ARX (company)

Last updated

ARX (Algorithmic Research Ltd.) is a digital security company headquartered in San Francisco, CA, with offices in the UK, the Netherlands, Australia and Israel. It is the creator of CoSign by ARX, a digital signature technology, along with related digital signature security technology products. ARX was acquired by DocuSign in May 2015. The acquisition [1] builds on a three-year business partnership between DocuSign and ARX, bringing together ARX's CoSign digital signature technology with DocuSign's Digital Transaction Management (DTM) platform and broadens The DocuSign Global Trust Network.

Contents

The ARX digital signature products are based on public key infrastructure (PKI) technology, with the digital signatures resulting from a cryptographic operation that creates a ‘fingerprint’ unique to both the signer and the content, so that they cannot be copied, forged or tampered with. This process provides proof of signer identity, data integrity and the non-repudiation of signed documents, all of which can be verified without the need for proprietary verification software. [2]

The company's CoSign solution integrates into a large range of document management and workflow automation systems and is intended to streamline workflow processes requiring signatures. [3] [4] ARX partners with document management and workflow solution providers including SharePoint, [5] OpenText, [6] Oracle, [7] Alfresco, [8] Nintex and K2. [9]

Industries of focus include life science (particularly research and clinical trials), [10] [11] engineering, legal and federal/local governments. [12] ARX clients are based in North America, Africa, [13] Europe [14] and Asia-Pacific. In Italy, CoSign is used by the Ministry of Defence, RAI, Senate, Court of Accounts, State Police and Bank of Italy. [15] It is also used by the European Court of Human Rights to digitize and streamline their application process. [16]

ARX solutions have been validated for security standards such as NIST FIPS 140-2 level 3, [17] FIPS 186 and ETSI TS 101 733. In 2013, CoSign was named “the strongest digital signature solution” in the 2013 report. [18] In August 2014, CoSign received Common Criteria EAL4+ [19] certification, thus becoming the first remote / server-side digital signature solution to be fully compliant with the EU's newly enacted Electronic Identification and Trust Services regulation for Electronic Transactions in the Internal Market (eIDAS). [20] ARX solutions also comply with ESIGN, UETA, FDA 21 CFR Part 11, SOX, HIPAA, USDA, among many other signature-related country- and industry-specific laws and regulations. [5]

History

ARX was founded in 1987 by Prof. Amos Fiat and Yossi Tulpan and focused on developing encryption-based products, which included an RSA-smartcard developed for Canal+ in 1989, a secure-PIN entry keyboard connected smartcard reader, cryptographic toolkits, a network-attached cryptographic server (HSM), and a VPN. In September 1997 ARX was acquired by Cylink Corp (NASDAQ:CYLK) from Sunnyvale, California.

In 2001 the company went through a management buy-out (MBO) initiated by Dr. Gadi Aharoni. Dr. Aharoni served as the President and CEO of ARX for 14 years, and under his leadership the company gradually switched to focus on its newly developed CoSign Digital-Signature solution. In May 2015, ARX was acquired by its U.S. competitor DocuSign.

Related Research Articles

The Digital Signature Algorithm (DSA) is a public-key cryptosystem and Federal Information Processing Standard for digital signatures, based on the mathematical concept of modular exponentiation and the discrete logarithm problem. DSA is a variant of the Schnorr and ElGamal signature schemes.

<span class="mw-page-title-main">Digital signature</span> Mathematical scheme for verifying the authenticity of digital documents

A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature on a message gives a recipient confidence that the message came from a sender known to the recipient.

<span class="mw-page-title-main">David Chaum</span> American computer scientist and cryptographer (born 1955)

David Lee Chaum is an American computer scientist, cryptographer, and inventor. He is known as a pioneer in cryptography and privacy-preserving technologies, and widely recognized as the inventor of digital cash. His 1982 dissertation "Computer Systems Established, Maintained, and Trusted by Mutually Suspicious Groups" is the first known proposal for a blockchain protocol. Complete with the code to implement the protocol, Chaum's dissertation proposed all but one element of the blockchain later detailed in the Bitcoin whitepaper. He has been referred to as "the father of online anonymity", and "the godfather of cryptocurrency".

<span class="mw-page-title-main">Blind signature</span> Form of digital signature

In cryptography a blind signature, as introduced by David Chaum, is a form of digital signature in which the content of a message is disguised (blinded) before it is signed. The resulting blind signature can be publicly verified against the original, unblinded message in the manner of a regular digital signature. Blind signatures are typically employed in privacy-related protocols where the signer and message author are different parties. Examples include cryptographic election systems and digital cash schemes.

An electronic signature, or e-signature, is data that is logically associated with other data and which is used by the signatory to sign the associated data. This type of signature has the same legal standing as a handwritten signature as long as it adheres to the requirements of the specific regulation under which it was created.

Enterprise content management (ECM) extends the concept of content management by adding a timeline for each content item and, possibly, enforcing processes for its creation, approval, and distribution. Systems using ECM generally provide a secure repository for managed items, analog or digital. They also include one methods for importing content to manage new items, and several presentation methods to make items available for use. Although ECM content may be protected by digital rights management (DRM), it is not required. ECM is distinguished from general content management by its cognizance of the processes and procedures of the enterprise for which it is created.

DocuShare is a content management system developed by Xerox Corporation. DocuShare makes use of open standards and allows for managing content, integrating it with other business systems, and developing customized and packaged software applications.

<span class="mw-page-title-main">Hardware security module</span> Physical computing device

A hardware security module (HSM) is a physical computing device that safeguards and manages secrets, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure cryptoprocessor chips.

<span class="mw-page-title-main">Network Security Services</span> Collection of cryptographic computer libraries

Network Security Services (NSS) is a collection of cryptographic computer libraries designed to support cross-platform development of security-enabled client and server applications with optional support for hardware TLS/SSL acceleration on the server side and hardware smart cards on the client side. NSS provides a complete open-source implementation of cryptographic libraries supporting Transport Layer Security (TLS) / Secure Sockets Layer (SSL) and S/MIME. NSS releases prior to version 3.14 are tri-licensed under the Mozilla Public License 1.1, the GNU General Public License, and the GNU Lesser General Public License. Since release 3.14, NSS releases are licensed under GPL-compatible Mozilla Public License 2.0.

GlobalSign is a certificate authority and a provider of internet identity and security products. As of January 2015, Globalsign was the 4th largest certificate authority in the world, according to Netcraft.

Lattice-based cryptography is the generic term for constructions of cryptographic primitives that involve lattices, either in the construction itself or in the security proof. Lattice-based constructions support important standards of post-quantum cryptography. Unlike more widely used and known public-key schemes such as the RSA, Diffie-Hellman or elliptic-curve cryptosystems — which could, theoretically, be defeated using Shor's algorithm on a quantum computer — some lattice-based constructions appear to be resistant to attack by both classical and quantum computers. Furthermore, many lattice-based constructions are considered to be secure under the assumption that certain well-studied computational lattice problems cannot be solved efficiently.

CAdES is a set of extensions to Cryptographic Message Syntax (CMS) signed data making it suitable for advanced electronic signatures.

PAdES is a set of restrictions and extensions to PDF and ISO 32000-1 making it suitable for advanced electronic signatures (AdES). This is published by ETSI as EN 319 142.

Docusign American software company

Docusign, Inc. is an American company headquartered in San Francisco, California, that allows organizations to manage electronic agreements with electronic signatures on different devices. As of 2024, Docusign has about 1.5 million clients in 180 countries. Signatures processed by Docusign are compliant with the US ESIGN Act and the European Union's eIDAS regulation, including EU Advanced and EU, Qualified Signatures.

<span class="mw-page-title-main">Signority</span>

Signority is a cloud-based electronic signature provider based in Ottawa, Ontario, Canada that provides web-based public and private cloud electronic signature solutions. The company was co-founded in 2010 by Jane He and Qingbo Jin.

Utimaco Atalla, founded as Atalla Technovation and formerly known as Atalla Corporation or HP Atalla, is a security vendor, active in the market segments of data security and cryptography. Atalla provides government-grade end-to-end products in network security, and hardware security modules (HSMs) used in automated teller machines (ATMs) and Internet security. The company was founded by Egyptian engineer Mohamed M. Atalla in 1972. Atalla HSMs are the payment card industry's de facto standard, protecting 250 million card transactions daily as of 2013, and securing the majority of the world's ATM transactions as of 2014.

An advanced electronic signature is an electronic signature that has met the requirements set forth under EU Regulation No 910/2014 (eIDAS-regulation) on electronic identification and trust services for electronic transactions in the European Single Market.

In the context of Regulation (EU) No 910/2014 (eIDAS), a qualified digital certificate is a public key certificate issued by a trust service provider which has government-issued qualifications. The certificate is designed to ensure the authenticity and data integrity of an electronic signature and its accompanying message and/or attached data.

Adobe Acrobat Sign is a cloud-based e-signature service that allows the user to send, sign, track, and manage signature processes using a browser or mobile device. It is part of the Adobe Document Cloud suite of services.

References

  1. "DocuSign Acquisition -". Archived from the original on 2015-10-03. Retrieved 2015-09-20.
  2. "Gadi Aharoni - CoSign by ARX - Legal IT Professionals | Everything legal technology". 2014-12-02. Archived from the original on 2014-12-02. Retrieved 2019-01-15.
  3. tech, Desire Athow 2014-05-03T10:30:00Z World of (3 May 2014). "Digital signatures: what you need to know". TechRadar. Retrieved 2019-01-15.{{cite web}}: CS1 maint: numeric names: authors list (link)
  4. "Best E-Signature Software in 2019". G2 Crowd. Retrieved 2019-01-15.
  5. 1 2 "CoSign Standardizing Digital Signatures in the Enterprise". 1 July 2014. Archived from the original on 11 December 2014.
  6. "partner-directory-detail". OpenText. Retrieved 2019-01-15.
  7. Author, Guest. "Digital Signatures and Oracle WebCenter: The Future Is Now". blogs.oracle.com. Retrieved 2019-01-15.{{cite web}}: |last= has generic name (help)
  8. "Digital Signatures - Zaizi". Archived from the original on 2014-12-11. Retrieved 2014-12-11.
  9. "K2-CoSign Integration". Archived from the original on 2014-10-20. Retrieved 2014-12-11.
  10. "Bio-IT World". www.bio-itworld.com.
  11. "ARXs CoSign Digital Signature Solution Provides Security FDA Compliance and Annual Cost Savings of 150000 for Medrad Inc".
  12. (TRM), Department of Veterans Affairs (VA), Office of Information &Technology (OI&ampT), Product Development (PD), Technical Reference Model. "Cosign Digital Signature".{{cite web}}: CS1 maint: multiple names: authors list (link)
  13. "Engineering News - 'Signed and Sealed' at the 'click' of a button: Pitney Bowes introduces ground-breaking digital signature technology".
  14. "Signatur bekräftas i liten låda".
  15. CoSign by ARX in Italy Archived December 11, 2014, at the Wayback Machine
  16. Nguyen, Anh. "European Court of Human Rights achieves end-to-end digitisation with electronic signatures".
  17. "FIPS 140-2 Non-Proprietary Security Policy" (PDF).
  18. "Forrester Wave: E-Signatures, Q2 2013". Archived from the original on 2015-09-07. Retrieved 2014-12-11.
  19. "Firma digitale remota: CoSign passa i test di sicurezza - Data Manager Online". 30 July 2014.
  20. "European Union's Electronic Identification and Trust Services for Electronic Transactions in the Internal Market' (eIDAS)". Reuters . Archived from the original on 2014-09-03.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.