-
Faculty of Arts and HumanitiesDean's Office, Faculty of Arts and HumanitiesJakobi 2, r 116-121 51005 Tartu linn, Tartu linn, Tartumaa EST0Institute of History and ArchaeologyJakobi 2 51005 Tartu linn, Tartu linn, Tartumaa EST0Institute of Estonian and General LinguisticsJakobi 2, IV korrus 51005 Tartu linn, Tartu linn, Tartumaa EST0Institute of Philosophy and SemioticsJakobi 2, III korrus, ruumid 302-337 51005 Tartu linn, Tartu linn, Tartumaa EST0Institute of Cultural ResearchÜlikooli 16 51003 Tartu linn, Tartu linn, Tartumaa EST0Institute of Foreign Languages and CulturesLossi 3 51003 Tartu linn, Tartu linn, Tartumaa EST0School of Theology and Religious StudiesÜlikooli 18 50090 Tartu linn, Tartu linn, Tartumaa EST0Viljandi Culture AcademyPosti 1 71004 Viljandi linn, Viljandimaa EST0Professors emeritus, Faculty of Arts and Humanities0Associate Professors emeritus, Faculty of Arts and Humanities0Faculty of Social SciencesDean's Office, Faculty of Social SciencesLossi 36 51003 Tartu linn, Tartu linn, Tartumaa EST0Institute of EducationJakobi 5 51005 Tartu linn, Tartu linn, Tartumaa EST0Johan Skytte Institute of Political StudiesLossi 36, ruum 301 51003 Tartu linn, Tartu linn, Tartumaa EST0School of Economics and Business AdministrationNarva mnt 18 51009 Tartu linn, Tartu linn, Tartumaa EST0Institute of PsychologyNäituse 2 50409 Tartu linn, Tartu linn, Tartumaa EST0School of LawNäituse 20 - 324 50409 Tartu linn, Tartu linn, Tartumaa EST0Institute of Social StudiesLossi 36 51003 Tartu linn, Tartu linn, Tartumaa EST0Narva CollegeRaekoja plats 2 20307 Narva linn, Ida-Virumaa EST0Pärnu CollegeRingi 35 80012 Pärnu linn, Pärnu linn, Pärnumaa EST0Professors emeritus, Faculty of Social Sciences0associate Professors emeritus, Faculty of Social Sciences0Faculty of MedicineDean's Office, Faculty of MedicineRavila 19 50411 Tartu linn, Tartu linn, Tartumaa ESTInstitute of Biomedicine and Translational MedicineBiomeedikum, Ravila 19 50411 Tartu linn, Tartu linn, Tartumaa ESTInstitute of PharmacyNooruse 1 50411 Tartu linn, Tartu linn, Tartumaa ESTInstitute of DentistryL. Puusepa 1a 50406 Tartu linn, Tartu linn, Tartumaa ESTInstitute of Clinical MedicineL. Puusepa 8 50406 Tartu linn, Tartu linn, Tartumaa ESTInstitute of Family Medicine and Public HealthRavila 19 50411 Tartu linn, Tartu linn, Tartumaa ESTInstitute of Sport Sciences and PhysiotherapyUjula 4 51008 Tartu linn, Tartu linn, Tartumaa ESTprofessors emeritus, Faculty of Medicine0associate Professors emeritus, Faculty of Medicine0Faculty of Science and TechnologyDean's Office, Faculty of Science and TechnologyVanemuise 46 - 208 51003 Tartu linn, Tartu linn, Tartumaa ESTInstitute of Computer ScienceNarva mnt 18 51009 Tartu linn, Tartu linn, Tartumaa ESTInstitute of GenomicsRiia 23b/2 51010 Tartu linn, Tartu linn, Tartumaa ESTEstonian Marine Institute0Institute of PhysicsInstitute of ChemistryRavila 14a 50411 Tartu linn, Tartu linn, Tartumaa ESTInstitute of Mathematics and StatisticsNarva mnt 18 51009 Tartu linn, Tartu linn, Tartumaa EST0Institute of Molecular and Cell BiologyRiia 23, 23b - 134 51010 Tartu linn, Tartu linn, Tartumaa ESTTartu ObservatoryObservatooriumi 1 61602 Tõravere alevik, Nõo vald, Tartumaa EST0Institute of TechnologyNooruse 1 50411 Tartu linn, Tartu linn, Tartumaa ESTInstitute of Ecology and Earth SciencesJ. Liivi tn 2 50409 Tartu linn, Tartu linn, Tartumaa ESTprofessors emeritus, Faculty of Science and Technology0associate Professors emeritus, Faculty of Science and Technology0Area of Academic SecretaryHuman Resources OfficeUppsala 6, Lossi 36 51003 Tartu linn, Tartu linn, Tartumaa EST0Area of Head of FinanceFinance Office0Area of Director of AdministrationInformation Technology Office0Administrative OfficeÜlikooli 17 (III korrus) 51005 Tartu linn, Tartu linn, Tartumaa EST0Estates Office0Marketing and Communication OfficeÜlikooli 18, ruumid 102, 104, 209, 210 50090 Tartu linn, Tartu linn, Tartumaa EST0Area of RectorRector's Strategy OfficeInternal Audit OfficeArea of Vice Rector for Academic AffairsOffice of Academic AffairsUniversity of Tartu Youth AcademyUppsala 10 51003 Tartu linn, Tartu linn, Tartumaa ESTStudent Union OfficeÜlikooli 18b 51005 Tartu linn, Tartu linn, Tartumaa EST0Centre for Learning and TeachingArea of Vice Rector for ResearchUniversity of Tartu LibraryW. Struve 1 50091 Tartu linn, Tartu linn, Tartumaa ESTGrant OfficeArea of Vice Rector for DevelopmentCentre for Entrepreneurship and InnovationNarva mnt 18 51009 Tartu linn, Tartu linn, Tartumaa EST0University of Tartu Natural History Museum and Botanical GardenVanemuise 46 51003 Tartu linn, Tartu linn, Tartumaa EST0International Cooperation and Protocol Office0University of Tartu MuseumLossi 25 51003 Tartu linn, Tartu linn, Tartumaa EST0
University of Tartu scientists found a weakness in digital signing and offered their solutions
Scientists of the University of Tartu, visiting lecturer of IT Law at the Faculty of Law Tõnu Mets and Head of the Working Group on Information Security of the Institute of Computer Science Arnis Paršovs found a problem related to giving, validating and the effectiveness of digital signatures.
They found out that third parties can update the time stamp of the digital signature, i.e. the exact time and date the validity of the certificate is verified. Thus, a document may have actually been signed considerably earlier than it officially appears. This creates a legal problem because it is not possible to determine whether the certificates of the person who signed the document were valid at the moment of signing.
Since the trustworthiness of digital signatures is critical for the digital society, it’s important to raise this issue and approach it in depth. Finding a quick solution to the time stamp error is necessary to strengthen the fundamentals of our digital society and ensure that the firm trust in the digital signature will not disappear.
Therefore, Tõnu Mets and Arnis Paršovs informed the Information System Authority and the Ministry of Economic Affairs and Communications of the problem. The scientists submitted proposals to the state for solving the problem of the time stamp and validity of the digital signature.
For example, Tõnu Mets and Arnis Paršovs find that it would be reasonable to waive the requirement of identification of the time of signing and change the lifetime of the certificates in a manner where the certificate is issued to the owner after the issue of the ID card and the certificate is valid until its expiry or cancellation. The situation where an invalid certificate becomes valid again must be ruled out, i.e. the possibility to suspend the validity of a certificate should also be abolished. First of all, it is necessary to update the DigiDoc software, which should currently be showing the time of signing on the time stamp but actually shows the time when the validity of the certificate was verified.
Mets and Paršovs described the results of their research in the article “Time of signing in the Estonian digital signature scheme”, which was published in the international peer reviewed science journal Digital Evidence and Electronic Signature Law Review.
Head of the Institute of Computer Science Jaak Vilo said that one of the most important roles of the University of Tartu as a research institution is to support the good progress of the Estonian society with its research. “This covers the task of finding complicated social problems and offering solutions for perfecting the legal area and the existing technologies,” explained Vilo. “Discovering and discussing the problem related to the digital signature is a good example of the cooperation of jurists, computer scientists and the state.”
For further information, please contact:
Jaak Vilo, Head of UT Institute of Computer Science, 737 5483, jaak.vilo@ut.ee
Tõnu Mets, visiting lecturer of IT Law of the Faculty of Law at UT and lawyer, tonu.mets@ut.ee
Arnis Paršovs, Head of the Working Group on Information Security of the Institute of Computer Science, arnis.parsovs@ut.ee