CN105406970B - Method and device, the method and device of verifying signature of signature - Google Patents
Method and device, the method and device of verifying signature of signature Download PDFInfo
- Publication number
- CN105406970B CN105406970B CN201510687881.3A CN201510687881A CN105406970B CN 105406970 B CN105406970 B CN 105406970B CN 201510687881 A CN201510687881 A CN 201510687881A CN 105406970 B CN105406970 B CN 105406970B
- Authority
- CN
- China
- Prior art keywords
- signed
- message
- random number
- parameter
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 57
- 241000208340 Araliaceae Species 0.000 claims description 2
- 235000005035 Panax pseudoginseng ssp. pseudoginseng Nutrition 0.000 claims description 2
- 235000003140 Panax quinquefolius Nutrition 0.000 claims description 2
- 235000008434 ginseng Nutrition 0.000 claims description 2
- 238000012545 processing Methods 0.000 abstract description 20
- 238000004364 calculation method Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000005266 casting Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3257—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The present invention provides a kind of method and device of signature, a kind of method and device of verifying signature, the methods of the signature, comprising: obtain public key and private key;Obtain multiple message to be signed;Preset quantity random number is selected for each message to be signed;According to the public key and the private key and the corresponding preset quantity random number of each message to be signed, approval and sign name is carried out to all message to be signed.The present invention provides a kind of method and devices of signature, a kind of method and device of verifying signature, can be improved processing speed.
Description
Technical field
The present invention relates to field of information security technology, in particular to a kind of method and device of signature, a kind of verifying signature
Method and device.
Background technique
Along with the development of e-commerce, more and more electronic transactions are completed on the net, and data volume to be treated is non-
Often huge, this is pressure abnormal big for signer, while being also a very big test to user's patience.Cause
This, for the verifiability and non repudiation for guaranteeing digital information, Proxy Signature is a kind of effective tool.Proxy Signature not only can be with
It for protecting the information of user, while can guarantee the verifiability of data, be most common tool in electronic transaction.
In the prior art, it when carrying out Proxy Signature, for each file to be signed, needs to carry out blind label to file one by one
Name.When verifying Proxy Signature, it is also desirable to one by one to Proxy Signature Information Authentication.In short, the processing speed of the prior art is slower.
Summary of the invention
In view of this, the present invention provides a kind of method and device of signature, a kind of method and device of verifying signature, energy
Enough improve processing speed.
In a first aspect, the present invention provides a kind of methods of signature, comprising:
S1: public key and private key are obtained;
S2: multiple message to be signed are obtained;
S3: preset quantity random number is selected for each message to be signed;
S4: right according to the public key and the private key and the corresponding preset quantity random number of each message to be signed
All message to be signed carry out approval and sign name.
Further, the preset quantity random number includes: the first random number, the second random number, third random number,
Four random numbers, the 5th random number, the public key indicate are as follows: (g1, g2, p, q, t, v), the private key indicates are as follows: (s1, s2);
The S4, comprising:
A1: being arranged corresponding X parameter for each message to be signed, by the initial of the corresponding X parameter of each message to be signed
Value is set as 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi×
g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is
The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is most
Otherwise a high position, calculates if so, thening follow the steps A5By each message corresponding first to be signed
One, the left side of the present bit of random number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the corresponding X* parameter of each message to be signed just
Initial value is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as
Present bit;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number,
F is the present bit of the 4th random number, and h is the present bit of the 4th random number;
A8: working as the corresponding third random number of each message to be signed, the 4th random number and the 5th random number is judged respectively
Whether anteposition is highest order, if so, thening follow the steps A9, otherwise, is calculated V=v2, will be each wait sign
One, the left side of the present bit of the corresponding third random number of name message, the 4th random number and the 5th random number is used as present bit, returns
Return step A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula three respectively, wherein formula four are as follows:Wherein, eiFor i-th of message m to be signediCorresponding E parameter;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six
Each message to be signed corresponding second is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2=
r(i,2)+eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signedi
Corresponding second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message to be signed
miCorresponding second random number.
Further, the S1, comprising:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2;
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key
It indicates are as follows: (s1, s2)。
Second aspect, the present invention provides a kind of methods of signature, comprising:
Receive external corresponding first signature of message to be signed and the second signature, each message pair to be signed each of sent
The third random number and the 4th random number answered, the corresponding E* parameter of each message to be signed;
Corresponding first parameter of the first signature that each message to be signed is calculated according to formula eight, calculates often according to formula nine
Corresponding second parameter of the second signature of a message to be signed, wherein formula eight are as follows:Formula nine
Are as follows: For i-th of message m to be signediCorresponding first, which signs, corresponds to the first parameter,It is
I message ms to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1For i-th of message m to be signediCorresponding first label
Name, yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th of message m to be signediCorresponding third is random
Number, u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Generate the signature pair of each message to be signed, wherein the signature of i-th of message to be signed to for For i-th of message m to be signediCorresponding E* parameter.
The third aspect, the present invention provides a kind of methods of verifying signature, comprising:
Receive the external signature for each of sending message to be signed to and public key, wherein the signature of i-th of message to be signed
To for For i-th of message m to be signediCorresponding E* parameter, miFor i-th of message to be signed,It is
I message ms to be signediCorresponding first parameter,For i-th of message m to be signediCorresponding second parameter, public key indicate are as follows:
(g1, g2, p, q, t, v);
The corresponding Z parameter of each message to be signed is calculated according to formula ten respectively, wherein formula ten are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
For each message to be signed, currently whether the corresponding Z parameter of message to be signed and E* parameter are identical for judgement, if
It is that then the signature of current message to be signed is to by verifying, and otherwise, the signature of current message to be signed is to not over verifying.
Fourth aspect, the present invention provides a kind of devices of signature, comprising:
First acquisition unit, for obtaining public key and private key;
Second acquisition unit, for obtaining multiple message to be signed;
Selecting unit, for selecting preset quantity random number for each message to be signed;
Signature unit, for according to the public key and the private key and the corresponding preset quantity of each message to be signed
Random number carries out approval and sign name to all message to be signed.
Further, the preset quantity random number includes: the first random number, the second random number, third random number,
Four random numbers, the 5th random number, the public key indicate are as follows: (g1, g2, p, q, t, v), the private key indicates are as follows: (s1, s2);
The signature unit, is specifically used for:
A1: being arranged corresponding X parameter for each message to be signed, by the initial of the corresponding X parameter of each message to be signed
Value is set as 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi×
g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is
The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is most
Otherwise a high position, calculates if so, thening follow the steps A5By each message corresponding first to be signed
One, the left side of the present bit of random number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the corresponding X* parameter of each message to be signed just
Initial value is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as
Present bit;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number,
F is the present bit of the 4th random number, and h is the present bit of the 4th random number;
A8: working as the corresponding third random number of each message to be signed, the 4th random number and the 5th random number is judged respectively
Whether anteposition is highest order, if so, thening follow the steps A9, otherwise, is calculated V=v2, will be each wait sign
One, the left side of the present bit of the corresponding third random number of name message, the 4th random number and the 5th random number is used as present bit, returns
Return step A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula three respectively, wherein formula four are as follows:Wherein, eiFor i-th of message m to be signediCorresponding E parameter;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six
Each message to be signed corresponding second is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2=
r(i,2)+eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signedi
Corresponding second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message to be signed
miCorresponding second random number.
Further, the first acquisition unit, is specifically used for:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2;
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key
It indicates are as follows: (s1, s2)。
5th aspect, the present invention provides a kind of devices of signature, comprising:
First receiving unit, for receiving external corresponding first signature of message to be signed and the second label each of sent
Name, the corresponding third random number of each message to be signed and the 4th random number, the corresponding E* parameter of each message to be signed;
First computing unit, corresponding first ginseng of the first signature for calculating each message to be signed according to formula eight
Number calculates corresponding second parameter of the second signature of each message to be signed according to formula nine, wherein formula eight are as follows:Formula nine are as follows: For i-th of message m to be signediCorresponding
One, which signs, corresponds to the first parameter,For i-th of message m to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1It is i-th
Message m to be signediCorresponding first signature, yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th to
Signature information miCorresponding third random number, u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Generation unit, for generating the signature pair of each message to be signed, wherein the signature pair of i-th of message to be signed
For For i-th of message m to be signediCorresponding E* parameter.
6th aspect, the present invention provides a kind of devices of verifying signature, comprising:
Second receiving unit, for receive the external signature for each of sending message to be signed to and public key, wherein i-th
The signature of a message to be signed to for For i-th of message m to be signediCorresponding E* parameter, miIt is i-th
Message to be signed,For i-th of message m to be signediCorresponding first parameter,For i-th of message m to be signediCorresponding
Two parameters, public key indicate are as follows: (g1, g2, p, q, t, v);
Second computing unit, for calculating the corresponding Z parameter of each message to be signed according to formula ten respectively, wherein public
Formula ten are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
Authentication unit judges the corresponding Z parameter of current message to be signed and E* parameter for being directed to each message to be signed
It is whether identical, if it is, currently the signature of message to be signed is to verifying is passed through, otherwise, the signature pair of current message to be signed
Not over verifying.
A kind of method and device of signature provided by the invention, it is a kind of verifying signature method and device, obtain it is multiple to
Signature information, and select preset quantity random number for each message to be signed, according to a pair of of public key and private key, and each to
The corresponding preset quantity random number of signature information carries out approval and sign name to all message to be signed, improves the processing speed of signature
Degree.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is the present invention
Some embodiments for those of ordinary skill in the art without creative efforts, can also basis
These attached drawings obtain other attached drawings.
