Study And Practise The Certificate Authority Base On PKI

Entering the new century, a variety of network applications developed quickly with popularizing fast of the network technology, such as electronic government affairs, electronic business affairs and bank on internet etc. But, the security problem is generated. Therefor, Public Key Infrastructure which forming and developing base on the public-key encryption & decryption technology , provides the all-round security service for the applications base on internet perfectly. PKI is a fundamental infrastructure that make use of the asymmetric key algorithm`s principle and technology to achieve. When all kinds of network applications need to security service such as encryption or digital signature, we can use the password and certificate management system that PKI provides or digital certificate to finish the security defence. PKI has many service, and the best important part is Certificate Authority, which in charge of sending the digital certificate. Certificate Authority, a exclusive entity in PKI frame, can sends and repeals certificate, and may organizes some confident model, for example, hierarchy model that often to use, distributed model and Web model etc. CA sends a digital certificate for each user of using public-key. Digital certificate`s usefulness is verify the correspondence of user name and public-key in certificate. CA will sends a digital certificate to user when user`s information audited by RA, and make the user of having certificate, a pair of keys and relevant information connect with CA, and make the veracity of user match with the veracity of certificate. CA provides many service: The certificate application, the certificate auditing, the certificate issued (download), the certificate renewal and repeal, the certificate locating on-line and the CRL management. CA, qua the authoritative and equitable third actor, is important in course of the digital certificate authenticated. It treats of user`s identity which trading by the internet, strict encryption technology and authentication programme. The application of CA can extends all the data transmit service in internet which have security requirement. The main content thesis research is study and practise the certificate authority base on PKI. At first, author studies conventional encryption algorithms, public-key cryptography and hash function, then, comprehends PKI theory thoroughly base on encryption knowledge. At last, author studies and practices the realization of certificate authority combine with the idiographic project.