摘要： 流转公文的数字签名和用于加密信息的对称密钥交换都是建立在椭圆曲线之上，利用有限域上椭圆曲线的点群中的离散对数问题难解性增强了方案的安全性。通信各方的私钥和公钥对由自己产生，公钥均由KDC保存并根据用户使用申请实时分发，流转的电子公文和数字签名等信息使用IDEA算法进行加密传输，避免了公文在传输的过程中被第3人窃取或篡改，确保了数据的机密性、完整性和不可否认性。

关键词: 椭圆曲线, 数字签名, 电子公文流转, IDEA, SHA-1

Abstract: The digital signature and symmetric key exchange in the scheme both are established over a finite field and the computational intractability of the elliptic curve discrete logarithm problem (ECDLP) over the finite field enhances security of the scheme. Each entity in a network generates a pair of keys to be used for encryption and decryption of the transmitted messages, where the private one of the two keys must be kept secret and the public key is distributed in realtime on requests by KDC. The electronic official-documents and their digital signatures are encrypted with IDEA and then transmitted in the network. The scheme provides mutual authentication between entities and ensures confidentiality, integrity and nonrepudiation of the transmitted messages.

Key words: Elliptic curves, Digital signature, Electronic official-documents interchange, IDEA, SHA-1

中图分类号: 

• TP301.6