摘要
数字证书是认证系统中的核心,随着公共密钥基础设施(PKI)的建立和认证中心(CA)的建设,用于身份认证和实体鉴别的身份证书已形成了完备的体系。X.509中对身份数字证书的结构、申请、使用、废止等进行了详细的描述,X.509数字身份证书已成为事实上的标准,国内外的CA建设方案大都采用了该证书标准。事实上,认证系统要解决的问题除了身份认证外,另一类重要的应用在于对消息完整性的鉴别,而目前在消息完整性认证理论中却没有提出相应的理论和标准,文章在研究了消息认证的基础上提出了消息数字证书的概念,设计了一类数字消息证书,并对这类数字消息证书的应用与实现中的相关问题进行了探讨。
Digital certificate is a significant part in authentication system.With the developing of PKI (Public Key In-frastructure)and CA,the theory of digital identification certificate come into being in recent years.X.509gives a declara-tion in detail about the certificate's format,request,revocation etc.X.509has become the actual standard in appliance.Hence,most of CA construction schemes adopt X.509.However,the target of an authentication system is not only identi-fication,but also verify the integrity of message.But there is no such theory and standards about message verify.In this paper,the authors present a new concept-digital Message-Certificate.The authors have been designed a kink of digital Message-Certificate,and have been discussed the problems in implementation and appliance of the digital Message-Cer-tificate.
出处
《计算机工程与应用》
CSCD
北大核心
2002年第10期71-73,共3页
Computer Engineering and Applications
基金
国家自然科学基金资助项目(编号:69873037)
国家863高技术研究发展计划项目(编号:863-301-3-2)
