CN110719167A - Block chain-based signcryption method with timeliness - Google Patents

Block chain-based signcryption method with timeliness Download PDF

Info

Publication number
CN110719167A
CN110719167A CN201910983226.0A CN201910983226A CN110719167A CN 110719167 A CN110719167 A CN 110719167A CN 201910983226 A CN201910983226 A CN 201910983226A CN 110719167 A CN110719167 A CN 110719167A
Authority
CN
China
Prior art keywords
public key
signcryption
block chain
key
public
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910983226.0A
Other languages
Chinese (zh)
Other versions
CN110719167B (en
Inventor
王利朋
胡明生
贾志娟
付俊俊
杨艳艳
程亚歌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Normal University
Original Assignee
Zhengzhou Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Normal University filed Critical Zhengzhou Normal University
Priority to CN201910983226.0A priority Critical patent/CN110719167B/en
Publication of CN110719167A publication Critical patent/CN110719167A/en
Application granted granted Critical
Publication of CN110719167B publication Critical patent/CN110719167B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves

Abstract

The scheme issues a public key with timeliness to a block chain, issues an intelligent contract to the block chain, ensures that the public key cannot be tampered by using the characteristics of the block chain, updates the validity of the public key by using the intelligent contract and deletes the public key when the public key fails. In the signcryption process, firstly, judging whether public keys of the block chain and a receiver exist or not; if the target message exists, public keys of the receiver and the self are obtained, and the target message is signed and encrypted by using the public keys of the receiver and the self to obtain a signed and encrypted message; and finally, sending the signcryption to a receiver. Therefore, the public key validity updating process in the scheme does not need manual participation, the block chain characteristic ensures the credibility of the updating process, the attack to the public key management node can be effectively resisted by utilizing the characteristic of block chain decentralization, the time stamp is prevented from being tampered or the user information is prevented from being stolen, and the reliability of the timeliness signcryption scheme is improved.

Description

Block chain-based signcryption method with timeliness
Technical Field
The application relates to the technical field of computers, in particular to a block chain-based signcryption method, device and system with timeliness.
Background
In the information age, the information security problem is increasingly emphasized by people, when messages are transmitted, security and authentication become more important in order to prevent attacks on the message contents, which are initiated by malicious third parties, and in order to achieve the requirements, encryption (decryption) and digital visas are corresponding data protection technologies.
In a conventional message transmission implementation scheme, a message is generally digitally signed, then the content of the message is encrypted, and when a receiver receives ciphertext information, the opposite operation is performed to ensure the trusted transmission of the message. However, in the above scheme, the encryption (de) encryption operation and the signature operation are separated, which is a strategy for secondary processing of message contents essentially, and the calculation efficiency is low, so in 1997, the concept of signing and encryption appears for the first time, two functions of signature and encryption (de) encryption can be realized in one logic step, and the algorithm execution efficiency is greatly improved.
The effective period management of the signcryption data is an important research direction, the signcryption data of the user can be ensured to be invalid after being expired, and the privacy information of the user can be effectively protected. The traditional validity management scheme based on the time stamp is mainly uniformly managed by a central node. However, in this scheme, a third party or even a central node can attack the aging management module, tamper the timestamp, prolong or shorten the validity period of the data, and affect the availability and the security of the data. For example, in cold chain food management, a third party can attack the server, modify the expiration time of the food, and how to let the customer trust its timeliness remains an important issue.
In conclusion, how to provide a reliable signcryption scheme with timeliness is a problem to be solved by those skilled in the art.
Disclosure of Invention
The application aims to provide a block chain-based signcryption method, device and system with timeliness, and the problem that in a traditional timestamp-based signcryption data validity management scheme, an timeliness management module is easily attacked by a third party or a central node, and the security timeliness of signcryption data is poor is solved.
In order to solve the technical problem, the present application provides a block chain-based signcryption method with timeliness, which is implemented based on a sender, and includes:
judging whether public keys of the block chain and a receiver exist or not; the sender and the receiver store a public key, a public key effective duration and a public key sending time in the block chain in advance, and publish an intelligent contract in the block chain, wherein the intelligent contract is used for judging whether the public key is invalid according to the public key effective duration and the public key sending time, and deleting the public key when the public key is judged to be invalid;
if the target message exists, public keys of the receiver and the self are obtained, and the target message is signed and encrypted by using the public keys of the receiver and the self to obtain a signed and encrypted message;
and sending the signcryption to the receiver.
Preferably, before the determining whether the public key of the receiver and the public key of the self exist in the block chain, the method further includes:
randomly generating a first part of private keys according to signing and encrypting system parameters, sending self identity information and a first part of public keys corresponding to the first part of private keys to a key generation center so that the key generation center randomly generates a second part of public keys, and further generating a second part of private keys according to the identity information, the first part of public keys and the second part of public keys;
and acquiring the second part private key and the second part public key from the key generation center to synthesize a final private key and a final public key of the key generation center.
Preferably, before the randomly generating the first part of the private key according to the parameter of the signcryption system, the method further includes:
and sending a registration request to the key generation center so that the key generation center determines and discloses signing and encrypting system parameters based on the elliptic curve.
Preferably, the obtaining the second partial private key and the second partial public key from the key generation center to synthesize a final private key and a final public key thereof includes:
acquiring the second part of private key and the second part of public key from the key generation center, and verifying the second part of private key and the second part of public key by using a preset verification formula; and if the verification is passed, synthesizing the final private key and the final public key of the user.
Preferably, after the sending the signcryption to the receiving party, the method further includes:
the receiver judges whether a public key of the receiver and a public key of the sender exist in the block chain;
if the target message exists, acquiring public keys of the sender and the block chain, and decrypting the signcryption by using the public keys of the sender and the block chain to obtain the original target message;
and if not, judging that the signcryption is invalid.
Preferably, the decrypting the signcryption message by using the public keys of the sender and the sender to obtain an original target message includes:
decrypting the signcryption by using the public keys of the signcryption and the sender to obtain an original target message and auxiliary parameters for verifying the integrity of the content;
checking the message content of the target message according to the auxiliary parameters; and if the verification is passed, confirming that the content of the target message is complete.
Preferably, the signing and encrypting the target message by using the public keys of the self and the receiver to obtain a signed and encrypted message includes:
generating a random number alpha;
determining a first parameter and a second parameter according to the random number alpha, the signcryption system parameter and the public key of the receiver; the first parameterThe second parameter U ═ d (x)a+ya) + α f, wherein XaAnd YaA first partial public key and a second partial public key, P, of the sender, respectivelypubIn order to sign-up the public key of the system,
Figure BDA0002235875860000034
H1() For the first hash function, ID, in the signcryption system parameterbIs identity information of the recipient, XbAnd YbA first part public key and a second part public key which are respectively a receiver; d ═ H3(IDa,m,Xa,R),xaAnd yaA first partial private key and a second partial private key of the sender, respectively, f ═ H3(IDa,m,Ya,R),H3() Is a third hash function, ID, in the signcryption system parameteraThe identity information of a sender is m, the target message is R ═ alpha G, and G is a generator in the signcryption system parameters;
signing and encrypting the target message m by using the first parameter and the second parameter to obtain a signed and encrypted message; wherein the signcryption
Figure BDA0002235875860000031
H2() Is a second hash function in the signcryption system parameters,
Figure BDA0002235875860000032
for exclusive or operations, | | is a join operation.
Preferably, the sending the signcryption to the receiver includes:
generating a third parameter and a fourth parameter, and sending the signcryption ciphertext, the third parameter and the fourth parameter to the receiver;
wherein the third parameter H ═ H4(IDaR, C), the fourth parameterH4() As parameters of signcryption systemFourth hash function, ID inaIs the identity information of the sender, R is alpha G, alpha is the random number generated by the sender, G is the generator in the parameter of the signcryption system, C is the signcryption ciphertext, xaAnd yaA first partial private key and a second partial private key of the sender, respectively.
In addition, this application still provides a take ageing signcryption device of area based on block chain, realizes based on the sender, includes:
a judging module: the public key judging module is used for judging whether the public keys of the self and the receiver exist in the block chain or not; the sender and the receiver store a public key, a public key effective duration and a public key sending time in the block chain in advance, and publish an intelligent contract in the block chain, wherein the intelligent contract is used for judging whether the public key is invalid according to the public key effective duration and the public key sending time, and deleting the public key when the public key is judged to be invalid;
a signcryption module: the system comprises a server, a server and a server, wherein the server is used for acquiring public keys of the server and a receiver when judging that the public keys exist, and signing and encrypting the target message by using the public keys of the server and the receiver to obtain a signed and encrypted text;
a sending module: and the receiver is used for sending the signcryption to the receiver.
Finally, the present application also provides a block chain-based signcryption system with timeliness, comprising: the block chain-based signcryption method comprises a sender, a receiver and a block chain, wherein the sender is used for realizing the steps of the block chain-based signcryption method with timeliness.
The signing and encrypting method with timeliness based on the block chain is realized based on a sender, and the scheme comprises the following steps: judging whether public keys of the block chain and a receiver exist or not; if the target message exists, public keys of the receiver and the self are obtained, and the target message is signed and encrypted by using the public keys of the receiver and the self to obtain a signed and encrypted message; and sending the signcryption to a receiver. The method comprises the steps that a public key, the valid time of the public key and the sending time of the public key are stored in a block chain in advance by a sender and a receiver, and an intelligent contract is published in the block chain and used for judging whether the public key is invalid or not according to the valid time of the public key and the sending time of the public key and deleting the public key when the public key is judged to be invalid. Therefore, the scheme can ensure that the public key cannot be tampered by issuing the time-efficient public key to the block chain and utilizing the block chain characteristic, on the basis, the intelligent contract is issued to the block chain, the effectiveness of the public key is updated by utilizing the intelligent contract, and the public key is deleted when the public key fails. Therefore, the public key validity updating process in the scheme does not need manual participation, the credibility of the updating process is guaranteed by the block chain characteristic, APT attacks aiming at the public key management node can be effectively resisted by the block chain decentralized design, illegal personnel are prevented from tampering the timestamp or stealing user information, and the reliability of the timeliness signcryption scheme is improved.
In addition, the application also provides a block chain-based signcryption device and system with timeliness, and the technical effect of the signcryption device and system corresponds to that of the method, and the description is omitted here.
Drawings
For a clearer explanation of the embodiments or technical solutions of the prior art of the present application, the drawings needed for the description of the embodiments or prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a flowchart illustrating a block chain-based signcryption method with timeliness according to an embodiment of the present disclosure;
fig. 2 is a flowchart illustrating implementation of preparation work before signcryption in a second embodiment of a block chain-based signcryption method with timeliness provided in the present application;
fig. 3 is a flowchart illustrating an implementation of an actual signcryption and decryption process in a second embodiment of a block chain-based signcryption method with timeliness according to the present application;
fig. 4 is a functional block diagram of an embodiment of a block chain-based signcryption device with timeliness provided in the present application.
Detailed Description
The core of the application is to provide a block chain-based signcryption method, device and system with timeliness, the validity updating process of a public key is updated by using the block chain, the credibility of the updating process is guaranteed based on the block chain characteristics, the block chain decentralized design can effectively resist APT attack aiming at a public key management node, illegal personnel are prevented from tampering a timestamp or stealing user information, and the reliability of the timeliness signcryption scheme is improved.
In order that those skilled in the art will better understand the disclosure, the following detailed description will be given with reference to the accompanying drawings. It is to be understood that the embodiments described are only a few embodiments of the present application and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The following describes a first embodiment of a block chain-based signcryption method with timeliness, which is implemented based on a sender, and with reference to fig. 1, the first embodiment includes:
s101, judging whether public keys of the block chain and a receiver exist or not; if yes, jumping to S102, otherwise ending the process; the sender and the receiver store a public key, a public key effective duration and a public key sending time in the block chain in advance, and publish an intelligent contract in the block chain, wherein the intelligent contract is used for judging whether the public key is invalid according to the public key effective duration and the public key sending time, and deleting the public key when the public key is judged to be invalid;
s102, public keys of the self and the receiver are obtained, and the public keys of the self and the receiver are used for signing and encrypting the target message to obtain a signing and encrypting text;
s103, sending the signcryption to the receiver.
The block chain is a distributed database technology with decentralization, anonymization and non-tamper property, and realizes trust management among nodes. The user public key and the validity period are managed based on the block chain, information is prevented from being maliciously tampered, credibility of the validity period management process is guaranteed, and the method is a feasible research scheme. Based on the above, a block chain-based signcryption scheme with timeliness is provided, which can be adapted to a trusted signcryption scene with timeliness requirements.
Specifically, the sender and the receiver are registered in the key generation center in advance, and generate their own private key and public key, respectively. On the basis, the sender and the receiver store the own public key, the valid time of the public key and the sending time of the public key into the block chain in advance, and publish an intelligent contract into the block chain, wherein the intelligent contract is used for judging whether the public key is invalid according to the valid time of the public key and the sending time of the public key, and deleting the public key when the public key is judged to be invalid.
That is to say, in this embodiment, the public key of the user has timeliness, and the effective duration of the public key is determined according to the actual requirement, which is not specifically limited in this embodiment.
In the signing and encrypting process, it is assumed that the sender sends the target message to the receiver, at this time, the sender needs to sign and encrypt the target message based on the public key of the receiver, and the receiver decrypts the ciphertext by using the private key of the receiver after receiving the signing and encrypting message, so as to obtain the original target message. In this embodiment, before the signing and encrypting operation is performed, the sender first needs to go to the block chain to determine whether the public keys of the sender and the receiver exist, and if the public key information of any party is deleted, it indicates that the public key information is invalid, the program exits, otherwise, the signing and encrypting operation is continued.
The method for signing and encrypting the time-efficient based on the block chain is realized based on a sender, and is implemented by issuing a public key with time-efficient into the block chain, ensuring that the public key cannot be tampered by using the characteristics of the block chain, issuing an intelligent contract into the block chain on the basis, updating the validity of the public key by using the intelligent contract, and deleting the public key when the public key fails. Therefore, the public key validity updating process in the scheme does not need manual participation, the credibility of the updating process is guaranteed by the block chain characteristic, APT attacks aiming at the public key management node can be effectively resisted by the block chain decentralized design, illegal personnel are prevented from tampering the timestamp or stealing user information, and the reliability of the timeliness signcryption scheme is improved.
The following begins to describe in detail an embodiment two of the block chain-based signcryption method with timeliness provided by the present application, where the embodiment two is implemented based on the foregoing embodiment one, and is expanded to a certain extent based on the embodiment one.
For convenience of description, the present embodiment divides the whole signcryption scheme into two parts for introduction, where the first part is preparation work before signcryption, including user registration and generation of a user private key and a user public key; the second part is the actual signing and encrypting process, including the signing and encrypting process of the sender and the decrypting process of the receiver.
Referring to fig. 2, the preparation process before signcryption specifically includes:
s201, sending a registration request to a key generation center so that the key generation center determines and discloses signing and encrypting system parameters based on an elliptic curve;
it should be noted that the preparation before signcryption in this embodiment is implemented based on users, and the users include, but are not limited to, the sender and the receiver mentioned in the following signcryption process. The above-mentioned parameters of the signcryption system based on elliptic curves will be described in detail below, and will not be described further herein.
S202, randomly generating a first part of private keys according to signing and encrypting system parameters, sending self identity information and a first part of public keys corresponding to the first part of private keys to a key generation center so that the key generation center randomly generates a second part of public keys, and further generating a second part of private keys according to the identity information, the first part of public keys and the second part of public keys;
s203, acquiring a second part of private key and a second part of public key from the key generation center, and verifying the second part of private key and the second part of public key by using a preset verification formula; if the verification is passed, synthesizing a final private key and a final public key;
s204, the user stores the own public key, the valid time of the public key and the sending time of the public key into the block chain respectively, and publishes an intelligent contract into the block chain, wherein the intelligent contract is used for judging whether the public key is invalid according to the valid time of the public key and the sending time of the public key, and deleting the public key when the public key is judged to be invalid.
Referring to fig. 3, the actual signing, encrypting and decrypting process specifically includes:
s301, a sender judges whether a public key of the sender and a public key of a receiver exist in a block chain; if yes, jumping to S302, otherwise, judging that the public key is invalid, and exiting the process;
s302, public keys of the self and the receiver are obtained, and the public keys of the self and the receiver are used for signing and encrypting the target message to obtain a signing and encrypting text;
s303, the sender sends the signcryption to the receiver;
s304, the receiver judges whether the public keys of the receiver and the sender exist in the block chain; if yes, jumping to S305, otherwise, judging that the signcryption is invalid, and exiting the process;
s305, public keys of the block chain and the sender are obtained, and the signcryption is decrypted by using the public keys of the block chain and the sender to obtain an original target message and auxiliary parameters for verifying the integrity of the content;
s306, verifying the message content of the target message according to the auxiliary parameters;
and S307, if the verification is passed, confirming that the content of the target message is complete, and obtaining the original target message.
The embodiment provides a block chain-based time-efficient signcryption method, which is characterized in that a public key in a signcryption scheme is issued to a block chain, the public key is ensured not to be falsified based on the block chain characteristics, an intelligent contract corresponding to a timestamp representing the validity period of the public key is issued to the block chain, and the validity of the public key is updated by the intelligent contract according to a time convention. Therefore, the validity updating process does not need manual participation, the credibility of the updating process is ensured by the block chain characteristic, and APT attacks aiming at the public key management node existing in the traditional scheme based on the public key management node can be effectively resisted by utilizing the design of block chain decentralization. The certificateless signcryption scheme based on the elliptic curve has confidentiality, unforgeability, short ciphertext length and public check property, and can be effectively adapted to the application scenes of block chains, such as scarce storage resources and data public.
As mentioned above, the complete signcryption scheme includes a plurality of processes, which the present embodiment divides into the following six processes: registration, user private key generation, user public key generation, signcryption, decryption, signature verification, which are introduced in the following specific implementation scenarios:
(1) registration (Setup)
The key generation center KGC outputs a corresponding large prime number p and a corresponding cycle group G according to an input parameter lambdapAnd further constructed in the circulation group GpUpper elliptic curve E: y2=x3+ ax + b, where 4a3+27b2Not equal to 0. And selecting a generator G on the elliptic curve E, wherein the corresponding order q of the generator G is a large prime number.
The hash function used by the system is defined as follows:
Figure BDA0002235875860000091
Figure BDA0002235875860000092
wherein L islFor the length of the user identity ID information, LmTo be the length of the signcryption message,
Figure BDA0002235875860000093
is composed ofThe length of the data in (c).
The operation symbols used by the system are defined as follows:
Figure BDA0002235875860000096
the method is an exclusive-or operation and is mainly used for encrypting and decrypting message contents; and | l is a connection operation and is mainly used for attaching parameters used for the signcryption operation after the message.
KGC selects system master key
Figure BDA0002235875860000095
And obtain the system public key information PpubsG. At this time, KGC discloses parameter information
Figure BDA0002235875860000097
While the system master key information s is retained.
(2) User private Key generation (Gen Partial Key)
ID information mark corresponding to user i is IDiWhen generating key information corresponding to user i, a part of the corresponding key information is generated by itself, and the other part needs to be generated depending on KGC. User i randomly selects a secret value
Figure BDA0002235875860000098
And obtaining Xi=xiG, then mixing<IDi,Xi>And sending the data to KGC.
Reception of KGC<IDi,Xi>Thereafter, another part of key information is generated for the user i. First, KGC selects random number
Figure BDA0002235875860000101
As a secret value, and calculating to obtain Yi=riG, and yi=ri+sH1(IDi,Xi,Yi) Then will be<yi,Yi>And sending the information to the user i through a trusted channel.
User i receives<yi,Yi>Then, the correctness of the information needs to be checked, and the check formula is yiG=Yi+PpubH1(IDi,Xi,Yi)。
If the above equation fails to check, it means that KGC sends<yi,Yi>And if the message is wrong, the generation of part of the private key fails, and the user i needs to request the KGC again to generate part of the private key information. If the check formula is established, the user i can synthesize own key information, and the private key of the user i is SKi=(xi,yi)。
(3) User Public Key generation (Gen Public Key)
For a given user i, the identity information is IDiThe generated private key pair is SKi=(xi,yi) The corresponding public key pair is PKi=(Xi,Yi). Setting the valid duration of the public key to TexpThe current transmission time is TcurWill beStore into block chain and update
Figure BDA0002235875860000103
The smart contract omega is issued into the blockchain. If the current time T is equal to Texp+TcurTriggering intelligent contract deletion
In the following process, if the user a needs to share data with the user b, the private key pair and the public key pair corresponding to the user a and the user b are respectively:
IDa:<SKa=(xa,ya),PKa=(Xa,Ya)>
IDb:<SKb=(xb,yb),PKb=(Xb,Yb)>
(4) SignCrypt (SignCrypt)
And the user a sends the message m to the user b, at the moment, the user a needs to sign the message m based on the public key of the user b, and the user b decrypts and checks the ciphertext by using the private key of the user b after receiving the sign message. And the user a inquires the public key information of the user a and the public key information of the user b from the block chain, if the public key information of any party is deleted, the public key information is invalid, the program exits, and otherwise, the subsequent process is continuously executed.
User a first selects a random number
Figure BDA0002235875860000105
And R ═ α G was calculated. Having obtained the above information, user a performs the following calculation to obtain V andU:
Figure BDA0002235875860000106
d=H3(IDa,m,Xa,R),f=H3(IDa,m,Ya,R),
Figure BDA0002235875860000107
U=d(xa+ya)+αf。
for the message m, the user a generates a corresponding signcryption ciphertext:
Figure BDA0002235875860000108
h is obtained by calculation4(IDa,R,C),
Figure BDA0002235875860000111
And will encrypt the textAnd sending the data to the user b.
(5) Decryption (UnSign Crypt)
User b receives the ciphertext
Figure BDA0002235875860000113
And then inquiring the public key information of the user a and the user b from the block chain, if the public key information is deleted, the public key information is proved to be invalid, the corresponding signcryption message is proved to be invalid, the program exits, otherwise, the subsequent decryption process is continuously executed, and the decryption process is as follows:
V'=(xb+yb)R',
Figure BDA0002235875860000116
after obtaining m | | U, the user b can analyze the plaintext information m and the auxiliary parameter U for verifying the content integrity.
(6) Signature check (Verify Sign)
And after the user b decrypts the plaintext information m, the plaintext information m needs to be verified, and if the plaintext information m is verified successfully, the message content is complete. Firstly, calculating:
f=H3(IDa,m,Ya,R'),d'=H3(IDa,m,Xar'), then the content of the message is checked, the check equation being
Figure BDA0002235875860000115
The following describes a block chain-based signcryption device with timeliness, and a block chain-based signcryption device with timeliness described below and a block chain-based signcryption method described above may be referred to correspondingly.
The signcryption device of this embodiment is implemented based on a sender, and as shown in fig. 4, the signcryption device includes:
the judging module 401: the public key judging module is used for judging whether the public keys of the self and the receiver exist in the block chain or not; the sender and the receiver store a public key, a public key effective duration and a public key sending time in the block chain in advance, and publish an intelligent contract in the block chain, wherein the intelligent contract is used for judging whether the public key is invalid according to the public key effective duration and the public key sending time, and deleting the public key when the public key is judged to be invalid;
signcryption module 402: the system comprises a server, a server and a server, wherein the server is used for acquiring public keys of the server and a receiver when judging that the public keys exist, and signing and encrypting the target message by using the public keys of the server and the receiver to obtain a signed and encrypted text;
the sending module 403: and the receiver is used for sending the signcryption to the receiver.
The block chain based signcryption device with timeliness of this embodiment is used to implement the aforementioned block chain based signcryption method with timeliness, and therefore specific embodiments of this device can be seen in the foregoing embodiments of the block chain based signcryption method with timeliness, for example, the determination module 401, the signcryption module 402, and the transmission module 403 are respectively used to implement steps S101, S102, and S103 in the block chain based signcryption method with timeliness. Therefore, specific embodiments thereof may be referred to in the description of the corresponding respective partial embodiments, and will not be described herein.
In addition, since the block chain based signcryption device with timeliness of the present embodiment is used to implement the aforementioned block chain based signcryption method with timeliness, the function corresponds to the function of the above method, and details are not described here.
Finally, the present application also provides a block chain-based signcryption system with timeliness, comprising: the block chain-based signcryption method comprises a sender, a receiver and a block chain, wherein the sender is used for realizing the steps of the block chain-based signcryption method with timeliness.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The above detailed descriptions of the solutions provided in the present application, and the specific examples applied herein are set forth to explain the principles and implementations of the present application, and the above descriptions of the examples are only used to help understand the method and its core ideas of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims (10)

1. A block chain-based signcryption method with timeliness is characterized by being realized based on a sender and comprising the following steps:
judging whether public keys of the block chain and a receiver exist or not; the sender and the receiver store a public key, a public key effective duration and a public key sending time in the block chain in advance, and publish an intelligent contract in the block chain, wherein the intelligent contract is used for judging whether the public key is invalid according to the public key effective duration and the public key sending time, and deleting the public key when the public key is judged to be invalid;
if the target message exists, public keys of the receiver and the self are obtained, and the target message is signed and encrypted by using the public keys of the receiver and the self to obtain a signed and encrypted message;
and sending the signcryption to the receiver.
2. The method of claim 1, wherein prior to determining whether the public keys of the recipient and the self exist in the blockchain, further comprising:
randomly generating a first part of private keys according to signing and encrypting system parameters, sending self identity information and a first part of public keys corresponding to the first part of private keys to a key generation center so that the key generation center randomly generates a second part of public keys, and further generating a second part of private keys according to the identity information, the first part of public keys and the second part of public keys;
and acquiring the second part private key and the second part public key from the key generation center to synthesize a final private key and a final public key of the key generation center.
3. The method of claim 2, wherein prior to said randomly generating the first portion of the private key based on the signcryption system parameters, further comprising:
and sending a registration request to the key generation center so that the key generation center determines and discloses signing and encrypting system parameters based on the elliptic curve.
4. The method of claim 2, wherein said obtaining the second partial private key and the second partial public key from the key generation center to synthesize a final private key and public key thereof comprises:
acquiring the second part of private key and the second part of public key from the key generation center, and verifying the second part of private key and the second part of public key by using a preset verification formula; and if the verification is passed, synthesizing the final private key and the final public key of the user.
5. The method of claim 1, wherein after the sending the signcryption to the recipient, further comprising:
the receiver judges whether a public key of the receiver and a public key of the sender exist in the block chain;
if the target message exists, acquiring public keys of the sender and the block chain, and decrypting the signcryption by using the public keys of the sender and the block chain to obtain the original target message;
and if not, judging that the signcryption is invalid.
6. The method of claim 5, wherein decrypting the signcryption using the public keys of itself and the sender to obtain the original target message comprises:
decrypting the signcryption by using the public keys of the signcryption and the sender to obtain an original target message and auxiliary parameters for verifying the integrity of the content;
checking the message content of the target message according to the auxiliary parameters; and if the verification is passed, confirming that the content of the target message is complete.
7. The method according to any one of claims 1 to 6, wherein signing the target message with public keys of the self and the receiving party to obtain a signcryption text comprises:
generating a random number alpha;
determining a first parameter and a second parameter according to the random number alpha, the signcryption system parameter and the public key of the receiver; the first parameterThe second parameter U ═ d (x)a+ya) + α f, wherein XaAnd YaA first partial public key and a second partial public key, P, of the sender, respectivelypubIn order to sign-up the public key of the system,H1() For the first hash function, ID, in the signcryption system parameterbIs identity information of the recipient, XbAnd YbA first part public key and a second part public key which are respectively a receiver; d ═ H3(IDa,m,Xa,R),xaAnd yaA first partial private key and a second partial private key of the sender, respectively, f ═ H3(IDa,m,Ya,R),H3() Is a third hash function, ID, in the signcryption system parameteraThe identity information of a sender is m, the target message is R ═ alpha G, and G is a generator in the signcryption system parameters;
signing and encrypting the target message m by using the first parameter and the second parameter to obtain a signed and encrypted message; wherein the signcryption
Figure FDA0002235875850000023
H2() Is a second hash function in the signcryption system parameters,
Figure FDA0002235875850000024
for exclusive or operations, | | is a join operation.
8. The method of claim 7, wherein the sending the signcryption to the recipient comprises:
generating a third parameter and a fourth parameter, and sending the signcryption ciphertext, the third parameter and the fourth parameter to the receiver;
wherein the third parameter H ═ H4(IDaR, C), the fourth parameter
Figure FDA0002235875850000031
H4() As a fourth hash function, ID, in the signcryption system parameteraIs the identity information of the sender, R is alpha G, alpha is the random number generated by the sender, G is the generator in the parameter of the signcryption system, C is the signcryption ciphertext, xaAnd yaA first partial private key and a second partial private key of the sender, respectively.
9. A block chain-based signcryption device with timeliness is realized based on a sender and comprises the following components:
a judging module: the public key judging module is used for judging whether the public keys of the self and the receiver exist in the block chain or not; the sender and the receiver store a public key, a public key effective duration and a public key sending time in the block chain in advance, and publish an intelligent contract in the block chain, wherein the intelligent contract is used for judging whether the public key is invalid according to the public key effective duration and the public key sending time, and deleting the public key when the public key is judged to be invalid;
a signcryption module: the system comprises a server, a server and a server, wherein the server is used for acquiring public keys of the server and a receiver when judging that the public keys exist, and signing and encrypting the target message by using the public keys of the server and the receiver to obtain a signed and encrypted text;
a sending module: and the receiver is used for sending the signcryption to the receiver.
10. A block chain based signcryption system with timeliness, comprising: a sender, a receiver, and a blockchain, wherein the sender is configured to implement the steps of the blockchain-based signcryption method with timeliness according to any one of claims 1 to 8.
CN201910983226.0A 2019-10-16 2019-10-16 Block chain-based signcryption method with timeliness Active CN110719167B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910983226.0A CN110719167B (en) 2019-10-16 2019-10-16 Block chain-based signcryption method with timeliness

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910983226.0A CN110719167B (en) 2019-10-16 2019-10-16 Block chain-based signcryption method with timeliness

Publications (2)

Publication Number Publication Date
CN110719167A true CN110719167A (en) 2020-01-21
CN110719167B CN110719167B (en) 2022-09-27

Family

ID=69211742

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910983226.0A Active CN110719167B (en) 2019-10-16 2019-10-16 Block chain-based signcryption method with timeliness

Country Status (1)

Country Link
CN (1) CN110719167B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111585757A (en) * 2020-05-07 2020-08-25 郑州师范学院 Data sharing decryption method and related device
CN111786797A (en) * 2020-07-03 2020-10-16 四川阵风科技有限公司 Time effectiveness verification method for three-party communication
CN112822255A (en) * 2020-12-31 2021-05-18 平安科技(深圳)有限公司 Block chain-based mail processing method, mail sending end, receiving end and equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104811302A (en) * 2015-05-15 2015-07-29 陕西师范大学 Oval curve mixing signcryption method based on certificateless effect
CN107070644A (en) * 2016-12-26 2017-08-18 北京科技大学 A kind of decentralization public key management method and management system based on trust network
CN107493273A (en) * 2017-08-02 2017-12-19 深圳市易成自动驾驶技术有限公司 Identity identifying method, system and computer-readable recording medium
US20190306147A1 (en) * 2018-03-30 2019-10-03 Coinplug, Inc. Method for sso service using pki based on blockchain networks, and device and server using the same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104811302A (en) * 2015-05-15 2015-07-29 陕西师范大学 Oval curve mixing signcryption method based on certificateless effect
CN107070644A (en) * 2016-12-26 2017-08-18 北京科技大学 A kind of decentralization public key management method and management system based on trust network
CN107493273A (en) * 2017-08-02 2017-12-19 深圳市易成自动驾驶技术有限公司 Identity identifying method, system and computer-readable recording medium
US20190306147A1 (en) * 2018-03-30 2019-10-03 Coinplug, Inc. Method for sso service using pki based on blockchain networks, and device and server using the same

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
周彦伟等: "不使用双线性映射的无证书签密方案的安全性分析及改进", 《计算机学报》 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111585757A (en) * 2020-05-07 2020-08-25 郑州师范学院 Data sharing decryption method and related device
CN111786797A (en) * 2020-07-03 2020-10-16 四川阵风科技有限公司 Time effectiveness verification method for three-party communication
CN111786797B (en) * 2020-07-03 2022-10-18 四川阵风科技有限公司 Time effectiveness verification method for three-party communication
CN112822255A (en) * 2020-12-31 2021-05-18 平安科技(深圳)有限公司 Block chain-based mail processing method, mail sending end, receiving end and equipment
CN112822255B (en) * 2020-12-31 2023-02-28 平安科技(深圳)有限公司 Block chain-based mail processing method, mail sending end, receiving end and equipment

Also Published As

Publication number Publication date
CN110719167B (en) 2022-09-27

Similar Documents

Publication Publication Date Title
Wazid et al. AKM-IoV: Authenticated key management protocol in fog computing-based Internet of vehicles deployment
CN109559122B (en) Block chain data transmission method and block chain data transmission system
US11757635B2 (en) Client authentication and access token ownership validation
CN110603783B (en) Secure dynamic threshold signature scheme using trusted hardware
CN108810895B (en) Wireless Mesh network identity authentication method based on block chain
JP4709815B2 (en) Authentication method and apparatus
CN112399382A (en) Vehicle networking authentication method, device, equipment and medium based on block chain network
CN110719167B (en) Block chain-based signcryption method with timeliness
KR20080004165A (en) Method for device authentication using broadcast encryption
KR101531662B1 (en) Method and system for mutual authentication between client and server
JP2022521525A (en) Cryptographic method for validating data
CN112565205B (en) Credible authentication and measurement method, server, terminal and readable storage medium
CN110855695A (en) Improved SDN network security authentication method and system
Patel et al. Vehiclechain: Blockchain-based vehicular data transmission scheme for smart city
JP2010231404A (en) System, method, and program for managing secret information
Larsen et al. Direct anonymous attestation on the road: Efficient and privacy-preserving revocation in c-its
CN111241492A (en) Product multi-tenant secure credit granting method, system and electronic equipment
CN112364335B (en) Identification identity authentication method and device, electronic equipment and storage medium
KR101131929B1 (en) Public key-based authentication apparatus and method for authentication
CN111131311A (en) Data transmission method based on block chain and block chain link point
CN113691376B (en) Key management method and device
KR101256114B1 (en) Message authentication code test method and system of many mac testserver
CN112367329B (en) Communication connection authentication method, device, computer equipment and storage medium
KR20100002424A (en) Method for generating secure key using certificateless public key
CN114866244A (en) Controllable anonymous authentication method, system and device based on ciphertext block chaining encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant