CN109936455A - A kind of methods, devices and systems of digital signature - Google Patents
A kind of methods, devices and systems of digital signature Download PDFInfo
- Publication number
- CN109936455A CN109936455A CN201711377948.9A CN201711377948A CN109936455A CN 109936455 A CN109936455 A CN 109936455A CN 201711377948 A CN201711377948 A CN 201711377948A CN 109936455 A CN109936455 A CN 109936455A
- Authority
- CN
- China
- Prior art keywords
- signer
- signature
- public key
- intermediate variable
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The embodiment of the present application provides a kind of generation method of digital signature, device and system.Wherein, digital signature method includes: that the first signer obtains the first private key, generates the first random number, and is sent to the second signer according to signature object and first the first intermediate variable of generating random number, and by first intermediate variable;First signer receives the second random number that the second private key that the first signature value that second signer is sent and the second intermediate variable, the first signature value and second intermediate variable are obtained according to first intermediate variable, second signer and second signer generate and calculates and obtain;First signer calculates the second signature value according to first private key, first random number, the first signature value and second intermediate variable, wherein, the first signature value and the second signature value constitute the digital signature of the signature object.
Description
Technical field
The invention relates to data protection more particularly to digital signature.
Background technique
Resisting denying scene in the network digital world can be used for using the digital signature technology of asymmetric cryptographic algorithm, and it is existing
Signature means in the real world are corresponding.Development with certificate authority (Certificate Authority, CA) technology with answer
With and Utah Digital Signature Act implementation, digital signature technology occupies increasingly consequence in digital world.Based on network
Administrative examination and approval, electronic contract, electronic invoice, network trading payment of business etc. use digital signature technology all to ensure business
Non repudiation.
In traditional digital signature technology, signer not only hold that CA mechanism signs and issues for indicating its identity and public key
Digital certificate, also possess the private key for calculate the signature.Private key is typically maintained in encryption device, such as: USBKEY, IC card
Deng, to prevent key to be copied or steal, and these encryption devices can only use in the control of signer, signer to its private
Key possesses the power of fully controlling, and other any third parties can not obtain the private key of signer.
With the development and application of cloud computing, mobile interchange and technology of Internet of things and wanting for new service application scene
It asks, has expedited the emergence of the demand calculated multiple party signatures, to ensure the safety of signature key, and conventional digital signature algorithm can not be straight
Connect the calculating demand for completing multiple party digital signatures.
Summary of the invention
In view of this, the technical issues of embodiment of the present invention is solved is to provide a kind of method of multiple party digital signatures,
To make up the defect that Digital Signature Algorithm can not be calculated in many ways in the prior art, and then the safety of signature private key is ensured
Property.
In a first aspect, the embodiment of the present application provides a kind of digital signature method characterized by comprising
First signer obtains the first private key, generates the first random number, raw according to signature object and the first random number
The second signer is sent at the first intermediate variable, and by first intermediate variable;First signer receives described the
The the first signature value and the second intermediate variable that two signers are sent, the first signature value and second intermediate variable are according to institute
State the first intermediate variable, the second private key that second signer obtains and second signer generation second is random
Number is calculated and is obtained;First signer according to first private key, first random number, the first signature value and
Second intermediate variable calculates the second signature value, wherein the first signature value and the second signature value constitute the label
The digital signature of name object.
Digital signature method provided by the embodiments of the present application is assisted jointly by the first signer and other signers or calculating side
Make generation digital signature, one side of the first signer can not generate complete signature result, to ensure the secret of digital signature
Property.Meanwhile key generation procedure calculates generation by each signature participant jointly, rather than divide after being individually created and generate, thus
The privacy of signature private key is ensured.
In a kind of digital signature method provided by the embodiments of the present application, the first signer only possesses part signature private key, because
And complete signature private key and public key can not be extrapolated, it is only calculated, is just produced complete by the participation of the second signer
Public signature key.
Second aspect, the embodiment of the present application provide a kind of digital signature method characterized by comprising
Second signer receives the first intermediate variable that the first signer is sent, and first intermediate variable is described first
Signer is calculated according to the first random number that signature object and first signer generate;Second signer according to
Second random number of first intermediate variable, the second private key obtained and generation calculates among the first signature value and second
Variable, and the first signature value and second intermediate variable are sent to the first signer, so as to first signer
The first private obtained according to the first signature value, first random number, the second intermediate variable and first signer
Close the second signature of cipher key calculation value, wherein the first signature value and the second signature value constitute the number of the signature object
Word signature.
Digital signature method provided by the embodiments of the present application assists other signers or calculating side to generate by the second signer
Digital signature, the second signer or one side of other signers can not generate complete signature result, to ensure digital signature
Privacy.Meanwhile key generation procedure calculates generation by each signature participant jointly, rather than divide after being individually created and produce
It is raw, to ensure the privacy of signature private key.
In a kind of digital signature method provided by the embodiments of the present application, it is public that the second signature assists other signers to complete signature
The part of key calculates, so that other signers or one side of the second signer only possess part signature private key, thus can not extrapolate
Complete signature private key and public key, to ensure the privacy of signature private key.
The third aspect, the embodiment of the present application provide a kind of digital signature device, including processor, transmitter and reception
Device.
