CN108259184B - Digital signature and signature verification method and device based on user identification - Google Patents

Digital signature and signature verification method and device based on user identification Download PDF

Info

Publication number
CN108259184B
CN108259184B CN201810037962.2A CN201810037962A CN108259184B CN 108259184 B CN108259184 B CN 108259184B CN 201810037962 A CN201810037962 A CN 201810037962A CN 108259184 B CN108259184 B CN 108259184B
Authority
CN
China
Prior art keywords
data
register
parameter
result
submodule
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810037962.2A
Other languages
Chinese (zh)
Other versions
CN108259184A (en
Inventor
陆舟
于华章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Feitian Technologies Co Ltd
Original Assignee
Feitian Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Feitian Technologies Co Ltd filed Critical Feitian Technologies Co Ltd
Priority to CN201810037962.2A priority Critical patent/CN108259184B/en
Publication of CN108259184A publication Critical patent/CN108259184A/en
Application granted granted Critical
Publication of CN108259184B publication Critical patent/CN108259184B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Mathematical Physics (AREA)
  • Physics & Mathematics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Computing Systems (AREA)
  • Mathematical Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the field of information security, in particular to a digital signature and signature verification method and a device based on user identification.A CPU (central processing unit) uses a signature private key associated with the user identification to operate data to be signed to generate a data signature when signing; when the signature is verified, the CPU verifies the reliability of the signature by using the user identifier.

Description

Digital signature and signature verification method and device based on user identification
Technical Field
The invention relates to the field of information security, in particular to a digital signature and signature verification method and device based on user identification.
Background
Digital signature technology is the technology of identity authentication, and digital signature is to add some data to a data unit or to perform encryption transformation on the data unit. This additional data or transformation enables the recipient of the data unit to confirm the source of the data unit, ensures the integrity, legitimacy and authenticity of the data unit, and prevents the data from being forged or tampered by others; the digital signature is realized based on a public key cryptosystem, namely, a signature result needs to be verified through a public key, but before the verification process, a third party is often required to check the authenticity of the public key, and the public key management is complex and tedious.
Disclosure of Invention
The invention provides a digital signature and signature verification method and device based on user identification;
the invention provides a digital signature method based on user identification, which comprises the following steps:
step S1, when receiving the data to be signed, the CPU saves the data to be signed;
step S2, the CPU generates a random number through the random number generator, and writes the random number into the second register;
step S3, the CPU reads the pre-stored first parameter and the signature main public key, converts the data types of the first parameter and the signature main public key into points on a preset elliptic curve, performs bilinear pairing operation according to the converted first parameter and the signature main public key, performs power operation with the data of the second register, converts the data type of the operation result into a byte string, and writes the converted operation result into the first register;
step S4, the CPU obtains the data to be signed and the pre-stored second parameter, and carries out the first hash operation according to the data to be signed, the data of the first register and the second parameter, and writes the operation result into the first register;
step S5, the CPU reads the second parameter, and carries out the first preset operation according to the data of the first register, the data of the second register and the second parameter, and writes the operation result into the second register;
step S6, the CPU reads the signature private key associated with the user identification, converts the data type of the signature private key into a point on a preset elliptic curve, performs a second preset operation according to the data of the second register and the converted signature private key, converts the data type of the operation result into a byte string, and writes the converted operation result into the second register;
in step S7, the CPU outputs the data of the first register and the data of the second register as digital signatures.
The invention provides a user identification-based label checking method, which comprises the following steps:
step R1, when receiving the data to be signed, the digital signature and the user identification, the CPU intercepts the digital signature according to a preset rule to obtain first data and second data, and stores the first data, the second data, the data to be signed and the user identification;
step R2, the CPU reads the first data and the pre-stored first parameter and signature main public key, converts the data type of the first parameter and the signature main public key into a point on a preset elliptic curve, performs bilinear pairing operation according to the converted data, performs power operation with the first data, converts the data type of the operation result into a byte string, and writes the converted operation result into a first register;
step R3, the CPU reads the user identification, the pre-stored function identifier and the second parameter, carries out the second hash operation according to the user identification, the function identifier and the second parameter, and writes the operation result into the second register;
step R4, the CPU reads the second data and the prestored third parameter and signature main public key, converts the data types of the data, the second data, the third parameter and the signature main public key of the first register into points on a preset elliptic curve, performs a sixth preset operation according to the data of the second register, the converted third parameter and the signature main public key, performs a bilinear pairing operation with the converted second data, performs a point multiplication operation with the data of the first register, converts the data type of the operation result into a byte string, and writes the converted operation result into the first register;
step R5, the CPU reads the data to be signed and the second parameter, carries out the first hash operation according to the data to be signed, the data of the first register and the second parameter, and writes the operation result into the first register;
and step R6, the CPU acquires the first data and judges whether the first data is equal to the data of the first register, if so, the verification is successful, otherwise, the verification fails.
The invention provides a digital signature device based on user identification, which comprises:
the receiving module is used for receiving data to be signed; and storing the data to be signed;
the random number generating module is used for generating random numbers; and writing the random number into a second register;
the first data type conversion module is used for reading a pre-stored first parameter and a signature master public key and converting the data types of the first parameter and the signature master public key into points on a preset elliptic curve;
the first operation module is used for carrying out bilinear pairing operation on the first parameter and the signature master public key after the conversion of the first data type conversion module, and then carrying out power operation on the first parameter and the signature master public key and data written into the second register by the random number generation module;
the second data type conversion module is used for converting the data type of the operation result of the first operation module into a byte string and writing the converted operation result into the first register;
the hash operation module is used for acquiring the data to be signed and the pre-stored second parameter which are stored by the receiving module, performing first hash operation according to the data to be signed and the data and the second parameter which are written into the first register by the second data type conversion module, and writing an operation result into the first register;
the second operation module is used for reading the second parameter, performing first preset operation according to the data written into the first register by the hash operation module, the data written into the second register by the random number generation module and the second parameter, and writing an operation result into the second register;
the third data type conversion module is used for reading a signature private key associated with the user identifier and converting the data type of the signature private key into a point on a preset elliptic curve;
the third operation module is used for performing second preset operation according to the data written into the second register by the second operation module and the signature private key converted by the third data type conversion module;
the second data type conversion module is also used for converting the data type of the operation result of the third operation module into a byte string and writing the converted operation result into a second register;
and the output module is used for outputting the data written into the first register by the hash operation module and the data written into the second register by the second data type conversion module as digital signatures.
The invention provides a verification device based on user identification, which comprises:
the receiving module is used for receiving the data to be signed, the digital signature and the user identification, intercepting the digital signature according to a preset rule to obtain first data and second data, and storing the first data, the second data, the data to be signed and the user identification;
the first data type conversion module is used for reading first data, pre-stored first parameters and a signature master public key and converting the data types of the first parameters and the signature master public key into points on a preset elliptic curve;
the first operation module is used for performing bilinear pairing operation on the data converted by the first data type conversion module and performing power operation on the bilinear pairing operation and the first data;
the second data type conversion module is used for converting the data type of the operation result of the first operation module into a byte string and writing the converted operation result into the first register;
the second hash operation module is used for reading the user identifier, the pre-stored function identifier and the second parameter, performing second hash operation according to the user identifier, the function identifier and the second parameter, and writing an operation result into a second register;
the third data type conversion module is used for reading second data, prestored third parameters and a signature main public key, and converting the data of the first register after the second data type conversion, the second data, the third parameters and the data type of the signature main public key into points on a preset elliptic curve;
the second operation module is used for performing sixth preset operation according to the data of the second register, the third parameter converted by the third data type module and the signature master public key, performing bilinear pairing operation on the second data converted by the third data type conversion module, and performing dot product operation on the data of the first register converted by the third data type conversion module;
the fourth data type conversion module is used for converting the data type of the operation result of the second operation module into a byte string and writing the converted operation result into the first register;
the first hash operation module is used for reading the data to be signed and the second parameter, performing first hash operation according to the data to be signed, the data of the first register converted by the fourth data type conversion module and the second parameter, and writing an operation result into the first register;
the verification module is used for acquiring the first data, judging whether the first data and the data written into the first register by the first hash operation module are equal, and when the first data and the data written into the first register by the first hash operation module are equal, the verification is successful, and when the first data and the data written into the first register by the first hash operation module are not equal, the verification fails.
The beneficial effects obtained by the invention are as follows: the signature public key is determined by the unique identification of the user, and the data integrity of the data unit and the identity of the sender of the data unit are verified by the signature public key determined based on the user identification, so that the user does not need to verify the authenticity of the signature public key through a third party verification unit, and the key management process is simplified.
Drawings
For a clearer explanation of the embodiments of the present invention or technical solutions in the prior art, the drawings used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a digital signature method based on user identification according to embodiment 1 of the present invention;
fig. 2 is a flowchart of a signature verification method based on user identification according to embodiment 2 of the present invention;
fig. 3 is a block diagram of a digital signature apparatus based on user identification according to embodiment 3 of the present invention;
fig. 4 is a block diagram of an apparatus for verifying a signature based on a user identifier according to embodiment 4 of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
The embodiment provides a digital signature method based on user identification, and it needs to be explained that a first parameter, a second parameter, a signature master public key and a signature private key are prestored in a CPU; as shown in fig. 1, includes:
in this embodiment, the pre-stored first parameters specifically include: (93DE051D 62BF718F F5ED 0704487D 01D 6E 1E 4086909 DC 3280E 8C4E 4817C 66DDDD, 21FE8DDA 4F21E 607631065125C 395BBC 1C1C00CB FA 6024350C 464CD 70A 3EA 616);
the second parameter is specifically: B640000002A 3A6F 1D 603AB4F F58EC 74449F 2934B 18EA8BEE 56EE19C D69ECF 25;
the signature master public key specifically includes: (9F64080B 3084F 733E 48AFF4B 41B 565011 CE0711C 5E392CFB 0AB1B 6791B 94C 40829 DBA 116152D 1F 786 CE843ED 24A3B 573414D 2177386A 92DD 8 F14D65696EA5E32,69850938 ABEA 0112B 57329F 447E 3A0CB AD3E2FDB 1A77F 335E 89D 0EF1C2541E00A53 DDA532DA 1A7CE 027B 7A46F 741006E 85F 5CDFF 0730E 75C05F B4E 3216D));
the signature private key specifically comprises: (A5702F05 CF 1315305E 2D6EB 64B 0DEB 923 DB1A0BC F0CAFF 90523 AC 8754 AA 698820, 78559A 844411F 9825C 109F5E E3F52D 720 DD 01785392A 727B B1556952B 2B013D 3);
optionally, the CPU obtains a pre-stored user identifier, obtains a first parameter, a second parameter, a signature master public key and a signature private key by uploading the user identifier to the key generation system, and stores the obtained signature master public key, signature private key, first parameter and second parameter.
Step S1, when receiving the data to be signed, the CPU saves the data to be signed;
in this embodiment, the data to be signed received by the CPU specifically includes: 4368696E 65736520494253207374616E 64617264;
step S2, the CPU reads the pre-stored first parameter and the signature main public key, converts the data types of the first parameter and the signature main public key into points on a preset elliptic curve, performs bilinear pairing operation according to the converted first parameter and the signature main public key, performs power operation with the data of the second register, converts the data type of the operation result into a byte string, and writes the converted operation result into the first register;
specifically, converting the data type of the first parameter into a point on a preset elliptic curve specifically includes:
step 101, averagely splitting a first parameter into two byte strings by a CPU;
step 102, a CPU (central processing unit) sequentially acquires a byte string as a current byte string and converts the current byte string into decimal data;
step 103, the CPU judges whether the first parameter has byte strings which are not acquired, if so, the step 102 is returned, otherwise, all the converted data are combined to obtain the first parameter of the point of which the data type is the preset elliptic curve;
converting the data type of the signature master public key into a point on a preset elliptic curve specifically comprises:
step 201, averagely splitting a signature master public key into two byte strings by a CPU;
step 202, the CPU sequentially obtains a byte string as a current byte string and converts the current byte string into decimal data;
step 203, the CPU judges whether byte strings which are not acquired exist in the signature master public key, if so, the step 202 is returned, otherwise, all the converted data are combined to obtain the signature master public key of the point of which the data type is the preset elliptic curve;
specifically, bilinear pairing operation is performed according to the converted first parameter and the signature master public key, and the operation result is as follows:
(4E378FB5 561CD066 8F906B73 1AC58FEE 25738EDF 09CADC7A 29C0ABC0177AEA6D,28B3404A 61908F5D 6198815C 99AF1990 C8AF3865 5930058C 28C21BB5 39CE0000,38BFFE40 A22D529A 0C66124B 2C308DAC 92299126 56F62B4F ACFCED40 8E02380F,A01F2C8B EE817696 09462C69 C96AA923 FD863E20 9D3CE26D D889B55E 2E3873DB,67E0E0C2 EED7A699 3DCE28FE 9AA2EF56 83430786 0839677F 96685F2B 44D0911F,5A1AE172 102EFD95 DF7338DB C577C66D 8D6C15E0 A0158C75 07228EFB 078F42A6,1604A3FC FA9783E6 67CE9FCB 1062C2A5 C6685C31 6DDA62DE 0548BAA6 BA30038B,93634F44 FA13AF76 169F3CC8 FBEA880A DAFF8475 D5FD28A7 5DEB83C4 4362B439,B3129A75 D31D1719 4675A1BC 56947920 898FBF39 0A5BF5D9 31CE6CBB 3340F66D,4C744E69 C4A2E1C8 ED72F796 D151A17C E2325B94 3260FC46 0B9F73CB 57C9014B,84B87422 330D7936 EABA1109 FA5A7A71 81EE16F2 438B0AEB 2F38FD5F 7554E57A,AAB9F06A 4EEBA432 3A7833DB 202E4E35 639D93FA 3305AF73 F0F071D7 D284FCFB)
the CPU takes the operation result of bilinear pairing operation as the base, and the data of the second register is used as an index for operation; the operation result is specifically as follows: (81377B8F DBC2839B 4FA2D0E 0F 8AA6853 BBBE9E9C 4099608F 8612C 6078 ACD7563,
815AEBA2 17AD502D A0F48704 CC73CABB 3C06209B D87142E1 4CBD99E8 BCA1680F,
30DADC5C D9E207AE E32209F6 C3CA3EC0 D800A1A4 2D33C731 53DED47C 70A39D2E,
8EAF5D17 9A1836B3 59A9D1D9 BFC19F2E FCDB8293 28620962 BD3FDF15 F2567F58,
A543D256 09AE9439 20679194 ED30328B B33FD156 60BDE485 C6B79A7B 32B01398,
3F012DB0 4BA59FE8 8DB88932 1CC2373D 4C0C35E8 4F7AB1FF 33679BCA 575D6765,
4F8624EB 435B838C CA77B2D0 347E65D5 E4696441 2A096F41 50D8C5ED E5440DDF,
0656FCB6 63D24731 E8029218 8A2471B8 B68AA993 89926849 9D23C897 55A1A897,
44643CEA D40F0965 F28E1CD2 895C3D11 8E4F65C9 A0E3E741 B6DD52C0 EE2D25F5,
898D6084 8026B7EF B8FCC1B2 442ECF07 95F8A81C EE99A624 8F294C82 C90D26BD,
6A814AAF 475F128A EF43A128 E37F8015 4AE6CB92 CAD7D150 1BAE30F7 50B3A9BD,
1F96B08E 97997363 91131470 5BFB9A9D BB97F755 53EC90FB B2DDAE53 C8F68E42)
specifically, converting the data type of the operation result into a byte string includes:
step A1, the CPU obtains a second parameter, and calculates according to the length of the operation result and the second parameter to obtain third data;
step A2, the CPU sequentially acquires a component with the length of third data from the abscissa of the operation result as a current component, converts the current component into hexadecimal data, splices the converted data with the data of the first register, and writes the spliced result into the first register;
step A3, the CPU judges whether the operation result has the component which is not acquired, if yes, the operation returns to step A2, otherwise, the step A4 is executed;
step A4, the CPU sequentially acquires a component with the length of third data from the ordinate of the operation result as a current component, converts the current component into hexadecimal data, splices the converted data with the data of the first register, and writes the spliced result into the first register;
step A5, the CPU judges whether there is component which is not acquired in the operation result, if yes, the step A4 is returned, otherwise, the operation is ended;
step S3, the CPU generates a random number through the random number generator and writes the random number into the second register;
in this embodiment, the invoking of the random number generator by the CPU to generate the random number specifically includes: 0X 033C 8616B 06704813203 DF D00965022 ED 15975C 662337A ED648835 DC4B1 CBE;
step S4, the CPU obtains the data to be signed and the pre-stored second parameter, and carries out the first hash operation according to the data to be signed, the data of the first register and the second parameter, and writes the operation result into the first register;
specifically, a first hash operation is performed according to the data to be signed, the data of the first register, and the second parameter, and the operation result specifically includes: 823C4B 21E 4BD2DFE 1ED92C 606653E 996668563152 FC33F 55D 7BFBB9B D9705 ADB;
more specifically, the CPU acquires data to be signed and a pre-stored second parameter, sequentially splices the data to be signed and the data of the first register, calls a first password function by taking a splicing result and the second parameter as input parameters, and writes output data of the first password function into the first register;
alternatively, step S4 specifically includes:
b1, the CPU initializes a counter, acquires data to be signed and a second parameter, sequentially splices the data to be signed and the data of the first register, and writes the splicing result into the first register;
step B2, the CPU carries out a third preset operation on the second parameter, and writes the operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as an input parameter of the top function, and writing the output data of the top function into the fifth register;
more specifically, the CPU performs a third preset operation on the second parameter and writes the operation result into a third register, wherein the operation result is that the CPU calculates the logarithm of the second parameter with 2 as the base, multiplies the calculation result by 5, divides the multiplication result by 32, uses the divided result as an input parameter to call a top function, multiplies the output data of the top function by 8, and writes the multiplied result into the third register; dividing the data of the third register by the length of the output data of the preset cryptographic hash function, writing the division result into a fourth register, calling a top function by taking the data of the fourth register as an input parameter, and writing the output data of the top function into a fifth register;
step B3, the CPU splices the first preset value, the data of the first register and the value of the counter in sequence, the spliced result is used as an input parameter to call a key hash function to obtain a hash value, the data of the sixth register is spliced with the hash value, and the spliced result is assigned to the sixth register;
optionally, the cryptographic hash function is specifically: MD5 or SHA256 or SM 3;
for example, if the predetermined cryptographic hash function is the SM3 cryptographic hash function, the length of the output data of the cryptographic hash function is 32 bytes;
step B4, the CPU updates the counter, judges whether the value of the counter is equal to the data of the fifth register, if yes, the step B5 is executed, otherwise, the step B3 is returned;
specifically, the CPU adds 1 to the value of the counter as the updated value of the counter;
b5, the CPU judges whether the data of the fourth register is an integer, if yes, B6 is executed, otherwise B7 is executed;
b6, the CPU splices the first preset value, the data of the first register and the value of the counter in sequence, the spliced result is used as an input parameter to call a key hash function to obtain a hash value, the data of the sixth register is spliced with the hash value, the spliced result is assigned to the sixth register, and the step B8 is executed;
in this embodiment, the first preset value is specifically 0x 02;
step B7, the CPU carries out a fourth preset operation according to the data of the third register, the output data length of the preset password hash function and the data of the fourth register, writes the result into the seventh register, sequentially splices the first preset value, the data of the first register and the value of the counter, and takes the spliced result as an input parameter to call the key hash function to obtain a hash value; intercepting a hash value according to the data of the seventh register, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
the CPU performs a fourth preset operation according to the data of the third register, the preset output data length of the cryptographic hash function, and the data of the fourth register, and writing the result into the seventh register specifically includes: the CPU calls a bottom function by taking the data of the fourth register as an input parameter, multiplies the output data of the bottom function by the length of the output data of the password hash function, performs subtraction operation on the data of the third register and the multiplication result, and writes the operation result into a seventh register;
and step B8, the CPU acquires the second parameter, performs fifth preset operation according to the data of the sixth register and the second parameter, and writes the operation result into the first register.
Step S5, the CPU reads the second parameter, and carries out the first preset operation according to the data of the first register, the data of the second register and the second parameter, and writes the operation result into the second register;
specifically, the CPU reads the second parameter, performs subtraction on the data of the second register and the data of the first register, performs modulo operation on the difference value and the second parameter, and assigns the operation result to the second register.
More specifically, the CPU reads the second parameter and performs a first preset operation according to the data of the first register, the data of the second register, and the second parameter, where the operation result specifically is:
3406F1643496DFF8385C82CF5F4442B0123E89ABAF898013FB13AE36D9799108
step S6, the CPU judges whether the data of the second register is equal to the preset value, if yes, the step S3 is returned, otherwise, the step S7 is continuously executed;
in this embodiment, the preset value is 0;
step S7, the CPU reads the signature private key associated with the user identification, converts the data type of the signature private key into a point on a preset elliptic curve, performs a second preset operation according to the data of the second register and the converted signature private key, converts the data type of the operation result into a byte string, and writes the converted operation result into the second register;
specifically, the step of converting the data type of the signature private key into a point on a preset elliptic curve by the CPU includes:
step 301, averagely splitting a signature private key into a preset number of byte strings by a CPU;
step 302, the CPU sequentially obtains a byte string as a current byte string and converts the current byte string into decimal data;
step 303, the CPU determines whether there is any byte string that has not been acquired in the second data, if yes, the process returns to step 302, otherwise, all the converted data are combined to obtain the signature private key of the point whose data type is the preset elliptic curve.
Performing a second preset operation according to the data of the second register and the converted signature private key specifically comprises: and carrying out point doubling operation on the data of the second register and the signature private key.
More specifically, the CPU reads a pre-stored signature private key, and performs a multiple operation on the data of the second register and the signature private key, where the operation result specifically is as follows: (73BF 96923 CE58B6A D0E13E 9643A 406D8 EB98417C 50EF1B29 CEF9ADB 48B 6D598C, 856712F 1C 2E0968A B7769F 42A 99586AE D139D5B 8B 3E 15891827 CC2AC ED9BAA 05);
specifically, the process of converting the data type of the operation result of the second predetermined operation into the byte string is similar to the process of converting the data type of the operation result of the exponentiation operation into the byte string in step S2, and is not described herein again.
In step S8, the CPU outputs the data of the first register and the data of the second register as digital signatures.
Preferably, the CPU sequentially splices the data of the first register, the preset delimiter and the data of the second register to obtain a digital signature, and outputs the digital signature.
In this embodiment, if the preset identifier is 04, the digital signature specifically includes: (823C4B 21E 4BD2DFE 1ED92C 606653E 996668563152 FC33F 55D 7BFBB9B D9705ADB, 0473 BF 96923 CE58B6A D0E13E 9643A 406D8 EB98417C 50EF1B29 CEF9ADB 48B 6D598C856712F 1C 2E0968A B7769F 42A 99586AE D139D5B 8B 3E 15891827 CC2AC ED9BAA 05).
It should be noted that the method for generating the private signature key by the key generation system according to the user identifier specifically includes:
step X1, the key generation system generates a random number as a signature master private key; generating a signature master public key according to the signature master private key;
the random number in this embodiment is specifically: 0130E 78459D 78545 CB54C 587E 02CF 480 CE0B 66340F 319F 348A1D5B 1F2DC5F 4;
the key generation system calculates a random number multiple point of the third parameter as a signature master public key, where the signature master public key obtained in this embodiment specifically is:
(9F64080B 3084F733 E48AFF4B 41B56501 1CE0711C 5E392CFB 0AB1B679 1B94C408 29DBA116 152D1F78 6CE843ED 24A3B573 414D2177 386A92DD 8F14D656 96EA5E32,69850938 ABEA0112 B57329F4 47E3A0CB AD3E2FDB 1A77F335 E89E1408 D0EF1C2541E00A53 DDA532DA 1A7CE027 B7A46F74 1006E85F 5CDFF073 0E75C05F B4E3216D));
step X2, the key generation system generates a signature private key according to the user identification and the signature master private key;
step X2 specifically includes:
step X2-1, the key generation system selects a function identifier according to the signature master private key, and generates first data through a second cryptographic function according to the user identifier, the function identifier and the order of the cyclic group; and generating second data according to the first data and the signature master private key.
Further, the key generation system sequentially splices the user identifier 416C 69665 and the function identifier 01, generates first data 2ACC468C 3926B0BD B2767E99 FF26E084 DE9CED8D BC7D5FBF 418027B 667862 FAB by a second cryptographic function according to the splicing result 416C 6966501 and a second parameter, and adds the first data and the signature master private key to obtain second data 2ACD7773 BD 808842F 841D35F 87070D 795F 6AF8F 3F 915C 915E 760a 451186B 3F 59F;
step X2-2, the key generation system judges whether the second data is equal to the preset value, if yes, the step X1 is returned; otherwise, executing the step X2-3;
in this embodiment, the preset value is 0;
step X2-3, the key generation system generates a signature private key according to the signature master private key, the second data and the first parameter;
specifically, the key generation system divides the signature master private key and the second data to obtain third data 291FE3CA C8F58AD 2DC 462C8D 4D578a94 DAFD5624 DDC28E 328D 2936688 a86CF 1A; calculating a third data time of the first parameter to obtain a signature private key; the signature private key obtained in this embodiment is specifically: (A5702F05 CF 1315305E 2D6EB 64B 0DEB 923 DB1A0BC F0CAFF 90523 AC 8754 AA 698820, 78559A 844411F 9825C 109F5EE3F52D 720 DD 01785392A 727B B1556952B 2B013D 3).
Example 2
The embodiment provides a signature verification method based on user identification, wherein a signature master public key, a first parameter, a second parameter, a third parameter and a function identifier are prestored in a CPU (central processing unit); as shown in fig. 2, includes:
the pre-stored first parameters are specifically: (93DE051D 62BF718F F5ED 0704487D 01D 6E 1E 4086909 DC 3280E 8C4E 4817C 66DDDD, 21FE8DDA 4F21E 607631065125C 395BBC 1C1C00CB FA 6024350C 464CD 70A 3EA 616);
the second parameter is specifically: B640000002A 3A6F 1D 603AB4F F58EC 74449F 2934B 18EA8BEE 56EE19C D69ECF 25;
the third parameter is specifically: (85AEF3D 078640C 98597B 6027B 441A01F F1DD2C 190F 5E93C 454806C 11 D8806141,3722755292130B08D 2AAB97F D34EC120 EE 265948D 19C17AB F9B7213 AF82D65B17509B 092E 845C 1266 BA0D 262 CBEE6ED 0736A96F A347C8BD DC76B EBEB 856 96, A7CF28D 519 BE3DA 65F 3170153D 278FF 247 FF 98A 08116215 BBA 5C 999A7C 7);
the function identifier is specifically: 01
The signature master public key specifically includes: (9F64080B 3084F 733E 48AFF4B 41B 565011 CE0711C 5E392CFB 0AB1B 6791B 94C 40829 DBA 116152D 1F 786 CE843ED 24A3B 573414D 2177386A 92DD 8 F14D65696EA5E32,69850938 ABEA 0112B 57329F 447E 3A0CB AD3E2FDB 1A77F 335E 89D 0EF1C2541E00A53 DDA532DA 1A7CE 027B 7A46F 741006E 85F 5CDFF 0730E 75C05F B4E 3216D));
step R1, when receiving the data to be signed, the digital signature and the user identification, the CPU intercepts the digital signature according to a preset rule to obtain first data and second data;
the data to be signed received in this embodiment is specifically: 4368696E 65736520494253207374616E 64617264;
the digital signature is specifically: (823C4B 21E 4BD2DFE 1ED92C 606653E 996668563152 FC33F 55D 7BFBB9B D9705ADB, 0473 BF 96923 CE58B6A D0E13E 9643A 406D8 EB98417C 50EF1B29 CEF9ADB 48B 6D598C856712F 1C 2E0968A B7769F 42A 99586AE D139D5B 8B 3E 15891827 CC2AC ED9BAA 05);
the user identifier is specifically: 416C 6966365;
specifically, the CPU acquires the first 8 bytes from the digital signature as first data, and takes the rest data in the digital signature as second data;
in more detail, the first data obtained by interception specifically includes: 823C4B 21E 4BD2DFE 1ED92C 606653E 996668563152 FC33F 55D 7BFBB9B D9705 ADB;
the second data is specifically: 73BF 96923 CE58B6A D0E13E 9643A 406D8 EB98417C 50EF1B29 CEF9ADB 48B 6D598C856712F 1C 2E0968A B7769F 42A 99586AE D139D5B 8B 3E 15891827 CC2AC ED9BAA 05;
step R2, the CPU judges whether the first data meets a first preset condition, if so, the first data is saved, the step R3 is executed, otherwise, the verification fails;
specifically, the CPU obtains first data, determines that the first data is not greater than a third preset value and is not less than a difference between the second parameter and the third preset value, if so, performs step 203, otherwise, fails the verification;
in more detail, the third preset value is 1;
step R3, the CPU converts the data type of the second data into a point on a preset elliptic curve, judges whether the converted second data meets a second preset condition, if so, stores the second data, and executes step R4, otherwise, the verification fails;
the step R3 is specifically that the CPU acquires the second data, converts the data type of the second data into a point on a preset elliptic curve, and determines whether the converted second data is in a preset group, if so, executes the step R4, otherwise, the verification fails:
in more detail, the converting the data type of the second data into the point on the preset elliptic curve specifically includes:
701, averagely splitting second data into two byte strings by a CPU;
step 702, the CPU sequentially acquires a byte string as a current byte string and converts the current byte string into decimal data;
step 703, the CPU determines whether there is any byte string that has not been acquired in the second data, if yes, returns to step 702, otherwise combines all the converted data to obtain second data whose data type is a point of a preset elliptic curve;
step R4, the CPU reads the first data and the pre-stored first parameter and the signature main public key, converts the data types of the first parameter and the signature main public key into points on a preset elliptic curve, performs bilinear pairing operation according to the converted data, performs power operation with the first data, converts the data type of the operation result into a byte string, and writes the converted operation result into a first register;
the step R4 specifically includes: the method comprises the steps that a CPU reads first data, pre-stored first parameters and a signature main public key, the data types of the first parameters and the signature main public key are converted into points on a preset elliptic curve, bilinear pairing operation is conducted according to the converted data, the operation result of the bilinear pairing operation is used as the base, the first data is used as an index for operation, the data type of the operation result is converted into a byte string, and the converted operation result is written into a first register;
more specifically, the CPU performs bilinear pairwise operation according to the converted first parameter and the signature master public key, and the operation result specifically includes:
(4E378FB5 561CD066 8F906B73 1AC58FEE 25738EDF 09CADC7A 29C0ABC0177AEA6D,28B3404A 61908F5D 6198815C 99AF1990 C8AF3865 5930058C 28C21BB5 39CE0000,38BFFE40 A22D529A 0C66124B 2C308DAC 92299126 56F62B4F ACFCED40 8E02380F,A01F2C8B EE817696 09462C69 C96AA923 FD863E20 9D3CE26D D889B55E 2E3873DB,67E0E0C2 EED7A699 3DCE28FE 9AA2EF56 83430786 0839677F 96685F2B 44D0911F,5A1AE172 102EFD95 DF7338DB C577C66D 8D6C15E0 A0158C75 07228EFB 078F42A6,1604A3FC FA9783E6 67CE9FCB 1062C2A5 C6685C31 6DDA62DE 0548BAA6 BA30038B,93634F44 FA13AF76 169F3CC8 FBEA880A DAFF8475 D5FD28A7 5DEB83C4 4362B439,B3129A75 D31D1719 4675A1BC 56947920 898FBF39 0A5BF5D9 31CE6CBB 3340F66D,4C744E69 C4A2E1C8 ED72F796 D151A17C E2325B94 3260FC46 0B9F73CB 57C9014B,84B87422 330D7936 EABA1109 FA5A7A71 81EE16F2 438B0AEB 2F38FD5F
7554E57A,AAB9F06A 4EEBA432 3A7833DB 202E4E35 639D93FA 3305AF73 F0F071D7 D284FCFB)
the CPU reads the first data, performs power operation according to the data of the first register and the first data, and converts the data type of the operation result into a byte string, wherein the converted operation result specifically comprises the following steps:
(B59486D6 F3AE4649 ADF387C5 A22790E4 2B98051A 339B3403 B17B1F2B 38259EFE,1632C30A A86001F5 2EEFED51 7AA672D7 0F03AF3E E9197017 EDA43143 6CFBDACE,2F635B5B 0243F6F4 876A1D91 49EAFAB7 1060EA43 52DE6D4A 83B5F8F3 DF73EFF0,3A27F33E 024339B8 3F16E58A E524A5FA A3E7FD00 9568A9FF 23752BC8 DD85B704,08208E26 734BC667 31AEE530 692B3AE2 77EA70D6 BBAF8F48 5295D067 E67B3B4F,1DBDDD78 126E962E 950CEBB3 85C3F7A3 E0A5597F 9C3B9FB3 F5DAC3DA A85FD016,189E64A3 C0A0D876 11A83AEC 8F3A3688 C0ABF2F6 4860CF33 1463ACB3 A4AABB04,6E3FA26F 762D1A23 71601BE0 0DA702B1 A726273C E843D991 CE5C2EAB AB2EAC6F,A5BCFFD5 40EE56B5 A26CCDA5 66FD8ABC 3615CB7D EA8F240E 0BF46158 16C2B23E,A074A0AA 62A26C28 3F11543C ECDEA524 2113FE2E 982CCBDA 2D495EF6 C05550A6,2E3F160C 96C16059 5A1034B5 15692066 8A7BEE5E 82E0B8BE 06963FDD BDEB5AAE,0DCF9EA2 8617B596 5313B917 D556DA0D 3A557C41 12CE1C4A 06B327D7 DC18273D);
the step of converting the data type of the first parameter into a point on the preset elliptic curve by the CPU specifically includes:
step 401, the CPU averagely splits the first parameter into two byte strings;
step 402, the CPU sequentially obtains a byte string as a current byte string and converts the current byte string into decimal data;
step 403, the CPU determines whether there is any byte string that has not been acquired in the first parameter, if yes, returns to step 402, otherwise combines all the converted data to obtain the first parameter of the point whose data type is the preset elliptic curve;
the step of converting the data type of the signature master public key into a point on a preset elliptic curve by the CPU specifically comprises the following steps:
step 501, averagely splitting a signature master public key into two byte strings by a CPU;
step 502, the CPU sequentially obtains a byte string as a current byte string and converts the current byte string into decimal data;
step 503, the CPU determines whether there is any byte string that has not been acquired in the signature master public key, if yes, the process returns to step 502, otherwise, the signature master public key of a point of which the data type is a preset elliptic curve is obtained by combining all the converted data;
the conversion of the data type of the operation result into the byte string in the step R4 is similar to the conversion of the data type of the operation result into the byte string in the step R2, and is not described herein again.
Step R5, the CPU reads the user identification, the pre-stored function identifier and the second parameter, carries out the second hash operation according to the user identification, the function identifier and the second parameter, and writes the operation result into the second register;
in this embodiment, the CPU reads the user identifier, the pre-stored function identifier, and the second parameter, and performs a second hash operation according to the user identifier, the pre-stored function identifier, and the second parameter, where the operation result specifically is: 2ACC468C 3926B0BD B2767E99 FF26E084 DE9CED8D BC7D5FBF 418027B 667862 FAB;
specifically, the CPU reads the user identifier, the pre-stored function identifier, and the second parameter, sequentially splices the user identifier and the function identifier, calls the second cryptographic function using the splicing result and the second parameter as input parameters, and writes output data of the second cryptographic function in the second register.
Alternatively, step R5 specifically includes:
d1, initializing a counter by the CPU, reading the user identification, the pre-stored function identifier and a second parameter, sequentially splicing the user identification and the function identifier, and writing the splicing result into a second register;
step D2, the CPU carries out a third preset operation on the second parameter, and writes the operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as an input parameter of the top function, and writing the output data of the top function into the fifth register;
d3, sequentially splicing the second preset value, the data of the second register and the value of the counter by the CPU, calling a key hash function to obtain a hash value by taking the splicing result as an input parameter, splicing the data of the sixth register with the hash value, and writing the splicing result into the sixth register;
d4, the CPU updates the counter, judges whether the value of the counter is equal to the data of the fifth register, if yes, the step D5 is executed, otherwise, the step D3 is returned;
d5, the CPU judges whether the data of the fourth register is an integer, if yes, D6 is executed, otherwise, D7 is executed;
d6, sequentially splicing a second preset value, the data of the second register and the value of the counter by the CPU, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register with the hash value, and assigning the splicing result to the sixth register;
step D7, the CPU performs a fourth preset operation according to the data of the third register, the output data length of the preset password hash function and the data of the fourth register, writes the result into the seventh register, sequentially splices the second preset value, the data of the second register and the value of the counter, and calls the key hash function to obtain a hash value by taking the spliced result as an input parameter; intercepting data of data with the length of the seventh register from the hash value, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
and D8, the CPU acquires the second parameter, performs a fifth preset operation according to the data of the sixth register and the second parameter, and writes the operation result into the second register.
Step R6, the CPU reads the second data and the prestored third parameter and signature main public key, converts the data types of the data, the second data, the third parameter and the signature main public key of the first register into points on a preset elliptic curve, performs a sixth preset operation according to the data of the second register, the converted third parameter and the signature main public key, performs a bilinear pairing operation with the converted second data, performs a point multiplication operation with the data of the first register, converts the data type of the operation result into a byte string, and writes the converted operation result into the first register;
specifically, performing a sixth preset operation according to the data of the second register, the converted third parameter, and the signature master public key specifically includes: performing point multiplication operation on the data of the second register and a third parameter, and performing addition operation on the data of the second register and the signature master public key;
in this embodiment, the CPU performs a sixth preset operation according to the data of the second register, the third parameter, and the signature master public key, and the operation result specifically is: (511F2C 823C 7484DD FC16BBC 53 AAD33B 78D 2429AF CF7F8AD 8B 72261B 4E 1FFCF79,7B234E1D 623A172A AA89164A F3E828B 4D 0E49CE6 EC5C7FE 92E 657272250 CBAF6, 4831DD 313 EC39FDA 59F3E14F EBCFF 7848D 11875D 805662D 26969 CF 705D 46ED70,73B542A 69058F 4601 AC19F 237203686368 FEC 436C 13C2B 0761F 9B 6E 14A36E4)
Further, the operation result of the dot product operation is specifically: (81377B8F DBC2839B 4FA2D0E 0F 8AA6853 BBBE9E9C 4099608F 8612C 6078 ACD7563,
815AEBA2 17AD502D A0F48704 CC73CABB 3C06209B D87142E1 4CBD99E8 BCA1680F,
30DADC5C D9E207AE E32209F6 C3CA3EC0 D800A1A4 2D33C731 53DED47C 70A39D2E,
8EAF5D17 9A1836B3 59A9D1D9 BFC19F2E FCDB8293 28620962 BD3FDF15 F2567F58,
A543D256 09AE9439 20679194 ED30328B B33FD156 60BDE485 C6B79A7B 32B01398,
3F012DB0 4BA59FE8 8DB88932 1CC2373D 4C0C35E8 4F7AB1FF 33679BCA 575D6765,
4F8624EB 435B838C CA77B2D0 347E65D5 E4696441 2A096F41 50D8C5ED E5440DDF,
0656FCB6 63D24731 E8029218 8A2471B8 B68AA993 89926849 9D23C897 55A1A897,
44643CEA D40F0965 F28E1CD2 895C3D11 8E4F65C9 A0E3E741 B6DD52C0 EE2D25F5,
898D6084 8026B7EF B8FCC1B2 442ECF07 95F8A81C EE99A624 8F294C82 C90D26BD,
6A814AAF 475F128A EF43A128 E37F8015 4AE6CB92 CAD7D150 1BAE30F7 50B3A9BD,
1F96B08E 97997363 91131470 5BFB9A9D BB97F755 53EC90FB B2DDAE53 C8F68E42)
in more detail, the step of converting the data type of the data in the first register into a point on the preset elliptic curve by the CPU specifically includes:
601, averagely splitting the data of the first register into two byte strings by the CPU;
step 602, the CPU sequentially obtains a byte string as a current byte string and converts the current byte string into decimal data;
603, the CPU judges whether the data of the first register has byte strings which are not acquired, if so, the step 602 is returned, otherwise, all the converted data are combined to obtain the data of the first register with the data type being the point of the preset elliptic curve;
the step of converting the data type of the second data into a point on the preset elliptic curve by the CPU specifically includes:
701, averagely splitting second data into two byte strings by a CPU;
step 702, the CPU sequentially acquires a byte string as a current byte string and converts the current byte string into decimal data;
step 703, the CPU determines whether there is any byte string that has not been acquired in the second data, if yes, returns to step 702, otherwise combines all the converted data to obtain second data whose data type is a point of a preset elliptic curve;
the step of converting the data type of the third parameter into a point on the preset elliptic curve by the CPU specifically includes:
step 801, averagely splitting a third parameter into two byte strings by a CPU;
step 802, the CPU sequentially obtains a byte string as a current byte string and converts the current byte string into decimal data;
step 803, the CPU determines whether there is any byte string that has not been acquired in the third parameter, if yes, returns to step 802, otherwise combines all the converted data to obtain a third parameter whose data type is a point of a preset elliptic curve;
the process of converting the data type of the signature master public key to the point on the preset elliptic curve in the step R6 is similar to the process of converting the data type of the signature master public key to the point on the preset elliptic curve in the step R4, and details are not repeated here.
Step R7, the CPU reads the data to be signed and the second parameter, carries out the first hash operation according to the data to be signed, the data of the first register and the second parameter, and writes the operation result into the first register;
in this embodiment, a first hash operation is performed according to the data to be signed, the data of the first register, and the second parameter, and the operation result specifically includes: 823C4B 21E 4BD2DFE 1ED92C 606653E 996668563152 FC33F 55D 7BFBB9B D9705ADB
Specifically, in step R7, a first hash operation is performed according to the data to be signed, the data of the first register, and the second parameter, an operation result is written into the first register, specifically, the CPU sequentially splices the data to be signed and the data of the first register, the spliced result and the second parameter are used as input parameters to call a first cryptographic function, and the output data of the first cryptographic function is written into the first register.
Or, in step R7, performing a first hash operation according to the data to be signed, the data of the first register, and the second parameter, and writing an operation result into the first register, which specifically includes:
step E1, the CPU initializes a counter, sequentially splices the data to be signed and the data of the first register, and writes the splicing result into the first register;
step E2, the CPU carries out third preset operation on the second parameter, and writes the operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as the input parameters of the top function, and assigning the output data of the top function to the fifth register;
e3, sequentially splicing the first preset value, the data of the first register and the value of the counter by the CPU, calling a key hash function to obtain a hash value by taking a splicing result as an input parameter, splicing the data of the sixth register and the hash value, and assigning the splicing result to the sixth register;
step E4, the CPU updates the counter, judges whether the value of the counter is equal to the data of the fifth register, if yes, the step B5 is executed, otherwise, the step B3 is returned;
step E5, the CPU judges whether the data of the fourth register is an integer, if so, executing E6, otherwise, executing E7;
e6, sequentially splicing the first preset value, the data of the first register and the value of the counter by the CPU, calling a key hash function to obtain a hash value by taking a splicing result as an input parameter, splicing the data of the sixth register and the hash value, and assigning the splicing result to the sixth register;
step E7, the CPU performs a fourth preset operation according to the data of the third register, the output data length of the preset password hash function and the data of the fourth register, writes the result into the seventh register, sequentially splices the first preset value, the data of the first register and the value of the counter, and calls the key hash function to obtain a hash value by taking the spliced result as an input parameter; intercepting data with the length of a seventh register from the hash value, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
and E8, the CPU acquires the second parameter, performs a fifth preset operation according to the data of the sixth register and the second parameter, and writes the operation result into the first register.
And step R8, the CPU acquires the first data and judges whether the first data is equal to the data of the first register, if so, the verification is successful, otherwise, the verification fails.
Example 3
The embodiment provides a digital signature device based on user identification, referring to fig. 3, including:
the receiving module is used for receiving data to be signed; and storing the data to be signed;
the random number generating module is used for generating random numbers; and writing the random number into a second register;
the first data type conversion module is used for reading a pre-stored first parameter and a signature master public key and converting the data types of the first parameter and the signature master public key into points on a preset elliptic curve;
the first operation module is used for carrying out bilinear pairing operation on the first parameter and the signature master public key after the conversion of the first data type conversion module, and then carrying out power operation on the first parameter and the signature master public key and data written into the second register by the random number generation module;
specifically, the first operation module is configured to perform bilinear pairwise operation on the first parameter and the signature master public key converted by the first data type conversion module, and then perform operation with the operation result of the bilinear pairwise operation as the base and the data of the second register as an index.
The second data type conversion module is used for converting the data type of the operation result of the first operation module into a byte string and writing the converted operation result into the first register;
the hash operation module is used for acquiring the data to be signed and the pre-stored second parameter which are stored by the receiving module, performing first hash operation according to the data to be signed, the data which are written into the first register by the second data type conversion module and the second parameter, and writing an operation result into the first register;
optionally, the hash operation module is specifically configured to obtain data to be signed and a pre-stored second parameter stored by the receiving module, sequentially splice the data to be signed and the data of the first register, call a first cryptographic function with a splicing result and the second parameter as input parameters, and write output data of the first cryptographic function into the first register.
Or, the hash operation module specifically includes:
the initialization submodule is used for initializing the counter;
the splicing submodule is used for acquiring data to be signed and a second parameter, sequentially splicing the data to be signed and the data of the first register and writing a splicing result into the first register;
the first operation submodule is used for carrying out third preset operation on the second parameter and writing an operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as an input parameter of a top function, and writing the output data of the top function into a fifth register;
the second operation submodule is used for sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the value of the counter, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register; the first judgment submodule is used for sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the updated value of the counter by the first judgment submodule when the first judgment submodule judges that the value of the counter is not equal to the data written into the fifth register by the first operation submodule, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register with the hash value, and writing the splicing result into the sixth register;
the first judgment submodule is used for updating the counter and judging whether the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the second judgment submodule is used for judging whether the data written into the fourth register by the first operation submodule is an integer or not when the first judgment submodule judges that the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the third operation submodule is used for sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the value of the counter when the second judgment module judges that the data written into the fourth register by the first operation submodule is an integer, taking the splicing result as an input parameter to call a key hash function to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register;
the fourth operation submodule is used for performing fourth preset operation according to the data of the third register, the output data length of the preset password hash function and the data of the fourth register when the second judgment module judges that the data written into the fourth register by the first operation submodule is not an integer, writing the result into the seventh register, sequentially splicing the first preset value, the data of the first register and the value of the counter, and calling the key hash function by using the spliced result as an input parameter to obtain a hash value; intercepting data of data with the length of the seventh register from the hash value, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
the fifth operation submodule is used for acquiring the second parameter, performing fifth preset operation according to the data written into the sixth register by the third operation submodule and the second parameter, and writing an operation result into the first register; and the second operation submodule is also used for acquiring a second parameter, performing fifth preset operation according to the data written into the sixth register by the fourth operation submodule and the second parameter, and writing an operation result into the first register.
The second operation module is used for reading a second parameter, performing a first preset operation according to the data written into the first register by the hash operation module, the data written into the second register by the random number generation module and the second parameter, and writing an operation result into the second register;
specifically, the second operation module is configured to read the second parameter, calculate a difference between data of the second register and data of the first register, perform modulo operation on the calculation result and the second parameter, and write the calculation result into the second register.
The third data type conversion module is used for reading a signature private key associated with the user identifier and converting the data type of the signature private key into a point on a preset elliptic curve;
the third operation module is used for performing second preset operation according to the data written into the second register by the second operation module and the signature private key converted by the third data type conversion module;
specifically, the third operation module is specifically configured to perform a double-point operation according to the data written into the second register by the second operation module and the signature private key converted by the third data type conversion module.
The second data type conversion module is also used for converting the data type of the operation result of the third operation module into a byte string and writing the converted operation result into a second register;
and the output module is used for outputting the data written into the first register by the hash operation module and the data written into the second register by the second data type conversion module as digital signatures.
Specifically, the output module is configured to sequentially splice the data written into the first register by the hash operation module, the preset delimiter and the data written into the second register by the second data type conversion module, and output a splicing result.
Preferably, the apparatus further comprises: the judging module is used for judging whether the data written into the second register by the second operation module is equal to a preset value or not;
in this embodiment, the preset value is 0;
correspondingly, the third data type conversion module is used for reading the signature private key associated with the user identifier and converting the data type of the signature private key into a point on a preset elliptic curve when the judgment module judges that the data written into the second register by the second operation module is not equal to the preset value;
in this embodiment, the preset value is 0;
and the random number generation module is specifically used for generating a random number when the judgment module judges that the data written into the second register by the second operation module is equal to the preset value, and writing the random number into the second register.
Preferably, the apparatus further comprises: and the acquisition module is used for acquiring the signature master public key, the first parameter, the second parameter and the signature private key associated with the user identifier from the password management system, and storing the acquired signature master public key, the signature private key, the first parameter and the second parameter.
Specifically, the second data type conversion module specifically includes:
a sixth operation submodule for obtaining the second parameter and calculating to obtain third data according to the length of the operation result and the second parameter
The first conversion submodule is used for sequentially acquiring a component with the length of third data from the abscissa of the operation result as a current component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register and writing the splicing result into the first register; the third judgment sub-module is further used for sequentially acquiring a component with the length of third data from the abscissa of the operation result as a current component when the third judgment sub-module judges that the abscissa of the operation result has an unacquired component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
the third judgment submodule is used for judging whether the horizontal coordinate of the operation result has components which are not obtained;
the second conversion submodule is used for sequentially acquiring a component with the length of third data from a vertical coordinate of an operation result as a current component when the third judgment submodule judges that the operation result has no component which is not acquired, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing a splicing result into the first register; the fourth judgment submodule is further used for sequentially acquiring a component with the length of third data from the vertical coordinate of the operation result as a current component when the fourth judgment submodule judges that the vertical coordinate of the operation result contains the component which is not acquired, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
the fourth judgment submodule is used for judging whether the vertical coordinate of the operation result has components which are not obtained or not; and when the ordinate of the operation result is judged to have no component which is not acquired, the data type conversion is successful.
Specifically, the first data type conversion module includes: a third conversion submodule and a fourth conversion submodule;
the third conversion sub-module specifically includes:
the first splitting unit is used for averagely splitting the first parameter into two byte strings;
the first conversion unit is used for sequentially acquiring one byte string of the byte strings acquired by splitting of the first splitting unit as a current byte string and converting the current byte string into decimal data; the first judging unit is used for judging whether the byte strings which are not acquired exist or not, and when judging that the byte strings which are not acquired exist, the first judging unit is used for sequentially acquiring one byte string of the byte strings acquired by splitting of the first splitting unit as a current byte string and converting the current byte string into decimal data;
the first judging unit is used for judging whether the byte strings obtained by splitting of the first splitting unit have the byte strings which are not obtained;
the first combination unit is used for combining the data converted by the first conversion unit to obtain a first parameter of a point of which the data type is a preset elliptic curve when the first judgment unit judges that no byte string which is not acquired exists;
the fourth conversion sub-module specifically includes:
the second splitting unit is used for averagely splitting the signature master public key into two byte strings;
the second conversion unit is used for sequentially acquiring one byte string of the byte strings acquired by splitting of the second splitting unit as a current byte string and converting the current byte string into decimal data; the second judging unit is used for judging whether the byte strings which are not acquired exist or not, and sequentially acquiring one byte string of the byte strings acquired by the splitting of the second splitting unit as a current byte string and converting the current byte string into decimal data;
the second judgment unit is used for judging whether the byte strings obtained by splitting of the second splitting unit still have the byte strings which are not obtained;
the second combination unit is used for combining the data converted by the second conversion unit to obtain a signature main public key of a point of which the data type is a preset elliptic curve when the second judgment unit judges that no byte string which is not acquired exists;
the third data type conversion module specifically includes:
the third splitting unit is used for averagely splitting the signature private key into two byte strings;
the third conversion unit is used for sequentially acquiring one byte string of the byte strings acquired by splitting of the third splitting unit as a current byte string and converting the current byte string into decimal data; the third judging unit is used for judging whether the byte strings which are not acquired exist or not, sequentially acquiring one byte string of the byte strings acquired by splitting of the third splitting unit as a current byte string and converting the current byte string into decimal data;
the third judging unit is used for judging whether the byte strings obtained by splitting of the third splitting unit have the byte strings which are not obtained;
and the third combination unit is used for combining the data converted by the third conversion unit to obtain the signature private key of the point with the data type of the preset elliptic curve when the third judgment unit judges that no byte string which is not acquired exists.
Example 4
The present embodiment provides an authentication apparatus based on user identification, as shown in fig. 4, including:
the receiving module is used for receiving the data to be signed, the digital signature and the user identification, intercepting the digital signature according to a preset rule to obtain first data and second data, and storing the first data, the second data, the data to be signed and the user identification;
optionally, the receiving module specifically includes:
the intercepting submodule is used for receiving the data to be signed, the digital signature and the user identification and intercepting the digital signature according to a preset rule to obtain first data and second data;
the judgment submodule is used for judging whether the first data intercepted by the interception submodule meets a first preset condition or not;
the writing sub-module is used for saving the first data, the second data, the data to be signed and the user identification when the judging sub-module judges that the first data meets a first preset condition;
and the error reporting submodule is used for reporting an error when the judging submodule judges that the first data does not meet the first preset condition, and the verification fails.
Or, the receiving module specifically includes:
the intercepting submodule is used for receiving the data to be signed, the digital signature and the user identification and intercepting the digital signature according to a preset rule to obtain first data and second data;
the judgment submodule is used for converting the data type of the first data into a point on a preset elliptic curve by the second data intercepted by the interception submodule and judging whether the converted second data meets a second preset condition or not;
the writing sub-module is used for saving the first data, the second data, the data to be signed and the user identification when the judging sub-module judges that the second data meets a second preset condition;
and the error reporting submodule is used for reporting an error when the judging submodule judges that the second data does not meet the second preset condition, and the verification fails.
The first data type conversion module is used for reading the first data, pre-stored first parameters and signature master public keys and respectively converting the data types of the first parameters and the signature master public keys into points on a preset elliptic curve;
the first operation module is used for performing bilinear pairing operation on the data converted by the first data type conversion module and performing power operation on the bilinear pairing operation and the first data;
specifically, the first operation module is configured to perform bilinear pairwise operation on the data converted by the first data type conversion module, and perform operation with the result of the bilinear pairwise operation as the base and the first data as an index.
The second data type conversion module is used for converting the data type of the operation result of the first operation module into a byte string and writing the converted operation result into the first register;
the second hash operation module is used for reading the user identifier, the pre-stored function identifier and the second parameter, performing second hash operation according to the user identifier, the function identifier and the second parameter, and writing an operation result into a second register;
optionally, the second hash operation module is specifically configured to read a user identifier, a pre-stored function identifier, and a second parameter, sequentially splice the user identifier and the function identifier, call a second cryptographic function using a splicing result and the second parameter as input parameters, and write output data of the second cryptographic function into a second register.
Or, the second hash operation module specifically includes:
the initialization submodule is used for initializing the counter;
the splicing submodule is used for reading the user identification, the pre-stored function identifier and a second parameter, sequentially splicing the user identification and the function identifier, and writing a splicing result into a second register;
the first operation submodule is used for carrying out third preset operation on the second parameter and writing an operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as an input parameter of a top function, and writing the output data of the top function into a fifth register;
the second operation submodule is used for sequentially splicing a second preset value, the data written into the second register by the splicing submodule and the value of the counter, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register; the first judgment submodule is used for judging whether the value of the counter is equal to the data written into the fifth register by the first operation submodule or not, sequentially splicing a second preset value, the data written into the second register by the splicing submodule and the updated value of the counter by the first judgment submodule, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register with the hash value, and writing the splicing result into the sixth register;
the first judgment submodule is used for updating the counter and judging whether the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the second judgment submodule is used for judging whether the data written into the fourth register by the first operation submodule is an integer or not when the first judgment submodule judges that the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the third operation submodule is used for sequentially splicing a second preset value, the data written into the second register by the splicing submodule and the value of the counter when the second judgment module judges that the data written into the fourth register by the first operation submodule is an integer, taking a splicing result as an input parameter to call a key hash function to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register;
the fourth operation submodule is used for performing fourth preset operation according to the data of the third register, the output data length of the preset password hash function and the data of the fourth register, writing the result into the seventh register, sequentially splicing the second preset value, the data of the second register and the value of the counter, and calling the key hash function to obtain a hash value by taking the spliced result as an input parameter; intercepting data of data with the length of the seventh register from the hash value, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
the fifth operation submodule is used for acquiring the second parameter, performing fifth preset operation according to the data written into the sixth register by the third operation submodule and the second parameter, and writing an operation result into the second register; and the second operation submodule is also used for acquiring a second parameter, performing fifth preset operation according to the data written into the sixth register by the fourth operation submodule and the second parameter, and writing an operation result into the second register.
The third data type conversion module is used for reading the second data, the prestored third parameter and the signature master public key and converting the data types of the data of the first register, the second data, the third parameter and the signature master public key after the second data type conversion into points on a preset elliptic curve;
the second operation module is used for performing sixth preset operation according to the data of the second register, the third parameter converted by the third data type module and the signature master public key, performing bilinear pairing operation on the second data converted by the third data type conversion module, and performing dot product operation on the data of the first register converted by the third data type conversion module;
specifically, the second operation module is configured to perform a point doubling operation on the data of the second register and the third parameter converted by the third data type conversion module, perform an addition operation on the data of the second register and the third parameter converted by the third data type conversion module, perform a bilinear pairing operation on the addition operation result and the second data converted by the third data type conversion module, and perform a point multiplication operation on the data of the first register converted by the third data type conversion module.
The fourth data type conversion module is used for converting the data type of the operation result of the second operation module into a byte string and writing the converted operation result into the first register;
the first hash operation module is used for reading the data to be signed and the second parameter, performing first hash operation according to the data to be signed, the data of the first register converted by the fourth data type conversion module and the second parameter, and writing an operation result into the first register;
optionally, the first hash operation module is specifically configured to splice data to be signed and data of the first register in sequence, call the first cryptographic function with the splicing result and the second parameter as input parameters, and write output data of the first cryptographic function into the first register.
Or, the first hash operation module specifically includes:
the initialization submodule is used for initializing the counter;
the splicing submodule is used for reading the user identification, the pre-stored function identifier and a second parameter, sequentially splicing the user identification and the function identifier, and writing a splicing result into a first register;
the first operation submodule is used for carrying out third preset operation on the second parameter and writing an operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as an input parameter of the top function, and writing the output data of the top function into the fifth register;
the second operation submodule is used for sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the value of the counter, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register; the first judgment submodule is used for sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the updated value of the counter by the first judgment submodule when the first judgment submodule judges that the value of the counter is not equal to the data written into the fifth register by the first operation submodule, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register with the hash value, and writing the splicing result into the sixth register;
the first judgment submodule is used for updating the counter and judging whether the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the second judgment submodule is used for judging whether the data written into the fourth register by the first operation submodule is an integer or not when the first judgment submodule judges that the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the third operation submodule is used for sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the value of the counter when the second judgment module judges that the data written into the fourth register by the first operation submodule is an integer, taking the splicing result as an input parameter to call a key hash function to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register;
the fourth operation submodule is used for performing fourth preset operation according to the data of the third register, the output data length of the preset password hash function and the data of the fourth register, writing the result into the seventh register, sequentially splicing the first preset value, the data of the first register and the value of the counter, and calling the key hash function to obtain a hash value by taking the spliced result as an input parameter; intercepting data of data with the length of the seventh register from the hash value, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
the fifth operation submodule is used for acquiring the second parameter, performing fifth preset operation according to the data written into the sixth register by the third operation submodule and the second parameter, and writing an operation result into the second register; and the second operation submodule is also used for acquiring a second parameter, performing fifth preset operation according to the data written into the sixth register by the fourth operation submodule and the second parameter, and writing an operation result into the first register.
The verification module is used for acquiring the first data, judging whether the first data and the data written into the first register by the first hash operation module are equal, and when the first data and the data written into the first register by the first hash operation module are equal, the verification is successful, and when the first data and the data written into the first register by the first hash operation module are not equal, the verification fails.
Specifically, the first data type conversion module includes: a first parameter data type conversion submodule and a first signature master public key data type conversion submodule;
the first parameter data type conversion sub-module specifically includes:
the first acquisition unit is used for reading the first parameter, averagely splitting the first parameter into two byte strings, sequentially acquiring one byte string as a current byte string and converting the current byte string into decimal data; the first judging unit is used for judging whether the first parameter contains a byte string which is not acquired or not;
a first judging unit, configured to judge whether there is any byte string that has not been acquired in the first parameter;
the first combination unit is used for combining all the converted data of the first acquisition unit to obtain a first parameter of a point of which the data type is a preset elliptic curve when the first judgment unit judges that no byte string which is not acquired exists in the first parameter;
the first signature master public key data type conversion submodule specifically includes:
the second acquisition unit is used for reading the signature master public key, averagely splitting the signature master public key into two byte strings, sequentially acquiring one byte string as a current byte string and converting the current byte string into decimal data; the second judgment unit is used for sequentially acquiring a byte string as a current byte string when the second judgment unit judges that the signature master public key still has the byte string which is not acquired, and converting the current byte string into decimal data;
the second judgment unit is used for judging whether the signature master public key has an unobtainable byte string;
the second combination unit is used for combining all the converted data of the second acquisition unit to obtain the signature main public key of a point with a data type of a preset elliptic curve when the second judgment unit judges that the signature main public key does not have the byte strings which are not acquired;
the third data conversion module specifically includes: a data type conversion submodule of the first register, a second data type conversion submodule, a third parameter data type conversion submodule and a second signature master public key data type conversion submodule;
the data type conversion submodule of the first register specifically includes:
the third acquisition unit is used for averagely splitting the data of the first register into two byte strings, sequentially acquiring one byte string as a current byte string and converting the current byte string into decimal data; the third judging unit is used for sequentially acquiring a byte string as a current byte string when judging that the data of the first register contains the byte string which is not acquired, and converting the current byte string into decimal data;
a third judging unit, configured to judge whether there is an unacquired byte string in the data of the first register;
a third combination unit, configured to combine all the converted data of the third obtaining unit to obtain data of the first register with a data type of a point of a preset elliptic curve when the third determining unit determines that there is no unacquired byte string in the data of the first register;
the second data type conversion sub-module specifically includes:
the fourth obtaining unit is used for averagely splitting the second data into two byte strings, sequentially obtaining one byte string as a current byte string, and converting the current byte string into decimal data; the fourth judging unit is used for sequentially acquiring a byte string as a current byte string when judging that the second data contains the byte string which is not acquired, and converting the current byte string into decimal data;
a fourth judging unit, configured to judge whether there is any byte string that has not been acquired in the second data;
the fourth combination unit is used for combining all the converted data of the fourth acquisition unit to obtain second data of a point with a data type of a preset elliptic curve when the fourth judgment unit judges that no byte string which is not acquired exists in the second data;
the third parameter data type conversion sub-module specifically includes:
the fifth obtaining unit is used for averagely splitting the third parameter into two byte strings, sequentially obtaining one byte string as a current byte string, and converting the current byte string into decimal data; the fifth judging unit is used for sequentially acquiring a byte string as a current byte string when the fifth judging unit judges that the third parameter has the byte string which is not acquired, and converting the current byte string into decimal data;
a fifth judging unit, configured to judge whether there is an unacquired byte string in the third parameter;
a fifth combination unit, configured to combine all the converted data of the fifth obtaining unit to obtain a third parameter of a point whose data type is a preset elliptic curve when the fifth judging unit determines that there is no unacquired byte string in the third parameter;
the second signature master public key data type conversion submodule specifically includes:
the sixth acquisition unit is used for averagely splitting the signature master public key into two byte strings, sequentially acquiring one byte string as a current byte string and converting the current byte string into decimal data; the sixth judging unit is used for sequentially acquiring a byte string as a current byte string when the sixth judging unit judges that the signature master public key still has the byte string which is not acquired, and converting the current byte string into decimal data;
a sixth judging unit, configured to judge whether there is an unacquired byte string in the signature master public key;
and the sixth combination unit is used for combining all the converted data of the sixth acquisition unit to obtain the signature master public key of the point with the data type of the preset elliptic curve when the sixth judgment unit judges that no byte string which is not acquired exists in the signature master public key.
Specifically, the second data type conversion module includes:
the first calculation submodule is used for acquiring a second parameter and calculating according to the length of the operation result of the first operation module and the second parameter to obtain third data;
the first splicing submodule is used for sequentially acquiring a component with the length of third data from the abscissa of the operation result of the first operation module as a current component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register and writing the splicing result into the first register; the first judgment submodule is further used for sequentially acquiring a component with a length of third data from the abscissa of the operation result of the first operation module as a current component when the first judgment submodule judges that the abscissa of the operation result of the first operation module has an unacquired component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
the first judgment submodule is used for judging whether components which are not acquired exist in the abscissa of the operation result of the first operation module;
the second splicing submodule is used for sequentially acquiring a component with the length of third data from the ordinate of the operation result as a current component when the first judgment submodule judges that the abscissa of the operation result of the first operation module does not have the component which is not acquired, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register; the second judgment sub-module is further used for sequentially acquiring a component with a length of third data from the ordinate of the operation result as a current component when the second judgment sub-module judges that the grain division which is not acquired exists in the ordinate of the operation result of the first operation module, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
the second judgment submodule is used for judging whether components which are not obtained exist in the vertical coordinate of the operation result of the first operation module; and when judging that the calculation result ordinate of the first calculation module has no component which is not acquired, the conversion is finished;
the fourth data type conversion module specifically includes:
the second calculation submodule is used for acquiring a second parameter and calculating according to the length of the operation result of the second operation module and the second parameter to obtain third data;
the third splicing submodule is used for sequentially acquiring a component with the length of third data from the abscissa of the operation result of the second operation module as a current component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register and writing the splicing result into the first register; the second judgment sub-module is used for judging whether the abscissa of the operation result of the second operation module has a component which is not acquired, sequentially acquiring a component with the length of third data from the abscissa of the operation result of the second operation module as a current component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
a third judgment sub-module, configured to judge whether there is any component that is not acquired in the abscissa of the operation result of the second operation module;
the fourth splicing submodule is used for sequentially acquiring a component with the length of third data from the ordinate of the operation result as a current component when the third judging submodule judges that no component which is not acquired exists in the abscissa of the operation result of the second operation module, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register; the fourth judgment sub-module is further used for sequentially acquiring a component with the length of third data from the ordinate of the operation result as a current component when the fourth judgment sub-module judges that the operation result ordinate of the second operation module contains grain which is not acquired, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
the fourth judgment submodule is used for judging whether the longitudinal coordinate of the operation result of the second operation module has components which are not obtained; and when judging that the calculation result ordinate of the second calculation module has no component which is not acquired, the conversion is ended.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (44)

1. A digital signature method based on user identification is characterized by comprising the following steps:
step S1, when receiving the data to be signed, the CPU saves the data to be signed;
step S2, the CPU generates a random number through a random number generator, and writes the random number into a second register;
step S3, the CPU reads a pre-stored first parameter and a signature main public key, converts the data types of the first parameter and the signature main public key into points on a preset elliptic curve, performs bilinear pairing operation according to the converted first parameter and the signature main public key, performs power operation with the data of the second register, converts the data type of the operation result into a byte string, and writes the converted operation result into the first register;
step S4, the CPU obtains the data to be signed and a pre-stored second parameter, and carries out a first hash operation according to the data to be signed, the data of the first register and the second parameter, and writes an operation result into the first register;
step S5, the CPU reads a second parameter, performs a first preset operation according to the data of the first register, the data of the second register and the second parameter, and writes an operation result into the second register;
step S6, the CPU reads the signature private key associated with the user identification, converts the data type of the signature private key into a point on a preset elliptic curve, performs a second preset operation according to the data of the second register and the converted signature private key, converts the data type of the operation result into a byte string, and writes the converted operation result into the second register;
step S7, the CPU outputs the data of the first register and the data of the second register as digital signatures.
2. The method as claimed in claim 1, wherein performing bilinear pairwise operation according to the converted first parameter and the signature master public key, and performing exponentiation operation with data of the second register specifically comprises: and the CPU performs bilinear pairing operation according to the converted first parameter and the signature master public key, and performs operation by taking the operation result of the bilinear pairing operation as the base and the data of the second register as an index.
3. The method according to claim 1, wherein the step S4 is specifically: the CPU obtains the data to be signed and a pre-stored second parameter, sequentially splices the data to be signed and the data of the first register, calls a first password function by taking a splicing result and the second parameter as input parameters, and writes output data of the first password function into the first register.
4. The method according to claim 1, wherein S4 is specifically:
step B1, the CPU initializes a counter, acquires data to be signed and a second parameter, sequentially splices the data to be signed and the data of the first register, and writes the splicing result into the first register;
step B2, the CPU carries out a third preset operation on the second parameter, and writes the operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as an input parameter of a top function, and writing the output data of the top function into a fifth register;
step B3, the CPU splices the first preset value, the data of the first register and the value of the counter in sequence, the spliced result is used as an input parameter to call a key hash function to obtain a hash value, the data of the sixth register is spliced with the hash value, and the spliced result is written into the sixth register;
step B4, the CPU updates the counter, judges whether the value of the counter is equal to the data of the fifth register, if yes, the step B5 is executed, otherwise, the step B3 is returned;
b5, the CPU judges whether the data of the fourth register is an integer, if yes, B6 is executed, otherwise B7 is executed;
step B6, the CPU splices the first preset value, the data of the first register and the value of the counter in sequence, the spliced result is used as an input parameter to call a key hash function to obtain a hash value, the data of the sixth register is spliced with the hash value, the spliced result is written into the sixth register, and the step B8 is executed;
step B7, the CPU carries out a fourth preset operation according to the data of the third register, the output data length of the preset password hash function and the data of the fourth register, writes the result into the seventh register, sequentially splices the first preset value, the data of the first register and the value of the counter, and takes the spliced result as an input parameter to call the key hash function to obtain a hash value; intercepting data with the length of a seventh register from the hash value, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
and step B8, the CPU acquires the second parameter, performs fifth preset operation according to the data of the sixth register and the second parameter, and writes the operation result into the first register.
5. The method according to claim 1, wherein the step S5 is specifically: and the CPU reads a second parameter, calculates the difference between the data of the second register and the data of the first register, performs modular operation on the calculation result and the second parameter, and writes the calculation result into the second register.
6. The method of claim 1, wherein the step S5 is further followed by: and the CPU judges whether the data of the second register is equal to a preset value, if so, the CPU recalls the random number generator to generate a random number, writes the random number into the second register, returns to the step S3, and otherwise, continues to execute the step S6.
7. The method of claim 1, wherein the step S1 is preceded by: the CPU obtains a signature main public key, a first parameter, a second parameter and a signature private key associated with a user identifier from a password management system, and stores the obtained signature main public key, signature private key, first parameter and second parameter.
8. The method according to claim 1, wherein the step S6 is specifically: the CPU reads the signature private key associated with the user identification, converts the data type of the signature private key into a point on a preset elliptic curve, performs point doubling operation according to the data of the second register and the converted signature private key, converts the data type of the operation result into a byte string, and writes the converted operation result into the second register.
9. The method according to claim 1, wherein the step S7 is specifically: and the CPU sequentially splices the data of the first register, the preset separator and the data of the second register and outputs a splicing result.
10. The method of claim 1, wherein converting the data type of the operation result into a byte string specifically comprises:
step A1, the CPU obtains a second parameter, and calculates according to the length of the operation result and the second parameter to obtain third data;
step A2, the CPU sequentially acquires a component with the length of third data from the abscissa of the operation result as a current component, converts the current component into hexadecimal data, splices the converted data with the data of the first register, and writes the spliced result into the first register;
step A3, the CPU judges whether the operation result has the component which is not acquired, if yes, the operation returns to step A2, otherwise, the step A4 is executed;
step A4, the CPU sequentially acquires a component with the length of third data from the ordinate of the operation result as a current component, converts the current component into hexadecimal data, splices the converted data with the data of the first register, and writes the splicing result into the first register;
and step A5, the CPU judges whether the operation result has the component which is not acquired, if so, the step A4 is returned, otherwise, the operation is ended.
11. The method as claimed in claim 1, wherein said converting the data type of the first parameter to a point on a preset elliptic curve specifically comprises:
step 101, averagely splitting a first parameter into two byte strings by the CPU;
102, the CPU sequentially acquires a byte string as a current byte string and converts the current byte string into decimal data;
step 103, the CPU judges whether the first parameter has byte strings which are not acquired, if so, the step 102 is returned, otherwise, all the converted data are combined to obtain the first parameter of the point of which the data type is a preset elliptic curve;
the converting the data type of the signature master public key into a point on a preset elliptic curve specifically comprises:
step 201, the CPU averagely splits a signature master public key into two byte strings;
step 202, the CPU sequentially obtains a byte string as a current byte string and converts the current byte string into decimal data;
step 203, the CPU judges whether byte strings which are not acquired exist in the signature master public key, if so, the step 202 is returned, otherwise, all the converted data are combined to obtain the signature master public key of which the data type is a point of a preset elliptic curve;
converting the data type of the signature private key into a point on a preset elliptic curve specifically comprises:
step 301, averagely splitting a signature private key into a preset number of byte strings by the CPU;
step 302, the CPU sequentially obtains a byte string as a current byte string and converts the current byte string into decimal data;
and 303, judging whether the second data contains byte strings which are not acquired by the CPU, if so, returning to 302, otherwise, combining all the converted data to obtain a signature private key of a point with the data type of a preset elliptic curve.
12. A signature verification method based on user identification is characterized by comprising the following steps:
step R1, when receiving the data to be signed, the digital signature and the user identification, the CPU intercepts the digital signature according to a preset rule to obtain first data and second data, and stores the first data, the second data, the data to be signed and the user identification;
step R2, the CPU reads first data, a pre-stored first parameter and a signature main public key, converts the data types of the first parameter and the signature main public key into points on a preset elliptic curve, performs bilinear pairing operation according to the converted data, performs power operation with the first data, converts the data type of an operation result into a byte string, and writes the converted operation result into a first register;
step R3, the CPU reads the user identifier, the pre-stored function identifier and the second parameter, performs a second hash operation according to the user identifier, the function identifier and the second parameter, and writes the operation result into a second register;
step R4, the CPU reads the second data and the prestored third parameter and signature main public key, converts the data types of the data, the second data, the third parameter and the signature main public key of the first register into points on a preset elliptic curve, performs a sixth preset operation according to the data of the second register, the converted third parameter and the signature main public key, performs a bilinear pairing operation with the converted second data, performs a dot product operation with the data of the first register, converts the data type of the operation result into a byte string, and writes the converted operation result into the first register;
step R5, the CPU reads the data to be signed and the second parameter, carries out the first hash operation according to the data to be signed, the data of the first register and the second parameter, and writes the operation result into the first register;
and step R6, the CPU acquires the first data and judges whether the first data is equal to the data of the first register, if so, the verification is successful, otherwise, the verification fails.
13. The method of claim 12, wherein performing the bilinear pairwise operation with the transformed data and performing the exponentiation operation with the first data is specifically: and carrying out bilinear pairing operation according to the converted data, wherein the operation result of the bilinear pairing operation is taken as the base, and the first data is taken as an index for operation.
14. The method according to claim 12, wherein said step R3 is specifically: and the CPU reads the user identifier, the pre-stored function identifier and the second parameter, sequentially splices the user identifier and the function identifier, calls a second password function by taking a splicing result and the second parameter as input parameters, and writes output data of the second password function into the second register.
15. The method according to claim 12, wherein R3 is in particular:
step D1, the CPU initializes the counter, reads the user identification, the pre-stored function identifier and the second parameter, splices the user identification and the function identifier in sequence, and writes the splicing result into the second register;
step D2, the CPU carries out a third preset operation on the second parameter, and writes an operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as an input parameter of a top function, and writing the output data of the top function into a fifth register;
step D3, the CPU splices the second preset value, the data of the second register and the value of the counter in sequence, the spliced result is used as an input parameter to call a key hash function to obtain a hash value, the data of the sixth register is spliced with the hash value, and the spliced result is written into the sixth register;
d4, the CPU updates the counter, judges whether the value of the counter is equal to the data of the fifth register, if yes, the step D5 is executed, otherwise, the step D3 is returned;
d5, judging whether the data of the fourth register is an integer by the CPU, if so, executing D6, otherwise, executing D7;
step D6, the CPU splices the second preset value, the data of the second register and the value of the counter in sequence, the spliced result is used as an input parameter to call a key hash function to obtain a hash value, the data of the sixth register is spliced with the hash value, and the spliced result is assigned to the sixth register;
step D7, the CPU performs a fourth preset operation according to the data of the third register, the preset output data length of the password hash function and the data of the fourth register, writes the result into the seventh register, sequentially splices the second preset value, the data of the second register and the value of the counter, and calls the key hash function to obtain a hash value by taking the spliced result as an input parameter; intercepting data with the length of a seventh register from the hash value, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
and D8, the CPU acquires the second parameter, performs a fifth preset operation according to the data of the sixth register and the second parameter, and writes the operation result into the second register.
16. The method according to claim 12, wherein performing the sixth preset operation according to the data of the second register, the converted third parameter, and the signature master public key specifically comprises: and performing point doubling operation on the data of the second register and the converted third parameter, and performing addition operation on the data of the second register and the converted signature master public key.
17. The method of claim 12, wherein said saving said first data, second data, said data to be signed, and said user identification further comprises, prior to: and the CPU judges whether the first data meets a first preset condition, if so, the first data, the second data, the data to be signed and the user identification are stored, and if not, the verification fails.
18. The method of claim 12, wherein said saving said first data, second data, said data to be signed, and said user identification further comprises, prior to: and the CPU converts the data type of the second data into a point on a preset elliptic curve, judges whether the converted second data meets a second preset condition, if so, continues to store the first data, the second data, the data to be signed and the user identifier, and otherwise, fails to verify.
19. The method as claimed in claim 12, wherein said converting the data type of the first parameter to a point on a preset elliptic curve specifically comprises:
step 401, the CPU averagely splits the first parameter into two byte strings;
step 402, the CPU sequentially obtains a byte string as a current byte string and converts the current byte string into decimal data;
step 403, the CPU determines whether there is any byte string that has not been acquired in the first parameter, if so, returns to step 402, otherwise, combines all the converted data to obtain a first parameter whose data type is a point of a preset elliptic curve;
the converting the data type of the signature master public key into a point on a preset elliptic curve specifically comprises:
step 501, the CPU averagely splits a signature master public key into two byte strings;
step 502, the CPU sequentially obtains a byte string as a current byte string and converts the current byte string into decimal data;
step 503, the CPU determines whether there is any byte string that has not been acquired in the signature master public key, if yes, the process returns to step 502, otherwise, all the converted data are combined to obtain a signature master public key whose data type is a point of a preset elliptic curve;
the step of respectively and uniformly converting the data types of the first register into points on a preset elliptic curve specifically includes:
601, averagely splitting the data of the first register into two byte strings by the CPU;
step 602, the CPU sequentially obtains a byte string as a current byte string, and converts the current byte string into decimal data;
step 603, the CPU determines whether there is an unacquired byte string in the data of the first register, if yes, the process returns to step 602, otherwise, all the converted data are combined to obtain the data of the first register with the data type being the point of the preset elliptic curve;
the step of respectively and uniformly converting the data types of the second data into points on a preset elliptic curve specifically includes:
step 701, the CPU averagely splits the second data into two byte strings;
step 702, the CPU sequentially acquires a byte string as a current byte string and converts the current byte string into decimal data;
step 703, the CPU determines whether there is any byte string that has not been acquired in the second data, if so, returns to step 702, otherwise, combines all the converted data to obtain second data whose data type is a point of a preset elliptic curve;
converting the data types of the third parameters into points on a preset elliptic curve respectively specifically comprises:
step 801, averagely splitting a third parameter into two byte strings by the CPU;
step 802, the CPU sequentially acquires a byte string as a current byte string and converts the current byte string into decimal data;
step 803, the CPU determines whether there is any byte string that has not been acquired in the third parameter, if yes, returns to step 802, otherwise, combines all the converted data to obtain the third parameter whose data type is a point of a preset elliptic curve.
20. The method as claimed in claim 12, wherein said performing a first hash operation based on said data to be signed, data of a first register and a second parameter, writing the operation result into a first register is further specified as: and the CPU sequentially splices the data to be signed and the data of a first register, calls a first password function by taking a splicing result and the second parameter as input parameters, and writes output data of the first password function into the first register.
21. The method as claimed in claim 12, wherein said performing a first hash operation based on said data to be signed, data of a first register and a second parameter, writing the operation result into a first register is further specified as:
step E1, the CPU initializes a counter, sequentially splices the data to be signed and the data of a first register, and writes the splicing result into the first register;
step E2, the CPU carries out a third preset operation on the second parameter, and writes an operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as the input parameters of the top function, and assigning the output data of the top function to the fifth register;
step E3, the CPU splices the first preset value, the data of the first register and the value of the counter in sequence, the spliced result is used as an input parameter to call a key hash function to obtain a hash value, the data of the sixth register is spliced with the hash value, and the spliced result is assigned to the sixth register;
step E4, the CPU updates the counter, judges whether the value of the counter is equal to the data of the fifth register, if yes, the step E5 is executed, otherwise, the step E3 is returned;
step E5, the CPU judges whether the data of the fourth register is an integer, if so, executing E6, otherwise, executing E7;
step E6, the CPU splices the first preset value, the data of the first register and the value of the counter in sequence, the spliced result is used as an input parameter to call a key hash function to obtain a hash value, the data of the sixth register is spliced with the hash value, and the spliced result is assigned to the sixth register;
step E7, the CPU performs a fourth preset operation according to the data of the third register, the preset output data length of the cryptographic hash function and the data of the fourth register, writes the result into the seventh register, sequentially splices the first preset value, the data of the first register and the value of the counter, and calls the cryptographic hash function to obtain a hash value by using the spliced result as an input parameter; intercepting data of data with the length of the seventh register from the hash value, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
and E8, the CPU acquires the second parameter, performs a fifth preset operation according to the data of the sixth register and the second parameter, and writes the operation result into the first register.
22. The method of claim 12, wherein converting the data type of the operation result into a byte string specifically comprises:
step 901, the CPU obtains a second parameter, and calculates to obtain third data according to the length of the operation result and the second parameter;
step 902, the CPU sequentially acquires a component of third data in length from the abscissa of the operation result as a current component, converts the current component into hexadecimal data, splices the converted data with the data of the first register, and writes the spliced result into the first register;
step 903, the CPU judges whether the horizontal coordinate of the operation result has a component which is not acquired, if so, the step 902 is returned, otherwise, the step 904 is executed;
step 904, the CPU sequentially acquires a component of the third data length from the ordinate of the operation result as a current component, converts the current component into hexadecimal data, splices the converted data with the data of the first register, and writes the spliced result into the first register;
step 905, the CPU determines whether there is any component in the ordinate of the operation result that has not been acquired, if so, returns to step 904, otherwise, ends.
23. A digital signature device based on user identification, comprising:
the receiving module is used for receiving data to be signed; and storing the data to be signed;
the random number generating module is used for generating random numbers; and writing the random number into a second register;
the first data type conversion module is used for reading a pre-stored first parameter and a signature master public key and converting the data types of the first parameter and the signature master public key into points on a preset elliptic curve;
the first operation module is used for performing bilinear pairing operation on the first parameter and the signature master public key after the first data type conversion module converts the first parameter and the signature master public key, and performing power operation on the first parameter and data written into a second register by the random number generation module;
the second data type conversion module is used for converting the data type of the operation result of the first operation module into a byte string and writing the converted operation result into a first register;
the hash operation module is used for acquiring the data to be signed and the pre-stored second parameter which are stored by the receiving module, performing first hash operation according to the data to be signed, the data written into the first register by the second data type conversion module and the second parameter, and writing an operation result into the first register;
the second operation module is used for reading a second parameter, performing a first preset operation according to the data written into the first register by the hash operation module, the data written into the second register by the random number generation module and the second parameter, and writing an operation result into the second register;
the third data type conversion module is used for reading a signature private key associated with the user identifier and converting the data type of the signature private key into a point on a preset elliptic curve;
the third operation module is used for performing second preset operation according to the data written into the second register by the second operation module and the signature private key converted by the third data type conversion module;
the second data type conversion module is also used for converting the data type of the operation result of the third operation module into a byte string and writing the converted operation result into a second register;
and the output module is used for outputting the data written into the first register by the hash operation module and the data written into the second register by the second data type conversion module as digital signatures.
24. The apparatus according to claim 23, wherein the first operation module is specifically configured to perform a bilinear pairing operation on the first parameter and the signature master public key after the conversion by the first data type conversion module, and then perform an operation with the result of the bilinear pairing operation as a base and the data of the second register as an index.
25. The apparatus according to claim 23, wherein the hash operation module is specifically configured to obtain the data to be signed and a pre-stored second parameter stored by the receiving module, sequentially splice the data to be signed and the data of the first register, call a first cryptographic function using a splicing result and the second parameter as input parameters, and write output data of the first cryptographic function into the first register.
26. The apparatus of claim 23, wherein the hash operation module comprises:
the initialization submodule is used for initializing the counter;
the splicing submodule is used for acquiring data to be signed and a second parameter, sequentially splicing the data to be signed and the data of the first register and writing a splicing result into the first register;
the first operation submodule is used for carrying out third preset operation on the second parameter and writing an operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as an input parameter of a top function, and writing the output data of the top function into a fifth register;
the second operation submodule is used for sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the value of the counter, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register;
the first judgment submodule is used for judging whether the value of the counter is equal to the data written into the fifth register by the first operation submodule or not, sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the updated value of the counter by the first judgment submodule, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register with the hash value, and writing the splicing result into the sixth register;
the first judgment submodule is used for updating the counter and judging whether the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the second judgment submodule is used for judging whether the data written into the fourth register by the first operation submodule is an integer or not when the first judgment submodule judges that the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the third operation submodule is used for sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the value of the counter when the second judgment module judges that the data written into the fourth register by the first operation submodule is an integer, taking the splicing result as an input parameter to call a key hash function to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register;
a fourth operation submodule, configured to perform a fourth preset operation according to the data of the third register, the output data length of the preset cryptographic hash function, and the data of the fourth register when the second determination module determines that the data written by the first operation submodule into the fourth register is not an integer, write the result into a seventh register, sequentially splice the first preset value, the data of the first register, and the value of the counter, and call the cryptographic hash function using the spliced result as an input parameter to obtain a hash value; intercepting data of data with the length of the seventh register from the hash value, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
the fifth operation submodule is used for acquiring the second parameter, performing fifth preset operation according to the data written into the sixth register by the third operation submodule and the second parameter, and writing an operation result into the first register; and the second operation submodule is also used for acquiring a second parameter, performing fifth preset operation according to the data written into the sixth register by the fourth operation submodule and the second parameter, and writing an operation result into the first register.
27. The apparatus as claimed in claim 23, wherein said second operation module is specifically configured to read a second parameter, calculate a difference between data of said second register and data of said first register, perform a modulo operation on a calculation result and said second parameter, and write the calculation result into said second register.
28. The apparatus of claim 23, further comprising: the judging module is used for judging whether the data written into the second register by the second operation module is equal to a preset value or not;
the third data type conversion module is specifically configured to, when the judgment module judges that the data written into the second register by the second operation module is not equal to the preset value, read a signature private key associated with the user identifier, and convert the data type of the signature private key into a point on a preset elliptic curve;
the random number generation module is further configured to generate a random number when the judgment module judges that the data written into the second register by the second operation module is equal to a preset value; and writing the random number to the second register.
29. The apparatus of claim 23, further comprising: the acquisition module is used for acquiring a signature master public key, a first parameter, a second parameter and a signature private key associated with a user identifier from a password management system, and storing the acquired signature master public key, the signature private key, the first parameter and the second parameter.
30. The apparatus according to claim 23, wherein the third operation module is specifically configured to perform a doubling operation according to the data written into the second register by the second operation module and the signature private key converted by the third data type conversion module.
31. The apparatus as claimed in claim 23, wherein the output module is further configured to sequentially concatenate the data written into the first register by the hash operation module, the predetermined delimiter, and the data written into the second register by the second data type conversion module, and output the concatenation result.
32. The apparatus as claimed in claim 23, wherein the second data type conversion module comprises:
a sixth operation submodule for obtaining the second parameter and calculating to obtain third data according to the length of the operation result and the second parameter
The first conversion submodule is used for sequentially acquiring a component with the length of third data from the abscissa of the operation result as a current component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register and writing a splicing result into the first register; the third judgment sub-module is further used for sequentially acquiring a component with the length of third data from the abscissa of the operation result as a current component when the third judgment sub-module judges that the abscissa of the operation result has an unacquired component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
the third judgment submodule is used for judging whether the horizontal coordinate of the operation result has components which are not obtained;
the second conversion submodule is used for sequentially acquiring a component with the length of third data from the ordinate of the operation result as a current component when the operation result has no component which is not acquired, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register; the fourth judgment submodule is further used for sequentially acquiring a component with the length of third data from the vertical coordinate of the operation result as a current component when the fourth judgment submodule judges that the vertical coordinate of the operation result contains the component which is not acquired, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
the fourth judgment submodule is used for judging whether the vertical coordinate of the operation result has components which are not obtained or not; and when judging that no component which is not acquired exists in the ordinate of the operation result, the data type conversion is successful.
33. The apparatus of claim 23, wherein the first data type conversion module specifically comprises: a third conversion submodule and a fourth conversion submodule;
the third conversion sub-module specifically includes:
the first splitting unit is used for averagely splitting the first parameter into two byte strings;
the first conversion unit is used for sequentially acquiring one byte string of the byte strings acquired by splitting of the first splitting unit as a current byte string and converting the current byte string into decimal data; the first judging unit is used for judging whether the byte strings which are not acquired exist or not, and when judging that the byte strings which are not acquired exist, the first judging unit is used for sequentially acquiring one byte string of the byte strings acquired by splitting of the first splitting unit as a current byte string and converting the current byte string into decimal data;
the first judging unit is configured to judge whether an unacquired byte string remains in the byte string split by the first splitting unit;
the first combination unit is used for combining the data converted by the first conversion unit to obtain a first parameter of a point of which the data type is a preset elliptic curve when the first judgment unit judges that no byte string which is not acquired exists;
the fourth conversion sub-module specifically includes:
the second splitting unit is used for averagely splitting the signature master public key into two byte strings;
the second conversion unit is used for sequentially acquiring one byte string of the byte strings acquired by splitting of the second splitting unit as a current byte string and converting the current byte string into decimal data; the second judgment unit is used for judging whether the byte string which is not acquired exists or not, and when the second judgment unit judges that the byte string which is not acquired exists, one byte string of the byte strings obtained by splitting of the second splitting unit is sequentially acquired as a current byte string, and the current byte string is converted into decimal data;
the second judging unit is configured to judge whether an unacquired byte string remains in the byte string obtained by splitting by the second splitting unit;
the second combination unit is used for combining the data converted by the second conversion unit to obtain a signature master public key of a point of which the data type is a preset elliptic curve when the second judgment unit judges that no byte string which is not obtained exists;
the third data type conversion module specifically includes:
the third splitting unit is used for averagely splitting the signature private key into two byte strings;
the third conversion unit is used for sequentially acquiring one byte string of the byte strings acquired by splitting of the third splitting unit as a current byte string and converting the current byte string into decimal data; the third judging unit is used for judging whether the byte strings which are not acquired exist or not, sequentially acquiring one byte string of the byte strings acquired by splitting of the third splitting unit as a current byte string, and converting the current byte string into decimal data;
the third judging unit is configured to judge whether an unacquired byte string remains in the byte string split by the third splitting unit;
and the third combination unit is used for combining the data converted by the third conversion unit to obtain the signature private key of the point with the data type of the preset elliptic curve when the third judgment unit judges that no byte string which is not acquired exists.
34. An authentication apparatus based on user identification, comprising:
the receiving module is used for receiving data to be signed, a digital signature and a user identifier, intercepting the digital signature according to a preset rule to obtain first data and second data, and storing the first data, the second data, the data to be signed and the user identifier;
the first data type conversion module is used for reading first data, pre-stored first parameters and a signature master public key and converting the data types of the first parameters and the signature master public key into points on a preset elliptic curve;
the first operation module is used for performing bilinear pairing operation according to the data converted by the first data type conversion module and performing power operation with the first data;
the second data type conversion module is used for converting the data type of the operation result of the first operation module into a byte string and writing the converted operation result into a first register;
the second hash operation module is used for reading the user identifier, the pre-stored function identifier and the second parameter, performing second hash operation according to the user identifier, the function identifier and the second parameter, and writing an operation result into a second register;
the third data type conversion module is used for reading second data, prestored third parameters and a signature main public key, and converting the data of the first register after the second data type conversion, the second data, the third parameters and the data type of the signature main public key into points on a preset elliptic curve;
the second operation module is used for performing sixth preset operation according to the data of the second register, the third parameter converted by the third data type module and the signature master public key, performing bilinear pairing operation on the second data converted by the third data type conversion module, and performing dot product operation on the data of the first register converted by the third data type conversion module;
the fourth data type conversion module is used for converting the data type of the operation result of the second operation module into a byte string and writing the converted operation result into the first register;
the first hash operation module is used for reading data to be signed and a second parameter, performing first hash operation according to the data to be signed, the data of the first register converted by the fourth data type conversion module and the second parameter, and writing an operation result into the first register;
the verification module is used for acquiring the first data, judging whether the first data and the data written into the first register by the first hash operation module are equal, and when the first data and the data written into the first register by the first hash operation module are equal, the verification is successful, and when the first data and the data written into the first register by the first hash operation module are not equal, the verification fails.
35. The apparatus as claimed in claim 34, wherein the first operation module is specifically configured to perform a bilinear pairing operation on the data converted by the first conversion module, and perform the operation with the result of the bilinear pairing operation as a base and the first data as an index.
36. The apparatus according to claim 34, wherein the second hash operation module is specifically configured to read the user identifier, a pre-stored function identifier and a second parameter, sequentially concatenate the user identifier and the function identifier, call a second cryptographic function using a concatenation result and the second parameter as input parameters, and write output data of the second cryptographic function into the second register.
37. The apparatus of claim 34, wherein the second hash operation module comprises:
the initialization submodule is used for initializing the counter;
the splicing submodule is used for reading the user identification, the pre-stored function identifier and a second parameter, sequentially splicing the user identification and the function identifier, and writing a splicing result into the second register;
the first operation submodule is used for carrying out third preset operation on the second parameter and writing an operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as an input parameter of a top function, and writing the output data of the top function into a fifth register;
the second operation submodule is used for sequentially splicing a second preset value, the data written into the second register by the splicing submodule and the value of the counter, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register;
the first judgment submodule is used for judging whether the value of the counter is equal to the data written into the fifth register by the first operation submodule or not, sequentially splicing a second preset value, the data written into the second register by the splicing submodule and the updated value of the counter by the first judgment submodule, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register with the hash value, and writing the splicing result into the sixth register;
the first judgment submodule is used for updating the counter and judging whether the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the second judgment submodule is used for judging whether the data written into the fourth register by the first operation submodule is an integer or not when the first judgment submodule judges that the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the third operation submodule is used for sequentially splicing a second preset value, the data written into the second register by the splicing submodule and the value of the counter when the second judgment module judges that the data written into the fourth register by the first operation submodule is an integer, taking a splicing result as an input parameter to call a key hash function to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register;
the fourth operation submodule is used for performing fourth preset operation according to the data of the third register, the output data length of the preset password hash function and the data of the fourth register, writing the result into the seventh register, sequentially splicing the second preset value, the data of the second register and the value of the counter, and calling the key hash function to obtain a hash value by taking the spliced result as an input parameter; intercepting data of data with the length of the seventh register from the hash value, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
the fifth operation submodule is used for acquiring the second parameter, performing fifth preset operation according to the data written into the sixth register by the third operation submodule and the second parameter, and writing an operation result into the second register; and the second operation submodule is also used for acquiring a second parameter, performing fifth preset operation according to the data written into the sixth register by the fourth operation submodule and the second parameter, and writing an operation result into the second register.
38. The apparatus as claimed in claim 34, wherein the second operation module is specifically configured to perform a point doubling operation on the data in the second register and the third parameter converted by the third data type conversion module, perform an addition operation on the data in the second register and the converted signature master public key, perform a bilinear pairing operation on the addition operation result and the second data converted by the third data type conversion module, and perform a point multiplication operation on the data in the first register converted by the third data type conversion module.
39. The apparatus of claim 34, wherein the receiving module specifically comprises:
the intercepting submodule is used for receiving the data to be signed, the digital signature and the user identification and intercepting the digital signature according to a preset rule to obtain first data and second data;
the judgment submodule is used for judging whether the first data intercepted by the interception submodule meets a first preset condition or not;
the writing sub-module is used for saving the first data, the second data, the data to be signed and the user identification when the judging sub-module judges that the first data meets a first preset condition;
and the error reporting submodule is used for reporting an error when the judging submodule judges that the first data does not meet the first preset condition, and the verification fails.
40. The apparatus of claim 34, wherein the receiving module specifically comprises:
the intercepting submodule is used for receiving the data to be signed, the digital signature and the user identification and intercepting the digital signature according to a preset rule to obtain first data and second data;
the judgment submodule is used for converting the data type of the first data into a point on a preset elliptic curve by the second data intercepted by the interception submodule and judging whether the converted second data meets a second preset condition or not;
the writing sub-module is used for saving the first data, the second data, the data to be signed and the user identification when the judging sub-module judges that the second data meets a second preset condition;
and the error reporting submodule is used for reporting an error when the judging submodule judges that the second data does not meet the second preset condition, and the verification fails.
41. The apparatus of claim 34,
the first data type conversion module specifically includes: a first parameter data type conversion submodule and a first signature master public key data type conversion submodule;
the first parameter data type conversion sub-module specifically includes:
the first acquisition unit is used for reading the first parameter, averagely splitting the first parameter into two byte strings, sequentially acquiring one byte string as a current byte string and converting the current byte string into decimal data; the first judging unit is used for sequentially acquiring a byte string as a current byte string when judging that the first parameter has the byte string which is not acquired, and converting the current byte string into decimal data;
a first judging unit, configured to judge whether there is any byte string that has not been acquired in the first parameter;
the first combination unit is used for combining all the converted data of the first acquisition unit to obtain a first parameter of a point of which the data type is a preset elliptic curve when the first judgment unit judges that no byte string which is not acquired exists in the first parameter;
the first signature master public key data type conversion sub-module specifically includes:
the second acquisition unit is used for reading the signature master public key, averagely splitting the signature master public key into two byte strings, sequentially acquiring one byte string as a current byte string and converting the current byte string into decimal data; the second judgment unit is used for sequentially acquiring a byte string as a current byte string when the second judgment unit judges that the signature master public key still has the byte string which is not acquired, and converting the current byte string into decimal data;
the second judgment unit is used for judging whether the signature master public key has an unobtainable byte string;
the second combination unit is used for combining all the converted data of the second acquisition unit to obtain the signature main public key of a point with a data type of a preset elliptic curve when the second judgment unit judges that the signature main public key does not have the byte strings which are not acquired;
the third data conversion module specifically includes: a data type conversion submodule of the first register, a second data type conversion submodule, a third parameter data type conversion submodule and a second signature master public key data type conversion submodule;
the data type conversion submodule of the first register specifically includes:
the third acquisition unit is used for averagely splitting the data of the first register into two byte strings, sequentially acquiring one byte string as a current byte string and converting the current byte string into decimal data; the third judging unit is used for sequentially acquiring a byte string as a current byte string when judging that the data of the first register contains the byte string which is not acquired, and converting the current byte string into decimal data;
a third judging unit, configured to judge whether there is an unacquired byte string in the data of the first register;
a third combination unit, configured to combine all the converted data of the third obtaining unit to obtain data of the first register with a data type of a point of a preset elliptic curve when the third determining unit determines that there is no unacquired byte string in the data of the first register;
the second data type conversion sub-module specifically includes:
the fourth obtaining unit is used for averagely splitting the second data into two byte strings, sequentially obtaining one byte string as a current byte string, and converting the current byte string into decimal data; the fourth judging unit is used for sequentially acquiring a byte string as a current byte string when judging that the second data contains the byte string which is not acquired, and converting the current byte string into decimal data;
a fourth judging unit, configured to judge whether there is any byte string that has not been acquired in the second data;
a fourth combination unit, configured to combine all the converted data of the fourth obtaining unit to obtain second data with a data type of a point of a preset elliptic curve when the fourth determining unit determines that there is no unacquired byte string in the second data;
the third parameter data type conversion sub-module specifically includes:
the fifth obtaining unit is used for averagely splitting the third parameter into two byte strings, sequentially obtaining one byte string as a current byte string, and converting the current byte string into decimal data; the fifth judging unit is used for sequentially acquiring a byte string as a current byte string when the fifth judging unit judges that the third parameter has the byte string which is not acquired, and converting the current byte string into decimal data;
a fifth judging unit, configured to judge whether there is an unacquired byte string in the third parameter;
a fifth combination unit, configured to combine all the converted data of the fifth obtaining unit to obtain a third parameter of a point whose data type is a preset elliptic curve when the fifth judging unit determines that there is no unacquired byte string in the third parameter;
the second signature master public key data type conversion sub-module specifically includes:
the sixth acquisition unit is used for averagely splitting the signature master public key into two byte strings, sequentially acquiring one byte string as a current byte string and converting the current byte string into decimal data; the sixth judging unit is used for sequentially acquiring a byte string as a current byte string when the sixth judging unit judges that the signature master public key still has the byte string which is not acquired, and converting the current byte string into decimal data;
a sixth judging unit, configured to judge whether there is an unacquired byte string in the signature master public key;
and the sixth combination unit is used for combining all the converted data of the sixth acquisition unit to obtain the signature master public key of the point with the data type of the preset elliptic curve when the sixth judgment unit judges that no byte string which is not acquired exists in the signature master public key.
42. The apparatus as claimed in claim 34, wherein the first hash operation module is specifically configured to sequentially concatenate the data to be signed and the data of the first register, call a first cryptographic function using a concatenation result and the second parameter as input parameters, and write output data of the first cryptographic function into the first register.
43. The apparatus of claim 34, wherein the first hash operation module comprises:
the initialization submodule is used for initializing the counter;
the splicing submodule is used for reading the user identification, the pre-stored function identifier and a second parameter, sequentially splicing the user identification and the function identifier, and writing a splicing result into the first register;
the first operation submodule is used for carrying out third preset operation on the second parameter and writing an operation result into a third register; dividing the data in the third register by the length of the output data of the preset cipher hash function, and writing the result into the fourth register; taking the data of the fourth register as an input parameter of a top function, and writing the output data of the top function into a fifth register;
the second operation submodule is used for sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the value of the counter, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register;
the first judgment submodule is used for sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the updated value of the counter by the first judgment submodule when the first judgment submodule judges that the value of the counter is not equal to the data written into the fifth register by the first operation submodule, calling a key hash function by using a splicing result as an input parameter to obtain a hash value, splicing the data of the sixth register with the hash value, and writing the splicing result into the sixth register;
the first judgment submodule is used for updating the counter and judging whether the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the second judgment submodule is used for judging whether the data written into the fourth register by the first operation submodule is an integer or not when the first judgment submodule judges that the value of the counter is equal to the data written into the fifth register by the first operation submodule;
the third operation submodule is used for sequentially splicing the first preset value, the data written into the first register by the splicing submodule and the value of the counter when the second judgment module judges that the data written into the fourth register by the first operation submodule is an integer, taking the splicing result as an input parameter to call a key hash function to obtain a hash value, splicing the data of the sixth register and the hash value, and writing the splicing result into the sixth register;
the fourth operation submodule is used for performing fourth preset operation according to the data of the third register, the output data length of the preset password hash function and the data of the fourth register, writing the result into the seventh register, sequentially splicing the first preset value, the data of the first register and the value of the counter, and calling the key hash function to obtain a hash value by taking the spliced result as an input parameter; intercepting data of data with the length of the seventh register from the hash value, splicing the data of the sixth register with the intercepted data, and writing the spliced data into the sixth register;
the fifth operation submodule is used for acquiring the second parameter, performing fifth preset operation according to the data written into the sixth register by the third operation submodule and the second parameter, and writing an operation result into the second register; and the second operation submodule is also used for acquiring a second parameter, performing fifth preset operation according to the data written into the sixth register by the fourth operation submodule and the second parameter, and writing an operation result into the first register.
44. The apparatus of claim 34, wherein the second data type conversion module specifically comprises:
the first calculation submodule is used for acquiring a second parameter and calculating according to the length of the operation result of the first operation module and the second parameter to obtain third data;
the first splicing submodule is used for sequentially acquiring a component with the length of third data from the abscissa of the operation result of the first operation module as a current component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register and writing the splicing result into the first register; the first judgment sub-module is used for judging whether a component which is not acquired exists in the abscissa of the operation result of the first operation module or not, sequentially acquiring a component with the length of third data from the abscissa of the operation result of the first operation module as a current component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
the first judgment submodule is used for judging whether components which are not acquired exist in the abscissa of the operation result of the first operation module;
the second splicing submodule is used for sequentially acquiring a component with the length of third data from the ordinate of the operation result as a current component when the first judging submodule judges that no component which is not acquired exists in the abscissa of the operation result of the first operation module, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register; the second judgment sub-module is further used for sequentially acquiring a component with a length of third data from the ordinate of the operation result as a current component when the second judgment sub-module judges that the grain division which is not acquired exists in the ordinate of the operation result of the first operation module, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
the second judgment submodule is used for judging whether components which are not obtained exist in the vertical coordinate of the operation result of the first operation module; and when judging that the calculation result ordinate of the first calculation module has no component which is not acquired, the conversion is finished;
the fourth data type conversion module specifically includes:
the second calculation submodule is used for acquiring a second parameter and calculating according to the length of the operation result of the second operation module and the second parameter to obtain third data;
the third splicing submodule is used for sequentially acquiring a component with the length of third data from the abscissa of the operation result of the second operation module as a current component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register and writing the splicing result into the first register; the second judgment sub-module is used for judging whether the abscissa of the operation result of the second operation module has a component which is not acquired, sequentially acquiring a component with the length of third data from the abscissa of the operation result of the second operation module as a current component, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
a third judgment sub-module, configured to judge whether there is any component that is not acquired in the abscissa of the operation result of the second operation module;
the fourth splicing submodule is used for sequentially acquiring a component with the length of third data from the ordinate of the operation result as a current component when the third judging submodule judges that no component which is not acquired exists in the abscissa of the operation result of the second operation module, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register; the fourth judgment sub-module is further used for sequentially acquiring a component with the length of third data from the ordinate of the operation result as a current component when the fourth judgment sub-module judges that the operation result ordinate of the second operation module contains grain which is not acquired, converting the current component into hexadecimal data, splicing the converted data with the data of the first register, and writing the splicing result into the first register;
the fourth judgment submodule is used for judging whether the longitudinal coordinate of the operation result of the second operation module has components which are not obtained; and when judging that the calculation result ordinate of the second calculation module has no component which is not acquired, the conversion is ended.
CN201810037962.2A 2018-01-16 2018-01-16 Digital signature and signature verification method and device based on user identification Active CN108259184B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810037962.2A CN108259184B (en) 2018-01-16 2018-01-16 Digital signature and signature verification method and device based on user identification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810037962.2A CN108259184B (en) 2018-01-16 2018-01-16 Digital signature and signature verification method and device based on user identification

Publications (2)

Publication Number Publication Date
CN108259184A CN108259184A (en) 2018-07-06
CN108259184B true CN108259184B (en) 2021-06-08

Family

ID=62740718

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810037962.2A Active CN108259184B (en) 2018-01-16 2018-01-16 Digital signature and signature verification method and device based on user identification

Country Status (1)

Country Link
CN (1) CN108259184B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111162907B (en) * 2019-12-28 2023-05-23 飞天诚信科技股份有限公司 Generation method of negotiation key and smart card device

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101626294A (en) * 2008-07-07 2010-01-13 华为技术有限公司 Certifying method based on identity, method, equipment and system for secure communication
CN103427997B (en) * 2013-08-16 2016-06-22 西安西电捷通无线网络通信股份有限公司 A kind of method generating digital signature and device
CN103546288B (en) * 2013-09-25 2017-02-01 中国科学院数据与通信保护研究教育中心 SM2 (streaming multiprocessor 2) digital signature generating algorithm realizing method and device
CN104753684B (en) * 2015-04-15 2018-01-05 飞天诚信科技股份有限公司 A kind of method for realizing digital signature and sign test
CN104852805B (en) * 2015-05-11 2019-03-22 中国科学院软件研究所 A kind of SM2 signature algorithm means of defence for resisting the fault analysis based on lattice

Also Published As

Publication number Publication date
CN108259184A (en) 2018-07-06

Similar Documents

Publication Publication Date Title
WO2021238527A1 (en) Digital signature generation method and apparatus, computer device, and storage medium
CN109586919A (en) A kind of online contract signs method automatically
US9027103B2 (en) Method and system for securely accessing to protected resource
US20140205090A1 (en) Method and system for securely computing a base point in direct anonymous attestation
WO2021143456A1 (en) Sm9 digital signature generation method and apparatus, computer device, and storage medium
JP2001066989A (en) Unidirectional function generating method, unidirectional function generating device, certification device, authentication method and authentication device
AU2021216571A1 (en) Generating emoji sequence identifications to identify wallet addresses for blockchain wallets
CN108259184B (en) Digital signature and signature verification method and device based on user identification
CN116566626A (en) Ring signature method and apparatus
CN109978543B (en) Contract signing method and device, electronic equipment and storage medium
CA3161664A1 (en) Method and system for digital signatures utilizing multiplicative semigroups
JP3102692B2 (en) How to prove the authenticity of a card
CN107104788A (en) The ciphering signature method and apparatus of terminal and its non-repudiation
CN113055189B (en) SM2 digital signature verification failure reason judgment method, device, equipment and medium
KR101925941B1 (en) Transaction signing authentication method based on information virtualization
CN111245626B (en) Zero knowledge proving method, device and storage medium
CN111262707B (en) Digital signature method, verification method, device and storage medium
CN110990896B (en) Digital signature device, method, storage medium and equipment based on SM2 white box
CN115879074A (en) Identity authentication method, device and system based on block chain
CN111447072B (en) Method, apparatus and storage medium for generating data equivalent zero knowledge proof
CN111106931B (en) Authentication method, authentication device, terminal and computer-readable storage medium
CN112887097A (en) Signature method based on SM2 elliptic curve, related device and storage medium
CN111475856A (en) Digital signature method and method for verifying digital signature
CN117118637B (en) Data processing method, device, equipment and computer readable storage medium
EP4033696A1 (en) Method for generating signatures

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
OL01 Intention to license declared
OL01 Intention to license declared