PAdES - PDF Advanced Electronic Signature

What is PAdES? What does it have to do with PDF? What can PAdES do? For all these questions, there are detailed answers on the web. This article is meant to give a brief overview as a small guide in the jungle of terms.

The concept of digital signatures was introduced in PDF 1.3 and refined in later versions. The PDF Advanced Electronic Signature (PAdES) standard was published by ETSI (European Telecommunication Standards Institute) and is referred to in ISO-32'000-2. It is based on the digital signature concept of PDF and describes a set of profiles making these signatures compliant to the European eIDAS regulations, which are legally binding in all EU member states since July 2014.

Here is a brief overview of eIDAS and PAdES.
  • PAdES ETSI TS 102 778: "Old" Technical Standard (TS) for PDF signatures. Also called "Legacy PAdES".
  • CAdES ETSI EN 319 122-1: Standard for CAdES signatures, which are essentially CMS (PKCS #7) signatures with a few extensions.
  • PAdES ETSI EN 319 142-1: Part 1 is the new European standard (EN) for PDF signatures. It's based on CAdES, but very limited, so that the standards do not have much in common. Defines the baseline signature levels B-B, B-T, B-LT and B-LTA (see below).
  • PAdES ETSI EN 319 142-2: Part 2 defines additional signature profiles, especially PAdES-CMS, which also includes Legacy PAdES and other formats from ISO 32000-1.
  • ETSI TR 119 100: Describes how to use the signature standards (for CAdES, XAdES and PAdES). Also, how the validity of old signatures can be extended.
The baseline signature levels:
  • B-B: Defines a level for short-term electronic signatures. Must include an electronic signature and the signing certificate.
  • B-T: Like B-B, but includes a time-stamp, respectively a time-mark that proves that the signature existed at a certain date and time.
  • B-LT: Like B-T, but adds VRI data to the DSS, like OCSP responses or CRLs and all certificates of the trust chain, from the user certificate to the Root CA certificate. This level allows that a document signature can be validated, even after a long period of time, when the signing environment (e.g. signing CA) is not available anymore. The B-LT level is recommended for Advanced Electronic Signatures.
  • B-LTA: Like B- LT, but includes a document time stamp and VRI data for the TSA to the DSS. A B-LTA level may help to validate the signature beyond any event that may limit its validity This level is recommended for Qualified Electronic Signatures.
And, the types of electronic signatures:
  • Basic Level Electronic Signature: Data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign.
  • Advanced Electronic Signature: The signatory can be uniquely identified and linked to the signature. The signatory must have sole control of the signature creation data (typically a private key) that was used to create the electronic signature. The signature must be capable of identifying if its accompanying data has been tampered with after the message was signed. In the event that the accompanying data has been changed, the signature must be invalidated.
  • Qualified Electronic Signature (QES): The service provider must provide a valid time and date for created certificates. Signatures that have expired certificates must be revoked immediately. Personnel employed by the qualified trust service provider must be appropriately trained. Software and hardware used by the service provider must be trustworthy and capable of preventing certificate forgery
And finally, a few abbreviations:
  • CA: Certification Authority
  • CMS: Cryptographic Message Syntax
  • CRL: Certificate Revocation List
  • OCSP: Online Certificate Status Protocol
  • PKCS: Public Key Cryptography Standards (e.g. PKCS #7)
  • TSA: Time-stamp Authority
  • VRI:Verification Related Information (e.g. OCSP, CRL)
  • DSS: Document Security Store (PDF)
  • XAdES: XML Advanced Electronic Signature
We have implemented the new PAdES standard in our software such that digital signatures in PDF can be easily created, updated and verified in applications that need to conform to the European eIDAS regulations.

I guess, this material is hard to digest. So, if you have any questions, please let me know.

2 comments :

  1. You mention that the B-LT level is recommended for Advanced Electronic Signatures. and the B-LTA level is recommended for Qualified Electronic Signatures. Can you please provide references for these assertions?

    ReplyDelete
    Replies
    1. Thank you for your comment.
      You are right. There's actually no connection between the signing certificate and the level of the signature. The exception is that B-B and B-T work with all certificates whereas B-LT and B-LTA can only be made with advanced and qualified certificates. For simple certificates I would recommend B-T and for the other B-LT. I do not see a use case for B-B. B-LTA seems to me particularly suitable for archives in which one wants to extend the lifetime of signatures, e.g. if they use outdated cryptographic algorithms.

      Delete