Processor, for obtain the first private key, generate the first random number, and according to signature object and described first with
Machine number generates the first intermediate variable;Transmitter, for first intermediate variable to be sent to the second signer;Receiver is used
In the first signature value and the second intermediate variable that receive the second signer transmission, the first signature value and described second
Between the second private key for being obtained according to first intermediate variable, second signer of variable and second signer it is raw
At the second random number calculate and obtain;The processor is also used to according to first private key, first random number, institute
It states the first signature value and second intermediate variable calculates the second signature value, wherein the first signature value and second label
Name value constitutes the digital signature of the signature object.
Fourth aspect, the embodiment of the present application provide a kind of digital signature device, including receiver, processor and transmission
Device.Receiver, for receiving the first intermediate variable of the first signer transmission, first intermediate variable is first signature
Root is calculated according to signature object and the first random number generated;Processor, for according to first intermediate variable, described
Second signer obtain the second private key and second signer generate the second random number calculate the first signature value and
Second intermediate variable;Transmitter, for the first signature value and second intermediate variable to be sent to the first signer, with
Toilet states the first signer according to the first signature value, first random number, the second intermediate variable and first label
The first private key that recipe obtains calculates the second signature value, wherein the first signature value and the second signature value are constituted
The digital signature of the signature object.
5th aspect, the embodiment of the present application provide a kind of digital signature system, which is characterized in that including the first signature dress
It sets and the second signature apparatus.
First signature apparatus, for obtaining the first private key, generating the first random number, and according to signature object and described
First the first intermediate variable of generating random number, and first intermediate variable is sent to the second signature apparatus;
Second signature apparatus becomes for obtaining the second private key, generating the second random number, and according to first centre
Amount, second private key and the second random number calculate the first signature value and the second intermediate variable, and described first is signed
Value and second intermediate variable are sent to first signature apparatus;
First signature apparatus is also used to according to first private key, first random number, first label
Name value and second intermediate variable calculate the second signature value, wherein the first signature value and the second signature value are constituted
The digital signature of the signature object.
The embodiment of the present application provides a kind of digital signature method, device, system, is cooperated jointly by multiple signature calculation sides
Digital signature is generated, either party or any a few sides can not generate complete signature result.Meanwhile any participation signer
It is owned by part signature private key, any signer can not extrapolate complete signature key, and key generation procedure is by each label
Name participant calculates generation jointly, rather than divides after being individually created and generate, to ensure the privacy of signature private key.It signs simultaneously
The result that name calculates can be verified using existing signature verification method, to guarantee to match with existing signature system.
Detailed description of the invention
The some specific of the embodiment of the present application is described in detail by way of example and not limitation with reference to the accompanying drawings hereinafter
Embodiment.Identical appended drawing reference denotes same or similar part or part in attached drawing.Those skilled in the art should manage
Solution, the drawings are not necessarily drawn to scale.In attached drawing:
Fig. 1 is the digital signature method schematic diagram according to the application one embodiment;
Fig. 2 is the digital signature method schematic diagram according to another embodiment of the application;
Fig. 3 is the public key generation step schematic diagram according to the application one embodiment;
Fig. 4 is the digital signature device schematic diagram according to the application one embodiment;
Fig. 5 is the digital signature device schematic diagram according to the application one embodiment;
Fig. 6 is the digital signature system schematic diagram according to the application one embodiment.
Specific embodiment
Any technical solution for implementing the embodiment of the present invention must be not necessarily required to reach simultaneously above all advantages.
In order to make those skilled in the art more fully understand the technical solution in the embodiment of the present invention, below in conjunction with the present invention
Attached drawing in embodiment, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described reality
Applying example only is a part of the embodiment of the embodiment of the present invention, instead of all the embodiments.Based on the implementation in the embodiment of the present invention
The range of protection of the embodiment of the present invention all should belong in example, those of ordinary skill in the art's every other embodiment obtained.
Below with reference to attached drawing of the embodiment of the present invention the embodiment of the present invention will be further explained specific implementation.
Fig. 1 is the digital signature method schematic diagram according to the application one embodiment.As shown in Figure 1, the digital signature
Method 100 includes the following steps.
Step 102, the first signer obtains the first private key, generates the first random number, and according to signature object and the
One the first intermediate variable of generating random number.
It should be understood that first private key that obtains may include generating the first private key and reading the of storage
Situations such as one private key.
Optionally, first private key dACan be randomly selected independently of the second signer for the first signer, and dA∈
[1, n-1], wherein n is the natural number more than or equal to 2.
It is, moreover, an optional that first random number kAIt randomly chooses and generates independently of the second signer for the first signer
, and kA∈ [1, n-1], wherein n is the natural number more than or equal to 2.
Optionally, in a digital signature procedure, the first private key and the first random number can identical not yet
Together.One possible difference is: there are corresponding relationships with public key for the first private key, can be used for multiple times after generation;The
Independent random generates when one random number can be to execute step 102 every time.The corresponding relationship of first private key and public key, below
It has and is described in further detail in public key generation step shown in Fig. 3.
Optionally, first intermediate variable is first signer according to the signature object and described first random
Number process values that are calculated, can be used for calculating digital signature.First variable may include one or more process values.
Step 104, the first intermediate variable is sent to the second signer by the first signer.
Step 106, the second signer obtain the second private key, generate the second random number, and according to the first intermediate variable,
Second private key and second generating random number the first signature value and the second intermediate variable.
Optionally, second private key dBCan be randomly selected independently of the first signer for the second signer, and dB∈
[1, n-1], wherein n is the natural number more than or equal to 2.
It is, moreover, an optional that first random number kBIt randomly chooses and generates independently of the first signer for the second signer
, and kB∈ [1, n-1], wherein n is the natural number more than or equal to 2.
Optionally, in a digital signature procedure, the second private key and the second random number can identical not yet
Together.One possible difference is: there are corresponding relationships with public key for the second private key, can be used for multiple times after generation;The
Independent random generates when two random numbers can be to execute step 106 every time.Second private key and the first private key and public key
Corresponding relationship has in public key generation step shown in Fig. 3 be described in further detail below.
Optionally, second intermediate variable is second signer according to the first intermediate variable, the second private key
With the second random number it is calculated, can be used for calculating the process values of digital signature.Second intermediate variable may include one or
Multiple process values.
Step 108, the first signature value and the second intermediate variable are sent to the first signer by the second signer.
Step 110, the first signer is according to first private key, first random number, the first signature value
The second signature value is calculated with second intermediate variable, wherein described in the first signature value and the second signature value composition
The digital signature of signature object.
It should be understood that the step number in the application method does not limit step in addition to the logical order inside step
Sequence.Although first private key is in step for example, limiting the first signer in step 102 obtains the first private key
It is just carried out in rapid 110 using therefore, the acquisition of first private key is simultaneously nonessential before step 104,106 and 108.
Optionally, which can be digitally signed based on various encryption functions.
Digital signature method provided by the embodiments of the present application generates number label by the first signer and the cooperation of the second signer
Name, the first signer or one side of the second signer can not generate complete signature result, to ensure the secret of digital signature
Property.Meanwhile key generation procedure calculates generation by each signature participant jointly, rather than divide after being individually created and generate, thus
The privacy of signature private key is ensured.
Fig. 2 is the digital signature method schematic diagram according to another embodiment of the application.Optionally, which is based on ellipse
Circular curve function is digitally signed.For example, the ginseng of SM2 curve as defined in national Password Management office can be used in elliptic curve parameter
Number, for details, reference can be made to " SM2 ellipse curve public key cipher algorithm " (GM/T 0003-2012).If elliptic curve is E (Fq), basic point
For G=(xG,yG), rank n indicates the point multiplication operation on elliptic curve with [k] P, and wherein k is integer, and P is on elliptic curve
Point.
As shown in Fig. 2, digital signature method 200 includes the following steps.
Step 202, the first signer or the side A obtain the first private key dA.The first private key dA∈[1,
N-1], similar with the first private key in Fig. 1 step 102, details are not described herein.It needs further to define, n is at this time
The rank of foregoing elliptic curve.
Step 204, the first signer generates the first random number kA, the cryptographic Hash e of calculate the signature object message M, and according to
Cryptographic Hash e and the first random number kAGenerate the first intermediate variable QAAnd e.
Wherein, first random number kA∈ [1, n-1], equally, first in the first random number and Fig. 1 step 102 are random
Number definition is similar, and details are not described herein.It additionally needs and further defines, n is the rank of foregoing elliptic curve at this time.
First intermediate variable includes two process values QAAnd e.
Optionally, Q is calculatedA=[kA]G。
Optionally, the cryptographic Hash e=H (M) of message M, wherein H () is given Hash calculation function.It should be understood that
The present invention to specific Hash calculation function without limitation, to message M carry out Hash operation after still can be with reservation message M's
The calculating function of fingerprint characteristic is used equally for calculating the cryptographic Hash of message M.
Step 206, the first signer is by the first intermediate variable QAThe second signer is sent to e.
Step 208, the second signer or the side B obtain the second close key dB.The second private key dBIt is walked with Fig. 1
The second private key in rapid 106 is similar, and details are not described herein.It additionally needs and further defines, n is as previously described at this time
Elliptic curve rank.
Step 210, the second signer generates the second random number kB, according to the second random number kB, the second private key dBAnd
First intermediate variable calculates the first signature value r and the second intermediate variable sB1And sB2。
Wherein, second random number kB∈ [1, n-1], second random number kBIt is random with second in Fig. 1 step 106
It is several classes of seemingly, details are not described herein.It additionally needs and further defines, n is the rank of foregoing elliptic curve at this time.
Specifically, the second signer calculates:
It enablesThen
(x1,y1)=[k] G
Second signer is calculated: the first signature value r and the second intermediate variable sB1And sB2
R=(e+x1)modn
sB1=(dB·(r+kB))modn
sB2=(dB·r+kB)modn
Step 212, the second signer is the first signature value r, the second intermediate variable sB1And sB2It is transmitted to the first signer.
Step 214, the first signer is according to the first private key dA, the first random number kA, the first signature value r, among second
Variable sB1And sB2Calculate the second signature value s.
Specifically,
By dA·dB=(1+d)-1With?
S=((1+d)-1·(k+r)-r)modn
=((1+d)-1·(k+r-(1+d)·r))modn
=((1+d)-1·(k-r·d))modn
Wherein, the digital signature value of message M includes the first signature value and the second signature value, that is, by (r, s) as signature
Value.
Optionally, digital signature method 100 or/and digital signature method 200 according to above-described embodiment can also wrap
Include public key generation step.It should be understood that in addition to the internal logic between step, sequence and the institute of the public key generation step
The sequence for stating digital signature is not particularly limited.
Fig. 3 is the public key generation step schematic diagram according to one embodiment of the invention, and the public key generation step is as follows.
Step 302, first signer calculates first part's public key according to first private key, and by described the
A part of public key is sent to second signer.
Optionally, first part's public key can be calculated based on the elliptic curve described in Fig. 2, that is, described first
Signer calculates first part's public key according to first private key, specifically includes:
First signer is based on elliptic curve and calculates the first private key, and it is public to obtain the first part
Key.
Specifically, the first signer calculates first part's public key
Step 304, the second signer calculates second part according to first part's public key and second private key
Public key, and second part public key is sent to the first signer.
Optionally, second signer calculates second according to first part's public key and second private key
Divide public key, specifically include:
Second signer is close to first part's public key and second secret based on elliptic curve described in Fig. 2
Key calculates the second part public key.
Specifically, second part public key
Step 306, first signer calculates the public key of the digital signature according to the second part public key.The number
The public key of word signature is the common public key of the first signer and the second signer.
It should be understood that the second secret of the first private key and the second signer of the public key and the first signer
There are corresponding relationships for key.In other words, when using the public key, corresponding first private key and the second private key are should be
Calculate the first private key and the second private key when the public key.
Optionally, the second part public key can be calculated based on the elliptic curve described in Fig. 2, that is, described first
Signer calculates the second part public key according to first part's public key, specifically includes:
First signer is based on elliptic curve and calculates first part's public key, and it is public to obtain the second part
Key.
Specifically, the first signer calculates common public key P:
Enable d=(dA·dB)-1- 1, then have
dA·dB=(1+d)-1
P=[d] G
It should be understood that any authentication can utilize common public key P and signature value (r, s) after generating digital signature
Digital signature is verified.
Optionally, signature-verification process uses SM2 signature verification algorithm, referring specifically to " SM2 ellipse curve public key cipher is calculated
Method " (GM/T 0003-2012).Verification process is that the common public key P for passing through A and B and signature value (r, s) calculate (x '1,y′1)
Process be
(x′1,y′1)=[s] G+ [r+s] P
=[s] G+ [(r+s) d)] G
=[s+rd+sd] G
=[(1+d) s+rd] G
By s=((1+d)-1(k-rd)) modn, then
(x1′,y1')=[k-rd+rd] G
=[k] G
If r=(e+x1') modn, then it is verified.
It can be seen that the embodiment of the present application provides a method, it can be cooperated jointly by multiple signature calculation sides and generate number
Word signature, either party or any a few sides can not generate complete signature result.Key generation procedure is joined by each signature
It is generated with common calculate in side, rather than divides after being individually created and generate, to ensure the privacy of signature private key.While meter of signing
The result of calculation can be verified using existing signature verification method, to guarantee to match with existing signature system.
Fig. 4 is the digital signature device schematic diagram according to the application one embodiment.As shown in figure 4, digital signature device
Including transmitter 402, processor 404 and receiver 406.
It should be understood that the digital signature device 400 can realize the first signer in preceding method 100 and method 200
Function, particular content repeats no more.
Processor 404, it is random according to signature object and first for obtaining the first private key, generating the first random number
Number generates the first intermediate variable.Wherein have in the step 102 for being defined on method 100 of the first private key and the first random number
Description, details are not described herein.Optionally, the digital signature device 400 can further comprise memory or the list for storage
First (not shown), when the processor 404 obtains the first private key, can in the unit from memory or for storage into
Row is read.
Transmitter 402, for first intermediate variable to be sent to the second signer.
Receiver 406, for receiving the first signature value and the second intermediate variable of the transmission of the second signer, first label
Name value and second intermediate variable according to first intermediate variable, second signer obtain the second private key and
The second random number that second signer generates is calculated and is obtained.
Processor 404 is also used to according to first private key, first random number, the first signature value and institute
It states the second intermediate variable and calculates the second signature value, wherein the first signature value and the second signature value constitute the signature
The digital signature of object.
Optionally, processor 404 is also used to calculate first part's public key according to first private key;
Transmitter 402 is also used to first part's public key being sent to second signer;
Receiver 406 is also used to receive the second part public key that second signer is sent, the second part public key
Gained is calculated according to first part's public key and second private key;
Processor 404 is also used to calculate the public key of the digital signature according to the second part public key.
Optionally, processor 404 calculates first part's public key according to first private key, specifically includes:
Processor 404 is based on elliptic curve and calculates the first private key, obtains first part's public key;
Processor 404 calculates the public key of the digital signature according to the second part public key, specifically includes:
Processor 404 is based on elliptic curve and calculates second part public key, obtains the public key of the digital signature.
Optionally, the processor 404 is specific to wrap according to signature object and first the first intermediate variable of generating random number
It includes:
The processor 404 generates the first intermediate variable according to signature object and the first random number, based on elliptic curve;
The processor 404 is according to first private key, first random number, the first signature value and described
Second intermediate variable calculates the second signature value, specifically includes:
The processor 404 is according to first private key, first random number, the first signature value and described
Second intermediate variable is based on the second signature of elliptic curve calculations value.
Fig. 5 is the digital signature device schematic diagram according to the application one embodiment.As shown in figure 5, digital signature device
500 include transmitter 502, processor 504 and receiver 506.
It should be understood that the digital signature device 500 can realize the second signer in preceding method 100 and method 200
Function, particular content repeats no more.
Receiver 506, for receiving the first intermediate variable of the first signer transmission, first intermediate variable is first
Signer is calculated according to signature object and the first random number generated.
Processor 504, it is close for the second secret according to first intermediate variable and second signer acquisition
The second random number that key and second signer generate calculates the first signature value and the second intermediate variable;Wherein the second secret is close
It is had been described in the step 106 for being defined on method 100 of key and the second random number, details are not described herein.Optionally, the number
Signature apparatus 500 can further comprise memory or the unit (not shown) for storage, when the processor 504 obtains second
When private key, it can be read out in the unit from memory or for storage.
