Cryptoblog [EN]

Cryptolog products successfully passed international interoperability testing

2011-04-13T13:36:57Z

At Cryptolog, one of our key priority in product developpement is maintaining a high level of compliance of all our products with the latest standards, thanks to our experts involved in European and International standard bodies on electronic signature (Cryptolog is rapporteur of CAdES standard). To comply with this strategy, Cryptolog recently participated in The Remote Plugtests© Event on XAdES and CAdES signature standards organized by ETSI Plugtest™ Service. This professional unit of ETSI is specializing in running interoperability test events like this one, for a wide range of telecommunications, Internet, broadcasting and multimedia converging standards.

In this case, the XAdES/CAdES remote Plugtests events aim at conducting extensive interoperability test cases on XAdES 1.3.2 and CAdES 1.7.4, as well as on the new versions of signatures, XAdES 1.4.1 and CAdES 1.8.1. The main purposes of the plugtests are to improve the quality of XAdES and CAdES specifications and to enable participants to assess the level of interoperability of their own implementations. 27 companies from the EU, Turkey, USA, Japan and Israel joined the testing event and ran hundreds of generation, verification and extension (for long-term archival and validation) test cases. The involvement of Cryptolog in the development of CAdES and XAdES standards and also our participation in all the previous plugtests organized in the last three years enabled our products to successfully pass these tests.

Signature creation

CUTE, our key product for signature creation, successfully generated XAdES-BES, XAdES-T, CAdES-BES and CAdES-T signatures. All participants were able to validate these signatures. CUTE also generated XAdES-EPES and CAdES-EPES signatures which were successfully validated by most participants. The plugtest allowed to identify some issues in CAdES and XAdES standards which led to some interoperability failures.

Signature validation and extension

Serenity, our key product for signature validation and extension, successfully generated XAdES-C, XAdES-X, XAdES-XL, XAdES-A, CAdES-C, CAdES-X, CAdES-XL, CAdES-A signatures. Most participants were able to validate these signatures. On CAdES signatures, the most controversial issue was the different readings of the latest version of the specification regarding the production of the input to the computation of the message imprint for the ArchiveTimeStamp unsigned attribute (CAdES-A). This misreading will be fixed in the coming version of CAdES.

Serenity was also able to validate CAdES and XAdES signatures (all forms) generated by most of the other participants. The plugtest allowed to recognize some technical issues in the process of extending signatures for long-term archival and validation when different applications are involved. This allowed participants to agree on some common practices which may allow to increase interoperability in this scope. These practices are already supported by Serenity.


ETSI Certificate of Participation	XAdES-CAdES Plugtests 2010 External Final Report.pdf

Serenity 2.6 welcomes TSL

2011-03-08T09:15:41Z

Paris, March 8th, 2011 - Cryptolog is delighted to announce the release of version 2.6 of Serenity, its advanced electronic signature validation server. The main innovation in this release is the integration of Trust-service Status Lists (TSL) in the validation engine and in the Serenity administration interface.

A standard European format

Imposed by the European Commission on its member states, TSL are designed to consolidate lists of suppliers of certification services that are considered trustworthy by the different EU states within public, standardized XML files that can be accessed online. The format of these lists has been standardized in Europe (ETSI TS 102 231). The lists are used to reference all trusted authorities in a given country and include a certain amount of technical and organizational information. In particular, these lists must indicate which certification authorities issue qualified certificates under the Electronic Signature Directive (e-signature 1999/93/EC).

For example, the Belgian TSL is available here as an XML file and here as a PDF file.. This Belgian TSL is in turn referenced in a European TSL which also contains the TSL from most other countries in the EU (Luxembourg, Italy, etc).

Validating signatures using TSL

Serenity 2.6 enables signature validation using TSL by checking that the certificate associated with the signature was issued by a certification authority which is either present in the TSL set by the user or which was itself certified by a trusted root present in the TSL set by the user.

In the tab for defining validation policy, users can list the TSL to be used when validating a signature and also define a number of filters on the information to be verified within these TSL (authority status, type, etc).

Defining a validation policy using the European TSL and the Belgian TSL

A new tab in the administration interface

In order to enable users to define the TSL they want to use as part of their validation policy, the administration interface in Serenity 2.6 now includes a new configuration tab, as shown in the example below in which the European TSL has been set.

TSL configuration tab

About Serenity

Serenity is a server designed for validating electronic signatures and extending their validity in time. Extremely versatile, it handles all major signature formats, and can adapt to even the most detailed validation policies. It can be installed on any system, including a Java Virtual Machine, and can enable the integration of signature validation into any simple or complex workflow.

To find out more, visit cryptolog.com.

Corinne David appointed Chief Financial Officer of Cryptolog

2011-02-03T10:44:04Z

To support its development on the timestamping and electronic signature market, Cryptolog appoints Corinne David as head of administrative and financial management of the company.

Corinne David joins Cryptolog to provide her experience in finance and business management of SMEs. Alumna of the École Normale Supérieure and graduate from HEC, she quickly expressed her natural fascination for finance, by starting her career in the banking sector at the BFCE (Banque Française du Commerce Extérieur) as an internal auditor.

In 1995, she becomes economic and stock analyst at Crédit National, before assuming the position of sales representative at Natexis, in which she assists her customers with the creation of structured and international fundings (LBOs, mergers and acquisitions, etc.).

Before joining Cryptolog, she spends 10 years as head of finance of production companies (Gemini Films, Gedeon Programmes). During these experiences, she divides her time between the company's financial management, private and public fundraising, and relationships with institutional partners and banks.

At Cryptolog, her main task is to structure the accounting and financial processes while supporting the strong growth of the company.

En route to online contracts signing

2011-01-24T08:58:40Z

The Cryptolog development team has recently achieved an online demonstration of what could be an application of online contracts signing. You can find it at the following URL:

http://demo.cryptolog.com

Before you try it, I suggest you discover this demo by launching the little slide show below. This way, you will follow the adventures of John Doe, fictitious character, who is about to sign a contract with "MyBank", an equally fictitious financial institution. But this fiction could be quite real, since it uses on-the-shelf Cryptolog products and services, without faking any part.

Unicity MSS 4.3 is released

2011-01-05T13:33:14Z

Cryptolog starts new year 2011 by announcing a new release of Unicity MSS, its powerful electronic signature server, enabling mass signing of a very large flow of documents on behalf of a legal entity. With release 4.3, which replaces release 4.2 launched in August 2010, Unicity MSS has been enriched once again to meet the growing market requirements of electronic signature. This new version of Unicity MSS provides significant features for both administration and integration.

Signing files by depositing them in hot folders

This new software version enables to avoid the use of web services when signing documents, and thus offers a greater ease of integration: with version 4.3, it is possible to define active files or hot folders, where you just have to drop documents to automatically trigger their signature. After Unicity MSS has done the job, you will find the signed documents in an output directory, predefined in the configuration of hot folders.

Redesign of the administration GUI

Regarding administration, the graphical user interface (GUI) of Unicity MSS was revised to allow administrators to save time by going directly to the key features of the software. This one includes a new configuration panel that gives a one click access to all components of the interface: signature services, signature profiles, user management, tokens management, certificate management, etc.

Unicity MSS configuration panel

Put an ID on each signature

Release 4.3 lets you give a customizable ID number (Request Id or Transaction Id) for each electronic signature operation. In particular, this new feature is useful when you want to filter the signatures made according to this criterion. For the signing of invoices for instance, you can use the invoice number as a signing ID number. A simple query on a particular invoice number enables you to quickly find at what exact time this invoice was signed. Another application can be to set an ID number for each department of your company, then to make requests based on this criterion.

64-bit architectures compatibility with PKCS#11 tokens

Finally, among the new features of this version, we can also point out the compatibility of 64-bit systems (Windows, Linux, OS X, Solaris, etc.) with cryptographic tokens compliant with the PKCS#11 standard.
Unicity MSS 4.3 is available at no additional cost for customers with a maintenance contract and can be downloaded from projects.cryptolog.com.

About Unicity MSS

Unicity MSS (Mass Signing Server) is a highly powerful server for mass electronic signing which meets the need of signing a large amount of documents, on behalf of a legal entity (corporations, government, association, etc.). Within an organization, it allows several entities or departments, according to their prerogatives, to perform electronic signatures under all kinds of business applications or document workflows. For example:

Mass signing of invoices in a short time

Legal entity signature of contracts

Mass signing of any kind of document to guarantee integrity

Countersignature of contracts by legal entity

For further information, please visit cryptolog.com.

Ensure the integrity and authenticity of electronic payslips.

2010-05-18T16:39:55Z

Soft-IT relies on Cryptolog's technology and launches its solution of dematerialization of payslips, Cyberpaye.

Cryptolog enables IT-Soft to ensure the integrity and authenticity of payslips stored on Cyberpaye.

Since May 12, 2009, he is permitted to replace the paper payslip by an electronic version, subjected to certain conditions (agreement of the employee, data integrity and conservation of a copy for 5 years by the employer). Nevertheless, the paper payslips are still legion, when 50% of the employees are willing to move to electronic format.

In this context as Soft-IT, consulting firm in Human Resources Information Systems, wanted to make available to companies a solution for paperless pay slips : Cyberpaye. Made for all employees and all enterprises, this solution brings real benefits functionally and technically.

Dematerialisation of legally binding documents must be supported by security solutions.And electronic signature is a response to the need for authenticity and integrity of the data. Soft-IT has used the expertise of Cryptolog, publisher of innovative solutions for electronic signature, timestamping and proof management, to ensure the integrity and authenticity of payslips.

Cyberpaye consists of two secure internet portals. The employee portal provides free access, 24/24 and 7 / 7 to the pay slips.

The electronic documents are stored indefinitely and safely. The risk of loss associated with removal, theft, fire or flood are eliminated.

The portal allows the company HR department to archive legally payslips. It saves time in the chain of transmission of payslips: paper, printers, ink, envelopes, postage, transport ...

"The solution Cyberpaye developed by Soft-IT is a very practical and operational application of integration of electronic signatures in a business process. This solution is user friendly, efficient and reliable, we are very proud to contribute to it. "Said Gautier Harmel, Commercial Director Cryptolog.

"Cryptolog has quickly brought to us the most suitable solution for the integration of electronic signatures to our solution. The responsiveness and support we have received has been vital in meeting our deadlines ", said Erwan Nalewajek, CTO Soft-IT

About Soft-IT (www.cyberpaye.com)

Soft-IT was founded in 2006 by three consultants in Human Resources Information Systems, it has participated in the implementation of SAP HR in several major international companies.

In 2010 Soft-IT launched Cyberpaye software, paperless pay slips with real expertise in the fields of payroll, both functionally and technically.

Dematerialization is not a computer project. It reflects a commitment of the Human Resources Department to win the support of employees and social partners.

New Business Development Director for CRYPTOLOG

2010-04-21T14:54:53Z

Cryptolog announces the arrival of Gautier Harmel as Business Development Director.

In 2009, Cryptolog has confirmed that he was one of the key actors for all organisations with a dematerialisation project. With a turnover rise of 20%, in the current economic situation, Cryptolog wants to sustain this dynamics and to keep on progressing on the European market. In order to support this growth, Gautier Harmel has joined the managing team as Business Development Director.

Gautier is an engineer, who graduated from the University Paris VI and holds a senior professional diploma in computing. He started his professional life in 2000 when he founded the start-up Qosmos, company specialised in IP networks management and analysis. He used to specifically managed the development of a very innovative technology of Deep Packet Inspection (DPI).

In 2001, he takes over the Operations management and takes in charge three teams : business development, pre-sales and after-sales support. As a member of the board, he keeps on participating in the company management.

Between 2005 and 2008, he is in charge of the Marketing Department, as Marketing Director, he places the offer on new markets and supports the strong growth of Qosmos, with a turnover doubling every year.

In 2008, he gets involved in Ethertrust, a young company who has created a smartcard aiming at making secure web applications, while simplifying their use. He becomes Marketing and Business Development Director.

To conctact him : sales@cryptolog.com

Meet us at OMAT Milano 2010

2010-03-17T15:48:45Z

Julien Stern, CEO of Cryptolog and Gautier Harmel, Business Development Director will be on March 30th and 31st, in Milano for OMAT Milano, the reference event in Italy for what concerns the electronic management of documents, content and business processes.

The Italian e-administration has really integrated the European rules on electronic signature in their daily processes. The use of electronic signature in their exchange with companies is common.
That's the reason why it seemed natural for Cryptolog to be part of this event and take this opportunity to meet our clients and contacts there.

Our "on the shelf products" are specifically design to meet the expectations for high quality electronic signature solutions and high level of compliance with the best and latest standards.

Would you like to meet us ? contact us to arrange a meeting : sales@cryptolog.com

More information on the event : http://milano2010.omat360.it/

Unicity MSS 4.0 is now available!

2010-01-04T09:45:06Z

Cryptolog's Mass Signing Server, Unicity MSS, is available from now in version 4.0. This new major version brings a lot of great functionalities, let's discover them!

PKCS#11 - Unicity MSS supports now any cryptographic device compliant with the PKCS#11 standard. In a few clicks, you can thus easily access cryptographic keys stored in hundreds of devices such as smartcards, USB tokens, or Hardware Security Modules.

PAdES certification signature - In addition of the recipient signature defined by the PAdES standard, Unicity MSS is now able to create certification signature (also called MDP signature, for « modification detection permissions »). This kind of signature protects the signature validity, while modifications can still be made such as adding comments or filling in blank fields.

Web Interface - Quickly sign a document and test Unicity MSS thanks to its web interface.

Improved XAdES performances - Some specific issues have been reported about XAdES signatures. Thanks to the work of our development team, the XAdES signature creation process has been improved in terms of processing time and needs in memory.

Centralize your signature profiles - Thanks to the external signature mode, Unicity MSS takes care of all the subtle details regarding the preparation and the finalization of your CAdES, XAdES or PAdES signature formats. You just need to perform the "raw" digital signature thanks to CUTE, the key being stored for instance on a user's smartcard or on a mobile phone.

The new version of Unicity MSS is available for purchase and download for now! If your license is still valid, you can obtain this new version upon request.

As usual, please share with us any comment about this product, all the Cryptolog's team is at your disposal to keep providing you with the electronic signature services you need!

Contact us !

Cryptolog at DEMAT EXPO 2009

2009-11-23T10:37:30Z

Cryptolog will be present at the 6th edition of the event DEMAT'EXPO (previously DEMATERIALISER), on next December 1st and 2nd, in Paris.

Being a major actor of the dematerialization of legal documents in Europe, Cryptolog had to be part of this event.

Come to meet our experts and discover our solutions for electronic signature on our stand n°26.

On the first day of exhibition, Julien Stern, CEO of Cryptolog, will give a conference on "Qualified electronic signature", specifically on the key elements in the implementation of an electronic signature process, whether it is at point-of-sales or on the web.

Julien Stern, Tuesday, December 1st - 3:30pm to 4:15 - conference room S3

Come to visit us! Information and registration on the website of the event:

Cryptolog announces the nomination of Marie Wattez as its Marketing and Communication Director

2009-10-26T14:43:05Z

Marie joined Cryptolog at the beginning of 2009.
Our avid CryptoBlog readers know her quite well already...

