Chinaunix首页 | 论坛 | 博客
  • 博客访问: 561414
  • 博文数量: 375
  • 博客积分: 0
  • 博客等级: 民兵
  • 技术积分: 15
  • 用 户 组: 普通用户
  • 注册时间: 2013-09-20 10:21
文章分类

全部博文(375)

文章存档

2015年(1)

2014年(374)

分类: LINUX

2014-08-18 13:37:58

原文地址:[Wiki] 什么是数字签名 作者:ailms

Digital signature

From Wikipedia, the free encyclopedia

Jump to: ,

This article concerns cryptographic signatures. For signatures in digital form, see .

A digital signature or digital signature scheme is a type of used to simulate the security properties of a handwritten on paper. Digital signature schemes normally give two algorithms, one for signing which involves the user's secret or , and one for verifying signatures which involves the user's . The output of the signature process is called the "digital signature."

# 注释 :数字签名或者数字签名方案是“非对称加密”的一种,用于模仿日常在纸质上的签名。

# 数字签名方案一般给出两种算法 :

#     -)1、一个调用户的 private key ,用于进行签名。

#     -)2、一个调用用户的公钥,用于校验签名。

# 签名过程的输出称为“数字签名”

A signature provides of a "message". Messages may be anything, from to a , or even a message sent in a more complicated . Digital signatures are used to create (PKI) schemes in which a user's public key (whether for , digital signatures, or any other purpose) is tied to a user by a issued by a . PKI schemes attempt to unbreakably bind user information (name, address, phone number, etc.) to a public key, so that public keys can be used as a form of .

# 注释 :一个签名提供对一个消息的“认证”。消息可以是任何内容,从电子邮件到合同,甚至是其他更加复杂的数据。

# 数字签名用于建立 PKI 方案,在该方案中,一个用户的身份和一个数字证书绑定在一起,证书由 CA 颁发。PKI 方案的目的是用公钥来表示一个用户的身份

Digital signatures are often used to implement , a broader term that refers to any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In some countries, including the , and in the , electronic signatures have legal significance. However, laws concerning electronic signatures do not always make clear their applicability towards cryptographic digital signatures, leaving their legal importance somewhat unspecified.

# 注释 :数字签名一般是用于实现“电子签名”,电子签名是一个意义上更加广泛的术语,不仅仅是数字签名而已,可以包括指纹等实现方式


A digital signature scheme typically consists of three algorithms:

# 注释 :一个数字签名方案应该包括下面3种算法 :

#     -)1、key generation (G 算法)随机生成一个 key 对(PK,SK)。PK 是校验用,SK 是签名用

#     -)2、算法 S :输入一个消息 m ,以及 SK ,产生一个签名 σ

#     -)3、算法 V :输入一个消息 m,以及 PK,一个签名 σ ,得出校验结果(接受/拒绝)

*        A algorithm G that randomly produces a "key pair" (PK, SK) for the signer. PK is the verifying key, which is to be public, and SK is the signing key, to be kept private.

*        A signing algorithm S, that on input of a message m and a signing key SK, produces a signature σ.

*        A signature verifying algorithm V, that on input a message m, a verifying key PK, and a signature σ, either accepts or rejects.

Two main properties are required. First, signatures computed honestly should always verify. That is, V should accept (mPKS (mSK)) where SK is the secret key related to PK, for any message m. Secondly, it should be hard for any adversary, knowing only PK, to create valid signature(s)

# 注释 :其中 V 算法中的 σ=S(m,SK)

阅读(424) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~