| 摘要 |
The present invention relates to a method for the authentication of a website to users which comprises the steps of: (a) Establishing an agreement between each user and a website owner where each user receives from the website owner at least a first personal client key and the website owner receives from each user at least one personal authenticating website code; (b) Conveying said personal website authenticating code of each user to a certification authority, and producing by said authority a personal certificate containing in an encrypted form said personal authenticating website code and the IP address of said website; (c) Conveying each of said certificates back to said website, and storing the certificates in a storage; (d) Upon accessing the website, submitting by the user the first personal client key, and saving the website IP address as accessed at the user work station for later comparison; (e) Having received said first personal client key, extracting by the website the personal certificate that corresponds to said user, and sending same to the client together with the website home page; (f) Having received the personal certificate at the user station, decrypting the certificate by means of a decrypting key; (g) Comparing the website IP address as decrypted from the received certificate with the website IP address as saved at the user station, and providing identity indication to the user; (h) Verifying by the user that the personal authentication website code is indeed the one submitted by the user to the website owner at said agreement; (i) Concluding by the user that the website is indeed authentic only if both (a) said comparison of IP address indicates identity; and (b) said verification of personal authenticating website code shows identity.
|