Right before Cryptolog, she managed for 7 years the marketing and the communication of Argon Consulting, a supply chain consulting company, where she acquired a deep experience of BtoB operational marketing.
Prior to this, she spent several years as operational optimization manager, with the consulting companies IMPAC and IMR.

Her mission is to promote Cryptolog image and solutions in France and in Europe as well as to structure new commercial offerings.

Marie, welcome aboard... officially now!

RSA Conference Europe, long-term validation of electronic signature

2009-10-14T15:38:14Z

We are very pleased to announce that Julien Stern, CEO of Cryptolog will participate in a Panel session at the major event in information security, RSA Conference Europe 2009, taking place in London, 20-22th October.
Together with speakers of Adobe Systems, Sealed, Thales and la Universidad Politécnica de Cataluna, he will discuss the issues of storing signed documents for long periods and the validation of signatures in the European legal context. It is a great opportunity for us to share our vision and approach with the best experts in Europe.
Session SEC-104, Tuesday October 20th, 1:30 PM - 2:30 PM.
"Long Term Validation of Electronic Signatures in the European Legal Context"

Cryptolog already compliant with PAdES

2009-10-06T13:38:14Z

Cryptolog, the French electronic signature solutions supplier is pleased to announce that all its software is already compliant with the new electronic signature standard PAdES - Portable Document Format (PDF) Advanced Electronic Signatures.

Less than one month after the publication of the new ESTI (European Telecommunications Standards Institute) standard, Cryptolog proves, once again, its leading-edge position within the electronic signature sector in Europe.

Cryptolog is in fact one of the companies chosen to be part of the Specialist Task Force which has written the standard.

"Our involvement with the ETSI demonstrates Cryptolog's will to promote high quality standards for the electronic signature sector and to guarantee our customers the best possible compatibility', states Julien Stern, CEO of Cryptolog.

Read more information on PAdES, read the ETSI press release on www.etsi.org

NIST SHA-3 competition:Why MD6 has not been selected for round 2

2009-07-27T09:44:05Z

MD6 was considered one of the favorite. However in an email posted in the NIST mailing list on the first of July, Ron Rivest (the R in RSA) had announced that he was minding that MD6 was not ready for the SHA-3 competition second round.

We suggest that MD6 is not yet ready for the next SHA-3 round, and we also provide some suggestions for NIST as the contest moves forward.

So what happened? The MD6 algorithm was too slow compared to the SHA-2 family algorithms and the other competitors. The computational efficiency of an algorithm is obviously an important selection criteria. In order to gain speed the MD6 team decided to reduce the number of rounds from 80 down to 40. But if the initial MD6 algorithm had a security proof against differential cryptanalysis¹ Rivest and his team was not able to provide such as proof for the reduced version.

The MD6 team has worked hard to see if a reduced-round version of MD6 could be proven resistant to differential attacks. So far, we have failed to do so.

This does not mean at all that MD6 has been broken or that this new version with fewer rounds is weaker but it seems to be enough for Rivest to give up the contest:

While MD6 appears to be a robust and secure cryptographic hash algorithm, and has much merit for multi-core processors, our inability to provide a proof of security for a reduced-round (and possibly tweaked) version of MD6 against differential attacks suggests that MD6 is not ready for consideration for the next SHA-3 round.

Differential cryptanalysis: a type of cryptanalysis which studies how the differences on the input affects the algorithm output in order to extract some information on a secret or find a weakness in the algorithm.

Signing e-contracts in point of sales

2009-06-19T08:58:46Z

If you missed our conference at Infosecurity 2009, check out our video and slides of Julien Stern' talk.

End to end dematerialisation of signed contracts in points of sales

signing econtracts in shops
par Cryptolog

For any further information on that subject, do not hesitate to contact us at sales@cryptolog.com