Chữ ký điện tử

Ch k in t
1. Khi nim ch k in t v chng ch in t.
Trong cuc sng hng ngy, ta cn dng ch k xc nhn cc vn bn ti liu no v c th dng con du vi gi tr php l cao hn i km vi ch k. Cng vi s pht trin nhanh chng ca cng ngh thng tin, cc vn bn ti liu c lu di dng s, d dng c sao chp, sa i. Nu ta s dng hnh thc ch k truyn thng nh trn s rt d dng b gi mo ch k. Vy lm sao c th k vo cc vn bn, ti liu s nh vy? Cu tr li l s dng ch k in t! Ch k in t i km vi cc thng tin ch s hu v mt s thng tin cn thit khc s tr thnh Chng ch in t. Vy ch k in t v chng ch in t hot ng nh th no? Ch k in t hot ng da trn h thng m ha kha cng khai. H thng m ha ny gm hai kha, kha b mt v kha cng khai (khc vi h thng m ha kha i xng, ch gm mt kha cho c qu trnh m ha v gii m). Mi ch th c mt cp kha nh vy, ch th s gi kha b mt, cn kha cng khai ca ch th s c a ra cng cng bt k ai cng c th bit. Nguyn tc ca h thng m ha kha cng khai l, nu ta m ha bng kha b mt th ch kha cng khai mi gii m thng tin c, v ngc li, nu ta m ha bng kha cng khai, th ch c kha b mt mi gii m c. Qu trnh k vn bn ti liu ng dng h thng m ha trn din ra nh th no? Trc ht, gi s anh A c ti liu TL cn k. Anh A s m ha ti liu bng kha b mt thu c bn m TL. Nh vy ch k trn ti liu TL ca anh A, chnh l bn m TL. Sau khi k nh vy, lm sao xc nhn ch k? Gi s anh B mun xc nhn ti liu TL l ca anh A, vi ch k l bn m TL. Anh B s dng kha cng khai ca anh A gii m bn m TL ca anh A. Sau khi gii m, anh B thu c mt bn gii m TL, anh ta so snh bn gii m TL ny mi ti liu TL. Nu bn gii m TL ging vi ti liu TL th ch k l ng ca anh A. Nhng vn c th xy ra l g? Mt s trng hp xy ra vi ch k in t, cng ging nh cc trng hp xy ra vi ch k truyn thng. V d, khi ti liu TL ca A b thay i (d ch mt k t, mt du chm, hay mt k hiu bt k), khi B xc nhn, anh ta s thy bn gii m TL khc vi ti liu TL ca anh A. B s kt lun rng ti liu b thay i, khng phi l ti liu anh A k. Trng hp khc, nu anh A l kha b mt, ngha l vn bn ti liu ca anh c th k bi ngi khc c kha b mt ca A. Khi mt ai xc nhn ti liu c cho l ca A k, ch k vn l hp l, mc d khng phi chnh A k. Nh vy, ch k ca A s khng cn gi tr php l na. Do , vic gi kha b mt l tuyt i quan
trng trong h thng ch k in t. Chng ch s l g? Trong trng hp v d trn, anh A c mt cp kha c th k trn vn bn, ti liu s. Tng t nh vy, anh B hay bt c ai s dng ch k in t, u c mt cp kha nh vy. Kha b mt c gi ring, cn kha cng khai c a ra cng cng. Vy vn t ra l lm th no bit mt kha cng khai thuc v A, B hay mt ngi no ? Hn na, gi s trong mi trng giao dch trn Internet, cn s tin cy cao, A mun giao dch vi mt nhn vt X. X v A cn trao i thng tin c nhn cho nhau, cc thng tin gm h tn, a ch, s in thoi, email Vy lm sao A c th chc chn rng mnh ang giao dch vi nhn vt X ch khng phi l ai khc gi mo X? Chng ch s c to ra gii quyt vn ny! Chng ch s c c ch xc nhn thng tin chnh xc v cc i tng s dng chng ch s. Thng tin gia A v X s c xc nhn bng mt bn trung gian m A v X tin tng. Bn chung gian l nh cung cp chng ch s CA (Certificate Authority). CA c mt chng ch s ca ring mnh, CA s cp chng ch s cho A v X cng nh nhng i tng khc. Tr li vn trn, A v X s c cch kim tra thng tin ca nhau da trn chng ch s nh sau: khi A giao dch vi X, h s chuyn chng ch s cho nhau, ng thi h cng c chng ch s ca CA, phn mm ti my tnh ca A c c ch kim tra chng ch s ca X c hp l khng, phn mm s kt hp chng ch s ca nh cung cp CA v chng ch ca X thng bo cho A v tnh xc thc ca i tng X. Nu phn mm kim tra v thy chng ch ca X l ph hp vi chng ch CA, th A c th tin tng vo X. C ch ch k in t v chng ch s s dng cc thut ton m ha m bo khng th gi mo CA cp chng ch khng hp php, mi chng ch gi mo u c th d dng b pht hin. Tr li tnh hung trn, vi c ch chng ch s, mi chng ch u c cng khai bt k ai cng c th truy cp c. Vy trong chng ch s c nhng tham s g? Theo c ch ch k in t nh cp trn th trong chng ch, mt tham s quan trng phi c l kha cng khai. Ngoi ra chng ch s cn cha cc thng tin v danh tnh ca i tng c cp chng ch, bao gm thng tin v ch s hu chng ch nh email, s in thoi cc thng tin ny l ty chn theo qui nh ca nh cung cp chng ch s. Vy cn mt tham s quan trng trong s dng chng ch s, l kha b mt? Kha b mt s khng c lu trong chng ch s. N c lu ti my tnh ca ch s hu, ch s hu cn chu trch nhim gi an ton kha b mt ny. Tr li vi vic k vn bn, ti liu, kha b mt s dng k cc vn bn, ti liu ca ch s hu. Nh cp trong v d trn, gi s A mun gi mt vn bn km vi ch k ca mnh trn vn bn , A s dng kha b mt m ha thu c bn m vn bn, bn m chnh l ch k in t ca A trn vn bn. Khi A gi vn bn v ch k, ngi khc c th xc nhn vn bn ca mnh vi thng tin y v ch s hu, A s gi c chng ch ca mnh i km vi vn bn. Gi s X nhn c vn bn A gi km vi chng ch, khi X c th d dng xc nhn tnh hp php ca vn bn . Lm th no c mt chng ch s? c mt chng ch s, trc ht cn c mt c quan cung cp chng ch s, tn ting anh l CA (Certificate Authority). Cc c nhn, t chc mun c chng ch s, cn ng k vi t chc ny, v khi ng k, ng nhin h chp nhn uy tn ca t chc ny. Trn th gii, hin c nhiu t chc CA nh vy, mt s t chc ln nh
Verisign, RSA, Entrust c s dng chng ch s rt ph bin. Sau khi ng k vi CA, CA s kim tra thng tin ca ngi ng k v s cp mt chng ch cho h. Thng thng chng ch c lu di dng file ci t vo thit b (PC, Server,), hoc c bit hn, vi mc bo mt cao, n c th lu trong cc Token (loi th lu d liu), s dng ging nh mt USB lu tr chng ch s. V d thc t trong vic s dng chng ch s Ta c th xem xt mt s v d in hnh, ph bin, l trng hp truy cp vo cc trang web s dng chng ch s bo mt thng tin. Thng thng, khi truy cp web, vi a ch http://vnexperts...., ngha l ta ang truy cp mt trang web khng c c ch m ha d liu truyn i gia ngi dng v trang web (web server). iu c ngha l mi d liu truyn i gia ngi s dng n trang web , c th b nghe ln gia ng i. y l im khng an ton. Vy mt trang web bo mt c g khc? im khc y chnh l trang web s dng chng ch s, khi truy cp vo trang web , ta khng dng a ch thng thng http://vnexperts... m s dng https://vnexperts... C ngha ta s dng qua HTTPS Mt trong v s cc trang web s dng chng ch s bo mt, l https://gmail.com. Khi truy cp vo y, ta c th yn tm l d liu truyn i gia ngi dng v trang web c bo mt cao, ngha l kh c th l thng tin giao dch. S dng Internet Explorer truy cp vo trang web, ta c th thy cc thng tin v bo mt, chng ch s c ch ra c th:
Nh hnh trn, s dng Internet Explore (IE) truy cp vo mt trang web s dng chng ch s bo mt, ta thy du hiu bo mt Kha vng gc di. Nu kch chut vo y, IE s hin th chng ch s ca trang web ny. Vy cc thng tin ny c ngha l g? Hnh trn hin th ra mt chng ch s
(Certificate), trong c cc thng tin c ngha nh sau: chng ch s ny c cp cho www.google.com, n v cung cp chng ch l Thawte SGC CA, n v cung cp chng ch cp cao hn cho Thawte SGC CA l VeriSign Class 3 Public Primary CA. Nh vy, vi ngha ca chng ch s, ta c th ni rng: trang web ang c truy cp l https://gmail.com, c ch s hu vi tn k hiu l www.google.com, ch s hu ny s dng chng ch s c cung cp bi CA: Thawte SGC CA ( thuc VeriSign Class 3 Public Primary CA). Mi thng tin truyn i gia ngi dng v trang web (web server) l hon ton c bo mt. Trn y l cch thc s dng chng ch s mc n gin. Cch thc s dng ny mi ch l bo mt mt pha, ngi dng tin cy chng ch ca trang web (web server) m h truy cp, trong khi . Cch thc bo mt cao hn l trng hp ngi dng phi c chng ch truy cp trang web. Khi , ngi dng v web (web server) c th xc thc c nhau, chng ch ca ngi dng v ca web (web server) phi c cung cp t mt CA. Trong v d trn, chng ch ca ngi dng cng phi c cung cp bi Thawte SGC CA ( thuc VeriSign Class 3 Public Primary CA). Vic s dng chng ch s khng ch p dng cho trng hp giao dch web nh trn, ngoi ra cn c nhiu hnh thc s dng khc, v d, s dng chng ch s cho email, cho cc thit b di ng 2. Hin trng s dng chng ch s trn th gii v Vit Nam Vic s dng chng ch s trn th gii hin nay rt ph bin, ch yu nhm bo mt cc giao dch in t nh bo mt email, website, thanh on in t Cc n v chng thc (CA) c xy dng nhiu qui m, cp khc nhau. T cc c quan chnh ph n cc t chc doanh nghip, c nhn u c th xy dng CA, ty thuc vo yu cu s dng. Cc CA c th c xy dng vi mc ch chuyn dng hoc thng mi. CA chuyn dng c p dng trong phm vi mt c quan nh nc, mt t chc, mt doanh nghip hoc c th l do c nhn t xy dng. Nhng i tng s dng CA chuyn dng c cp chng ch bi CA v qui nh tin tng nhau trong phm vi CA. CA thng mi c xy dng nhm mc ch thng mi, kinh doanh dch v xc thc in t. Nhng i tng s dng chng ch ca CA thng mi phi c tha thun php l tin tng CA thng mi v tin tng nhng i tng khc c cp chng ch bi CA. Hin trn th gii c mt s CA ln, c thnh lp vo nhng nm 90, vi mc ch thng mi nh Verisign, Entrust, RSA Cc quc gia pht trin chnh ph in t c coi l hng u th gii nh USA, Canada, Anh, Thy s, Hn Quc, Nht Bn c nhng n v chng thc (CA) ln mnh. Chu , Hn Quc c coi l quc gia p dng Chnh ph in t hiu qu cao. Mt trong nhng yu t gip cho thnh cng ca Chnh ph in t l chng thc in t. Hn Quc c mt h thng mng li thng tin thng sut t Chnh ph n cc thnh ph, qun huyn, lng mc. Thng tin c nhn thng nht trn nhiu lnh vc, do vic p dng chng thc in t ti Hn Quc c hiu qu cao. Vit Nam, vic xy dng H thng Chng thc in t l mt trong s cc nhn t quan trng ca Chnh ph in t cng nh trong giao dch thng mi. Chng ta ang tng bc xy dng h thng ny. V lut php, hin ta c Lut giao dch in t (2005), Ngh nh 26 (Quy nh chi tit thi hnh Lut Giao dch in t v ch k s v dch v chng thc ch k s), Ngh nh 27 (V giao dch in t trong hot ng ti chnh). Cc n v nh nc, t chc doanh nghip cng v ang xy dng h thng chng thc chuyn dng, p ng cho yu cu ni b.
3. Trung tm Chng thc in t Quc gia B Thng tin v Truyn thng (MIC) ang xy dng trung tm chng thc in t quc gia RootCA (CA gc).

Chữ ký điện tử

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chữ ký điện tử

Uploaded by

Copyright:

Available Formats

Ch k in t

1. Khi nim ch k in t v chng ch in t.

You might also like