CN111262704A - SM9 digital signature generation method and device, computer equipment and storage medium - Google Patents

SM9 digital signature generation method and device, computer equipment and storage medium Download PDF

Info

Publication number
CN111262704A
CN111262704A CN202010041962.7A CN202010041962A CN111262704A CN 111262704 A CN111262704 A CN 111262704A CN 202010041962 A CN202010041962 A CN 202010041962A CN 111262704 A CN111262704 A CN 111262704A
Authority
CN
China
Prior art keywords
signature
password
digital signature
identity credential
key generation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010041962.7A
Other languages
Chinese (zh)
Inventor
罗影
李先强
周海涛
王鹏
竹贝芬
曾伟
罗建洪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Xinsheng Intelligent Technology Co ltd
Original Assignee
Jiangsu Xinsheng Intelligent Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Xinsheng Intelligent Technology Co ltd filed Critical Jiangsu Xinsheng Intelligent Technology Co ltd
Priority to CN202010041962.7A priority Critical patent/CN111262704A/en
Publication of CN111262704A publication Critical patent/CN111262704A/en
Priority to PCT/CN2020/137523 priority patent/WO2021143456A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Power Engineering (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The application relates to an SM9 digital signature generation method, an SM9 digital signature generation device, a computer device and a storage medium. The method comprises the following steps: when digital signature acquisition is triggered, sending a user identifier and a signature password to a key generation center to apply for a signature identity document; the key generation center calculates a signature identity credential according to the user identification and the signature password; receiving a signature identity credential returned by the key generation center; obtaining a first element of a multiplication cycle group; determining a first portion of a digital signature; obtaining a second part of the digital signature according to the signature identity credential and the signature password; a digital signature is output based on the first portion of the digital signature and the second portion of the digital signature. The scheme of the application can improve the safety of the digital signature.

Description

SM9 digital signature generation method and device, computer equipment and storage medium
Technical Field
The present application relates to the field of information security technologies, and in particular, to a method and an apparatus for generating an SM9 digital signature, a computer device, and a storage medium.
Background
The digital signature technology is the combined application of an asymmetric cryptographic technology and a digital abstract technology, a sender, namely a signer, carries out digital signature on audio and video files, mails, official letters, contracts and network data packets to-be-signed data information, generates a digital signature, and then sends the signed data information and the digital signature to a receiver.
The SM9 identification cipher algorithm is an identification cipher system based on elliptic curve pairs (bilinear pairs), is a standard algorithm of public key cipher algorithms in China's commercial cipher industry, and comprises a digital signature algorithm and the like. In the current SM9 digital signature generation method, a user terminal provides a public key of a user to a Key Generation Center (KGC), the public key of the user is uniquely determined by a user identifier, the KGC responds to the user terminal, and issues a private key of the user to the user terminal, and the user terminal signs data information to be signed by using the private key of the user. However, since the existing SM9 digital signature generation method needs to directly use the private key of the user, in some insecure application scenarios, the private key of the user may be exposed or stolen, and thus, there is a problem of low security.
Disclosure of Invention
In view of the above, it is necessary to provide an SM9 digital signature generation method, apparatus, computer device, and storage medium capable of improving security of digital signatures in view of the above technical problems.
A SM9 digital signature generation method, the method comprising:
when digital signature acquisition is triggered, sending a user identifier and a signature password to a key generation center to apply for a signature identity document; the key generation center calculates the signature identity credential according to the user identification and the signature password;
receiving the signature identity credential returned by the key generation center;
obtaining a first element of a multiplication cycle group;
determining a first portion of a digital signature;
obtaining a second part of the digital signature according to the signature identity credential and the signature password;
outputting a digital signature based on the first portion of the digital signature and the second portion of the digital signature.
In one embodiment, before obtaining the first element of the multiplication cycle group, the method further includes: obtaining a first element of the multiplication cyclic group based on bilinear pairwise operation in advance according to a generator of the first addition cyclic group and the signature master public key; storing a first element of the multiplication loop group.
In one embodiment, the sending the user identifier and the signing password to the key generation center to apply for signing the identity credential when triggering the digital signature acquisition includes: when the digital signature acquisition is triggered, randomly generating a signature password; converting the data type of the signature password from an integer type to a byte string type; sending the user identification and the converted signature password to a key generation center, and determining a signature identity credential by the key generation center according to the user identification and the converted signature password; the value range of the signature password is a positive integer smaller than the order of the multiplication cycle group.
In one embodiment, the key generation center calculates the signed identity credential according to the user identifier and the signed password, and includes: based on a first password hash function, generating a function identifier and the order of the multiplication cycle group according to the user identifier and the private key to obtain a first temporary variable; obtaining a second temporary variable according to the first temporary variable and the signature main private key; and obtaining a signature identity credential according to the second temporary variable, the signature password and the generator of the first addition cyclic group.
In one embodiment, the determining the first part of the digital signature includes: generating a random number according to the order of the multiplication cycle group; obtaining a second element of the multiplication cycle group according to the first element of the multiplication cycle group and the random number; and based on a second cryptographic hash function, obtaining a first part of the digital signature according to the message string to be signed, a second element of the multiplication cycle group and the order of the multiplication cycle group.
In one embodiment, the obtaining the second part of the digital signature according to the signature identity credential and the signature password includes: calculating an intermediate variable; when the intermediate variable is 0, skipping to a step of generating a random number according to the order of the multiplication cycle group; and when the intermediate variable is not 0, calculating to obtain a second part of the digital signature according to the intermediate variable, the signature identity credential, the signature password and the generator of the first addition cycle group.
In one embodiment, the first element of the multiplicative cyclic group is obtained at any time before or after sending the user identification and the signing password to the key generation center for application for signing the identity credential.
An SM9 digital signature generation apparatus, the apparatus comprising:
the signature applying module is used for sending a user identifier and a signature password to the secret key generating center to apply for signing the identity document when the digital signature is triggered to be acquired; the key generation center calculates the signature identity credential according to the user identification and the signature password; receiving the signature identity credential returned by the key generation center;
an obtaining element module, configured to obtain a first element of a multiplication cycle group;
a determine signature module to determine a first portion of a digital signature; obtaining a second part of the digital signature according to the signature identity credential and the signature password;
and the output signature module is used for outputting the digital signature according to the first part of the digital signature and the second part of the digital signature.
A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the computer program:
when digital signature acquisition is triggered, sending a user identifier and a signature password to a key generation center to apply for a signature identity document; the key generation center calculates the signature identity credential according to the user identification and the signature password;
receiving the signature identity credential returned by the key generation center;
obtaining a first element of a multiplication cycle group;
determining a first portion of a digital signature;
obtaining a second part of the digital signature according to the signature identity credential and the signature password;
outputting a digital signature based on the first portion of the digital signature and the second portion of the digital signature.
A computer-readable storage medium, on which a computer program is stored which, when executed by a processor, carries out the steps of:
when digital signature acquisition is triggered, sending a user identifier and a signature password to a key generation center to apply for a signature identity document; the key generation center calculates the signature identity credential according to the user identification and the signature password;
receiving the signature identity credential returned by the key generation center;
obtaining a first element of a multiplication cycle group;
determining a first portion of a digital signature;
obtaining a second part of the digital signature according to the signature identity credential and the signature password;
outputting a digital signature based on the first portion of the digital signature and the second portion of the digital signature.
The SM9 digital signature generation method, apparatus, computer device, and storage medium send the user identifier and the signature password to the key generation center to apply for the signature id, receive the signature id returned by the key generation center, and obtain the digital signature according to the received signature id and the signature password. Therefore, the key generation center does not issue the user private key any more, but issues the signature identity credential obtained according to the signature password, and the user terminal executes signature according to the signature identity credential and the paired signature password, so that on one hand, transmission of the user private key on the network is avoided, and the risk of exposure or stealing in the transmission process is avoided, on the other hand, the signature identity credential and the signature password are paired for use, and both lack of one and can not generate a digital signature, thereby improving the security of the digital signature.
Drawings
Fig. 1 is a diagram illustrating an application scenario of the SM9 digital signature generation method according to an embodiment;
fig. 2 is a flowchart illustrating a method for generating a digital signature by SM9 according to an embodiment;
FIG. 3 is a flowchart illustrating the steps of the key generation center calculating a signed identity credential based on a user identification and a signed password in one embodiment;
FIG. 4 is a flow diagram illustrating the steps for pre-computing a first element of a multiplication loop group in one embodiment;
FIG. 5 is a flowchart illustrating the steps of determining a first portion of a digital signature in one embodiment;
FIG. 6 is a flowchart illustrating steps for deriving a second portion of a digital signature based on a signed identity credential and a signed password in one embodiment;
fig. 7 is a block diagram showing the structure of an SM9 digital signature generation apparatus according to an embodiment;
FIG. 8 is a diagram illustrating an internal structure of a computer device according to an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
As shown in fig. 1, in one embodiment, an SM9 digital signature system is provided, which includes a terminal 110 and a key generation center KGC120, where the terminal 110 communicates with the key generation center KGC120 via a network. The terminal 110 has a function of accessing to the internet and a function of signing a message, and may be a personal computer, a notebook computer, a smart phone, a tablet computer, a portable wearable device, and the like. The key generation center KGC is responsible for selecting system parameters, is a trusted authority for generating a master key, and issues a signature identity credential to a user by using a user public key and a signature password. The terminal 110 may be configured to perform an SM9 digital signature generation method.
In one embodiment, as shown in fig. 2, there is provided an SM9 digital signature generation method, which is described by taking the method as an example for being applied to the terminal in fig. 1, and includes the following steps S202 to S212:
step S202, when the digital signature acquisition is triggered, sending a user identification and a signature password to a key generation center to apply for signing an identity document; and the key generation center calculates the signature identity credential according to the user identification and the signature password.
Wherein, the user Identification (ID) can uniquely determine the information of an entity identity, for example, the user identification of the signer A is IDAThe electronic mail consists of information which cannot be repudiated by an entity, and can be characters with any length, such as identifiable names, electronic mail boxes, identity numbers, telephone numbers, street addresses and the like of the entity. The signature password x is the signature identity credential (T) of the signer AA) The signature password used for pairing may be randomly generated by the terminal corresponding to the user. Signing identity document TAIs used by matching with a signature password x, and is that an elliptic curve E is in a finite field FqPoint(s) above, by the key generation center KGC according to the user identification IDAAnd the corresponding signed password x.
Specifically, when a user needs to sign data information to be transmitted, the user is a signer a, and a terminal corresponding to the signer a transmits a user identifier ID to a key generation center KGCAThe signature password randomly generated by the terminal corresponding to the signer A applies for the signature identity certificate T of the signer A to the key generation center KGCA
In one embodiment, as shown in fig. 3, the key generation center calculates the signed identity credential according to the user identifier and the signed password, and includes the following steps S302 to S306:
step S302, based on the first cipher hash function, generating a function identifier and a multiplication cycle group order number according to the user identifier and the private key, and obtaining a first temporary variable.
Wherein the first cryptographic hash function is a cryptographic function H1Cryptographic function H1The inputs of (Z, n) are a bit string Z and an integer n, where the bit string Z is the user identification ID of the signer AAGenerating a spliced bit string of a function identifier hid with a private key, wherein an integer N is the order N of the multiplication cycle group, and the output is an integer h1Integer h of output1Is in the range of [1, n-1]]. And the private key generation function identifier hid is generated for a signature private key represented by one byte and is selected and disclosed by the key generation center KGC.
The first temporary variable is t1,t1The calculation formula of (a) is as follows:
t1=H1(IDA‖hid,N)+s mod N
in the formula, IDAFor the user identification of the signatory A, the hid generates a function identifier for the private key, and the ID is usedASplicing with hid, N is multiplication cyclic group GTS is a signature main private key, the length is L, for example 256 bits, the signature main private key s is generally generated by a key generation center KGC through a random number generator, and the value range of the signature main private key s belongs to [1, N-1]]Mod is a modulo operation, i.e. on the calculated first temporary variable t1Modulo N operation, first temporary variable t after modulo operation1Is not greater than the order N. For example, 23mod 7 ═ 2.
Specifically, the key generation center KGC generates a key according to the user ID of the signer a input from the terminal corresponding to the userAConcatenation bit string or character string with private key generating function identifier hid, and multiplication loop group GTBased on the first cryptographic hash function, outputs an integer h1An integer h1And signature Master and privateThe sum of the keys s is modulo to obtain a first temporary variable t1
And step S304, obtaining a second temporary variable according to the first temporary variable and the signature main private key.
Wherein the second temporary variable is t2. The calculation formula is as follows:
Figure BDA0002368069020000061
in particular, the key generation center KGC is based on a first temporary variable t1The product of the negative 1 power of the first temporary variable t and the signature main private key s is obtained by taking the modulus N to obtain a second temporary variable t2Is not greater than the order N.
And step S306, obtaining the signature identity credential according to the second temporary variable, the signature password and the generator of the first addition cyclic group.
Wherein the first addition cycle group G1Is P1. The calculation formula is as follows:
TA=[t2-x]P1
specifically, the key generation center KGC calculates a first addition cycle group G1Generating element P of1Of (t)2X) times, and using the result obtained after calculation as the signature identity credential of the signer A.
In the embodiment, the signature identity credential of the signer is obtained through the user identifier of the signer and the signature password used for pairing, that is, the signed token is calculated, and the user private key is replaced, so that the situation that the user private key is stolen or exposed is effectively prevented.
Step S204 is further included after step S202, and the signed identity credential returned by the key generation center is received.
Calculating the signature ID T of the signer A at the key generation center KGCAThen, the terminal corresponding to the signer A receives the signature identity credential T returned by the key generation center KGCAUsing the signed ID certificate TAThe pair with the corresponding signing password x performs the signing.
In step S206, a first element of the multiplication loop group is acquired.
Multiplication loop group (G)T) Is a multiplication loop group of order prime N, a multiplication loop group GTThe first element of (a) refers to element G, which passes through a first group of addition cycles G defining an elliptic curve over a finite field1A second addition cyclic group G2To multiplication loop group GTBilinear pair e (from G)1×G2To GTBilinear pairs of) are calculated. Wherein the first addition cycle group G1A second addition cyclic group G2And multiplication cyclic group GTThe orders of the elliptic curve groups are prime numbers N, and bilinear pairs are defined on the elliptic curve groups and mainly comprise Weil pairs, Tate pairs, Ate pairs, R-Ate pairs and the like.
In one embodiment, in order to improve the calculation efficiency, the first element of the multiplication cycle group may be pre-calculated and stored at any time before or after the user identifier and the signature password are sent to the key generation center to apply for signing the identity credential, and when the digital signature is required, the first element of the multiplication cycle group obtained by pre-calculation may be directly obtained, so as to achieve an effect of saving time.
In one embodiment, as shown in fig. 4, the step of pre-computing the first element of the multiplication loop group includes the following steps S402 to S404:
step S402, a first element of the multiplication cyclic group is obtained in advance based on bilinear pairing operation according to the generator of the first addition cyclic group and the signature main public key.
Signature master public key PpubBy signature master private key s in combination with system parameters P2To produce, i.e. Ppub=[s]P2,P2For the generator of the second addition cycle group, i.e. the signature master public key PpubFor the generator P of the second addition cycle group2S times. The formula for the first element g of the multiplication cycle group is as follows:
g=e(P1,Ppub)
specifically, the terminal corresponding to the signer a is previously based on the generator P of the first addition cyclic group1And signature master public key PpubProceed from the firstAdditive cyclic group G1A second addition cyclic group G2To multiplication loop group GTBilinear pair e (from G)1×G2To GTBilinear pair of G) which is a pre-calculation process, to obtain the first element G of the multiplication loop group, and the bilinear pair e is G1×G2To GTThe bilinear, non-degenerate and computability requirements.
In step S404, the first element of the multiplication cycle group is stored.
After the terminal corresponding to the signer A obtains the first element g of the multiplication cycle group through pre-calculation, the value of the first element g of the multiplication cycle group is stored for the terminal corresponding to the signer A to use when signature is subsequently executed.
In the embodiment, the g elements are calculated in advance in the pre-calculation process, so that the calculation efficiency of the algorithm is improved, time-consuming bilinear pairing operation in the signature execution process is eliminated, the g elements do not need to be calculated every time the signature is executed, and the signature execution speed is accelerated.
Step S208 is also included after step S206, where the first part of the digital signature is determined.
In one embodiment, as shown in fig. 5, determining the first part of the digital signature includes the following steps S502 to S506:
step S502, generating random numbers according to the order of the multiplication cycle group.
Specifically, the terminal corresponding to the signer a generates a random number r according to the order N of the multiplication cycle group, wherein the value range of the random number r belongs to [1, N-1], that is, the value of the random number r is a positive integer smaller than N.
Step S504, a second element of the multiplication cycle group is obtained according to the first element of the multiplication cycle group and the random number.
The second element of the multiplication cycle group is a w element, the length of the multiplication cycle group is 12 x 256 bits, and the calculation formula of the w element is as follows:
w=gr
specifically, the terminal corresponding to the signer a performs exponentiation operation according to the first element g of the multiplication cycle group and the random number r to obtain a second element w of the multiplication cycle group. The data type of the second element w is converted from the field element type into the byte string type, and then the byte string type is converted into the bit string type, so that the step of calculating the first part of the digital signature is performed subsequently.
Step S506, based on the second cryptographic hash function, obtain the first part of the digital signature according to the message string to be signed, the second element of the multiplication cycle group, and the order of the multiplication cycle group.
Wherein the second cryptographic hash function is a cryptographic function H2The message string to be signed is a bit string M, and the formula for obtaining the first part h of the digital signature is as follows:
h=H2(M‖w,N)
specifically, the terminal corresponding to the signer a hashes the function H according to the second password2Cryptographic function H2The input of (Z, N) is a bit string Z and an integer N, wherein the bit string Z is a spliced bit string of a message string M to be signed and a second element w of the multiplication cyclic group, the integer N is the order number N of the multiplication cyclic group, the output is an integer h, and the range of the output integer h is [1, N-1%]The integer h is the first part of the digital signature.
Step S208 is followed by step S210 of deriving a second part of the digital signature from the signed identity credential and the signed password.
In one embodiment, as shown in fig. 6, obtaining the second part of the digital signature according to the signed identity credential and the signed password includes the following steps S602 to S604:
step S602, calculating intermediate variables; when the intermediate variable is 0, a step of generating a random number based on the order of the multiplication loop group is skipped, i.e., the first part of the digital signature is recalculated.
The intermediate variable is l, and the calculation formula of l is as follows:
l=(r-h)mod N
specifically, the terminal corresponding to the signer a takes the modulus N of the difference between the random number r and the first part h of the digital signature, and the obtained result is the intermediate variable l. And when the intermediate variable l is 0, an exception occurs, and for safety and robustness, the step of generating a random number according to the order of the multiplication loop group is skipped, namely, the signature is re-executed to obtain the first part h of the digital signature.
And step S604, when the intermediate variable is not 0, calculating to obtain a second part of the digital signature according to the intermediate variable, the signature identity credential, the signature password and the generator of the first addition cyclic group.
The second part of the digital signature is S, and the calculation formula of S is as follows:
S=[l](TA+xP1)
specifically, the terminal corresponding to the signer a converts the generator P of the first addition cyclic group1Multiplying the result by a signature password x, and carrying out the first dot product on the result and a signature identity document T of a signer AAAnd adding, namely multiplying the added result by an intermediate variable l, wherein the result obtained by the second dot multiplication is the second part S of the digital signature.
In this embodiment, the identity document T is signedAThe mode of adding the input signature password x temporarily calculates the reply user private key, avoids directly using the user private key for signature, and increases the safety of the user private key in the calculation process.
After step S210, a step S212 is further included, in which the digital signature is output according to the first part of the digital signature and the second part of the digital signature.
Specifically, the terminal corresponding to the signer a converts the data type of the first part h of the digital signature from an integer type to a byte string type, converts the data type of the second part S of the digital signature from an elliptic curve point type to a byte string type, and outputs the digital signature (h, S). Wherein the first part h of the digital signature is a 32-byte string, the second part S of the digital signature is also a 32-byte string, and the digital signature (h, S) is a 64-byte string.
The SM9 digital signature generation method applies for a signed identity credential by sending a user identifier and a signed password to a key generation center, receives the signed identity credential returned by the key generation center, and obtains a digital signature according to the received signed identity credential and the signed password. Therefore, the key generation center does not issue the user private key any more, but issues the signature identity credential obtained according to the signature password, and the user terminal executes signature according to the signature identity credential and the paired signature password, so that on one hand, transmission of the user private key on the network is avoided, and the risk of exposure or stealing in the transmission process is avoided, on the other hand, the signature identity credential and the signature password are paired for use, and both lack of one and can not generate a digital signature, thereby improving the security of the digital signature.
In one embodiment, when triggering digital signature acquisition, sending a user identification and a signing password to a key generation center for signing an identity credential comprises: when digital signature acquisition is triggered, randomly generating a signature password; converting the data type of the signature password from an integer type to a byte string type; sending the user identification and the converted signature password to a key generation center, and determining a signature identity credential by the key generation center according to the user identification and the converted signature password; the range of values of the signature password is a positive integer smaller than the order of the multiplication cycle group.
Specifically, a terminal corresponding to the signer A randomly generates a large integer, namely a signature password x, in order to facilitate data transmission on the network, the terminal corresponding to the signer A converts the randomly generated integer type signature password x into a byte string type signature password x, the signature password x at the moment is a byte string which can be identified by a computer, and a user identification ID of the signer A is usedAAnd the converted signature password x is sent to a key generation center KGC, and the key generation center KGC sends the signature password x to a user identification ID of the signer AAAnd determining the signature identity credential by the converted signature password x. More specifically, after receiving the converted signature password x, the key generation center KGC converts the data type of the received converted signature password x into an integer type again, and calculates the signature credential. Wherein the integer type signature password x has a value range of [1, N-1]]If the number exceeds the range, an error is reported, and N is the order number of the multiplication cycle group.
In the embodiment, the data type of the signature password is converted, so that the transmission of data on the network and the subsequent calculation of the signature identity credential are facilitated, an error is reported when the data exceeds the range of the elliptic curve point, and the failure caused by the fact that the data exceeds the range of the elliptic curve point can be avoided.
In one embodiment, the first element of the multiplicative cyclic group is obtained at any time before or after the user identification and the signing password are sent to the key generation center to apply for the signed identity credential.
Specifically, the first element g is not related to the acquisition of the private key of the user, and therefore, the first element g can be acquired at any time before the signature is executed, that is, the process of calculating the first element g in advance, that is, the pre-calculation, can be performed before the signer a acquires the signature identity credential, or after the signature identity credential is acquired, the pre-calculation result is stored in the first element g for use in subsequent signatures, only one calculation is needed, the value of the first element g does not need to be temporarily calculated in the actual signature, and the value of the first element g which is calculated and stored in advance is directly read.
In this embodiment, since both parameters of the operation of the first element g participating in the multiplication loop group are fixed, the first element g is calculated in advance and stored, and the first element g does not need to be temporarily calculated when the signature is actually executed, so that the efficiency of generating the digital signature is improved.
It should be understood that although the various steps in the flow charts of fig. 2-6 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2-6 may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed in turn or alternating with other steps or at least some of the sub-steps or stages of other steps.
In one embodiment, as shown in fig. 7, there is provided an SM9 digital signature generation apparatus including: an apply signature module 702, an obtain elements module 704, a determine signature module 706, and an output signature module 708, wherein:
a signature applying module 702, configured to send a user identifier and a signature password to a key generation center to apply for signing an identity credential when digital signature acquisition is triggered; the key generation center calculates a signature identity credential according to the user identification and the signature password; and receiving the signed identity credential returned by the key generation center.
An obtain elements module 704 is configured to obtain a first element of the multiplicative cyclic group.
A determine signature module 706 for determining a first portion of the digital signature; and obtaining a second part of the digital signature according to the signature identity credential and the signature password.
An output signature module 708 configured to output the digital signature based on the first portion of the digital signature and the second portion of the digital signature.
In one embodiment, the get elements module 704 further includes: obtaining a first element of the multiplication cyclic group based on bilinear pairwise operation in advance according to a generator of the first addition cyclic group and the signature master public key; the first element of the multiplication loop group is stored.
In one embodiment, the application signature module 702 further includes: when digital signature acquisition is triggered, randomly generating a signature password; converting the data type of the signature password from an integer type to a byte string type; sending the user identification and the converted signature password to a key generation center, and determining a signature identity credential by the key generation center according to the user identification and the converted signature password; the range of values of the signature password is a positive integer smaller than the order of the multiplication cycle group.
In one embodiment, the application signature module 702 further includes: based on a first password hash function, generating a function identifier and the order of a multiplication cycle group according to a user identifier and a private key to obtain a first temporary variable; obtaining a second temporary variable according to the first temporary variable and the signature main private key; and obtaining the signature identity credential according to the second temporary variable, the signature password and the generator of the first addition cycle group.
In one embodiment, determining the signature module 706 includes: generating a random number according to the order of the multiplication cycle group; obtaining a second element of the multiplication cycle group according to the first element of the multiplication cycle group and the random number; and based on the second cryptographic hash function, obtaining the first part of the digital signature according to the message string to be signed, the second element of the multiplication cycle group and the order of the multiplication cycle group.
In one embodiment, determining the signature module 706 includes: calculating an intermediate variable; when the intermediate variable is 0, skipping to a step of generating a random number according to the order of the multiplication cycle group; and when the intermediate variable is not 0, calculating to obtain a second part of the digital signature according to the intermediate variable, the signature identity credential, the signature password and the generator of the first addition cycle group.
In one embodiment, the get elements module 704 further includes: the first element of the multiplicative cyclic group is obtained at any time before or after the user identification and the signing password are sent to the key generation center to apply for the signed identity credential.
Specific limitations on the SM9 digital signature generation apparatus can be found in the above limitations on the SM9 digital signature generation method, which are not described herein again. The respective modules in the SM9 digital signature generation apparatus described above can be implemented in whole or in part by software, hardware, and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a terminal, and its internal structure diagram may be as shown in fig. 8. The computer device includes a processor, a memory, a network interface, a display screen, and an input device connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a SM9 digital signature generation method. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.
Those skilled in the art will appreciate that the architecture shown in fig. 8 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the computer program:
when digital signature acquisition is triggered, sending a user identifier and a signature password to a key generation center to apply for a signature identity document; the key generation center calculates a signature identity credential according to the user identification and the signature password;
receiving a signature identity credential returned by the key generation center;
obtaining a first element of a multiplication cycle group;
determining a first portion of a digital signature;
obtaining a second part of the digital signature according to the signature identity credential and the signature password;
a digital signature is output based on the first portion of the digital signature and the second portion of the digital signature.
In one embodiment, the processor, when executing the computer program, further performs the steps of: before obtaining the first element of the multiplication cycle group, the method further comprises: obtaining a first element of the multiplication cyclic group based on bilinear pairwise operation in advance according to a generator of the first addition cyclic group and the signature master public key; the first element of the multiplication loop group is stored.
In one embodiment, the processor, when executing the computer program, further performs the steps of: when digital signature acquisition is triggered, sending a user identification and a signature password to a key generation center to apply for a signature identity document, comprising: when digital signature acquisition is triggered, randomly generating a signature password; converting the data type of the signature password from an integer type to a byte string type; sending the user identification and the converted signature password to a key generation center, and determining a signature identity credential by the key generation center according to the user identification and the converted signature password; the range of values of the signature password is a positive integer smaller than the order of the multiplication cycle group.
In one embodiment, the processor, when executing the computer program, further performs the steps of: the key generation center calculates the signature identity credential according to the user identification and the signature password, and comprises the following steps: based on a first password hash function, generating a function identifier and the order of a multiplication cycle group according to a user identifier and a private key to obtain a first temporary variable; obtaining a second temporary variable according to the first temporary variable and the signature main private key; and obtaining the signature identity credential according to the second temporary variable, the signature password and the generator of the first addition cycle group.
In one embodiment, the processor, when executing the computer program, further performs the steps of: determining a first portion of a digital signature, comprising: generating a random number according to the order of the multiplication cycle group; obtaining a second element of the multiplication cycle group according to the first element of the multiplication cycle group and the random number; and based on the second cryptographic hash function, obtaining the first part of the digital signature according to the message string to be signed, the second element of the multiplication cycle group and the order of the multiplication cycle group.
In one embodiment, the processor, when executing the computer program, further performs the steps of: deriving a second portion of the digital signature from the signed identity credential and the signed password, comprising: calculating an intermediate variable; when the intermediate variable is 0, skipping to a step of generating a random number according to the order of the multiplication cycle group; and when the intermediate variable is not 0, calculating to obtain a second part of the digital signature according to the intermediate variable, the signature identity credential, the signature password and the generator of the first addition cycle group.
In one embodiment, the processor, when executing the computer program, further performs the steps of: the first element of the multiplicative cyclic group is obtained at any time before or after the user identification and the signing password are sent to the key generation center to apply for the signed identity credential.
In one embodiment, a computer-readable storage medium is provided, having a computer program stored thereon, which when executed by a processor, performs the steps of:
when digital signature acquisition is triggered, sending a user identifier and a signature password to a key generation center to apply for a signature identity document; the key generation center calculates a signature identity credential according to the user identification and the signature password;
receiving a signature identity credential returned by the key generation center;
obtaining a first element of a multiplication cycle group;
determining a first portion of a digital signature;
obtaining a second part of the digital signature according to the signature identity credential and the signature password;
a digital signature is output based on the first portion of the digital signature and the second portion of the digital signature.
In one embodiment, the computer program when executed by the processor further performs the steps of: before obtaining the first element of the multiplication cycle group, the method further comprises: obtaining a first element of the multiplication cyclic group based on bilinear pairwise operation in advance according to a generator of the first addition cyclic group and the signature master public key; the first element of the multiplication loop group is stored.
In one embodiment, the computer program when executed by the processor further performs the steps of: when digital signature acquisition is triggered, sending a user identification and a signature password to a key generation center to apply for a signature identity document, comprising: when digital signature acquisition is triggered, randomly generating a signature password; converting the data type of the signature password from an integer type to a byte string type; sending the user identification and the converted signature password to a key generation center, and determining a signature identity credential by the key generation center according to the user identification and the converted signature password; the range of values of the signature password is a positive integer smaller than the order of the multiplication cycle group.
In one embodiment, the computer program when executed by the processor further performs the steps of: the key generation center calculates the signature identity credential according to the user identification and the signature password, and further comprises: based on a first password hash function, generating a function identifier and the order of a multiplication cycle group according to a user identifier and a private key to obtain a first temporary variable; obtaining a second temporary variable according to the first temporary variable and the signature main private key; and obtaining the signature identity credential according to the second temporary variable, the signature password and the generator of the first addition cycle group.
In one embodiment, the computer program when executed by the processor further performs the steps of: determining a first portion of a digital signature, comprising: generating a random number according to the order of the multiplication cycle group; obtaining a second element of the multiplication cycle group according to the first element of the multiplication cycle group and the random number; and based on the second cryptographic hash function, obtaining the first part of the digital signature according to the message string to be signed, the second element of the multiplication cycle group and the order of the multiplication cycle group.
In one embodiment, the computer program when executed by the processor further performs the steps of: deriving a second portion of the digital signature from the signed identity credential and the signed password, comprising: calculating an intermediate variable; when the intermediate variable is 0, skipping to a step of generating a random number according to the order of the multiplication cycle group; and when the intermediate variable is not 0, calculating to obtain a second part of the digital signature according to the intermediate variable, the signature identity credential, the signature password and the generator of the first addition cycle group.
In one embodiment, the computer program when executed by the processor further performs the steps of: the first element of the multiplicative cyclic group is obtained at any time before or after the user identification and the signing password are sent to the key generation center to apply for the signed identity credential.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (10)

1. A SM9 digital signature generation method, the method comprising:
when digital signature acquisition is triggered, sending a user identifier and a signature password to a key generation center to apply for a signature identity document; the key generation center calculates the signature identity credential according to the user identification and the signature password;
receiving the signature identity credential returned by the key generation center;
obtaining a first element of a multiplication cycle group;
determining a first portion of a digital signature;
obtaining a second part of the digital signature according to the signature identity credential and the signature password;
outputting a digital signature based on the first portion of the digital signature and the second portion of the digital signature.
2. The method of claim 1, wherein obtaining the first element of the multiplication cycle group further comprises, prior to:
obtaining a first element of the multiplication cyclic group based on bilinear pairwise operation in advance according to a generator of the first addition cyclic group and the signature master public key;
storing a first element of the multiplication loop group.
3. The method of claim 1, wherein sending the user identification and the signing password to a key generation center for signing of the identity document when triggering digital signature acquisition comprises:
when digital signature acquisition is triggered, randomly generating a signature password;
converting the data type of the signature password from an integer type to a byte string type;
sending the user identification and the converted signature password to a key generation center, and determining a signature identity credential by the key generation center according to the user identification and the converted signature password; the value range of the signature password is a positive integer smaller than the order of the multiplication cycle group.
4. The method of claim 1, wherein the key generation center calculates the signed identity credential from the user identification and the signed password, comprising:
based on a first password hash function, generating a function identifier and the order of the multiplication cycle group according to the user identifier and the private key to obtain a first temporary variable;
obtaining a second temporary variable according to the first temporary variable and the signature main private key;
and obtaining a signature identity credential according to the second temporary variable, the signature password and the generator of the first addition cyclic group.
5. The method of claim 1, wherein determining the first portion of the digital signature comprises:
generating a random number according to the order of the multiplication cycle group;
obtaining a second element of the multiplication cycle group according to the first element of the multiplication cycle group and the random number;
and based on a second cryptographic hash function, obtaining a first part of the digital signature according to the message string to be signed, a second element of the multiplication cycle group and the order of the multiplication cycle group.
6. The method of claim 5, wherein obtaining the second portion of the digital signature from the signed identity credential and the signed password comprises:
calculating an intermediate variable; when the intermediate variable is 0, skipping to a step of generating a random number according to the order of the multiplication cycle group;
and when the intermediate variable is not 0, calculating to obtain a second part of the digital signature according to the intermediate variable, the signature identity credential, the signature password and the generator of the first addition cycle group.
7. The method of claim 2, wherein the first element of the multiplicative cyclic group is obtained at any time before or after sending the user identification and the signing password to the key generation center for application for signing of the identity credential.
8. An SM9 digital signature generation apparatus, the apparatus comprising:
the signature applying module is used for sending a user identifier and a signature password to the secret key generating center to apply for signing the identity document when the digital signature is triggered to be acquired; the key generation center calculates the signature identity credential according to the user identification and the signature password; receiving the signature identity credential returned by the key generation center;
an obtaining element module, configured to obtain a first element of a multiplication cycle group;
a determine signature module to determine a first portion of a digital signature; obtaining a second part of the digital signature according to the signature identity credential and the signature password;
and the output signature module is used for outputting the digital signature according to the first part of the digital signature and the second part of the digital signature.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method of any of claims 1 to 7 are implemented when the computer program is executed by the processor.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 7.
CN202010041962.7A 2020-01-15 2020-01-15 SM9 digital signature generation method and device, computer equipment and storage medium Pending CN111262704A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010041962.7A CN111262704A (en) 2020-01-15 2020-01-15 SM9 digital signature generation method and device, computer equipment and storage medium
PCT/CN2020/137523 WO2021143456A1 (en) 2020-01-15 2020-12-18 Sm9 digital signature generation method and apparatus, computer device, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010041962.7A CN111262704A (en) 2020-01-15 2020-01-15 SM9 digital signature generation method and device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
CN111262704A true CN111262704A (en) 2020-06-09

Family

ID=70954056

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010041962.7A Pending CN111262704A (en) 2020-01-15 2020-01-15 SM9 digital signature generation method and device, computer equipment and storage medium

Country Status (2)

Country Link
CN (1) CN111262704A (en)
WO (1) WO2021143456A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113055161A (en) * 2021-03-09 2021-06-29 武汉大学 Mobile terminal authentication method and system based on SM2 and SM9 digital signature algorithms
CN113127912A (en) * 2021-05-07 2021-07-16 杭州天谷信息科技有限公司 Method and system for data confidentiality and publication
WO2021143456A1 (en) * 2020-01-15 2021-07-22 江苏芯盛智能科技有限公司 Sm9 digital signature generation method and apparatus, computer device, and storage medium
CN114640440A (en) * 2020-12-16 2022-06-17 华为技术有限公司 Distributed threshold signature method and device
CN115001711A (en) * 2022-06-10 2022-09-02 成都卫士通信息产业股份有限公司 Information signature method and device, electronic equipment and computer readable storage medium
CN115314208A (en) * 2022-07-04 2022-11-08 武汉理工大学 Safe and controllable SM9 digital signature generation method and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106936584A (en) * 2017-03-08 2017-07-07 平顶山学院 A kind of building method without CertPubKey cryptographic system
CN107579819A (en) * 2017-09-13 2018-01-12 何德彪 A kind of SM9 digital signature generation method and system
CN108599950A (en) * 2018-04-09 2018-09-28 北京无字天书科技有限公司 The implementation method of security protocol is downloaded in a kind of user key application suitable for SM9 id passwords
CN109039611A (en) * 2018-08-31 2018-12-18 北京海泰方圆科技股份有限公司 Decruption key segmentation and decryption method, device, medium based on SM9 algorithm
CN109039656A (en) * 2018-09-19 2018-12-18 深圳奥联信息安全技术有限公司 SM9 Combination with Digital endorsement method, device and computer equipment
CN110166239A (en) * 2019-06-04 2019-08-23 成都卫士通信息产业股份有限公司 Private key for user generation method, system, readable storage medium storing program for executing and electronic equipment

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7664957B2 (en) * 2004-05-20 2010-02-16 Ntt Docomo, Inc. Digital signatures including identity-based aggregate signatures
CN107438005B (en) * 2017-06-21 2020-01-14 深圳奥联信息安全技术有限公司 SM9 joint digital signature method and device
CN110011802B (en) * 2019-02-27 2021-07-06 武汉大学 Efficient method and system for cooperatively generating digital signature by two parties of SM9
CN110557260B (en) * 2019-08-26 2020-08-04 武汉理工大学 SM9 digital signature generation method and device
CN110505061B (en) * 2019-09-06 2022-05-03 北京天诚安信科技股份有限公司 Digital signature algorithm and system
CN111262704A (en) * 2020-01-15 2020-06-09 江苏芯盛智能科技有限公司 SM9 digital signature generation method and device, computer equipment and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106936584A (en) * 2017-03-08 2017-07-07 平顶山学院 A kind of building method without CertPubKey cryptographic system
CN107579819A (en) * 2017-09-13 2018-01-12 何德彪 A kind of SM9 digital signature generation method and system
CN108599950A (en) * 2018-04-09 2018-09-28 北京无字天书科技有限公司 The implementation method of security protocol is downloaded in a kind of user key application suitable for SM9 id passwords
CN109039611A (en) * 2018-08-31 2018-12-18 北京海泰方圆科技股份有限公司 Decruption key segmentation and decryption method, device, medium based on SM9 algorithm
CN109039656A (en) * 2018-09-19 2018-12-18 深圳奥联信息安全技术有限公司 SM9 Combination with Digital endorsement method, device and computer equipment
CN110166239A (en) * 2019-06-04 2019-08-23 成都卫士通信息产业股份有限公司 Private key for user generation method, system, readable storage medium storing program for executing and electronic equipment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
袁峰等: ""SM9标识密码算法综述"", 《信息安全研究》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021143456A1 (en) * 2020-01-15 2021-07-22 江苏芯盛智能科技有限公司 Sm9 digital signature generation method and apparatus, computer device, and storage medium
CN114640440A (en) * 2020-12-16 2022-06-17 华为技术有限公司 Distributed threshold signature method and device
CN114640440B (en) * 2020-12-16 2023-11-17 华为技术有限公司 Distributed threshold signature method and device
CN113055161A (en) * 2021-03-09 2021-06-29 武汉大学 Mobile terminal authentication method and system based on SM2 and SM9 digital signature algorithms
CN113055161B (en) * 2021-03-09 2021-11-26 武汉大学 Mobile terminal authentication method and system based on SM2 and SM9 digital signature algorithms
CN113127912A (en) * 2021-05-07 2021-07-16 杭州天谷信息科技有限公司 Method and system for data confidentiality and publication
CN115001711A (en) * 2022-06-10 2022-09-02 成都卫士通信息产业股份有限公司 Information signature method and device, electronic equipment and computer readable storage medium
CN115001711B (en) * 2022-06-10 2024-01-30 成都卫士通信息产业股份有限公司 Information signing method, device, electronic equipment and computer readable storage medium
CN115314208A (en) * 2022-07-04 2022-11-08 武汉理工大学 Safe and controllable SM9 digital signature generation method and system
CN115314208B (en) * 2022-07-04 2024-04-02 武汉理工大学 Safe and controllable SM9 digital signature generation method and system

Also Published As

Publication number Publication date
WO2021143456A1 (en) 2021-07-22

Similar Documents

Publication Publication Date Title
CN111628868B (en) Digital signature generation method and device, computer equipment and storage medium
CN111262704A (en) SM9 digital signature generation method and device, computer equipment and storage medium
CA2808701C (en) Authenticated encryption for digital signatures with message recovery
US20120096274A1 (en) Authenticated encryption for digital signatures with message recovery
US9800418B2 (en) Signature protocol
CN109450640B (en) SM 2-based two-party signature method and system
US7000110B1 (en) One-way function generation method, one-way function value generation device, proving device, authentication method, and authentication device
US20120243680A1 (en) Incorporating data into an ecdsa signature component
CN109861826B (en) Method and device for realizing bidirectional proxy re-signature
CN110781140B (en) Method, device, computer equipment and storage medium for signing data in blockchain
CN111147245A (en) Algorithm for encrypting by using national password in block chain
CN112906038B (en) Thresholding processing method, device and equipment based on SM9 key and storage medium
CN109039656A (en) SM9 Combination with Digital endorsement method, device and computer equipment
CA2669472C (en) Compressed ecdsa signatures
CN112118113A (en) Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm
CN110932865B (en) Linkable ring signature generation method based on SM2 digital signature algorithm
CN110505061B (en) Digital signature algorithm and system
CN109618348B (en) Method and device for realizing one-way proxy re-signature
US20150006900A1 (en) Signature protocol
CN110798313B (en) Secret dynamic sharing-based collaborative generation method and system for number containing secret
Chande et al. An improvement of a elliptic curve digital signature algorithm
WO2023093278A1 (en) Digital signature thresholding method and apparatus
WO2016187689A1 (en) Signature protocol
CN110932866B (en) Ring signature generation method based on SM2 digital signature algorithm
EP4208982A1 (en) Method for electronic signing and authenticaton strongly linked to the authenticator factors possession and knowledge

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200609

RJ01 Rejection of invention patent application after publication