CN109936455A - A kind of methods, devices and systems of digital signature - Google Patents

A kind of methods, devices and systems of digital signature Download PDF

Info

Publication number
CN109936455A
CN109936455A CN201711377948.9A CN201711377948A CN109936455A CN 109936455 A CN109936455 A CN 109936455A CN 201711377948 A CN201711377948 A CN 201711377948A CN 109936455 A CN109936455 A CN 109936455A
Authority
CN
China
Prior art keywords
signer
signature
public key
intermediate variable
private key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711377948.9A
Other languages
Chinese (zh)
Other versions
CN109936455B (en
Inventor
宁红宙
郭宝安
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Aisino Corp
Original Assignee
Aisino Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aisino Corp filed Critical Aisino Corp
Priority to CN201711377948.9A priority Critical patent/CN109936455B/en
Publication of CN109936455A publication Critical patent/CN109936455A/en
Application granted granted Critical
Publication of CN109936455B publication Critical patent/CN109936455B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The embodiment of the present application provides a kind of generation method of digital signature, device and system.Wherein, digital signature method includes: that the first signer obtains the first private key, generates the first random number, and is sent to the second signer according to signature object and first the first intermediate variable of generating random number, and by first intermediate variable;First signer receives the second random number that the second private key that the first signature value that second signer is sent and the second intermediate variable, the first signature value and second intermediate variable are obtained according to first intermediate variable, second signer and second signer generate and calculates and obtain;First signer calculates the second signature value according to first private key, first random number, the first signature value and second intermediate variable, wherein, the first signature value and the second signature value constitute the digital signature of the signature object.

Description

A kind of methods, devices and systems of digital signature
Technical field
The invention relates to data protection more particularly to digital signature.
Background technique
Resisting denying scene in the network digital world can be used for using the digital signature technology of asymmetric cryptographic algorithm, and it is existing Signature means in the real world are corresponding.Development with certificate authority (Certificate Authority, CA) technology with answer With and Utah Digital Signature Act implementation, digital signature technology occupies increasingly consequence in digital world.Based on network Administrative examination and approval, electronic contract, electronic invoice, network trading payment of business etc. use digital signature technology all to ensure business Non repudiation.
In traditional digital signature technology, signer not only hold that CA mechanism signs and issues for indicating its identity and public key Digital certificate, also possess the private key for calculate the signature.Private key is typically maintained in encryption device, such as: USBKEY, IC card Deng, to prevent key to be copied or steal, and these encryption devices can only use in the control of signer, signer to its private Key possesses the power of fully controlling, and other any third parties can not obtain the private key of signer.
With the development and application of cloud computing, mobile interchange and technology of Internet of things and wanting for new service application scene It asks, has expedited the emergence of the demand calculated multiple party signatures, to ensure the safety of signature key, and conventional digital signature algorithm can not be straight Connect the calculating demand for completing multiple party digital signatures.
Summary of the invention
In view of this, the technical issues of embodiment of the present invention is solved is to provide a kind of method of multiple party digital signatures, To make up the defect that Digital Signature Algorithm can not be calculated in many ways in the prior art, and then the safety of signature private key is ensured Property.
In a first aspect, the embodiment of the present application provides a kind of digital signature method characterized by comprising
First signer obtains the first private key, generates the first random number, raw according to signature object and the first random number The second signer is sent at the first intermediate variable, and by first intermediate variable;First signer receives described the The the first signature value and the second intermediate variable that two signers are sent, the first signature value and second intermediate variable are according to institute State the first intermediate variable, the second private key that second signer obtains and second signer generation second is random Number is calculated and is obtained;First signer according to first private key, first random number, the first signature value and Second intermediate variable calculates the second signature value, wherein the first signature value and the second signature value constitute the label The digital signature of name object.
Digital signature method provided by the embodiments of the present application is assisted jointly by the first signer and other signers or calculating side Make generation digital signature, one side of the first signer can not generate complete signature result, to ensure the secret of digital signature Property.Meanwhile key generation procedure calculates generation by each signature participant jointly, rather than divide after being individually created and generate, thus The privacy of signature private key is ensured.
In a kind of digital signature method provided by the embodiments of the present application, the first signer only possesses part signature private key, because And complete signature private key and public key can not be extrapolated, it is only calculated, is just produced complete by the participation of the second signer Public signature key.
Second aspect, the embodiment of the present application provide a kind of digital signature method characterized by comprising
Second signer receives the first intermediate variable that the first signer is sent, and first intermediate variable is described first Signer is calculated according to the first random number that signature object and first signer generate;Second signer according to Second random number of first intermediate variable, the second private key obtained and generation calculates among the first signature value and second Variable, and the first signature value and second intermediate variable are sent to the first signer, so as to first signer The first private obtained according to the first signature value, first random number, the second intermediate variable and first signer Close the second signature of cipher key calculation value, wherein the first signature value and the second signature value constitute the number of the signature object Word signature.
Digital signature method provided by the embodiments of the present application assists other signers or calculating side to generate by the second signer Digital signature, the second signer or one side of other signers can not generate complete signature result, to ensure digital signature Privacy.Meanwhile key generation procedure calculates generation by each signature participant jointly, rather than divide after being individually created and produce It is raw, to ensure the privacy of signature private key.
In a kind of digital signature method provided by the embodiments of the present application, it is public that the second signature assists other signers to complete signature The part of key calculates, so that other signers or one side of the second signer only possess part signature private key, thus can not extrapolate Complete signature private key and public key, to ensure the privacy of signature private key.
The third aspect, the embodiment of the present application provide a kind of digital signature device, including processor, transmitter and reception Device.
Processor, for obtain the first private key, generate the first random number, and according to signature object and described first with Machine number generates the first intermediate variable;Transmitter, for first intermediate variable to be sent to the second signer;Receiver is used In the first signature value and the second intermediate variable that receive the second signer transmission, the first signature value and described second Between the second private key for being obtained according to first intermediate variable, second signer of variable and second signer it is raw At the second random number calculate and obtain;The processor is also used to according to first private key, first random number, institute It states the first signature value and second intermediate variable calculates the second signature value, wherein the first signature value and second label Name value constitutes the digital signature of the signature object.
Fourth aspect, the embodiment of the present application provide a kind of digital signature device, including receiver, processor and transmission Device.Receiver, for receiving the first intermediate variable of the first signer transmission, first intermediate variable is first signature Root is calculated according to signature object and the first random number generated;Processor, for according to first intermediate variable, described Second signer obtain the second private key and second signer generate the second random number calculate the first signature value and Second intermediate variable;Transmitter, for the first signature value and second intermediate variable to be sent to the first signer, with Toilet states the first signer according to the first signature value, first random number, the second intermediate variable and first label The first private key that recipe obtains calculates the second signature value, wherein the first signature value and the second signature value are constituted The digital signature of the signature object.
5th aspect, the embodiment of the present application provide a kind of digital signature system, which is characterized in that including the first signature dress It sets and the second signature apparatus.
First signature apparatus, for obtaining the first private key, generating the first random number, and according to signature object and described First the first intermediate variable of generating random number, and first intermediate variable is sent to the second signature apparatus;
Second signature apparatus becomes for obtaining the second private key, generating the second random number, and according to first centre Amount, second private key and the second random number calculate the first signature value and the second intermediate variable, and described first is signed Value and second intermediate variable are sent to first signature apparatus;
First signature apparatus is also used to according to first private key, first random number, first label Name value and second intermediate variable calculate the second signature value, wherein the first signature value and the second signature value are constituted The digital signature of the signature object.
The embodiment of the present application provides a kind of digital signature method, device, system, is cooperated jointly by multiple signature calculation sides Digital signature is generated, either party or any a few sides can not generate complete signature result.Meanwhile any participation signer It is owned by part signature private key, any signer can not extrapolate complete signature key, and key generation procedure is by each label Name participant calculates generation jointly, rather than divides after being individually created and generate, to ensure the privacy of signature private key.It signs simultaneously The result that name calculates can be verified using existing signature verification method, to guarantee to match with existing signature system.
Detailed description of the invention
The some specific of the embodiment of the present application is described in detail by way of example and not limitation with reference to the accompanying drawings hereinafter Embodiment.Identical appended drawing reference denotes same or similar part or part in attached drawing.Those skilled in the art should manage Solution, the drawings are not necessarily drawn to scale.In attached drawing:
Fig. 1 is the digital signature method schematic diagram according to the application one embodiment;
Fig. 2 is the digital signature method schematic diagram according to another embodiment of the application;
Fig. 3 is the public key generation step schematic diagram according to the application one embodiment;
Fig. 4 is the digital signature device schematic diagram according to the application one embodiment;
Fig. 5 is the digital signature device schematic diagram according to the application one embodiment;
Fig. 6 is the digital signature system schematic diagram according to the application one embodiment.
Specific embodiment
Any technical solution for implementing the embodiment of the present invention must be not necessarily required to reach simultaneously above all advantages.
In order to make those skilled in the art more fully understand the technical solution in the embodiment of the present invention, below in conjunction with the present invention Attached drawing in embodiment, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described reality Applying example only is a part of the embodiment of the embodiment of the present invention, instead of all the embodiments.Based on the implementation in the embodiment of the present invention The range of protection of the embodiment of the present invention all should belong in example, those of ordinary skill in the art's every other embodiment obtained.
Below with reference to attached drawing of the embodiment of the present invention the embodiment of the present invention will be further explained specific implementation.
Fig. 1 is the digital signature method schematic diagram according to the application one embodiment.As shown in Figure 1, the digital signature Method 100 includes the following steps.
Step 102, the first signer obtains the first private key, generates the first random number, and according to signature object and the One the first intermediate variable of generating random number.
It should be understood that first private key that obtains may include generating the first private key and reading the of storage Situations such as one private key.
Optionally, first private key dACan be randomly selected independently of the second signer for the first signer, and dA∈ [1, n-1], wherein n is the natural number more than or equal to 2.
It is, moreover, an optional that first random number kAIt randomly chooses and generates independently of the second signer for the first signer , and kA∈ [1, n-1], wherein n is the natural number more than or equal to 2.
Optionally, in a digital signature procedure, the first private key and the first random number can identical not yet Together.One possible difference is: there are corresponding relationships with public key for the first private key, can be used for multiple times after generation;The Independent random generates when one random number can be to execute step 102 every time.The corresponding relationship of first private key and public key, below It has and is described in further detail in public key generation step shown in Fig. 3.
Optionally, first intermediate variable is first signer according to the signature object and described first random Number process values that are calculated, can be used for calculating digital signature.First variable may include one or more process values.
Step 104, the first intermediate variable is sent to the second signer by the first signer.
Step 106, the second signer obtain the second private key, generate the second random number, and according to the first intermediate variable, Second private key and second generating random number the first signature value and the second intermediate variable.
Optionally, second private key dBCan be randomly selected independently of the first signer for the second signer, and dB∈ [1, n-1], wherein n is the natural number more than or equal to 2.
It is, moreover, an optional that first random number kBIt randomly chooses and generates independently of the first signer for the second signer , and kB∈ [1, n-1], wherein n is the natural number more than or equal to 2.
Optionally, in a digital signature procedure, the second private key and the second random number can identical not yet Together.One possible difference is: there are corresponding relationships with public key for the second private key, can be used for multiple times after generation;The Independent random generates when two random numbers can be to execute step 106 every time.Second private key and the first private key and public key Corresponding relationship has in public key generation step shown in Fig. 3 be described in further detail below.
Optionally, second intermediate variable is second signer according to the first intermediate variable, the second private key With the second random number it is calculated, can be used for calculating the process values of digital signature.Second intermediate variable may include one or Multiple process values.
Step 108, the first signature value and the second intermediate variable are sent to the first signer by the second signer.
Step 110, the first signer is according to first private key, first random number, the first signature value The second signature value is calculated with second intermediate variable, wherein described in the first signature value and the second signature value composition The digital signature of signature object.
It should be understood that the step number in the application method does not limit step in addition to the logical order inside step Sequence.Although first private key is in step for example, limiting the first signer in step 102 obtains the first private key It is just carried out in rapid 110 using therefore, the acquisition of first private key is simultaneously nonessential before step 104,106 and 108.
Optionally, which can be digitally signed based on various encryption functions.
Digital signature method provided by the embodiments of the present application generates number label by the first signer and the cooperation of the second signer Name, the first signer or one side of the second signer can not generate complete signature result, to ensure the secret of digital signature Property.Meanwhile key generation procedure calculates generation by each signature participant jointly, rather than divide after being individually created and generate, thus The privacy of signature private key is ensured.
Fig. 2 is the digital signature method schematic diagram according to another embodiment of the application.Optionally, which is based on ellipse Circular curve function is digitally signed.For example, the ginseng of SM2 curve as defined in national Password Management office can be used in elliptic curve parameter Number, for details, reference can be made to " SM2 ellipse curve public key cipher algorithm " (GM/T 0003-2012).If elliptic curve is E (Fq), basic point For G=(xG,yG), rank n indicates the point multiplication operation on elliptic curve with [k] P, and wherein k is integer, and P is on elliptic curve Point.
As shown in Fig. 2, digital signature method 200 includes the following steps.
Step 202, the first signer or the side A obtain the first private key dA.The first private key dA∈[1, N-1], similar with the first private key in Fig. 1 step 102, details are not described herein.It needs further to define, n is at this time The rank of foregoing elliptic curve.
Step 204, the first signer generates the first random number kA, the cryptographic Hash e of calculate the signature object message M, and according to Cryptographic Hash e and the first random number kAGenerate the first intermediate variable QAAnd e.
Wherein, first random number kA∈ [1, n-1], equally, first in the first random number and Fig. 1 step 102 are random Number definition is similar, and details are not described herein.It additionally needs and further defines, n is the rank of foregoing elliptic curve at this time.
First intermediate variable includes two process values QAAnd e.
Optionally, Q is calculatedA=[kA]G。
Optionally, the cryptographic Hash e=H (M) of message M, wherein H () is given Hash calculation function.It should be understood that The present invention to specific Hash calculation function without limitation, to message M carry out Hash operation after still can be with reservation message M's The calculating function of fingerprint characteristic is used equally for calculating the cryptographic Hash of message M.
Step 206, the first signer is by the first intermediate variable QAThe second signer is sent to e.
Step 208, the second signer or the side B obtain the second close key dB.The second private key dBIt is walked with Fig. 1 The second private key in rapid 106 is similar, and details are not described herein.It additionally needs and further defines, n is as previously described at this time Elliptic curve rank.
Step 210, the second signer generates the second random number kB, according to the second random number kB, the second private key dBAnd First intermediate variable calculates the first signature value r and the second intermediate variable sB1And sB2
Wherein, second random number kB∈ [1, n-1], second random number kBIt is random with second in Fig. 1 step 106 It is several classes of seemingly, details are not described herein.It additionally needs and further defines, n is the rank of foregoing elliptic curve at this time.
Specifically, the second signer calculates:
It enablesThen
(x1,y1)=[k] G
Second signer is calculated: the first signature value r and the second intermediate variable sB1And sB2
R=(e+x1)modn
sB1=(dB·(r+kB))modn
sB2=(dB·r+kB)modn
Step 212, the second signer is the first signature value r, the second intermediate variable sB1And sB2It is transmitted to the first signer.
Step 214, the first signer is according to the first private key dA, the first random number kA, the first signature value r, among second Variable sB1And sB2Calculate the second signature value s.
Specifically,
By dA·dB=(1+d)-1With?
S=((1+d)-1·(k+r)-r)modn
=((1+d)-1·(k+r-(1+d)·r))modn
=((1+d)-1·(k-r·d))modn
Wherein, the digital signature value of message M includes the first signature value and the second signature value, that is, by (r, s) as signature Value.
Optionally, digital signature method 100 or/and digital signature method 200 according to above-described embodiment can also wrap Include public key generation step.It should be understood that in addition to the internal logic between step, sequence and the institute of the public key generation step The sequence for stating digital signature is not particularly limited.
Fig. 3 is the public key generation step schematic diagram according to one embodiment of the invention, and the public key generation step is as follows.
Step 302, first signer calculates first part's public key according to first private key, and by described the A part of public key is sent to second signer.
Optionally, first part's public key can be calculated based on the elliptic curve described in Fig. 2, that is, described first Signer calculates first part's public key according to first private key, specifically includes:
First signer is based on elliptic curve and calculates the first private key, and it is public to obtain the first part Key.
Specifically, the first signer calculates first part's public key
Step 304, the second signer calculates second part according to first part's public key and second private key Public key, and second part public key is sent to the first signer.
Optionally, second signer calculates second according to first part's public key and second private key Divide public key, specifically include:
Second signer is close to first part's public key and second secret based on elliptic curve described in Fig. 2 Key calculates the second part public key.
Specifically, second part public key
Step 306, first signer calculates the public key of the digital signature according to the second part public key.The number The public key of word signature is the common public key of the first signer and the second signer.
It should be understood that the second secret of the first private key and the second signer of the public key and the first signer There are corresponding relationships for key.In other words, when using the public key, corresponding first private key and the second private key are should be Calculate the first private key and the second private key when the public key.
Optionally, the second part public key can be calculated based on the elliptic curve described in Fig. 2, that is, described first Signer calculates the second part public key according to first part's public key, specifically includes:
First signer is based on elliptic curve and calculates first part's public key, and it is public to obtain the second part Key.
Specifically, the first signer calculates common public key P:
Enable d=(dA·dB)-1- 1, then have
dA·dB=(1+d)-1
P=[d] G
It should be understood that any authentication can utilize common public key P and signature value (r, s) after generating digital signature Digital signature is verified.
Optionally, signature-verification process uses SM2 signature verification algorithm, referring specifically to " SM2 ellipse curve public key cipher is calculated Method " (GM/T 0003-2012).Verification process is that the common public key P for passing through A and B and signature value (r, s) calculate (x '1,y′1) Process be
(x′1,y′1)=[s] G+ [r+s] P
=[s] G+ [(r+s) d)] G
=[s+rd+sd] G
=[(1+d) s+rd] G
By s=((1+d)-1(k-rd)) modn, then
(x1′,y1')=[k-rd+rd] G
=[k] G
If r=(e+x1') modn, then it is verified.
It can be seen that the embodiment of the present application provides a method, it can be cooperated jointly by multiple signature calculation sides and generate number Word signature, either party or any a few sides can not generate complete signature result.Key generation procedure is joined by each signature It is generated with common calculate in side, rather than divides after being individually created and generate, to ensure the privacy of signature private key.While meter of signing The result of calculation can be verified using existing signature verification method, to guarantee to match with existing signature system.
Fig. 4 is the digital signature device schematic diagram according to the application one embodiment.As shown in figure 4, digital signature device Including transmitter 402, processor 404 and receiver 406.
It should be understood that the digital signature device 400 can realize the first signer in preceding method 100 and method 200 Function, particular content repeats no more.
Processor 404, it is random according to signature object and first for obtaining the first private key, generating the first random number Number generates the first intermediate variable.Wherein have in the step 102 for being defined on method 100 of the first private key and the first random number Description, details are not described herein.Optionally, the digital signature device 400 can further comprise memory or the list for storage First (not shown), when the processor 404 obtains the first private key, can in the unit from memory or for storage into Row is read.
Transmitter 402, for first intermediate variable to be sent to the second signer.
Receiver 406, for receiving the first signature value and the second intermediate variable of the transmission of the second signer, first label Name value and second intermediate variable according to first intermediate variable, second signer obtain the second private key and The second random number that second signer generates is calculated and is obtained.
Processor 404 is also used to according to first private key, first random number, the first signature value and institute It states the second intermediate variable and calculates the second signature value, wherein the first signature value and the second signature value constitute the signature The digital signature of object.
Optionally, processor 404 is also used to calculate first part's public key according to first private key;
Transmitter 402 is also used to first part's public key being sent to second signer;
Receiver 406 is also used to receive the second part public key that second signer is sent, the second part public key Gained is calculated according to first part's public key and second private key;
Processor 404 is also used to calculate the public key of the digital signature according to the second part public key.
Optionally, processor 404 calculates first part's public key according to first private key, specifically includes:
Processor 404 is based on elliptic curve and calculates the first private key, obtains first part's public key;
Processor 404 calculates the public key of the digital signature according to the second part public key, specifically includes:
Processor 404 is based on elliptic curve and calculates second part public key, obtains the public key of the digital signature.
Optionally, the processor 404 is specific to wrap according to signature object and first the first intermediate variable of generating random number It includes:
The processor 404 generates the first intermediate variable according to signature object and the first random number, based on elliptic curve;
The processor 404 is according to first private key, first random number, the first signature value and described Second intermediate variable calculates the second signature value, specifically includes:
The processor 404 is according to first private key, first random number, the first signature value and described Second intermediate variable is based on the second signature of elliptic curve calculations value.
Fig. 5 is the digital signature device schematic diagram according to the application one embodiment.As shown in figure 5, digital signature device 500 include transmitter 502, processor 504 and receiver 506.
It should be understood that the digital signature device 500 can realize the second signer in preceding method 100 and method 200 Function, particular content repeats no more.
Receiver 506, for receiving the first intermediate variable of the first signer transmission, first intermediate variable is first Signer is calculated according to signature object and the first random number generated.
Processor 504, it is close for the second secret according to first intermediate variable and second signer acquisition The second random number that key and second signer generate calculates the first signature value and the second intermediate variable;Wherein the second secret is close It is had been described in the step 106 for being defined on method 100 of key and the second random number, details are not described herein.Optionally, the number Signature apparatus 500 can further comprise memory or the unit (not shown) for storage, when the processor 504 obtains second When private key, it can be read out in the unit from memory or for storage.
Transmitter 502, for the first signature value and the second intermediate variable to be sent to the first signer, so as to described First signer according to the first signature value, the second intermediate variable, first signer obtain the first private key and The first random number that first signer generates calculates the second signature value, wherein the first signature value and second label Name value constitutes the digital signature of the signature object.
Optionally, receiver 506 is also used to receive first part's public key that first signer is sent, wherein described First part's public key is calculated according to first private key.
Processor 504 is also used to calculate second part according to first part's public key and second private key public Key.
Transmitter 502 is used to the second part public key sending first signer, so as to first signer The public key of the digital signature is calculated according to the second part public key.
Optionally, processor 504 calculates second part public affairs according to first part's public key and second private key Key specifically includes:
Processor 504 is based on elliptic curve and calculates described second to first part's public key and second private key Part public key.
Optionally, processor 504 is random according to the second private key of first intermediate variable and acquisition and second Number calculates the first signature value and the second intermediate variable, specifically includes:
Processor 504 is based on according to first intermediate variable and the second private key and the second random number of acquisition Elliptic curve calculations the first signature value and the second intermediate variable.
Fig. 6 is the digital signature system schematic diagram according to the application one embodiment, as shown in fig. 6, digital signature system 600 include the first signature apparatus 602 and the second signature apparatus 604.
First signature apparatus 602, for obtaining the first private key, generating the first random number, and it is raw according to signature object The second signature apparatus 604 is sent at the first intermediate variable, and by first intermediate variable;
Second signature apparatus 604, for obtaining the second private key, generating the second random number, and according in described first Between variable and second private key and the second random number calculate the first signature value and the second intermediate variable, and by described the One signature value and the second intermediate variable are sent to first signature apparatus 602;
First signature apparatus 602 is also used to according to first private key, first random number, first signature Value and second intermediate variable calculate the second signature value, wherein the first signature value and the second signature value constitute institute State the digital signature of signature object.
It should be understood that the first signature apparatus 602 can be foregoing digital signature device 400, before can be realized The function of the first signer in method 100 and method 200 is stated, the second signature apparatus 604 can fill for foregoing digital signature 500 are set, the function of the second signer in preceding method 100 and method 200 can be realized, particular content repeats no more.
The apparatus embodiments described above are merely exemplary, wherein described, module can as illustrated by the separation member It is physically separated with being or may not be, the component shown as module may or may not be physics mould Block, it can it is in one place, or may be distributed on multiple network modules.It can be selected according to the actual needs In some or all of the modules achieve the purpose of the solution of this embodiment.Those of ordinary skill in the art are not paying creativeness Labour in the case where, it can understand and implement.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can It realizes by means of software and necessary general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, on Stating technical solution, substantially the part that contributes to existing technology can be embodied in the form of software products in other words, should Computer software product may be stored in a computer readable storage medium, the computer readable recording medium include for Any mechanism of the readable form storage of computer (such as computer) or transmission information.For example, machine readable media includes only Read memory (ROM), random access memory (RAM), magnetic disk storage medium, optical storage media, flash medium, electricity, light, Sound or the transmitting signal (for example, carrier wave, infrared signal, digital signal etc.) of other forms etc., which includes Some instructions are used so that a computer equipment (can be personal computer, server or the network equipment etc.) executes respectively Method described in certain parts of a embodiment or embodiment.
Finally, it should be noted that above embodiments are only to illustrate the technical solution of the embodiment of the present application, rather than it is limited System;Although the application is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: its It is still possible to modify the technical solutions described in the foregoing embodiments, or part of technical characteristic is equal Replacement;And these are modified or replaceed, each embodiment technical solution of the application that it does not separate the essence of the corresponding technical solution Spirit and scope.
It will be understood by those skilled in the art that the embodiment of the embodiment of the present invention can provide as method, apparatus (equipment) or Computer program product.Therefore, the embodiment of the present invention can be used complete hardware embodiment, complete software embodiment or combine soft The form of the embodiment of part and hardware aspect.Moreover, it wherein includes to calculate that the embodiment of the present invention, which can be used in one or more, Computer-usable storage medium (including but not limited to magnetic disk storage, CD-ROM, the optical memory of machine usable program code Deng) on the form of computer program product implemented.
The embodiment of the present invention referring to according to the method for the embodiment of the present invention, device (equipment) and computer program product Flowchart and/or the block diagram describes.It should be understood that can be realized by computer program instructions every in flowchart and/or the block diagram The combination of process and/or box in one process and/or box and flowchart and/or the block diagram.It can provide these computers Processor of the program instruction to general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices To generate a machine, so that generating use by the instruction that computer or the processor of other programmable data processing devices execute In the dress for realizing the function of specifying in one or more flows of the flowchart and/or one or more blocks of the block diagram It sets.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.

Claims (17)

1. a kind of digital signature method characterized by comprising
First signer obtains the first private key, generates the first random number, according to signature object and the first generating random number the One intermediate variable, and first intermediate variable is sent to the second signer;
First signer receives the first signature value and the second intermediate variable that second signer is sent, first label Name value and second intermediate variable according to first intermediate variable, second signer obtain the second private key and The second random number that second signer generates is calculated and is obtained;
First signer is according to first private key, first random number, the first signature value and described Two intermediate variables calculate the second signature value, wherein the first signature value and the second signature value constitute the signature object Digital signature.
2. the method according to claim 1, wherein further include:
First signer calculates first part's public key according to first private key, and first part's public key is sent out Give second signer;
First signer receives the second part public key that second signer is sent, and the second part public key is according to institute It states first part's public key and second private key calculates gained;
First signer calculates the public key of the digital signature according to the second part public key.
3. according to the method described in claim 2, it is characterized in that,
First signer calculates first part's public key according to first private key, specifically includes:
First signer is based on elliptic curve and calculates the first private key, obtains first part's public key;
First signer calculates the public key of the digital signature according to the second part public key, specifically includes:
First signer is based on elliptic curve and calculates second part public key, obtains the public key of the digital signature.
4. method according to claim 1-3, which is characterized in that
First signer is specifically included according to signature object and first the first intermediate variable of generating random number:
First signer generates the first intermediate variable according to signature object and the first random number, based on elliptic curve;
First signer is according to first private key, first random number, the first signature value and described Two intermediate variables calculate the second signature value, specifically include:
First signer is according to first private key, first random number, the first signature value and described Two intermediate variables are based on the second signature of elliptic curve calculations value.
5. a kind of digital signature method characterized by comprising
Second signer receives the first intermediate variable that the first signer is sent, and first intermediate variable is first signature Root is calculated according to the first random number that signature object and first signer generate and is obtained;
Second signer is according to first intermediate variable, the second nonce count of the second private key obtained and generation The first signature value and the second intermediate variable are calculated, and the first signature value and second intermediate variable are sent to the first signature Side, so that first signer is according to the first signature value, first random number, the second intermediate variable and described the The first private key that one signer obtains calculates the second signature value, wherein the first signature value and the second signature value Constitute the digital signature of the signature object.
6. according to the method described in claim 5, it is characterized by further comprising:
Second signer receives first part's public key that first signer is sent, wherein first part's public key It is calculated according to first private key;
Second signer calculates second part public key according to first part's public key and second private key, and will The second part public key sends first signer, so that first signer is calculated according to the second part public key The public key of the digital signature.
7. according to the method described in claim 6, it is characterized in that,
Second signer calculates second part public key according to first part's public key and second private key, specifically Include:
Second signer is based on elliptic curve and calculates described the to first part's public key and second private key Two part public keys.
8. according to the described in any item methods of claim 5-7, which is characterized in that
The second private key that second signer is obtained according to first intermediate variable and second signer and Second random number calculates the first signature value and the second intermediate variable, specifically includes:
The second private key that second signer is obtained according to first intermediate variable and second signer and Second random number is based on elliptic curve calculations the first signature value and the second intermediate variable.
9. a kind of digital signature device characterized by comprising
Processor, for obtaining the first private key, generating the first random number, and according to signature object and first random number Generate the first intermediate variable;
Transmitter, for first intermediate variable to be sent to the second signer;
Receiver, for receiving the first signature value and the second intermediate variable that second signer is sent, first signature Value and second intermediate variable are according to first intermediate variable, the second private key of second signer acquisition and institute The second random number for stating the generation of the second signer is calculated and is obtained;
The processor is also used to according to first private key, first random number, the first signature value and described Second intermediate variable calculates the second signature value, wherein the first signature value and the second signature value constitute the signature pair The digital signature of elephant.
10. device according to claim 9, which is characterized in that
The processor is also used to calculate first part's public key according to first private key;
The transmitter is also used to first part's public key being sent to second signer;
The receiver is also used to receive the second part public key that second signer is sent, the second part public key according to First part's public key and second private key calculate gained;
The processor is also used to calculate the public key of the digital signature according to the second part public key.
11. device according to claim 9, which is characterized in that
The processor calculates first part's public key according to first private key, specifically includes:
The processor is based on elliptic curve and calculates the first private key, obtains first part's public key;
The processor calculates the public key of the digital signature according to the second part public key, specifically includes:
The processor is based on elliptic curve and calculates second part public key, obtains the public key of the digital signature.
12. according to the described in any item devices of claim 9-11, which is characterized in that
The processor is specifically included according to signature object and first the first intermediate variable of generating random number:
The processor generates the first intermediate variable according to signature object and the first random number, based on elliptic curve;
The processor is according in first private key, first random number, the first signature value and described second Between variable calculate the second signature value, specifically include:
The processor is according in first private key, first random number, the first signature value and described second Between variable, be based on the second signature of elliptic curve calculations value.
13. a kind of digital signature device characterized by comprising
Receiver, for receiving the first intermediate variable of the first signer transmission, first intermediate variable is first label Recipe is calculated according to signature object and the first random number generated;
Processor, for according to first intermediate variable, the second private key of second signer acquisition and described the The second random number that two signers generate calculates the first signature value and the second intermediate variable;
Transmitter, for the first signature value and second intermediate variable to be sent to the first signer, so as to described One signer is obtained according to the first signature value, first random number, the second intermediate variable and first signer The first private key calculate the second signature value, wherein the first signature value and the second signature value constitute the signature The digital signature of object.
14. device according to claim 13, which is characterized in that
The receiver is also used to receive first part's public key that first signer is sent, wherein the first part is public Key is calculated according to first private key;
The processor is also used to calculate second part public key according to first part's public key and second private key;
The transmitter is used to the second part public key sending first signer, so as to first signer according to The second part public key calculates the public key of the digital signature.
15. device according to claim 14, which is characterized in that
The processor calculates second part public key according to first part's public key and second private key, specific to wrap It includes:
The processor is based on elliptic curve and calculates described second to first part's public key and second private key Divide public key.
16. the described in any item devices of 3-15 according to claim 1, which is characterized in that
The processor calculates first according to the second private key and the second random number of first intermediate variable and acquisition Signature value and the second intermediate variable, specifically include:
The processor is according to first intermediate variable and the second private key and the second random number of acquisition, based on ellipse Curve calculates the first signature value and the second intermediate variable.
17. a kind of digital signature system characterized by comprising
First signature apparatus, for obtaining the first private key, generating the first random number, and according to signature object and described first The first intermediate variable of generating random number, and first intermediate variable is sent to the second signature apparatus;
Second signature apparatus, for obtain the second private key, generate the second random number, and according to first intermediate variable, Second private key and the second random number calculate the first signature value and the second intermediate variable, and will the first signature value with Second intermediate variable is sent to first signature apparatus;
First signature apparatus is also used to according to first private key, first random number, the first signature value The second signature value is calculated with second intermediate variable, wherein described in the first signature value and the second signature value composition The digital signature of signature object.
CN201711377948.9A 2017-12-19 2017-12-19 Digital signature method, device and system Active CN109936455B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711377948.9A CN109936455B (en) 2017-12-19 2017-12-19 Digital signature method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711377948.9A CN109936455B (en) 2017-12-19 2017-12-19 Digital signature method, device and system

Publications (2)

Publication Number Publication Date
CN109936455A true CN109936455A (en) 2019-06-25
CN109936455B CN109936455B (en) 2022-06-07

Family

ID=66983991

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711377948.9A Active CN109936455B (en) 2017-12-19 2017-12-19 Digital signature method, device and system

Country Status (1)

Country Link
CN (1) CN109936455B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110650160A (en) * 2019-10-29 2020-01-03 北京天威诚信电子商务服务有限公司 Identity authentication method and system
CN111147254A (en) * 2019-12-24 2020-05-12 矩阵元技术(深圳)有限公司 Method and device for generating EdDSA digital signature with two parties cooperating
CN111476556A (en) * 2020-03-23 2020-07-31 深圳华数云计算技术有限公司 Digital currency data processing method, system and storage medium
CN112311549A (en) * 2020-03-26 2021-02-02 神州融安科技(北京)有限公司 Signature generation or assistance method, device, system, electronic equipment and storage medium
CN112769563A (en) * 2021-01-04 2021-05-07 北京数字认证股份有限公司 Operating terminal agent authorization method and device based on multi-party calculation
CN112887097A (en) * 2019-11-29 2021-06-01 航天信息股份有限公司 Signature method based on SM2 elliptic curve, related device and storage medium
CN113300846A (en) * 2020-02-24 2021-08-24 华为技术有限公司 Signature method, terminal equipment and network equipment
CN114650136A (en) * 2022-05-18 2022-06-21 杭州天谷信息科技有限公司 Electronic signature method and device based on hybrid cloud
CN114970487A (en) * 2022-07-27 2022-08-30 中建电子商务有限责任公司 Method for generating OFD electronic contract based on rich text

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103929305A (en) * 2013-01-16 2014-07-16 上海华虹集成电路有限责任公司 SM2 signature algorithm implementation method
CN104243456A (en) * 2014-08-29 2014-12-24 中国科学院信息工程研究所 Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm
CN104579656A (en) * 2014-12-31 2015-04-29 北京时代民芯科技有限公司 Hardware acceleration coprocessor for elliptic curve public key cryptosystem SM2 algorithm
US20160191252A1 (en) * 2013-08-16 2016-06-30 China Iwncomm Co., Ltd. Method and device for generating digital signature
CN106685651A (en) * 2016-12-22 2017-05-17 北京信安世纪科技有限公司 Method for creating digital signatures by cooperation of client and server
US20170207920A1 (en) * 2014-03-28 2017-07-20 International Business Machines Corporation Production of cryptographic signatures
CN107196763A (en) * 2017-07-06 2017-09-22 数安时代科技股份有限公司 SM2 algorithms collaboration signature and decryption method, device and system
CN107342855A (en) * 2017-06-14 2017-11-10 山东同智伟业软件股份有限公司 Endorsement method based on SM2 algorithms
CN107483212A (en) * 2017-08-15 2017-12-15 武汉信安珞珈科技有限公司 A kind of method of both sides' cooperation generation digital signature

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103929305A (en) * 2013-01-16 2014-07-16 上海华虹集成电路有限责任公司 SM2 signature algorithm implementation method
US20160191252A1 (en) * 2013-08-16 2016-06-30 China Iwncomm Co., Ltd. Method and device for generating digital signature
US20170207920A1 (en) * 2014-03-28 2017-07-20 International Business Machines Corporation Production of cryptographic signatures
CN104243456A (en) * 2014-08-29 2014-12-24 中国科学院信息工程研究所 Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm
CN104579656A (en) * 2014-12-31 2015-04-29 北京时代民芯科技有限公司 Hardware acceleration coprocessor for elliptic curve public key cryptosystem SM2 algorithm
CN106685651A (en) * 2016-12-22 2017-05-17 北京信安世纪科技有限公司 Method for creating digital signatures by cooperation of client and server
CN107342855A (en) * 2017-06-14 2017-11-10 山东同智伟业软件股份有限公司 Endorsement method based on SM2 algorithms
CN107196763A (en) * 2017-07-06 2017-09-22 数安时代科技股份有限公司 SM2 algorithms collaboration signature and decryption method, device and system
CN107483212A (en) * 2017-08-15 2017-12-15 武汉信安珞珈科技有限公司 A kind of method of both sides' cooperation generation digital signature

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HU JUNRU: ""The improved elliptic curve digital signature algorithm"", 《PROCEEDINGS OF 2011 INTERNATIONAL CONFERENCE ON ELECTRONIC & MECHANICAL ENGINEERING AND INFORMATION TECHNOLOGY》 *
张岩: ""基于椭圆曲线的数字签名算法研究"", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》 *

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110650160A (en) * 2019-10-29 2020-01-03 北京天威诚信电子商务服务有限公司 Identity authentication method and system
CN110650160B (en) * 2019-10-29 2022-01-04 北京天威诚信电子商务服务有限公司 Identity authentication method and system
CN112887097A (en) * 2019-11-29 2021-06-01 航天信息股份有限公司 Signature method based on SM2 elliptic curve, related device and storage medium
CN111147254A (en) * 2019-12-24 2020-05-12 矩阵元技术(深圳)有限公司 Method and device for generating EdDSA digital signature with two parties cooperating
WO2021169521A1 (en) * 2020-02-24 2021-09-02 华为技术有限公司 Signature method, terminal device and network device
CN113300846A (en) * 2020-02-24 2021-08-24 华为技术有限公司 Signature method, terminal equipment and network equipment
CN111476556A (en) * 2020-03-23 2020-07-31 深圳华数云计算技术有限公司 Digital currency data processing method, system and storage medium
CN112311549A (en) * 2020-03-26 2021-02-02 神州融安科技(北京)有限公司 Signature generation or assistance method, device, system, electronic equipment and storage medium
CN112769563A (en) * 2021-01-04 2021-05-07 北京数字认证股份有限公司 Operating terminal agent authorization method and device based on multi-party calculation
CN112769563B (en) * 2021-01-04 2022-10-11 北京数字认证股份有限公司 Operating terminal agent authorization method and device based on multi-party calculation
CN114650136A (en) * 2022-05-18 2022-06-21 杭州天谷信息科技有限公司 Electronic signature method and device based on hybrid cloud
CN114650136B (en) * 2022-05-18 2022-10-04 杭州天谷信息科技有限公司 Electronic signature method and device based on hybrid cloud
CN114970487A (en) * 2022-07-27 2022-08-30 中建电子商务有限责任公司 Method for generating OFD electronic contract based on rich text

Also Published As

Publication number Publication date
CN109936455B (en) 2022-06-07

Similar Documents

Publication Publication Date Title
CN109936455A (en) A kind of methods, devices and systems of digital signature
Choudhuri et al. Fairness in an unfair world: Fair multiparty computation from public bulletin boards
CN109274503B (en) Distributed collaborative signature method, distributed collaborative signature device and soft shield system
CN110046996B (en) Data processing method and device
CN107579819B (en) A kind of SM9 digital signature generation method and system
CN114143080A (en) Block chain data privacy protection and sharing method based on zero knowledge proof
TW201947445A (en) Blockchain data processing method, device, processing equipment and system
US10846372B1 (en) Systems and methods for trustless proof of possession and transmission of secured data
CN109361508A (en) Data transmission method, electronic equipment and computer readable storage medium
CN109767218A (en) Block chain certificate processing method and system
CN110599164B (en) Supervision-capable quick payment method for any payee under chain
CN111211910A (en) Anti-quantum computation CA (certificate Authority) and certificate issuing system based on secret shared public key pool and issuing and verifying method thereof
CN114580029A (en) Block chain digital asset privacy protection method, device, equipment and storage medium
CN111737715A (en) Decentralized electronic contract online signing method and system
CN109104410B (en) Information matching method and device
US11676111B1 (en) Apparatuses and methods for determining and processing dormant user data in a job resume immutable sequential listing
CN114785524B (en) Electronic seal generation method, device, equipment and medium
CN115203749A (en) Data transaction method and system based on block chain
Gorog et al. Solving global cybersecurity problems by connecting trust using blockchain
CN115733607A (en) Block chain-based Pedersen secret sharing multi-party aggregation access control method
WO2018105038A1 (en) Communication device and distributed ledger system
CN109766716A (en) A kind of anonymous bidirectional authentication method based on trust computing
CN110716724A (en) Method and device for realizing privacy block chain based on FPGA
CN108259180B (en) Method for quantum specifying verifier signature
CN110278081B (en) Control method and device for group digital signature

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant