CN100542091C - A kind of key generation method and system based on identity - Google Patents
A kind of key generation method and system based on identity Download PDFInfo
- Publication number
- CN100542091C CN100542091C CNB2006100902345A CN200610090234A CN100542091C CN 100542091 C CN100542091 C CN 100542091C CN B2006100902345 A CNB2006100902345 A CN B2006100902345A CN 200610090234 A CN200610090234 A CN 200610090234A CN 100542091 C CN100542091 C CN 100542091C
- Authority
- CN
- China
- Prior art keywords
- key
- user
- generates
- identity
- generator
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a kind of key generation method and system based on identity.Relate to computer communication and E-business applications field.There are key escrow problem and the insecure problem of safe lane in the prior art in order to solve, the invention provides a kind of key generation method based on identity, described method comprises the initialization system parameter, generates user profile, generates initial key, verifies initial key, generates the step of strengthening key and generating user key.The present invention also provides a kind of key generation system based on identity, and described system comprises the initialization system parameter module, generates subscriber information module, generates the initial key module, verifies the initial key module, generates and strengthen cipher key module and generate the user key module.Adopt technical scheme of the present invention to solve dependence and key escrow problem, effectively prevent the various attacks of pretending to be safe lane.
Description
Technical field
The present invention relates to computer communication and E-business applications field, particularly a kind of key generation method and system based on identity.
Background technology
1984, Shamir proposed the cryptographic system based on identity.In theory, cryptographic system and digital signature system based on identity do not need authentication center, can be with the PKI of arbitrary string as the user, and the also feasible cryptographic system based on identity of this ability (for example is widely used the field, desirable e-mail, the application of various smart cards), and the problem such as time limit restriction, authority of office restriction, authority recovery of headache all can be readily solved in the ordinary password system.
Although the signature scheme that Shamir just provided based on identity in 1984, but the encryption system based on identity of first practicality was just provided by Boneh and Franklin up to calendar year 2001, their scheme abbreviates IBE (Identity-based encryption is based on the encryption system of identity) as in academia.The IBE scheme is based on that the bilinearity pairing that is based upon on the elliptic curve realizes.At present, many researchers are making great efforts to improve the computational efficiency of pairing.Can conclude,, will have very big development space based on the cryptographic system and the various application thereof of identity along with the raising of pairing implementation efficiency.
Afterwards, various cryptographic systems based on identity have been carried successively, for example various signature systems based on identity, label dense body system and key agreement system etc.
In the cryptographic system based on identity, PKG (Private Key Generator, private key maker) is responsible for the user and generates private key, and is sent in user's hand by safe lane.So just produced two corresponding problem: the one, the key escrow problem.Because PKG has user's private key, so PKG both can decipher any user's file, can pretend to be any user to sign again, thereby make the identity discriminating in this system lose guarantee.The 2nd, the safe lane problem.Under existing technical conditions, realize safe lane, very big difficulty is still arranged.Although quanta cryptology technique declares to realize safe lane that these new technologies all also only rest on laboratory stage, are difficult to large scale investment and use.
The prior art scheme that solves the key escrow problem is to pass through threshold technique, promptly generate the private key that central distribution formula ground generates the user by a plurality of keys, each PKG generates a burst of private key for user, and the user remerges out the private key of oneself after receiving the burst of some.Like this, single PKG just can not have user's private key.This has alleviated people's censuring based on key escrow problem in the cryptographic system of identity to a certain extent.
Yet, utilize the solution operational efficiency of threshold technique not high.Main cause is: need a plurality of key generators in this solution.On the one hand, each key generator at first needs to confirm user's true identity (this generally need finish by the mode of off-line), and promptly each key generator all must be with user interactions at least once.And in original cryptographic system based on identity, this work is only carried out between user and unique key generator.On the other hand, each key generator need calculate the burst of private key for user, and the user also will remove to calculate the private key of oneself according to the thresholding synthetic method after receiving these bursts.
In addition, the scheme based on threshold technique requires to have safe lane between each key generation center and the user.In this sense, though the key escrow problem has obtained alleviation, but aggravated dependence to safe lane.
The technology that blinds has solved well based in the cryptographic system of identity safe lane being relied on problem, the technology of blinding here is meant that the user is at first secret and selects a random number to take advantage of together with the PKI of oneself as the blind factor, and then give PKG and allow its signature, this signature just can transmit on overt channel fully so.Receive the signature of PKG as the user after, remove the secret just now blind factor of selecting again and just obtain correct private key.By this technology that blinds, key generator and user can upload the warp let-off at overt channel and cross the key that blinds.Carry out " casting off illiteracy " operation after the user obtains again, thereby recover the private key of oneself.This technology has solved the dependence problem based on the safe lane of the cryptographic system of identity well, but to the key escrow problem without any contribution.Private key after the user carries out and to cast off illiteracy is the one-way function of the private key of key generator and user's PKI, still can generate and does not add the private key for user that blinds thereby key generates the center.So the key escrow problem still exists.
Summary of the invention
In order to reach the purpose that solves key escrow and safe lane problem simultaneously, the invention provides a kind of key generation method and system based on identity, scheme of the present invention is as follows:
The invention provides a kind of key generation method, said method comprising the steps of based on identity:
Steps A: initialization system parameter;
Step B: the user generates user profile according to described system parameters, generate user's initial key by total key generator, and described user profile and initial key sent to each collaborative key generator, described user profile comprise the user identity information, blind PKI and to the described signature that blinds PKI based on password;
Step C: after described collaborative key generator is received described user profile and initial key, described user's identity information and initial key are verified; If the verification passes, collaborative key generator carries out key and strengthens, and generates and strengthens key, and described reinforcement key is sent to described user; If checking is not passed through, then reporting errors stops this agreement operation then.
Step D: after described user receives described reinforcement key, described reinforcement key is carried out key extract, generate user key, and described user key is verified.
The initialization system parameter comprises the parameter of setting total key generator and each collaborative key generator in the described steps A:
Described step B specifically comprises:
Step B 1: the user generates user profile according to described system parameters, and described user profile is sent to total key generator, application adding system;
Step B2: described total key generator generates user's initial key according to described user profile, and sends to the user;
Step B3: the user verifies after receiving described initial key that if the verification passes, the user adds system's success, and described user profile and initial key are sent to each collaborative key generator; Otherwise return step B1, apply for the adding system again;
Described step B1 specifically may further comprise the steps:
Step B11: the user selects password, and generates the shadow of described password according to described password;
Step B12: described user selects to blind the factor, and generates and blind PKI according to the described factor that blinds;
Step B13: described user signs to the described PKI that blinds with password, generates to blind public key signature, and described user's identity, the signature that blinds PKI and blind PKI are sent to total key generator as user profile.
Described step B2 specifically may further comprise the steps:
Step B21: after described total key generator is received described user profile, confirm user's true identity and obtain the shadow of user password that by offline mode identity and the password shadow with the user deposits local data base in then;
Step B22: described total key generator checking user's identity after checking is passed through, generates described user's initial key and sends to the user.
Described step D specifically may further comprise the steps:
Step D1: after described user receives the reinforcement key of each collaborative key generator, carry out key and extract the described user key of generation;
Step D2: the user verifies described user key, if the verification passes, finishes key and generates; Otherwise find concrete disoperative collaborative key generator, require this collaborative key generator to resend correct reinforcement key.
The transmission of information is all finished by overt channel in the described method.
The present invention also provides a kind of key generation system based on identity, and described system comprises: initialization system parameter module, generation initial key module, generation are strengthened cipher key module and are generated the user key module;
Described initialization system parameter module is used for the initialization system parameter;
Described generation initial key module is used for the user and generates user profile according to described system parameters, generate user's initial key by total key generator, and described user profile and initial key sent to each collaborative key generator, described user profile comprise the user identity information, blind PKI and to the described signature that blinds PKI based on password;
After described generation is strengthened cipher key module and is used for described collaborative key generator and receives described user profile and initial key, described identity information and initial key are verified; If the verification passes, collaborative key generator carries out key and strengthens, and generates and strengthens key, and described reinforcement key is sent to described user; If checking is not passed through, then reporting errors stops this agreement operation then;
Described generation user key module is used for described user receive described reinforcement key after, described reinforcement key is carried out key extracts, generate user key, and described user key verified.
The invention has the beneficial effects as follows:
1, removed dependence to safe lane, making can practicability based on the cryptographic system of identity;
2, solved the trustship problem of independent key generator effectively to private key for user, or the low efficiency problem of a plurality of key generators realizations, well protected user's privacy, made and adopt the cryptographic system based on identity of the present invention to be more prone to accept into the user;
3, the authentication mechanism based on password has effectively prevented the various attacks of pretending to be, and guarantees that the assailant can't obtain private key for user.
Description of drawings
Fig. 1 is the key generation method flow chart based on identity of the present invention;
Fig. 2 is the key generation system schematic diagram based on identity of the present invention.
Embodiment
With embodiment the present invention is further specified below with reference to accompanying drawings, but not as a limitation of the invention.
Three kinds of technology have been merged in the present invention: blind technology, licensing scheme and based on the authentication mechanism of password in many ways, the effect that wherein blinds is to remove the dependence to safe lane, in many ways the effect of licensing scheme is to overcome the trustship of independent key generator to private key for user, is to prevent that based on the effect of password authentication mechanism the assailant from imitating user or certain key generator.
Scheme of the present invention is specific as follows:
Referring to Fig. 1, the invention provides a kind of key generation method based on identity, described method step is as follows:
Steps A: initialization system parameter; The specific implementation step is as follows:
Step 101: set total key generator system parameters, here the key generator of a total responsible authenticating user identification is called total key generator, note is made PKG0, the key generator of a plurality of collaborative mandates is called collaborative key generator, note is made PKGi (i=1, ..., n), concrete setup parameter process is as follows:
At first, the selected work group G of total key generator PKG0
1And G
2, G
1Certain generator P and the definition from G
1* G
1To G
2On bilinearity mapping ê;
Select a prime number p greater than 512 bits to satisfy p=2 mod 3 and p=6q-1, q is a prime number here, makes that E is by equation y
2=x
3+ 1 is defined in the elliptic curve on the finite field gf (p), makes that P is a q rank element among the E/GF (p), order group G
1=<P 〉, promptly by the module on the elliptic curve of P generation;
Make 1 ≠ ζ ∈ GF (p
2) be EQUATION x
3Separate for one of-1=0 mod p, make mapping phi (x, y)=(ζ x, y); By<P, φ (P)〉group that generates is E[q], make G again
2Be GF (p
2) all rank are the set that the element of q is formed among the *, e:E[q] * E[q] → G
2Be to be defined in E/GF (p
2) on Weil pairing, the Weil that then revises pairing ê is defined as: ê (P, Q)=e (P, φ (Q)); Can prove that Ding Yi ê satisfies bilinearity, non-degeneracy and computability like this.
Secondly, total key generator PKG0 is from Z
q *In select master key s0 at random, Z wherein
q *Be set 1,2 ..., q-1}, and make P0=[s0] P;
Once more, selected following two the Hash functions of total key generator PKG0:
H:{0,1}
*→ G
1Be the Map-to-point function, be defined as:
If h:{0,1}
*→ GF (p) is Hash function of any one anti-collision (promptly can not find two different independents variable of corresponding same functional value), and described h considers that the collision of present MD5 and SHA-1 finds that all getting h is SHA-256.Calculate y=h (ID) earlier, wherein ID is the binary string of expression user identity; Calculate x=(y again
2-1)
(2p-1)/3Modp; Make then that H (ID)=(x y) is G
1In the point;
H
1: G
1→ G
1Be a unidirectional Ha sh function, be defined as:
For G
1In some R (x ', y '), make y=h (x ' || y '), and x=(y
2-1)
(2p-1)/3Mod p makes H then
1(x ', y ')=(x y) is G
1In new point;
At last, total key generator PKG0 public address system parameter<G
1, G
2, P, ê, H, H
1, n, P0 〉, wherein n refers to the number of collaborative key generator.
Step 102: total key generator and collaborative key generator interactive operation, generation system PKI parameter, the specific implementation step is as follows:
At first, and collaborative key generator PKGi (i=1 ..., n) from Z
q *In select own key si at random, make Pi=[si] P, Yi=[si] P0, send by overt channel then that (Pi is Yi) to PKG0;
Secondly, when total key generator PKG0 receive that each collaborative key generator PKGi sends (Pi, Yi) after, carry out:
The checking equation
Whether set up, if be false, just explanation has disoperative key generator, can by checking equation ê (P0, Pi)=(Yi P) finds the key generator of making trouble to ê, gets rid of these disoperative key generators and regenerates system's PKI; After the checking equation is set up, delivery system PKI parameter<G
1, G
2, P, ê, H, H
1, n, P0, P1 ..., Pn, Y 〉, system's PKI parameter setting finishes.
Step B: the user generates user profile according to described system parameters, generates user's initial key by total key generator, and described user profile and initial key are sent to each collaborative key generator; The specific implementation step is as follows:
Step 103: the identity of user U is ID, and the user is from Z
q *The middle password (character string that can select easy note earlier uses hash function h to be varied to w as password after the certain filling at random of process) of selecting a random number w conduct oneself, and according to described password calculating W=[w] P, the shadow W of generation password.
Step 104: user U is from Z
q *In select random number r as blinding the factor again, and calculate D=[r according to the described factor r that blinds] H (ID), generate and blind PKI D.
Step 105: the user signs to the described PKI that blinds with password, i.e. R=[w] H
1(D), generate and to blind public key signature R, and with described user's identity ID, the signature R that blinds PKI D and blind PKI as user profile (ID, D R), sends described user profile (ID by overt channel then, D R) gives total key generator PKG0, and request adds.
Step 106: described total key generator PKG0 receive user U user profile (ID, D, R) after, confirm the true identity of user U and obtain the shadow W (x of user password by offline mode
w, y
w) (ID W) deposits local data base in, only allows own and remaining key generator is visited this database with two tuples of the shadow W of user's identity ID and password then.
So-called " offline mode " is with regard to the cryptographic mode of right and wrong, for example: user real identification is verified in meeting in person, perhaps make a phone call, identify user identity by the sound waveform analytical technology then, perhaps can prove the data etc. of user identity by mail system (just as sending of the topsecret papers) transmission that can guarantee to be perfectly safe.In a word, at the beginning of system registry, be to finish with the method outside the designed cryptographic system to the checking of user real identification, for designed cryptographic system, just be called " offline mode ".After authentication work at the beginning of the registration was finished, remaining work just can be finished according to the agreement flow process of designed cryptographic system itself, and so, these follow-up work are exactly so-called " online mode ".
Step 107: total key generator PKG0 is by checking equation ê (W, H
1(D))=(whether P R) becomes Rob Roy to verify user's identity to ê, does not pass through if PKG0 verifies, i.e. equation ê (W, H
1(D))=ê (R) be false, and the password shadow mistake that the user provides is described, system refuses this user and adds, and what stop this user this time adds flow process by P.If the PKG0 checking is passed through, i.e. equation ê (W, H
1(D))=and ê (P R) sets up, and calculates Q0=[s0] D generates user's initial key Q0, and by overt channel initial key Q0 sent to user U.
Step 108: after the user receives initial key Q0, checking equation ê (Q0, P)=(whether D P0) sets up ê, sets up then that the user adds success, i.e. step 109; Otherwise, illustrate that PKG0 is uncooperative, issue the message of one " PKG0 cheating ", and return step 103 and allow the user apply for again adding.If system's operation is normal, but walk out of existing equation ê to this (Q0, P)=ê (P0) be false, and illustrates that then PKG0 is uncooperative, refuses to generate private key into legal users by D.In general, can not consider this situation.But in reality, also may be, and cause this situation to occur because unknowable mistake appear in system operation, what might as well stop this user so this time adds flow process, allows the user apply for again adding.
Step 109: the user adds system's success, obtains initial key.
Step 110: after the user U adding system, by overt channel send user profile and initial key (ID, D, R, Q0) to each collaborative key generator PKGi (i=1 ..., n), ask them that key Q0 is carried out intensified operation.
Step C: after described collaborative key generator is received described user profile and initial key, described identity information and initial key are verified; If the verification passes, collaborative key generator carries out key and strengthens, and generates and strengthens key, and described reinforcement key is sent to described user; If checking is not passed through, then reporting errors stops this agreement operation then; The specific implementation step is as follows:
Step 111: each collaborative key generator PKGi receive user profile that user U sends and initial key (ID, D, R, Q0) after, it is verified: ê (W, H
1(D))=ê (P, R) and ê (Q0, P)=ê (D, P0).
Step 112:, calculate to strengthen key Qi=[si if after checking is passed through] Q0, and will strengthen key Qi by overt channel and send to user U.If checking is not passed through, then reporting errors stops this agreement operation then.
Step D: after described user receives described reinforcement key, described reinforcement key is carried out key extract, generate user key, and described user key is verified; The specific implementation step is as follows:
Step 113: user U receive each collaborative key generator reinforcement key Q i (i=1,2 ..., n) after, carry out key and extract, make S '=Q1+Q2+...+Qn, again by calculating S=[r
-1] S ' obtains the key S of oneself.
Step 114: user U verifies described key S, promptly check equation ê (S, P)=whether ê (Y, H (ID)) set up, if set up, illustrate that key generates correctly; Otherwise the Qi that certain collaborative key generator PKGi transmission is described is incorrect, can by checking equation ê (Q0, Pi)=(Qi P) finds concrete disoperative collaborative key generator to ê, require this collaborative key generator PKGi to resend correct reinforcement key Qi, promptly return step 112.
Step 115: finish user key and generate.
User U has obtained private key S=s0 (s1+s2+...+sn) H (ID) of oneself, because Q0=[s0] D=s0rH (ID), Qi=[si] Q0=s0sirH (ID), so S here and S=[r
-1] S essence among the S ' is identical, and PKG0 and any PKGi can not obtain S.So this programme has solved key escrow problem (although thoroughly do not solve, because PKG0 and all PKGi all conspire, being the private key S that can calculate user U) effectively.And the transmission of information is all finished by overt channel in the whole key generative process, does not use safe lane.So this programme has been realized goal of the invention: both overcome based on the private key for user trustship problem in the cryptographic system in province, removed the dependence to user and the direct safe lane of PKG again.
The shadow that obtains user password in this programme is because the user can not tell password to system, but system needs to rely on password to finish the certification work of back again, and the specific implementation process is as follows:
At first, the password that the user chooses with oneself is through obtaining " password shadow " behind the monotonic transformation (carrying out being transformed into again after the hash conversion point on the elliptic curve here earlier).The certification work of back will depend on " password shadow " and finish.If certain assailant intercepted this user's " password shadow ", so just can authentication phase afterwards pretend to be this user, " so password shadow " must be also in the submission at that time of " off-line " identity verification (because supposed that the communication in that stage is safe, otherwise all work all cannot be done).On the one hand, " password shadow " is that user oneself calculates according to password, can be regarded as random number in addition, and bad memory is not so the user needs to preserve it after " password shadow " offered system.The back is calculated once just passable in needs again.
It is no doubt dangerous to leak password, and it is dangerous too to leak " password shadow ".So in system of the present invention, the occupation mode of " password shadow " is very careful.When needing authentication at every turn, all generate earlier the PKI that oneself " has blinded ", and then be multiplied by " password shadow " transmission, be equivalent to sign to blinding PKI as private key with " password shadow ", both reach the effect of authentication, guaranteed the safety of " password shadow " again.Even certain blinds the factor and has leaked, also be not easy to have influence on the safety of " password shadow ".Because in system of the present invention, to obtain " password shadow " from the message that blinds the factor and intercepting and capturing and be equivalent to and find the solution a discrete logarithm difficult problem, be impossible.
Referring to Fig. 2, the present invention also provides a kind of key generation system based on identity, it is characterized in that described system comprises: initialization system parameter module, generation initial key module, generation are strengthened cipher key module and are generated the user key module;
Described initialization system parameter module is used for the initialization system parameter;
Described generation initial key module is used for the user and generates user profile according to described system parameters, generates user's initial key by total key generator, and described user profile and initial key are sent to each collaborative key generator;
After described generation is strengthened cipher key module and is used for described collaborative key generator and receives described user profile and initial key, described identity information and initial key are verified; If the verification passes, collaborative key generator carries out key and strengthens, and generates and strengthens key, and described reinforcement key is sent to described user; If checking is not passed through, then reporting errors stops this agreement operation then;
Described generation user key module is used for described user receive described reinforcement key after, described reinforcement key is carried out key extracts, generate user key, and described user key verified.
More than be that preferred implementation of the present invention is described, common variation and replacement that those skilled in the art carries out in the scheme scope of the technology of the present invention all should be included in protection scope of the present invention.
Claims (6)
1. the key generation method based on identity is characterized in that, said method comprising the steps of:
Steps A: initialization system parameter;
Step B: the user generates user profile according to described system parameters, generates user's initial key by total key generator, and described user profile and initial key are sent to each collaborative key generator; Described step B specifically comprises:
Step B1: the user generates user profile according to described system parameters, and described user profile is sent to total key generator, application adding system;
Step B2: described total key generator generates user's initial key according to described user profile, and sends to the user;
Step B3: the user verifies after receiving described initial key that if the verification passes, the user adds system's success, and described user profile and initial key are sent to each collaborative key generator; Otherwise return step B1, apply for the adding system again;
Wherein, described step B1 specifically comprises:
Step B11: the user is according to the system parameter selection password, and generates the shadow of described password according to described password;
Step B12: described user blinds the factor according to system parameter selection, and generates and to blind PKI according to the described factor that blinds;
Step B13: described user signs to the described PKI that blinds with password, generates to blind public key signature, and described user's identity information, the signature that blinds PKI and blind PKI are sent to total key generator as user profile;
Step C: after described collaborative key generator is received described user profile and initial key, described user's identity information and initial key are verified; If the verification passes, collaborative key generator carries out key and strengthens, and generates and strengthens key, and described reinforcement key is sent to described user; If checking is not passed through, then reporting errors stops this agreement operation then;
Step D: after described user receives described reinforcement key, described reinforcement key is carried out key extract, generate user key, and described user key is verified.
2. a kind of key generation method based on identity as claimed in claim 1 is characterized in that, the initialization system parameter comprises the parameter of setting total key generator and each collaborative key generator in the described steps A:
3. a kind of key generation method based on identity as claimed in claim 1 is characterized in that described step B2 specifically comprises:
Step B21: after described total key generator is received described user profile, confirm user's true identity and obtain the shadow of user password, deposit user's the identity and the shadow of password in local data base then by offline mode;
Step B22: described total key generator checking user's identity after checking is passed through, generates described user's initial key and sends to the user.
4. as claim 1 or 2 or 3 described a kind of key generation methods, it is characterized in that described step D specifically comprises based on identity:
Step D1: after described user receives the reinforcement key of each collaborative key generator, carry out key and extract the described user key of generation;
Step D2: the user verifies described user key, if the verification passes, finishes key and generates; Otherwise find disoperative collaborative key generator, require this collaborative key generator to resend correct reinforcement key.
5. as claim 1 or the described a kind of key generation method of 2 or 3 any claims, it is characterized in that the transmission of information is all finished by overt channel in the described method based on identity.
6. key generation system based on identity is characterized in that described system comprises:
Initialization system parameter module, generation initial key module, generation are strengthened cipher key module and are generated the user key module;
Described initialization system parameter module is used for the initialization system parameter;
Described generation initial key module is used for the user and generates user profile according to described system parameters, generates user's initial key by total key generator, and described user profile and initial key are sent to each collaborative key generator, and it specifically comprises:
Step B1: the user generates user profile according to described system parameters, and described user profile is sent to total key generator, application adding system;
Step B2: described total key generator generates user's initial key according to described user profile, and sends to the user;
Step B3: the user verifies after receiving described initial key that if the verification passes, the user adds system's success, and described user profile and initial key are sent to each collaborative key generator; Otherwise return step B1, apply for the adding system again;
Wherein, described step B1 specifically comprises:
Step B11: the user is according to the system parameter selection password, and generates the shadow of described password according to described password;
Step B12: described user blinds the factor according to system parameter selection, and generates and to blind PKI according to the described factor that blinds;
Step B13: described user signs to the described PKI that blinds with password, generates to blind public key signature, and described user's identity information, the signature that blinds PKI and blind PKI are sent to total key generator as user profile;
After described generation is strengthened cipher key module and is used for described collaborative key generator and receives described user profile and initial key, described user's identity information and initial key are verified; If the verification passes, collaborative key generator carries out key and strengthens, and generates and strengthens key, and described reinforcement key is sent to described user; If checking is not passed through, then reporting errors stops this agreement operation then;
Described generation user key module is used for described user receive described reinforcement key after, described reinforcement key is carried out key extracts, generate user key, and described user key verified.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2006100902345A CN100542091C (en) | 2006-07-07 | 2006-07-07 | A kind of key generation method and system based on identity |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2006100902345A CN100542091C (en) | 2006-07-07 | 2006-07-07 | A kind of key generation method and system based on identity |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1878060A CN1878060A (en) | 2006-12-13 |
CN100542091C true CN100542091C (en) | 2009-09-16 |
Family
ID=37510373
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2006100902345A Expired - Fee Related CN100542091C (en) | 2006-07-07 | 2006-07-07 | A kind of key generation method and system based on identity |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100542091C (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106034020A (en) * | 2015-03-09 | 2016-10-19 | 深圳华智融科技有限公司 | Key diffusion method and key diffusion device |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101616001B (en) * | 2008-06-23 | 2011-11-09 | 航天信息股份有限公司 | Identity-based encryption method capable of reducing cipher text length |
US8694771B2 (en) * | 2012-02-10 | 2014-04-08 | Connect In Private Panama Corp. | Method and system for a certificate-less authenticated encryption scheme using identity-based encryption |
CN103297241B (en) * | 2013-05-31 | 2016-02-03 | 中国人民武装警察部队工程大学 | Close building method is signed in a kind of One-off public key anonymity |
CN103746810B (en) * | 2013-12-27 | 2017-02-01 | 西安邮电大学 | Anonymous sign-cryption method from certificate public key system to identity public key system |
EP3318043B1 (en) * | 2015-06-30 | 2020-09-16 | Visa International Service Association | Mutual authentication of confidential communication |
CN107124269B (en) * | 2017-04-05 | 2019-10-08 | 飞天诚信科技股份有限公司 | A kind of tool and its working method for protecting master key |
CN109359483B (en) * | 2018-10-19 | 2021-09-10 | 东北大学秦皇岛分校 | User privacy anonymity protection method based on block chain |
CN112003696B (en) * | 2020-08-25 | 2023-03-31 | 成都卫士通信息产业股份有限公司 | SM9 key generation method, system, electronic equipment, device and storage medium |
CN112164220B (en) * | 2020-09-22 | 2022-08-02 | 江西锦路科技开发有限公司 | Expressway service area congestion monitoring and automatic guidance system |
CN114205081B (en) * | 2021-12-03 | 2023-12-19 | 中国科学院大学 | Blind collaborative signature method for protecting user privacy |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030179885A1 (en) * | 2002-03-21 | 2003-09-25 | Docomo Communications Laboratories Usa, Inc. | Hierarchical identity-based encryption and signature schemes |
CN1490974A (en) * | 2003-09-15 | 2004-04-21 | 郑建德 | Pin code system based on identity |
CN1655498A (en) * | 2004-02-10 | 2005-08-17 | 管海明 | Multi-center identity-based key management method |
-
2006
- 2006-07-07 CN CNB2006100902345A patent/CN100542091C/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030179885A1 (en) * | 2002-03-21 | 2003-09-25 | Docomo Communications Laboratories Usa, Inc. | Hierarchical identity-based encryption and signature schemes |
CN1490974A (en) * | 2003-09-15 | 2004-04-21 | 郑建德 | Pin code system based on identity |
CN1655498A (en) * | 2004-02-10 | 2005-08-17 | 管海明 | Multi-center identity-based key management method |
Non-Patent Citations (2)
Title |
---|
An ID-Based Authenticated Key Agreement Protocol for Peer-to-Peer Computing. LU Rong-xing,CAO Zhen-fu,SU Ren-wang,CHAI Zhen-chuan.Journal of Shanghai Jiaotong University(Science),Vol.E-11 No.2006年第2期. 2006 * |
可证安全的强壮门限部分盲签名. 曹珍富,朱浩瑾,陆荣幸.中国科学E辑 信息科学,第35卷第2005年第12期. 2005 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106034020A (en) * | 2015-03-09 | 2016-10-19 | 深圳华智融科技有限公司 | Key diffusion method and key diffusion device |
CN106034020B (en) * | 2015-03-09 | 2019-02-01 | 深圳华智融科技股份有限公司 | A kind of key divergent method and device |
Also Published As
Publication number | Publication date |
---|---|
CN1878060A (en) | 2006-12-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100542091C (en) | A kind of key generation method and system based on identity | |
US20230421375A1 (en) | Threshold digital signature method and system | |
CN106961336B (en) | A kind of key components trustship method and system based on SM2 algorithm | |
Huang et al. | Certificateless signatures: new schemes and security models | |
US7533270B2 (en) | Signature schemes using bilinear mappings | |
EP2285040A1 (en) | Two-factor combined public key generation and authentication method | |
CN110011781A (en) | A kind of homomorphic cryptography method encrypting and support zero-knowledge proof for transaction amount | |
CN104184588B (en) | The undetachable digital signatures method of identity-based | |
CN103746811B (en) | Anonymous signcryption method from identity public key system to certificate public key system | |
CN103117860B (en) | Without the blind ring signatures method of certificate | |
CN104168114A (en) | Distributed type (k, n) threshold certificate-based encrypting method and system | |
CN106850198A (en) | SM2 digital signature generation method and system based on the collaboration of many devices | |
KR20030008182A (en) | Method of id-based blind signature by using bilinear parings | |
CN110995412B (en) | Certificateless ring signcryption method based on multiplicative group | |
CN106656512A (en) | SM2 digital signature generation method and system supporting threshold password | |
CN105227317A (en) | A kind of cloud data integrity detection method and system supporting authenticator privacy | |
KR20030062401A (en) | Apparatus and method for generating and verifying id-based blind signature by using bilinear parings | |
CN109951288A (en) | A kind of classification signature method and system based on SM9 Digital Signature Algorithm | |
CN103634788A (en) | Certificateless multi-proxy signcryption method with forward secrecy | |
CN101697513A (en) | Digital signature method, device and system as well as digital signature verification method | |
CN112152813B (en) | Certificateless content extraction signcryption method supporting privacy protection | |
CN104320259A (en) | Certificateless signature method based on Schnorr signature algorithm | |
CN106936584A (en) | A kind of building method without CertPubKey cryptographic system | |
Au et al. | Realizing fully secure unrestricted ID-based ring signature in the standard model based on HIBE | |
Li et al. | A forward-secure certificate-based signature scheme |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090916 Termination date: 20170707 |