Position: Home page » Blockchain » Asymmetric signature of blockchain data
Asymmetric signature of blockchain data
Publish: 2021-05-02 15:32:58
1. Basically, the principle is the same. Take baopin.com as an example, baopin.com's video blockchain authentication is actually DAPP. First, it takes a screenshot of the video's key frames per minute, then transcodes it into a string of unique numbers, and then uploads and records it into the Ethereum blockchain.
2. Blockchain itself solves the problem of large-scale cooperation between strangers, that is, strangers can cooperate with each other without mutual trust. So how to ensure the trust between strangers to achieve mutual consensus mechanism? The centralized system uses trusted third-party endorsements, such as banks. In the eyes of the common people, banks are reliable and trustworthy institutions. The common people can trust banks to solve real disputes. But how does a decentralized blockchain guarantee trust
in fact, blockchain uses the basic principles of modern cryptography to ensure its security mechanism. The knowledge system involved in the field of cryptography and security is very complicated. Here, I only introce the basic knowledge of cryptography related to blockchain, including hash algorithm, encryption algorithm, information digest and digital signature, zero knowledge proof, quantum cryptography, etc. Through this lesson, you can learn how to ensure the confidentiality, integrity, authentication and non repudiation of the blockchain using cryptography technology
basic course lesson 7 basic knowledge of blockchain security
1. Hash algorithm (hash algorithm)
hash function (hash), also known as hash function. Hash function: hash (original information) = summary information. Hash function can map any length of binary plaintext string to a shorter (generally fixed length) binary string (hash value)
a good hash algorithm has the following four characteristics:
1. One to one correspondence: the same plaintext input and hash algorithm can always get the same summary information output
2. Input sensitivity: even if the plaintext input changes slightly, the newly generated summary information will change greatly, which is greatly different from the original output
3. Easy to verify: plaintext input and hash algorithm are public, anyone can calculate by themselves, and whether the output hash value is correct
4. Irreversibility: if there is only the output hash value, the hash algorithm can never dece the plaintext
5. Conflict avoidance: it is difficult to find two plaintexts with different contents, but their hash values are the same (collision)
for example:
hash (Zhang San lent Li Si 100000 yuan for 6 months) = 123456789012
such a record as 123456789012 is recorded in the account book
it can be seen that hash function has four functions:
simplify information
it is easy to understand, and the information after hashing becomes shorter
identification information
you can use 123456789012 to identify the original information, and summary information is also called the ID of the original information
hidden information
the account book is a record like 123456789012, and the original information is hidden
verification information
if Li Si cheated that Zhang San only lent Li Si 50000 when repaying, both parties can verify the original information with the hash value of 123456789012 recorded before
hash (Zhang San lent Li Si 50000 for 6 months) = 987654321098
987654321098 is completely different from 123456789012, which proves that Li Si lied, Then the information can't be tampered
common hash algorithms include MD4, MD5 and Sha series algorithms, and Sha series algorithms are basically used in mainstream fields. Sha (secure hash algorithm) is not an algorithm, but a group of hash algorithms. At first, it was SHA-1 series, and now the mainstream applications are sha-224, SHA-256, sha-384 and sha-512 algorithms (commonly known as SHA-2). Recently, Sha-3 related algorithms have been proposed, such as keccak-256 used by Ethereum
MD5 is a very classic hash algorithm, but unfortunately, both it and SHA-1 algorithm have been cracked. It is considered by the instry that its security is not enough to be used in business scenarios. Generally, sha2-256 or more secure algorithm is recommended
hash algorithm is widely used in blockchain. For example, in blocks, the latter block will contain the hash value of the previous block, and the content of the later block + the hash value of the previous block will jointly calculate the hash value of the later block, which ensures the continuity and non tamperability of the chain< Encryption and decryption algorithm is the core technology of cryptography, which can be divided into two basic types: symmetric encryption algorithm and asymmetric encryption algorithm. According to whether the key used in the encryption and decryption process is the same or not, the two modes are suitable for different needs, just forming a complementary relationship, and sometimes can be combined to form a hybrid encryption mechanism
symmetric cryptography (also known as common key cryptography) has the advantages of high computational efficiency and high encryption strength; Its disadvantage is that it needs to share the key in advance, which is easy to leak and lose the key. The common algorithms are des, 3DES, AES and so on
asymmetric cryptography (also known as public key cryptography) is different from the encryption and decryption key, and its advantage is that it does not need to share the key in advance; Its disadvantage is that it has low computational efficiency and can only encrypt short content. Common algorithms include RSA, SM2, ElGamal and elliptic curve series. Symmetric encryption algorithm is suitable for the encryption and decryption process of a large number of data; It can't be used in signature scenario: and it often needs to distribute the key in advance. Asymmetric encryption algorithm is generally suitable for signature scenario or key agreement, but it is not suitable for large amount of data encryption and decryption< Third, information digest and digital signature
as the name suggests, information digest is to hash the information content to obtain a unique digest value to replace the original and complete information content. Information digest is the most important use of hash algorithm. Using the anti-collision feature of hash function, information digest can solve the problem that the content has not been tampered
digital signature is similar to signing on paper contract to confirm contract content and prove identity. Digital signature is based on asymmetric encryption, which can be used to prove the integrity of a digital content and confirm the source (or non repudiation)
we have two requirements for digital signature to make it consistent with our expectation for handwritten signature. First, only you can make your own signature, but anyone who sees it can verify its validity; Second, we want the signature to be only related to a specific file and not support other files. These can be achieved by our asymmetric encryption algorithm above
in practice, we usually sign the hash value of information instead of the information itself, which is determined by the efficiency of asymmetric encryption algorithm. Corresponding to the blockchain, it is to sign the hash pointer. In this way, the front is the whole structure, not just the hash pointer itself< Zero knowledge proof means that the verifier can make the verifier believe that a certain conclusion is correct without providing any additional information to the verifier
zero knowledge proof generally meets three conditions:
1. Completeness: authentic proof can make the verifier successfully verify
2. Soundness: false proof can not make the verifier pass the verification
3. Zero knowledge: if you get proof, you can't get any information other than the proof information from the proof process< With more and more attention paid to the research of quantum computing and quantum communication, quantum cryptography will have a huge impact on the information security of cryptography in the future
the core principle of quantum computing is that qubits can be in multiple coherent superposition states at the same time. Theoretically, a large amount of information can be expressed by a small number of qubits and processed at the same time, which greatly improves the computing speed
in this way, a large number of current encryption algorithms are theoretically unreliable and can be cracked, so the encryption algorithm has to be upgraded, otherwise it will be broken by quantum computing
as we all know, quantum computing is still in the theoretical stage, which is far from large-scale commercial use. However, the new generation of encryption algorithms should consider the possibility of this situation.
in fact, blockchain uses the basic principles of modern cryptography to ensure its security mechanism. The knowledge system involved in the field of cryptography and security is very complicated. Here, I only introce the basic knowledge of cryptography related to blockchain, including hash algorithm, encryption algorithm, information digest and digital signature, zero knowledge proof, quantum cryptography, etc. Through this lesson, you can learn how to ensure the confidentiality, integrity, authentication and non repudiation of the blockchain using cryptography technology
basic course lesson 7 basic knowledge of blockchain security
1. Hash algorithm (hash algorithm)
hash function (hash), also known as hash function. Hash function: hash (original information) = summary information. Hash function can map any length of binary plaintext string to a shorter (generally fixed length) binary string (hash value)
a good hash algorithm has the following four characteristics:
1. One to one correspondence: the same plaintext input and hash algorithm can always get the same summary information output
2. Input sensitivity: even if the plaintext input changes slightly, the newly generated summary information will change greatly, which is greatly different from the original output
3. Easy to verify: plaintext input and hash algorithm are public, anyone can calculate by themselves, and whether the output hash value is correct
4. Irreversibility: if there is only the output hash value, the hash algorithm can never dece the plaintext
5. Conflict avoidance: it is difficult to find two plaintexts with different contents, but their hash values are the same (collision)
for example:
hash (Zhang San lent Li Si 100000 yuan for 6 months) = 123456789012
such a record as 123456789012 is recorded in the account book
it can be seen that hash function has four functions:
simplify information
it is easy to understand, and the information after hashing becomes shorter
identification information
you can use 123456789012 to identify the original information, and summary information is also called the ID of the original information
hidden information
the account book is a record like 123456789012, and the original information is hidden
verification information
if Li Si cheated that Zhang San only lent Li Si 50000 when repaying, both parties can verify the original information with the hash value of 123456789012 recorded before
hash (Zhang San lent Li Si 50000 for 6 months) = 987654321098
987654321098 is completely different from 123456789012, which proves that Li Si lied, Then the information can't be tampered
common hash algorithms include MD4, MD5 and Sha series algorithms, and Sha series algorithms are basically used in mainstream fields. Sha (secure hash algorithm) is not an algorithm, but a group of hash algorithms. At first, it was SHA-1 series, and now the mainstream applications are sha-224, SHA-256, sha-384 and sha-512 algorithms (commonly known as SHA-2). Recently, Sha-3 related algorithms have been proposed, such as keccak-256 used by Ethereum
MD5 is a very classic hash algorithm, but unfortunately, both it and SHA-1 algorithm have been cracked. It is considered by the instry that its security is not enough to be used in business scenarios. Generally, sha2-256 or more secure algorithm is recommended
hash algorithm is widely used in blockchain. For example, in blocks, the latter block will contain the hash value of the previous block, and the content of the later block + the hash value of the previous block will jointly calculate the hash value of the later block, which ensures the continuity and non tamperability of the chain< Encryption and decryption algorithm is the core technology of cryptography, which can be divided into two basic types: symmetric encryption algorithm and asymmetric encryption algorithm. According to whether the key used in the encryption and decryption process is the same or not, the two modes are suitable for different needs, just forming a complementary relationship, and sometimes can be combined to form a hybrid encryption mechanism
symmetric cryptography (also known as common key cryptography) has the advantages of high computational efficiency and high encryption strength; Its disadvantage is that it needs to share the key in advance, which is easy to leak and lose the key. The common algorithms are des, 3DES, AES and so on
asymmetric cryptography (also known as public key cryptography) is different from the encryption and decryption key, and its advantage is that it does not need to share the key in advance; Its disadvantage is that it has low computational efficiency and can only encrypt short content. Common algorithms include RSA, SM2, ElGamal and elliptic curve series. Symmetric encryption algorithm is suitable for the encryption and decryption process of a large number of data; It can't be used in signature scenario: and it often needs to distribute the key in advance. Asymmetric encryption algorithm is generally suitable for signature scenario or key agreement, but it is not suitable for large amount of data encryption and decryption< Third, information digest and digital signature
as the name suggests, information digest is to hash the information content to obtain a unique digest value to replace the original and complete information content. Information digest is the most important use of hash algorithm. Using the anti-collision feature of hash function, information digest can solve the problem that the content has not been tampered
digital signature is similar to signing on paper contract to confirm contract content and prove identity. Digital signature is based on asymmetric encryption, which can be used to prove the integrity of a digital content and confirm the source (or non repudiation)
we have two requirements for digital signature to make it consistent with our expectation for handwritten signature. First, only you can make your own signature, but anyone who sees it can verify its validity; Second, we want the signature to be only related to a specific file and not support other files. These can be achieved by our asymmetric encryption algorithm above
in practice, we usually sign the hash value of information instead of the information itself, which is determined by the efficiency of asymmetric encryption algorithm. Corresponding to the blockchain, it is to sign the hash pointer. In this way, the front is the whole structure, not just the hash pointer itself< Zero knowledge proof means that the verifier can make the verifier believe that a certain conclusion is correct without providing any additional information to the verifier
zero knowledge proof generally meets three conditions:
1. Completeness: authentic proof can make the verifier successfully verify
2. Soundness: false proof can not make the verifier pass the verification
3. Zero knowledge: if you get proof, you can't get any information other than the proof information from the proof process< With more and more attention paid to the research of quantum computing and quantum communication, quantum cryptography will have a huge impact on the information security of cryptography in the future
the core principle of quantum computing is that qubits can be in multiple coherent superposition states at the same time. Theoretically, a large amount of information can be expressed by a small number of qubits and processed at the same time, which greatly improves the computing speed
in this way, a large number of current encryption algorithms are theoretically unreliable and can be cracked, so the encryption algorithm has to be upgraded, otherwise it will be broken by quantum computing
as we all know, quantum computing is still in the theoretical stage, which is far from large-scale commercial use. However, the new generation of encryption algorithms should consider the possibility of this situation.
3.
in the distributed network of blockchain, the communication and trust between nodes need to rely on digital signature technology, which mainly realizes the identity confirmation and information authenticity and integrity verification
digital signature
digital signature (also known as public key digital signature, electronic signature) is a kind of common physical signature written on paper, but it uses the technology in the field of public key encryption to identify digital information. A digital signature usually defines two complementary operations, one for signature and the other for verification. Only the sender of information can proce a digital string which can not be forged by others. This digital string is also an effective proof of the authenticity of the information sent by the sender. Simply prove that "I am who I am."
4.
In today's era of high development of the Internet, we are using the Internet more and more frequently, which has become an indispensable and important tool in our life. In particular, the mobile phone used for Internet communication has been used as a medium. In today's era, we are using mobile payment more and more, There are more and more ways to move. So what is digital currency? What do you know about it{ But generally speaking, it is a form of money< p> Finally, for such a form of transaction, it's all for the convenience of our daily life, and it's also for serving our own broad masses of people, so we don't have to worry about the advantages and disadvantages of digital currency and mobile payment
5. [verify signature]
jump out of the verification interface, click the return button in the upper left corner, and then upgrade to the latest version to refresh the node. Or uninstall again and restore the account with mnemonics Refresh node] in free communication, the + sign in the upper right corner, "node detection & quot;
jump out of the verification interface, click the return button in the upper left corner, and then upgrade to the latest version to refresh the node. Or uninstall again and restore the account with mnemonics Refresh node] in free communication, the + sign in the upper right corner, "node detection & quot;
6. Definition of technical terms of digital signature
Chinese Name: digital signature English Name: digital signature definition: data that exists in the data information in electronic form, or as its attachment or logically associated with it, can be used to identify the identity of the data signer and indicate the signer's recognition of the information contained in the data information. Applied discipline: Communication Science and Technology (first level discipline); The content above network security (secondary discipline) is approved and published by the national science and technology terminology Approval Committee
help edit network business card
digital signature process digital signature (also known as public key digital signature, electronic signature) is a kind of common physical signature written on paper, but it uses the technology in the field of public key encryption, A method for identifying digital information. A digital signature usually defines two complementary operations, one for signature and the other for verification<
directory
basic introction
main functions
signature process
Personal Secure E-mail certificate
identify virus with digital signature
cause analysis
usage method
principle feature authentication
integrity
non repudiation
basic introction of how to implement
java digital signature steps
main functions
signature process
Personal Secure E-mail Certificate
identify virus with digital signature
cause analysis
usage method
principle and feature authentication
integrity
non repudiation
how to implement Java digital signature steps to start editing this paragraph basic introction
Digital signature does not mean to scan your signature into a digital image, or use the touchpad to obtain the signature, let alone your signature. Digital signature is a digital string that can only be generated by the sender of information, which can not be forged by others. This digital string is also an effective proof of the authenticity of the information sent by the sender. Digital signature is the application of asymmetric key encryption technology and digital digest technology. The integrity of the digital signature file is very easy to verify (no need for the seal, the signature and the handwriting expert), and the digital signature is non repudiation (no need for the handwriting expert to verify). In short, the so-called digital signature is some data attached to the data unit, or the password transformation of the data unit. This kind of data or transformation allows the receiver of the data unit to confirm the source of the data unit and the integrity of the data unit, and protect the data from forgery. It is a method of signing electronic messages. A signed message can be transmitted in a communication network. Digital signature can be obtained based on both public key cryptosystem and private key cryptosystem. At present, digital signature is mainly based on public key cryptosystem. Including ordinary digital signature and special digital signature. Common digital signature algorithms include RSA, ElGamal, Fiat Shamir, Guillou quisquater, Schnorr, ong Schnorr Shamir digital signature algorithm, DES / DSA, elliptic curve digital signature algorithm and finite automata Digital signature algorithm. Special digital signature includes blind signature, proxy signature, group signature, undeniable signature, fair blind signature, threshold signature, signature with message recovery function and so on. Obviously, the application of digital signature involves legal issues. The federal government of the United States has developed its own digital signature standard (DSS) based on the discrete logarithm problem over finite fields. Digital signature is a typical application of asymmetric encryption algorithm. The application process of digital signature is that the sender of data source uses its own private key to encrypt the data checksums or other variables related to the data content to complete the legal "signature" of the data. The receiver of data uses the public key of the other party to interpret the received "digital signature", and uses the interpretation results to test the integrity of the data, To confirm the validity of the signature. Digital signature technology is an important technology to confirm the identity in the virtual environment of network system. It can completely replace the "autograph" in the real process, which is guaranteed technically and legally. In digital signature applications, the sender's public key can be easily obtained, but his private key needs to be strictly confidential
edit the main functions of this paragraph
ensure the integrity of information transmission, the identity authentication of the sender, and prevent the occurrence of repudiation in the transaction. Digital signature technology is to encrypt the abstract information with the sender's private key and send it to the receiver together with the original. The receiver can decrypt the encrypted digest only with the public key, and then generate a digest for the received text with hash function, which is compared with the decrypted digest. If it is the same, it means that the received information is complete and has not been modified in the transmission process. Otherwise, it means that the information has been modified, so the digital signature can verify the integrity of the information. Digital signature is a process of encryption, and digital signature verification is a process of decryption< When sending a message, the sender uses a hash function to generate a message digest from the message text, and then encrypts the digest with his own private key. The encrypted digest will be sent to the receiver as the digital signature of the message, The receiver first calculates the message digest from the received original message with the same hash function as the sender, and then decrypts the digital signature attached to the message with the sender's public key. If the two digests are the same, the receiver can confirm that the digital signature belongs to the sender. Digital signature has two functions: one is to confirm that the message is actually signed by the sender, because others can't fake the sender's signature. Second, digital signature can confirm the integrity of the message. Because the characteristic of digital signature is that it represents the characteristics of the file, if the file changes, the value of digital signature will also change. Different files will get different digital signatures. A digital signature involves a hash function, the sender's public key and the sender's private key This is the description of message authentication! Digital signature is not that complicated. Digital signature: the sender performs e operation on message x with its own key to generate an unreadable ciphertext ESK, and then transmits the ESX to the receiver. In order to verify the signature, the receiver performs D operation on the sender's key to restore the message
Edit this section of personal security e-mail certificate
personal security e-mail certificate with digital signature function is a kind of user certificate, which refers to the certificate that the unit user must have to use the certificate mechanism to ensure security when sending and receiving e-mail. Personal security e-mail certificate is a digital security certificate conforming to X.509 standard. Combining digital certificate and S / MIME technology, it encrypts and signs ordinary e-mail to ensure the security, confidentiality, identity confirmation and non repudiation of e-mail content. The personal secure e-mail certificate with digital signature function includes the e-mail address of the certificate holder, the public key of the certificate holder, the Ca and the signature of the certificate. The realization of personal security e-mail certificate function depends on whether the user's e-mail system supports the corresponding functions. At present, MS Outlook, Outlook Express, Foxmail and Ca secure e-mail systems all support corresponding functions. Using personal secure e-mail certificate can send and receive encrypted and digitally signed e-mail, ensure the confidentiality, integrity and non repudiation of e-mail transmission, and ensure the authenticity of the identity of all parties in e-mail communication< How to distinguish digital signature attacks? There are two ways: 1. To view the details of the digital signature, we should view the details of the digital signature and click the "details" button. We will find the difference between the normal exe and the infected (or bundled Trojan) exe digital signature. The details of the normal exe digital signature are tampered with, and the EXE digital signature information is invalid. Method 2, use the digital signature verification program sigcheck.exe (you can find this tool on the network, one of the components of the famous system toolkit sysinternal suite.) The result of digital signature exception is: C: &# 92; Documents and Settings\ litiejun\??&# 92; Modify.exe: verified: unsigned file date: 15:46 2008-5-23 Publisher: n / a description: n / a proct: n / a version: n / a file version: n / a normal result of digital signature is: C: &# 92; Documents and Settings\ litiejun\??&# 92; Che.exe: verified: signed signing date: 16:28 2008-4-29 Publisher: n / a description: n / a proct: n / a version: n / a file version: n / A, If you don't destroy the digital signature in exe, the digital signature may look normal after infection. But carefully look at the file properties or check the hash value of the file, you will find that the EXE program is not the most original version. 2. If the digital signature file of the software publisher is stolen, the attacker can also package the EXE program that is bundled with Trojan horse or infected with virus with digital signature, which is more serious in this case. If an enterprise applies for a digital signature certificate, it must keep it properly, otherwise it will have endless troubles
Edit how to use this paragraph
you can digitally sign every email you send. This does not mean signing. It is generally mistaken for signature. In mainland China, digital signature has legal effect and is widely used. In 2000, the new contract law of the people's Republic of China confirmed the legal effect of electronic contract and electronic signature for the first time. Since April 1, 2005, the first law of the people's Republic of China on electronic signature has been formally implemented< Each person has a pair of "keys" (digital identity), one of which is known only by herself (key), and the other is public (public key). Use the key when signing and the public key when verifying the signature. And because anyone can sign to claim that she / he is you, the public key must be registered with the person trusted by the recipient (identity authentication authority). After registration, the authentication authority will send you a digital certificate. After signing the document, you will send the digital certificate together with the document and signature to the recipient. The recipient will verify with the identity authentication authority whether the document is really signed with your key. In communication, digital signature is generally used for the following reasons:
authentication
public key encryption system allows anyone to use the public key to encrypt when sending information, and digital signature enables the information receiver to confirm the identity of the sender. Of course, it is impossible for the receiver to be 100% sure of the sender's true identity, but only if the cryptosystem has not been deciphered. The importance of authentication is particularly prominent in financial data. For example, suppose a bank transmits instructions from its branches to its central management system. The format of the instructions is (a, b), where a is the account number of the account and B is the existing amount of the account. At this time, a remote client can first deposit 100 yuan, observe the transmission results, and then send instructions in the format of (a, b) one after another. This method is called
Chinese Name: digital signature English Name: digital signature definition: data that exists in the data information in electronic form, or as its attachment or logically associated with it, can be used to identify the identity of the data signer and indicate the signer's recognition of the information contained in the data information. Applied discipline: Communication Science and Technology (first level discipline); The content above network security (secondary discipline) is approved and published by the national science and technology terminology Approval Committee
help edit network business card
digital signature process digital signature (also known as public key digital signature, electronic signature) is a kind of common physical signature written on paper, but it uses the technology in the field of public key encryption, A method for identifying digital information. A digital signature usually defines two complementary operations, one for signature and the other for verification<
directory
basic introction
main functions
signature process
Personal Secure E-mail certificate
identify virus with digital signature
cause analysis
usage method
principle feature authentication
integrity
non repudiation
basic introction of how to implement
java digital signature steps
main functions
signature process
Personal Secure E-mail Certificate
identify virus with digital signature
cause analysis
usage method
principle and feature authentication
integrity
non repudiation
how to implement Java digital signature steps to start editing this paragraph basic introction
Digital signature does not mean to scan your signature into a digital image, or use the touchpad to obtain the signature, let alone your signature. Digital signature is a digital string that can only be generated by the sender of information, which can not be forged by others. This digital string is also an effective proof of the authenticity of the information sent by the sender. Digital signature is the application of asymmetric key encryption technology and digital digest technology. The integrity of the digital signature file is very easy to verify (no need for the seal, the signature and the handwriting expert), and the digital signature is non repudiation (no need for the handwriting expert to verify). In short, the so-called digital signature is some data attached to the data unit, or the password transformation of the data unit. This kind of data or transformation allows the receiver of the data unit to confirm the source of the data unit and the integrity of the data unit, and protect the data from forgery. It is a method of signing electronic messages. A signed message can be transmitted in a communication network. Digital signature can be obtained based on both public key cryptosystem and private key cryptosystem. At present, digital signature is mainly based on public key cryptosystem. Including ordinary digital signature and special digital signature. Common digital signature algorithms include RSA, ElGamal, Fiat Shamir, Guillou quisquater, Schnorr, ong Schnorr Shamir digital signature algorithm, DES / DSA, elliptic curve digital signature algorithm and finite automata Digital signature algorithm. Special digital signature includes blind signature, proxy signature, group signature, undeniable signature, fair blind signature, threshold signature, signature with message recovery function and so on. Obviously, the application of digital signature involves legal issues. The federal government of the United States has developed its own digital signature standard (DSS) based on the discrete logarithm problem over finite fields. Digital signature is a typical application of asymmetric encryption algorithm. The application process of digital signature is that the sender of data source uses its own private key to encrypt the data checksums or other variables related to the data content to complete the legal "signature" of the data. The receiver of data uses the public key of the other party to interpret the received "digital signature", and uses the interpretation results to test the integrity of the data, To confirm the validity of the signature. Digital signature technology is an important technology to confirm the identity in the virtual environment of network system. It can completely replace the "autograph" in the real process, which is guaranteed technically and legally. In digital signature applications, the sender's public key can be easily obtained, but his private key needs to be strictly confidential
edit the main functions of this paragraph
ensure the integrity of information transmission, the identity authentication of the sender, and prevent the occurrence of repudiation in the transaction. Digital signature technology is to encrypt the abstract information with the sender's private key and send it to the receiver together with the original. The receiver can decrypt the encrypted digest only with the public key, and then generate a digest for the received text with hash function, which is compared with the decrypted digest. If it is the same, it means that the received information is complete and has not been modified in the transmission process. Otherwise, it means that the information has been modified, so the digital signature can verify the integrity of the information. Digital signature is a process of encryption, and digital signature verification is a process of decryption< When sending a message, the sender uses a hash function to generate a message digest from the message text, and then encrypts the digest with his own private key. The encrypted digest will be sent to the receiver as the digital signature of the message, The receiver first calculates the message digest from the received original message with the same hash function as the sender, and then decrypts the digital signature attached to the message with the sender's public key. If the two digests are the same, the receiver can confirm that the digital signature belongs to the sender. Digital signature has two functions: one is to confirm that the message is actually signed by the sender, because others can't fake the sender's signature. Second, digital signature can confirm the integrity of the message. Because the characteristic of digital signature is that it represents the characteristics of the file, if the file changes, the value of digital signature will also change. Different files will get different digital signatures. A digital signature involves a hash function, the sender's public key and the sender's private key This is the description of message authentication! Digital signature is not that complicated. Digital signature: the sender performs e operation on message x with its own key to generate an unreadable ciphertext ESK, and then transmits the ESX to the receiver. In order to verify the signature, the receiver performs D operation on the sender's key to restore the message
Edit this section of personal security e-mail certificate
personal security e-mail certificate with digital signature function is a kind of user certificate, which refers to the certificate that the unit user must have to use the certificate mechanism to ensure security when sending and receiving e-mail. Personal security e-mail certificate is a digital security certificate conforming to X.509 standard. Combining digital certificate and S / MIME technology, it encrypts and signs ordinary e-mail to ensure the security, confidentiality, identity confirmation and non repudiation of e-mail content. The personal secure e-mail certificate with digital signature function includes the e-mail address of the certificate holder, the public key of the certificate holder, the Ca and the signature of the certificate. The realization of personal security e-mail certificate function depends on whether the user's e-mail system supports the corresponding functions. At present, MS Outlook, Outlook Express, Foxmail and Ca secure e-mail systems all support corresponding functions. Using personal secure e-mail certificate can send and receive encrypted and digitally signed e-mail, ensure the confidentiality, integrity and non repudiation of e-mail transmission, and ensure the authenticity of the identity of all parties in e-mail communication< How to distinguish digital signature attacks? There are two ways: 1. To view the details of the digital signature, we should view the details of the digital signature and click the "details" button. We will find the difference between the normal exe and the infected (or bundled Trojan) exe digital signature. The details of the normal exe digital signature are tampered with, and the EXE digital signature information is invalid. Method 2, use the digital signature verification program sigcheck.exe (you can find this tool on the network, one of the components of the famous system toolkit sysinternal suite.) The result of digital signature exception is: C: &# 92; Documents and Settings\ litiejun\??&# 92; Modify.exe: verified: unsigned file date: 15:46 2008-5-23 Publisher: n / a description: n / a proct: n / a version: n / a file version: n / a normal result of digital signature is: C: &# 92; Documents and Settings\ litiejun\??&# 92; Che.exe: verified: signed signing date: 16:28 2008-4-29 Publisher: n / a description: n / a proct: n / a version: n / a file version: n / A, If you don't destroy the digital signature in exe, the digital signature may look normal after infection. But carefully look at the file properties or check the hash value of the file, you will find that the EXE program is not the most original version. 2. If the digital signature file of the software publisher is stolen, the attacker can also package the EXE program that is bundled with Trojan horse or infected with virus with digital signature, which is more serious in this case. If an enterprise applies for a digital signature certificate, it must keep it properly, otherwise it will have endless troubles
Edit how to use this paragraph
you can digitally sign every email you send. This does not mean signing. It is generally mistaken for signature. In mainland China, digital signature has legal effect and is widely used. In 2000, the new contract law of the people's Republic of China confirmed the legal effect of electronic contract and electronic signature for the first time. Since April 1, 2005, the first law of the people's Republic of China on electronic signature has been formally implemented< Each person has a pair of "keys" (digital identity), one of which is known only by herself (key), and the other is public (public key). Use the key when signing and the public key when verifying the signature. And because anyone can sign to claim that she / he is you, the public key must be registered with the person trusted by the recipient (identity authentication authority). After registration, the authentication authority will send you a digital certificate. After signing the document, you will send the digital certificate together with the document and signature to the recipient. The recipient will verify with the identity authentication authority whether the document is really signed with your key. In communication, digital signature is generally used for the following reasons:
authentication
public key encryption system allows anyone to use the public key to encrypt when sending information, and digital signature enables the information receiver to confirm the identity of the sender. Of course, it is impossible for the receiver to be 100% sure of the sender's true identity, but only if the cryptosystem has not been deciphered. The importance of authentication is particularly prominent in financial data. For example, suppose a bank transmits instructions from its branches to its central management system. The format of the instructions is (a, b), where a is the account number of the account and B is the existing amount of the account. At this time, a remote client can first deposit 100 yuan, observe the transmission results, and then send instructions in the format of (a, b) one after another. This method is called
7. Analysis:
/ / I don't understand / /
If Riemann conjecture is proved,
then Goldbach conjecture is proved.
/ / I don't understand / /
If Riemann conjecture is proved,
then Goldbach conjecture is proved.
Hot content