【正文】 如果二個(gè)消息摘要是相同的，消息完整性（即它沒有被傳送被篡改由阿麗斯發(fā)出）被證實(shí)。 使用阿麗斯的公共密鑰，接收者，鮑伯，能只解密消息摘要，從而核實(shí)阿麗斯傳送的信息假設(shè)，公共密鑰恰當(dāng)?shù)赝Ⅺ愃孤?lián)系在一起。被加密的消息摘要是那則消息的阿麗斯的數(shù)字簽名和被送到鮑伯由有原始消息的阿麗斯。每則消息有一個(gè)獨(dú)特的消息摘要。組成她的消息，然后使用阿麗斯“散列函數(shù)”：她的加密軟件生產(chǎn)“消息摘要”消息。核實(shí)發(fā)送者的身份和消息的完整性 公鑰加密可以用來驗(yàn)證身份的發(fā)送者身份和信息的完整。 阿麗斯然后加密她的與鮑勃的公共密鑰的消息，并且傳送它到在開放型網(wǎng)絡(luò)的鮑勃。例如，假設(shè)阿麗斯想要告訴鮑勃她愛他。使用二把鑰匙之一，一旦消息被加了密，它可能由另一把鑰匙只解碼。一個(gè)關(guān)鍵是保密的（私鑰）而另一把鑰匙使成為公共可用（公共密鑰）。他們從一個(gè)文件，包括圖形圖像的發(fā)送者的親筆簽名（簡單但不可靠），以生物技術(shù)，如虹膜掃描（復(fù)雜但可靠）。什么是數(shù)字簽名？ 數(shù)字簽名是電子簽名的一種形式。聯(lián)合國國際貿(mào)易法委員會(huì)（“UNCITRAL”），歐洲聯(lián)盟和許多個(gè)人管轄權(quán)的立法，以促進(jìn)和控制使用數(shù)字簽名和公鑰基礎(chǔ)設(shè)施，使企業(yè)正在考慮使用這些安全技術(shù)需要了解的技術(shù)和法律環(huán)境。 依靠PKI和數(shù)字簽名會(huì)面臨各種挑戰(zhàn)。解決這些安全問題方法之一，數(shù)據(jù)傳輸?shù)拈_放式網(wǎng)絡(luò)，如因特網(wǎng)，是使用加密技術(shù)。木星通信預(yù)測，在美國市場，僅花費(fèi)在B2B將在2005年之前達(dá)到63萬億美元，相當(dāng)于美國2000年的B2B開支的20倍。 Provided by a certification service provider。s digital certificates is known as public key infrastructure. Digital signatures rely on secure encryption technology. Governments are concerned that secure encryption techniques may be used by undesirables to avoid detection of their illegal activities. The resulting tension between the legitimate need of governments to control the use of encryption and the need of businesses to ensure security when transmitting sensitive data over open networks has not yet been resolved and is unlikely ever to be stable given continuing technological advances. Main legal challenges As is often the case, the law is catching up with new ways of doing business and new technologies. Offline transactions may not be treated in the same way as online transactions by applicable laws. The most obvious example of this in relation to digital signatures is whether a digital signature will satisfy any legal requirements for a document to be signed. Although the majority of European and G8 jurisdictions are moving expressly to confirm that a digital signature will satisfy the requirements for a signature, they are adopting a number of different approaches to achieve this ultimate goal. UNCITRAL is currently finalizing Draft Uniform Rules on Electronic Signatures, which is scheduled to be adopted in the summer of 2001. The EU adopted a Directive on Electronic Signatures (1999/93/EC) (the EU Directive), which must be transposed into the national laws of each member state of the EU by July 19, 2001. In addition to legislation on an international and regional level, some individual countries have already legislated for digital signatures. For example, in the US, on October 1, 2000, the Electronic Signatures in Global and National Commerce Act (ESGNCA) came into force under US federal law. The Act clarifies the legal status of electronic signatures, electronic contracts and electronic records in the context of writing and signing requirements imposed by US federal and state laws. Any state statute which adopts the earlier US Uniform Electronic Transaction Act may alter or supersede the general rule of validity governing instruments of electronic merce under ESGNCA. Does the law define digital signatures? Different laws adopt different definitions of digital signatures. In many jurisdictions, new laws on emerce and contracting online apply to electronic signatures in general。