Principles of digital signatures and certificates

Digital signature is an application of digital certificates. At present, the most important application in China is the application of electronic signatures. There are two types: electronic seals and electronic signatures.

Digital signature:

1. Hard to deny

2. confirm that the file is true.

Digital signature is an encryption process, and digital signature verification is a decryption process.

Principle:

Everyone has a pair of "keys" (digital identities), one of which is only known to her/him (key) and the other public (Public Key ).

Use a key when signing and a public key when verifying the signature.

Because anyone can apply for payment to claim that she/he is youThe public key must be registered with the person trusted by the recipient (the identity authentication institution.

After registration, the authentication authority will send you a digital certificate.

After you sign a file, send the digital certificate together with the file and signature to the recipient,The recipient verifies to the authentication authority whether it is a file issued with your key.

 

Digital Certificate

Digital certificates are issued by the CA authority Authority (Certificate Authority) center and provide an authoritative electronic document for identity authentication on the Internet, people can use it in Internet communication to prove their identity and identify the other party's identity.

Working Principle

A digital certificate contains many numbers and English letters. When a digital certificate is used for identity authentication, it will generate a random 128-bit identity code, each digital certificate can generate a corresponding digital certificate, but it cannot be the same each time. This ensures the confidentiality of data transmission, that is, it is equivalent to generating a complex password.

The digital certificate is bound to the public key and the real identity of its holder.It is similar to a resident ID card in real life. what is different is that a digital certificate is no longer a paper license, but an electronic data that contains the identity information of the certificate holder and is reviewed and issued by the Certification Center, it can be used more conveniently and flexibly in e-commerce and e-government.

At present, digital certificates are generally used in the X.509 V3 international standard, including the certificate serial number, certificate holder name, Certificate Issuer name, certificate validity period, public key, Certificate Issuer's digital signature, etc.