, the PAdES electronic signature is a PDF.
Its merits are several:
– no software or reader to open the PDF envelope,
– it allows to sign a document without invalidating other previous signatures,
– allows a visible graphic signature to be added to the document, in addition to the digital signature.
However, PAdES allows only .pdf files to be signed.
CAdES stands for CMS Advanced Electronic Signature, and CMS stands for “Cryptographic message syntax”.
After a CAdES signature is affixed, a cryptographic envelope containing the original file is generated. The extension of this new file is .p7m.
This e-signature can be affixed to any type of file: text files (.doc, .docx), spreadsheets (.xls, .xlsx), images (.jpg, .png, .gif), and PDFs. This very characteristic makes it a versatile and widely used signature.
However, CAdES does have flaws:
– users need a specific digital signature software to open the p7m envelope,
– in case of multiple signatures on the same document users have to recreate a p7m envelope for each affixation (creating the so-called matryoshka effect),
– it does not allow to add of a visible graphic signature on the document.
XAdES stands for XML Advanced Electronic Signature and XML means Extensible Markup Language.In fact, it is the standard for electronic signing of documents in XML format.
XAdES is both human-readable and computer-readable, and is used to sign electronic documents, such as images (.jpeg, .png), .mp3, binary data (.exe), PDFs, and even SEPA (Single Euro Payments Area) transactions.
With XAdES you can sign in two different ways:
– By creating an .xml file for the signature without modifying the original file, so signature and data to be signed are separate;
– By producing an .xml file that includes signature and data.
This digital signature format has its advantages:
– does not require the enveloping process,
– allows multiple signatures to be affixed, without invalidating previous ones and without creating the matryoshka effect.
Which digital signature you should use
It depends on the type of file you have to sign and the recipient.
If you need to sign a PDF document, PadES is the best option as it requires no software or reader to open. For this reason, this format is great for communications between individuals or between companies and individuals, since PDFs can be easily opened by anyone.
If you need to sign non-PDF files, CadES is the best option as it allows you to sign any type of file extension. It is suitable for communications between companies or professionals equipped with digital signature software. The same goes for the XAdES formats if you need to sign electronic documents in XML format.
Despite PadES being reliable, CadES and XAdES offer more flexibility with different types of documents and do not require the enveloping process. Therefore, PadES might be suitable for certain circumstances but is less versatile than both CadES and XAdES. It is also important to consider that PadES does not allow graphic signatures or multiple signatures on a document.
In any case, PadES, CadES and XAdES are all reliable digital signature formats.