中文摘要 |
鑑於通訊網路及電腦計算技術進步,電子商務應用日益蓬勃發展,電子商務系統的安全性成為研究的關鍵問題。公開金鑰基礎設施(public key infrastructure, PKI)為實現電子商務安全的關鍵基礎技術,解決網路上身分認證、資訊完整性和不可否認性等安全問題,確保電子交易有效、安全地進行; PKI同時也存在對憑證中心(certificate authority, CA)的信任問題。本研究基於橢圓曲線密碼系統,設計及實作具自我驗證能力之PKI架構。註冊階段,可確保憑證中心不能偽造用戶的公鑰;使用階段,成員能在沒有CA參與的過程中,獨立相互驗證,降低系統依存性。本設計之架構,因為減低了對於CA的依存性,可以更有效地減低對CA安全管理方面的衝擊,以及在金鑰管理上的負擔。 |
英文摘要 |
Electronic commerce application grows vigorously, owing to advanced information network and operating technology of computer. The security of E-commerce systems becomes a key issue for research. Public key infrastructure (PKI) technology is emerging as the foundation for e-commerce security. PKI security helps to establish and maintain a trustworthy networking environment such as authentication, integrity, non-repudiation in place. However, there are certain trust issues exist between CA and members in a PKI context. This study introduces a self-certified public key cryptosystem with elliptic curve cryptosystem (ECC). With the authentication design of self-certified function, communicating peers not only can use secret parameters to ensure their compliance securely while running their identity checks, but also apply the context to rapidly perform identity authentication without other trusted servers during the key agreement phase. Therefore, the proposed measure is able to reduce the dependence on CA certification, and help decrease the administrative burden of CA key management. |