CN105406970B - Method and device, the method and device of verifying signature of signature - Google Patents

Method and device, the method and device of verifying signature of signature Download PDF

Info

Publication number
CN105406970B
CN105406970B CN201510687881.3A CN201510687881A CN105406970B CN 105406970 B CN105406970 B CN 105406970B CN 201510687881 A CN201510687881 A CN 201510687881A CN 105406970 B CN105406970 B CN 105406970B
Authority
CN
China
Prior art keywords
signed
message
random number
parameter
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510687881.3A
Other languages
Chinese (zh)
Other versions
CN105406970A (en
Inventor
邹强
孙洋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Electronic Information Industry Co Ltd
Original Assignee
Inspur Electronic Information Industry Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Electronic Information Industry Co Ltd filed Critical Inspur Electronic Information Industry Co Ltd
Priority to CN201510687881.3A priority Critical patent/CN105406970B/en
Publication of CN105406970A publication Critical patent/CN105406970A/en
Application granted granted Critical
Publication of CN105406970B publication Critical patent/CN105406970B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3257Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention provides a kind of method and device of signature, a kind of method and device of verifying signature, the methods of the signature, comprising: obtain public key and private key;Obtain multiple message to be signed;Preset quantity random number is selected for each message to be signed;According to the public key and the private key and the corresponding preset quantity random number of each message to be signed, approval and sign name is carried out to all message to be signed.The present invention provides a kind of method and devices of signature, a kind of method and device of verifying signature, can be improved processing speed.

