Current location - Quotes Website - Personality signature - How to use ca certificate to realize electronic signature
How to use ca certificate to realize electronic signature
Articles 13 and 14 of the Electronic Signature Law stipulate that an electronic signature shall be regarded as reliable if it meets the following conditions:

Technically, there are three ways to ensure that digital certificates are controlled by electronic signers when they are signed:

One is to set the signature password through the electronic signer;

Secondly, the system sends the verification code to the mobile phone or mailbox provided by the electronic signer, or provides the verification code generator to the electronic signer, and the electronic signer backfills the verification code to ensure that the digital certificate is controlled by the electronic signer;

The third is to call the digital certificate through EID. EID is a certificate derived from resident ID card, which can be used for remote identification on the Internet, namely "electronic identity". Technically, EID also uses PKI (public key)

Infrastructure, public key infrastructure), the private key is generated by smart chip, and then the certificate is issued by the public security department, and it is issued to citizens after on-site identity audit. Lesser Bairam

Using PKI, hard certificate and PIN code technology can effectively prevent identity information from being intercepted, tampered and forged on the network. And because EID has a PIN code, others will find it or steal it.

Cannot be used. EID itself adopts advanced cryptographic technology, so the important information in the key cannot be physically read, so it cannot be cracked, thus effectively avoiding being fraudulently used by others.

If the "digital signature" technology is adopted, it can generally be recognized as a reliable electronic signature.

Digital signature is not a digital image signed in writing, but an electronic signature of electronic documents through cryptographic technology. In fact, people can deny that they signed a document, and the accuracy of handwriting identification is not.

100%, but it is difficult to deny a digital signature. Because the generation of digital signature needs to use the private key and the corresponding public key to verify the signature, some existing schemes, such as digital certificate, bind the identity of the entity (legal subject) with the pair of private key and public key, which makes it difficult for the subject to deny the digital signature.

Digital signature is essentially a security measure. The receiver can prove the authenticity of the received message and the sender to a third party, and its use can ensure that the sender cannot deny and forge information.

The main way of digital signature is that the sender of a message generates a hash value (or message digest) from the message text. The sender encrypts this hash value with his own private key to form the sender's digital signature. Then, the digital signature will be sent to the recipient of the email as an attachment. The receiver of the message first calculates the hash value (or message digest) from the received original message, and then decrypts and verifies the digital signature attached to the message with the sender's public key. If the two hash values (also called hash values) are the same, the receiver can confirm that the digital signature belongs to the sender. The length of hash value is fixed and the operation is irreversible. The hash values of different plaintext are different, but the hash values of the same plaintext are the same and unique. Any change in the original text will change its hash value. Through this principle, we can identify whether the file has been tampered with.

In fact, the tampered digital signature data message is easy to find, and even the document can be identified in appearance without authentication, unless the defendant can submit a digital signature data message with different contents and no tampering is found.