Introduction
Electronic signature is not a digital image of a written signature. It is actually an electronic code, using it, the recipient can easily verify the identity and signature of the sender online. It can also verify that the original text of the file is changed during the transmission process. If someone wants to send an important file to the field through the network, the recipient and sender need to first apply for an electronic license to a license authorization agency CA (GlobalSign). This encrypted certificate includes the public key "public computer password" for the applicant, for file verification.
The sender encrypts files using the recipient of the CA published, and signs the file with its own key. When the recipient receives the file, first use the sender's public key to the resolution sign, prove that this file is confirmed by the sender. Then use your own private key to decrypt and read it.
Electronic signature is a general name of modern authentication technology, the US "Unified Electronic Trading Law" stipulates that "electronic signature" general "is associated with electronic records or logically connected electronic sounds, symbols or Program, and the electronic sound, symbol or program is signed or adopted by someone for the purpose of signing electronic records; the United Nations E-Commerce Model Law stipulates that electronic signatures are included, attached to a certain data, or logic The data in electronic form in connection with a data text, which can be used to confirm the identity of the signature associated with this data text, and indicate that the signature recognizes the information contained in the data; EU "electronic signature instruction "Provisions," Electronic Sign "is connected to other electronic records or is logically connected and used as electronic form data of the authentication method."
From the above definition, anyone can be in electronics In the communication, it has proved the identity of the parties to prove that the approval of the approval of the document on the content of the document can be called electronic signature, electronic signature, the general concept of modern authentication technology. It is an important guarantee means for e-commerce security. .
Basic function
From the definition of electronic signatures, it can be seen that two basic functions of electronic signatures:
(1) Identifier
(2) Indicates that the signature recognition of the content
is legally taking into account the technical neutrality when defining electronic signatures, and the provisions of electronic signatures are based on the basic function of the signature. It is considered that all electronic technology to meet the basic functions of the signature can be considered an electronic signature. It can be seen from the definition of electronic signatures and digital signatures. The two are different: electronic signatures are proposed from the perspective of legal, which is technically neutral, any electronic technology to meet the basic functions of signature, can be called electronic signatures; Digital signature is proposed from the perspective of technology, which requires the use of password technology, the main purpose is to confirm the integrity of the data unit source and the data unit.
Electronic signature is a generalization concept, digital signature can be considered an implementation of electronic signatures, and digital signatures provide a higher functionality than e-signature requirements.
Encryption technology
Signature and encryption technology
electronic signature and encryption technology, electronic signature technology implementation requires asymmetric encryption (RSA algorithm) and Abstract (haveh algorithm).
Asymmetric encryption means that the user has two keys, one is a public key, one is a private key, the public key is open, anyone can use, the private key is confidential, only the user can Use, public key and private key are corresponding relationships. The user can encrypt information with the other party's public key and transmit it to the other party, and the other party uses its own private key to unlock the secret text. The public-private key is decrypted with each other, and there is absolutely not a third party to plug in.
packet summary uses the Hash algorithm to operate any information to be transferred, generate 128-bit packet summary, and different content information will generate different packet summary, so the message summary is "Fingerprint" of electronic information.
With asymmetric encryption technology and packet summary technology, electronic signatures of electronic information can be implemented.
Solver Software
Document electronic signature software is an electronic capitarian and document security system that enables electronic seal (ie digital signatures), document encryption, signature authentication Such a number of functions. Solution to issues such as the identity of the signature, the integrity of document content and the signing of the signature areas.
uses a digital certificate to digital signing the Word document, ensuring that the signature's signature information and the signed document are not illegally tampered. The signature can sign the document when signature, and the digital signature can also ensure that this comment is not tampered.
software should embed the Word environment, integrating an application component, easy to use, interface friend. The digital signature and opinions generated by the operation are embedded in the Word document in the object. It is intuitive.
software should also support multiple signatures, each signature can be generated anywhere in the document, which is completely controlled by the signature.
software avoids the use of macro technologies, thereby avoiding software failure due to user disabling macros.
Digital certificate used by digital signatures can be stored in hardware devices such as smart cards and USB electronic tokens, these storage media they own with high security, easy-to-carry, etc., further improve system security .
In the enterprise, there must be safety, effective, and request the approval and signature of the approval and signature of the approval. If the traditional method is used, it is bound to cause a lot of Scanning files need to be stored, well-managed, and the electronic signature is guaranteed by the security system, which will bring significant improvement to document management. From this point of view, advanced IT technology can promote our office paperless further development.
Key
Electronic signature and key
"electronic signature" is a generalized proposed method, is to ensure the parties based on the Internet-trading platform The purpose of legal rights, satisfying and replacing various electronic technology means for traditional signature functions, is not imageted by hand-signed or seal, in which "transaction" refers to network platform based on personal information exchange, e-commerce and e-government. "Transaction parties" refers to the "digital signature" "Digital Signature", which is engaged in these activities, is the image statement of electronic transaction security through password technology, which is the main implementation form of electronic signature. It strives to solve several fundamental issues facing Internet trading: Data confidential; data is not tampered; transactions can verify each other; the transaction initiator cannot deny your own data.
In the cryptography, the essence of the password is a certain algorithm, and a key (key) is calculated by the cryptographic algorithm, and then the data encrypts the data transmitted by the transaction. The data is known to "packet", encrypt "Ming Wen News", ie, clear text; encrypted, "Cipher Packet", ie ciphertext, ciphertic, no key is unreadable. All encryption algorithms themselves are open, which belongs to pure mathematics. This article does not have more discussion; cryptography only focuses on key management issues, because the security of encrypted communication is only related to the key, this is the focus of this article . Encrypted communication is mainly symmetrical encryption and asymmetric encryption.
We assume that in unsafe networks (such as the Internet), Alice is a communication initiator; Bob is a communication recipient; Alice is trust each other, and EVE monitors communication and plastics Destruction: This is some characters proposed in Johnwiley and Sons in the classic tutorial "AppliedCryptography" ("Application Cryptology"), these characters and environmental properties have now become the standards describing cryptography technology.
symmetrical encryption
symmetric encryption - Solving the data itself Encryption problem
as the name suggestion, symmetric encryption is "a lock corresponding to a key", lock unlock It is it. There are traditional and modern differences. The following uses ancient replacement encryption method for example as a brief description.
plain text: hiiamalice cps: Zeecgcfeip
key (password):
AbcdefghijklmnopqrStuvwxyz
chimpanzebdfgjkloQRSTXYWUV
The first row of the key is 26 letters in convention, and the second rule is the conventional alphabetical order to replace the corresponding letters. In addition to letters, it is also possible to play the same role in other conseen symbols.
Modern symmetrical encryption method
Modern symmetric encryption method multi-purpose mathematical algorithm, current excellent symmetrical encryption algorithm has DES, 3DES, DEA, IDEA, etc., their arithmetic speed Fast, the encryption performance is excellent. The communication process is approximately as follows:
1. The Alice is calculated from a symmetrical encryption algorithm and transmitted to Bob; 2, Alice uses this key to encrypt the text, obtain ciphertext; 3, Alice Transmits the secret to Bob; 4, Bob Use this key Decipherment ciphertext and get it clear.
Eve If you only have a ciphertext in step 3, because you don't know the key, you will not be gone. But when EVE monitors step 1, the information he and Bob will be as much, to step 4, EVE's job is to decrypt. And EVE can break the communication line of Alice and Bob before starting step 3, and then pretending to accept the information of Alice, decrypt, and reproduce the Alice encryption, and the Alice and Bob are always launched. If BOB is damaged, Alice can accusally, this is BOB self-leaked key.
Visible symmetrical encryption is: 1, must pass the key in advance, causing the key transfer (in-band transmission) to extremely stolen. Conventional means cannot solve this high risk. 2, key management difficulties: there is a n-party two-two communication. If you use a key, once the key is stolen, the entire encryption system crashes; if you use different keys, the number is equal to N * (N- 1) / 2, means 100 people two or two communication, then each person should keep 4950 to put the key! Key management is impossible. 3. Due to the key sharing, it is impossible to achieve undeniable.
Although symmetrical encryption is strong enough to encrypt the data itself, it has been widely used in the government agency and the commercial agency, but does not solve the above problems, there is no way to talk about the Internet's e-commerce and e-government. rise.
Social pincology
In the second half of 1975, the professor of Stanford University, Di Fi and Herman submitted a papers called "multi-user encryption technology" to the whole US computer conference. Apoon of pincoses that are exploring, but there is no new solution.
In May 1976, the two announced the discrete index password algorithm at the National Computer Conference, and published a famous "New Direction of Cryptography Research" in the IEEE, proposed discrete index encryption algorithm. New Solution: The two sides of the transaction still need a negotiation key, but the discrete index algorithm is that the two sides can publicly submit certain data for operations, but the key is generated on their respective computers and is not delivered online. EVE If you only listen to it, he is impossible to derive the key from the thief information. This guarantees the safety of the key. This is the prototype of a pincker. Unfortunately, this is similar to the encryption method of calling the state, requiring the transaction to be online, and the same is premised on mutual trust, so it is still unable to meet the needs of modern electronic transactions. In 1978, three professors of MIT Rivest, Shamir and Adleman were inspired by this paper and developed asymmetric RSA public key algorithms. Since this algorithm solves both the tape transmission problem, it is not necessary to trade both parties online, nor does it require the transaction to trust, and finally paveled the road for the booming of modern e-commerce.
Asymmetric encryption is the result of symmetrical encryption "reverse thinking", that is, "a lock corresponds to two keys", any lock, but must be locked by another.
The communication process of the moon encryption system is approximately as follows:
1. Bob publicly released his premises; 2, Alice used Bob's public key to encrypt ciphertext and delivered to Bob; 3, Bob used it from the non-disclosed private spoon to this ciphertiction.
Although this EVE can be legally obtained to get the bob of Bob, it is unable to decrypt the ciphertext of the second step, because he doesn't have bob.
Bob's male spoon and private spoon come from? Why is there a copy of the public key to decryption? To make this two questions, you must go back to know the mathematical foundation of a public math: a large number of caverness a factor decomposition.
principle
Due to diversity in the form of electronic signatures, due to the different technical solutions, its reliability, trueity, stability may have a large difference, thus causing The legal effect should not be on the same level. The "functional equivalence" can solve this problem better, and the basic model has three: first, only the electronic signature that meets a certain condition has the same legal effect equivalent to traditional signatures; second, different modes and characteristics The signature corresponds to its stability, reliability, and trueity, the standard corresponds to different legal effects; third, the corresponding requirements of electronic signatures can have legal effects with traditional signatures, regardless of the specific technical solution. With this, it is a basis for judging whether the electronic signature has legal effect, and the diversity of electronic technologies has a unstable impact of electronic signature effectiveness.
Application
Electronic signature has been widely used since 2005 has been enacted in the 2005 e-signature method. Online banking, entity banking, e-government, electronic contract signed and telecommunications, banking hall and other places. Especially with the development of the Internet, online banking adopts electronic signature authentication, the application is very extensive.