Design And Implementation Of A Trusted Digital Signature System

Electronic signature legislation is the precondition of the electronic signature application on a large-scale. The focus of this paper is how to support the technical implementation of law efficiently. A new concept is proposed that can be called trust digital signature, the new model can be used to support the law's critical point-reliable electronic signature.Digital signature is not always reliable in the complicated terminal system environment. All the uncertainties may impact the security of digital signature. Based on the analysis of digital signature in the actual conditions application, the summary of the attack to digital signature is given. The new model of trust digital signature is proposed .that main ideas are based on the concept of trust and the reference of trust computing. The three important conditions for trust digital signature are come out:trust signature application, trust signature content display and trust authentication.The attack on signature data and signature executable file can tamper the signature file, and result in what you see is not what you sign. In order to guarantee the integrality of signature application and signature file, a trust signature reference model is established and analyzed. Mutually authenticated data channel between application and signature device is the important foundation for enhancing the signature security .under insecure terminal environments. By improving the Diffie-Hellman .protocol and issuing the certificate to the signature device, a new key exchange protocol is given that can be used to authenticate the signature device by computer environments. The measurement mechanism in trust .computing can resolve the problem of software integrity. The analysis shows that the software authentication for the signature device can be ensured effectively and the function of software authentication can be realized by using measurement mechanism. So the mutually authenticated data secure channel can be established between the signature device and the application software, then the trust relationship could be established as well.Lastly, based on the above study work, a prototype of trust digital signature is designed and implemented.