Current location - Quotes Website - Personality signature - Use of personal digital certificates
Use of personal digital certificates

The core of a personal digital certificate is to identify identities and one-way encrypt sensitive data through asymmetric encryption algorithms. It consists of a certificate, public key, and private key. The certificate and public key exist on both the client and the server, and the private key only exists on the client. The certificate can be issued by a certification authority, or it can be a self-signed certificate. Its main function is to match the public and private keys of the server and the client. It does not play a big role in the use of personal digital certificates.

Using the characteristics of private key signature and public key signature verification, the identity of the data source can be verified. Since the private key is unique and confidential, the data signed by the private key represents the identity of the private key holder and cannot be forged by others.

SMS or email verification codes can also identify identities, but the steps are cumbersome and not suitable for frequent use scenarios. The use process of personal digital certificates is almost transparent to users.

The bank’s U-Shield actually implants the personal digital certificate into the U-Shield after undergoing multiple offline identity verifications (ID card, bank card, mobile phone number, etc.), and performs physical and network verification isolation. When using U-Shield, use the private key to sign the data. If the corresponding public key in the bank server can successfully verify the signature, it means that the identity is legal and sensitive operations such as transfers and cash withdrawals can be performed.

There are also personal digital certificates in payment apps. The function is similar to that of U-shield, except that the identity verification conditions are weaker (payment password, mobile phone number, etc.). In addition, there is no physical isolation and is stored in the mobile phone.

Using public key encryption, only the corresponding private key can be decrypted, so sensitive data can be encrypted. So the one-way here refers to the transmission from server to client. After the server encrypts the data with a specific public key, only the client with the corresponding private key can decrypt it and obtain the plain text.

The payment code of a certain payment is used to ensure the offline security of the payment code.

Issuance process

Usage process

The following process first identifies the identity and then encrypts the sensitive data one-way

Related articles
  • What is the premise of brushing roots? Usb debugging on
  • Extreme Challenge What color does Luo Zhixiang’s girlfriend like?
  • Help design the signature, Zhang Ling.
  • Selected humorous text messages for couples
  • Must I stamp the receipt?
  • There is only a thin line between fashion and diaosi, and a bad match is the scene of a car accident. How much do you know about fashion coldness?
  • Taobao online purchase, the seller has delivered the goods, and the logistics information shows that the buyer has signed for it, but what should I do if I have not received the goods?
  • Lines in the Prose Legend of the New White Snake
  • How much does it cost to open a mala Tang franchisee?
  • What should I do to send a personal signature?

    • copyright 2024 Quotes Website All rights reserved