Technology Overview

The concept of a digital signature for electronic data is very straightforward: a cryptographic algorithm is run on the data generating a tag or “signature” for the data that can then be used at a later date to make certain assertions, such as signing time, signing entity and data integrity.

PKI based digital signatures/timestamps have historically been used for this purpose however the complexities and cost of key management make it very challenging to scale. In 2006, aware of these limitations, a team of Estonian cryptographers, network architects, software developers and security specialists got together to design and build a web-scale digital signature system for electronic data using only hash function based cryptography. They named their invention Keyless Signature Infrastructure (KSI). The main innovations are the distributed delivery infrastructure designed for scale and the removal of the need to rely on cryptographic keys for signature verification.