s public key by an independent trusted third party, monly referred to as a certification authority. The digital certificate issued by a certification authority is signed with the certification authority39。s digital signature for that message and is sent to Bob by Alice with the original message. Note that the original message does not have to be encrypted. The recipient, Bob, can only decrypt the message digest using Alice39。s public key, and sends it to Bob over the open network. The only way in which the inset message can be decrypted is by applying Bob39。參考文獻(xiàn)[1] Diffie W, Hellman M E. New Directions in cryptography [J]. IEEE Transactions on Information , IT 22(6):644654.[2] 吳克力．?dāng)?shù)字簽名理論與算法研究[D] ．中國優(yōu)秀博碩士學(xué)位論文全文數(shù)據(jù)庫 (博士), 2005, (02)．[3] Chaum D. Blind Signatures for Untraceable Payments [A]. Santa Barbara, California, SpringerVerlag,1983. [4] 王振武．?dāng)?shù)字簽名技術(shù)的研究[J] ．遼寧大學(xué)學(xué)報(bào)，2004，27（12）：8789．.[5] 李彥，王柯柯．基于PKI技術(shù)的認(rèn)證中心研究[J] ．計(jì)算機(jī)科學(xué)，2006，33（2）：110111[6] 彭冰，楊宗凱，譚運(yùn)猛．盲簽名在電子現(xiàn)金中的應(yīng)用[J] ．計(jì)算機(jī)工程與應(yīng)用，2003，19：3133．[7] 許靜，馮偉成，周蓮英．基于基于部分盲簽名的新型電子現(xiàn)金安全系統(tǒng)研究[J] ．計(jì)算機(jī)工程，2006，32（19）：157158．[8] [美]Bruce Schneier著．吳世忠，祝世雄，張文政等譯．應(yīng)用密碼學(xué)協(xié)議、算法與C源程序[M] ．機(jī)械工業(yè)出版社，2000年一月第一版．附錄 Forecast for global revenues for B2B emerce are huge. Jupiter Communications predicts that in the US marketplace alone, spending on B2B will reach $ trillion USD by 2005, representing a twentyfold increase from B2B US spending 2000. Although the forecast are high, both business and consumers identify security concern as a key barrier to growth in online merce. One way of addressing these security concerns when transmitting data over open networks, such as the Internet, is to use encryption technologies. The use of digital signatures based on public key infrastructure (PKI) is the de facto standard for highlevel security on the Internet. There are challenges in relying on PKI and digital signatures. Not only are the IT systems on which they rely plex, but their use gives rise to a number of legal issues. The United Nation Commission on International Trade Law (UNCITRAL), the European Union and many individual jurisdiction are legislating to facilitate and control the use of digital signatures and PKI, so business that are considering using these security techniques need to understand both the technical and legal environment. This article explains what digital signatures and PKI are the legal and technical challenges they raise. What is a digital signature? Digital signatures are a form of electronic signature. The term electronic signature is used to describe the full range of electronic means to confirm the sender of the message. They range from a file including a graphical image of the sender39。最后，我把我最真摯的情感和深深的謝意獻(xiàn)給為我操勞了大半生的父母。董老師嚴(yán)謹(jǐn)?shù)闹螌W(xué)態(tài)度、開明的學(xué)術(shù)思想、正直的為人和兢兢業(yè)業(yè)的工作精神使我大受裨益。本文從選題到定稿的每個(gè)階段都傾注了董老師的大量心血，而且在繁忙的工作之余犧牲了很多休息時(shí)間來指導(dǎo)我的論文。第三，在分析掌握