How many years for 100 digital money MLM employees

1. First, open a CAD drawing for demonstration, in which we draw multileaders

In short, electronic signature is the technology of direct signature and seal on electronic documents by using hash algorithm and encryption algorithm. In order to ensure the legal validity of the signed electronic document, the electronic document signed with electronic signature also needs to have the characteristics of the signature identity can be identified and the signature content can not be tampered with

however, the explanation of the above technical terms can not intuitively and easily explain the principle of electronic signature. The following is a brief introction to the process of restoring the electronic signature. How to ensure the security of electronic signature:

scene: e to business needs, you and I need to sign a cooperation agreement. For the sake of convenience, you will send the electronic version of the contract to me online for signature

how to ensure that the contract can only be viewed by me and can not be maliciously stolen by others? How can I be sure that the sender of the document is you

key point 1: public key and private key appear

in order to meet the requirements of confidentiality of electronic contract content and sender authentication, we know the encryption method of asymmetric encryption

asymmetric encryption: it has a unique pair of secret keys, a public key and a private key. The owner of the public key is visible, while the private key is visible only by itself

asymmetric encryption has such characteristics: files encrypted with public key can only be decrypted with private key, while files encrypted with private key can only be decrypted with public key

when sending a contract, you encrypt the electronic contract with your private key and send it; When receiving the contract, if you can use your public key to decrypt, then this file is sent by you

key point 2: the government has issued a CA to help

I understand that the government has authorized an authority called CA to provide network identity authentication services

Ca (certificate authority): full name of certificate management organization, namely, the application, issuance and management authority of digital certificate. Its main functions are: generating key pair, generating digital certificate, distributing key, key management and so on

digital certificate: it is a certificate issued by Ca organization. It includes public key, public key owner's name, CA's digital signature, validity period, authorization center's name, certificate serial number and other information. It can be understood as "network ID card" of an indivial or enterprise

I apply to CA to obtain your public key and use it to decrypt the electronic contract. If the decryption is successful, it means that the sender is you. The identity of the document sender is confirmed. How can we give protection to the simultaneous interpreting of the electronic contract? P>

key point 3: hash brothers appear on the

. Hash algorithm is recommended by the technical personnel (simultaneous interpreting algorithm), which can prove whether the electronic contract is tampered with in the transmission process. p>

hash algorithm: the text content is generated into a piece of code by encryption algorithm, that is, information digest. Its main feature is that the encryption process does not need a key, and the encrypted data cannot be reversed. In other words, only two identical contracts through the same hash algorithm can get the same summary

when sending a contract, you send me the original text of the electronic contract and the hashed Abstract together. When receiving a contract, you can get a new abstract through the same hashing operation on the original text of the contract. Comparing whether the two groups of abstracts are consistent can prove whether the file I received has been tampered with

but what if the original text and the abstract are replaced at the same time ring the transmission

key point 4: symmetric encryption to help

in addition to the above hash algorithm, asymmetric encryption, CA, in order to ensure that the contract from send to receive meet the three requirements, namely: sent by you, can only be sent to me, can not be tampered with, we also need to apply a new encryption method: symmetric encryption

symmetric encryption: using the encryption method of single key cryptosystem, information encryption and decryption can only use the same password

when sending a file:

1. You get the abstract of the original text through hash operation and use the private key to encrypt it to get your digital signature. Then you symmetrically encrypt the digital signature and the original text of the contract to get the ciphertext a - encrypt the original text

2. You get my public key through Ca and asymmetrically encrypt the symmetric encryption secret key in the above steps, That is my "digital envelope" -- encrypt the secret key

3, send the ciphertext A and my digital envelope to me

Digital Signature: extract the abstract of the source file with hash algorithm and encrypt the content with the sender's private key

digital envelope: encrypt the symmetric secret key with the public key of the receiver, which is called "digital envelope for Party B"

when receiving files:

1. I use my private key to decrypt the digital envelope and get the symmetric secret key, which means it is sent to me

2. I use the symmetric secret key to decrypt ciphertext A and get the original text with your digital signature

3. I use your public key to decrypt your digital signature and get the original text Abstract in the signature, Note that the sender is you

4. Use the same digest algorithm to obtain the original digest and compare it with the digest in the decryption signature. If the digest is consistent, then the original has not been tampered with

in addition to the content of the file can not be tampered with, it is also very important to accurately record the signing time and fix the effective period of the contract. How can we ensure that the signing time of the contract can not be tampered in the network environment

key point 5: time stamp to prove

I also consulted experts. It turns out that our country has a special legal time service center, which can stamp "time stamp" on the documents we sign, that is, time stamp

time stamp: the time when a document is signed in writing is written by the signer himself, while the digital time stamp is added by the third party certification authority (DTS), which is more accurate and credible based on the time when the document is received by DTS

so far, we have accurately recorded the time of signing the contract, the content of the contract can not be tampered with, and the identities of both parties are true and effective, which is no problem! However, how to store the signed electronic contract? No matter which party signs the contract, disputes will inevitably question the security of the contract ring storage

key point 6: find an authoritative third party to deposit the certificate