What is an electronic signature?
At present, electronic signatures can be achieved through a variety of technical means. After confirming the exact identity of the signer, the electronic signature recognizes that people can sign an electronic record in many different ways. The methods are: digital signature based on PKI's public key cryptography technology; identification based on biometric statistics; fingerprint recognition by handprint, voice imprint or retina scan; a password code that allows the recipient to identify the sender's identity, Password or personal identification code PIN; computers based on quantum mechanics, etc. But the more mature, easy to use and operable, the electronic signature technology commonly used in advanced countries in the world and China is still based on PKI (PublicKeyInfrastructino) digital signature technology. 1. Pattern recognition of handwritten signatures or stamps Use handwritten signatures or seals as images, convert them with light scanning and store them in the database. When verifying this person, input them with light scanning, call up the corresponding images in the original database, and use the mathematical calculation of pattern recognition Method to compare to confirm the authenticity of the signature or seal. This method was once used in bank accounting counters. Due to the need for large-capacity database storage and the difference in handwritten signatures and stamps each time, it proves that this method is not suitable for transmission on the Internet. 2. Biometric technology Biometrics is a technology that uses human biometrics for identity authentication. Biometrics is the only representation of a person different from others. It can be measured, automatically identified, and verified. The biological identification system samples biological characteristics, extracts its unique characteristics for digital processing, converts to digital codes, and further stores these codes into characteristic templates to be stored in the database. When people interact with the identification system for identity authentication, the identification system obtains its The feature is compared with the feature template in the database to determine whether it matches, so as to determine or deny the person. The biometric technology mainly includes the following: (1) Fingerprint recognition technology. Everyone's fingerprint skin texture is unique and unchanged for life. By comparing his fingerprint with the fingerprint stored in the database in advance using a fingerprint recognition algorithm, he can verify his true identity. On the premise of identity recognition, paper official documents or data messages can be signed by handprint or placed on an IC card for signature. This kind of signature requires large-capacity database support, suitable for local face-to-face processing, and is not suitable for online transmission. (2) Retinal recognition technology. Retina recognition technology uses laser light to illuminate the back of the eyeball, scan and take hundreds of feature points of the retina, and digitize it to form a memory template and store it in the database for later comparison verification. The retina is an extremely stable biological feature, and it is a high-accuracy identification technology as identity authentication. However, it is difficult to use and is not suitable for direct digital signature and network transmission. (3) Voice recognition technology. Sound recognition technology is a kind of behavior recognition technology. It uses sound recording equipment to repeatedly measure and record the change of sound waveform, perform spectrum analysis, and make a sound template for storage after digital processing. During use, the sound collected on the spot is accurately matched with the registered sound template to identify the identity. This technique has poor accuracy and is difficult to use, and is not suitable for direct digital signatures and network transmission. The above identification method is suitable for face-to-face occasions, and is not suitable for remote network authentication and large-scale crowd authentication. 3. Password, password code or personal identification code. Traditional symmetric key encryption / decryption identification and signature method. Party A needs Party B to sign an electronic file. Party A can generate a random code and send it to Party B. Party B encrypts the random code and electronic file with the symmetric key agreed in advance by both parties and returns it to Party A. Party A uses the same symmetric key After decryption, the message is obtained and the random code is checked. If the random code is checked correctly, Party A can assume that the message comes from Party B. It is suitable for remote network transmission, symmetric key management is difficult, and it is not suitable for large-scale crowd authentication. 4. Computers based on quantum mechanics A quantum computer is a computer that performs calculations directly on the principles of quantum mechanics. It uses a new quantum cipher coding method, which uses the phase characteristics of photons to encode. Because the randomness of quantum mechanics is very special, no matter how clever the eavesdropper, it will leave traces when deciphering such a password, and even automatically change when the password is eavesdropped. It can be said that this will be the most secure password authentication and signature method in the world. However, this kind of computer is still at the stage of theoretical research, far away from practical applications. 5. Electronic signature based on PKI Electronic signatures based on PKI (Public Key Infrastructure) are called "digital signatures". Some people call it "digital signature" is "digital signature" is wrong. Digital signature is just a specific form of electronic signature. Although electronic signatures have achieved technical neutrality, they also bring inconvenience to use, and the law has further stipulated electronic signatures, such as the above-mentioned UNCTAD Model Law on Electronic Signatures and the EU ’s Common Framework for Electronic Signature "Directive" specifies "reliable electronic signature" and "advanced electronic signature". In fact, it stipulates the function of digital signature. This kind of regulation makes digital signature obtain better application security and operability. At present, the only practical electronic signature is public key cryptography. Therefore, the digital signature technology based on PKI is currently widely used at home and abroad, the technology is mature, and can be actually used. As a public key infrastructure, PKI can provide a variety of online security services, such as authentication, data confidentiality, data integrity, and non-repudiation. All of them use digital signature technology. This is also the focus of this article. Round Coffee Table,Coffee Table,Solid Wood Coffee Table,Metal Coffee Table Foshan City Misirui Furniture Co., Limited , https://www.fsmisiruifurniture.com
In symmetric key encryption / decryption authentication, ID + PIN (unique identity + password) is often used in practical applications. That is, the sender encrypts the ID and PIN with the symmetric key and sends it to the receiver. After decrypting, the receiver compares it with the ID and password stored in the background to achieve the purpose of authentication. The authentication method used by people in their daily life is the bank card. It is suitable for remote network transmission, symmetric key management is difficult, and it is not suitable for electronic signatures.