使用社群網路與通訊軟體等需要辨識身分的服務是現代人不可或缺的一環,伴隨而來的是身分認證的需求與使用者匿名的網路特質兩者衝突的情況。網路實名制解決身分認證的問題,但是不符合網路的匿名性質,本研究植基於隱式憑證概念說明記名憑證原理並加以實現。記名憑證一個可行方式是使用者與數位憑證管理機構(CA)連線,提供必要資訊並產生真實憑證,然後以暱稱(或是不透漏身分的資訊)以及身分特徵來生成記名制憑證,這樣既可在不暴露使用者身分情況下提供匿名特性,又能在驗證身分的場合來證明真實身分。本研究並將相關概念在Java平台加以實現,以便進一步了解實作之可行性以及須注意之事項。
The applications with user authentication, such as social networking and communication software, are important nowadays. The tradeoff between user authentication and anonymity is a question to be considered, in the other words, real-name system solves the problem of authentication, but anonymous is an important feature of the network. In this thesis, we study and implement the alias certificate based on the implicit certificate. The alias certificates can be achieved by the roles of two logical certificate authorities (CA), the first one generates the real-name certificate with user authentication data, and the second generates the alias certificate with alias and the digest of user authentication data. This can provide user authentication without exposing the identity of the user. In order to check the feasibility, we implement the alias certificate in the Java platform.