Transmitter 502, for the first signature value and the second intermediate variable to be sent to the first signer, so as to described
First signer according to the first signature value, the second intermediate variable, first signer obtain the first private key and
The first random number that first signer generates calculates the second signature value, wherein the first signature value and second label
Name value constitutes the digital signature of the signature object.
Optionally, receiver 506 is also used to receive first part's public key that first signer is sent, wherein described
First part's public key is calculated according to first private key.
Processor 504 is also used to calculate second part according to first part's public key and second private key public
Key.
Transmitter 502 is used to the second part public key sending first signer, so as to first signer
The public key of the digital signature is calculated according to the second part public key.
Optionally, processor 504 calculates second part public affairs according to first part's public key and second private key
Key specifically includes:
Processor 504 is based on elliptic curve and calculates described second to first part's public key and second private key
Part public key.
Optionally, processor 504 is random according to the second private key of first intermediate variable and acquisition and second
Number calculates the first signature value and the second intermediate variable, specifically includes:
Processor 504 is based on according to first intermediate variable and the second private key and the second random number of acquisition
Elliptic curve calculations the first signature value and the second intermediate variable.
Fig. 6 is the digital signature system schematic diagram according to the application one embodiment, as shown in fig. 6, digital signature system
600 include the first signature apparatus 602 and the second signature apparatus 604.
First signature apparatus 602, for obtaining the first private key, generating the first random number, and it is raw according to signature object
The second signature apparatus 604 is sent at the first intermediate variable, and by first intermediate variable;
Second signature apparatus 604, for obtaining the second private key, generating the second random number, and according in described first
Between variable and second private key and the second random number calculate the first signature value and the second intermediate variable, and by described the
One signature value and the second intermediate variable are sent to first signature apparatus 602;
First signature apparatus 602 is also used to according to first private key, first random number, first signature
Value and second intermediate variable calculate the second signature value, wherein the first signature value and the second signature value constitute institute
State the digital signature of signature object.
It should be understood that the first signature apparatus 602 can be foregoing digital signature device 400, before can be realized
The function of the first signer in method 100 and method 200 is stated, the second signature apparatus 604 can fill for foregoing digital signature
500 are set, the function of the second signer in preceding method 100 and method 200 can be realized, particular content repeats no more.
The apparatus embodiments described above are merely exemplary, wherein described, module can as illustrated by the separation member
It is physically separated with being or may not be, the component shown as module may or may not be physics mould
Block, it can it is in one place, or may be distributed on multiple network modules.It can be selected according to the actual needs
In some or all of the modules achieve the purpose of the solution of this embodiment.Those of ordinary skill in the art are not paying creativeness
Labour in the case where, it can understand and implement.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can
It realizes by means of software and necessary general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, on
Stating technical solution, substantially the part that contributes to existing technology can be embodied in the form of software products in other words, should
Computer software product may be stored in a computer readable storage medium, the computer readable recording medium include for
Any mechanism of the readable form storage of computer (such as computer) or transmission information.For example, machine readable media includes only
Read memory (ROM), random access memory (RAM), magnetic disk storage medium, optical storage media, flash medium, electricity, light,
Sound or the transmitting signal (for example, carrier wave, infrared signal, digital signal etc.) of other forms etc., which includes
Some instructions are used so that a computer equipment (can be personal computer, server or the network equipment etc.) executes respectively
Method described in certain parts of a embodiment or embodiment.
Finally, it should be noted that above embodiments are only to illustrate the technical solution of the embodiment of the present application, rather than it is limited
System;Although the application is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: its
It is still possible to modify the technical solutions described in the foregoing embodiments, or part of technical characteristic is equal
Replacement;And these are modified or replaceed, each embodiment technical solution of the application that it does not separate the essence of the corresponding technical solution
Spirit and scope.
It will be understood by those skilled in the art that the embodiment of the embodiment of the present invention can provide as method, apparatus (equipment) or
Computer program product.Therefore, the embodiment of the present invention can be used complete hardware embodiment, complete software embodiment or combine soft
The form of the embodiment of part and hardware aspect.Moreover, it wherein includes to calculate that the embodiment of the present invention, which can be used in one or more,
Computer-usable storage medium (including but not limited to magnetic disk storage, CD-ROM, the optical memory of machine usable program code
Deng) on the form of computer program product implemented.
The embodiment of the present invention referring to according to the method for the embodiment of the present invention, device (equipment) and computer program product
Flowchart and/or the block diagram describes.It should be understood that can be realized by computer program instructions every in flowchart and/or the block diagram
The combination of process and/or box in one process and/or box and flowchart and/or the block diagram.It can provide these computers
Processor of the program instruction to general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices
To generate a machine, so that generating use by the instruction that computer or the processor of other programmable data processing devices execute
In the dress for realizing the function of specifying in one or more flows of the flowchart and/or one or more blocks of the block diagram
It sets.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Claims (17)
1. a kind of digital signature method characterized by comprising
First signer obtains the first private key, generates the first random number, according to signature object and the first generating random number the
One intermediate variable, and first intermediate variable is sent to the second signer;
First signer receives the first signature value and the second intermediate variable that second signer is sent, first label
Name value and second intermediate variable according to first intermediate variable, second signer obtain the second private key and
The second random number that second signer generates is calculated and is obtained;
First signer is according to first private key, first random number, the first signature value and described
Two intermediate variables calculate the second signature value, wherein the first signature value and the second signature value constitute the signature object
Digital signature.
