CN101727610A - Personal safety electronic signature method based on notarization stamp of notarization institution - Google Patents
Personal safety electronic signature method based on notarization stamp of notarization institution Download PDFInfo
- Publication number
- CN101727610A CN101727610A CN200810046433A CN200810046433A CN101727610A CN 101727610 A CN101727610 A CN 101727610A CN 200810046433 A CN200810046433 A CN 200810046433A CN 200810046433 A CN200810046433 A CN 200810046433A CN 101727610 A CN101727610 A CN 101727610A
- Authority
- CN
- China
- Prior art keywords
- signature
- notarization
- text
- user
- electronic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a personal safety electronic signature method based on a notarization stamp of a notarization institution. The technology of the notarization stamp of the certification institution is adopted, the unique status and function of certification right bestowed by law of notarization institutions are fully utilized, the notarization stamp is applied to various links of electronic signatures, such as user identity identification, user electronic signature making, user identity verification, user signature and electronic text transmission and verification, thereby ensuring the reality of the user identity, ensuring the validity of personal electronic signature, the integrity of electronic files and the non-repudiation in the course of electronic signature, thus a safe electronic signature method based on the notarization stamp formed. A CA certification authority mode under the current PKI system is replaced, thereby effectively avoiding the drawback of non-uniform technical standard generated by the PKI system, low certification authority and impartiality, greatly changed accustomed trade mode, low commonality caused by obvious territoriality and industry, and the like, therefore, the rapid development of electronic businesses and electronic government affairs is effectively promoted.
Description
One. technical field
The present invention discloses a kind of personal security's electric endorsement method, particularly stabs based on notary organization notarization rather than based on the safe electronic endorsement method of at present common PKI system digital certificate.
Two. background technology
In current informationization and network times, the idiograph of electronization is widely used in people's daily life and work.For example, sign contract, order, paying etc. on the net in the ecommerce; Purchase the file signature of goods, engineering and service behavior in the online government procurement; Bank money, inter-bank operation, online payment of duty, online secorities trading, insurance business in finance, financial accounting, the insurance industry; Application such as office automation field such as document transfer tube reason, telecommunication, accounting Electronic Data Processing, personnel management in the enterprise information system; And the signature etc. of various electronic bits of datas, report and file in the scientific research.
The personal electric signature promptly is that the individual confirms the signature of various e-files.E-file is to produce and store by computing machine and at the text and the figure of transmission over networks, different with traditional handwritten signature, because e-file and electronic signature all are to exist with electronic form, so the encryption of the affirmation of participant's true identity, information stores and transmission, and the non repudiation that guarantees the integrality of text and signature process is four key elements of the electric signing system security that must solve.
The security technique that the existing electronic signature product of China is adopted almost all is PKI system i.e. " public key architecture ".PKI (Public Key Infrastructure) is a kind of key management platform of following set standard, is the infrastructure that security service is provided of utilizing the PKI theory and technology to set up.The basic technology of PKI comprises encryption, digital signature, data integrity mechanism, digital envelope, dual digital signature etc.Complete PKI system must have authenticating authority mechanism (CA), digital certificate storehouse, key backup and recovery system, certificate calcellation system, application interface basic comprising parts such as (API).In the PKI system, e-file signatory's identity is confirmed by its digital certificate of holding, and digital certificate is signed and issued by having authenticating authority mechanism (CA), and it is the core of PKI.Because the importance of CA in the PKI system, if CA mechanism is dangerous or the digital certificate of granting does not have authority, fairness and trustworthiness, ecommerce is not just known where to begin at all.The signature and the distribution of all entity certificates is responsible at the CA safety certification center.The CA safety certification system is made up of certificate departments of examination and approval and certificate operation department.From view of theory, the security of PKI system is present best solution.But, PKI is also pessimistic in the present application situation of China, and national departments concerned has been carried out a large amount of guiding popularizations, only sees with regard to construction and the ruuning situation of CA, domestic ca authentication organizational construction still is in disordered state, and the practical application situation is very undesirable.Trace it to its cause, have some relations with the existing following problem of CA:
1. from technological layer, because the PKI core technology is subjected to the influence of u.s. export restriction, domestic ca authentication technology is researched and developed one's very own, because participating department is a lot, has caused the standard disunity, existing international current standard, the standard that independent research is arranged again, even if same standard, its core content is deviation to some extent also, cause occurring in the cross-certification process situation of " each says he is right " thus.
2. from application, number of C A certification authority is rigorous inadequately to the granting and the audit of certificate.Though the audit of true identity is also done one's utmost to carry out in domestic relevant CA center before issuing CA certificate at present, but the personnel that examine owing to be correlated with are the staff at CA center oneself or the other staff of its trust often, do not possess desired legally audit reference qualification from these auditors of legal principle, also can't corresponding legal responsibilities; Present on the other hand CA center itself often also is a side of transaction or contract, ordering about of commercial interest, there is unfairness unavoidably, in order to seize market, strict status is confirmed and certificate is just arbitrarily provided in checking not carrying out, be difficult to guarantee the authority and the fairness that authenticate, the certificate legal agency of this background granting is difficult to accept and believe fully.
3. on business model, ecommerce based on the PKI security platform is in service, it is the participation of CA that both parties must have the third party at trading time period, for example digital certificate issues and online verification etc., the pattern that only needs both parties to participate in getting final product with traditional transaction has very big change, makes both parties feel uncomfortable.
4. on Distribution Pattern, China does not also set up at present national authoritative ca authentication mechanism, according to self needs, many industries and enterprise drop into a huge sum of money one after another and set up the ca authentication mechanism of oneself, because these ca authentication mechanisms exist tangible region and professional, can't satisfy the basic demand of serving as fully towards third party's authenticating authority mechanism of the whole society, and with regard to the internet, should can not there be the region restriction yet, the region of ca authentication mechanism and professional cause the enterprise of the many PKI of entering systems and the electronic transaction that unit could not realize and stride this locality or industry smoothly, this present situation has seriously restricted the practical application of PKI system in China, its result causes the construction of the security platform of Electronic Commerce in China and E-Government can't obtain satisfied propelling always, and also the normal development to Electronic Commerce in China and E-Government has produced adverse influence.
Notary system is the preventative structure of the law of a current international practice, be the specialized agency and the professional thereof of state's laws mandate, through litigant's application,, prove the structure of the law of its authenticity, legitimacy, legitimacy to the relevant law behavior, by the document and the fact of legal sense.The preventive measure of notary system and to the appropriateness intervention of people's business activity for ensureing transaction security, is dissolved transaction risk, reduces cost of judicial, alleviates litigant's caseloads, and strengthening the social credibility construction has irreplaceable vital role undoubtedly.Notarization is the application of notary organization according to nature person, legal person or its hetero-organization, according to legal procedure to the authenticity of act in-the-law, the fact that legal sense is arranged and document, the activity that legitimacy is proved, notarization is a sign that society is sincere, it is the system of a national preclude disputes, be the means that reduce the marketing risk, reduce the dependence of right relief cost especially.Notary organization sets up in accordance with the law, does not accomplish the object of profit making, independent in accordance with the law public welfare and non-profit-making certifying authority of exercising attest function, independent by bear civil liability.Notary organization or notary public obtain and exercise this proof power by the mode of state's laws mandate.Through the item of certification by a notary, has preferential evidential effect and the corresponding effectiveness of executing in accordance with the law.At present notarization mechanism of the existing thousands of families of China has covered all parts of the country with relevant professional website, proves the basis of having established legal principle and enforcement for the unit that participates in e-commerce and e-government and enterprise and even individual provide the public affairs of legal identity to believe.Therefore, especially introducing this link of notary organization in e-commerce and e-government in the safe electronic signature system makes it give full play to the proof that law authorizes to weigh this unique status and effect, many challenges that the ca authentication organizational construction is faced under the PKI system of can effectively preventing, thus the fast development of Electronic Commerce in China and E-Government effectively promoted.
Signature to e-file may comprise Electronic Signature (official seal) and two kinds of affirmations of electronic signature (idiograph) link.Obligee of the present invention had before applied for 200810046234.4 patents " the safe electronic signature method that stabs based on notary organization's notarization ", this patented method be primarily aimed at notary organization's notarization stamp technology in the safe electronic stamped signature application and design.The present invention then be primarily aimed at notary organization notarization stamp technology in personal security's electronic signature application and design.It is supporting that two patents can form application in practice as the case may be.
Three. summary of the invention
The purpose that the present invention is based on personal security's electric endorsement method of notary organization's notarization stamp is to provide a kind of new personal security's electric endorsement method, the security of this method is based on the notarization stamp of notary organization rather than based on common PKI system, with the effect of the existing notary organization of performance China, avoid the existing some deficiencies of PKI system.
For realizing the present invention's purpose, the invention provides a kind of new safe electronic endorsement method, may further comprise the steps:
A, user real identification notarization.The user submits true legal proof of identification and idiograph's sample to notary organization, notary organization provides papery notarization file, provide a description the e-file of this notarial document key message and notary organization's industrial and commercial registration information simultaneously, be called " notarization is stabbed " among the present invention.Form notarization stamp summary with the HASH coding and stab encryption and package, the stamp information of notarizing can not be changed with notarization.The electronic edition of this notarization literary composition and notarization are stabbed in notarization machine system database and are retained its copy.
B, personal electric signature are made.The electronic pictures that idiograph's sample is processed to form imports the individual subscriber special-purpose ActiveX control of signing, and in this ActiveX control, be encapsulated into the individual subscriber signature key, notarization is stabbed, stab with HASH coding formation summary and idiograph, user key, notarization then and carry out encryption and package, make individual subscriber signature and notarization stab and to change, thereby guarantee the authenticity and the legitimacy of individual subscriber signature.Individual subscriber signature, individual subscriber signature key, notarization are stabbed and summary info can be stored in the dedicated storage means according to actual conditions.
C, subscriber authentication.The user provides through the notarization of the own legal identity of proof of special stores processor and stabs system, and the system decrypts notarization is stabbed and content is stabbed in the checking notarization.Can be verified by the network-in-dialing notary organization's server of awaring a certificate in case of necessity.
D, user's signature.During signature, system at first verifies the individual subscriber signature key, after by the checking of individual subscriber signature key, its user's electronic of user's may command special-purpose ActiveX control of signing, implement signature operation in the e-text appropriate location, perhaps according to circumstances system implements the signature operation set at desired location automatically.
In case the user determines signature and finishes that system will generate two packets: signature text packets and decruption key bag:
At first, system obtains summary and the encryption and package that e-text, user's electronic signature and notarization are stabbed by the HASH encryption algorithm, and forming three's signature text that is mutually related, but the signature text after the encapsulation is packed with the operating file form.When different user adds new signature at same e-text, system will obtain the summary and the encryption and package of e-text, the user's that bears the signature electronic signature and the user's that bears the signature notarization stamp by hashing algorithm, with be mutually related " the signature text packets " that the notarization that forms new e-text, the user's that born the signature electronic signature and the user that born the signature is stabbed, follow-up signature operation can not be made amendment to the e-text and the signing messages of previous signature and the stamp information of notarizing.
After this, system generates required " the decruption key bag " of this " signature text packets " deciphering automatically.This decruption key bag comprises signature text packets decruption key, stab with correlation tag, the notarization of signature text packets and obtain this three's summary by the HASH encryption algorithm, and system carries out encryption and package with these information, but and packs with the operating file form.In " decruption key bag " generative process, can increase the operation of User Defined decruption key as required.
E, e-text transmission and checking.The present invention adopts security and the non repudiation of two step transmission methods to guarantee that e-text sends.
The first step sends: when transmit leg confirms that system only sends the signature text packets when other addresses send the signature text.The take over party system at first checks by the summary info that receives whether received file is changed or destroyed, to confirm the integrality of file.When needing deciphering to use e-text, system at first generates one " electronics payment received letter ", and this electronics payment received letter content comprises take over party's system's register information, take over party address, time of reception, take over party notarize stamp, letter in reply time, letter in reply take over party address information etc.Electronics payment received letter sends to transmit leg by the transmission address of e-file.
Second goes on foot transmission: after transmit leg receives and confirms " the electronics payment received letter " of signature text, this " decruption key bag " of signing the text correspondence is sent to the take over party.The take over party system is after receiving " decruption key bag ", and click can use this packet that " signature text packets " is decrypted use after making it to move automatically and unpacking.The electronics authority that e-file sends and receives is retained and be can be used as to " electronics payment received letter " in the transmit leg system.Certainly, " the signature text packets " retained in the reciever system can be used as the proof that transmit leg has sent e-file.
Result of use of the present invention is:
The present invention is on the basis of the validity, integrality and the non repudiation that guarantee electronic signature, adopt notary organs' notarization stamp technology, make full use of the mode of notary organization by the state's laws mandate and obtain and exercise this proof power, item through its certification by a notary has preferential evidential effect in accordance with the law and executes special status and the function that this law of effectiveness is authorized accordingly, and covers distribution service mechanism in all parts of the country.The simple extension of carrying out special value-added service on the original functional basis of notary organization gets final product smooth implementation " electronic signature and legal identity notarization " work.Substitute present ca authentication mechanic mode thus, the technical standard disunity that can effectively avoid causing, the authority of authentication and fairness is not high, bigger change takes place the trade mode of custom and significantly region and professional cause the not high drawback of versatility by the PKI system.
Four. description of drawings
Fig. 1 is the logical process schematic flow sheet that the present invention is based on the safe electronic endorsement method of notary organization's notarization stamp.
Five. embodiment
Embodiment 1
Present embodiment explanation the present invention is based on the preservation of information such as user's electronic signature, user key, notary organization's notarization stamp under the conventional applicable cases in the safe electronic endorsement method that notary organization's notarization stabs.The dedicated storage means of information such as storage family, field electronic signature in the present embodiment,, user key, notary organization's notarization stamp adopts USB-KEY.Occasion such as common e-commerce and e-government and common personal document's data confirm that occasion all can adopt this scheme.
Embodiment 2
Present embodiment explanation the present invention is based on the preservation of information such as user's electronic signature, user key, notary organization's notarization stamp under the special cases in the safe electronic endorsement method that notary organization's notarization stabs.In the present embodiment, the dedicated storage means of information such as storage user's electronic signature, user key, notary organization's notarization stamp adopts through custom-designed isolated plant.This scheme can be adopted in some special application scenarios.
Embodiment 3
Present embodiment explanation the present invention is based on the preservation of information such as user's electronic signature, user key, notary organization's notarization stamp under bank's IC-card applicable cases in the safe electronic endorsement method that notary organization's notarization stabs.Need provide the notarization and the notarization of notary organization to stab when in the present embodiment, the user opens the books the family.Information such as user's electronic signature, user key, notary organization's notarization stamp will directly store in the IC-card.When the user carried out the transaction of storage/access money on electric terminals such as bank ATM, the true and false of differentiating user identity was stabbed in the notarization of directly reading in the IC-card, and keeps information such as user's electronic signature, user key in Flow Record.The user's electronic signature can be printed on this transaction authority during the printout of transaction authority.
Claims (1)
1. based on personal security's electric endorsement method of notary organization's notarization stamp, it is characterized in that may further comprise the steps:
A, user real identification notarization.The user submits true legal proof of identification and idiograph's sample to notary organization, notary organization provides papery notarization file, provide a description the e-file of this notarial document key message and notary organization's industrial and commercial registration information simultaneously, be called " notarization is stabbed " among the present invention.Form notarization stamp summary with the HASH coding and stab encryption and package, the stamp information of notarizing can not be changed with notarization.The electronic edition of this notarization literary composition and notarization are stabbed in notarization machine system database and are retained its copy.
B, personal electric signature are made.The electronic pictures that idiograph's sample is processed to form imports the individual subscriber special-purpose ActiveX control of signing, and in this ActiveX control, be encapsulated into the individual subscriber signature key, notarization is stabbed, stab with HASH coding formation summary and idiograph, user key, notarization then and carry out encryption and package, make individual subscriber signature and notarization stab and to change, thereby guarantee the authenticity and the legitimacy of individual subscriber signature.Individual subscriber signature, individual subscriber signature key, notarization are stabbed and summary info can be stored in the dedicated storage means according to actual conditions.
C, subscriber authentication.The user provides through the notarization of the own legal identity of proof of special stores processor and stabs system, and the system decrypts notarization is stabbed and content is stabbed in the checking notarization.Can be verified by the network-in-dialing notary organization's server of awaring a certificate in case of necessity.
D, user's signature.During signature, system at first verifies the individual subscriber signature key, after by the checking of individual subscriber signature key, its user's electronic of user's may command special-purpose ActiveX control of signing, implement signature operation in the e-text appropriate location, perhaps according to circumstances system implements the signature operation set at desired location automatically.
In case the user determines signature and finishes that system will generate two packets: signature text packets and decruption key bag:
At first, system obtains summary and the encryption and package that e-text, user's electronic signature and notarization are stabbed by the HASH encryption algorithm, and forming three's signature text that is mutually related, but the signature text after the encapsulation is packed with the operating file form.When different user adds new signature at same e-text, system will obtain the summary and the encryption and package of e-text, the user's that bears the signature electronic signature and the user's that bears the signature notarization stamp by hashing algorithm, with be mutually related " the signature text packets " that the notarization that forms new e-text, the user's that born the signature electronic signature and the user that born the signature is stabbed, follow-up signature operation can not be made amendment to the e-text and the signing messages of previous signature and the stamp information of notarizing.
After this, system generates required " the decruption key bag " of this " signature text packets " deciphering automatically.This decruption key bag comprises signature text packets decruption key, stab with correlation tag, the notarization of signature text packets and obtain this three's summary by the HASH encryption algorithm, and system carries out encryption and package with these information, but and packs with the operating file form.In " decruption key bag " generative process, can increase the operation of User Defined decruption key as required.
E, e-text transmission and checking.The present invention adopts security and the non repudiation of two step transmission methods to guarantee that e-text sends.
The first step sends: when transmit leg confirms that system only sends the signature text packets when other addresses send the signature text.The take over party system at first checks by the summary info that receives whether received file is changed or destroyed, to confirm the integrality of file.When needing deciphering to use e-text, system at first generates one " electronics payment received letter ", and this electronics payment received letter content comprises take over party's system's register information, take over party address, time of reception, take over party notarize stamp, letter in reply time, letter in reply take over party address information etc.Electronics payment received letter sends to transmit leg by the transmission address of e-file.
Second goes on foot transmission: after transmit leg receives and confirms " the electronics payment received letter " of signature text, this " decruption key bag " of signing the text correspondence is sent to the take over party.The take over party system is after receiving " decruption key bag ", and click can use this packet that " signature text packets " is decrypted use after making it to move automatically and unpacking.The electronics authority that e-file sends and receives is retained and be can be used as to " electronics payment received letter " in the transmit leg system.Certainly, " the signature text packets " retained in the reciever system can be used as the proof that transmit leg has sent e-file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810046433A CN101727610A (en) | 2008-10-31 | 2008-10-31 | Personal safety electronic signature method based on notarization stamp of notarization institution |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810046433A CN101727610A (en) | 2008-10-31 | 2008-10-31 | Personal safety electronic signature method based on notarization stamp of notarization institution |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101727610A true CN101727610A (en) | 2010-06-09 |
Family
ID=42448476
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810046433A Pending CN101727610A (en) | 2008-10-31 | 2008-10-31 | Personal safety electronic signature method based on notarization stamp of notarization institution |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101727610A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106330872A (en) * | 2016-08-16 | 2017-01-11 | 广州比特软件科技有限公司 | Rapid qualification authentication method and system based on voucher |
| CN109544412A (en) * | 2018-10-09 | 2019-03-29 | 重庆易保全网络科技有限公司 | Strong notarization method, apparatus, storage medium and equipment are assigned online |
| CN109801191A (en) * | 2018-12-14 | 2019-05-24 | 法信公证云(厦门)科技有限公司 | A kind of legal document is sent to method, collection methods and system |
| CN112132573A (en) * | 2019-06-24 | 2020-12-25 | 鄢华中 | CA (certificate Authority) and Key removal electronic signature and electronic contract system based on block chain |
-
2008
- 2008-10-31 CN CN200810046433A patent/CN101727610A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106330872A (en) * | 2016-08-16 | 2017-01-11 | 广州比特软件科技有限公司 | Rapid qualification authentication method and system based on voucher |
| CN109544412A (en) * | 2018-10-09 | 2019-03-29 | 重庆易保全网络科技有限公司 | Strong notarization method, apparatus, storage medium and equipment are assigned online |
| CN109801191A (en) * | 2018-12-14 | 2019-05-24 | 法信公证云(厦门)科技有限公司 | A kind of legal document is sent to method, collection methods and system |
| CN112132573A (en) * | 2019-06-24 | 2020-12-25 | 鄢华中 | CA (certificate Authority) and Key removal electronic signature and electronic contract system based on block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107180350B (en) | Method, device and system for multi-party sharing transaction metadata based on block chain | |
| CN109829824B (en) | Commodity transaction information sharing method based on block chain technology | |
| US20180204191A1 (en) | Secure Digital Data Operations | |
| CN105701367B (en) | The original business works safety system in internet | |
| WO2020082868A1 (en) | Block chain-based claim settlement method and apparatus | |
| US10410214B2 (en) | System and method for financial transaction validation | |
| US20210382620A1 (en) | Distributed storage of custom clearance data | |
| CN106570710A (en) | Commodity anti-counterfeiting method and device | |
| EP3841507B1 (en) | User management of blockchain-based custom clearance service platform | |
| CN111418184A (en) | Credible insurance letter based on block chain | |
| Chen et al. | An IoT-based traceable drug anti-counterfeiting management system | |
| CN101714222A (en) | Safe electronic stamping method based on notarization stamp of notarization institution | |
| CN101447985A (en) | Digital credentials method based on notarization information | |
| EP3841491A2 (en) | Blockchain-based smart contract pools | |
| Li et al. | A decentralized and secure blockchain platform for open fair data trading | |
| CN109858904A (en) | Data processing method and device based on block chain | |
| CN111417945A (en) | Credible insurance letter based on block chain | |
| EP3844942B1 (en) | Blockchain-based message services for time-sensitive events | |
| CN111936994A (en) | Block chain based document registration for customs clearance | |
| CN110502931B (en) | Block chain-based internet arbitration and privacy protection method | |
| CN101727610A (en) | Personal safety electronic signature method based on notarization stamp of notarization institution | |
| CN104240121A (en) | Anonymous transaction method in e-commerce | |
| CN101763609A (en) | Virtual transaction evidence-obtaining method based on data signature and video technology | |
| Smith | The role of the notary in secure electronic commerce | |
| CN114741734A (en) | Drug anti-counterfeiting traceability cloud chain data multi-party safe computing method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20100609 |