TITLE:
The Development of Electronic Signature Processes in Türkiye and an Analysis of the Requirements for the Transition to Elliptic Curve Cryptography (ECC)
AUTHORS:
Mutlu Uysal, Nursel Yalçın
KEYWORDS:
Electronic Signature, Elliptic Curve Cryptography (ECC), eIDAS 2.0, Digital Identity, Post-Quantum Cryptography, Public Certification Authority
JOURNAL NAME:
Journal of Computer and Communications,
Vol.14 No.3,
March
5,
2026
ABSTRACT: This article mainly discusses the history of progress regarding the legislation and updates through scrutiny, its current architecture, and its standards applied around the world, such as eIDAS and eIDAS 2.0, which are used not only as technical but also as purely political standards. The penetration of the digital economy has largely promoted the evolution of cyber platforms for public and private use, so that e-signatures have become one of the pillars in the national IT architecture. 1) Legislation The e-signature operations in Türkiye are regulated by Electronic Signature Law No. 5070 and its secondary regulations. However, today, the infrastructure groundwork relies heavily on RSA-based cryptography. RSA is attracting greater and more debate these days, with concerns about whether it will continue to be useful given the increasing importance of security requirements for mobile devices, performance expectations, and the threat posed by quantum computing. This article also examines the extent to which Turkish law is compatible with the EU regulation of compliance. In this paper, we study whether the Turkish legislation complies with the European legislation. This covers security, performance, key size, and support for RSA and Elliptic Curve Cryptography (ECC) algorithms. This paper discusses technical, institutional, and legal requirements for the transition of the national e-signature infrastructure to ECC. Furthermore, ECC’s contribution is evaluated in terms of Post-Quantum Cryptography (PQC), and a roadmap is suggested for transitioning to hybrid (ECC + PQC) architectures. Finally, policy and technical suggestions are proposed to facilitate international electronic and mobile signature interoperability under eIDAS 2.0.