2. the method according to claim 1, wherein further include:
First signer calculates first part's public key according to first private key, and first part's public key is sent out
Give second signer;
First signer receives the second part public key that second signer is sent, and the second part public key is according to institute
It states first part's public key and second private key calculates gained;
First signer calculates the public key of the digital signature according to the second part public key.
3. according to the method described in claim 2, it is characterized in that,
First signer calculates first part's public key according to first private key, specifically includes:
First signer is based on elliptic curve and calculates the first private key, obtains first part's public key;
First signer calculates the public key of the digital signature according to the second part public key, specifically includes:
First signer is based on elliptic curve and calculates second part public key, obtains the public key of the digital signature.
4. method according to claim 1-3, which is characterized in that
First signer is specifically included according to signature object and first the first intermediate variable of generating random number:
First signer generates the first intermediate variable according to signature object and the first random number, based on elliptic curve;
First signer is according to first private key, first random number, the first signature value and described
Two intermediate variables calculate the second signature value, specifically include:
First signer is according to first private key, first random number, the first signature value and described
Two intermediate variables are based on the second signature of elliptic curve calculations value.
5. a kind of digital signature method characterized by comprising
Second signer receives the first intermediate variable that the first signer is sent, and first intermediate variable is first signature
Root is calculated according to the first random number that signature object and first signer generate and is obtained;
Second signer is according to first intermediate variable, the second nonce count of the second private key obtained and generation
The first signature value and the second intermediate variable are calculated, and the first signature value and second intermediate variable are sent to the first signature
Side, so that first signer is according to the first signature value, first random number, the second intermediate variable and described the
The first private key that one signer obtains calculates the second signature value, wherein the first signature value and the second signature value
Constitute the digital signature of the signature object.
6. according to the method described in claim 5, it is characterized by further comprising:
Second signer receives first part's public key that first signer is sent, wherein first part's public key
It is calculated according to first private key;
Second signer calculates second part public key according to first part's public key and second private key, and will
The second part public key sends first signer, so that first signer is calculated according to the second part public key
The public key of the digital signature.
7. according to the method described in claim 6, it is characterized in that,
Second signer calculates second part public key according to first part's public key and second private key, specifically
Include:
Second signer is based on elliptic curve and calculates described the to first part's public key and second private key
Two part public keys.
8. according to the described in any item methods of claim 5-7, which is characterized in that
The second private key that second signer is obtained according to first intermediate variable and second signer and
Second random number calculates the first signature value and the second intermediate variable, specifically includes:
The second private key that second signer is obtained according to first intermediate variable and second signer and
Second random number is based on elliptic curve calculations the first signature value and the second intermediate variable.
9. a kind of digital signature device characterized by comprising
Processor, for obtaining the first private key, generating the first random number, and according to signature object and first random number
Generate the first intermediate variable;
Transmitter, for first intermediate variable to be sent to the second signer;
Receiver, for receiving the first signature value and the second intermediate variable that second signer is sent, first signature
Value and second intermediate variable are according to first intermediate variable, the second private key of second signer acquisition and institute
The second random number for stating the generation of the second signer is calculated and is obtained;
The processor is also used to according to first private key, first random number, the first signature value and described
Second intermediate variable calculates the second signature value, wherein the first signature value and the second signature value constitute the signature pair
The digital signature of elephant.
10. device according to claim 9, which is characterized in that
The processor is also used to calculate first part's public key according to first private key;
The transmitter is also used to first part's public key being sent to second signer;
The receiver is also used to receive the second part public key that second signer is sent, the second part public key according to
First part's public key and second private key calculate gained;
The processor is also used to calculate the public key of the digital signature according to the second part public key.
11. device according to claim 9, which is characterized in that
The processor calculates first part's public key according to first private key, specifically includes:
The processor is based on elliptic curve and calculates the first private key, obtains first part's public key;
The processor calculates the public key of the digital signature according to the second part public key, specifically includes:
The processor is based on elliptic curve and calculates second part public key, obtains the public key of the digital signature.
12. according to the described in any item devices of claim 9-11, which is characterized in that
The processor is specifically included according to signature object and first the first intermediate variable of generating random number:
The processor generates the first intermediate variable according to signature object and the first random number, based on elliptic curve;
The processor is according in first private key, first random number, the first signature value and described second
Between variable calculate the second signature value, specifically include:
The processor is according in first private key, first random number, the first signature value and described second
Between variable, be based on the second signature of elliptic curve calculations value.
13. a kind of digital signature device characterized by comprising
Receiver, for receiving the first intermediate variable of the first signer transmission, first intermediate variable is first label
Recipe is calculated according to signature object and the first random number generated;
Processor, for according to first intermediate variable, the second private key of second signer acquisition and described the
The second random number that two signers generate calculates the first signature value and the second intermediate variable;
Transmitter, for the first signature value and second intermediate variable to be sent to the first signer, so as to described
One signer is obtained according to the first signature value, first random number, the second intermediate variable and first signer
The first private key calculate the second signature value, wherein the first signature value and the second signature value constitute the signature
The digital signature of object.
14. device according to claim 13, which is characterized in that
The receiver is also used to receive first part's public key that first signer is sent, wherein the first part is public
Key is calculated according to first private key;
The processor is also used to calculate second part public key according to first part's public key and second private key;
The transmitter is used to the second part public key sending first signer, so as to first signer according to
The second part public key calculates the public key of the digital signature.
15. device according to claim 14, which is characterized in that
The processor calculates second part public key according to first part's public key and second private key, specific to wrap
It includes:
The processor is based on elliptic curve and calculates described second to first part's public key and second private key
Divide public key.
16. the described in any item devices of 3-15 according to claim 1, which is characterized in that
The processor calculates first according to the second private key and the second random number of first intermediate variable and acquisition
Signature value and the second intermediate variable, specifically include:
The processor is according to first intermediate variable and the second private key and the second random number of acquisition, based on ellipse
Curve calculates the first signature value and the second intermediate variable.
17. a kind of digital signature system characterized by comprising
First signature apparatus, for obtaining the first private key, generating the first random number, and according to signature object and described first
The first intermediate variable of generating random number, and first intermediate variable is sent to the second signature apparatus;
Second signature apparatus, for obtain the second private key, generate the second random number, and according to first intermediate variable,
Second private key and the second random number calculate the first signature value and the second intermediate variable, and will the first signature value with
Second intermediate variable is sent to first signature apparatus;
First signature apparatus is also used to according to first private key, first random number, the first signature value
The second signature value is calculated with second intermediate variable, wherein described in the first signature value and the second signature value composition
The digital signature of signature object.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711377948.9A CN109936455B (en) | 2017-12-19 | 2017-12-19 | Digital signature method, device and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711377948.9A CN109936455B (en) | 2017-12-19 | 2017-12-19 | Digital signature method, device and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109936455A true CN109936455A (en) | 2019-06-25 |
CN109936455B CN109936455B (en) | 2022-06-07 |
Family
ID=66983991
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711377948.9A Active CN109936455B (en) | 2017-12-19 | 2017-12-19 | Digital signature method, device and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109936455B (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110650160A (en) * | 2019-10-29 | 2020-01-03 | 北京天威诚信电子商务服务有限公司 | Identity authentication method and system |
CN111147254A (en) * | 2019-12-24 | 2020-05-12 | 矩阵元技术(深圳)有限公司 | Method and device for generating EdDSA digital signature with two parties cooperating |
CN111476556A (en) * | 2020-03-23 | 2020-07-31 | 深圳华数云计算技术有限公司 | Digital currency data processing method, system and storage medium |
CN112311549A (en) * | 2020-03-26 | 2021-02-02 | 神州融安科技(北京)有限公司 | Signature generation or assistance method, device, system, electronic equipment and storage medium |
CN112769563A (en) * | 2021-01-04 | 2021-05-07 | 北京数字认证股份有限公司 | Operating terminal agent authorization method and device based on multi-party calculation |
CN112887097A (en) * | 2019-11-29 | 2021-06-01 | 航天信息股份有限公司 | Signature method based on SM2 elliptic curve, related device and storage medium |
CN113300846A (en) * | 2020-02-24 | 2021-08-24 | 华为技术有限公司 | Signature method, terminal equipment and network equipment |
CN114650136A (en) * | 2022-05-18 | 2022-06-21 | 杭州天谷信息科技有限公司 | Electronic signature method and device based on hybrid cloud |
CN114970487A (en) * | 2022-07-27 | 2022-08-30 | 中建电子商务有限责任公司 | Method for generating OFD electronic contract based on rich text |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103929305A (en) * | 2013-01-16 | 2014-07-16 | 上海华虹集成电路有限责任公司 | SM2 signature algorithm implementation method |
CN104243456A (en) * | 2014-08-29 | 2014-12-24 | 中国科学院信息工程研究所 | Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm |
CN104579656A (en) * | 2014-12-31 | 2015-04-29 | 北京时代民芯科技有限公司 | Hardware acceleration coprocessor for elliptic curve public key cryptosystem SM2 algorithm |
US20160191252A1 (en) * | 2013-08-16 | 2016-06-30 | China Iwncomm Co., Ltd. | Method and device for generating digital signature |
CN106685651A (en) * | 2016-12-22 | 2017-05-17 | 北京信安世纪科技有限公司 | Method for creating digital signatures by cooperation of client and server |
US20170207920A1 (en) * | 2014-03-28 | 2017-07-20 | International Business Machines Corporation | Production of cryptographic signatures |
CN107196763A (en) * | 2017-07-06 | 2017-09-22 | 数安时代科技股份有限公司 | SM2 algorithms collaboration signature and decryption method, device and system |
CN107342855A (en) * | 2017-06-14 | 2017-11-10 | 山东同智伟业软件股份有限公司 | Endorsement method based on SM2 algorithms |
CN107483212A (en) * | 2017-08-15 | 2017-12-15 | 武汉信安珞珈科技有限公司 | A kind of method of both sides' cooperation generation digital signature |
-
2017
- 2017-12-19 CN CN201711377948.9A patent/CN109936455B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103929305A (en) * | 2013-01-16 | 2014-07-16 | 上海华虹集成电路有限责任公司 | SM2 signature algorithm implementation method |
US20160191252A1 (en) * | 2013-08-16 | 2016-06-30 | China Iwncomm Co., Ltd. | Method and device for generating digital signature |
US20170207920A1 (en) * | 2014-03-28 | 2017-07-20 | International Business Machines Corporation | Production of cryptographic signatures |
CN104243456A (en) * | 2014-08-29 | 2014-12-24 | 中国科学院信息工程研究所 | Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm |
CN104579656A (en) * | 2014-12-31 | 2015-04-29 | 北京时代民芯科技有限公司 | Hardware acceleration coprocessor for elliptic curve public key cryptosystem SM2 algorithm |
CN106685651A (en) * | 2016-12-22 | 2017-05-17 | 北京信安世纪科技有限公司 | Method for creating digital signatures by cooperation of client and server |
CN107342855A (en) * | 2017-06-14 | 2017-11-10 | 山东同智伟业软件股份有限公司 | Endorsement method based on SM2 algorithms |
CN107196763A (en) * | 2017-07-06 | 2017-09-22 | 数安时代科技股份有限公司 | SM2 algorithms collaboration signature and decryption method, device and system |
CN107483212A (en) * | 2017-08-15 | 2017-12-15 | 武汉信安珞珈科技有限公司 | A kind of method of both sides' cooperation generation digital signature |
Non-Patent Citations (2)
Title |
---|
HU JUNRU: ""The improved elliptic curve digital signature algorithm"", 《PROCEEDINGS OF 2011 INTERNATIONAL CONFERENCE ON ELECTRONIC & MECHANICAL ENGINEERING AND INFORMATION TECHNOLOGY》 * |
张岩: ""基于椭圆曲线的数字签名算法研究"", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》 * |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110650160A (en) * | 2019-10-29 | 2020-01-03 | 北京天威诚信电子商务服务有限公司 | Identity authentication method and system |
CN110650160B (en) * | 2019-10-29 | 2022-01-04 | 北京天威诚信电子商务服务有限公司 | Identity authentication method and system |
CN112887097A (en) * | 2019-11-29 | 2021-06-01 | 航天信息股份有限公司 | Signature method based on SM2 elliptic curve, related device and storage medium |
CN111147254A (en) * | 2019-12-24 | 2020-05-12 | 矩阵元技术(深圳)有限公司 | Method and device for generating EdDSA digital signature with two parties cooperating |
WO2021169521A1 (en) * | 2020-02-24 | 2021-09-02 | 华为技术有限公司 | Signature method, terminal device and network device |
CN113300846A (en) * | 2020-02-24 | 2021-08-24 | 华为技术有限公司 | Signature method, terminal equipment and network equipment |
CN111476556A (en) * | 2020-03-23 | 2020-07-31 | 深圳华数云计算技术有限公司 | Digital currency data processing method, system and storage medium |
CN112311549A (en) * | 2020-03-26 | 2021-02-02 | 神州融安科技(北京)有限公司 | Signature generation or assistance method, device, system, electronic equipment and storage medium |
CN112769563A (en) * | 2021-01-04 | 2021-05-07 | 北京数字认证股份有限公司 | Operating terminal agent authorization method and device based on multi-party calculation |
CN112769563B (en) * | 2021-01-04 | 2022-10-11 | 北京数字认证股份有限公司 | Operating terminal agent authorization method and device based on multi-party calculation |
CN114650136A (en) * | 2022-05-18 | 2022-06-21 | 杭州天谷信息科技有限公司 | Electronic signature method and device based on hybrid cloud |
CN114650136B (en) * | 2022-05-18 | 2022-10-04 | 杭州天谷信息科技有限公司 | Electronic signature method and device based on hybrid cloud |
CN114970487A (en) * | 2022-07-27 | 2022-08-30 | 中建电子商务有限责任公司 | Method for generating OFD electronic contract based on rich text |
Also Published As
Publication number | Publication date |
---|---|
CN109936455B (en) | 2022-06-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109936455A (en) | A kind of methods, devices and systems of digital signature | |
Choudhuri et al. | Fairness in an unfair world: Fair multiparty computation from public bulletin boards | |
CN109274503B (en) | Distributed collaborative signature method, distributed collaborative signature device and soft shield system | |
CN110046996B (en) | Data processing method and device | |
CN107579819B (en) | A kind of SM9 digital signature generation method and system | |
CN114143080A (en) | Block chain data privacy protection and sharing method based on zero knowledge proof | |
TW201947445A (en) | Blockchain data processing method, device, processing equipment and system | |
US10846372B1 (en) | Systems and methods for trustless proof of possession and transmission of secured data | |
CN109361508A (en) | Data transmission method, electronic equipment and computer readable storage medium | |
CN109767218A (en) | Block chain certificate processing method and system | |
CN110599164B (en) | Supervision-capable quick payment method for any payee under chain | |
CN111211910A (en) | Anti-quantum computation CA (certificate Authority) and certificate issuing system based on secret shared public key pool and issuing and verifying method thereof | |
CN114580029A (en) | Block chain digital asset privacy protection method, device, equipment and storage medium | |
CN111737715A (en) | Decentralized electronic contract online signing method and system | |
CN109104410B (en) | Information matching method and device | |
US11676111B1 (en) | Apparatuses and methods for determining and processing dormant user data in a job resume immutable sequential listing | |
CN114785524B (en) | Electronic seal generation method, device, equipment and medium | |
CN115203749A (en) | Data transaction method and system based on block chain | |
Gorog et al. | Solving global cybersecurity problems by connecting trust using blockchain | |
CN115733607A (en) | Block chain-based Pedersen secret sharing multi-party aggregation access control method | |
WO2018105038A1 (en) | Communication device and distributed ledger system | |
CN109766716A (en) | A kind of anonymous bidirectional authentication method based on trust computing | |
CN110716724A (en) | Method and device for realizing privacy block chain based on FPGA | |
CN108259180B (en) | Method for quantum specifying verifier signature | |
CN110278081B (en) | Control method and device for group digital signature |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |