CN101697202B

CN101697202B - Electronic seal supporting endorsement of external safety component

Info

Publication number: CN101697202B
Application number: CN2009102358462A
Authority: CN
Inventors: 须清
Original assignee: Beijing Paragon Technology Co Ltd
Current assignee: Beijing Paragon Technology Co Ltd
Priority date: 2009-10-23
Filing date: 2009-10-23
Publication date: 2012-08-01
Anticipated expiration: 2029-10-23
Also published as: CN101697202A

Abstract

The invention provides an electronic signature supporting endorsement of external safety component, comprising a safety component and an electronic signature body, wherein the safety component comprises a safe information processing module and an encrypted operation module; the electronic signature body comprises an interface component, an information processing component and a printing module; the safety component obtains cipher-text information through carrying out an encrypted operation on signature information by the encrypted operation module taking private key information of an endorser and public key information of an endorsee as a password and sends the cipher-text information to the information processing component through the interface component, and the information processing component converts the cipher-text information into signature data printed by the printing module. By adopting the technology, the uniqueness and the non-imitability of the signature information are improved and electronic bills are safer to be used. Because the invention realizes effective signatures of the electronic bills by adopting an easy identification and use method, risks of using the electronic bills are remarkably reduced, and the development of modern financial industry is promoted.

Description

The Electronic Signature of external safety component dorsal support bookmark name

Technical field

The present invention relates to the Electronic Signature of external safety component dorsal support bookmark name, particularly relate to the endorsement signing messages is printed on the information medium after encrypting and passes to the Electronic Signature of the external safety component that is used for bill identification of the electronic unit that is embedded in the medium.

Background technology

Along with the development of modern economy, the health of financial circles, orderly, safe development are significant for current economic development.In the financial circles development, popularize to the comprehensive of various financial documents gradually from money transaction, become the main means of payment that miscellaneous service is carried out in the modern economy like the letter of credit, cashier's cheque, check etc.But because the value of financial document itself and circulation receive very big challenge for the security of financial document.Report is arranged when forging case that the letter of credit, cashier's cheque, check carry out financial swindling all over the world.And owing to the circulation of the letter of credit, cashier's cheque, check can repeatedly be transferred the possession of, and wherein any once transfer appearance forgery all possibly bring massive losses to the related side.

With regard to the antifalsification of the present employed letter of credit, cashier's cheque, check normally based on some anti-false signs on concession manufacturing and the ticket; The validation of the letter of credit, cashier's cheque, check is based on the person's that provides the bill signature or endorsement.And based on the reason of cost with technology, the anti-false sign of the letter of credit, cashier's cheque, check is also uncomplicated, is easy to by the fake producer imitated.And there are two problems in the signature or the endorsement that are used for the validation of the letter of credit, cashier's cheque, check: be that signature or the endorsement that same individual carries out in decentraction situation attitude, different time points can not guarantee in full accord on the one hand; Cause effective signature or endorsement to be rejected acceptance; Be because signature that requires to carry out or endorsement must be basic identical at every turn on the other hand, for the fake producer provides the chance of faking.Signer or endorsement person's signature or endorsement information is no matter how unique, in case seen signature or endorsement information by illegal person, the exercise through certain hour can realize the imitation for signature or endorsement information fully.And be to compare by human eye to judge for the validation of the letter of credit, cashier's cheque, check now.The safety technique that obvious existing ticket adopted can not provide safeguard for the Secure Transaction function that realizes bill.

Use the replacement signature that carves a seal for many years in China, though guaranteed the consistance of each signature, owing to carve a seal too easily by imitated, so and dangerous.Even through the administrative intervention of government, take the administrative authorization mode to specify and have only professional could carry out the business of carving a seal, but can not stop illegal person's imitated behavior owing to the technical not high of itself through authorizing.Though extensively popularizing of the development of modern network technology and internet is for the development of financial circles brings new opportunity.Like Internet-based banking services and for the electronic key authentication techniques that guarantee Internet-based banking services safety are just becoming the important directions that modern finance already develops, but the safety that also greatly threatening Web bank such as network hacker, virus, fishing program simultaneously.Be still the major transaction instrument of modern finance industry based on the business transaction of financial document.

Summary of the invention

Technical matters to be solved by this invention is how to strengthen the safety of electronic bill and how to guarantee the signing messages of electronic bill and/or the security and the validity of endorsement information; And realize effective circulation of electronic bill with the mode of a kind of easy identification and use; To reduce the risk in the electronic bill use, promote the development of modern finance industry.

Term explanation: during technical scheme of the present invention is described, " Electronic Paper " be meant comprise have that bistable state or multistable electronic material constitute can display message equipment or parts or flexible display material, can change its displaying contents through electronization.The electrodeless Electronic Paper of Beijing Pai Ruigen scientific and technological invention, the electric wetting Electronic Paper of Beijing Pai Ruigen scientific and technological invention, the electric ink of E-ink company, the electrophoresis cartridge of SIPIX company etc. are typically arranged.

The term explanation: during technical scheme of the present invention was described, financial document was to be used to carry out the voucher relevant with financial business in the financial business field.Write down at least one information relevant on the bill with financial business.

The term explanation: during technical scheme of the present invention was described, electronic bill was to be applied to every field and professional relevant voucher.Write down at least one information relevant on the bill with business.Comprise passenger ticket and shipping ticket in financial document, the communications and transportation, film ticket, food and drink ticket, coupons, lottery ticket etc.

Term explanation: among the present invention, endorsement is meant that the owner of bill transfers other people with bill and the behavior confirmed.Show as and on bill, stay at least one and prove information or the sign of bill owner in order to confirm.

The term explanation: during technical scheme of the present invention was described, radio electronic label, RFID, RF Tag, RFID tag, electronic tag etc. had identical implication.

The term explanation: during technical scheme of the present invention was described, the implication of " endorsement " was meant in industries such as financial field, and electronic bill is expressed the proof information that realizes relevant proprietorial transfer of electronic bill or payment respective value fund through information specific.The implication of " remote holder endorsement " is to show that the bill that the electronic bill holder is obtained is that its bill supplier transfers the bill holder through " endorsement ", and the information of " remote holder endorsement " is that the validity of this transfer proves.

For addressing the above problem; The technical solution that proposes is at first to design a kind of Electronic Signature; Employing presents the information of Electronic Signature with a kind of visible mode, even be that the information of Electronic Signature is not easy imitated or has imitated the thinking of dealing with problems that can not effectively use simultaneously.At first, the electronic bill that technical scheme of the present invention adopted and the electronic bill of prior art have difference, and the present invention is adopted as the special technology scheme of the present invention that realizes.

1, a kind of electronic bill is characterized in that comprising information medium, sets a particular signature zone at the front and/or the reverse side of said information medium, signing messages is encrypted the cipher-text information that obtains be printed on said particular signature zone usefulness.

2, a kind of electronic bill; It is characterized in that comprising information medium; In said information medium, embedded electronic unit and in the front of said information medium and/or reverse side set a particular signature zone, signing messages is encrypted the cipher-text information that obtains is printed on said particular signature zone and/or signing messages is encrypted the cipher-text information that obtains and write in the said electronic unit; Perhaps with signing messages with encrypt the cipher-text information that obtains from the data message that said electronic unit reads and be printed on said particular signature zone and/or will comprise signing messages and encrypt the cipher-text information that obtains and write the said electronic unit from the data message that said electronic unit reads.

3, a kind of electronic bill; It is characterized in that comprising information medium; In said information medium, embedded electronic unit and in the front of said information medium and/or reverse side set a particular signature zone, signing messages is encrypted the cipher-text information that obtains all or first is printed on said particular signature zone and/or the whole or second portion of signing messages being encrypted the cipher-text information that obtains writes in the said electronic unit; Perhaps be printed on said particular signature zone and/or write the said electronic unit with signing messages with from the whole or second portion that the data message that said electronic unit reads is encrypted the cipher-text information that obtains with signing messages with from the whole or first that the data message that said electronic unit reads is encrypted the cipher-text information that obtains.

4, in the solution of above-mentioned electronic bill, the private key that said cipher-text information comprises with the electronic bill supplier is that key adopts asymmetric enciphering and deciphering algorithm result calculated to said signing messages.

5, in the solution of above-mentioned electronic bill, it is to be the second algoritic module result calculated that password adopts asymmetric enciphering and deciphering algorithm with electronic bill recipient's PKI again after key adopts first algoritic module of asymmetric enciphering and deciphering algorithm to calculate to said signing messages that said cipher-text information comprises private key with the electronic bill supplier.

6, in the solution of above-mentioned electronic bill, it is to be the second algoritic module result calculated that password adopts asymmetric enciphering and deciphering algorithm with electronic bill supplier's private key again after key adopts first algoritic module of asymmetric enciphering and deciphering algorithm to calculate to said signing messages that said cipher-text information comprises PKI with the electronic bill recipient.

7, in the solution of above-mentioned electronic bill, first result of calculation that to be key calculate first algoritic module of the asymmetric enciphering and deciphering algorithm of part or all of employing of said signing messages that said cipher-text information comprises private key with the electronic bill supplier and be second result of calculation that password adopts second algoritic module of asymmetric enciphering and deciphering algorithm to calculate partly or entirely with electronic bill recipient's PKI to said signing messages.

8, in the solution of above-mentioned electronic bill, one of following information or several combinations have been write down with the plaintext form in the surface of said information medium: the amount of money, the term of validity, the date of making out an invoice, the date of payment, drawer, payer, accepter, income people, whether negotiable.

9, in the solution of above-mentioned electronic bill, said signing messages comprises endorsement information, and said endorsement information comprises endorsement person's information and by endorsement person's information.Said endorsement information can further comprise one of following information or several combinations: date of endorsement, the term of validity, whether negotiable.

10, in the solution of above-mentioned electronic bill, said signing messages comprises one of following information of electronic bill or several combinations: the amount of money, the term of validity, the date of making out an invoice, the date of payment, drawer, payer, accepter, income people, whether negotiable.

11, in the solution of above-mentioned electronic bill, said signing messages can further comprise remote holder endorsement person signing messages partly or entirely.

Electronic Signature of the present invention has kinds of schemes, is respectively:

1, a kind of Electronic Signature of external safety component dorsal support bookmark name; It is characterized in that on medium, signing; Comprise like lower component: safety component; Said safety component comprises security information processing module and enciphering algorithm module, and said safety component has been stored signing messages, endorsement person's private key information and by endorsement person's public key information; Electronic signature body comprises interface unit, information processing apparatus, print module;

Information processing apparatus is connected with said safety component and exchange message through interface unit; Said print module is connected with said information processing apparatus, and said print module can print information on medium; Said safety component will to be password carry out cryptographic calculation to said signing messages handles and obtain cipher-text information and through said interface unit said cipher-text information is passed to said information processing apparatus with said endorsement person's private key information with by endorsement person's public key information by said enciphering algorithm module, converts said cipher-text information into signed data that said print module prints by information processing apparatus.

2, a kind of Electronic Signature of external safety component dorsal support bookmark name; It is characterized in that signing comprising on the medium of electronic unit; Comprise like lower component: safety component; Said safety component comprises security information processing module and enciphering algorithm module, and said safety component has been stored signing messages, endorsement person's private key information and by endorsement person's public key information; Electronic signature body comprises interface unit, information processing apparatus, print module, module for reading and writing;

Said information processing apparatus is connected with said safety component and exchange message through said interface unit;

Said print module is connected with said information processing apparatus, and said print module can print information on medium;

Said module for reading and writing is connected with said information processing apparatus, and said module for reading and writing writes data and/or reading of data from electronic unit in electronic unit; Said safety component will to be password carry out cryptographic calculation to said signing messages handles and obtain cipher-text information and through said interface unit said cipher-text information is passed to said information processing apparatus with said endorsement person's private key information with by endorsement person's public key information by said enciphering algorithm module, converts said cipher-text information into signed data that said module for reading and writing writes in electronic unit by said information processing apparatus; And/or convert said cipher-text information into signed data that said print module prints by said information processing apparatus.

3,, a kind of Electronic Signature of external safety component dorsal support bookmark name; It is characterized in that signing comprising on the medium of electronic unit; Comprise like lower component: safety component; Said safety component comprises security information processing module and enciphering algorithm module, and said safety component has been stored signing messages, endorsement person's private key information and by endorsement person's public key information; Electronic signature body comprises interface unit, information processing apparatus, print module, module for reading and writing;

Said information processing apparatus is connected with said safety component and exchange message through said interface unit; Said print module is connected with said information processing apparatus, and said print module can print information on medium; Said module for reading and writing is connected with said information processing apparatus, and said module for reading and writing writes data and/or reading of data from electronic unit in electronic unit; Said safety component will to be password carry out cryptographic calculation to said signing messages handles and obtain cipher-text information and through said interface unit said cipher-text information is passed to said information processing apparatus with said endorsement person's private key information with by endorsement person's public key information by said enciphering algorithm module, converts the whole or first of said cipher-text information into signed data that said module for reading and writing writes in electronic unit by said information processing apparatus; And/or convert the whole or second portion of said cipher-text information into signed data that said print module prints by said information processing apparatus.

4, a kind of Electronic Signature of external safety component dorsal support bookmark name; It is characterized in that signing comprising on the medium of electronic unit; Comprise like lower component: safety component; Said safety component comprises security information processing module and enciphering algorithm module, and said safety component has been stored signing messages, endorsement person's private key information and by endorsement person's public key information; Electronic signature body comprises interface unit, information processing apparatus, print module, module for reading and writing;

Said module for reading and writing is connected with said information processing apparatus, and said module for reading and writing writes data and/or reading of data from electronic unit in electronic unit; Said safety component will to be password carry out cryptographic calculation to the data that from electronic unit, read, said signing messages handles and obtain cipher-text information and through said interface unit said cipher-text information is passed to said information processing apparatus with said endorsement person's private key information with by endorsement person's public key information by said enciphering algorithm module, converts said cipher-text information into signed data that said module for reading and writing writes in electronic unit by said information processing apparatus; And/or convert said cipher-text information into signed data that said print module prints by said information processing apparatus.

5, a kind of Electronic Signature of external safety component dorsal support bookmark name; It is characterized in that signing comprising on the medium of electronic unit; Comprise like lower component: safety component; Said safety component comprises security information processing module and enciphering algorithm module, and said safety component has been stored signing messages, endorsement person's private key information and by endorsement person's public key information; Electronic signature body comprises interface unit, information processing apparatus, print module, module for reading and writing;

Said module for reading and writing is connected with said information processing apparatus, and said module for reading and writing writes data and/or reading of data from electronic unit in electronic unit; Said safety component will be by said enciphering algorithm module with said endorsement person's private key information with carried out the cryptographic calculation processing by endorsement person's the public key information information that to be password forms the data that from electronic unit, read and said signing messages jointly and obtain cipher-text information and through said interface unit said cipher-text information is passed to said information processing apparatus, converts the whole or first of said cipher-text information into signed data that said module for reading and writing writes in electronic unit by said information processing apparatus; And/or convert the whole or second portion of said cipher-text information into signed data that said print module prints by said information processing apparatus.

6, preferably said enciphering algorithm module is supported rivest, shamir, adelman;

Said cryptographic calculation handle be with signing messages being that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result by endorsement person's PKI, be that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data to said first operation result with endorsement person's private key; Perhaps

It is to be that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with signing messages with endorsement person's private key that said cryptographic calculation is handled, to said first operation result being that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data by endorsement person's PKI; Perhaps

With signing messages is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with endorsement person's private key partly or entirely; With signing messages partly or entirely being that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain second operation result, said first operation result and said second operation result are combined as encrypt data in certain sequence by endorsement person's PKI.

7, the preferably said first computing mould comprises be described below one of algorithm or the combination in the rivest, shamir, adelman: cryptographic calculation, signature computing, decrypt operation.

8, the preferably said second computing mould comprises be described below one of algorithm or the combination in the rivest, shamir, adelman: cryptographic calculation, signature computing, decrypt operation.

9, preferably said safety component is a contact intelligent card, and said interface unit is an intelligent card interface; Or said safety component is the usb key card, and said interface unit is a USB; Or said safety component is the Wireless USB key card, and said interface unit is the radio universal serial line interface; Or said safety component is contact type intelligent card, and said interface unit is a wireless radio interface; Or said safety component is the contact safe memory card, and said interface unit is pcmcia interface or Micro SD interface or SF interface or memory stick (Memory Stick) interface.

10, preferably said electronic signature body further comprises keyboard device, and said information processing apparatus is handled the input information of said keyboard device; And/or said safety component further comprises keyboard device, and said security information processing module is handled the input information of said keyboard device.Can in signing messages, comprise the information that signer is imported through this keyboard device, like information such as the amount of money, date, signer names.

11, preferably electronic signature body further comprises radio receiving transmitting module, and said information processing apparatus is handled from the information of said radio receiving transmitting module and the information of the said radio receiving transmitting module transmission of control; And/or said safety component further comprises radio receiving transmitting module, and said security information processing module is handled the information of sending from the information of said radio receiving transmitting module and the said radio receiving transmitting module of control.Can in signing messages, comprise the information that signer is imported through this radio receiving transmitting module, like the information such as password of the amount of money, date, signer name, use Electronic Signature.

12, preferably in the such scheme:

Said keyboard device comprises one at least and confirms button; Perhaps said keyboard device comprises button and affirmation button of input 0 to 9 at least; Perhaps said keyboard device comprises the button of input 0 to 9, an affirmation button, a cancellation button at least; Perhaps said keyboard device comprises the button of input 0 to 9, an affirmation button, a rollback button at least; Perhaps said keyboard device comprises the button of input 0 to 9, an affirmation button, a cancellation button, a rollback button at least.

13, preferably said electronic signature body further comprises display unit, and said information processing apparatus is controlled the displaying contents of said display unit; And/or said safety component further comprises display unit, and said security information processing module is controlled the displaying contents of said display unit.Display unit can be used for the information of display keyboard input block input or information that radio receiving transmitting module receives or the raw information of preparing signature.Preferably the information of signature demonstration can be used alternatives.Replace with " * " character during such as the password of, input Electronic Signature.

14, preferably such scheme further comprises the fixedly support of Electronic Signature.Increase support and be convenient to printed signature information or carry out electronization or carry out communication, play fixing, balance and stabilization with electronic unit for Electronic Paper.

15, preferably the said print module of such scheme comprises abundant print needle or fine ink-jet pipe, and said print needle or fine ink-jet pipe cover the scope that stamped signature needs print What at least.

16, preferably in the such scheme:

The said signed data that prints is the data symbol of said cipher-text information; The perhaps said signed data that prints is the corresponding bar code information of said cipher-text information; The perhaps said signed data that prints is the corresponding bar code figure of said cipher-text information; The perhaps said signed data that prints is the corresponding two-dimensional bar code figure of said cipher-text information.

17, preferably the said raw data of such scheme comprises the identification information of said signature owner and said medium recipient's identification information; Perhaps said raw data comprises the identification information of said signature owner, said medium recipient's identification information and timestamp.

18, preferably the module of rivest, shamir, adelman described in the such scheme is supported commercial cipher algorithm and/or the dedicated asymmetric AES that RSA Algorithm and/or China national are approved;

19, preferably said medium is a paper medium or to comprise the medium of fibrous material.

Adopt the endorse method of signature of the Electronic Signature of above-mentioned dorsal support bookmark name following:

1, a kind of method that endorsement is signed on information medium is characterized in that comprising following steps:

Is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with signing messages with endorsement person's private key, to said first operation result being that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data by endorsement person's PKI; Perhaps

Being that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result by endorsement person's PKI, is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data to said first operation result with endorsement person's private key with signing messages; Perhaps

With signing messages is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with the private key of signer partly or entirely; With signing messages partly or entirely being that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain second operation result, said first operation result and said second operation result are combined as encrypt data in certain sequence by endorsement person's PKI;

Convert said encrypt data into printed signature information;

Said printed signature information is printed on the information medium.

2, a kind of method that endorsement is signed on information medium is characterized in that said information medium has embedded electronic unit, and signature comprises following steps:

Convert said encrypt data into write signed data, and convert said encrypt data into printed signature information to said electronic unit;

Said signed data is write said electronic unit, and said printed signature information is printed on the information medium.

3, a kind of method that endorsement is signed on information medium is characterized in that said information medium has embedded electronic unit, and signature comprises following steps:

Read data information from electronic unit;

Is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with signing messages and said data message with endorsement person's private key, to said first operation result being that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data by endorsement person's PKI; Perhaps

Being that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result by endorsement person's PKI, is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data to said first operation result with endorsement person's private key with signing messages and said data message; Perhaps

With signing messages and said data message is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with the private key of signer partly or entirely; With signing messages and said data message partly or entirely being that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain second operation result, said first operation result and said second operation result are combined as encrypt data in certain sequence by endorsement person's PKI;

4, a kind of method that endorsement is signed on information medium is characterized in that said information medium has embedded electronic unit, and signature comprises following steps:

With the first of said encrypt data or all convert the signed data that writes to said electronic unit into, and with the second portion of said encrypt data or all convert printed signature information into;

5, a kind of method that endorsement is signed on information medium is characterized in that said information medium has embedded electronic unit, and signature comprises following steps:

Read data information from electronic unit;

6, preferably before safety component is carried out the information communication of information connection and foundation and electronic signature body through the interface unit of electronic signature body in said each step.

The system schema that the endorsement signing messages is carried out authentication is following:

1, a kind of system that endorsement signature on the information medium is carried out authentication is characterized in that comprising:

Certificate server, said certificate server comprise information acquisition parts, data back, safety feature interface unit;

Information medium, said information medium surface has pair signing messages to encrypt the cipher-text information that obtains;

Safety feature, said safety feature comprise by endorsement person's key and decipherment algorithm realizes module;

Said certificate server carries out through said safety feature interface unit and said safety feature that wire signal is connected or wireless signal connects;

Stored said information medium owner's approval signing messages in the said data back;

Said information acquisition parts are gathered said cipher-text information and said cipher-text information are converted into by the cipher-text information data of said certificate server processing;

Said certificate server is given said safety feature with the cipher-text information data transfer, by said safety feature said cipher-text information data is deciphered the plaintext that obtains signing messages and the plaintext of signing messages is passed to said certificate server;

The whether consistent authentication that realizes information medium of the approval signing messages of storage in advance in the plaintext of said certificate server through more said signing messages and the said data back.

2, a kind of system that endorsement signature on the information medium is carried out authentication is characterized in that comprising:

Information medium has embedded electronic unit in the said information medium, in said electronic unit, has write signing messages is encrypted the cipher-text information that obtains;

3, a kind of system that endorsement signature on the information medium is carried out authentication is characterized in that comprising:

Information medium, said information medium comprises Electronic Paper, has in the said Electronic Paper signing messages is encrypted the cipher-text information that obtains;

4, a kind of system that endorsement signature on the information medium is carried out authentication is characterized in that comprising:

Information medium; Embedded electronic unit in the said information medium; In said electronic unit, write the first of signing messages being encrypted the cipher-text information that obtains, said information medium surface has pair signing messages to encrypt the second portion of the cipher-text information that obtains;

Said information acquisition parts gather said cipher-text information first and cipher-text information second portion and convert the first of said cipher-text information and the second portion of cipher-text information into handled cipher-text information data by said certificate server;

5, a kind of system that endorsement signature on the information medium is carried out authentication is characterized in that comprising:

Information medium; Embedded electronic unit in the said information medium; In said electronic unit, write the first of signing messages being encrypted the cipher-text information that obtains; Said information medium comprises Electronic Paper, has the second portion of signing messages being encrypted the cipher-text information that obtains in the said Electronic Paper;

6, a kind of system that endorsement signature on the information medium is carried out authentication is characterized in that comprising:

Information medium; Embedded electronic unit in the said information medium; In said electronic unit, write the first of signing messages being encrypted the cipher-text information that obtains; Said information medium comprises Electronic Paper, has the second portion of signing messages being encrypted the cipher-text information that obtains in the said Electronic Paper, and said information medium surface has pair signing messages to encrypt the third part of the cipher-text information that obtains;

Said information acquisition parts gather said cipher-text information first, cipher-text information second portion and cipher-text information third part and convert the first of said cipher-text information, the second portion of cipher-text information and the third part of cipher-text information into handled cipher-text information data by said certificate server;

7, preferably said data back stores endorsement person's public key information or the public key information that said secure device stores has endorsement person.

8, preferably said secure device stores has endorsement person's public key information and by endorsement person's private key information.

9, preferably:

Said safety feature is a contact intelligent card, and said safety feature interface unit is supported intelligent card interface; Or said safety feature is the usb key card, and said safety feature interface unit is supported USB; Or said safety feature is the Wireless USB key card, and said safety feature interface unit is supported the radio universal serial line interface; Or said safety feature is contact type intelligent card, and said safety feature interface unit is supported wireless radio interface; Or said safety feature is the contact safe memory card, and said safety feature interface unit is supported pcmcia interface or Micro SD interface or SF interface or memory stick (Memory Stick) interface.

7, a kind of method that endorsement signature on the information medium is carried out authentication comprises following steps:

The cipher-text information of the conduct signature on the Information Monitoring medium;

Certificate server passes to safety feature with said cipher-text information through wire communication mode and/or wireless communication mode, by said safety feature said cipher-text information data is deciphered the plaintext that obtains signing messages and the plaintext of signing messages is passed to said authentification of message system;

Whether the plaintext of judging said signing messages matees with the approval signing messages of said authentication server stores;

If mate then authentication success; If do not match then authentification failure.

8, a kind of method that endorsement signature on the information medium is carried out authentication comprises following steps:

Collection is presented on the cipher-text information of the conduct signature on the Electronic Paper of information medium;

9, a kind of method that endorsement signature on the information medium is carried out authentication comprises following steps:

Collection is embedded in the cipher-text information of the conduct signature that the electronic unit in the information medium stores;

10, a kind of method that endorsement signature on the information medium is carried out authentication comprises following steps:

Collection be embedded in the conduct signature that the electronic unit in the information medium stores cipher-text information first and gather the second portion of the cipher-text information of the conduct signature that is printed on the information medium;

Certificate server passes to safety feature with the first of said cipher-text information and the second portion of cipher-text information through wire communication mode and/or wireless communication mode, by said safety feature the second portion of the first of said cipher-text information and cipher-text information is deciphered the plaintext that obtains signing messages and the plaintext of signing messages is passed to said authentification of message system;

11, a kind of method that endorsement signature on the information medium is carried out authentication comprises following steps:

Collection be embedded in the conduct signature that the electronic unit in the information medium stores cipher-text information first and gather the second portion of the cipher-text information of the conduct signature on the Electronic Paper that is presented on information medium;

12, a kind of method that endorsement signature on the information medium is carried out authentication comprises following steps:

Collection is embedded in the first of the cipher-text information of the conduct signature that the electronic unit in the information medium stores, gather the conduct signature on the Electronic Paper that is presented on information medium cipher-text information second portion and gather the third part of the cipher-text information of the conduct signature that is printed on the information medium;

Certificate server passes to safety feature with the first of said cipher-text information, the second portion of cipher-text information and the third part of cipher-text information through wire communication mode and/or wireless communication mode, by said safety feature the third part of the second portion of the first of said cipher-text information, cipher-text information and cipher-text information is deciphered the plaintext that obtains signing messages and the plaintext of signing messages is passed to said authentification of message system;

Beneficial effect of the present invention: the present invention improved signing messages uniqueness, can not copying property, make the use of electronic bill safer.Owing to adopt the mode of a kind of easy identification and use to realize effective signature of electronic bill, can significantly reduce the risk in the electronic bill use, promote the development of modern finance industry.

Description of drawings:

Fig. 1 is that Electronic Signature of the present invention is realized synoptic diagram for first kind.

Fig. 2 is that Electronic Signature of the present invention is realized synoptic diagram for second kind.

Fig. 3 is first kind of implementation principle of work of Electronic Signature of the present invention synoptic diagram.

Fig. 4 is second kind of implementation principle of work of Electronic Signature of the present invention synoptic diagram.

Fig. 5 is the third implementation principle of work synoptic diagram of Electronic Signature of the present invention.

Fig. 6 is the third realization synoptic diagram of Electronic Signature of the present invention.

Fig. 7 is that Electronic Signature of the present invention is realized synoptic diagram for the 4th kind.

Fig. 8 is the 4th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.

Fig. 9 is the 5th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.

Figure 10 is the 6th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.

Figure 11 is authentification of message system of the present invention first kind of realization synoptic diagram.

Figure 12 is authentification of message system of the present invention second kind of realization synoptic diagram.

Figure 13 is the first method synoptic diagram that signs electronically.

Figure 14 is the second method synoptic diagram that signs electronically.

Figure 15 is the third method synoptic diagram that signs electronically.

Figure 16 is the 4th kind of method synoptic diagram that signs electronically.

Figure 17 is the first method synoptic diagram that carries out electronics endorsement signature.

Figure 18 is the second method synoptic diagram that carries out electronics endorsement signature.

Figure 19 is the first method synoptic diagram that carries out electronics reendorse signature.

Figure 20 is the second method synoptic diagram that carries out electronics reendorse signature.

Figure 21 is the first method synoptic diagram that carries out electron underwriting authentication.

Figure 22 is the second method synoptic diagram that carries out electron underwriting authentication.

Figure 23 is an electronic bill synoptic diagram of the present invention.

Embodiment:

Further describe specific embodiments of the present invention below in conjunction with accompanying drawing.

Fig. 1 is that Electronic Signature of the present invention is realized synoptic diagram for first kind.Electronic Signature 100 comprises information processing apparatus 101 and print module 102, and print module 102 is connected with said information processing apparatus 101, and print module 102 can print information on medium.Print module 102 have one print that surface of contact 110 contacts with medium or near.Medium described herein refers generally to electronic bill, referring to Figure 23.Figure 23 is an electronic bill synoptic diagram of the present invention, sets a specific region 2302 at the information medium 2301 of electronic bill 2300 and is used for electronic signature.When signing electronically, the printing surface of contact 110 of print module 102 contacts with specific region 2302, and signing messages is printed on specific region 2302.Said information processing apparatus 101 comprises the rivest, shamir, adelman module and has stored the private key information of signing messages, signature owner; By said rivest, shamir, adelman module said signing messages, said private key information are carried out calculation process and obtain output information, convert said output information into signed data that said print module 102 prints by said information processing apparatus 101.The signed data of printing can be rendered as a string data usually and be convenient to the human eye perception.But the automatic identification of the inconvenient machine of a string data; Therefore the signed data of printing preferably is with modes such as bar code or two-dimensional bar codes and can adopts now corresponding bar code scanner or two-dimensional bar code reader to carry out automatic reading easily, can realize the automatic identification of signing messages.In this scheme, the public key information of signer is a public information, and can decipher this information with the public key information of signer and obtain raw information.Therefore can differentiate the true and false of the signing messages that Electronic Signature signs automatically through machinery and equipment.

Fig. 2 is that Electronic Signature of the present invention is realized synoptic diagram for second kind.Implementation than Fig. 1; In the implementation of Fig. 2; Electronic Signature 200 has increased by first fixed support 202 and second fixed support 203, and the Electronic Signature main body that comprises information processing apparatus 101 and print module 102 can be slided on first fixed support 202 and second fixed support 203.When not only printing the Electronic Signature main body, said first fixed support 202 and second fixed support 203, but also be convenient to aiming at and the location of print module 102 and specific region 2302 as the supporting & stablizing effect.Such as, on electronic bill, set a position reference point, through confirming the relative position of RP and first fixed support 202 and/or second fixed support 203, can both signing messages be printed to specific region 2302 in the time of just can guaranteeing to sign at every turn.

With the multiple implementation of being combined with of signing messages and electronic bill, Fig. 3, Fig. 4, Fig. 5 have provided the principle of work of three kinds of implementations respectively.Fig. 3 is first kind of implementation principle of work of Electronic Signature of the present invention synoptic diagram.Electronic Signature comprises information processing apparatus 302 and print module 303, and print module 303 is connected with said information processing apparatus 302, and it is the module signal of the principle of work of Fig. 1.

Fig. 4 is second kind of implementation principle of work of Electronic Signature of the present invention synoptic diagram.Electronic Signature comprises information processing apparatus 402 and radio frequency module for reading and writing 403, and radio frequency module for reading and writing 403 and said information processing apparatus 402 are connected through radiofrequency signal.This scheme requires in electronic bill, to embed radio electronic label, signing messages is encrypted the back write radio electronic label through radio frequency module for reading and writing 403.After adopting radio electronic label, though its information human eye is invisible, the characteristics of its contactless identification more help the use of Electronic Signature.If people hope to have the effect that seeing is believing simultaneously or carry out double authentication, can the scheme of Fig. 3 and Fig. 4 be combined, referring to Fig. 5.

Fig. 5 is the third implementation principle of work synoptic diagram of Electronic Signature of the present invention.Electronic Signature comprises information processing apparatus 502, radio frequency module for reading and writing 503, MIM message input module 505 and print module 501.In order to comprise more information in the information that makes electronic signature; As information such as the date of signing, the bill term of validity, payer, beneficiary; Increased MIM message input module 505 in this programme; Can these information be input to information processing apparatus 502 through MIM message input module 505, as the part of signing messages.And, again signing messages is encrypted the back is printed on electronic bill through print module 501 specific region with both writing in the radio electronic label of electronic bill after the signing messages encryption through radio frequency module for reading and writing 503.

Fig. 6 is the third realization synoptic diagram of Electronic Signature of the present invention.Electronic Signature 600 comprise information processing apparatus 601, interface unit 603 and print module 602 and with external safety component (not drawing in the drawings); Print module 602 is connected with said information processing apparatus 601, and print module 102 can print information on medium; Interface unit 603 is connected with said information processing apparatus 601; While interface unit 603 comprises connector and is connected with external safety component; To carry out encrypted secret key information and AES focuses on external safety component, and can make the use of Electronic Signature more flexible.Print module 602 have one print that surface of contact 610 contacts with medium or near.Compare with the realization of Fig. 1, the realization of Fig. 6 is that the security-related part of Electronic Signature is realized by external safety component.Said safety component comprises security information processing module, rivest, shamir, adelman module and has stored the private key information of signing messages, signature owner.

Fig. 7 is that Electronic Signature of the present invention is realized synoptic diagram for the 4th kind.This programme is to the situation that comprises Electronic Paper in the electronic bill.Realize because the information of Electronic Paper appears through Electronic Paper being carried out electronization, thus its realization and Fig. 1 some is different.Electronic Signature 700 comprises first electrode surface 710 and second electrode surface 703 of information processing apparatus 701 and Electronic Paper electronization module 702 and Electronic Paper electronization; Electronic Paper electronization module 702 is connected with said information processing apparatus 701, and Electronic Paper electronization module 702 can demonstrate information in the Electronic Paper on medium through first electrode surface 710 and second electrode surface 703.First electrode surface 710 and second electrode surface 703 through one slidably web member 705 be connected; Place electronic bill between first electrode surface 710 and second electrode surface 703, and the Electronic Paper part of electronic bill is just in time placed the surface of contact of first electrode surface 710 and second electrode surface 703.Said information processing apparatus 701 comprises the rivest, shamir, adelman module and has stored the private key information of signing messages, signature owner; By said rivest, shamir, adelman module said signing messages, said private key information are carried out calculation process and obtain output information, convert said output information into signed data that said Electronic Paper electronization module 702 is carried out electronization by said information processing apparatus 701.The signed data of electronization can be rendered as a string data usually and be convenient to the human eye perception.But the automatic identification of the inconvenient machine of a string data; Therefore the signed data of printing preferably is with modes such as bar code or two-dimensional bar codes and can adopts now corresponding bar code scanner or two-dimensional bar code reader to carry out automatic reading easily, can realize the automatic identification of signing messages.In this scheme, the public key information of signer is a public information, and can decipher this information with the public key information of signer and obtain raw information.Therefore can differentiate the true and false of the signing messages that Electronic Signature signs automatically through machinery and equipment.

Fig. 8 is the 4th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.The smart card 804 that Electronic Signature comprises information processing apparatus 802 and print module 803 and is connected through intelligent card interface 801, it is the module signal of the principle of work of Fig. 6.Said safety component is with smart card 804, and interface unit adopts intelligent card interface 801.Because smart card is popularized very wide, easy to carry, wieldy characteristics now, therefore also adopt the mode of smart card in the preferred implementation of the present invention.

Fig. 9 is the 5th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.The smart card 904 that Electronic Signature comprises information processing apparatus 902 and radio frequency module for reading and writing 903 and is connected through intelligent card interface 901.Said safety component is with smart card 904, and interface unit adopts intelligent card interface 901.Because smart card is popularized very wide, easy to carry, wieldy characteristics now, therefore also adopt the mode of smart card in the preferred implementation of the present invention.Radio frequency module for reading and writing 903 and said information processing apparatus 902 are connected through radiofrequency signal.This scheme requires in electronic bill, to embed radio electronic label, signing messages is encrypted the back write radio electronic label through radio frequency module for reading and writing 903.After adopting radio electronic label, though its information human eye is invisible, the characteristics of its contactless identification more help the use of Electronic Signature.If people hope to have the effect that seeing is believing simultaneously or carry out double authentication, can the scheme of Fig. 8 and Fig. 9 be combined.

Figure 10 is the 6th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.Than Fig. 9, this concrete implementation has also increased MIM message input module 1005 except that the smart card 904 that comprises information processing apparatus 902 and radio frequency module for reading and writing 903 and be connected through intelligent card interface 901.Can these information be input to information processing apparatus 902 through MIM message input module 1005, as the part of signing messages.

Figure 11 is authentification of message system of the present invention first kind of realization synoptic diagram.The authentification of message system comprises certificate server 1101, information medium 1103, and said certificate server comprises information acquisition parts 1102, enciphering and deciphering algorithm calculating unit, data back.Said information medium 1103 refers generally to electronic bill, also can be other media that need sign, and the surface comprises the cipher-text information of visible signing messages; Said enciphering and deciphering algorithm calculating unit comprises the computing module of enciphering and deciphering algorithm; Stored said information medium owner's approval signing messages in the said data back; Said information acquisition parts 1102 are gathered the cipher-text information on said information medium 1103 surfaces and said cipher-text information are converted into by the cipher-text information data of said certificate server 1101 processing; Said asymmetric enciphering and deciphering algorithm calculating unit is deciphered said cipher-text information data and is obtained signing messages; Said certificate server 1101 is through the whether consistent authentication that realizes information medium of the approval signing messages of storage in advance in more said signing messages and the said data back.

Figure 12 is authentification of message system of the present invention second kind of realization synoptic diagram.The authentification of message system comprises certificate server 1201, information medium 1203, safety feature 1204.Said certificate server 1201 comprises information acquisition parts 1202, data back, safety feature interface unit; Said information medium surface comprises the cipher-text information of visible signing messages; Said safety feature 1204 comprise endorsement person PKI, realized module by endorsement person's private key and decipherment algorithm; Said certificate server 1201 carries out through said safety feature interface unit and said safety feature 1204 that wire signal is connected or wireless signal connects; Stored said information medium 1203 owners' approval signing messages in the said data back; Said information acquisition parts 1202 are gathered the cipher-text information on said information medium surface and said cipher-text information are converted into by the cipher-text information data of said certificate server processing; Said certificate server 1201 is given said safety feature 1204 with the cipher-text information data transfer, is deciphered by 1204 pairs of said cipher-text information data of said safety feature to obtain signing messages and signing messages is passed to said certificate server 1201; Said certificate server 1201 is through the whether consistent authentication that realizes information medium of the approval signing messages of storage in advance in more said signing messages and the said data back.

Figure 13 is the first method synoptic diagram that signs electronically.In step 1301, be that password adopts the algoritic module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with the private key of signer at first with signing messages; In step 1302, convert said encrypt data into printed signature information then, when step 1303, said printed signature information is printed on the information medium at last.The method of this electronic signature is that the implementation with Fig. 1 is the description that Electronic Signature carries out electric endorsement method.

Figure 14 is the second method synoptic diagram that signs electronically.For electronic signature and the electronic bill that has embedded radio electronic label are bound, can be when signing electronically with the identifying information of the information of radio electronic label such as electronic tag part as signing messages.Therefore the endorsement method step is following: at first in step 1400 from radio electronic label read data information; Getting into step 1401 is that password adopts the algoritic module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with said signing messages and said data message with the private key of signer; In step 1402, convert said encrypt data into printed signature information then, when step 1403, said printed signature information is printed on the information medium at last.

Figure 15 is the third method synoptic diagram that signs electronically.Corresponding with the Electronic Signature implementation of Fig. 6; Because Electronic Signature is divided into separable safety component and electronic signature body; Therefore its electric endorsement method step is following: the information communication of at first in step 1500, safety component being carried out information connection and foundation and electronic signature body through the interface unit of electronic signature body; Getting in the step 1301 signing messages is that password adopts the algoritic module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with the private key of signer; In step 1302, convert said encrypt data into printed signature information then, when step 1303, said printed signature information is printed on the information medium at last.

Figure 16 is the 4th kind of method synoptic diagram that signs electronically.For electronic signature and the electronic bill that has embedded radio electronic label are bound, can be when signing electronically with the identifying information of the information of radio electronic label such as electronic tag part as signing messages.Therefore the endorsement method step is following: the information communication of at first in step 1600, safety component being carried out information connection and foundation and electronic signature body through the interface unit of electronic signature body; And in step 1400 from radio electronic label read data information; Getting into step 1401 is that password adopts the algoritic module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with said signing messages and said data message with the private key of signer; In step 1402, convert said encrypt data into printed signature information then, when step 1403, said printed signature information is printed on the information medium at last.

Figure 17 is the first method synoptic diagram that carries out electronics endorsement signature.In step 1701, be that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with endorsement person's private key at first with signing messages; Then in step 1702 to said first operation result being that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data by endorsement person's PKI; Get into step 1703 and convert said encrypt data into printed signature information, in step 1704, said printed signature information is printed on the information medium at last.The signing messages in when signature of generally endorsing comprises endorsement person's information, by endorsement person's information, disburser's information, the person's of honouring information, signature date, the term of validity etc., can a plurality of endorsements signatures be coupled together the continuity that forms the endorsement signature through signing messages.

Figure 18 is the second method synoptic diagram that carries out electronics endorsement signature.For electronic signature and the electronic bill that has embedded radio electronic label are bound, can be when signing electronically with the identifying information of the information of radio electronic label such as electronic tag part as signing messages.Therefore the endorsement method step of endorsing is following: at first in step 1800 from radio electronic label read data information, and in step 1801, be that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with endorsement person's private key with said signing messages and said data message; Then in step 1802 to said first operation result being that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data by endorsement person's PKI; Get into step 1803 and convert said encrypt data into printed signature information, in step 1804, said printed signature information is printed on the information medium at last.The signing messages in when signature of generally endorsing comprises endorsement person's information, by endorsement person's information, disburser's information, the person's of honouring information, signature date, the term of validity etc., can a plurality of endorsements signatures be coupled together the continuity that forms the endorsement signature through signing messages.

Figure 19 is the first method synoptic diagram that carries out electronics reendorse signature.Carrying out reendorse when signature, needing to obtain the information of remote holder signature, with the consistance that guarantees signing messages and prevent that the unauthorized person from carrying out the interests loss of the electronic bill that reendorse causes.Concrete grammar is described below: at first in step 1901, said remote holder signed data deciphered and obtains the remote holder signing messages, in step 1902 with said remote holder signing messages, reendorse signing messages being that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result by endorsement person's PKI; In step 1903, be that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with the private key of signer then to said first operation result; Get into step 1904 and convert said encrypt data into printed signature information, in step 1905, said printed signature information is printed on the information medium at last.

Figure 20 is the second method synoptic diagram that carries out electronics reendorse signature.When being divided into safety component and electronic signature body in the realization of Electronic Signature, when it carries out the reendorse signature, need earlier safety component and electronic body to be set up being connected of information.Concrete grammar is described below: the information communication of at first in step 2000, safety component being carried out information connection and foundation and electronic signature body through the interface unit of electronic signature body; And in step 1901, said remote holder signed data deciphered and obtains the remote holder signing messages, in step 1902 with said remote holder signing messages, reendorse signing messages being that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result by endorsement person's PKI; In step 1903, be that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with the private key of signer then to said first operation result; Get into step 1904 and convert said encrypt data into printed signature information, in step 1905, said printed signature information is printed on the information medium at last.

Figure 21 is the first method synoptic diagram that carries out electron underwriting authentication.Electronic Signature of the present invention is after signing on the electronic bill; When the authentification of message system among employing the present invention carries out authentication to signing messages; Its implementation is following: at first in step 2101, gather the cipher-text information of the conduct signature that is printed on the electronic bill, in step 2102 said cipher-text information deciphering is obtained signing messages then; Then judge in step 2103 whether the approval signing messages that said signing messages and said authentification of message system store matees; If getting into step 2104, coupling shows authentication success; Get into step 2105 if do not match and show authentification failure.

Figure 22 is the second method synoptic diagram that carries out electron underwriting authentication.The public key information that the invention allows for employing signer when signing messages is carried out asymmetric encryption need use by endorsement person's private key information when therefore deciphering, and private key information belongs to endorsement person's security information as key.Proposed in the present invention and will have been made independently safety feature by endorsement person's private key information and decipherment algorithm; When carrying out authentification of message; Safety feature is connected with the authentification of message system, and the deciphering of information is accomplished by safety feature, can guarantee can not leaked by endorsement person's security information.Concrete authentication method is: the cipher-text information of at first in step 2201, gathering the conduct signature that is printed on the electronic bill; In the system of authentification of message described in the step 2202 cipher-text information is passed to safety feature through wire communication mode and/or wireless communication mode then, by said safety feature said cipher-text information data are deciphered and obtain signing messages and signing messages is passed to said authentification of message system; Then judge in step 2203 whether the approval signing messages that said signing messages and said authentification of message system store matees; If getting into step 2204, coupling shows authentication success; Get into step 2205 if do not match and show authentification failure.

Claims

1. the Electronic Signature of an external safety component dorsal support bookmark name is characterized in that on medium, signing, and comprises like lower component:

Safety component, said safety component comprises security information processing module and enciphering algorithm module, and said safety component has been stored signing messages, endorsement person's private key information and by endorsement person's public key information;

Electronic signature body comprises interface unit, information processing apparatus, print module;

Said safety component will to be password carry out cryptographic calculation to said signing messages handles and obtain cipher-text information and through said interface unit said cipher-text information is passed to said information processing apparatus with said endorsement person's private key information with by endorsement person's public key information by said enciphering algorithm module, converts said cipher-text information into signed data that said print module prints by said information processing apparatus.

2. the Electronic Signature of an external safety component dorsal support bookmark name is characterized in that signing comprising on the medium of electronic unit, comprises like lower component:

Electronic signature body comprises interface unit, information processing apparatus, print module, module for reading and writing;

Said module for reading and writing is connected with said information processing apparatus, and said module for reading and writing writes data and/or reading of data from electronic unit in electronic unit;

Said safety component will to be password carry out cryptographic calculation to said signing messages handles and obtain cipher-text information and through said interface unit said cipher-text information is passed to said information processing apparatus with said endorsement person's private key information with by endorsement person's public key information by said enciphering algorithm module, converts said cipher-text information into signed data that said module for reading and writing writes in electronic unit by said information processing apparatus; And/or convert said cipher-text information into signed data that said print module prints by said information processing apparatus.

3. the Electronic Signature of an external safety component dorsal support bookmark name is characterized in that signing comprising on the medium of electronic unit, comprises like lower component:

Said safety component will to be password carry out cryptographic calculation to said signing messages handles and obtain cipher-text information and through said interface unit said cipher-text information is passed to said information processing apparatus with said endorsement person's private key information with by endorsement person's public key information by said enciphering algorithm module;

Convert the first of said cipher-text information into signed data that said module for reading and writing writes in electronic unit by said information processing apparatus, and/or convert the second portion of said cipher-text information into signed data that said print module prints by said information processing apparatus; Perhaps

Convert the first of said cipher-text information into signed data that said module for reading and writing writes in electronic unit by said information processing apparatus, and convert said cipher-text information whole into signed data that said print module prints by said information processing apparatus; Perhaps

Convert said cipher-text information whole into signed data that said module for reading and writing writes in electronic unit by said information processing apparatus, and convert the second portion of said cipher-text information into signed data that said print module prints by said information processing apparatus.

4. the Electronic Signature of an external safety component dorsal support bookmark name is characterized in that signing comprising on the medium of electronic unit, comprises like lower component:

Said safety component will convert said cipher-text information into signed data that said module for reading and writing writes by said information processing apparatus by said enciphering algorithm module with said endorsement person's private key information with carried out the cryptographic calculation processing by endorsement person's the public key information information that to be password forms the data that from electronic unit, read and said signing messages jointly and obtain cipher-text information and through said interface unit said cipher-text information is passed to said information processing apparatus in electronic unit; And/or convert said cipher-text information into signed data that said print module prints by said information processing apparatus.

5. the Electronic Signature of an external safety component dorsal support bookmark name is characterized in that signing comprising on the medium of electronic unit, comprises like lower component:

Said safety component will be by said enciphering algorithm module with said endorsement person's private key information with carried out the cryptographic calculation processing by endorsement person's the public key information information that to be password forms the data that from electronic unit, read and said signing messages jointly and obtain cipher-text information and through said interface unit said cipher-text information is passed to said information processing apparatus;

6. according to each described Electronic Signature in the claim 1 to 3, it is characterized in that said enciphering algorithm module support rivest, shamir, adelman;

It is to be that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with endorsement person's private key partly or entirely with signing messages that said cryptographic calculation is handled; With signing messages partly or entirely being that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain second operation result, said first operation result and said second operation result are combined as encrypt data in certain sequence by endorsement person's PKI.

7. according to each described Electronic Signature in the claim 4 to 5, it is characterized in that said enciphering algorithm module support rivest, shamir, adelman;

Said cryptographic calculation handle be with the data that from electronic unit, read, said signing messages being that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result by endorsement person's PKI, be that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data to said first operation result with endorsement person's private key; Perhaps

It is to be that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with the data that from electronic unit, read, said signing messages with endorsement person's private key that said cryptographic calculation is handled, to said first operation result being that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data by endorsement person's PKI; Perhaps

It is to be that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with endorsement person's private key partly or entirely with data that from electronic unit, read and the common information of forming of said signing messages that said cryptographic calculation is handled; The common information of forming of data that will from electronic unit, read and said signing messages partly or entirely being that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain second operation result, said first operation result and said second operation result are combined as encrypt data in certain sequence by endorsement person's PKI.

8. according to each described Electronic Signature in the claim 1 to 5, it is characterized in that:

Said electronic signature body further comprises keyboard device, and said information processing apparatus is handled the input information of said keyboard device.

9. according to each described Electronic Signature in the claim 1 to 5, it is characterized in that:

Said safety component further comprises keyboard device, and said security information processing module is handled the input information of said keyboard device.

10. according to each described Electronic Signature in the claim 1 to 5, it is characterized in that:

Said electronic signature body further comprises radio receiving transmitting module, and said information processing apparatus is handled from the information of said radio receiving transmitting module and the information of the said radio receiving transmitting module transmission of control.

11., it is characterized in that according to each described Electronic Signature in the claim 1 to 5:

Said safety component further comprises radio receiving transmitting module, and said security information processing module is handled from the information of said radio receiving transmitting module and the information of the said radio receiving transmitting module transmission of control.

12., it is characterized in that according to each described Electronic Signature in the claim 1 to 5:

Said safety component is a contact intelligent card, and said interface unit is an intelligent card interface; Or

Said safety component is the usb key card, and said interface unit is a USB; Or

Said safety component is a contact type intelligent card, and said interface unit is a wireless radio interface; Or

Said safety component is the contact safe memory card, and said interface unit is pcmcia interface or Micro SD interface or memory block interface.

13., it is characterized in that according to each described Electronic Signature in the claim 1 to 5:

Said electronic signature body further comprises display unit, and said information processing apparatus is controlled the displaying contents of said display unit.

14., it is characterized in that according to each described Electronic Signature in the claim 1 to 5:

Said safety component further comprises display unit, and said security information processing module is controlled the displaying contents of said display unit.