What is a Long-term Digital Signature?

Definition: Digital signature is a set of data that certifies the identity of the person signing, as well as the integrity of the message content, that is, that the message has not been modified or altered. The digital signature has become a common part of our Internet transactions. There are more and more occasions in which we have to use this system in the network, as, for example, when signing a contract, in the electronic invoices or to sign health consents.

When we make a digital signature, it is as if we were signing on a paper. For this reason, just as an endorsement on paper lasts over the time, a digital signature also lasts over the years. Hence, the emergence of the long-term digital signature. A format that companies use to, in case of conflict, have the guarantee of being able to check the validity of the signatures.

In this article we will explain what is the long-term digital signature and the different types that exist.


Long-term Digital Signature explained

A long-term digital signature ensures its long-term validity. To achieve this, it incorporates additional information to ensure that the data has not been modified after the signature, checking the status of the certificate when the signature was made, i.e., that it was valid at the time it was signed and guaranteeing non-repudiation (that the issuer cannot deny having signed the document). In addition to this additional information, it also adds a time stamping that ensures the validity of the certificate at the time the signature was made.

The change from a signature to a long-term signature can be made by both the signer and the verifier, because it involves the inclusion of verification elements in the structure of the signatures.

Types of long-term digital signature

There are different types of long-term digital signature. These can be divided into two categories: according to the format and according to the security level.

According to the format, there are three types:

  • PAdES: the most common, since the signatures are in PDF format.
  • CAdES: this type of format is used for CMS files.
  • XAdES: this type is in case of XML documents.

Each of these three formats can be classified into different security levels. According to the European Commission and the European Telecommunications Standards Institute (ETSI), are established four levels:

  • Level B: It is short term. It includes information of the certificates that have been used, but it does not guarantee that after a period of time the validity of the certificates can be verified, nor does it guarantee the time at which the signature was made. It is a low level of security.
  • Level BT: It is similar to level B, except that it adds the date and time of the moment when the signature was made (time stamping).
  • Level B-LT: This security level includes the information of the B and BT levels and adds verification information.
  • Nivel B-LTA: It is the most recommended and the most secure signature format, as it includes all the validation and verification information of the document with time stamping.

HSM, key to a secure digital signature

Hardware Security Module (HSM) is a security hardware that is intended for the storage and protection of PKI technology keys through cryptography. It is one of the most reliable technologies in the world of cybersecurity and one of its many uses is the protection of keys and digital certificates.

The long-term digital signature, like the digital signature, includes an HSM. It is essential that digital signatures incorporate this technology, since HSMs improve and extend their security by simplifying the keys of digital signatures and centralizing all digital certificates, thus providing greater control over them and achieving a high level of protection and security in the keys by means of a cryptoprocessor.

HSMs are one of the best alternatives to manage and protect our digital certificates. At Utimaco, we develop encryption and digital signature solutions and for this we have the best Hardware Security Module, with high performance and security, designed to encrypt our data regardless of what operating system is being used.



Blog posts

Blog posts

eInvoicing teaser
Blog post

eInvoicing - ensuring compliance with the EU VAT Directive

eInvoicing is a digital solution that enables public sector contractors and companies to receive and process electronic invoices that comply with the European standard.
a man typing on the computer
Blog post

The Open Finance API & the requirement for eIDAS Certificates and Qualified Signature Creation Devices

Open Finance is driven by technologies such as open APIs. It is a publicly available application programming interface with programmatic access to a proprietary software application or web service – a set of requirements that control how one application communicates and interacts with another.
digital map with icons
Blog post

The Open Finance Ecosystem & the Standards for Secure Identification & Sharing of Data

Open Finance is seen as the natural evolution to Open Banking - extending the use of open data beyond traditional payment accounts to encompass an individual’s complete financial landscape, putting control in the hands of the customer and promoting full financial inclusion.
European Digital Identity Trust Framework
Blog post

The European Digital Identity Trust Framework & Qualified Trust Services

This article explains the Trust Framework and the ‘digital wallet’ requirement for remote eIDAS qualified electronic signatures, seals and qualified signature creation devices (QSCDs).
Blog post

A new era for e-signatures – how eIDAS is shaping the future of high-trust signing

E-signatures provide a fast, secure, efficient and cost-effective alternative to paper signing and the eIDAS regulation ensures legal certainty across the EU with its requirements for Basic, Advanced and Qualified e-signatures.
Related products

Related products

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail


      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.