wo-piece jigsaw. Under the UK Electronic Communications Act 2000 these ‘jigsaws’ are registered with a Cryptography Service Provider (CSP). One of the most common encryption applications is PGP (Pretty Good Privacy). PGP also automatically compresses any data it encrypts. The industry standard for encrypting data communications is SSL (Secure Sockets Layer). The asymmetric system is a great step forward form the private key system but there are still problems. How can the identity of the parties be ascertained? This question can be addressed through the use of digital signatures.
What are Electronic Signatures and Digital Signatures?
It is common for the terms ‘electronic signature’ and ‘digital signature’ to be used interchangeably. However, it has to be stated that these terms are very different and can result in different legal implications.
An electronic signature is the broader definitional category. The term refers to multifarious identification mechanisms that include any electronic methods for connecting a party to a transaction. Electronic signatures include, inter alia, passwords, PIN numbers, a name typed at the bottom of an e-mail, a signature scanned into the computer, an electronic copy of a hand written signature, digitised biometric data, or a cryptography/digital signature.
As mentioned above, a digital signature is a subcategory of electronic signature that can is mostly used for sensitive or hi英语论文网 【http://www.51lunwen.org】gh-value transactions.
A digital signature entails using a specific technology called public key infrastructure (PKI), which generally involves a certificate authority, registration authority, subscriber, and a relying party.
PKI works as follows:
The potential user of PKI contacts the PKI authority and provides the registration authority with their details. The registration authority subsequently validates the identity of the user/subscriber.
The registration authority then submits a validity report on the user’s identity to the certificate authority. The user is then given a digital certificate and a "key pair." A key pair is an encryption-based mechanism for participating in electronic transactions. The subscriber (probably a buyer) uses the private key to sign transactions, and a relying party (probably a seller) uses the certificate authority's directory of public keys and certificates to validate that the subscriber is a valid key holder and signer within the rules of this particular PKI.
The subscriber now uses the digital certificate to perform, with various relying parties, any form of electronic commerce that the digital certificate supports.
Digital signatures can be achieved by simply applying the Two Key encryption described above, ie the recipient confirms the origin of the message by checking that his piece of the two pieces matches the sender’s piece. If the recipient can decode the message with his piece
本文来自:英语论文网 【http://www.51lunwen.org】 |
论文编号:
org200806160915115032 
