Encryption technology is a basic security measure adopted in e-commerce, and both parties can use it in the information exchange stage as needed. Encryption technology is divided into two categories, namely symmetric encryption and asymmetric encryption.
(1) symmetric encryption.
Symmetric encryption is also called private key encryption, that is, the sender and receiver of information use the same key to encrypt and decrypt data. Its biggest advantage is its fast encryption/decryption speed, which is suitable for encrypting a large number of data, but the key management is difficult. If both parties can ensure that the private key is not leaked in the key exchange stage, then the confidentiality and message integrity can be realized by encrypting the confidential information by this encryption method and sending the message digest or message hash value with the message.
(2) Asymmetric encryption.
Asymmetric encryption, also known as public key encryption, uses a pair of keys to complete encryption and decryption operations, one of which is publicly released (that is, the public key) and the other is kept by the user himself (that is, the private key). The process of information exchange is: Party A generates a pair of keys and discloses one of them to other parties as a public key. Party B who obtained the public key encrypts the information and sends it to Party A, and Party A decrypts the encrypted information with its own private key.
(2) Authentication technology.
Authentication technology is a technology to prove the identity and file integrity of the sender and receiver by electronic means, that is, to confirm that the identity information of both parties has not been tampered with during transmission or storage.
(1) digital signature.
Digital signature, also known as electronic signature, can play the role of authentication, approval and entry into force of electronic documents just like presenting handwritten signature. The realization method is to combine hash function with public key algorithm. The sender generates a hash value from the message body and encrypts the hash value with his own private key to form the sender's digital signature. Then, the digital signature is sent to the receiver of the message together with the message as an attachment of the message; The receiver of the message first calculates the hash value from the received original message, and then decrypts the digital signature attached to the message with the public key of the sender;
(2) Digital certificate.
A digital certificate is a file digitally signed by a certificate authority, which contains information about the owner of the public key and the public key. The main components of a digital certificate include the user's public key, the user identifier of the key owner and the trusted third-party signature. The third party is generally a certification authority (CA) trusted by users, such as government departments and financial institutions. The user submits his public key to the public key certificate authority in a secure way and obtains the certificate, and then the user can disclose the certificate. Anyone who needs the user's public key can get this certificate and verify the validity of the public key through the relevant trust signature. Digital certificate provides a way to verify the identity of the other party through a series of data that marks the identity information of each party in the transaction, and users can use it to identify the identity of the other party.