Description

Method and device, the method and device of verifying signature of signature
Technical field
The present invention relates to field of information security technology, in particular to a kind of method and device of signature, a kind of verifying signature Method and device.
Background technique
Along with the development of e-commerce, more and more electronic transactions are completed on the net, and data volume to be treated is non- Often huge, this is pressure abnormal big for signer, while being also a very big test to user's patience.Cause This, for the verifiability and non repudiation for guaranteeing digital information, Proxy Signature is a kind of effective tool.Proxy Signature not only can be with It for protecting the information of user, while can guarantee the verifiability of data, be most common tool in electronic transaction.
In the prior art, it when carrying out Proxy Signature, for each file to be signed, needs to carry out blind label to file one by one Name.When verifying Proxy Signature, it is also desirable to one by one to Proxy Signature Information Authentication.In short, the processing speed of the prior art is slower.
Summary of the invention
In view of this, the present invention provides a kind of method and device of signature, a kind of method and device of verifying signature, energy Enough improve processing speed.
In a first aspect, the present invention provides a kind of methods of signature, comprising:
S1: public key and private key are obtained;
S2: multiple message to be signed are obtained;
S3: preset quantity random number is selected for each message to be signed;
S4: right according to the public key and the private key and the corresponding preset quantity random number of each message to be signed All message to be signed carry out approval and sign name.
Further, the preset quantity random number includes: the first random number, the second random number, third random number, Four random numbers, the 5th random number, the public key indicate are as follows: (g1, g2, p, q, t, v), the private key indicates are as follows: (s1, s2);
The S4, comprising:
A1: being arranged corresponding X parameter for each message to be signed, by the initial of the corresponding X parameter of each message to be signed Value is set as 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi× g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is most Otherwise a high position, calculates if so, thening follow the steps A5By each message corresponding first to be signed One, the left side of the present bit of random number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the corresponding X* parameter of each message to be signed just Initial value is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as Present bit;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number, F is the present bit of the 4th random number, and h is the present bit of the 4th random number;
A8: working as the corresponding third random number of each message to be signed, the 4th random number and the 5th random number is judged respectively Whether anteposition is highest order, if so, thening follow the steps A9, otherwise, is calculated V=v2, will be each wait sign One, the left side of the present bit of the corresponding third random number of name message, the 4th random number and the 5th random number is used as present bit, returns Return step A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula three respectively, wherein formula four are as follows:Wherein, eiFor i-th of message m to be signediCorresponding E parameter;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six Each message to be signed corresponding second is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2= r(i,2)+eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signedi Corresponding second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message to be signed miCorresponding second random number.
Further, the S1, comprising:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key It indicates are as follows: (s1, s2)。
Second aspect, the present invention provides a kind of methods of signature, comprising:
Receive external corresponding first signature of message to be signed and the second signature, each message pair to be signed each of sent The third random number and the 4th random number answered, the corresponding E* parameter of each message to be signed;
Corresponding first parameter of the first signature that each message to be signed is calculated according to formula eight, calculates often according to formula nine Corresponding second parameter of the second signature of a message to be signed, wherein formula eight are as follows:Formula nine Are as follows: For i-th of message m to be signediCorresponding first, which signs, corresponds to the first parameter,It is I message ms to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1For i-th of message m to be signediCorresponding first label Name, yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th of message m to be signediCorresponding third is random Number, u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Generate the signature pair of each message to be signed, wherein the signature of i-th of message to be signed to for For i-th of message m to be signediCorresponding E* parameter.
The third aspect, the present invention provides a kind of methods of verifying signature, comprising:
Receive the external signature for each of sending message to be signed to and public key, wherein the signature of i-th of message to be signed To for For i-th of message m to be signediCorresponding E* parameter, miFor i-th of message to be signed,It is I message ms to be signediCorresponding first parameter,For i-th of message m to be signediCorresponding second parameter, public key indicate are as follows: (g1, g2, p, q, t, v);
The corresponding Z parameter of each message to be signed is calculated according to formula ten respectively, wherein formula ten are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
For each message to be signed, currently whether the corresponding Z parameter of message to be signed and E* parameter are identical for judgement, if It is that then the signature of current message to be signed is to by verifying, and otherwise, the signature of current message to be signed is to not over verifying.
Fourth aspect, the present invention provides a kind of devices of signature, comprising:
First acquisition unit, for obtaining public key and private key;
Second acquisition unit, for obtaining multiple message to be signed;
Selecting unit, for selecting preset quantity random number for each message to be signed;
Signature unit, for according to the public key and the private key and the corresponding preset quantity of each message to be signed Random number carries out approval and sign name to all message to be signed.
Further, the preset quantity random number includes: the first random number, the second random number, third random number, Four random numbers, the 5th random number, the public key indicate are as follows: (g1, g2, p, q, t, v), the private key indicates are as follows: (s1, s2);
The signature unit, is specifically used for:
A1: being arranged corresponding X parameter for each message to be signed, by the initial of the corresponding X parameter of each message to be signed Value is set as 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi× g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is most Otherwise a high position, calculates if so, thening follow the steps A5By each message corresponding first to be signed One, the left side of the present bit of random number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the corresponding X* parameter of each message to be signed just Initial value is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as Present bit;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number, F is the present bit of the 4th random number, and h is the present bit of the 4th random number;
A8: working as the corresponding third random number of each message to be signed, the 4th random number and the 5th random number is judged respectively Whether anteposition is highest order, if so, thening follow the steps A9, otherwise, is calculated V=v2, will be each wait sign One, the left side of the present bit of the corresponding third random number of name message, the 4th random number and the 5th random number is used as present bit, returns Return step A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula three respectively, wherein formula four are as follows:Wherein, eiFor i-th of message m to be signediCorresponding E parameter;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six Each message to be signed corresponding second is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2= r(i,2)+eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signedi Corresponding second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message to be signed miCorresponding second random number.
Further, the first acquisition unit, is specifically used for:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key It indicates are as follows: (s1, s2)。
5th aspect, the present invention provides a kind of devices of signature, comprising:
First receiving unit, for receiving external corresponding first signature of message to be signed and the second label each of sent Name, the corresponding third random number of each message to be signed and the 4th random number, the corresponding E* parameter of each message to be signed;
First computing unit, corresponding first ginseng of the first signature for calculating each message to be signed according to formula eight Number calculates corresponding second parameter of the second signature of each message to be signed according to formula nine, wherein formula eight are as follows:Formula nine are as follows: For i-th of message m to be signediCorresponding One, which signs, corresponds to the first parameter,For i-th of message m to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1It is i-th Message m to be signediCorresponding first signature, yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th to Signature information miCorresponding third random number, u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Generation unit, for generating the signature pair of each message to be signed, wherein the signature pair of i-th of message to be signed For For i-th of message m to be signediCorresponding E* parameter.
6th aspect, the present invention provides a kind of devices of verifying signature, comprising:
Second receiving unit, for receive the external signature for each of sending message to be signed to and public key, wherein i-th The signature of a message to be signed to for For i-th of message m to be signediCorresponding E* parameter, miIt is i-th Message to be signed,For i-th of message m to be signediCorresponding first parameter,For i-th of message m to be signediCorresponding Two parameters, public key indicate are as follows: (g1, g2, p, q, t, v);
Second computing unit, for calculating the corresponding Z parameter of each message to be signed according to formula ten respectively, wherein public Formula ten are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
Authentication unit judges the corresponding Z parameter of current message to be signed and E* parameter for being directed to each message to be signed It is whether identical, if it is, currently the signature of message to be signed is to verifying is passed through, otherwise, the signature pair of current message to be signed Not over verifying.
A kind of method and device of signature provided by the invention, it is a kind of verifying signature method and device, obtain it is multiple to Signature information, and select preset quantity random number for each message to be signed, according to a pair of of public key and private key, and each to The corresponding preset quantity random number of signature information carries out approval and sign name to all message to be signed, improves the processing speed of signature Degree.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is the present invention Some embodiments for those of ordinary skill in the art without creative efforts, can also basis These attached drawings obtain other attached drawings.
Fig. 1 is a kind of flow chart of the method for signature that one embodiment of the invention provides;
Fig. 2 is the flow chart of the method for another signature that one embodiment of the invention provides;
Fig. 3 is a kind of flow chart of the method for verifying signature that one embodiment of the invention provides;
Fig. 4 is a kind of schematic diagram of the device for signature that one embodiment of the invention provides;
Fig. 5 is the schematic diagram of the device for another signature that one embodiment of the invention provides;
Fig. 6 is a kind of schematic diagram of the device for verifying signature that one embodiment of the invention provides.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments, based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
As shown in Figure 1, this method may comprise steps of the embodiment of the invention provides a kind of method of signature:
S1: public key and private key are obtained;
S2: multiple message to be signed are obtained;
