Our electronic signature application provides you with a simple way
to legally sign all your documents anytime from any device for
free. By facilitating the electronic signature of documents, our
solution eliminates the need for slow, costly paper signing
processes, while creating legal signatures that provide integrity,
trust and regulatory compliance.
> How to sign a document? > How to check a signature? > FAQ on the electronic signature
Having your documents signed online is not only a time and money
saving but it is also legal. Our solution is approved by
the National Agency for Electronic Certification and meets a
proven legal framework. Our signatures implement all ETSI
signature standards, including XAdES, PAdES, CAdES, qualified
signatures that respect the law on exchanges and e-commerce in
> More about ANCE (National Agency for Electronic Certification)
> More about ETSI (European Telecommunications Standards Institute) > More info on the legal value of electronic signatures in Tunisia, Law n ° 2000-83 of 9 August 2000
Tunisia has promulgated a law on electronic commerce: the law n °
2000-83 of August 9th, 2000, relative to the exchanges and the
electronic commerce, defined the electronic certificate and the
electronic signature, favoring an environment favorable to the
development of the exchanges and e-commerce, and allowed the creation
of the National Electronic Certification Agency (ANCE) root authority
of electronic certification in Tunisia, in order to represent the
highest level of trust in the field of electronic certification,
security of transactions and electronic exchanges.
The National Agency for Electronic Certification (ANCE) has the main vocation of securing electronic exchanges in various fields such as e-commerce, e-government, e-Banking, e-finance, e-commerce and e-commerce. as well as e-health ... Its role is to secure payment transactions and the authentication of different players. Thus any person wishing to perform a payment transaction on a secure site with a certificate from the National Agency of Electronic Certification can be sure that it addresses a reliable site and that all the data that it communicates are secure. The other main missions of ANCE are:
The ANCE essentially delivers two types of electronic certificates:
A handwritten signature consists of affixing a personal mark on a
paper document. It expresses the will of the signatory and his
agreement with the content of the document. Transposed in the
electronic world, the electronic signature has the same legal value
as the handwritten signature. .
The electronic signature consists of three components:
The electronic signature differs from the written signature in that it is not visual but corresponds to a number or a series of numbers. Indeed, the action of digitally signing produces binary information commonly called electronic signature. A document may contain several electronic signatures.
All types of files without exception can be signed (Word documents, PDF, XML, etc.). The most used file format is the PDF, for its portability and also the possibility of affixing several electronic signatures. But also standardized XML files for exchanges between public entities.
Like handwritten signatures, electronic signatures are used to identify co-signatories (authors) of electronic data (an email for example).
Electronic signatures can guarantee the following security properties:
Electronic signatures are created and verified through electronic certificates.
An electronic certificate is a document in electronic form that aims to authenticate the identity of the signatory: it is the identity card of the electronic world.
The information contained in the electronic certificate is as follows:
The electronic certificate is divided into two parts:
The electronic certificate must be issued by a Certification
Authority (CA) which is an organization recognized as competent to
issue certificates to a population with which it has full
confidence and to ensure their validity. It commits itself to the
identity of a person through the electronic certificate that it
A certifying authority is responsible (vis-à-vis its customers, but also anyone relying on an electronic certificate it has issued) for the entire certification process and, consequently, for the validity of the certificates it issues. In addition, it defines the certification policy and enforces it.
A certification authority is organized around three basic functions:
When you sign a document, the signature software creates a digital fingerprint called a hash: a kind of digital digest consisting of a series of letters and numbers. The hash is unique (the smallest change in the document will produce a different hash). This hash is then encrypted (encrypted) using the private key of your digital certificate. The encrypted hash and the public key are together to compose the digital signature, appended to the document.
When the signed document is opened, the hash is decrypted using the
signer's public key. Then the verification software recalculates
the hash of the document: if it is identical to the hash previously
decrypted, the document has not been modified. The software then
displays a message certifying its integrity, as well as the
So the principle of the electronic signature rests on two families of algorithms, which will be used in a complementary way:
It is strongly recommended to associate a timestamp with each electronic signature.
The principle of an asymmetric algorithm is simple. A pair of
digital keys is constructed in such a way that the cryptogram
(encrypted text) generated from a clear text and one of the keys
can be easily found only with the other key.
In practice, one of the keys is secretly kept: private key, while the other is public: public key. Only the owner of a private key (the emitter in our example) could have encrypted a decrypted text with the associated public key.
Is a one-way, collision-free function that calculates a fixed-size (or condensate) footprint from data of varying sizes. These functions are one-way because you can not find the original data from the fingerprint.
A function is said to be collision-free or injective when it is deemed very difficult to find two different sources leading to the same result.
The calculation of the condensate of a document and the comparison of it with its initial value makes it possible to control the integrity of a document.
Many administrative procedures involve the date of dispatch of
documents: submission of applications, replies to calls for
tenders, various declarations, etc. Traditional mechanisms use the
The dematerialization of such procedures requires an electronic equivalent to this postmark. The PKCS # 7 format that describes the signed data containers in the e-mail includes a field to indicate the date the message was signed. However, the date and time of the signer's workstation are used in this field. The sender can therefore cheat by indicating wrong dates. Similarly, a malicious third party who has retrieved a private key associated with an expired certificate can artificially reduce the date of his machine within the validity period of the certificate and issue signed documents.
The electronic signature of a document is therefore inseparable from a mechanism that ensures that the document existed at a given date and time and has not been tampered with since. This is the time stamp. It consists in transmitting to a trusted authority, called timestamp authority, a request including the condensate of the document to be timestamped. The authority returns to the requester a time stamp, sthe condensate, a date, and a time, all signed by the time stamping authority.