南京财经大学电子商务双语版Chapter5electronicpaym.pptxVIP

Chapter 5 electronic payment systems 5.1 Security In Electronic Payment systems 5.2 Electronic Payment methods 5.3 Case of E-banking ;5.1Security In Electronic Payment systems;5.1.2Public Key Infrastructure PKI has become the cornerstone for secure e-payments. At the heart of PKI is encryption. Encryption : The process of scrambling (encrypting) a message in such a way that it is difficult , expensive , or time-consuming for an unauthorized person to unscramble (decrypt ) it.;Encryption has four basic parts Plaintext Ciphertext Encryption algorithm key The two major classes of encryption : Symmetric systems( with one secret key), Asymmetric systems (with two keys); 密码学是关于应用加密算法对信息进行加密的科学。 加密算法就是用基于数学计算方法与一串数字（密钥）对普通的文本（信息）进行编码，产生不可理解的密文的一系列步骤。 发送方将消息在发送到公共网络或互联网之前进行加密，接收方收到消息后对其解码或称为解密，所用的程序称为解密程序，这是加密的逆过 程。;字母 ;1.Symmetric (private) key syste DES: standard symmetric encryption algorithm ;2.Asymmetric (public) key system RSA: the most common public key encryption algorithm;3.Digital signatures include: Hash: A mathematical computation that is applied to a message, using a private key, to encrypt the message. Message digest: A summary of a message, converted into a string of digits, after the hash has been applied. Digital envelope: the combination of the encrypted original message and the digital signature, using the recipient’s public key; Hash算法:不是加密算法，能产生信息的数字“指纹”(message digest)，主要用途是为了确保数据没有被篡改或发生变化，以维护数据的完整性。 Hash算法的特性： 能处理任意大小的信息，并能生成固定长度的信息摘要。 信息摘要的大小与原信息的大小没有关系，原信息的一个微小变化都会对信息摘要产生和大的影响。 具有不可逆性。 ;（1） message With contract;4.Certificate authorities: Third parties that issue digital certificates. (电子商务认证中心)CA就是承担网上安全电子交易的认证服务的服务机构 ，它能签发数字证书，并能确认用户身份。CA的主要任务是受理数字证书的申请，签发及管理数字证书。 A certificate contains : The holder’s name Validity period Public key information A signed hash of the certificate data;;;5.SSL and SET Secure socket layer (SSL): protocol that utilizes standard certificates for authentication and d