CN112769571A - Constant-length lattice group signature method and device, storage medium and electronic device - Google Patents

Constant-length lattice group signature method and device, storage medium and electronic device Download PDF

Info

Publication number
CN112769571A
CN112769571A CN202011562019.7A CN202011562019A CN112769571A CN 112769571 A CN112769571 A CN 112769571A CN 202011562019 A CN202011562019 A CN 202011562019A CN 112769571 A CN112769571 A CN 112769571A
Authority
CN
China
Prior art keywords
signature
group
constant
length
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011562019.7A
Other languages
Chinese (zh)
Inventor
罗琴
张俊杰
李润静
张壮
熊琼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gree Electric Appliances Inc of Zhuhai
Zhuhai Lianyun Technology Co Ltd
Original Assignee
Gree Electric Appliances Inc of Zhuhai
Zhuhai Lianyun Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gree Electric Appliances Inc of Zhuhai, Zhuhai Lianyun Technology Co Ltd filed Critical Gree Electric Appliances Inc of Zhuhai
Priority to CN202011562019.7A priority Critical patent/CN112769571A/en
Publication of CN112769571A publication Critical patent/CN112769571A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key

Abstract

The application discloses a constant-length lattice group signature method and device, a storage medium and an electronic device. Wherein, the method comprises the following steps: receiving a signature request, wherein the signature request is used for requesting constant-length lattice group signature; in response to the signature request, the constant-length lattice group signature is realized by adopting a trapdoor-free signature technology, the scheme can completely eliminate the influence of the number of group members on the signature length, realize the constant size of the signature length, greatly shorten the public-private key length and the signature length, solve the technical problem of longer group signature length in the related technology and improve the signature and verification efficiency.

Description

Constant-length lattice group signature method and device, storage medium and electronic device
Technical Field
The present application relates to the field of data security, and in particular, to a constant-length lattice group signature method and apparatus, a storage medium, and an electronic apparatus.
Background
Group signatures are widely used in trusted computing platforms, auction protocols or privacy protection mechanisms for public transportation users, digital management of copyrights, anonymous online communications and e-commerce systems, based on better anonymity and traceability. Since the group members can be signed on behalf of the whole group, the problem of correlation of signature length with the number of group members is inevitable. When there are more group members, the signature length is also outside the acceptable range. Especially in the case of the lattice-based cipher, the length of the group signature is intolerable because of the large parameters of the cipher system.
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the application provides a constant-length lattice group signature method and device, a storage medium and an electronic device, and aims to at least solve the technical problem of long group signature length in the related technology.
According to an aspect of an embodiment of the present application, there is provided a constant-length lattice group signature method, including: receiving a signature request, wherein the signature request is used for requesting constant-length lattice group signature; and responding to the signature request, and realizing constant-length lattice group signature by adopting trapdoor-free signature technology.
Optionally, when implementing the constant-length lattice group signature by using the trapdoor-free signature technology, implementing the constant-length lattice group signature by running a group key generation algorithm, a group signature verification algorithm, and a group membership opening algorithm.
Optionally, when a group key generation algorithm is operated, obtaining security parameters and the number of group members; running a trapdoor generation algorithm, and generating a verification key according to the security parameters and the number of the group members; running a sampling algorithm to generate private keys of all group members, and distributing the private keys to the group members; generating a key pair for an administrator, wherein the key pair comprises a public key and a private key of the administrator; and generating a group public key according to the verification key, the private key of the group member and the key pair of the administrator.
Optionally, when the group signature generation algorithm is operated, the public key of the group members is encrypted by using the encryption public key in the group public key to obtain an encryption public key of the identity; and performing two times of signature on the two selected elements and the encrypted identity public key by using a trapdoor-free signature scheme to obtain a signature result.
Optionally, when the group signature verification algorithm is run, the signature result is verified using a trapdoor-free signature verification scheme.
Optionally, when the group membership opening algorithm is operated, distance calculation is performed on the encryption result, and bits in the encryption result are restored one by one according to a set distance range to obtain a decryption result; and verifying the decryption result by adopting a trapdoor-free signature verification scheme.
Optionally, after verifying the decryption result by using a trapdoor-free signature verification scheme, tracing the actual group member signed by the verification result.
According to another aspect of the embodiments of the present application, there is also provided a constant-length lattice group signature apparatus, including: the system comprises a request unit, a signature unit and a processing unit, wherein the request unit is used for receiving a signature request which is used for requesting constant-length lattice group signature; and the signature unit is used for responding to the signature request and realizing constant-length lattice group signature by adopting a trapdoor-free signature technology.
Optionally, the signature unit is further configured to implement constant-length lattice group signature by running a group key generation algorithm, a group signature verification algorithm, and a group membership opening algorithm when implementing constant-length lattice group signature by using a trapdoor-free signature technique.
Optionally, the signature unit is further configured to obtain a security parameter and a group member number when the group key generation algorithm is run; running a trapdoor generation algorithm, and generating a verification key according to the security parameters and the number of the group members; running a sampling algorithm to generate private keys of all group members, and distributing the private keys to the group members; generating a key pair for an administrator, wherein the key pair comprises a public key and a private key of the administrator; and generating a group public key according to the verification key, the private key of the group member and the key pair of the administrator.
Optionally, the signature unit is further configured to encrypt the public identity key of the group member by using an encryption public key in the group public key when the group signature generation algorithm is run, so as to obtain an encrypted public identity key; and performing two times of signature on the two selected elements and the encrypted identity public key by using a trapdoor-free signature scheme to obtain a signature result.
Optionally, the signature unit is further configured to verify the signature result using a trapdoor-free signature verification scheme when the group signature verification algorithm is executed.
Optionally, the signature unit is further configured to perform distance calculation on the encrypted result when the group membership opening algorithm is run, and recover bits in the encrypted result one by one according to a set distance range to obtain a decrypted result; and verifying the decryption result by adopting a trapdoor-free signature verification scheme.
Optionally, the signature unit is further configured to trace back the actual group member signed by the verification result after the decryption result is verified by using a trapdoor-free signature verification scheme.
According to another aspect of the embodiments of the present application, there is also provided a storage medium including a stored program which, when executed, performs the above-described method.
According to another aspect of the embodiments of the present application, there is also provided an electronic device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor executes the above method through the computer program.
In the embodiment of the application, a signature request is received, and the signature request is used for requesting constant-length lattice group signature; in response to the signature request, the constant-length lattice group signature is realized by adopting a trapdoor-free signature technology, the scheme can completely eliminate the influence of the number of group members on the signature length, realize the constant size of the signature length, greatly shorten the public-private key length and the signature length, solve the technical problem of longer group signature length in the related technology and improve the signature and verification efficiency.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
FIG. 1 is a flow chart of an alternative constant length lattice group signature method according to an embodiment of the present application;
FIG. 2 is a schematic diagram of an alternative constant length lattice group signature scheme according to an embodiment of the present application;
FIG. 3 is a schematic diagram of an alternative constant length lattice group signature scheme in accordance with embodiments of the present application;
FIG. 4 is a schematic diagram of an alternative constant length lattice group signature scheme in accordance with embodiments of the present application;
FIG. 5 is a schematic diagram of an alternative constant length lattice group signature scheme in accordance with embodiments of the present application;
FIG. 6 is a schematic diagram of an alternative constant length lattice group signature scheme in accordance with embodiments of the present application;
FIG. 7 is a schematic diagram of an alternative constant length lattice group signature apparatus in accordance with embodiments of the present application;
and
fig. 8 is a block diagram of a terminal according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Lattice group signatures (lattice-based group signatures) are the basic elements of passwords that are currently more active. In lattice group signatures, each group member can be anonymously signed on behalf of the entire group, and each legitimate group signature can be traced back to its true signer. Unfortunately, the length of the group signature is always strongly related to the number of group members and the security parameters, and in order to overcome the above problems, according to an aspect of the embodiments of the present application, an embodiment of a constant length lattice group signature method is provided.
The scheme is based on the Lyubashevsky signature (the first lattice-based signature scheme without trapdoors proposed in 2012 is optimized by a series of people to form a system, and the system is abbreviated as Lyubashevsky signature in the present embodiment) and a new lattice group signature is designed by constructing a new mode of encrypting mixed signatures, the new design scheme enables the signature length to be irrelevant to the number of group members, greatly shortens the public and private key length and the signature length, and improves the signature and verification efficiency.
Fig. 1 is a flowchart of an alternative constant-length lattice group signature method according to an embodiment of the present application, which may include the following steps, as shown in fig. 1:
step S1, receiving a signature request, where the signature request is used to request constant length radix group signature.
And step S2, responding to the signature request, and realizing constant-length lattice group signature by adopting a trapdoor-free signature technology.
Optionally, when implementing the constant-length lattice group signature by using the trapdoor-free signature technology, implementing the constant-length lattice group signature by running a group key generation algorithm, a group signature verification algorithm, and a group membership opening algorithm.
Optionally, when a group key generation algorithm is operated, obtaining security parameters and the number of group members; running a trapdoor generation algorithm, and generating a verification key according to the security parameters and the number of the group members; running a sampling algorithm to generate private keys of all group members, and distributing the private keys to the group members; generating a key pair for an administrator, wherein the key pair comprises a public key and a private key of the administrator; and generating a group public key according to the verification key, the private key of the group member and the key pair of the administrator.
Optionally, when the group signature generation algorithm is operated, the public key of the group members is encrypted by using the encryption public key in the group public key to obtain an encryption public key of the identity; and performing two times of signature on the two selected elements and the encrypted identity public key by using a trapdoor-free signature scheme to obtain a signature result.
Optionally, when the group signature verification algorithm is run, the signature result is verified using a trapdoor-free signature verification scheme.
Optionally, when the group membership opening algorithm is operated, distance calculation is performed on the encryption result, and bits in the encryption result are restored one by one according to a set distance range to obtain a decryption result; and verifying the decryption result by adopting a trapdoor-free signature verification scheme.
Optionally, after verifying the decryption result by using a trapdoor-free signature verification scheme, tracing the actual group member signed by the verification result.
Through the steps, a signature request is received, and the signature request is used for requesting constant-length lattice group signature; in response to the signature request, the constant-length lattice group signature is realized by adopting a trapdoor-free signature technology, the scheme can completely eliminate the influence of the number of group members on the signature length, realize the constant size of the signature length, greatly shorten the public-private key length and the signature length, solve the technical problem of longer group signature length in the related technology and improve the signature and verification efficiency.
The scheme firstly proposes the group signature based on the Lyubashevsky signature, so that the whole signature and verification process is simplified and quick, and the signature length is short; the method greatly shortens the length of the public key and the private key by improving the trapdoor generation algorithm for the first time; the constant-length group signature is generated by constructing a new mode of encrypting the mixed signature for the first time, and the correlation between the number of group members and the signature length is eliminated; the signature verification is added on the basis of decryption for the first time to realize double guarantee of tracing back a real signer, and compared with the first Ling scheme, namely the constant-length lattice group signature scheme based on zero knowledge of Ducas-Micciancy signature (with trapdoor), the second constant-length lattice group signature method has obvious advantages in key length and signature length. As an alternative example, as shown in fig. 2, the following further details the technical solution of the present application with reference to specific embodiments.
The scheme realizes new constant-length lattice group signatures through four algorithms, namely a group key generation algorithm, a group signature verification algorithm and a group member identity opening algorithm.
Before introducing the group key generation algorithm, a trapdoor generation algorithm (a method for generating a short basis, namely a trapdoor which can be a weak point of an attack, namely a short vector basis) is given at Rq(integer polynomial ring modulus the quotient ring modulus q of the subring generated by the circular polynomial): will ZqThe upper n x m dimensional matrix is partitioned by transposing and then left-multiplied by (1, x, …, x)n-1) Conversion to RqThe last element.
In the group key generation algorithm (input security parameter and number of members, output private key of group member, master private key of manager, and group public key) as shown in fig. 3, it is assumed that λ is security parameter and N is number of group members. The manager operates the trap door firstGenerating algorithm variant generating verification key (A, B, mu) for Lyubashevsky signature of one of the main parts of the group public key, and then running sampling algorithm generated by trap door to generate all private keys gsk [ i ] of the group members]And assign it to the group members. The administrator then uses the RLWE assumption (a difficult problem on the lattice, so far, the lattice-based cryptographic scheme based on the RLWE assumption performs best) to generate a public private key ((a, b), s) for the LPR encryption scheme (proposed in 2010 based on the lattice IND-CCA, where IND-CCA is an indistinguishable security against ciphertext attacks), where the private key becomes the master private key of the administrator for opening the signer identity. The group public key, taking into account the group member's own public key
Figure BDA0002860699240000061
Master private key of manager gmsk ═ s, group member private key
Figure BDA0002860699240000062
Wherein gsk [ i]=(xi1,xi2)。
In the group signature generation algorithm (input of signed information, signature member private key, group public key, output of group signature) as shown in fig. 4, in order to sign information μ, a group member pi first signs a group member identity public key g using an LPR encryption public key of the group public keyπBinary of (c) represents g'πEncryption is performed. Then from RqIs uniformly distributed [ -B, B [ ]]mTwo elements are randomly chosen, and then the signing is carried out twice by adopting a Lyubashevsky signing mode. Unlike the Lyubashevsky signature output hash value, where the hash value combines the previously encrypted results: and (2) encrypting the binary system of one hash value (the hash value can be directly verified by using the public key of the group member) again, then hashing the encryption result and the other hash value again, wherein the final hash result is used for the last rejection sampling of the Lyubashevsky signature (a common method for generating the expected probability distribution starting from any probability distribution) and outputting a partial result of the Lyubashevsky signature. The final output signature contains all the encrypted results as well as the second hash value and the partial result of the lyubaschevsky signature.
In the group signature verification algorithm (inputting signed information, signature and group public key, outputting acceptance or rejection, and as a result, judging whether the signature corresponds to the signed information and the group public key) as shown in fig. 5, the Lyubashevsky signature verification algorithm is basically used: the method comprises the steps of firstly calculating a public hash value, then judging whether the hash value meets an input result, and finally verifying a sampling rejection range.
In the group membership opening algorithm (input signed information, signature, group public key and manager master private key, output group membership. the result may determine whether the signed information and signature were generated by the output group member) as shown in fig. 6, the manager first decrypts the encrypted result: firstly, distance calculation is carried out, bits of the encrypted information are restored one by one according to a set distance range, and then the bits are converted into a general form. Then, a verification process of the Lyubashevsky signature is carried out on the decrypted result.
It should be noted that, for simplicity of description, the above-mentioned method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present application is not limited by the order of acts described, as some steps may occur in other orders or concurrently depending on the application. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required in this application.
Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present application.
According to another aspect of the embodiments of the present application, there is also provided a constant-length lattice group signature apparatus for implementing the constant-length lattice group signature method. Fig. 7 is a schematic diagram of an alternative constant-length lattice group signature apparatus according to an embodiment of the present application, which may include, as shown in fig. 7:
a request unit 71, configured to receive a signature request, where the signature request is used to request a constant-length lattice group signature; and the signature unit 73 is used for responding to the signature request and realizing the constant-length lattice group signature by adopting a trapdoor-free signature technology.
It should be noted that the request unit 71 in this embodiment may be configured to execute step S1 in this embodiment, and the signature unit 73 in this embodiment may be configured to execute step S2 in this embodiment.
Receiving a signature request through the module, wherein the signature request is used for requesting constant-length lattice group signature; in response to the signature request, the constant-length lattice group signature is realized by adopting a trapdoor-free signature technology, the scheme can completely eliminate the influence of the number of group members on the signature length, realize the constant size of the signature length, greatly shorten the public-private key length and the signature length, solve the technical problem of longer group signature length in the related technology and improve the signature and verification efficiency.
Optionally, the signature unit is further configured to implement constant-length lattice group signature by running a group key generation algorithm, a group signature verification algorithm, and a group membership opening algorithm when implementing constant-length lattice group signature by using a trapdoor-free signature technique.
Optionally, the signature unit is further configured to obtain a security parameter and a group member number when the group key generation algorithm is run; running a trapdoor generation algorithm, and generating a verification key according to the security parameters and the number of the group members; running a sampling algorithm to generate private keys of all group members, and distributing the private keys to the group members; generating a key pair for an administrator, wherein the key pair comprises a public key and a private key of the administrator; and generating a group public key according to the verification key, the private key of the group member and the key pair of the administrator.
Optionally, the signature unit is further configured to encrypt the public identity key of the group member by using an encryption public key in the group public key when the group signature generation algorithm is run, so as to obtain an encrypted public identity key; and performing two times of signature on the two selected elements and the encrypted identity public key by using a trapdoor-free signature scheme to obtain a signature result.
Optionally, the signature unit is further configured to verify the signature result using a trapdoor-free signature verification scheme when the group signature verification algorithm is executed.
Optionally, the signature unit is further configured to perform distance calculation on the encrypted result when the group membership opening algorithm is run, and recover bits in the encrypted result one by one according to a set distance range to obtain a decrypted result; and verifying the decryption result by adopting a trapdoor-free signature verification scheme.
Optionally, the signature unit is further configured to trace back the actual group member signed by the verification result after the decryption result is verified by using a trapdoor-free signature verification scheme.
It should be noted here that the modules described above are the same as the examples and application scenarios implemented by the corresponding steps, but are not limited to the disclosure of the above embodiments. It should be noted that the modules as a part of the apparatus may run in a corresponding hardware environment, and may be implemented by software, or may be implemented by hardware, where the hardware environment includes a network environment.
According to another aspect of the embodiments of the present application, there is also provided a server or a terminal for implementing the constant-length lattice group signature method.
Fig. 8 is a block diagram of a terminal according to an embodiment of the present application, and as shown in fig. 8, the terminal may include: one or more processors 201 (only one shown), memory 203, and transmission means 205, as shown in fig. 8, the terminal may further comprise an input-output device 207.
The memory 203 may be configured to store software programs and modules, such as program instructions/modules corresponding to the constant-length cell group signature method and apparatus in the embodiment of the present application, and the processor 201 executes various functional applications and data processing by running the software programs and modules stored in the memory 203, so as to implement the constant-length cell group signature method. The memory 203 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 203 may further include memory located remotely from the processor 201, which may be connected to the terminal over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device 205 is used for receiving or sending data via a network, and can also be used for data transmission between a processor and a memory. Examples of the network may include a wired network and a wireless network. In one example, the transmission device 205 includes a Network adapter (NIC) that can be connected to a router via a Network cable and other Network devices to communicate with the internet or a local area Network. In one example, the transmission device 205 is a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
Wherein the memory 203 is specifically used for storing application programs.
The processor 201 may call the application stored in the memory 203 via the transmission means 205 to perform the following steps:
receiving a signature request, wherein the signature request is used for requesting constant-length lattice group signature; and responding to the signature request, and realizing constant-length lattice group signature by adopting trapdoor-free signature technology.
The processor 201 is further configured to perform the following steps:
when a group key generation algorithm is operated, acquiring security parameters and the number of group members; running a trapdoor generation algorithm, and generating a verification key according to the security parameters and the number of the group members; running a sampling algorithm to generate private keys of all group members, and distributing the private keys to the group members; generating a key pair for an administrator, wherein the key pair comprises a public key and a private key of the administrator; and generating a group public key according to the verification key, the private key of the group member and the key pair of the administrator.
Optionally, the specific examples in this embodiment may refer to the examples described in the above embodiments, and this embodiment is not described herein again.
It can be understood by those skilled in the art that the structure shown in fig. 8 is only an illustration, and the terminal may be a terminal device such as a smart phone (e.g., an Android phone, an iOS phone, etc.), a tablet computer, a palm computer, and a Mobile Internet Device (MID), a PAD, etc. Fig. 8 is a diagram illustrating a structure of the electronic device. For example, the terminal may also include more or fewer components (e.g., network interfaces, display devices, etc.) than shown in FIG. 8, or have a different configuration than shown in FIG. 8.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by a program instructing hardware associated with the terminal device, where the program may be stored in a computer-readable storage medium, and the storage medium may include: flash disks, Read-Only memories (ROMs), Random Access Memories (RAMs), magnetic or optical disks, and the like.
Embodiments of the present application also provide a storage medium. Alternatively, in this embodiment, the storage medium may be a program code for executing a constant-length lattice group signature method.
Optionally, in this embodiment, the storage medium may be located on at least one of a plurality of network devices in a network shown in the above embodiment.
Optionally, in this embodiment, the storage medium is configured to store program code for performing the following steps:
receiving a signature request, wherein the signature request is used for requesting constant-length lattice group signature; and responding to the signature request, and realizing constant-length lattice group signature by adopting trapdoor-free signature technology.
Optionally, the storage medium is further arranged to store program code for performing the steps of:
when a group key generation algorithm is operated, acquiring security parameters and the number of group members; running a trapdoor generation algorithm, and generating a verification key according to the security parameters and the number of the group members; running a sampling algorithm to generate private keys of all group members, and distributing the private keys to the group members; generating a key pair for an administrator, wherein the key pair comprises a public key and a private key of the administrator; and generating a group public key according to the verification key, the private key of the group member and the key pair of the administrator.
Optionally, the specific examples in this embodiment may refer to the examples described in the above embodiments, and this embodiment is not described herein again.
Optionally, in this embodiment, the storage medium may include, but is not limited to: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.
The integrated unit in the above embodiments, if implemented in the form of a software functional unit and sold or used as a separate product, may be stored in the above computer-readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or a part of or all or part of the technical solution contributing to the prior art may be embodied in the form of a software product stored in a storage medium, and including instructions for causing one or more computer devices (which may be personal computers, servers, network devices, or the like) to execute all or part of the steps of the method described in the embodiments of the present application.
In the above embodiments of the present application, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the several embodiments provided in the present application, it should be understood that the disclosed client may be implemented in other manners. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one type of division of logical functions, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The foregoing is only a preferred embodiment of the present application and it should be noted that those skilled in the art can make several improvements and modifications without departing from the principle of the present application, and these improvements and modifications should also be considered as the protection scope of the present application.

Claims (10)

1. A constant-length lattice group signature method is characterized by comprising the following steps:
receiving a signature request, wherein the signature request is used for requesting constant-length lattice group signature;
and responding to the signature request, and realizing constant-length lattice group signature by adopting trapdoor-free signature technology.
2. The method of claim 1, wherein implementing a constant-length lattice group signature by employing trapdoor-free signature techniques comprises:
the constant-length lattice group signature is realized by operating a group key generation algorithm, a group signature verification algorithm and a group member identity opening algorithm.
3. The method of claim 2, wherein running a group key generation algorithm comprises:
acquiring security parameters and the number of group members;
running a trapdoor generation algorithm, and generating a verification key according to the security parameters and the number of the group members;
running a sampling algorithm to generate private keys of all group members, and distributing the private keys to the group members;
generating a key pair for an administrator, wherein the key pair comprises a public key and a private key of the administrator;
and generating a group public key according to the verification key, the private key of the group member and the key pair of the administrator.
4. The method of claim 2, wherein running a group signature generation algorithm comprises:
encrypting the identity public key of the group member by using an encryption public key in the group public key to obtain an encrypted identity public key;
and performing two times of signature on the two selected elements and the encrypted identity public key by using a trapdoor-free signature scheme to obtain a signature result.
5. The method of claim 2, wherein running a group signature verification algorithm comprises:
and verifying the signature result by using a trapdoor-free signature verification scheme.
6. The method of claim 2, wherein running a group membership opening algorithm comprises:
performing distance calculation on the encryption result, and recovering the bits in the encryption result one by one according to a set distance range to obtain a decryption result;
and verifying the decryption result by adopting a trapdoor-free signature verification scheme.
7. The method of claim 6, wherein after verifying the decryption result using a trapdoor-free signature verification scheme, the method further comprises:
and tracing the actual group members signed through the verification result.
8. A constant-length trellis group signature apparatus, comprising:
the system comprises a request unit, a signature unit and a processing unit, wherein the request unit is used for receiving a signature request which is used for requesting constant-length lattice group signature;
and the signature unit is used for responding to the signature request and realizing constant-length lattice group signature by adopting a trapdoor-free signature technology.
9. A storage medium, characterized in that the storage medium comprises a stored program, wherein the program when executed performs the method of any of the preceding claims 1 to 7.
10. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor executes the method of any of the preceding claims 1 to 7 by means of the computer program.
CN202011562019.7A 2020-12-25 2020-12-25 Constant-length lattice group signature method and device, storage medium and electronic device Pending CN112769571A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011562019.7A CN112769571A (en) 2020-12-25 2020-12-25 Constant-length lattice group signature method and device, storage medium and electronic device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011562019.7A CN112769571A (en) 2020-12-25 2020-12-25 Constant-length lattice group signature method and device, storage medium and electronic device

Publications (1)

Publication Number Publication Date
CN112769571A true CN112769571A (en) 2021-05-07

Family

ID=75695674

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011562019.7A Pending CN112769571A (en) 2020-12-25 2020-12-25 Constant-length lattice group signature method and device, storage medium and electronic device

Country Status (1)

Country Link
CN (1) CN112769571A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103209413A (en) * 2013-01-29 2013-07-17 无锡南理工科技发展有限公司 Threshold tracking Ad Hoc network anonymous authentication method free of trusted center
CN106357410A (en) * 2016-10-10 2017-01-25 中山大学 Method for building subliminal channel on lattice signature without one-way trap door
US20170366349A1 (en) * 2016-06-16 2017-12-21 International Business Machines Corporation Proofs of Plaintext Knowledge and Group Signatures Incorporating Same
US20170366358A1 (en) * 2016-06-16 2017-12-21 International Business Machines Corporation Authentication Via Group Signatures
CN109756877A (en) * 2018-12-05 2019-05-14 西安电子科技大学 A kind of anti-quantum rapid authentication and data transmission method of magnanimity NB-IoT equipment
CN109831306A (en) * 2019-01-15 2019-05-31 如般量子科技有限公司 Anti- quantum calculation ring signatures method and system based on multiple pool of keys
CN111030809A (en) * 2019-11-28 2020-04-17 南京邮电大学 Lattice attribute-based signature method capable of supporting LSSS matrix

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103209413A (en) * 2013-01-29 2013-07-17 无锡南理工科技发展有限公司 Threshold tracking Ad Hoc network anonymous authentication method free of trusted center
US20170366349A1 (en) * 2016-06-16 2017-12-21 International Business Machines Corporation Proofs of Plaintext Knowledge and Group Signatures Incorporating Same
US20170366358A1 (en) * 2016-06-16 2017-12-21 International Business Machines Corporation Authentication Via Group Signatures
CN106357410A (en) * 2016-10-10 2017-01-25 中山大学 Method for building subliminal channel on lattice signature without one-way trap door
CN109756877A (en) * 2018-12-05 2019-05-14 西安电子科技大学 A kind of anti-quantum rapid authentication and data transmission method of magnanimity NB-IoT equipment
CN109831306A (en) * 2019-01-15 2019-05-31 如般量子科技有限公司 Anti- quantum calculation ring signatures method and system based on multiple pool of keys
CN111030809A (en) * 2019-11-28 2020-04-17 南京邮电大学 Lattice attribute-based signature method capable of supporting LSSS matrix

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
QIN LUO: "A New Constant-Size Group Signature Scheme From Lattices", 《IEEE ACCESS》 *

Similar Documents

Publication Publication Date Title
CN111639361B (en) Block chain key management method, multi-person common signature method and electronic device
US10880100B2 (en) Apparatus and method for certificate enrollment
CN102007727B (en) Method for distributing encryption means
US11374975B2 (en) TLS integration of post quantum cryptographic algorithms
CN113691502B (en) Communication method, device, gateway server, client and storage medium
Velliangiri et al. An efficient lightweight privacy-preserving mechanism for industry 4.0 based on elliptic curve cryptography
CN111294203B (en) Information transmission method
KR20110129961A (en) A method for secure communication in a network, a communication device, a network and a computer program therefor
CN114157415A (en) Data processing method, computing node, system, computer device and storage medium
CN114584306B (en) Data processing method and related device
CN111783136A (en) Data protection method, device, equipment and storage medium
Abdel-Kader et al. Efficient two-stage cryptography scheme for secure distributed data storage in cloud computing.
CN114553590A (en) Data transmission method and related equipment
CN112100144A (en) Block chain file sharing method and device, storage medium and electronic equipment
Goel et al. LEOBAT: Lightweight encryption and OTP based authentication technique for securing IoT networks
CN114268447B (en) File transmission method and device, electronic equipment and computer readable medium
CN111949996A (en) Generation method, encryption method, system, device and medium of security private key
Ogunleye et al. Elliptic Curve Cryptography Performance Evaluation for Securing Multi-Factor Systems in a Cloud Computing Environment
CN114282254A (en) Encryption and decryption method and device, and electronic equipment
CN112769571A (en) Constant-length lattice group signature method and device, storage medium and electronic device
Nguyen et al. Authentication and Encryption algorithms for data security in Cloud computing: A comprehensive review.
CN115277074B (en) Encryption and decryption method, device, equipment and storage medium
CN115460020B (en) Data sharing method, device, equipment and storage medium
CN115134093B (en) Digital signature method and computing device
CN117478302B (en) Block chain-based privacy node identity verification method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20210507