Modern entrepreneurs are trying to transfer their entire document flow into electronic format. Every document must be endorsed, so businessmen need to know how to electronic signature certifying the relevance and validity of the documentation. Its creation will not take too much time, but you will have to spend a certain amount.

An electronic digital signature usually refers to encrypted information that must be attached to data sent via telecommunication channels. Using an electronic digital signature, it is possible to identify the person who signed the electronic information (files) and is responsible for it.

An electronic digital signature, according to existing legislation, must ensure correct and secure interaction between individuals and government agencies.

The law provides for the use of three types of digital signatures:

• reinforced,
• simple.

Using a simple signature allows you to simply indicate the owner of the document. Thanks to it, it is impossible to change the information in the document after approval. All other signatures allow information to be changed after approval, but information about who exactly and when entered the new data remains in the document.

An electronic digital signature can be issued to individuals who have Russian citizenship. At the same time, each digital signature owner must be a user of the government services portal and have his own account in the certification center. For information about which center you can register at, please visit tax office at the place of residence.

With the help, he gets the opportunity to use municipal and government services in electronic format. We are talking about those services that require identification and approval of applications, in particular, participation in tenders for the supply of goods.

How to create an electronic signature

The first question that entrepreneurs have when mentioning an electronic signature is how to create such an attribute for themselves? Creating an electronic digital signature is free. Its owner will only have to pay for the purchase of electronic media in the amount of 700 to 3,000 rubles. The service for creating an electronic digital signature can be provided if the client contacts the office of the certification center.

After filling out all the necessary documentation, the user receives a USB drive. With its help, it becomes possible to perform operations on the website of government services that must be legally confirmed.

Most often, an electronic digital signature is used to participate in government tenders, when an enterprise intends to supply certain goods and services to the customer. Applications for participation in the competition, signed with a current electronic digital signature, usually have a certain priority over the rest.

Creating an electronic signature will require its future owner to provide the following documents:

• passport;
• SNILS (it is indicated on the pension certificate);
• email information.

You can use any mail service, the main thing is that the mailbox must be up to date. If a citizen cannot provide this information, regulatory authorities have the right to refuse to issue an electronic digital signature.

You can receive government services using an electronic signature using only installed terminal devices. Laptops, home and work computers all need to have a standard browser, as well as the appropriate software.

In addition, you can use digital signatures from access points that are equipped with regular browsers or other specialized software. As soon as the user, he is provided with special instructions for its operation.

Common situations

If you don’t understand the details, like the signature, and you urgently need them, you can contact a certification center. The specialists of this institution will help you understand this situation and register your digital signature in as soon as possible. The address of the current center can be checked at your local branch Pension Fund RF.

Continuing to reveal secret knowledge about digital signature in simple language, let’s look at what we need to conveniently and effectively work with them, as well as the main difference between the S/MIME + X.509 and PGP camps.

Before considering the features of these two large camps, it is worth considering what information the recipient needs to verify the signature (and our encrypted hash can already be called a signature), and in what form it can be transmitted to him.

Each piece of information can be transmitted along with a public key, or together with our signature, or both, for greater convenience. Of course, it is possible not to separate information into that transmitted with a public key and transmitted with a signature. But then, every time we send signed information, we send the same thing. It’s as if for every paper letter we send (even a short two-line one), we would include an addendum like “Hello! It’s me, V. Pupkin, whom you met on Moscow’s Red Square, where we met, then went to a restaurant, then<...>" Agree, it's a little inconvenient.

But let's return to our information needed to verify the signature.
Let's start with something simple: information that will allow us to find out who made this signature. As we have already agreed, asymmetric encryption allows us to uniquely link our public key and the resulting signature. The trouble is that the public key itself is a collection of bytes. Moreover, it is, of course, connected with the private one, which we (that is, the sender) own, but this connection is not obvious to the recipient. He has a set of bytes from V. Pupkin, from I. Petrov, from S. Sidorov... And from a dozen other people. And how can he identify them? Keep a separate register for who owns which set of bytes? What is this, it turns out already second registry (in addition to where it should be written down, using which hash function which hash was made)! And again, inconvenient!

This means that you need to associate each public key with information about who this key belongs to, and send it all in one package. Then the registry problem is solved by itself - the package (or, more correctly, the container) with the public key can be simply looked at and immediately understand its ownership.

But this information still needs to be associated with the signature received by the recipient. How to do it? It is necessary to build another container, this time for transferring the signature, and in it duplicate the information about who created this signature.
Continuing our analogy with a beautiful lock, we write on the key “This key opens V. Pupkin’s lock.” And on the castle we also write “V. Pupkin’s Castle.” Having such information, the recipient of our box will not insert each of the keys he has at random into our lock, but will take our key and immediately open it.

Now, using the transmitted information during verification, you can find the public key container, take the key from there, decrypt the hash and...

What exactly is “and”? After all, we have not yet solved the problem of how to convey to the recipient information about what hash function was used for the hash, but this information is used to verify the signature necessary ! The solution can be quite simple: put this information in a container along with our public key. After all, it is the combination “hashing – encryption of the hashing result” that is considered the procedure for creating a digital signature, and its result is a signature. This means that it seems quite logical to combine the hash encryption algorithm and the hash function with which it is generated. And this information also needs to be delivered in a bundle.

Now, let's briefly return to the signer information. What type of information should it be? FULL NAME? No, there are many V. Pupkins. Full name + year of birth? So there are also plenty of V. Pupkins born on the same day! Moreover, it could be Vasily, Victor, or even Vasilisa or Victoria Pupkin. This means there should be more information. There should be so much that the coincidence of all the parameters by which we identify a person is as incredible as possible.

Of course, it is possible to create such a package of information. It’s just that it’s already a little difficult to work with him. After all, our containers of public keys need to be sorted, stored, and used, in the end. And if for each use you have to specify fifty parameters, then already on the second container it will become clear that something needs to be changed. A solution to this problem, of course, was found.

To understand what it was, let’s turn to a paper document that we all have: a passport. In it you can find your full name, date of birth, gender, and much other information. But, most importantly, you can find the series and number in it. And it is the series and number that are the unique information that is convenient to take into account and sort. In addition, they are significantly shorter than all the remaining information taken together, and at the same time still make it possible to identify a person.

Applying the same approach to public key containers, we get that each container must have a certain number, a sequence of characters, unique to it. This sequence of characters is usually called identifier , and the containers themselves – certificates , or just keys.
This is where the fundamental differences in the ideologies of OpenPGP and S/MIME + X.509 begin. To briefly understand them, let's return to our passport analogy.

You can use your passport when purchasing tickets, when preparing documents, to issue a pass to any territory, and even on the territory of other countries! That is, you use it to identify your identity in a wide variety of, often completely unrelated, ways. related friend with a friend, in places, with a variety of people. And everywhere your passport is accepted. The guarantee that you are you is a third party in your relationships with others: the state. It is the one that issued you your passport, specially designed, signed and certified, and that is why your passport is such a universal document.

On the other hand, among friends, or within a company, you just need to introduce yourself like this: “V. Pupkin from your group at the institute" or "V. Pupkin from the sales department." And the people you come into contact with in this circle no longer need a third party, they already remember Pupkin from the group with whom they studied for five years, or Pupkin from the sales department, with whom they recently went to lunch, and the information you provided is quite enough for them.

These two camps can also be divided.

The X.509 certificate is similar to our passport. Here, certificates are issued to you by a strict third party, the guarantor of your identity: the Certification Authority (CA). The person receiving your signatures can always contact the CA and ask for the information he is interested in regarding this particular certificate.

PGP (and the OpenPGP standard that appeared later) was created on the basis of the so-called networks of trust. This idea implies that signatures are exchanged by people who do not need a third party for their relationship, but only need protection from bad people.

Of course, over time, such a division has become quite arbitrary, since at the moment both S/MIME+X.509 and PGP can use the methods of the rival camp. But still, the standards developed in parallel for quite a long time and developed to the extent that mutual compatibility between them became impossible.

The S/MIME + X.509 standard has become a more popular standard, due to its focus on the participation of a more competent third party, however, PGP also has a number of trump cards in its bosom, with the help of which it not only does not die, but also continues to develop successfully .
You can read a more detailed discussion of each of the formats, as well as recommendations on when, where and which one to use in the following articles.

An electronic signature is an important part of an electronic document. She certifies the absence of distortions in the document drawn up and certified by her, and makes it possible to establish that it belongs to the owner of the electronic signature key. Using a private key, a cryptographic transformation of the information contained in the electronic signature is performed.

Electronic digital signature you can order at the certification center. Its further use is possible when carrying out various financial transactions. For example, when participating remotely in exchange trading and in other cases. The future of the global financial market lies in participation in trading in electronic form. Many leading companies are already taking an active part in them. A certification center is a special institution that has a license to issue an electronic digital signature. Find such an institution in your area, contact them and apply. You can submit your application at in electronic format. The certification authority's website must indicate its mailbox.

The center manager will contact you at the phone number you provided, inform you what package of documents needs to be prepared, and the further procedure for your actions. Tell him who the electronic signature is being issued for: an individual or legal entity and the type of electronic signature. The set of documents may differ for each case. It is enough to provide the institution with scanned copies of original documents and a receipt confirming payment for this service. After verifying the authenticity of the documents, a center employee will invite you to obtain an electronic signature.

To obtain an electronic signature, you can contact the government services website in the section “Obtaining an electronic digital signature certificate.” There is a single digital signature portal on the network in Russian Federation– here you can also make a request for an electronic signature. Take the originals of the prepared documents with you when you go to the electronic signature issuance center.

The certification center will complete the registration of your electronic signature. On external media(usually a flash drive) they will generate two types of keys for you - public and private, and write special software. You will receive a digitally signed and stamped certificate certified by the center in paper and electronic form.

At this point, the stage of obtaining an electronic signature is completed. Now you can use it for its intended purpose. To do this, install the software provided to you on an external memory device on your computer. Certification center specialists can help you set up this program for an additional fee. You can find instructions for installing the program on the Internet and do it yourself.

Having become the owner of an electronic digital signature, you can submit tax reports via the Internet, register an individual entrepreneur, use the services of the Rosreestr portal, conduct transactions and work remotely, participate in auctions, carry out all production and personal document flow via the Internet, and so on.

Transferring document flow to electronic format is the main trend of modern business. An electronic signature is needed to confirm the relevance and validity of the documentation. A modern businessman needs to know how to make an electronic signature in order to endorse a document. Creating an electronic signature will not take much time and will not require significant expenses. What is an electronic signature and how to get it, read the materials in this article.

From this article you will learn:

• how an electronic digital signature is used in document management;
• how to obtain an electronic digital signature;
• how to make an electronic signature.

Using an electronic digital signature in document flow

Encrypted information appended to data sent via digital channels communication is called electronic digital signature(EDS). EDS allows you to identify the user who created the electronic document, signed it and is responsible for it. The main purpose of an electronic signature from the point of view of modern legislation is to ensure an effective and secure dialogue between an individual and a government agency.

According to the law, there are three types of digital signatures, the use of which is permissible in the practice of modern office work:

1. qualified digital signature;
2. enhanced digital signature;
3. simple digital signature.

The first type of signature is used to indicate the owner of the document. A simple electronic signature does not allow any changes to be made to the endorsed document. The second and third types of signatures allow you to do this, but you should keep in mind that information about all changes is stored in the document itself. The date of changes and information about the user who made them are saved.

Any individual who has Russian citizenship has the right to receive digital signature. The only condition for receiving it is to register on the government services website or have your own account in the center that certifies signatures. Information about the centers where you can obtain such registration is available at the tax office at your place of residence.

Having an electronic signature gives any citizen access to municipal and state electronic services. First of all, these are services that provide the opportunity to participate in competitions for the supply of goods. It is in this area that the need for approval and identification of applications most often arises.

In addition to the function of document approval, an electronic digital signature has a number of other, no less important functions. EDS can be used as a means of user identification when entering a government services website. Traditionally, the SNILS number is used to enter this portal; having a signature allows you to enter there using it.

Another function of the digital signature is to obtain information about extracts from state registers. True, only legal entities and individual entrepreneurs can use this function; individuals, using an electronic signature, will be able to obtain information about tax payments and existing outstanding fines. Naturally, all this information can be obtained right at home. The law does not prohibit this.

Big advantage use of digital signature is an opportunity to reduce the burden on government agencies and reduce the number of queues. Through the use of virtual representative offices, the speed of customer service increases significantly.

Statistical data recent years indicate that more than 40 thousand applications for the creation of an electronic signature are submitted annually in each Russian region.

The range of services that are most in demand among the population and are most often obtained using digital signatures has already been determined:

• registration of a foreign passport;
• request for information from the state cadastre;
• repayment of traffic police fines;
• payment of taxes;
• car registration;
• Submitting documents to the tax authorities:
• tracking the account in the Pension Fund.

How to get an electronic digital signature

The most important question that an entrepreneur asks when he hears the words “electronic digital signature” is how to get a qualified electronic signature and how much it will cost. The answer to the last question is very simple - creating an electronic signature is free. The only thing you will have to spend money on is purchasing a USB drive, simply put, a “flash drive,” for recording your digital signature. At the office of any certification center you will be provided with the service of creating an electronic signature.

You fill out all the documentation required by law and receive a “flash drive” with a signature. With its help, you will be able to carry out all operations on the government services portal that require legal confirmation. The most common area of ​​application of digital signatures is government tenders for the supply of certain goods and services by an enterprise to a specific customer.

It should be borne in mind that recently applications for participation in a tender endorsed using an electronic digital signature have an advantage over others.

Read also:

• Electronic signature: paperwork protected by cryptography

How to make an electronic signature

What documents are required to create a qualified electronic digital signature? There are few of them:

• passport;
• SNILS;
• current email address.

Without providing these documents, creating an electronic signature is impossible.

Using specially installed terminal devices, the user will be able to carry out any operations on the government services portal using his electronic signature.

Your home or work computer must have Internet access, a standard browser and special software installed. Many institutions are now equipped with special access points with browsers and appropriate software, from which you can also access the government services portal.

Along with the USB drive on which the electronic signature is recorded, the individual receives instructions on how to use it.

If you cannot figure out how to make an electronic signature on your own, you will have to contact a specialized certification center at your place of residence. The center's specialists will help you register your digital signature. You can find out the addresses of these centers at your Pension Fund branch.

What to do if you lose your electronic signature

What to do if you lose your USB drive? digital signature or do you suspect that third parties have stolen your information and will be able to use it to harm your business?

The first thing you need to do is immediately contact the certification center or technical support service. The center's staff will be able to instantly suspend your certificate and limit hackers' access to your data. Next, you will need to visit the certification center again and carry out the procedure for renewing the validity of the signature. Naturally, you need to have with you documents proving your right to own a digital signature certificate.

Without providing documents, technical support workers will not be able to block the signature or resume it in the future, and your data will be available to attackers. Sometimes situations arise that the signature does not work or does not work correctly; it is also possible that the USB drive does not meet the requirements that the user places on it. In such cases, you need to contact the technical support service of the certification center by phone or in person with a complaint.

Advantages

Despite possible technical difficulties, using an electronic digital signature will give you great advantages and will save you a lot of time that you previously spent on recording, registering and backlogging queues at OVIR, the tax office, the Pension Fund and other government agencies.

Another important point that is worth paying attention to is that any electronic digital signature has a limited validity period. This needs to be monitored especially carefully. If you do not update your digital signature on time, you may find yourself in a situation where you will not be able to carry out the necessary operations on the portal that provides government services.

Before approving a document or application, you need to check the relevance of the certificate and the signature itself. It is also worth checking information about the procedure for creating an electronic signature at your certification center. The fact is that, unfortunately, the very procedure for creating digital signatures, generating certificates and keys, is under development and may change over time.

Another important point related to the creation of a qualified electronic signature. You can order and receive an electronic signature only in the region in which you are officially registered. Employees of the certification center have every right to refuse to create an electronic signature if you live in another city and do not have a residence permit in the place where you requested to create an electronic digital signature.

The advantages of using an electronic signature are enormous:

• additional features document protection and encryption;
• the ability to use the same signature when interacting with various government agencies, ministries, and regulatory authorities;
• significant savings on processing and sending documents;
• expanded opportunities for establishing contacts and exchanging documents with foreign partners.

Electronic digital signature is a reliable modern alternative to traditional signature on documents. The use of digital signature significantly reduces document flow, ensures the protection of transmitted information, and minimizes time and material costs. All documents signed with an electronic digital signature have indisputable legal force. Legal aspects of the use of secure document flow are regulated by the Civil Code of the Russian Federation, as well as the Law “On Electronic Digital Signature”.

For persons using digital signature, a special individual key is created, with the help of which the transmitted information is encrypted. It consists of two components - secret and open. The secret key is required to encrypt and sign documents for subsequent sending to the recipient by means of Email. It is recorded on a flash storage medium and transferred to the owner of the digital signature. The public key is provided to verify the authenticity of the electronic digital signature. It is confirmed by a special public key certificate that is freely available. For the digital digital signature to function, special software is required - Key System Control Center. Signing keys are created by the administrator of this system. Information on the procedure for using an electronic signature is included in the documentation package of the Delo system. Optionally, the digital signature can be of two types - for corporate document flow or for legally significant electronic document flow. The first option is used to exchange information within one company, often with an extensive system of divisions and branches. It is also possible to use this type of digital signature within a system of independent organizations that carry out document flow in significant volumes.

To obtain the right to an electronic digital signature, you must send an order to any of the numerous digital signature issuing centers. The specialist of the selected certification center provides an invoice for payment of services and a questionnaire in which the recipient indicates the exact data to obtain a signature. After paying the invoice, the completed application form along with the necessary package of documents is sent to the certification center. To speed up the process, you can send scanned copies of documents, and provide the originals in paper form upon receipt of the digital signature certificate.

Different categories of EDS recipients require different packages of documents. For legal entities, this is, as a rule, an application, a certificate of state registration, a charter and other constituent documents, a certificate of registration with the federal tax service, insurance certificate Pension Fund, passport of the authorized representative and extract from the Unified State Register of Legal Entities. To obtain an electronic digital signature, an individual must submit to the certification center a passport, an insurance certificate from the Pension Fund, a certificate of registration with the federal tax service and an application.

Documents must be submitted in original. It is possible to provide copies certified by a notary or an authorized representative of the relevant government agency. You can receive a certificate in person or through a representative based on a power of attorney at the issuing center.

The use of digital signature is carried out using a special software: Delo system version no lower than 8.8.0, CIPF CryptoPro CSP 3.0, Signal-Com 3.0.