Digital Signature

4.4 Digital Signature

4.4.1 Sign the Document with Public Key Algorithm

In traditional commercial activities, one usually signs a document to express his agreement with the content of the document, and his willingness to enjoy prescribed rights and assume corresponding responsibilities. Thus the signature should be credible, verifiable, and cannot be counterfeited and reused while the signed document should not be modified or denied. In e-commerce, two parties negotiate and enter into contracts through network. Documents thus formed are mostly in the electronic form. But a problem may arise as to whether we can find a similar way to make both parties sign the electronic documents. To solve this problem, we should first take into consideration the fact that the electronic document is easily copied and reused. Therefore, we must find a new way to sign the electronic document. Now people have found many digital signature algorithms, such as RSA, DSA and discrete logarithmic algorithm, which can solve the above-mentioned problems.

Figure 4.2 RSA digital signature algorithms

4 Security Technologies in E-commerce

In RSA, both public key and private key can be used for encryption, but the effects are different. Encryption with public key and decryption with private key have formed the usual public key encryption system. If encryption is done with Alice’s private key, then decryption can be done only with Alice’s public key. This can be the reliable evidence that Alice has encrypted this message. If a document is encrypted by Alice only when she agrees with its content, a kind of secure digital signature system is thus formed. The procedure of RSA signature is outlined as follows:

(1) Alice encrypts the document with her private key, which means signing the document. (2) Alice sends the signed document to Bob. (3) Bob decrypts the document with Alice’s public key, which is the authentication

of the signature. The signature satisfies the requirements of the user as follows: (1) Verifiable: if the signature is made by Alice, then it can be decrypted with

Alice’s public key.

(2) Credible: if the message can be authenticated with Alice’s public key, it can

be assured that the message is signed by Alice. (3) Non-counterfeited: only Alice knows her private key, and no one else can sign the message with Alice’s private key. (4) Non-reusable: since the signature is the function of the document, the existing signature cannot be transferred to other documents.

(5) Undeniable: if Alice’s public key is known, it can be proved that Alice has signed the document.

The aim of signature is to prove that the signer has the responsibility and obligation related to the document, rather than keep the content of the document secret. Thus two most important insecure elements of digital signature are: first, the signer denies having signed the document. Second, the signature might be counterfeited. If the denier or counterfeiter’s computational power is presumably finite, then the digital signature is secure. However, if his computational power is infinite, then the signature might be successfully denied or counterfeited. To solve such problems, there have been some new methods, which represent a new direction in digital signature research.

4.4.2 Signature with One-way Hash Function and Public Key System

One-way Hash function: if a function ( ) f x satisfies the following two conditions, we call it a one-way function:

(1) There exists a polynomial time algorithm A, such that ( ) Ax fx () y . (2) There is no polynomial time algorithm B, such that ( ) By x . The definition indicates that a one-way function is easy to compute but extremely difficult to compute in an inverse way. If one-way function ( ) f x has

Introduction to E-commerce

fx () 1 and fx () 2 with respect to any of x x and 1 , 2 , () f x and 1 fx () 2 have the same binary digit, we call this function one-way hash function. One-way Hash function is a many-to-one function; it cannot be assured that two documents are the same when the Hash values are the same. If the Hash values are different, however, the probability that the two documents are same is very small. For example, if two documents with 120-digit hash values are different, the probability

that the two hash values are the same is less than 120 2 . Because of this, one-way Hash functions are usually used as the fingerprint of a document or the digest of

the message.

Signature with one-way Hash function and public key algorithm: since the digital signature often requires exponential modular computation, and here modules are all 200- or 300-digit decimal natural numbers, the efficiency of digital signature is very low for its tremendous computation. So the digital signature algorithm and one-way Hash function are usually combined. First we should calculate the function value of the long document with one-way Hash function, and the calculated value is much smaller than the document itself. Then we sign this function value to realize the signing of the original document. The signature procedure is outlined as follows:

(1) Alice generates the one-way Hash value of the document. (2) Alice encrypts the Hash value with her private key. (3) Alice sends the document and the Hash signature to Bob. (4) Bob uses the document sent by Alice to generate the Hash value of the

document, and then uses the public key of Alice to decrypt the Alice’s signature. If the two results match, then the signature is valid.

This method greatly reduces the computational complexity of digital signature.

Dokumen yang terkait

AN ALIS IS YU RID IS PUT USAN BE B AS DAL AM P E RKAR A TIND AK P IDA NA P E NY E RTA AN M E L AK U K A N P R AK T IK K E DO K T E RA N YA NG M E N G A K IB ATK AN M ATINYA P AS IE N ( PUT USA N N O MOR: 9 0/PID.B /2011/ PN.MD O)

0 82 16

Anal isi s L e ve l Pe r tanyaan p ad a S oal Ce r ita d alam B u k u T e k s M at e m at ik a Pe n u n jang S MK Pr ogr a m Keahl ian T e k n ologi , Kese h at an , d an Pe r tani an Kelas X T e r b itan E r lan gga B e r d asarkan T ak s on om i S OL O

2 99 16

The Effectiveness of Computer-Assisted Language Learning in Teaching Past Tense to the Tenth Grade Students of SMAN 5 Tangerang Selatan

4 116 138

Modul TK E 2016 150 hlm edit Tina M imas

2 44 165

Membangun aplikasi e-commerce pada Toko Reafshop Bandung

1 26 687

Pengaruh Persepsi Kemudahan dan Kepuasan Wajib Pajak Terhadap Penggunaan E Filling (Survei Pada Wajib Pajak Orang Pribadi Di Kpp Pratama Soreang)

12 68 1

PENGARUH ARUS PENGELASAN TERHADAP KEKUATAN TARIK PADA PENGELASAN BIMETAL (STAINLESS STEEL A 240 Type 304 DAN CARBON STEEL A 516 Grade 70) DENGAN ELEKTRODA E 309-16

10 133 86

Factors Related to Somatosensory Amplification of Patients with Epigas- tric Pain

0 0 15

TEKNIK PERLAKUAN PENDAHULUAN DAN METODE PERKECAMBAHAN UNTUK MEMPERTAHANKAN VIABILITAS BENIH Acacia crassicarpa HASIL PEMULIAAN (Pretreatment Technique and Germination Method to Maintain the Viability of Acacia crassicarpa Improved Seed)

0 1 11

The Risk and Trust Factors in Relation to the Consumer Buying Decision Process Model

0 0 15