The Digital Certificate Management System Based On ECC

Digital certificate, as a kind of authoritative electronic document, provide a method to authenticate users. People could use it to identify other's status. In order to insure the exclusivity and credibility of digital certificate, public key encrypting system, which encrypt or decrypt document using a pair of matching keys, is often used.Comparing with the RSA public key encrypting system which is currently widely used, ECC provides higher encryption strength than RSA. To the general, its processing speed is faster than RSA, as well as lower key length. This makes it able to implement higher security level with smaller overhead and lower delay. This paper designed a digital certificate management system based on ECC using elliptic curve crypto system. It has a series of strongpoint owned by elliptic curve crypto system, which guarantees the exclusivity and credibility of digital certificate, and makes sure that certificate user's status is correctly identified.The system is designed in modularization structure. It consists of 4 modules: user interface, CA engine, ECC encrypting/decrypting, and certificate deployment. User interface uses event and message mechanism, making system response to requests by administrators in time. It is comparatively independent, which enhances the independence and connectivity of each part. CA engine is the kernel of the system, including functions performing user's verification, authorization, certificate's releasing, reclaiming, etc. It is critical as an authoritative, just, reliable third part. ECC encrypting/decrypting implements the ECC certificate management for the system, guaranteeing the high security of elliptic curve crypto system. Certificate deployment provides two approaches to deploy certificate: USB Key deployment and WEB page deployment. The deploy method is chosen regarding different demands, which levels up the practicability of system.