COLUMN ONE : Sign on the Electronic Dotted Line : A new digital signature will make it impossible for computer documents to be forged. The government hopes this will lead to a world of paperless commerce, from tax returns to corporate contracts.

What medieval princes achieved with rings and ribbons and sealing wax, the lords of technology are creating with an electronic signature that is incontrovertible proof of authenticity for an electronic contract, check or tax return.

Computer experts say the technique, called a digital signature, makes it impossible to forge or alter a document that exists only in a computer’s fragile memory. It also makes it impossible for people to lie by denying they wrote or sent an electronic document.

The signature technique is an unusual application of the mathematics of digital cryptography. But unlike most codes, which are meant to protect information from prying strangers, the digital signature is a way of ensuring good faith between people who may never meet face to face.

Science, in a sense, has reduced trust to a patented formula.

Federal officials hope they can use the technique to unlock a world of electronic commerce in which digital checks, contracts, purchase orders and tax returns can reduce the flood of old-fashioned paperwork. Law firms could use a digital signature to notarize electronic deeds and wills, and banks or other financial institutions could authenticate credit cards and money transfers.

“It is really the key to the electronic paperless society we have talked about for so many years,” said Jim Omura, vice president of research for Cylink Inc., a Sunnyvale company that specializes in computer security.

But its potential is clouded by controversy.

Federal officials promised that the technique would be free. The National Institute of Standards and Technology, however, is giving Cylink and the other members of a consortium called Public Key Partners in Sunnyvale an exclusive 17-year license on the federal digital signature technique. The agreement, which is expected to be adopted this year, could give the consortium a windfall worth up to $2 billion in royalties.

Critics of the agreement say giving a single company the right to charge royalties on the digital signature technique is like granting a monopoly on the pens used to sign contracts and the seals used to notarize them.

Federal officials say they are seeking to avoid litigation that would delay adoption of the technique.

Nevertheless, the technology holds great promise. Today, electronic documents are only as good as the paper they are printed out on. When it comes to legal arrangements, procurement matters, laboratory notebooks or even personal mail, computer users have no way to know if the text appearing on their screen has been altered or forged. There also is no way to ensure that a date has not been changed. To have any legal standing, an electronic document must be accompanied by a separate handwritten signature.

Last month, David Ward, the chancellor of the University of Wisconsin, received a series of forged electronic messages from freshmen masquerading as top-level university officials, including a supposed letter of resignation from the housing director.

Only the students’ cheeky language gave away the hoax. “Thanks for the fish,” concluded the bogus E-mail message from the housing director. The dean of students is considering disciplinary action, university officials said.

The electronic signature is the product of a mathematical formula that uses a unique numerical key and the document itself to create a string of coded electronic numbers. One person creates the signature with a secret key. The recipient reads it with a second, public key.

This process in effect notarizes the document and ensures its integrity.

If the document is altered in any way, it will no longer produce exactly the same signature sequence when combined with the key.

To verify that the digital signature does identify the person who uses it, an agency such as the Postal Service or a corporate computer department must provide a certificate of authentication for each private signature key. For example, someone might obtain one signature certificate for her tax return from the post office, a second for business use from her employer and a third for her credit card from her bank.

The digital signature could replace handwritten scrawls on everything from purchase orders to contracts to personal letters, Omura said.

“If you think of what it can be used for--in lieu of where we now require legal signatures on pieces of paper--it is a very powerful technology,” said Lynn McNulty, associate director for computer security at the National Institute of Standards and Technology’s National Computer Systems Laboratory in Gaithersburg, Md.

The Defense Department wants to adopt the signature technique for its contracting activities and, by the end of the decade, the U.S. Internal Revenue Service wants to be able to use digital signatures on as many as 80 million electronic tax returns each year.

For the IRS, processing electronic returns is cheaper and more accurate, allowing the agency to cut costs by two-thirds and to reduce its error rate from 12% to 2%, IRS officials said. Taxpayers also get refunds more quickly.

But the IRS cannot embrace electronic filing wholeheartedly until it can come up with a way for taxpayers and businesses to legally sign electronic documents.

Although about 12 million people filed their taxes electronically this year, they still had to sign a piece of paper and mail it in separately in order to make their return legal. IRS workers then matched the written signature to the electronic data.

“We’d like to get out of the business of having (a person) sign a piece of paper and mail it to the Internal Revenue Service,” said Henry H. Philcox, chief information officer for the IRS.

Congress is considering legislation that will allow the IRS to accept an electronic signature.

Although several digital signature systems are already in use, the government developed its own technique with the assistance of the National Security Agency, and patented it in July. That is the technique being licensed to Public Key Partners, which already holds the patent for the most popular digital signature technique now in use worldwide.

Federal officials refused to adopt the earlier technique, called RSA, as a national standard because they were concerned that it could be used to conceal clandestine messages that could not be detected by law enforcement or national security agencies.

In creating the new technique, government researchers were especially careful to design a formula that makes it impossible to hide a secret message in the signature--the electronic equivalent of the punctuation marks in which spies would conceal stolen secrets.

“The mathematics of the digital signature standard allow it only to be used for electronic signatures. It can be used for signing and nothing else,” McNulty said.

Public Key Partners, which was organized by Stanford University and the Massachusetts Institute of Technology, is already a central player in modern cryptography and has a special relationship with the federal government. It owns the patent for managing the electronic keys to a proposed new national computer code called Skipjack. The code is designed to protect the computer files and telephone conversations of U.S. residents from eavesdropping; the key could be used only by federal law enforcement officials with a court order.

In return for the signature patent, the agreement between Public Key Partners and the National Institute of Standards and Technology allows the government to use the key system for free.

Under the terms of the agreement, state, federal and local governments also will be able to use the signature technique free, as will anyone who wants it solely for personal use. A taxpayer who uses it to certify a personal electronic return, for example, will pay no royalty.

However, those who use it for business--to notarize contracts or corporate financial transactions, for example--will have to pay when they sign on the electronic dotted line.

“We will give a license to anyone who wants it,” said Robert Fougner, Public Key’s licensing director. “Nobody can be refused a license, provided they are willing to pay whatever everybody else does.”

Public Key Partners will collect up to a dollar in royalties for individual certificates. Consumers could wind up paying even more than that because computer manufacturers will pay royalties ranging from 2.5% of the cost of any hardware to 5% of the cost of any software that incorporates the patented technique. And that cost could be passed along to the buyer.

Some computer experts argue that the signature technique should be free because the basic research that led to its development was underwritten by federal grants.

“It may be in the interests of the government because it gets free use, but it is not in the interest of the public,” said Stephen T. Walker, president of Trusted Information Systems Inc. “There are an awful lot of other options we could consider, other than saddling industry with 17 years (the lifetime of the patent) worth of royalties.”

The federal Computer Privacy and Security Board, a congressionally chartered panel that advises the government on computer policy matters, was so concerned about the licensing agreement that it formally urged the government to consider the economic consequences.

Several foreign governments say they are angry that they will have to pay royalties to a U.S. company if they adopt the signature technique. They want it for free, just like the U.S. government.

Canada’s Communications Security Establishment warned federal officials that the terms of the proposed license “could deter success in our cooperative efforts” and “severely inhibit” the development of an international electronic marketplace.

“They are complaining,” Fougner said, “but I don’t understand why they think they should get the fruits of an American invention for free.”