History of Seal and Printing Cultures
Implications of the four important Chinese inventions, the compass, gun powder, papermaking, and printing, have far-reaching significance for human civilisation. The Chinese seal is intimately related to printing. Seals have the practical function of duplicating impressions of words or patterns. This process shares a very similar concept to printing on a small scale. Printing originated from the function of seals for making duplicated impressions, and for this reason Wang believes that seals constitute the prototype of printing.
Seals in Traditional Commere
Seals in certain Asian countries, such as Taiwan and Japan, play a vital role similar to that played by signatures in Western society. Particularly, the Chinese seal has been an integral part of Chinese heritage and culture. Wong states that seals usually symbolise tokens of promise in Chinese society. Ancient seals in their various forms have played a major role in information systems, in terms of authority, authentication, identification, certified proof, and authenticity, and have also been used for tamper-proofing, impression duplication, and branding purposes. To illustrate, clay sealing has been applied to folded documents to detect when sealed documents have been exposed or tampered with. Interestingly, one of the features of digital signature technology is also designed to achieve this purpose.
Wong records that when the commodity economy began to develop and business transactions became more frequent, seals were used to prove that particular goods had been certified by customs. Moreover, when the goods were subject to tax by the government, seals were applied to the goods to prove the levy paid. Seals continue to be used in Chinese society as personal identification and in business transactions, official and legal documents, administrative warrants and charters.
Paper-based Contract Signing with Seal Certificates
In Taiwan and Japan, in certain circumstances, when two parties wish to formalise a contract, the seals of the two parties must be affixed to the contract. As Figure 1 illustrates, seal certificates are required to be attached to the signed and sealed contract for authentication as well as the statement of intent of a voluntary agreement in Taiwan.
A person can have more than one seal; however, only one seal at a time is allowed to be registered with a jurisdictional registration authority. The purpose of seal registration is to prevent seal forgery and to prove the identity of the seal owner. Namely, the seal registration process aims to associate the identity of the seal owner with the seal owner’s nominated seal, through attestation by a jurisdictional registration authority. Upon confirmation of the seal registration, the registration authority issues a seal certificate with both the seals of the registration authority and the registration authority executive.
Digital Signatures for Electronic Commerce
Handwritten signatures and tangible ink seals are highly impractical within the electronic commerce environment. However, the shift towards electronic commerce by both the public and private sector is an inevitable trend. ‘Trust’ in electronic commerce is developed through the use of ‘digital signatures’ in conjunction with a trustworthy environment. In principle, digital signatures are designed to simulate the functions of handwritten signatures and traditional seals for the purposes of authentication, data integrity, and non-repudiation within the electronic commerce environment. Various forms of Public Key Infrastructure (PKI) are employed to ensure the reliability of using digital signatures so as to ensure the integrity of the message. PKI does not, however, contribute in any way to the signatory’s ability to verify and approve the content of an electronic document prior to the affixation of his/her digital signature.
Shortcomings of Digital Signature Scheme
One of the primary problems with existing digital signatures is that a digital signature does not ’feel’ like, or resemble, a traditional seal or signature to the human observer; it does not have a recognisably individual or aesthetic quality. Historically, the authenticity of documents has always been verified by visual examination of the document. Often in legal proceedings, examination of both the affixed signature or seal as an integral part of the document will occur, as well as the detection of any possible modifications to the document. Yet, the current digital signature regime overlooks the importance of this sense of visualisation. Currently, digital signatures, such as the OpenPGP (Pretty Good Privacy) digital signature, are appended to an electronic document as a long, incomprehensible string of arbitrary characters. As shown in Figure 2, this offers no sense of identity or ownership by simple visual inspection.
To add to this confusion for the user, a digital signature will be different each time the user applies it. The usual digital signature is formed as an amalgam of the contents of the digital document and the user’s private key, meaning that a digital signature attached to an electronic document will vary with each document. This again represents a departure from the traditional use of the term ‘signature’. A digital signature application generates its output by firstly applying a hash algorithm over the contents of the digital document and then encrypting that hash output value using the user’s private cryptographic key of the normal dual-key pair provided by the Public Key cryptography systems. Therefore, digital signatures are not like traditional signatures which an individual can identify as being uniquely theirs, or as a recognisable identity attributable to an individual entity.
New Visualised Digital Signature Scheme
Liu et al. have developed the visualised digital signature scheme to enhance existing digital signature schemes through visualisation; namely, this scheme makes the intangible digital signature virtually tangible. Liu et al.’s work employs the visualised digital signature scheme with the aim of developing visualised signing and verification in electronic situations.
The visualised digital signature scheme is sustained by the digital certificate containing both the certificate issuer’s and potential signer’s seal images. This thereby facilitates verification of a signer’s seal by reference to the appropriate certificate. The mechanism of ensuring the integrity and authenticity of seal images is to incorporate the signer’s seal image into an X.509 v3 certificate, as outlined in RFC 3280. Thus, visualised digital signature applications will be able to accept the visualised digital certificate for use. The data structure format of the visualised digital certificate is detailed in Liu.
The visualised signing and verification processes are intended to simulate traditional signing techniques incorporating visualisation. When the signer is signing the document, the user interface of the electronic contracting application should allow the signer to insert the seal from the seal image file location into the document. After the seal image object is embedded in the document, the document is referred to as a ’visually sealed’ document. The sealed document is ready to be submitted to the digital signing process, to be transmitted with the signer’s digital certificate to the other party for verification.
The visualised signature verification process is analogous to the traditional, sealed paper-based document with the seal certificate attached for verification. In history, documents have always required visual stimulus for verification, which highlights the need for visual stimulus evidence to rapidly facilitate verification. The user interface of the electronic contracting application should display the visually sealed document together with the associated digital certificate for human verification. The verifier immediately perceives the claimed signer’s seal on the document, particularly when the signer’s seal is recognisable to the verifier. This would be the case particularity where regular business transactions between parties occur. Significantly, having both the issuing CA’s and the signer’s seal images on the digital certificate instils confidence that the signer’s public key is attested to by the CA, as shown in Figure 3. This is unlike the current digital signature verification process which presents long, meaningless strings to the verifier.
Seals have a long history accompanying the civilisation of mankind. In particular, certain business documents and government communities within seal-culture societies still require the imprints of the participating entities. Inevitably, the use of modern technologies will replace traditional seals and handwritten signatures. Many involved in implementing electronic government services and electronic commerce care little about the absence of imprints and/or signatures; however, there is concern that the population may experience difficulty in adapting to a new electronic commerce system where traditional practices have become obsolete.
The purpose of the visualised digital signature scheme is to explore enhancements to existing digital signature schemes through the integration of culturally relevant features. This article highlights the experience of the use and development of Chinese seals, particularly in visualised seals used in a recognition process. Importantly, seals in their various forms have played a major role in information systems for thousands of years. In the advent of the electronic commerce, seal cultures still remain in the digital signing environment.