運用XML建立保護式DSA代理簽章方法之研究

Abstract

現今的網際網路已經充斥了整個世界，不論是購物、繳稅、掛號、訂位等，皆脫離不了網際網路，相對地也提供了極大的便利與效率，尤其B2B、B2C的盛行，帶動了世界整體經濟的發展，也拉近了國際間，甚至人與人之間的距離；但是，網際網路基本上是一個不安全、無法辨識個體的環境，任何人都可以假冒、竊取或偽造網路上的資訊，如此便容易造成許多的糾紛，所以資訊安全以及身份認證就成為了推動網路交易一個重要議題。 提供一個保密且安全的網路傳輸通道是最基本且無庸置疑的，另外，如何在一筆交易間互相辨識及鑑定，也是促成網路交易的重要因素之一；數位簽章即為身份認證應運而生的一個機制，藉由單向赫序函數不可逆特性或解離散對數困難度使得簽章難以被偽造，僅能使用私密金鑰才能驗證文件為簽署者所簽署，進而達到身份認證的目的。 目前有許多種各式電子文件之格式，例如：WORD之DOC檔、ACROBAT之PDF檔、HTML…等，而做為世界廣泛認可的數位簽章文件格式必須具備開放、具有彈性，且有公認發行格式之特性，而XML（eXtensible Markup Language）則具備以上的特點，非常適合運用於電子簽章與文件之結合。 所以，如果運用XML來實作代理簽章，不僅可在網路平台上易於推行具公信力的網路交易或電子公文，而且統一格式更可以強化文件交換之流通性，尤其可符合一般公司之運用情況，例如：董事長因公外出，總經理必須代理其職權，則必須使用代理簽章；由於目前XML所建立公認之簽章格式並不包含代理簽章格式，本文即針對該規範進行代理簽章之延伸，並實作文件代理簽章之作法。

The world, nowadays, has been flooded with internet. No matter where is in shopping, tax payment, registering in hospital, and reservation for seat and so on. They all can’t be departed from internet. It also provides extreme convenience and efficiency relatively. Especially in the vogue by B2B or B2C, it not only pushes forward the developments of whole world economics, but also gets closer between international, even person to person. But internet is basically an unsecured and unidentified environment. Anyone can counterfeit, steal or forge the information over internet, and so that it would be easy to make many disputes. As the result, information security and identity certification will be an important issue for giving an impetus to network transactions. There is no doubt but fundamental to provide a confidential and safe transmission channel for network. It is also, on the other hand, an important factor how to identify or authenticate each other in a transaction. Digital signature is such a mechanism coming with the tide of fashion for authentication. The signature is hard to be forged based on irreversible one-way hash function or discrete logarithm. It just only uses the private key to prove the document being signed by signer in order to achieve the purpose of authentication. There are, at present, many kinds of e-documents such like DOC files for WORD, PDF files for Acrobat, HTML and so on. But it must have characteristics of open, flexible, public acknowledged format to be a worldwide approved digital signature format. XML (eXtensible Markup Language) would have those of characteristics, and it is very suitable for combining digital signatures with documents. So, if proxy signature can be implemented by XML, the trusted network transactions or electronic official documents would be easily carried out. Unified format can, moreover, enhance the circulation of document exchange; it is especially suitable for applying to general companies. The president, for example, is away on official business; the general manager must act for the president. Proxy signature must be used in this case. Owing to the signature format acknowledged by XML does not support proxy signature, this thesis will extend the standard format for proxy signature and implementation.