Fig. 1 is a kind of flow chart of the method for signature that one embodiment of the invention provides;
Fig. 2 is the flow chart of the method for another signature that one embodiment of the invention provides;
Fig. 3 is a kind of flow chart of the method for verifying signature that one embodiment of the invention provides;
Fig. 4 is a kind of schematic diagram of the device for signature that one embodiment of the invention provides;
Fig. 5 is the schematic diagram of the device for another signature that one embodiment of the invention provides;
Fig. 6 is a kind of schematic diagram of the device for verifying signature that one embodiment of the invention provides.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments, based on the embodiments of the present invention, those of ordinary skill in the art
Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
As shown in Figure 1, this method may comprise steps of the embodiment of the invention provides a kind of method of signature:
S1: public key and private key are obtained;
S2: multiple message to be signed are obtained;
S3: preset quantity random number is selected for each message to be signed;
S4: right according to the public key and the private key and the corresponding preset quantity random number of each message to be signed
All message to be signed carry out approval and sign name.
A kind of method of the signature provided through the embodiment of the present invention obtains multiple message to be signed, and for each wait sign
Name message selects preset quantity random number, according to a pair of of public key and private key and the corresponding present count of each message to be signed
A random number is measured, approval and sign name is carried out to all message to be signed, improves the processing speed of signature.
In one possible implementation, the preset quantity random number include: the first random number, it is second random
Number, third random number, the 4th random number, the 5th random number, the public key indicate are as follows: (g1, g2, p, q, t, v), the private key table
It is shown as: (s1, s2);
The S4, comprising:
A1: being arranged corresponding X parameter for each message to be signed, by the initial of the corresponding X parameter of each message to be signed
Value is set as 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi×
g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is
The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is most
Otherwise a high position, calculates if so, thening follow the steps A5By each message corresponding first to be signed
One, the left side of the present bit of random number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the corresponding X* parameter of each message to be signed just
Initial value is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as
Present bit;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number,
F is the present bit of the 4th random number, and h is the present bit of the 4th random number;
A8: working as the corresponding third random number of each message to be signed, the 4th random number and the 5th random number is judged respectively
Whether anteposition is highest order, if so, thening follow the steps A9, otherwise, is calculated V=v2, will be each wait sign
One, the left side of the present bit of the corresponding third random number of name message, the 4th random number and the 5th random number is used as present bit, returns
Return step A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula three respectively, wherein formula four are as follows:Wherein, eiFor i-th of message m to be signediCorresponding E parameter;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six
Each message to be signed corresponding second is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2=
r(i,2)+eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signedi
Corresponding second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message to be signed
miCorresponding second random number.
In this implementation, right in step A4 since each message to be signed uses identical public keyIt is once calculated, in the processing that all message to be signed can be used, without for each wait sign
Name message is respectively calculated, and significantly reduces the operation times of multiplication, is also therefore saved and is calculated the time, improves
Efficiency is equally, right in step A8V=v2It is once calculated, without to be signed disappearing for each
Breath is respectively calculated, and in the processing that can use all message to be signed, improves processing speed and efficiency.
In addition, before step A2, it can be using the JSF algorithm of SDR algorithm or Solina to the first random number and second
Random number is recompiled, and can be reduced the joint hamming value of the first random number and the second random number in this way, be reduced subsequent meter
The calculation amount of calculation, accelerates processing speed.The first random number and the second random number in A2 and subsequent step are attached most importance to newly organized
The first random number and the second random number after code.
It similarly, can be using the JSF algorithm of SDR algorithm or Solina to third random number, the 4th before step A6
Random number and the 5th random number are recompiled, and can reduce third random number, the 4th random number and the 5th random number in this way
Joint hamming value, reduce the calculation amount of subsequent calculating, accelerate processing speed.Third in A6 and subsequent step is random
Number, the 4th random number and the 5th random number are third random number, the 4th random number and the 5th random number after recompiling.
In step A4, when the present bit for judging current message to be signed corresponding first random number and the second random number
When being highest order, then the X parameter of available current message to be signed, when all corresponding first random numbers of message to be signed
When present bit with the second random number is highest order, the X parameter of available all message to be signed can specifically pass through
Following manner indicates:
In step A8, when judge the corresponding third random number of current message to be signed, the 4th random number and the 5th with
When the present bit of machine number is highest order, then the X* parameter of available current message to be signed, when all message pair to be signed
It is available all to be signed to disappear when the present bit of third random number, the 4th random number and the 5th random number answered is highest order
The X* parameter of breath can specifically indicate in the following manner:
In addition, message to be signed provided in an embodiment of the present invention can be by blind transformed message.
In one possible implementation, the S1, comprising:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2;
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key
It indicates are as follows: (s1, s2)。
It can also include: to receive externally input security parameter, the B2, comprising: join according to safety before step B2
Number determines that order is the group Z of qp*.In general, security parameter numerical value is bigger, and selected group is also bigger.
In step B3, generating member in random selection domain can be from Pairing-Based Cryptosystems function packet
Middle calling library function is realized.Step S3 can also be realized by this way.
The primary message to be signed for carrying out approval and sign name number, can be determined according to the traffic in the unit time.This
The method that inventive embodiments provide can be realized at signature end.
Referring to fig. 2, the embodiment of the invention provides a kind of methods of signature, comprising:
Step 201: corresponding first signature of each of reception outside is sent message to be signed and second is signed, each wait sign
The corresponding third random number of name message and the 4th random number, the corresponding E* parameter of each message to be signed;
Step 202: corresponding first parameter of the first signature of each message to be signed is calculated according to formula eight, according to formula
Nine calculate corresponding second parameter of the second signature of each message to be signed, wherein formula eight are as follows:
Formula nine are as follows: For i-th of message m to be signediCorresponding first, which signs, corresponds to the first parameter,For i-th of message m to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1For i-th of message m to be signediIt is corresponding
First signature, yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th of message m to be signediCorresponding
Three random numbers, u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Step 203: generating the signature pair of each message to be signed, wherein the signature of i-th of message to be signed to for For i-th of message m to be signediCorresponding E* parameter.
In this implementation, according to the first of each message to be signed the signature and the second signature, further it is located in
Reason, obtains the signature pair of each message to be signed.Method in the embodiment can realize in client, and signature end will obtain
First signature and the second signature are sent to client, and client is being handled.In Proxy Signature, client is needed to receiving
Information carry out processing of casting off illiteracy.
Referring to Fig. 3, the embodiment of the invention provides a kind of methods of verifying signature, comprising:
Step 301: receive the external signature for each of sending message to be signed to and public key, wherein i-th to be signed to disappear
The signature of breath to for For i-th of message m to be signediCorresponding E* parameter, miTo be signed disappear for i-th
Breath,For i-th of message m to be signediCorresponding first parameter,For i-th of message m to be signediCorresponding second parameter,
Public key indicates are as follows: (g1, g2, p, q, t, v);
Step 302: the corresponding Z parameter of each message to be signed being calculated according to formula ten respectively, wherein formula ten are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
Step 303: being directed to each message to be signed, whether are the corresponding Z parameter of the current message to be signed of judgement and E* parameter
Identical, if it is, the signature of current message to be signed is to by verifying, otherwise, the signature of current message to be signed is not to having
Pass through verifying.
The method provided by the embodiment, to the signature received to verifying.It is tested in the embodiment using batch
The method of card, to the signature received to and meanwhile handle, save processing the time.It is needed during carrying out batch validation
It calculatesDue to the truth of a matter g of each signature centering1、g2, v it is all the same, therefore to the truth of a matter carry out operation when, can
With by once-through operation as a result, be used for all signatures in verifying, save processing the time, improve processing speed.Specifically
, calculated result can indicate in the following manner:Method provided in an embodiment of the present invention can
To be realized in verifying end.
Referring to fig. 4, the embodiment of the invention provides a kind of devices of signature, comprising:
First acquisition unit 401, for obtaining public key and private key;
Second acquisition unit 402, for obtaining multiple message to be signed;
Selecting unit 403, for selecting preset quantity random number for each message to be signed;
Signature unit 404, for according to the public key and the private key and the corresponding present count of each message to be signed
A random number is measured, approval and sign name is carried out to all message to be signed.
In one possible implementation, the preset quantity random number include: the first random number, it is second random
Number, third random number, the 4th random number, the 5th random number, the public key indicate are as follows: (g1, g2, p, q, t, v), the private key table
It is shown as: (s1, s2);
The signature unit 404, is specifically used for:
A1: being arranged corresponding X parameter for each message to be signed, by the initial of the corresponding X parameter of each message to be signed
Value is set as 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi×
g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is
The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is most
Otherwise a high position, calculates if so, thening follow the steps A5By each message corresponding first to be signed
One, the left side of the present bit of random number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the corresponding X* parameter of each message to be signed just
Initial value is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as
Present bit;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number,
F is the present bit of the 4th random number, and h is the present bit of the 4th random number;
A8: working as the corresponding third random number of each message to be signed, the 4th random number and the 5th random number is judged respectively
Whether anteposition is highest order, if so, thening follow the steps A9, otherwise, is calculated V=v2, will be each wait sign
One, the left side of the present bit of the corresponding third random number of name message, the 4th random number and the 5th random number is used as present bit, returns
Return step A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula three respectively, wherein formula four are as follows:Wherein, eiFor i-th of message m to be signediCorresponding E parameter;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six
Each message to be signed corresponding second is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2=
r(i,2)+eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signedi
Corresponding second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message to be signed
miCorresponding second random number.
In one possible implementation, the first acquisition unit 401, is specifically used for:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2;
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key
It indicates are as follows: (s1, s2)。
Referring to Fig. 5, the embodiment of the invention provides a kind of devices of signature, comprising:
First receiving unit 501, for receiving external corresponding first signature of message to be signed and second of each of sending
Signature, the corresponding third random number of each message to be signed and the 4th random number, the corresponding E* parameter of each message to be signed;
First computing unit 502, for calculating the first signature corresponding first of each message to be signed according to formula eight
Parameter calculates corresponding second parameter of the second signature of each message to be signed according to formula nine, wherein formula eight are as follows:Formula nine are as follows: For i-th of message m to be signediCorresponding
One, which signs, corresponds to the first parameter,For i-th of message m to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1It is i-th
Message m to be signediCorresponding first signature, yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th to
Signature information miCorresponding third random number, u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Generation unit 503, for generating the signature pair of each message to be signed, wherein the signature of i-th of message to be signed
To for For i-th of message m to be signediCorresponding E* parameter.
Referring to Fig. 6, the embodiment of the invention provides a kind of devices of verifying signature, comprising:
Second receiving unit 601, for receive the external signature for each of sending message to be signed to and public key, wherein
The signature of i-th of message to be signed to for For i-th of message m to be signediCorresponding E* parameter, miIt is
I message to be signed,For i-th of message m to be signediCorresponding first parameter,For i-th of message m to be signediIt is corresponding
The second parameter, public key indicate are as follows: (g1, g2, p, q, t, v);
Second computing unit 602, for calculating the corresponding Z parameter of each message to be signed according to formula ten respectively, wherein
Formula ten are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
Authentication unit 603 judges the corresponding Z parameter of current message to be signed and E* for being directed to each message to be signed
Whether parameter is identical, if it is, currently the signature of message to be signed is to verifying is passed through, otherwise, the label of current message to be signed
Name is to not over verifying.
The contents such as the information exchange between each unit, implementation procedure in above-mentioned apparatus, due to implementing with the method for the present invention
Example is based on same design, and for details, please refer to the description in the embodiment of the method for the present invention, and details are not described herein again.
It should be understood that the embodiment of the invention provides a kind of method and devices of signature, a kind of side of verifying signature
Method and device can be realized based on elliptic curve, can quickly generate multiple signatures, and the processing speed of signature is effectively accelerated
Degree.For the verifying end of verifying signature, the speed of verifying can be accelerated, reduce the time of waiting.
The embodiment of the invention provides a kind of method and devices of signature, a kind of method and device of verifying signature, have
It is following the utility model has the advantages that
1, a kind of method and device of the signature provided through the embodiment of the present invention obtains multiple message to be signed, and is
Each message to be signed selects preset quantity random number, corresponding according to a pair of of public key and private key and each message to be signed
Preset quantity random number, approval and sign names are carried out to all message to be signed, improve the processing speed of signature.
2, the method and device of a kind of signature provided through the embodiment of the present invention, in this implementation, due to each
Message to be signed uses identical public key, rightIt is once calculated, all to be signed disappear can be used
In the processing of breath, significantly reduce the operation times of multiplication, also therefore saves and calculate the time, improve efficiency, together
Sample, it is rightV=v2It is once calculated, in the processing that all message to be signed can be used, is improved
Processing speed and efficiency.
3, a kind of method and device of signature provided in an embodiment of the present invention, a kind of method and device of verifying signature,
Can be protected by the safety of data and prevent from forging for verifying data signature using this method under the environment such as bank.
4, the method and device of a kind of verifying signature provided in an embodiment of the present invention, heavy signature verification task is carried out
Batch processing is carried out while being verified to multiple signatures using batch method of verifying during verifying, effectively saves meter
Evaluation time.
It should be noted that, in this document, such as first and second etc relational terms are used merely to an entity
Or operation is distinguished with another entity or operation, is existed without necessarily requiring or implying between these entities or operation
Any actual relationship or order.Moreover, the terms "include", "comprise" or its any other variant be intended to it is non-
It is exclusive to include, so that the process, method, article or equipment for including a series of elements not only includes those elements,
It but also including other elements that are not explicitly listed, or further include solid by this process, method, article or equipment
Some elements.In the absence of more restrictions, the element limited by sentence " including one ", is not arranged
Except there is also other identical factors in the process, method, article or apparatus that includes the element.
Those of ordinary skill in the art will appreciate that: realize that all or part of the steps of above method embodiment can pass through
The relevant hardware of program instruction is completed, and program above-mentioned can store in computer-readable storage medium, the program
When being executed, step including the steps of the foregoing method embodiments is executed;And storage medium above-mentioned includes: ROM, RAM, magnetic disk or light
In the various media that can store program code such as disk.
Finally, it should be noted that the foregoing is merely presently preferred embodiments of the present invention, it is merely to illustrate skill of the invention
Art scheme, is not intended to limit the scope of the present invention.Any modification for being made all within the spirits and principles of the present invention,
Equivalent replacement, improvement etc., are included within the scope of protection of the present invention.
Claims (6)
1. a kind of method of signature characterized by comprising
S1: public key and private key are obtained;
S2: multiple message to be signed are obtained;
S3: preset quantity random number is selected for each message to be signed;
S4: according to the public key and the private key and the corresponding preset quantity random number of each message to be signed, to all
Message to be signed carries out approval and sign name;
The preset quantity random number includes: the first random number, the second random number, third random number, the 4th random number, the 5th
Random number, the public key indicate are as follows: (g1, g2, p, q, t, v), the private key indicates are as follows: (s1, s2);
The S4, comprising:
A1: being arranged corresponding X parameter for each message to be signed, and the initial value of the corresponding X parameter of each message to be signed is set
It is set to 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi×
g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is
The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is highest
Otherwise position, calculates if so, thening follow the steps A5By each message corresponding first to be signed with
One, the left side of the present bit of machine number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the initial value of the corresponding X* parameter of each message to be signed
It is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as current
Position;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number,
F is the present bit of the 4th random number, and h is the present bit of the 5th random number;
A8: the corresponding third random number of each message to be signed, the present bit of the 4th random number and the 5th random number are judged respectively
Whether it is highest order, if so, thening follow the steps A9, otherwise, calculates V=v2, to be signed disappear each
One, the left side of the present bit of corresponding third random number, the 4th random number and the 5th random number is ceased as present bit, returns to step
Rapid A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula four respectively, wherein formula four are as follows:Its
In, eiFor i-th of message m to be signediCorresponding E parameter, diFor each eiCorresponding random number;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six each
Message corresponding second to be signed is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2=r(i,2)+
eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signediIt is corresponding
Second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message m to be signediIt is right
The second random number answered.
2. the method according to claim 1, wherein the S1, comprising:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2;
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key indicates
Are as follows: (s1, s2)。
3. a kind of method of signature characterized by comprising
It receives and external each of sends corresponding first signature of message to be signed and second sign, each message to be signed are corresponding
Third random number and the 4th random number, the corresponding E* parameter of each message to be signed, wherein formula three are as follows:
Wherein,For i-th of message m to be signediCorresponding E* parameter,For i-th of message m to be signediCorresponding X* parameter;
The first corresponding first parameter of signature that each message to be signed is calculated according to formula eight, according to formula nine calculate each to
Corresponding second parameter of the second signature of signature information, wherein formula eight are as follows:Formula nine are as follows: For i-th of message m to be signediCorresponding first, which signs, corresponds to the first parameter,It is i-th
Message m to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1For i-th of message m to be signediCorresponding first signature,
yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th of message m to be signediCorresponding third random number,
u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Generate the signature pair of each message to be signed, wherein the signature of i-th of message to be signed to for For
I-th of message m to be signediCorresponding E* parameter;
Receive the external signature for each of sending message to be signed to and public key, wherein the signature of i-th of message to be signed to for For i-th of message m to be signediCorresponding E* parameter, miFor i-th of message to be signed,It is i-th
Message m to be signediCorresponding first parameter,For i-th of message m to be signediCorresponding second parameter, public key indicate are as follows:
(g1, g2, p, q, t, v);
The corresponding Z parameter of each message to be signed is calculated according to formula ten respectively, wherein formula ten are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
For each message to be signed, currently whether the corresponding Z parameter of message to be signed and E* parameter are identical for judgement, if so,
Then the signature of current message to be signed is to by verifying, and otherwise, the signature of current message to be signed is to not over verifying.
4. a kind of device of signature characterized by comprising
First acquisition unit, for obtaining public key and private key;
Second acquisition unit, for obtaining multiple message to be signed;
Selecting unit, for selecting preset quantity random number for each message to be signed;
Signature unit, for random according to the public key and the private key and the corresponding preset quantity of each message to be signed
Number carries out approval and sign name to all message to be signed;
The preset quantity random number includes: the first random number, the second random number, third random number, the 4th random number, the 5th
Random number, the public key indicate are as follows: (g1, g2, p, q, t), the private key indicates are as follows: (s1, s2);
The signature unit, is specifically used for:
A1: being arranged corresponding X parameter for each message to be signed, and the initial value of the corresponding X parameter of each message to be signed is set
It is set to 1;
A2: using the lowest order of corresponding first random number of each message to be signed and the second random number as present bit;
A3: the corresponding X parameter of each message to be signed is calculated according to formula one respectively, wherein formula one are as follows: xi=xi×
g1 ag2 b, wherein xiFor i-th of message m to be signediCorresponding X parameter, i=1 ..., n, i are positive integer, and n is positive integer, and n is
The quantity of the message to be signed obtained, a are the present bit of the first random number, and b is the present bit of the second random number;
A4: whether the present bit for judging corresponding first random number of each message to be signed and the second random number respectively is highest
Otherwise position, calculates if so, thening follow the steps A5By each message corresponding first to be signed with
One, the left side of the present bit of machine number and the second random number is used as present bit, return step A3;
A5: being arranged corresponding X* parameter for each message to be signed, by the initial value of the corresponding X* parameter of each message to be signed
It is set as 1;
A6: using the corresponding third random number of each message to be signed, the 4th random number, the 5th random number lowest order as current
Position;
A7: the corresponding X* parameter of each message to be signed is calculated according to formula two respectively, wherein formula two are as follows:Wherein,For i-th of message m to be signediCorresponding X* parameter, c are the present bit of third random number,
F is the present bit of the 4th random number, and h is the present bit of the 5th random number;
A8: the corresponding third random number of each message to be signed, the present bit of the 4th random number and the 5th random number are judged respectively
Whether it is highest order, if so, thening follow the steps A9, otherwise, calculates V=v2, to be signed disappear each
One, the left side of the present bit of corresponding third random number, the 4th random number and the 5th random number is ceased as present bit, returns to step
Rapid A7;
A9: the corresponding E* parameter of each message to be signed is calculated according to formula three respectively, wherein formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter;
A10: the corresponding E parameter of each message to be signed is calculated according to formula four respectively, wherein formula four are as follows:Its
In, eiFor i-th of message m to be signediCorresponding E parameter, diFor each eiCorresponding random number;
A11: corresponding first signature of each message to be signed is calculated according to formula five respectively, is calculated respectively according to formula six each
Message corresponding second to be signed is signed, wherein formula five are as follows: yi,1=r(i,1)+eis1Modq, formula six are as follows: yi,2=r(i,2)+
eis2Modq, wherein yi,1For i-th of message m to be signediCorresponding first signature, yi,2For i-th of message m to be signediIt is corresponding
Second signature, r(i,1)For i-th of message m to be signediCorresponding first random number, r(i,2)For i-th of message m to be signediIt is right
The second random number answered.
5. device according to claim 4, which is characterized in that the first acquisition unit is specifically used for:
B1: selection meets q | two prime number ps and q of (p-1);
B2: determine that order is the group Z of qp*;
B3: from the group Zp* two generation member g are randomly choosed in1, g2;
B4: domain Z is determinedq, from the domain ZqThree random element s of middle determination1, s2, t;
B5: v, formula seven are calculated according to formula seven are as follows:
B6: the public key and the private key are generated, wherein the public key indicates are as follows: (g1, g2, p, q, t, v), the private key indicates
Are as follows: (s1, s2)。
6. a kind of device of signature, the device including signature apparatus and verifying signature, which is characterized in that signature apparatus includes:
First receiving unit, for receiving external corresponding first signature of message to be signed and the second signature, every each of sent
The corresponding third random number of a message to be signed and the 4th random number, the corresponding E* parameter of each message to be signed, formula three are as follows:Wherein,For i-th of message m to be signediCorresponding E* parameter,For i-th of message m to be signediIt is corresponding
X* parameter;
First computing unit, for calculating corresponding first parameter of the first signature of each message to be signed, root according to formula eight
Corresponding second parameter of the second signature of each message to be signed is calculated according to formula nine, wherein formula eight are as follows:Formula nine are as follows: For i-th of message m to be signediCorresponding
One, which signs, corresponds to the first parameter,For i-th of message m to be signediCorresponding second, which signs, corresponds to the second parameter, yi,1It is i-th
Message m to be signediCorresponding first signature, yi,2For i-th of message m to be signediCorresponding second signature, u(i,1)For i-th to
Signature information miCorresponding third random number, u(i,2)For i-th of message m to be signediCorresponding 4th random number;
Generation unit, for generating the signature pair of each message to be signed, wherein the signature of i-th of message to be signed to for For i-th of message m to be signediCorresponding E* parameter;
Second receiving unit, for receive the external signature for each of sending message to be signed to and public key, wherein i-th to
The signature of signature information to for For i-th of message m to be signediCorresponding E* parameter, miFor i-th wait sign
Name message,For i-th of message m to be signediCorresponding first parameter,For i-th of message m to be signediCorresponding second ginseng
Number, public key indicate are as follows: (g1, g2, p, q, t, v);
Second computing unit, for calculating the corresponding Z parameter of each message to be signed according to formula ten respectively, wherein formula ten
Are as follows:ZiFor i-th of message m to be signediCorresponding Z parameter;
Verifying signature apparatus includes: authentication unit, for being directed to each message to be signed, judges that current message to be signed is corresponding
Whether Z parameter is identical as E* parameter, if it is, the signature of current message to be signed is to verifying is passed through, it is otherwise, current to be signed
The signature of message is to not over verifying.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510687881.3A CN105406970B (en) | 2015-10-21 | 2015-10-21 | Method and device, the method and device of verifying signature of signature |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510687881.3A CN105406970B (en) | 2015-10-21 | 2015-10-21 | Method and device, the method and device of verifying signature of signature |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105406970A CN105406970A (en) | 2016-03-16 |
CN105406970B true CN105406970B (en) | 2019-03-12 |
Family
ID=55472234
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510687881.3A Active CN105406970B (en) | 2015-10-21 | 2015-10-21 | Method and device, the method and device of verifying signature of signature |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105406970B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110971414B (en) | 2017-11-10 | 2021-05-04 | 财付通支付科技有限公司 | Method, device, terminal and server for generating signature |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101547099A (en) * | 2009-05-07 | 2009-09-30 | 张键红 | Elliptical curve-based method and elliptical curve-based device for self-authenticating signature |
CN101710859A (en) * | 2009-11-17 | 2010-05-19 | 深圳国微技术有限公司 | Authentication key agreement method |
CN101800641A (en) * | 2009-12-29 | 2010-08-11 | 河南城建学院 | Group signature method suitable for large groups |
CN101989991A (en) * | 2010-11-24 | 2011-03-23 | 北京天地融科技有限公司 | Method for importing secret keys safely, electronic signature tool, authentication device and system |
CN103428692A (en) * | 2013-08-07 | 2013-12-04 | 华南理工大学 | Wireless access network authentication method and wireless access network authentication system capable of holding accountability and protecting privacy |
CN103780385A (en) * | 2012-10-23 | 2014-05-07 | 航天信息股份有限公司 | Blind signature method based on elliptic curve and device thereof |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2566098A1 (en) * | 2011-08-29 | 2013-03-06 | Thomson Licensing | Signcryption method and device and corresponding signcryption verification method and device |
-
2015
- 2015-10-21 CN CN201510687881.3A patent/CN105406970B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101547099A (en) * | 2009-05-07 | 2009-09-30 | 张键红 | Elliptical curve-based method and elliptical curve-based device for self-authenticating signature |
CN101710859A (en) * | 2009-11-17 | 2010-05-19 | 深圳国微技术有限公司 | Authentication key agreement method |
CN101800641A (en) * | 2009-12-29 | 2010-08-11 | 河南城建学院 | Group signature method suitable for large groups |
CN101989991A (en) * | 2010-11-24 | 2011-03-23 | 北京天地融科技有限公司 | Method for importing secret keys safely, electronic signature tool, authentication device and system |
CN103780385A (en) * | 2012-10-23 | 2014-05-07 | 航天信息股份有限公司 | Blind signature method based on elliptic curve and device thereof |
CN103428692A (en) * | 2013-08-07 | 2013-12-04 | 华南理工大学 | Wireless access network authentication method and wireless access network authentication system capable of holding accountability and protecting privacy |
Also Published As
Publication number | Publication date |
---|---|
CN105406970A (en) | 2016-03-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US4996711A (en) | Selected-exponent signature systems | |
CN106105093B (en) | The method and apparatus that elliptic curve point for resisting other channel information leakage is multiplied | |
CA2288837C (en) | Improved method and apparatus for protecting public key schemes from timing and fault attacks | |
EP1840732A1 (en) | Protection against side channel attacks | |
CN104468476B (en) | Method and apparatus without certificate multi-proxy signature | |
KR101142656B1 (en) | A public key cryptographic method of protecting an electronic chip fraud | |
CN103049710B (en) | Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm | |
CN108964914B (en) | SM2 point multiplication architecture for resisting side channel attack | |
CN106487512A (en) | A kind of RSA key is to quick-speed generation system and method | |
CN108063758A (en) | For the node in the signature verification method of block chain network and block chain network | |
CN109818730A (en) | Acquisition methods, device and the server of Proxy Signature | |
US20180183569A1 (en) | Key processing method and device | |
US20130218937A1 (en) | Arithmetic apparatus, elliptic scalar multiplication method of arithmetic apparatus, elliptic scalar multiplication program, residue operation method of arithmetic apparatus, and residue operation program | |
CN112118100B (en) | Improved linkable ring signature method, verification method, device, electronic apparatus and medium | |
CN105956921A (en) | Method and device for selecting bankcard number by user himself/herself | |
CN110008719A (en) | A kind of file process, file test method and device | |
CN105406970B (en) | Method and device, the method and device of verifying signature of signature | |
CN111291122A (en) | Competitive bidding method and device based on block chain | |
CN103580869B (en) | A kind of CRT-RSA signature method and device | |
Barenghi et al. | A novel fault attack against ECDSA | |
JP5336056B2 (en) | Point addition method and addition arithmetic unit in binary finite field for realizing defect detection operation using high-speed Montgomery power ladder algorithm | |
CN112887096A (en) | Prime order elliptic curve generation method and system for signature and key exchange | |
CN106572066B (en) | A kind of entity identities validation verification method and device thereof | |
CN104735081A (en) | Method and system for outsourcing security mode indexes in cloud environment | |
CN107204856B (en) | A kind of method and device detecting elliptic curve loophole |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |