CN112069547A - Supply chain responsibility main body identity authentication method and system - Google Patents

Supply chain responsibility main body identity authentication method and system Download PDF

Info

Publication number
CN112069547A
CN112069547A CN202010743844.0A CN202010743844A CN112069547A CN 112069547 A CN112069547 A CN 112069547A CN 202010743844 A CN202010743844 A CN 202010743844A CN 112069547 A CN112069547 A CN 112069547A
Authority
CN
China
Prior art keywords
private key
signature
identity
responsibility
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010743844.0A
Other languages
Chinese (zh)
Other versions
CN112069547B (en
Inventor
孙传恒
李文勇
徐大明
邢斌
杨琨
杨信廷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Research Center for Information Technology in Agriculture
Original Assignee
Beijing Research Center for Information Technology in Agriculture
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Research Center for Information Technology in Agriculture filed Critical Beijing Research Center for Information Technology in Agriculture
Priority to CN202010743844.0A priority Critical patent/CN112069547B/en
Publication of CN112069547A publication Critical patent/CN112069547A/en
Application granted granted Critical
Publication of CN112069547B publication Critical patent/CN112069547B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Accounting & Taxation (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Finance (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention provides a method and a system for authenticating the identity of a supply chain responsibility main body, which comprises the following steps: generating a public-private key pair of the responsibility main body according to the identity of the responsibility main body and the user password, wherein the public-private key pair comprises a system main private key and a system main public key; generating a signature private key according to a system main private key and a user identifier; carrying out digital signature encryption on user data of a responsibility main body by using a signature private key to obtain signature data; and verifying the signature data by using the identity identification. According to the supply chain responsibility main body identity authentication method and system provided by the embodiment of the invention, the password set by the user is added when the system main private key and the signature private key are generated, and the signature is carried out after the user identification and the user password are subjected to double verification when the signature is used, so that the safety of the main private key and the signature private key is improved, and the problems of inaccurate verification or user data leakage can be effectively prevented.

Description

Supply chain responsibility main body identity authentication method and system
Technical Field
The invention relates to the technical field of block chains, in particular to a method and a system for authenticating identities of responsibility bodies of a supply chain.
Background
Identity information in the agricultural product informatization tracing system is dispersed in each system, each system needs a user to fill in identity information for registration and real-name authentication (KYC authentication for short), and the system needs to set a specially-assigned person for auditing and confirming the registration information, which wastes time of the user and also consumes manpower, financial resources and material resources of the platform where the system is located. With the development of blockchain services, a secure digital identity authentication system needs to be established, so that users can use their own digital identities in distributed applications with different blockchains.
Digital Identity (DI), also known as Digital identifier, is information that uniquely identifies an entity. The digital identity should be composed of information that the entity cannot repudiate, such as an identifiable name, an email, an identification number, a telephone number, etc. of the entity. The digital identity is also the code representation of real identity information through digital identification, and is responsible for connecting the physical object of the physical world and the object of the digital world. The next generation of internet is an era of comprehensive digitalization, and organizations, enterprises, individuals, various commodities, even various equipment objects and the like in the real world need to have identities representing themselves in the digital world in a digital environment.
The digital identity may be represented using an identification code, such as an organization code, a corporate unified credit code, a personal identification number, a cell phone number, an email address, a merchandise barcode, various types of coding, and the like. With the advent of the blockchain era, the use of unified digital identities has become the basis for blockchain world data sharing and exchange.
However, at present, when identity authentication is performed on a principal of an agricultural product supply chain, the problem of inconsistency between the physical identity and the digital identity of an accessor of a node of the agricultural product supply chain exists, and the authenticity of a responsible principal and the effectiveness of information transmission cannot be effectively traced.
Disclosure of Invention
The embodiment of the invention provides a method and a system for authenticating the identity of a supply chain responsibility main body, which are used for overcoming the defects of poor safety and confidentiality of user data in the prior art and realizing the method for authenticating the identity of the supply chain responsibility main body reasonably, efficiently and safely on the basis of enhancing the safety protection of the user data.
In a first aspect, an embodiment of the present invention provides a method for authenticating an identity of a principal responsible for supply chain, which mainly includes: generating a public-private key pair of the responsibility main body according to the identity of the responsibility main body and the user password, wherein the public-private key pair comprises a system main private key and a system main public key; generating a signature private key according to a system main private key and a user identifier; carrying out digital signature encryption on user data of a responsibility main body by using a signature private key to obtain signature data; and verifying the signature data by using the identity identification.
Optionally, the generating a public-private key pair of the responsibility main body according to the identity and the user password of the responsibility main body mainly includes: and performing one-time hash encryption on the identity of the responsible body and the user password by using a key generation center to generate a public-private key pair, and issuing a system master public key to the block chain for public.
Optionally, the generating a signature private key according to the system master private key and the user identifier mainly includes: and performing secondary hash encryption on the system master private key and the user identification by using a key generation center to generate a signature private key.
Optionally, the performing digital signature encryption on the user data of the responsible party by using the signature private key to obtain the signature data includes:
s31, calculating a group G related to the user dataTWherein the element g, g ═ e (P)1,Ppub-8) (ii) a Element g represents the intermediate encryption result; e represents a slave group G1×G2To group GTBilinear pair of, G1And G2Representing a group of addition cycles, GTFor multiplication loop groups, group G1、G2And GTHave the same order; p1Presentation groupG1Is generated from Ppub-8Represents a system master private key;
s32, generating a random number r, r epsilon [1, N-1 ∈](ii) a r represents a random number selected within a predetermined range, and N represents a group G1、G2And GTThe order of (a);
s33, calculating group GTWherein the element w, w ═ grConverting the data type of w into a bit string; w represents a component of the ciphertext;
s34, calculating the certificate H, H ═ H2(M | | w, N); h denotes a certificate, H2() Representing a safe hash function, wherein M represents a bit string corresponding to user data, and a symbol | | | represents an association operation relation;
s35, calculating certificate l, l ═ r (r-h) mod N; if l is 0, the process returns to step S32; if l ≠ 0, then it proceeds to step S36;
s36, calculating group G1Wherein S, S ═ l]dsA;dsARepresents the private signature key, [ l ]]dsADenotes the sum of l and dsAPerforming dot product operation;
s37, obtaining the signature data K, K ═ h, S.
Optionally, the verifying the signature data by using the identity identifier mainly includes:
setting the signature data to be verified as K ', K ═ h', S ', and setting a bit string corresponding to the user data to be verified as M';
s41, checking whether h' belongs to [1, N-1] or not; if the verification result is not true, the verification is not passed; if yes, go to step S42;
s42, converting the data type of S 'into a point on an elliptic curve, and checking that S' belongs to G1Whether the result is true or not; if the verification result is not true, the verification is not passed; if yes, go to step S43;
s43, calculating group GTWherein the element g, g ═ e (P)1,P’pub-8);P’pub-8Representing a system master public key;
s44, calculating group GTWherein t, t ═ gh
S45, calculating the certificate h1,h1=H1(IDA||hid,N);IDAIdentity representing the user, hid representing the certificate id; h1() Representing a secure hash function;
s46, calculating group G2The element P, P ═ h in1]P2+P’pub-s;P2Represents group G2Of (2) a generator of'pub-sRepresenting a system master public key;
s47, calculating group GTThe element (u) in (b), u ═ e (S', P);
s48, calculating group GTThe element w ', w ═ u · t, the data type of w' is converted into a bit string; u and t respectively represent the components of the main private key of the system;
s49, calculating the certificate h2=H2(M '| w', N), test h2Whether h' holds; if yes, the verification is passed; otherwise, the verification is not passed.
Optionally, the identity authentication method for the supply chain responsibility subject provided in the embodiment of the present invention may further include: based on the SM9 algorithm, a public-private key pair of the responsibility main body is generated according to the identity of the responsibility main body and the user password, and a signature private key is generated according to the system main private key and the user identity.
Alternatively, the user identification may be: the mark is constructed by a file comprising information of enterprise name, social uniform credit code, address, legal representative and the like.
In a second aspect, an embodiment of the present invention further provides a system for authenticating an identity of a principal responsible for supply chain, which mainly includes: public-private key generating unit, signature private key generating unit, encrypting unit and verifying unit, wherein: the public-private key generation unit is mainly used for generating a public-private key pair of the responsibility main body according to the identity of the responsibility main body and the user password, wherein the public-private key pair comprises a system main private key and a system main public key; the signature private key generating unit is mainly used for generating a signature private key according to a system master private key and a user identifier; the encryption unit is mainly used for carrying out digital signature encryption on user data of a responsible subject by using a signature private key to obtain signature data; the verification unit is mainly used for verifying the signature data by using the identity identification.
In a third aspect, an embodiment of the present invention further provides an electronic device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor executes the computer program to implement the steps of the method for authenticating an identity of a principal responsible for supply chain as described in any one of the above.
In a fourth aspect, the present invention further provides a non-transitory computer readable storage medium, on which a computer program is stored, which when executed by a processor, implements the steps of the supply chain responsibility entity identity authentication method as described in any one of the above.
According to the supply chain responsibility main body identity authentication method and system provided by the embodiment of the invention, the password set by the user is added when the system main private key and the signature private key are generated, and the signature is carried out after the user identification and the user password are subjected to double verification when the signature is used, so that the safety of the main private key and the signature private key is improved, and the problems of inaccurate verification or user data leakage can be effectively prevented.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of an identity authentication method for a supply chain responsibility subject according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a system for authenticating identity of a principal responsible for supply chain according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the invention provides a method for authenticating the identity of a responsibility subject of a supply chain, which comprises the following steps of:
step S1: generating a public-private key pair of a responsibility main body according to an identity of the responsibility main body and a user password, wherein the public-private key pair comprises a system main private key and a system main public key;
step S2: generating a signature private key according to the system master private key and the user identification;
step S3: carrying out digital signature encryption on user data of a responsibility main body by using the signature private key to obtain signature data;
step S3: and verifying the signature data by using the identity identification.
Step S1 may be regarded as a process of performing a primary encryption based on the blockchain technique by using the user password as the id of the responsible party; the identity of the responsibility main body can be information which is used for identity recognition and is exclusive to the responsibility main body, such as a mobile phone number, an identity card number, a tracing code, an enterprise unified credit code, an email address, a commodity bar code and the like of the responsibility main body. Generally, the id and the person main body are in a one-to-one correspondence relationship, that is, any id can be used to correspondingly obtain the responsible main body corresponding to the id.
The block chain algorithm for generating the public-private key pair of the responsibility subject may be an identity cryptographic method based on domestic SM2, SM3 or SM9, and the embodiment of the present invention is not particularly limited. Specifically, the Key Generation Center (KGC) of the block chain may be used. The KGC is a trusted authority system which is responsible for selecting system parameters, generating a master key and generating a user private key, when the digital identity is generated by using the system private key, the system master key is a key at the topmost layer of a hierarchical structure of identification cipher keys and mainly comprises a system master private key and a system master public key, wherein the system master public key is used for being published to a block chain in a public mode, and the system master private key is encrypted by the KGC and then handed to a user for secret storage. In the identification password, a system main private key is generated by the KGC through a random number generator, and a system main public key is generated by the system main private key and system parameters.
It should be noted that: when the system main private key is generated, the user password is added, the system main private key and the system main public key are generated one by one through the identity and the password, and the system main private key and the system main public key are dynamically changed along with encryption time and times, so that the main private key is ensured to have the attribute set by the user, and the safety of the main private key is improved.
In step S2, after generating the public-private key pair, the method for authenticating the identity of the responsibility main body of the supply chain according to the embodiment of the present invention further encrypts the main private key of the system for the second time, and in the encryption process, in addition to adding the user password, the main private key of the system can be further combined with the user identifier to solve the problem of inconsistency between the physical identity and the digital identity of the user at the agricultural product supply chain node, thereby ensuring that the physical identity of the user corresponds to the digital identity. The user identifier is identification information uniquely corresponding to each user, for example: fingerprint information, pupil information, signature information, stamp information, etc., and the embodiment of the present invention is not particularly limited thereto. The method for generating the signature private key by using the system main private key and the user identification is a one-secret one-signature mode and is dynamically changed, so that the authenticity and the credibility of the digital identity can be ensured.
Step S3 can be regarded as a step of digitally signing user data with the 2-time encrypted private key constructed in the previous step, i.e., the private signature key. Because the signature private key used in the step simultaneously comprises the password of the user, the identity identification information and the user identification information, the security and the privacy of the user data are effectively improved on the basis of ensuring the one-to-one correspondence between the digital signature and the user identity.
Step S4 may be regarded as a step of verifying the encrypted user data. In the verification process, the verification of the signature data can be realized only by using the identification as the basis of digital identity identification, digital signature and digital verification in the world of the Internet of things, and the verification steps are simplified on the premise of ensuring the verification accuracy.
According to the supply chain responsibility main body identity authentication method provided by the embodiment of the invention, the password set by the user is added when the system main private key and the signature private key are generated, and the signature is carried out after the user identification and the user password are subjected to double verification when the signature is used, so that the safety of the main private key and the signature private key is improved, and the problems of inaccurate verification or user data leakage can be effectively prevented.
Based on the content of the foregoing embodiment, as an optional embodiment, the generating a public-private key pair of a responsibility main according to an identity and a user password of the responsibility main may include: and performing one-time hash encryption on the identity of the responsible body and the user password by using a key generation center to generate a public-private key pair, and issuing a system master public key to the block chain for public.
Specifically, the whole steps can be divided into two aspects of hashing and encryption, wherein the hashing (Hash) is to convert a target text (i.e. a text corresponding to an identity and a user password) into an irreversible Hash character string (or called a message digest) with the same length; encryption (Encrypt) is to convert the target text into a reversible ciphertext with a different length. The encryption algorithm in the present invention may be based on the cryptographic keys SM2, SM3, SM9, etc., and the embodiment of the present invention is not particularly limited.
The identity authentication method for the responsibility body of the supply chain provided by the embodiment of the invention combines the user password on the basis of the existing responsibility body encryption based on the state passwords SM2, SM3 or SM9 and the like, thereby further ensuring the security of user data.
Based on the content of the foregoing embodiment, as an optional embodiment, the generating a signature private key according to a system master private key and a user identifier may include: and performing secondary hash encryption on the system master private key and the user identification by using a key generation center to generate a signature private key.
Specifically, in the embodiment of the present invention, the KGC is used to perform secondary encryption on the system master private key, including performing secondary encryption on the system master private key obtained in the previous step in combination with the user identifier, so that the signature private key after secondary encryption includes not only the password information set by the user, the user identification information, but also the user identification information as a key, and on the basis of providing sufficient security and confidentiality for the user data, the problem of inaccurate verification or user data leakage is effectively prevented.
Optionally, in the process of secondary encryption, another user password may be further set, and multiple layers of password protection are adopted to further enhance the security of data.
Based on the content of the foregoing embodiment, as an optional embodiment, the performing digital signature encryption on the user data of the responsible party by using the signature private key to obtain the signature data may include the following steps:
s31, calculating a group G related to the user dataTWherein the element g, g ═ e (P)1,Ppub-8) (ii) a Element g represents the intermediate encryption result; e represents a slave group G1×G2To group GTBilinear pair of, G1And G2Representing a group of addition cycles, GTFor multiplication loop groups, group G1、G2And GTHave the same order; p1Represents group G1Is generated from Ppub-8Represents a system master private key;
s32, generating a random number r, r epsilon [1, N-1 ∈](ii) a r represents a random number selected within a predetermined range, and N represents a group G1、G2And GTThe order of (a);
s33, calculating group GTWherein the element w, w ═ grConverting the data type of w into a bit string; w represents a component of the ciphertext;
s34, calculating the certificate H, H ═ H2(M | | w, N); h denotes a certificate, H2() Representing a secure hash function, M representing corresponding to user dataThe symbol | | represents the correlation operation relationship;
s35, calculating certificate l, l ═ r (r-h) mod N; if l is 0, the process returns to step S32; if l ≠ 0, then it proceeds to step S36;
s36, calculating group G1Wherein S, S ═ l]dsA;dsARepresents the private signature key, [ l ]]dsADenotes the sum of l and dsAPerforming dot product operation;
s37, obtaining the signature data K, K ═ h, S.
Based on the content of the foregoing embodiment, as an optional embodiment, the verifying the signature data by using the identity may include the following steps:
for convenience of expression, the signature data to be verified is represented as K ', K ═ h', S ', and a bit string corresponding to the user data to be verified is represented as M';
s41, checking whether h' belongs to [1, N-1] or not; if the verification result is not true, the verification is not passed; if yes, go to step S42;
s42, converting the data type of S 'into a point on an elliptic curve, and checking that S' belongs to G1Whether the result is true or not; if the verification result is not true, the verification is not passed; if yes, go to step S43;
s43, calculating group GTWherein the element g, g ═ e (P)1,P’pub-8);P’pub-8Representing a system master public key;
s44, calculating group GTWherein t, t ═ gh
S45, calculating the certificate h1,h1=H1(IDA||hid,N);IDAIdentity representing the user, hid representing the certificate id; h1() Representing a secure hash function;
s46, calculating group G2The element P, P ═ h in1]P2+P’pub-s;P2Represents group G2Of (2) a generator of'pub-sRepresenting a system master public key;
s47, calculating group GTThe element (u) in (b), u ═ e (S', P);
s48, calculating group GTThe element w ', w ═ u · t, the data type of w' is converted into a bit string; u and t respectively represent the components of the main private key of the system;
s49, calculating the certificate h2=H2(M '| w', N), test h2Whether h' holds; if yes, the verification is passed; otherwise, the verification is not passed.
It should be noted that the identity authentication method for the responsibility subject of the supply chain provided by the embodiment of the present invention is an identification-based digital signature algorithm implemented by using an elliptic curve pair, wherein a signer of the algorithm holds an identification and a corresponding private signature key, and the private signature key is generated by combining a master private key of a system and a user identification of the signer by a key generation center. The signer generates a digital signature on the data by using the private signature key, and the verifier verifies the reliability of the signature by using the user identification of the signer.
Further, in the method for authenticating the identity of the responsibility subject of the supply chain provided by the embodiment of the present invention, before the generation and verification processes of the signature, the message M to be signed and the message M' to be verified are both compressed by using the cryptographic hash function.
Based on the content of the foregoing embodiment, as an optional embodiment, the method for authenticating an identity of a principal responsible for supply chain according to the embodiment of the present invention further includes: based on the SM9 algorithm, a public-private key pair of the responsibility main body is generated according to the identity of the responsibility main body and the user password, and a signature private key is generated according to the system main private key and the user identity.
The user identifier may be an identifier constructed by a file including information such as a business name, a social unified credit code, an address, and a legal representative.
In order to more clearly illustrate the implementation steps of the identity authentication method for the responsibility main body of the supply chain provided by the embodiment of the invention, in order to solve the problem of inconsistency between the physical identity and the digital identity of the supply chain main body in the agricultural product supply chain tracing, so as to ensure that the physical identity of an operator corresponds to the digital identity, when each tracing main body of the agricultural product supply chain is registered on a block chain, a file including information such as an enterprise name, a social unified credit code, an address, a legal representative and the like is created. In the following, a specific application of the embodiment of the present invention will be described with a mobile phone number of a registrant as a user identifier, including but not limited to the following steps:
step 1: method for generating signature private key
signPrivateKey=kgc.genPrivateKey(signMasterKeyPair.getPrivateKey(),id_A,userPasswd,PrivateKeyType.KEY_SIGN);
Wherein signPrivateKey: signing the private key;
gen privatekey (): KGC generates private key method;
signmasterkeypair. getprivatekey (): the signature key pair obtains a system private key;
id _ A: a logo, such as 13988888888;
userPasswd: a user password, which is 123456 by default;
PrivateKeyType: type of private key
KEY _ SIGN: signing the private key;
step 2: signature method
sm9.sign(signMasterKeyPair.getPublicKey(),signPrivateKey,M.getBytes());
Wherein, sm9.sign (): sm9signature method;
signmaasterkeypair. getplackey (): the signature key pair obtains a public key;
signPrivateKey: signing the private key;
m.getbytes (): acquiring a byte stream by information M needing signature;
and step 3: label checking method
sm9.verify(signMasterKeyPair.getPublicKey(),id_A,M.getBytes(),signature));
Wherein, sm9.verify (): sm9 verifies the signature method;
signmaasterkeypair. getplackey (): the signature key pair obtains a public key;
id _ A: a logo, such as 13988888888;
m.getbytes (): acquiring a byte stream by information M needing to verify a signature;
signature: the byte stream is signed.
The steps are specifically realized as follows:
(1) the parameters (SM9 current parameters) of SM9 were chosen as follows:
equation parameters b: 05
Curve parameter t: 600000000058F 98A
Base domain feature q: B640000002A 3A6F 1D 603AB4F F58EC 74521F 2934B 1A7AEEDB E56F9B 27E 351457D
Order of group N: B640000002A 3A6F 1D 603AB4F F58EC 74449F 2934B 18EA8BEE 56EE19C D69ECF25
Beta:B6400000 02A3A6F1 D603AB4F F58EC745 21F2934B 1A7AEEDB E56F9B27 E351457B
alpha0:00
alpha1:B6400000 02A3A6F1 D603AB4F F58EC745 21F2934B 1A7AEEDB E56F9B27 E351457C
Group G1 generated meta P1:
93DE051D 62BF718F F5ED0704 487D01D6 E1E40869 09DC3280 E8C4E481 7C66DDDD
21FE8DDA 4F21E607 63106512 5C395BBC 1C1C00CB FA602435 0C464CD7 0A3EA616
group G2 generated meta P2:
85AEF3D0 78640C98 597B6027 B441A01F F1DD2C19 0F5E93C4 54806C11 D8806141
37227552 92130B08 D2AAB97F D34EC120 EE265948 D19C17AB F9B7213B AF82D65B
17509B09 2E845C12 66BA0D26 2CBEE6ED 0736A96F A347C8BD 856DC76B 84EBEB96
A7CF28D5 19BE3DA6 5F317015 3D278FF2 47EFBA98 A71A0811 6215BBA5 C999A7C7
(2) the SM9signature process is as follows:
signature master key and user signature private key generation process:
sm9 master private key:
85D5C452 624E6220 90A331D2 512BF750 F32A90EC F766A8A9 845E78C0 CB6801E6
signature master public key Ppub-s:
sm9 master public key:
B26709A8 A3588E68 5972B6CF 56C739C5 4A79E221 0E6C9554 93C39F0F C1316753
4729FA93 1009D8BC 7140987B B6E8D2CC 170AD6DC E6022A85 5FDDF385 EE1CE9B8
80A48294 96BA8AC0 FA7FF1A6 E9F09452 EE650718 E2D9BDB0 49EA3358 803A9E35
6F80A6A6 B9934ADA 9627E1F1 8B214BD6 27517203 88951DA8 83856CA2 1470478C
identity of entity a IDA: 13988888888
16-ary representation of ID A: 3133393838383838383838
User password of 123456
16-ary representation of user password: 313233343536
Signature private key ds _ a:
SM9 private key:
64A7A691 C0632A27 0E960674 5E950262 63359A44 C1AADEF7 48C112E8 255BEA85
B11ADCC6 02FD0F7E CC26FCF7 766B8DF1 D7A99A5D AB832A22 C71FC39D 222E1ACE
and the message M to be signed: "company by limited";
16-ary representation of M:
2A2AE69C 89E99990 E585ACE5 8FB8
A1:g=e(P1,Ppub-8)
a2: a random number r is generated which is,
r=38463060478428560599688230304478404988338972700287671339516099073105502341613
A3:
w=[{x=25387407373577958128899537310510008106354296005288647593086786187779936494859,y=42689362163765392019091490002214494810671461627578390713146323229168452848078},
{x=39415410162262081548810966583637685570166404065576895886670655633049190747484,y=70143232134186640604394127098974540869178111263857364733016713409743389857872},
{x=40169016787753967686757293302447837021910497646059611771776930911049585987223,y=66409378642797489295186618554808979853838480827041913054783705834346139350886},
{x=29552723778864333757431552505862979469317059194030112118279102984868205513244,y=70270695051809392853612038836930468605767556256171923855264429729184936438930},
{x=77485204898453876845476007006929315905112531952154204079958743757480080133829,y=39831832785598908049173102649863610020865314294014422562854832309433818364089},
{x=81733983860896289520629489466185085659716647413422286199478502932331605258183,y=59820506918996338469936777769306187206009675201189565195451147683401588547802},]
A4:
h=5684319719326081095363488123625747275228985117062758645981298586619206522474
A5:
l=32778740759102479504324742180852657713109987583224912693534800486486295819139
A6:
s=42750716135002385234333160167459259417304341990806279140603252710584027288800,62326983540172281363013405571170190930565274372882444592220667151351682923762,0
A7:
h=5684319719326081095363488123625747275228985117062758645981298586619206522474
the signature of message M is (h, s): sm9signature:
h:0C913600 A76B4BF5 742F809F 40A305F7 0ECB0F28 EEBAAE88 98631A91 3DD1566A
s:5E840C40 57A9623D EBFD719C 42A80612 A7C3508C 452A7117 58BAF0C3 5EF994E0
89CBD293 028FD183 9B64DE2C 8E082A3C ADF65BBD B57279C7 FEA638F8 D86B7CF2
(3) the verification process is as follows:
b1 inspection
Whether h-5684319719326081095363488123625747275228985117062758645981298586619206522474 in 1,82434016654578246444830763105245969129316048019845143771873730126023764135717 is true or not
B2: check S2 true
B3:
G2=[{x=64270714525897213109976348658049162635611633464661501967467429514136259912038,y=7198933611403195494201844805727580599447136643211639368240224616690082697798},
{x=30542872938684341831572435760632268803848589464974587641808957363322247896028,y=70937393089228396994956748080764821105850249530366224304002055586102239391039},
{x=20893915644960652402727915126718410527017015990402852044587531822263893999191,y=24205433299081466643779386265960744913957040935941340759824201725943050866748},
{x=19115750410636842124886811823688111861744651529959974577554822522227818493810,y=9272787359247622645006675073285109721329542513716549877906499732354512285015},
{x=1463487778251251096036683988654861361187802949473946927010136190068736682232,y=62772827100998371456557207674727811442861965890217936278246713378653734992335},
{x=22860290645784724137498543031120676906887744361672612081600872326053349310277,y=15128902679593305958397014788450608278693066043256596795522394403396230705399},]
B4:
t=[{x=62144650951401636982696604912456979487261096560151434351238080578400841105940,y=8529849690266475148618504134395031604689629513703720334621651352985301619488},
{x=10337235488848171511204660805848448646242699943495391674465396001582104925338,y=63126627891429220567414992481354352083255980905022326324581788925106522479519},
{x=11111012966485206295664899268978519736347715501907754194407050632763282507303,y=33322778810983061842251918419569416204892158550528046413102359568235450647603}
{x=49354865534096654804410479841937826249959872768620208228354631603366940842194,y=50316584971276021151278262155477418860452443358156364694524359089801825426589}
{x=13426175445859155243369654124347779814265213773806439274881773759045323978081,y=18905225374638483307382241108366990676000093545432999225735547446555968080295}
{x=44884960495267794487568389686907532663979022092363585511691781778840921769798,y=21345562295621116108998638141542715733592536223093717574521704716679718858007}]。
B5:
h1=17747406270443163816538606729558334745986233638126423354797579868520096643064
B6:
P={x=20932823011935154144938787058169896994396671993155680136601491536962762835022,y=77238125973535556104201825990222313058931530462549924281874697199199442171550},{x=77686904348712971335785515411529252564005416194884699224489368102111309695122,y=57487846061866216313652706058355910770914281150977951454377955724771163349954},0
B7:
u=[{x=13844631013881838922959162113323859777944389820011841199076682808323358555087,y=61617086794026133545112892283754575962795429111588643334851124605802448285659},
{x=68283407124097367194678109867501777523005153016828271006978850700968360380464,y=30477861310634336326503105420404219890245256057922862417942766697943931289150},
{x=1825444314893073161949387977187769254744139222408986148946750593211768025449,y=12320743182806721627515424258933253387290570744805664680682971301620434901961},
{x=411268636388269395921672003756978951993245809081019153346552008019176936331,y=61571293667263499238202200894808137369118889224610980803474053092657245039344},
{x=17723399229627305093643822899594448170526308417815203456264949796368872016472,y=7835952639063379601604530078963415993842622435162714744535475519936410246416},
{x=12126549737973630771460196238386283890987092000469626928408395733269705620771,y=38828005045470939350052798939212628940513985750430418804177573271650835257347}],
B8:
w2=[{x=25387407373577958128899537310510008106354296005288647593086786187779936494859,y=42689362163765392019091490002214494810671461627578390713146323229168452848078},
{x=39415410162262081548810966583637685570166404065576895886670655633049190747484,y=70143232134186640604394127098974540869178111263857364733016713409743389857872},
{x=40169016787753967686757293302447837021910497646059611771776930911049585987223,y=66409378642797489295186618554808979853838480827041913054783705834346139350886},
{x=29552723778864333757431552505862979469317059194030112118279102984868205513244,y=70270695051809392853612038836930468605767556256171923855264429729184936438930},
{x=77485204898453876845476007006929315905112531952154204079958743757480080133829,y=39831832785598908049173102649863610020865314294014422562854832309433818364089},
{x=81733983860896289520629489466185085659716647413422286199478502932331605258183,y=59820506918996338469936777769306187206009675201189565195451147683401588547802}];
B9:
h2=5684319719326081095363488123625747275228985117062758645981298586619206522474
0C913600 A76B4BF5 742F809F 40A305F7 0ECB0F28 EEBAAE88 98631A91 3DD1566A
And (4) verification result: h2 verify OK.
The embodiment of the present invention further provides a system for authenticating the identity of a principal responsible for supply chain, as shown in fig. 2, which mainly includes: a public-private key generating unit 11, a signature private key generating unit 21, an encrypting unit 31, and a verifying unit 41. The public-private key generation unit 11 is configured to generate a public-private key pair of a responsibility subject according to an identity of the responsibility subject and a user password, where the public-private key pair includes a system master private key and a system master public key; the signature private key generating unit is used for generating a signature private key according to the system master private key and the user identification; the encryption unit is used for carrying out digital signature encryption on the user data of the responsibility main body by using the signature private key to obtain signature data; the verification unit is used for verifying the signature data by using the identity identification.
Specifically, in the identity authentication system for the responsibility main body of the supply chain provided by the embodiment of the present invention, the public-private key generation unit 11 is first utilized to perform a first encryption on the identity of the responsibility main body, so as to obtain the system main private key and the system main public key, and the user password is fused in the first encryption process, thereby effectively improving the security of the encryption. Then, the system master private key is secondarily encrypted by using the signature private key generation unit 21, and the signature private key of the user is acquired. In the process, the user identification is fused, so that the signature private key has the attribute set by the user, the security of the main private key is improved, and the correspondence between the digital signature and the user identity is realized. Further, the encryption unit 31 signs the user data with the private signature key, thereby realizing the digitization of the signature. Finally, verification of the signature data can be achieved by the verification unit 41 using the identity of the responsible party.
Further, the identity authentication system for the supply chain responsibility main body provided by the embodiment of the invention can be added with the password set by the user in specific application, is better than SM2, SM3 and SM9, and is suitable for the current use habit.
Furthermore, the identity authentication system for the responsibility main body of the supply chain provided by the embodiment of the invention can be applied to relevant equipment and software, and meanwhile, the system can be widely used for taking the identification as the basis of digital identity identification, digital signature and digital verification in the world of the Internet of things.
Further, the identity authentication system for the responsibility subject of the supply chain provided by the embodiment of the invention can be preset in a security, a device and a mobile phone APP, and can also be realized by adopting a computer system.
Furthermore, the identity authentication system for the responsibility main body of the supply chain provided by the embodiment of the invention can be widely applied to the digital world and is not limited to the Internet of things, the block chain, big data and the like.
According to the supply chain responsibility main body identity authentication system provided by the embodiment of the invention, the password set by the user is added when the system main private key and the signature private key are generated, and the signature is carried out after the user identification and the user password are subjected to double verification when the signature is used, so that the safety of the main private key and the signature private key is improved, and the problems of inaccurate verification or user data leakage can be effectively prevented.
It should be noted that the identity authentication system for the responsibility subject of the supply chain provided in the embodiment of the present invention, when being specifically executed, can be implemented based on the identity authentication method for the responsibility subject of the supply chain described in any one of the above embodiments, which is not described in detail in this embodiment.
Fig. 3 illustrates a physical structure diagram of an electronic device, which may include, as shown in fig. 3: a processor (processor)310, a communication Interface (communication Interface)320, a memory (memory)330 and a communication bus 340, wherein the processor 310, the communication Interface 320 and the memory 330 communicate with each other via the communication bus 340. The processor 310 may invoke logic instructions in the memory 330 to perform a supply chain liability principal identity authentication method comprising: generating a public-private key pair of the responsibility main body according to the identity of the responsibility main body and the user password, wherein the public-private key pair comprises a system main private key and a system main public key; generating a signature private key according to a system main private key and a user identifier; carrying out digital signature encryption on user data of a responsibility main body by using a signature private key to obtain signature data; and verifying the signature data by using the identity identification.
In addition, the logic instructions in the memory 330 may be implemented in the form of software functional units and stored in a computer readable storage medium when the software functional units are sold or used as independent products. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In another aspect, an embodiment of the present invention further provides a computer program product, where the computer program product includes a computer program stored on a non-transitory computer-readable storage medium, where the computer program includes program instructions, and when the program instructions are executed by a computer, the computer is capable of executing the method for authenticating a supply chain responsibility main body provided by the above-mentioned method embodiments, where the method includes: generating a public-private key pair of the responsibility main body according to the identity of the responsibility main body and the user password, wherein the public-private key pair comprises a system main private key and a system main public key; generating a signature private key according to a system main private key and a user identifier; carrying out digital signature encryption on user data of a responsibility main body by using a signature private key to obtain signature data; and verifying the signature data by using the identity identification.
In yet another aspect, an embodiment of the present invention further provides a non-transitory computer-readable storage medium, on which a computer program is stored, where the computer program is implemented by a processor to execute the method for identity authentication of a supply chain responsibility subject provided in the foregoing embodiments, and the method includes: generating a public-private key pair of the responsibility main body according to the identity of the responsibility main body and the user password, wherein the public-private key pair comprises a system main private key and a system main public key; generating a signature private key according to a system main private key and a user identifier; carrying out digital signature encryption on user data of a responsibility main body by using a signature private key to obtain signature data; and verifying the signature data by using the identity identification.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. A method for authenticating supply chain responsibility main body identity is characterized by comprising the following steps:
generating a public-private key pair of a responsibility main body according to an identity of the responsibility main body and a user password, wherein the public-private key pair comprises a system main private key and a system main public key;
generating a signature private key according to the system master private key and the user identification;
carrying out digital signature encryption on user data of a responsibility main body by using the signature private key to obtain signature data;
and verifying the signature data by using the identity identification.
2. The method for supply chain responsibility subject identity authentication according to claim 1, wherein the generating a public-private key pair of the responsibility subject according to the identity and the user password of the responsibility subject comprises:
and performing primary hash encryption on the identity of the responsibility main body and the user password by using a key generation center to generate the public-private key pair, and issuing the system main public key to a block chain for public.
3. The method for supply chain responsibility subject identity authentication according to claim 1, wherein the generating a signature private key according to the system master private key and a user identification comprises:
and performing secondary hash encryption on the system master private key and the user identification by using a key generation center to generate the signature private key.
4. The method for authenticating the identity of the responsibility body in the supply chain according to claim 1, wherein the step of encrypting the user data of the responsibility body by using the signature private key to obtain the signature data comprises the following steps:
s31, calculating a group G related to the user dataTWherein the element g, g ═ e (P)1,Ppub-8) (ii) a Element g represents the intermediate encryption result; e represents a slave group G1×G2To group GTBilinear pair of, G1And G2Representing a group of addition cycles, GTFor multiplication loop groups, group G1、G2And GTHave the same order; p1Represents group G1Generating element of,Ppub-8Represents a system master private key;
s32, generating a random number r, r epsilon [1, N-1 ∈](ii) a r represents a random number selected within a predetermined range, and N represents a group G1、G2And GTThe order of (a);
s33, calculating group GTWherein the element w, w ═ grConverting the data type of w into a bit string; w represents a component of the ciphertext;
s34, calculating the certificate H, H ═ H2(M | | w, N); h denotes a certificate, H2() Representing a safe hash function, wherein M represents a bit string corresponding to user data, and a symbol | | | represents an association operation relation;
s35, calculating certificate l, l ═ r (r-h) mod N; if l is 0, the process returns to step S32; if l ≠ 0, then it proceeds to step S36;
s36, calculating group G1Wherein S, S ═ l]dsA;dsARepresents the private signature key, [ l ]]dsADenotes the sum of l and dsAPerforming dot product operation;
s37, obtaining the signature data K, K ═ h, S.
5. The method for supply chain responsibility body identity authentication according to claim 4, wherein the verifying the signature data by using the identity comprises:
setting the signature data to be verified as K ', K ═ h', S ', and setting a bit string corresponding to the user data to be verified as M';
s41, checking whether h' belongs to [1, N-1] or not; if the verification result is not true, the verification is not passed; if yes, go to step S42;
s42, converting the data type of S 'into a point on an elliptic curve, and checking that S' belongs to G1Whether the result is true or not; if the verification result is not true, the verification is not passed; if yes, go to step S43;
s43, calculating group GTWherein the element g, g ═ e (P)1,P’pub-8);P’pub-8Representing a system master public key;
s44, calculating group GTWherein t, t ═ gh
S45, calculating the certificate h1,h1=H1(IDA||hid,N);IDAIdentity representing the user, hid representing the certificate id; h1() Representing a secure hash function;
s46, calculating group G2The element P, P ═ h in1]P2+P’pub-s;P2Represents group G2Of (2) a generator of'pub-sRepresenting a system master public key;
s47, calculating group GTThe element (u) in (b), u ═ e (S', P);
s48, calculating group GTThe element w ', w ═ u · t, the data type of w' is converted into a bit string; u and t respectively represent the components of the main private key of the system;
s49, calculating the certificate h2=H2(M '| w', N), test h2Whether h' holds; if yes, the verification is passed; otherwise, the verification is not passed.
6. The supply chain responsibility body identity authentication method according to claim 1, further comprising:
based on the SM9 algorithm, generating a public-private key pair of a responsibility subject according to the identity of the responsibility subject and a user password, and generating a signature private key according to the system master private key and the user identity.
7. The method of claim 1, wherein the user identifier is: and the mark is constructed by a file comprising the name of the enterprise, the social uniform credit code, the address and representative information of the legal person.
8. A system for supply chain liability entity identity authentication, comprising: the system comprises a public-private key generating unit, a signature private key generating unit, an encrypting unit and a verifying unit;
the public-private key generation unit is used for generating a public-private key pair of a responsibility main body according to an identity of the responsibility main body and a user password, and the public-private key pair comprises a system main private key and a system main public key;
the signature private key generating unit is used for generating a signature private key according to the system master private key and the user identification;
the encryption unit is used for carrying out digital signature encryption on the user data of the responsibility main body by using the signature private key to obtain signature data;
the verification unit is used for verifying the signature data by using the identity identification.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program performs the steps of the supply chain liability subject identity authentication method according to any of claims 1 to 7.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the supply chain liability principal identity authentication method according to any of claims 1 to 7.
CN202010743844.0A 2020-07-29 2020-07-29 Identity authentication method and system for supply chain responsibility main body Active CN112069547B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010743844.0A CN112069547B (en) 2020-07-29 2020-07-29 Identity authentication method and system for supply chain responsibility main body

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010743844.0A CN112069547B (en) 2020-07-29 2020-07-29 Identity authentication method and system for supply chain responsibility main body

Publications (2)

Publication Number Publication Date
CN112069547A true CN112069547A (en) 2020-12-11
CN112069547B CN112069547B (en) 2023-12-08

Family

ID=73656726

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010743844.0A Active CN112069547B (en) 2020-07-29 2020-07-29 Identity authentication method and system for supply chain responsibility main body

Country Status (1)

Country Link
CN (1) CN112069547B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112699394A (en) * 2021-01-13 2021-04-23 北卡科技有限公司 SM9 algorithm-based key application method
CN112712357A (en) * 2020-12-30 2021-04-27 普华云创科技(北京)有限公司 Multi-mechanism multi-chain multi-currency multi-account private key management method and system
CN112966291A (en) * 2021-04-13 2021-06-15 宁波和利时信息安全研究院有限公司 Identity management method, industrial control system and storage medium
CN113032814A (en) * 2021-04-28 2021-06-25 华南理工大学 Internet of things data management method and system
CN114499883A (en) * 2022-02-09 2022-05-13 浪潮云信息技术股份公司 Cross-organization identity authentication method and system based on block chain and SM9 algorithm
CN115242480A (en) * 2022-07-15 2022-10-25 京东方科技集团股份有限公司 Device access method, system and non-volatile computer storage medium
CN115412250A (en) * 2021-05-28 2022-11-29 浪潮卓数大数据产业发展有限公司 SM9 key generation center authentication method, device, equipment and medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014125206A1 (en) * 2013-02-15 2014-08-21 Orange Cryptographic method for generating a pair of user keys for an entity having a public identifier i, and system
CN108173639A (en) * 2018-01-22 2018-06-15 中国科学院数据与通信保护研究教育中心 A kind of two side's cooperation endorsement methods based on SM9 signature algorithms
CN108809658A (en) * 2018-07-20 2018-11-13 武汉大学 A kind of digital signature method and system of the identity base based on SM2
CN108989054A (en) * 2018-08-30 2018-12-11 武汉理工大学 A kind of cryptographic system and digital signature method
CN109951288A (en) * 2019-01-22 2019-06-28 中国科学院信息工程研究所 A kind of classification signature method and system based on SM9 Digital Signature Algorithm
CN110880977A (en) * 2019-11-26 2020-03-13 武汉大学 Safe and efficient SM9 ring signature generation and verification method
CN110896351A (en) * 2019-11-14 2020-03-20 湖南盾神科技有限公司 Identity-based digital signature method based on global hash
CN110912708A (en) * 2019-11-26 2020-03-24 武汉大学 Ring signature generation method based on SM9 digital signature algorithm
CN110943976A (en) * 2019-11-08 2020-03-31 中国电子科技网络信息安全有限公司 Password-based user signature private key management method
CN111010272A (en) * 2019-12-20 2020-04-14 武汉理工大学 Identification private key generation and digital signature method, system and device

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014125206A1 (en) * 2013-02-15 2014-08-21 Orange Cryptographic method for generating a pair of user keys for an entity having a public identifier i, and system
CN108173639A (en) * 2018-01-22 2018-06-15 中国科学院数据与通信保护研究教育中心 A kind of two side's cooperation endorsement methods based on SM9 signature algorithms
CN108809658A (en) * 2018-07-20 2018-11-13 武汉大学 A kind of digital signature method and system of the identity base based on SM2
CN108989054A (en) * 2018-08-30 2018-12-11 武汉理工大学 A kind of cryptographic system and digital signature method
CN109951288A (en) * 2019-01-22 2019-06-28 中国科学院信息工程研究所 A kind of classification signature method and system based on SM9 Digital Signature Algorithm
CN110943976A (en) * 2019-11-08 2020-03-31 中国电子科技网络信息安全有限公司 Password-based user signature private key management method
CN110896351A (en) * 2019-11-14 2020-03-20 湖南盾神科技有限公司 Identity-based digital signature method based on global hash
CN110880977A (en) * 2019-11-26 2020-03-13 武汉大学 Safe and efficient SM9 ring signature generation and verification method
CN110912708A (en) * 2019-11-26 2020-03-24 武汉大学 Ring signature generation method based on SM9 digital signature algorithm
CN111010272A (en) * 2019-12-20 2020-04-14 武汉理工大学 Identification private key generation and digital signature method, system and device

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
DAOJING HE 等: "Secure and efficient handover authentication based on bilinear pairing functions", IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, vol. 11, no. 1, pages 48 - 53, XP011398636, DOI: 10.1109/TWC.2011.110811.111240 *
IKRAM ALI 等: "A blockchain-based certificateless public key signature scheme for vehicle-to-infrastructure communication in VANETs", JOURNAL OF SYSTEMS ARCHITECTURE, vol. 99, pages 1 - 17 *
周才学: "基于证书的无双线性对的代理签名方案", 数学的实践与认识, vol. 45, no. 07, pages 199 - 208 *
王震 等: "可监管匿名认证方案", 软件学报, vol. 30, no. 06, pages 1705 - 1720 *
黄梦桥 等: "基于双线性配对的可验证签密方案", 计算机工程, vol. 30, no. 01, pages 1705 - 1720 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112712357A (en) * 2020-12-30 2021-04-27 普华云创科技(北京)有限公司 Multi-mechanism multi-chain multi-currency multi-account private key management method and system
CN112699394A (en) * 2021-01-13 2021-04-23 北卡科技有限公司 SM9 algorithm-based key application method
CN112699394B (en) * 2021-01-13 2022-11-25 北卡科技有限公司 SM9 algorithm-based key application method
CN112966291A (en) * 2021-04-13 2021-06-15 宁波和利时信息安全研究院有限公司 Identity management method, industrial control system and storage medium
CN113032814A (en) * 2021-04-28 2021-06-25 华南理工大学 Internet of things data management method and system
CN115412250A (en) * 2021-05-28 2022-11-29 浪潮卓数大数据产业发展有限公司 SM9 key generation center authentication method, device, equipment and medium
CN115412250B (en) * 2021-05-28 2024-05-10 浪潮卓数大数据产业发展有限公司 SM9 key generation center authentication method, device, equipment and medium
CN114499883A (en) * 2022-02-09 2022-05-13 浪潮云信息技术股份公司 Cross-organization identity authentication method and system based on block chain and SM9 algorithm
CN115242480A (en) * 2022-07-15 2022-10-25 京东方科技集团股份有限公司 Device access method, system and non-volatile computer storage medium

Also Published As

Publication number Publication date
CN112069547B (en) 2023-12-08

Similar Documents

Publication Publication Date Title
US11936774B2 (en) Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
CN112069547B (en) Identity authentication method and system for supply chain responsibility main body
CN106961336B (en) A kind of key components trustship method and system based on SM2 algorithm
CN113014392B (en) Block chain-based digital certificate management method, system, equipment and storage medium
US20150207621A1 (en) Method for creating asymmetrical cryptographic key pairs
CN107360002B (en) Application method of digital certificate
CN110138567A (en) A kind of collaboration endorsement method based on ECDSA
CN109039656A (en) SM9 Combination with Digital endorsement method, device and computer equipment
Gulati et al. Self-sovereign dynamic digital identities based on blockchain technology
CN111262691A (en) Identification private key generation and use method, system and device based on hybrid master key
CN115378623B (en) Identity authentication method, device, equipment and storage medium
CN112950356B (en) Personal loan processing method, system, equipment and medium based on digital identity
NL1043779B1 (en) Method for electronic signing and authenticaton strongly linked to the authenticator factors possession and knowledge
CN111082932B (en) Anti-repudiation identification private key generation and digital signature method, system and device
CN113300841B (en) Identity-based collaborative signature method and system
TW201714128A (en) Payment identification system and method for Internet of Things apparatus analyzing purchase request provided by Internet of Things apparatus through symmetrical encryption key shared with Internet of Things apparatus for generating intelligent device signature
CN118013559A (en) Seal data encryption security system based on blockchain data user character model
TW202230258A (en) Digital certificate processing method newly increases digital certificate in block chain through processing node
CN117714052A (en) Method for authentication, encryption and key exchange of manageable pseudonyms
Pancholi et al. Improve Security of Cloud Storage using Digital Signature

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant