Data Security and Cryptology, XI

Digital Signature, its’ Infrastructure and Usage in

Estonia

Data Security and Cryptology, XI

Digital Signature, its’ Infrastructure and Usage in

EstoniaNovember 12th, 2014

Valdo Praust 

mois@mois.ee

Lecture Course in Estonian IT CollegeAutumn 2014 

  

November 12th, 2014

Valdo Praust 

mois@mois.ee

Lecture Course in Estonian IT CollegeAutumn 2014 

  

Main Types of Cryptoalgorithms

Main Types of Cryptoalgorithms

1. Symmetric cryptoalgorithms or secret-key crypotoalgorithms are traditional (historical) cryptoalgorithms

2. Asymmetric cryptoalgorithms or public-key crypotoalgorithms are widely spread within last 30 years

3. Cryptographic message digests and similar constructions

4. Special-purpose algorithms for proofing, authentication etc

Cryptographic Hash or Cryptographic Message Digest

Cryptographic Hash or Cryptographic Message Digest

Cryptgraphic hash (krüptoräsi) or cryptographic message digest (krüptograafiline sõnumilühend) or fingerprint or thumbprint is digest with a fixed lenght which is computed from an arbitrary-length message using an one-way function

Cryptgraphic hash (krüptoräsi) or cryptographic message digest (krüptograafiline sõnumilühend) or fingerprint or thumbprint is digest with a fixed lenght which is computed from an arbitrary-length message using an one-way function

One-way function (ühesuunaline funktsioon) is such a function which is easy comutable but an inverse function is unfeasible (practically uncomputable)

Cryptographic Message Digest: Usage

Cryptographic Message Digest: Usage

If we have a given message-hash pair and the hash corresponds to the message then we can always sure that the hash is certainly calculated from the given message

If we have a given message-hash pair and the hash corresponds to the message then we can always sure that the hash is certainly calculated from the given message

Main usage of hashes are ensuring the integrity (usually helps public-key algorithm)

Practically secure hash functions find a hash which lenght is at least 160 bit (in enhanced security cases 256 bits)

Cryptographic Hash: UsageCryptographic Hash: Usage

Main usage of cryptographic hashes are authentication and ensuring of integrity (for example in digital signatures)

One of the main reasons of cryptographis hashes’ usage is that public-key cryptoalgorithm is unsuitable for processing of long plaintexts

Cryptographic Message Digest: Principle

Cryptographic Message Digest: Principle

Most-Of-Used Hash FunctionsMost-Of-Used Hash Functions• SHA-1 – was constructed in 1996 in NSA

using the same principles that were earlier used in MD4 but increasing the security (using longer values). Lenght of hash is 160 bits (20 bytes)

• RIPEMD-160 – was constructed in Belgium in early 1990s. Finds 160-bit (20-byte) hash

The practically used hash functions must compute at most 160-bit hash (twice as long hash as was a minimal lenght of practically secure symmetric cryptoalgorithm, i.e. 2 x 80 bits)

The practically used hash functions must compute at most 160-bit hash (twice as long hash as was a minimal lenght of practically secure symmetric cryptoalgorithm, i.e. 2 x 80 bits)

Practically Unsecure Hash Functions

Practically Unsecure Hash Functions

• MD2, MD4 – preseccors of MD5, made by Ron Rivesti, found 128-bit hash

• MD5 – made by Ron Rivest in 1980s. Founds 128-bit hash (digest)

For these hash functions there has been found both collisions and practical breaking expoits. Despite of this fact MD5 is still unfotunately in use in numerous places

For these hash functions there has been found both collisions and practical breaking expoits. Despite of this fact MD5 is still unfotunately in use in numerous places

Enhanced Security: RIPEMD-256 and SHA-2

Enhanced Security: RIPEMD-256 and SHA-2

• RIPEMD-256 is successor of RIPEMD-160 with a hash lenght of 256 bits (breaking is much more harder)

• SHA-2 is a family of hash functions with longer than 160-bit hash (224, 256, 384 or 512 bits)

It’s reasonable to use RIPEMD-256 or SHA-2 in the following two cases:• for a long-term security (longer as 5-10 years)• for an enhanced level of security (enhanced level

of integrity)

It’s reasonable to use RIPEMD-256 or SHA-2 in the following two cases:• for a long-term security (longer as 5-10 years)• for an enhanced level of security (enhanced level

of integrity)

• Protocol (protokoll) determines, which information moves between different subjects and who/how/when transforms it

• Cryptoprotocol is a protocol where transformings include different cryptoalgorithms (symmetric, asymmetric, hash algorithms) and/oe key generations

Essence of a CryptoprotcolEssence of a Cryptoprotcol

There are a lot of different cryptoprotocols. The most-of-spread cryptoprotocol (in Internet) is TLS (Transport Layer Security)

There are a lot of different cryptoprotocols. The most-of-spread cryptoprotocol (in Internet) is TLS (Transport Layer Security)

• Is constructed to work in Internet, i.e. in the network which bases on TCP/IP

• Enables to autenticate different (both) parties• Enable to change the symmetric algorithm’s key

for secure transfer of information and to transfer information securely

• Includes to the higher-level protocols, adding the security to the basic functionality:

ssh instead of telnet

https instead of http

secure ftp instead of ftp

TLS: Main Properties and FactsTLS: Main Properties and Facts

TLS ChannelTLS Channel

• Channel is a private. After the parties has changed the encryption keys, all transferrable data are encrypted

• Channel is authenticated. It’s possible both-side authentication but also a single-side authentication

• TLS enables to check the successful receiving of all packages (necessary property for a batch mode information transfer – TCP/IP protocol)

TLS makes a secure channel (turvaline sidekanal) over a network which have following three properties:

TLS Security and ProblemsTLS Security and Problems

• If B has his private key and the signed message already sent to A, it’s impossible to masquerade B to A – it is protected by cryptographic algorithms

• It’s impossible to eavesdrop the communication between A and B without knowing the secret keys

• But there remains a problem: if instead of real B the communication with A was started by a “false B” it can’t be discovered by A

This problem cannot be solved only by TLS – it needs some additional resources

This problem cannot be solved only by TLS – it needs some additional resources

Dokcument as a Data Source

An organized human activity has based on mediated information called data already in centuries. But in most of cases we need that data can be considered also as documents

Documents are such a data, where there are•some (legal) meaning of data•a certain an unchangable relationsahip with data, creator of data and creation time of data

Documents are such a data, where there are•some (legal) meaning of data•a certain an unchangable relationsahip with data, creator of data and creation time of data

Until the late 1990s a document was synonym of a paper document

Evidentiary Value of a DocumentEvidentiary Value of a Document

Document is a data where two following conditions are satisfied:• there’s possible to identify the creator of a

document (and sometimes also a creation time)• there’s possible to verify that the document has

remained unchanged after its’ creation (both occasionally and by the deliberate act)

These properties together are called evidentiary value of a document (dokumendi tõestusväärtus)

Document is a data where two following conditions are satisfied:• there’s possible to identify the creator of a

document (and sometimes also a creation time)• there’s possible to verify that the document has

remained unchanged after its’ creation (both occasionally and by the deliberate act)

These properties together are called evidentiary value of a document (dokumendi tõestusväärtus)

For a creation and preservetion of documents we can’t use any such a method where one or both evidetiary value properties are not satisfied

Evidentiary Value of a Traditional Paper Document

Evidentiary Value of a Traditional Paper Document

• For a paper document all information (text, pictures, tabeles etc) is beared to the paper sheet by some permanent method which excludes erasing. Therefore a paper sheet (data carrier) can always be considered as a document itself

• Paper document is binded with its creator by an handwritten signature (omakäeline allkiri)

These two widely-spread techniques ensure the evidentiary value of a traditional paper document

These two widely-spread techniques ensure the evidentiary value of a traditional paper document

Structure of a Paper DocumentStructure of a Paper Document

Evidentiary Value of a Digital Document: a Big Problem

Evidentiary Value of a Digital Document: a Big Problem

A fact: a digital information is usually kept and stored in a way which can’t permanently bind data to the data carrier. Multple writable media (hard disks, flash memory etc) are mass-used

A fact: a digital information is usually kept and stored in a way which can’t permanently bind data to the data carrier. Multple writable media (hard disks, flash memory etc) are mass-used

Conclusion: for a digital documents we can’t use the same methods as we use in paper documents – handwritten signature doesn’t help us because there isn’t any media by which the signature is related. Therefore, we must achieve evidentiary value in a different way

Structure of a Digital DocumentStructure of a Digital Document

Acheiving the IntegrityData integrity (andmete terviklus) is a ensuring that data are originated (information was stored into the data) by a certain subject and haven’t been altered (both occidentially and by a deliberate act)

Data integrity (andmete terviklus) is a ensuring that data are originated (information was stored into the data) by a certain subject and haven’t been altered (both occidentially and by a deliberate act)

Differently from paper documents the integrity of digital data isn’t a default property: it must be achieved by some special activities (safeguards)

Actually only possibility is a using of digital signature (digitaalsignatuur, digisignatuur) which is based on public-key cryptography

Bureaucrats speak about evidentiary value, which is higly similar to integrity (used by IT security specialists)

Solution of Integrity for Digital Documents – a Digital SignatureSolution of Integrity for Digital

Documents – a Digital SignatureWhen it’s impossible to achieve the integrity (evidentiary value) on the level of data carrier, the only possibility is to use a technique which bind the data itself to the creator using mathematical relationships

Actually this technique is called digital signature (digitaalallkiri, digiallkiri) which is up to present the only way, how we can ensure the provable integrity under the multiple rewritable media paradigm

Technical and Legal Views to Digital Signature

 

• Up to present the only known way for giving a legal digital signature is a using of technical digital signature

• Each legal digital signature is (up to present) a technical digital signature. But each technical digital signature isn’t of course a legal digital signature – it needs some authorities called public key infrastructure

A legal digital signature (digitaalallkiri, digiallkiri) is a legal concept which gives the document an evidentary value as handwritten signature gives such a value to paper-based documentA technical digital signature (digitaalsignatuur, sigisignatuur) is a technical or cryptotechnical construction which uses public-key cryptoalgorithm for achieving the integrity

A legal digital signature (digitaalallkiri, digiallkiri) is a legal concept which gives the document an evidentary value as handwritten signature gives such a value to paper-based documentA technical digital signature (digitaalsignatuur, sigisignatuur) is a technical or cryptotechnical construction which uses public-key cryptoalgorithm for achieving the integrity

Essence of (Legal) Digital SignatureEssence of (Legal) Digital Signature

Digital signature uses the methods offered by a public-key cyrpotialgorihm (its use in digital signature or integrity acheiving mode)

(A legal) digital signature (digitaalallkiri, digiallkiri) is an additional data set which is added to signable document (signable data set) and which is created by a signer (allkirjastaja) using both the signable document and a private key of a signer and is performed by mathematical operations

(A legal) digital signature (digitaalallkiri, digiallkiri) is an additional data set which is added to signable document (signable data set) and which is created by a signer (allkirjastaja) using both the signable document and a private key of a signer and is performed by mathematical operations

Public-Key CryptoalgorithmPublic-Key Cryptoalgorithm

 

These keys are generated by a mathematical algrothm and are mathematically related to each other but there’s impossible in practice (infeasible) to found from public key to private key

 

Public-key cryptoalgorithm (avaliku võtmega krüptoalgoritm) or asymmetric cryptoalgorithm (asümmeetriline krüptoalgoritm) uses two keys – if we encrypt by one key, we can decrypt it later by another key

Public-key cryptoalgorithm (avaliku võtmega krüptoalgoritm) or asymmetric cryptoalgorithm (asümmeetriline krüptoalgoritm) uses two keys – if we encrypt by one key, we can decrypt it later by another key

Public-Key Cryptoalgorithm: Keys

Public-Key Cryptoalgorithm: Keys

 

 

Keys of public-key cryptoalgorithm are called usually public key and private key (avalik võti ja privaatvõti)

Keys of public-key cryptoalgorithm are called usually public key and private key (avalik võti ja privaatvõti)

• Public key is usually known for all parties (is public)

• Private key is usually known or can be used only by a keypair owner (for a legal digital signature case by a signer)

Public-Key Cryptoalgorithm: an Idea of Digital Signing

Giving of a Digital SignatureGiving of a Digital Signature

In order to give a digital signature, the signer must have earlier-generated public-key cryptoalgorithm keypair (avaliku võtmega krüptoalgoritmi võtmepaar), which consists of:

• private key (privaatvõti, isiklik võti) • public key (avalik võti)

Both keys are digital data sets (bitstreams)

Digital signature, which is given by a private key, is verifiable by the corresponding public key

Digital signature, which is given by a private key, is verifiable by the corresponding public key

Creation of a KeypairCreation of a Keypair

Cryptographic Hash or Cryptographic Message Digest

Cryptographic Hash or Cryptographic Message Digest

Cryptgraphic hash (krüptoräsi) or cryptographic message digest (krüptograafiline sõnumilühend) is digest with a fixed lenght which is computed from an arbitrary-length message using an one-way function

Cryptgraphic hash (krüptoräsi) or cryptographic message digest (krüptograafiline sõnumilühend) is digest with a fixed lenght which is computed from an arbitrary-length message using an one-way function

This is a one-way relation (ühesuunaline seos) - for a given digest it’s impossible to restore the message

Conclusion: if digest corresponds to message we can be always sure that the digest is computed just from the given message

The Role of Hash in Digital Signatures

The Role of Hash in Digital Signatures

Digital signature is usually given to hash of a document, not to an original (long) document

Digital signature is usually given to hash of a document, not to an original (long) document

This is necessary, because the public-key algorithm is unsuitable for encryption of long messages (it works thousands times slower than a typical symmetric algorithm)

Because it’s impossible to (re)construct a message using a hash, then the digital signature, which given to hash, is as good as a digital signature which is given to an original document (in the mean on integrity)

Giving of a Digital SignatureGiving of a Digital Signature

Verifying of a Digital SignatureVerifying of a Digital Signature

Private Key and its UsagePrivate Key and its Usage

Therefore we must keep private key extremly carefully preventing its unauthorized usage and spread

The sufficiently secret way is to generate and use the public key in a special hardware device, for example in a chipcard (kiipkaart) consisting both a key generation and encryption algoritms and having possibilites of private key usage only inside the chip and unability to read private key outside the chip

Estonian ID-Card and Mobile ID-Card are both such a cryptographic chipcards

Everyone, who has a private key of a signer can give unauthorizedly a digital signature of a signer

Everyone, who has a private key of a signer can give unauthorizedly a digital signature of a signer

Private Key as a ChipcardPrivate Key as a Chipcard

Such a chip/device, where it’s impossible to read some internal values (keys) from the device, are called non-reverse-engineerable (pöördkonstrueerimatu) device

Such a chip/device, where it’s impossible to read some internal values (keys) from the device, are called non-reverse-engineerable (pöördkonstrueerimatu) device

A Necessity for a Certification Service

A Necessity for a Certification Service

Above-mentioned technique allows to bind a document to the public key (keypair) of a signer

We are interested in binding a document with a signer as a physical person - whith his/her name, personal or national idenfication number (isikukood) etc.

Solution: we must additionally (previously) to bind the personal identification data of signer to the public key of a signer

Solution: we must additionally (previously) to bind the personal identification data of signer to the public key of a signer

Principles of CertificationPrinciples of Certification

Certificates are usually issued by a special certificartion authorities (CAs, sertifitseerimiskeskus, sertifitseerimisteenuse osutaja)

Binding of personal idenfication data (name, personal identification number) to public key is called certification (sertifitseerimine)

A result of certification (by the means of digital signature) is a certificate (sertifikaat) which is always a digital document

Binding of personal idenfication data (name, personal identification number) to public key is called certification (sertifitseerimine)

A result of certification (by the means of digital signature) is a certificate (sertifikaat) which is always a digital document

How Certificate(s) ActHow Certificate(s) Act

CertificateCertificate

Instead of public keys there are always spread and used certificates (consisting these keys). For a verification of digital signature it’s always mandatory to have a certificate of a signer

A certificate (sertifikaat) is a digital document created and signed digitally by a certification authority. Certificate typically consists of personal data of signature owner, private key of signature owner and a specific certificate-related data (issuer, expiration date, issuing time etc)

A certificate (sertifikaat) is a digital document created and signed digitally by a certification authority. Certificate typically consists of personal data of signature owner, private key of signature owner and a specific certificate-related data (issuer, expiration date, issuing time etc)

Problems (Necessity for Additional Subjects)

Problems (Necessity for Additional Subjects)

Solution: we must allow the revocation of certificates (sertifikaatide tühistamine)

Revocation is not so simple. We must ensure that these singatures, which are given before revocation must remain valid, but none of these signatures, which are tried to give after revocation, will became valid

Revocation is not so simple. We must ensure that these singatures, which are given before revocation must remain valid, but none of these signatures, which are tried to give after revocation, will became valid

We can’t excude the cases when a private key will still appear to the hands of unauthorized persons. In these cases the unauthorized owner of key can produce an unlimited amount of digital signatures

We can’t excude the cases when a private key will still appear to the hands of unauthorized persons. In these cases the unauthorized owner of key can produce an unlimited amount of digital signatures

Solution of Certificates’ Revocation Problem

Solution of Certificates’ Revocation Problem

We need to acheive the long-time evidence value of signed documents: we must to able prove the evidence even a couple of years or even decades after the hypothetical revocation of corresponding certificates

Conclusion: we must add two following techniques to the (legal) digital signature infrastructure:

• We must add a provable time-stamp to all activies/results (signatures, revocation acts, etc)

• We must create a comparison possibility of different time stamps before signature verification (is there any revocation act which time is earlier than a time of a signature?)

Conclusion: we must add two following techniques to the (legal) digital signature infrastructure:

• We must add a provable time-stamp to all activies/results (signatures, revocation acts, etc)

• We must create a comparison possibility of different time stamps before signature verification (is there any revocation act which time is earlier than a time of a signature?)

Time-Stamp PrinciplesTime-Stamp PrinciplesTime-stamp (ajatempel) is an additional data set which is added to the original data set. There’s possibility to provably compare the creation time of different timestaps (data sets)

Time-stamp (ajatempel) is an additional data set which is added to the original data set. There’s possibility to provably compare the creation time of different timestaps (data sets)

Time-stapms are issued by a certain time-stamp authorities (ajatemplikeskused, ajatempliteenuse osutajad)

Time-stamp authority calculates the next time-stamp from the following sources using one-way funtsion (hash): • from the data (hash), which is sent to time-

stamp authority• from the previously issued time-stamp

Time-Stamp PrinciplesTime-Stamp Principles

One-way chaining of sequential time-stamps ensures that there is impossible to change already issued time-stamps and there is impossible to issue new time-stamp between already issued time-stamps

• All time-stamps and their’ issuing times and calculating algoroithms are public

• Time-stamp was taken from a time-stamp authority immediately after the calculating of the digital signature

Digitally Unsuitable Technique: a Revocation List

Digitally Unsuitable Technique: a Revocation List

Certificates’ revocation list (sertifikaatide tühistuslist) is a list kept by a certification authority(-ies), which consists of data of all possible revocations

An initial idea was to check each signature against a revocation list online during the each verification of signature

Why such a solution is unsuitable?Why such a solution is unsuitable?

Shortcomings of Revocation List Technique

Shortcomings of Revocation List Technique

• Each signature verification needs online-query

• Revocation list will became a real bottle-neck

• What will happen with signed documents when certification authority (revocation list) disappear (has been destroyed)?

It’s reasonable that signature (document) verification ability always preserves with the document, not in different place or using some different (additional) authorities

It’s reasonable that signature (document) verification ability always preserves with the document, not in different place or using some different (additional) authorities

A Suitable Technique: Validity of Approval

A Suitable Technique: Validity of Approval

Validity of approval is stored next to the signature and is (with a corresponding certificate and time-stamp) a digital proof that during the signing process the certificate was valid (there’s no revocations in force)

When digital signature in equipped with such a validity of approval then it’s possible to verify signature without any online connections. But a sigining process (taking of time-stamp and validity of approval) always needs online connection

Validity of approal (kehtivuskinnitus) is a query to certification authority which has made immediately after giving a digital signature

Validity of approal (kehtivuskinnitus) is a query to certification authority which has made immediately after giving a digital signature

Digital Document with Digital Signature with all Necessary

Additional Requisites

Digital Document with Digital Signature with all Necessary

Additional Requisites

Certification InfrastructureCertification InfrastructureCertification infrastructure (sertifitseerimise taristu) or public-key infrastructure (PKI, avaliku võtme taristu) consists of five following mandatory components necessary for secure giving and verifying of digital signatures:

•non-reverese-engineerably realized hardware-based public-key container

•certification authority (CA)•validity of approval service (at the CA)• time-stamping authority•organization and coordination of services (usually in national level)

Data FormatData Format

Data format (andmevorming, vorming) — a desciption how different type of information – text, picture, voice, video etc – is coded into the queue of 0’s and 1’s

A pre-agreed (standardised) data format gives to data (to data file) a concrete and unique meaning. If we have data but do not have the data format desciption, then we do not have the information, carried by the data

A pre-agreed (standardised) data format gives to data (to data file) a concrete and unique meaning. If we have data but do not have the data format desciption, then we do not have the information, carried by the data

From Data Format to MeaningFrom Data Format to MeaningDifferent data formats are supported by a different application software, which usually allow to write the file in certain format, or to made the content of data (information) human-perceptable etc.

Different data formats are supported by a different application software, which usually allow to write the file in certain format, or to made the content of data (information) human-perceptable etc.

A typical end-user usually don’t know anything about different data formats and interpretation. He/she usually associates the certain format only to the certain software which is able to interpretate these format(s).

End user usually receives only an human-perceptable form, prepared by the software, so-calles WYSIWYG (What You See Is What You Get, in Estonian adekvaatkuva)

Demands to the Signable Document Format

Demands to the Signable Document Format

Digital signature is technically binded to the bitstream, but we sign a documnt with a certain meaning (text, pictures, hypertext etc). Relationship between meaning and bitstream is determined by a used data format (andmevorming)

Conclusion: for signing there are suitable onlyu these formats which have a unique meaning and which description is publicly available

Conclusion: for signing there are suitable onlyu these formats which have a unique meaning and which description is publicly available

Recommended formats: PDF, RTF, JPG, GIF...

Unrecommended formats: DOC, DOCX, XLS, XLSX, ...

Legal RegulationLegal RegulationThere’s necessary to regulate legally:

• conditions of keypairs and their’ generating devices

• requirements to certification authorities

• requirements to time-stamp authorities

• organization and coordination of services

When these questions are solved (usually in the level of corresponding National Act) then we can state that digital documents with digital signatures have the same legal status as paber documents with handwritten signatures

When these questions are solved (usually in the level of corresponding National Act) then we can state that digital documents with digital signatures have the same legal status as paber documents with handwritten signatures

Digital Signature in Estonia, IDigital Signature in Estonia, I

1. Estonian National Digital Signature Act was adopted in 2000. It defines the conditions, which technical digital signatures (digisignatuurid) are acceptable as a legal digital signatures (digiallkirjad)

2. Time-stamp service is an essential integral part of Estonian legal digital signature

Digital Signature in Estonia, IIDigital Signature in Estonia, II

3. Both certification and time-stamping authorities are delegated to a private sector

4. State-based organization and coordination is concentrated into National Certification Register which is kept by an Estonian Ministry of Economic Affairs and Communication

Digital Signature and Estonia, IIIDigital Signature and Estonia, III

5. In 2001 there was registrated the first certification authority - Sertifitseerimiskeskuse AS. It received also time-stamping license and became a major subject in Estonia in the field of digital signatures.

The validity of approvals (OCSP-confirmations) service is charged (for a physical persion up to 10 signatures in one month are free of charge)

 

Digital Signature and Estonia, IVDigital Signature and Estonia, IV

6. In 2002 there were issued first Estonian ID-cards. Today more than 95% of Estonian citizens are equipped with such a cards

7. In late 2002 there was introduced the practical digital document format DigiDOC (file extension .ddoc) which is based on base64 coding and stores the result in text format

Digital Signatures and Estonia, VDigital Signatures and Estonia, V

8. During the last ten years the practical usage of digital signatures are spread almost to all categories of documents both in private and public sector

9. In 2007 there were issued first Mobile-ID cards for Estonian biggest cellular phone service provider EMT clients. In 2009 the Mobile-ID project was expanded also for other GSM service providers

Digital Signature and Estonia, VIDigital Signature and Estonia, VI

10. In 2009 there was introduced a digital stamp (digitempel) – an analogue for a digital signature for a legal entities (companies)

11. In late 2010 there was introduced a digital ID-card (digitaalne isikutunnistus)- a backup ID-card for a physical persons having only a digital part and no visual part (therefore unsuitable to use as a national identity document)

Digital Signature and Estonia, VIIDigital Signature and Estonia, VII

12. In 2010 there was introduced a DigiDOC3 standard which uses 2048-bit RSA instead of 1024 bit RSA

13. In 2014-16 there will take place a migration from DDOC format to international standard BDOC (more compact binary compressed files, more possibilites, possibility for new and more strong cryptoalgorithms etc)