S3: preset quantity random number is selected for each message to be signed;
S4: right according to the public key and the private key and the corresponding preset quantity random number of each message to be signed All message to be signed carry out approval and sign name.
A kind of method of the signature provided through the embodiment of the present invention obtains multiple message to be signed, and for each wait sign Name message selects preset quantity random number, according to a pair of of public key and private key and the corresponding present count of each message to be signed A random number is measured, approval and sign name is carried out to all message to be signed, improves the processing speed of signature.
In one possible implementation, the preset quantity random number include: the first random number, it is second random Number, third random number, the 4th random number, the 5th random number, the public key indicate are as follows: (g1, g2, p, q, t, v), the private key table It is shown as: (s1, s2);
The S4, comprising:
A1: being arranged corresponding X parameter for each message to be signed, by the initial of the corresponding X parameter of each message to be signed Value is set as 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi× g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is most Otherwise a high position, calculates if so, thening follow the steps A5By each message corresponding first to be signed One, the left side of the present bit of random number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the corresponding X* parameter of each message to be signed just Initial value is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as Present bit;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number, F is the present bit of the 4th random number, and h is the present bit of the 4th random number;
A8: working as the corresponding third random number of each message to be signed, the 4th random number and the 5th random number is judged respectively Whether anteposition is highest order, if so, thening follow the steps A9, otherwise, is calculated V=v2, will be each wait sign One, the left side of the present bit of the corresponding third random number of name message, the 4th random number and the 5th random number is used as present bit, returns Return step A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula three respectively, wherein formula four are as follows:Wherein, eiFor i-th of message m to be signediCorresponding E parameter;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six Each message to be signed corresponding second is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2= r(i,2)+eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signedi Corresponding second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message to be signed miCorresponding second random number.
In this implementation, right in step A4 since each message to be signed uses identical public keyIt is once calculated, in the processing that all message to be signed can be used, without for each wait sign Name message is respectively calculated, and significantly reduces the operation times of multiplication, is also therefore saved and is calculated the time, improves Efficiency is equally, right in step A8V=v2It is once calculated, without to be signed disappearing for each Breath is respectively calculated, and in the processing that can use all message to be signed, improves processing speed and efficiency.
In addition, before step A2, it can be using the JSF algorithm of SDR algorithm or Solina to the first random number and second Random number is recompiled, and can be reduced the joint hamming value of the first random number and the second random number in this way, be reduced subsequent meter The calculation amount of calculation, accelerates processing speed.The first random number and the second random number in A2 and subsequent step are attached most importance to newly organized The first random number and the second random number after code.
It similarly, can be using the JSF algorithm of SDR algorithm or Solina to third random number, the 4th before step A6 Random number and the 5th random number are recompiled, and can reduce third random number, the 4th random number and the 5th random number in this way Joint hamming value, reduce the calculation amount of subsequent calculating, accelerate processing speed.Third in A6 and subsequent step is random Number, the 4th random number and the 5th random number are third random number, the 4th random number and the 5th random number after recompiling.
In step A4, when the present bit for judging current message to be signed corresponding first random number and the second random number When being highest order, then the X parameter of available current message to be signed, when all corresponding first random numbers of message to be signed When present bit with the second random number is highest order, the X parameter of available all message to be signed can specifically pass through Following manner indicates:
In step A8, when judge the corresponding third random number of current message to be signed, the 4th random number and the 5th with When the present bit of machine number is highest order, then the X* parameter of available current message to be signed, when all message pair to be signed It is available all to be signed to disappear when the present bit of third random number, the 4th random number and the 5th random number answered is highest order The X* parameter of breath can specifically indicate in the following manner:
In addition, message to be signed provided in an embodiment of the present invention can be by blind transformed message.
In one possible implementation, the S1, comprising:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key It indicates are as follows: (s1, s2)。
It can also include: to receive externally input security parameter, the B2, comprising: join according to safety before step B2 Number determines that order is the group Z of qp*.In general, security parameter numerical value is bigger, and selected group is also bigger.
In step B3, generating member in random selection domain can be from Pairing-Based Cryptosystems function packet Middle calling library function is realized.Step S3 can also be realized by this way.
The primary message to be signed for carrying out approval and sign name number, can be determined according to the traffic in the unit time.This The method that inventive embodiments provide can be realized at signature end.
Referring to fig. 2, the embodiment of the invention provides a kind of methods of signature, comprising:
Step 201: corresponding first signature of each of reception outside is sent message to be signed and second is signed, each wait sign The corresponding third random number of name message and the 4th random number, the corresponding E* parameter of each message to be signed;
Step 202: corresponding first parameter of the first signature of each message to be signed is calculated according to formula eight, according to formula Nine calculate corresponding second parameter of the second signature of each message to be signed, wherein formula eight are as follows: Formula nine are as follows: For i-th of message m to be signediCorresponding first, which signs, corresponds to the first parameter,For i-th of message m to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1For i-th of message m to be signediIt is corresponding First signature, yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th of message m to be signediCorresponding Three random numbers, u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Step 203: generating the signature pair of each message to be signed, wherein the signature of i-th of message to be signed to for For i-th of message m to be signediCorresponding E* parameter.
In this implementation, according to the first of each message to be signed the signature and the second signature, further it is located in Reason, obtains the signature pair of each message to be signed.Method in the embodiment can realize in client, and signature end will obtain First signature and the second signature are sent to client, and client is being handled.In Proxy Signature, client is needed to receiving Information carry out processing of casting off illiteracy.
Referring to Fig. 3, the embodiment of the invention provides a kind of methods of verifying signature, comprising:
Step 301: receive the external signature for each of sending message to be signed to and public key, wherein i-th to be signed to disappear The signature of breath to for For i-th of message m to be signediCorresponding E* parameter, miTo be signed disappear for i-th Breath,For i-th of message m to be signediCorresponding first parameter,For i-th of message m to be signediCorresponding second parameter, Public key indicates are as follows: (g1, g2, p, q, t, v);
Step 302: the corresponding Z parameter of each message to be signed being calculated according to formula ten respectively, wherein formula ten are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
Step 303: being directed to each message to be signed, whether are the corresponding Z parameter of the current message to be signed of judgement and E* parameter Identical, if it is, the signature of current message to be signed is to by verifying, otherwise, the signature of current message to be signed is not to having Pass through verifying.
The method provided by the embodiment, to the signature received to verifying.It is tested in the embodiment using batch The method of card, to the signature received to and meanwhile handle, save processing the time.It is needed during carrying out batch validation It calculatesDue to the truth of a matter g of each signature centering1、g2, v it is all the same, therefore to the truth of a matter carry out operation when, can With by once-through operation as a result, be used for all signatures in verifying, save processing the time, improve processing speed.Specifically , calculated result can indicate in the following manner:Method provided in an embodiment of the present invention can To be realized in verifying end.
Referring to fig. 4, the embodiment of the invention provides a kind of devices of signature, comprising:
First acquisition unit 401, for obtaining public key and private key;
Second acquisition unit 402, for obtaining multiple message to be signed;
Selecting unit 403, for selecting preset quantity random number for each message to be signed;
Signature unit 404, for according to the public key and the private key and the corresponding present count of each message to be signed A random number is measured, approval and sign name is carried out to all message to be signed.
In one possible implementation, the preset quantity random number include: the first random number, it is second random Number, third random number, the 4th random number, the 5th random number, the public key indicate are as follows: (g1, g2, p, q, t, v), the private key table It is shown as: (s1, s2);
The signature unit 404, is specifically used for:
A1: being arranged corresponding X parameter for each message to be signed, by the initial of the corresponding X parameter of each message to be signed Value is set as 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi× g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is most Otherwise a high position, calculates if so, thening follow the steps A5By each message corresponding first to be signed One, the left side of the present bit of random number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the corresponding X* parameter of each message to be signed just Initial value is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as Present bit;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number, F is the present bit of the 4th random number, and h is the present bit of the 4th random number;
A8: working as the corresponding third random number of each message to be signed, the 4th random number and the 5th random number is judged respectively Whether anteposition is highest order, if so, thening follow the steps A9, otherwise, is calculated V=v2, will be each wait sign One, the left side of the present bit of the corresponding third random number of name message, the 4th random number and the 5th random number is used as present bit, returns Return step A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula three respectively, wherein formula four are as follows:Wherein, eiFor i-th of message m to be signediCorresponding E parameter;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six Each message to be signed corresponding second is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2= r(i,2)+eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signedi Corresponding second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message to be signed miCorresponding second random number.
In one possible implementation, the first acquisition unit 401, is specifically used for:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key It indicates are as follows: (s1, s2)。
Referring to Fig. 5, the embodiment of the invention provides a kind of devices of signature, comprising:
First receiving unit 501, for receiving external corresponding first signature of message to be signed and second of each of sending Signature, the corresponding third random number of each message to be signed and the 4th random number, the corresponding E* parameter of each message to be signed;
First computing unit 502, for calculating the first signature corresponding first of each message to be signed according to formula eight Parameter calculates corresponding second parameter of the second signature of each message to be signed according to formula nine, wherein formula eight are as follows:Formula nine are as follows: For i-th of message m to be signediCorresponding One, which signs, corresponds to the first parameter,For i-th of message m to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1It is i-th Message m to be signediCorresponding first signature, yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th to Signature information miCorresponding third random number, u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Generation unit 503, for generating the signature pair of each message to be signed, wherein the signature of i-th of message to be signed To for For i-th of message m to be signediCorresponding E* parameter.
Referring to Fig. 6, the embodiment of the invention provides a kind of devices of verifying signature, comprising:
Second receiving unit 601, for receive the external signature for each of sending message to be signed to and public key, wherein The signature of i-th of message to be signed to for For i-th of message m to be signediCorresponding E* parameter, miIt is I message to be signed,For i-th of message m to be signediCorresponding first parameter,For i-th of message m to be signediIt is corresponding The second parameter, public key indicate are as follows: (g1, g2, p, q, t, v);
Second computing unit 602, for calculating the corresponding Z parameter of each message to be signed according to formula ten respectively, wherein Formula ten are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
Authentication unit 603 judges the corresponding Z parameter of current message to be signed and E* for being directed to each message to be signed Whether parameter is identical, if it is, currently the signature of message to be signed is to verifying is passed through, otherwise, the label of current message to be signed Name is to not over verifying.
The contents such as the information exchange between each unit, implementation procedure in above-mentioned apparatus, due to implementing with the method for the present invention Example is based on same design, and for details, please refer to the description in the embodiment of the method for the present invention, and details are not described herein again.
It should be understood that the embodiment of the invention provides a kind of method and devices of signature, a kind of side of verifying signature Method and device can be realized based on elliptic curve, can quickly generate multiple signatures, and the processing speed of signature is effectively accelerated Degree.For the verifying end of verifying signature, the speed of verifying can be accelerated, reduce the time of waiting.
The embodiment of the invention provides a kind of method and devices of signature, a kind of method and device of verifying signature, have It is following the utility model has the advantages that
1, a kind of method and device of the signature provided through the embodiment of the present invention obtains multiple message to be signed, and is Each message to be signed selects preset quantity random number, corresponding according to a pair of of public key and private key and each message to be signed Preset quantity random number, approval and sign names are carried out to all message to be signed, improve the processing speed of signature.
2, the method and device of a kind of signature provided through the embodiment of the present invention, in this implementation, due to each Message to be signed uses identical public key, rightIt is once calculated, all to be signed disappear can be used In the processing of breath, significantly reduce the operation times of multiplication, also therefore saves and calculate the time, improve efficiency, together Sample, it is rightV=v2It is once calculated, in the processing that all message to be signed can be used, is improved Processing speed and efficiency.
3, a kind of method and device of signature provided in an embodiment of the present invention, a kind of method and device of verifying signature, Can be protected by the safety of data and prevent from forging for verifying data signature using this method under the environment such as bank.
4, the method and device of a kind of verifying signature provided in an embodiment of the present invention, heavy signature verification task is carried out Batch processing is carried out while being verified to multiple signatures using batch method of verifying during verifying, effectively saves meter Evaluation time.
It should be noted that, in this document, such as first and second etc relational terms are used merely to an entity Or operation is distinguished with another entity or operation, is existed without necessarily requiring or implying between these entities or operation Any actual relationship or order.Moreover, the terms "include", "comprise" or its any other variant be intended to it is non- It is exclusive to include, so that the process, method, article or equipment for including a series of elements not only includes those elements, It but also including other elements that are not explicitly listed, or further include solid by this process, method, article or equipment Some elements.In the absence of more restrictions, the element limited by sentence " including one ", is not arranged Except there is also other identical factors in the process, method, article or apparatus that includes the element.
Those of ordinary skill in the art will appreciate that: realize that all or part of the steps of above method embodiment can pass through The relevant hardware of program instruction is completed, and program above-mentioned can store in computer-readable storage medium, the program When being executed, step including the steps of the foregoing method embodiments is executed;And storage medium above-mentioned includes: ROM, RAM, magnetic disk or light In the various media that can store program code such as disk.
Finally, it should be noted that the foregoing is merely presently preferred embodiments of the present invention, it is merely to illustrate skill of the invention Art scheme, is not intended to limit the scope of the present invention.Any modification for being made all within the spirits and principles of the present invention, Equivalent replacement, improvement etc., are included within the scope of protection of the present invention.

Claims (6)

1. a kind of method of signature characterized by comprising
S1: public key and private key are obtained;
S2: multiple message to be signed are obtained;
S3: preset quantity random number is selected for each message to be signed;
S4: according to the public key and the private key and the corresponding preset quantity random number of each message to be signed, to all Message to be signed carries out approval and sign name;
The preset quantity random number includes: the first random number, the second random number, third random number, the 4th random number, the 5th Random number, the public key indicate are as follows: (g1, g2, p, q, t, v), the private key indicates are as follows: (s1, s2);
The S4, comprising:
A1: being arranged corresponding X parameter for each message to be signed, and the initial value of the corresponding X parameter of each message to be signed is set It is set to 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi× g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is highest Otherwise position, calculates if so, thening follow the steps A5By each message corresponding first to be signed with One, the left side of the present bit of machine number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the initial value of the corresponding X* parameter of each message to be signed It is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as current Position;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number, F is the present bit of the 4th random number, and h is the present bit of the 5th random number;
A8: the corresponding third random number of each message to be signed, the present bit of the 4th random number and the 5th random number are judged respectively Whether it is highest order, if so, thening follow the steps A9, otherwise, calculates V=v2, to be signed disappear each One, the left side of the present bit of corresponding third random number, the 4th random number and the 5th random number is ceased as present bit, returns to step Rapid A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula four respectively, wherein formula four are as follows:Its In, eiFor i-th of message m to be signediCorresponding E parameter, diFor each eiCorresponding random number;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six each Message corresponding second to be signed is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2=r(i,2)+ eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signediIt is corresponding Second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message m to be signediIt is right The second random number answered.
2. the method according to claim 1, wherein the S1, comprising:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key indicates Are as follows: (s1, s2)。
3. a kind of method of signature characterized by comprising
It receives and external each of sends corresponding first signature of message to be signed and second sign, each message to be signed are corresponding Third random number and the 4th random number, the corresponding E* parameter of each message to be signed, wherein formula three are as follows: Wherein,For i-th of message m to be signediCorresponding E* parameter,For i-th of message m to be signediCorresponding X* parameter;
The first corresponding first parameter of signature that each message to be signed is calculated according to formula eight, according to formula nine calculate each to Corresponding second parameter of the second signature of signature information, wherein formula eight are as follows:Formula nine are as follows: For i-th of message m to be signediCorresponding first, which signs, corresponds to the first parameter,It is i-th Message m to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th of message m to be signediCorresponding third random number, u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Generate the signature pair of each message to be signed, wherein the signature of i-th of message to be signed to for For I-th of message m to be signediCorresponding E* parameter;
Receive the external signature for each of sending message to be signed to and public key, wherein the signature of i-th of message to be signed to for For i-th of message m to be signediCorresponding E* parameter, miFor i-th of message to be signed,It is i-th Message m to be signediCorresponding first parameter,For i-th of message m to be signediCorresponding second parameter, public key indicate are as follows: (g1, g2, p, q, t, v);
The corresponding Z parameter of each message to be signed is calculated according to formula ten respectively, wherein formula ten are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
For each message to be signed, currently whether the corresponding Z parameter of message to be signed and E* parameter are identical for judgement, if so, Then the signature of current message to be signed is to by verifying, and otherwise, the signature of current message to be signed is to not over verifying.
4. a kind of device of signature characterized by comprising
First acquisition unit, for obtaining public key and private key;
Second acquisition unit, for obtaining multiple message to be signed;
Selecting unit, for selecting preset quantity random number for each message to be signed;
Signature unit, for random according to the public key and the private key and the corresponding preset quantity of each message to be signed Number carries out approval and sign name to all message to be signed;
The preset quantity random number includes: the first random number, the second random number, third random number, the 4th random number, the 5th Random number, the public key indicate are as follows: (g1, g2, p, q, t), the private key indicates are as follows: (s1, s2);
The signature unit, is specifically used for:
A1: being arranged corresponding X parameter for each message to be signed, and the initial value of the corresponding X parameter of each message to be signed is set It is set to 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi× g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is highest Otherwise position, calculates if so, thening follow the steps A5By each message corresponding first to be signed with One, the left side of the present bit of machine number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the initial value of the corresponding X* parameter of each message to be signed It is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as current Position;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number, F is the present bit of the 4th random number, and h is the present bit of the 5th random number;
A8: the corresponding third random number of each message to be signed, the present bit of the 4th random number and the 5th random number are judged respectively Whether it is highest order, if so, thening follow the steps A9, otherwise, calculates V=v2, to be signed disappear each One, the left side of the present bit of corresponding third random number, the 4th random number and the 5th random number is ceased as present bit, returns to step Rapid A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula four respectively, wherein formula four are as follows:Its In, eiFor i-th of message m to be signediCorresponding E parameter, diFor each eiCorresponding random number;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six each Message corresponding second to be signed is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2=r(i,2)+ eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signediIt is corresponding Second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message m to be signediIt is right The second random number answered.
5. device according to claim 4, which is characterized in that the first acquisition unit is specifically used for:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key indicates Are as follows: (s1, s2)。
6. a kind of device of signature, the device including signature apparatus and verifying signature, which is characterized in that signature apparatus includes:
First receiving unit, for receiving external corresponding first signature of message to be signed and the second signature, every each of sent The corresponding third random number of a message to be signed and the 4th random number, the corresponding E* parameter of each message to be signed, formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter,For i-th of message m to be signediIt is corresponding X* parameter;
First computing unit, for calculating corresponding first parameter of the first signature of each message to be signed, root according to formula eight Corresponding second parameter of the second signature of each message to be signed is calculated according to formula nine, wherein formula eight are as follows:Formula nine are as follows: For i-th of message m to be signediCorresponding One, which signs, corresponds to the first parameter,For i-th of message m to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1It is i-th Message m to be signediCorresponding first signature, yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th to Signature information miCorresponding third random number, u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Generation unit, for generating the signature pair of each message to be signed, wherein the signature of i-th of message to be signed to for For i-th of message m to be signediCorresponding E* parameter;
Second receiving unit, for receive the external signature for each of sending message to be signed to and public key, wherein i-th to The signature of signature information to for For i-th of message m to be signediCorresponding E* parameter, miFor i-th wait sign Name message,For i-th of message m to be signediCorresponding first parameter,For i-th of message m to be signediCorresponding second ginseng Number, public key indicate are as follows: (g1, g2, p, q, t, v);
Second computing unit, for calculating the corresponding Z parameter of each message to be signed according to formula ten respectively, wherein formula ten Are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
Verifying signature apparatus includes: authentication unit, for being directed to each message to be signed, judges that current message to be signed is corresponding Whether Z parameter is identical as E* parameter, if it is, the signature of current message to be signed is to verifying is passed through, it is otherwise, current to be signed The signature of message is to not over verifying.
CN201510687881.3A 2015-10-21 2015-10-21 Method and device, the method and device of verifying signature of signature Active CN105406970B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510687881.3A CN105406970B (en) 2015-10-21 2015-10-21 Method and device, the method and device of verifying signature of signature

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510687881.3A CN105406970B (en) 2015-10-21 2015-10-21 Method and device, the method and device of verifying signature of signature

Publications (2)

Publication Number Publication Date
CN105406970A CN105406970A (en) 2016-03-16
CN105406970B true CN105406970B (en) 2019-03-12

Family

ID=55472234

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510687881.3A Active CN105406970B (en) 2015-10-21 2015-10-21 Method and device, the method and device of verifying signature of signature

Country Status (1)

Country Link
CN (1) CN105406970B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110971414B (en) 2017-11-10 2021-05-04 财付通支付科技有限公司 Method, device, terminal and server for generating signature

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101547099A (en) * 2009-05-07 2009-09-30 张键红 Elliptical curve-based method and elliptical curve-based device for self-authenticating signature
CN101710859A (en) * 2009-11-17 2010-05-19 深圳国微技术有限公司 Authentication key agreement method
CN101800641A (en) * 2009-12-29 2010-08-11 河南城建学院 Group signature method suitable for large groups
CN101989991A (en) * 2010-11-24 2011-03-23 北京天地融科技有限公司 Method for importing secret keys safely, electronic signature tool, authentication device and system
CN103428692A (en) * 2013-08-07 2013-12-04 华南理工大学 Wireless access network authentication method and wireless access network authentication system capable of holding accountability and protecting privacy
CN103780385A (en) * 2012-10-23 2014-05-07 航天信息股份有限公司 Blind signature method based on elliptic curve and device thereof

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2566098A1 (en) * 2011-08-29 2013-03-06 Thomson Licensing Signcryption method and device and corresponding signcryption verification method and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101547099A (en) * 2009-05-07 2009-09-30 张键红 Elliptical curve-based method and elliptical curve-based device for self-authenticating signature
CN101710859A (en) * 2009-11-17 2010-05-19 深圳国微技术有限公司 Authentication key agreement method
CN101800641A (en) * 2009-12-29 2010-08-11 河南城建学院 Group signature method suitable for large groups
CN101989991A (en) * 2010-11-24 2011-03-23 北京天地融科技有限公司 Method for importing secret keys safely, electronic signature tool, authentication device and system
CN103780385A (en) * 2012-10-23 2014-05-07 航天信息股份有限公司 Blind signature method based on elliptic curve and device thereof
CN103428692A (en) * 2013-08-07 2013-12-04 华南理工大学 Wireless access network authentication method and wireless access network authentication system capable of holding accountability and protecting privacy

Also Published As

Publication number Publication date
CN105406970A (en) 2016-03-16

Similar Documents

Publication Publication Date Title
US4996711A (en) Selected-exponent signature systems
CN106105093B (en) The method and apparatus that elliptic curve point for resisting other channel information leakage is multiplied
CA2288837C (en) Improved method and apparatus for protecting public key schemes from timing and fault attacks
EP1840732A1 (en) Protection against side channel attacks
CN104468476B (en) Method and apparatus without certificate multi-proxy signature
KR101142656B1 (en) A public key cryptographic method of protecting an electronic chip fraud
CN103049710B (en) Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm
CN108964914B (en) SM2 point multiplication architecture for resisting side channel attack
CN106487512A (en) A kind of RSA key is to quick-speed generation system and method
CN108063758A (en) For the node in the signature verification method of block chain network and block chain network
CN109818730A (en) Acquisition methods, device and the server of Proxy Signature
US20180183569A1 (en) Key processing method and device
US20130218937A1 (en) Arithmetic apparatus, elliptic scalar multiplication method of arithmetic apparatus, elliptic scalar multiplication program, residue operation method of arithmetic apparatus, and residue operation program
CN112118100B (en) Improved linkable ring signature method, verification method, device, electronic apparatus and medium
CN105956921A (en) Method and device for selecting bankcard number by user himself/herself
CN110008719A (en) A kind of file process, file test method and device
CN105406970B (en) Method and device, the method and device of verifying signature of signature
CN111291122A (en) Competitive bidding method and device based on block chain
CN103580869B (en) A kind of CRT-RSA signature method and device
Barenghi et al. A novel fault attack against ECDSA
JP5336056B2 (en) Point addition method and addition arithmetic unit in binary finite field for realizing defect detection operation using high-speed Montgomery power ladder algorithm
CN112887096A (en) Prime order elliptic curve generation method and system for signature and key exchange
CN106572066B (en) A kind of entity identities validation verification method and device thereof
CN104735081A (en) Method and system for outsourcing security mode indexes in cloud environment
CN107204856B (en) A kind of method and device detecting elliptic curve loophole

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant