CN102045164B - Key exposure free chameleon digital signature method based on ID (Identity) - Google Patents

Key exposure free chameleon digital signature method based on ID (Identity) Download PDF

Info

Publication number
CN102045164B
CN102045164B CN 200910193201 CN200910193201A CN102045164B CN 102045164 B CN102045164 B CN 102045164B CN 200910193201 CN200910193201 CN 200910193201 CN 200910193201 A CN200910193201 A CN 200910193201A CN 102045164 B CN102045164 B CN 102045164B
Authority
CN
China
Prior art keywords
signature
chameleon
signer
pub
verifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN 200910193201
Other languages
Chinese (zh)
Other versions
CN102045164A (en
Inventor
陈晓峰
田海博
张方国
陈满祥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
GUANGZHOU XINRUI NETWORK TECHNOLOGY Co Ltd
Original Assignee
GUANGZHOU XINRUI NETWORK TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by GUANGZHOU XINRUI NETWORK TECHNOLOGY Co Ltd filed Critical GUANGZHOU XINRUI NETWORK TECHNOLOGY Co Ltd
Priority to CN 200910193201 priority Critical patent/CN102045164B/en
Publication of CN102045164A publication Critical patent/CN102045164A/en
Application granted granted Critical
Publication of CN102045164B publication Critical patent/CN102045164B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention relates to a chameleon digital signature method based on ID (Identity). A special chameleon hashing function with three trap doors and an equal-index knowledge certification technology are adopted in the method to realize key exposure free chameleon digital signature based on ID under the condition that the bilinear Diffie-Hellman problem is supposed to be difficult. The invention solves the problem that the advantage of simple key management based on ID by utilizing a cryptosystem can not be realized because the chameleon digital signature method based on ID does not exists in the background art.

Description

A kind of ID-based is without the Chameleon digital signature method of Key Exposure
Technical field
The present invention relates to information security field.Especially, the present invention relates to a kind of ID-based without the Chameleon digital signature generation of key exposure and the method for checking.
Background technology
Digital signature is a kind of basic information security technology, at aspects such as authentication, data integrity, non-repudiation and anonymities, important application is arranged, particularly the encryption key distribution in secure communication of network, have important effect in the systems such as authentication and ecommerce, E-Government.Digital signature is to realize the important tool of authentication.
The generation of digital signature and checking need signature private key and the verification public key of signer.The signature private key of signer only signed person is known.The verification public key of signer is disclosed.The generation of digital signature need to be used the signature private key of signer and signed digital content.The checking of digital signature is to confirm that with verification public key signer has corresponding signature private key.The security requirement digital signature of digital signature should be forged, and does not namely have anyone or equipment of signature private key all can not forge a digital signature.Signature private key has the important function of unique sign signer identity, and digital signature should not leaked the useful information of signature private key.
Usually verification public key is random character string, is difficult to the holder of the concrete PKI of identification.The method of infrastructure is bound PKI and PKI holder's identity so people use public-key, and has set up trust systems.Huge and the complexity of PKIX has been brought no small expense on public key management, in order to address this problem, people propose to use significant character string as PKI, it is the ID-based cryptographic system, this system nature is bound identity and PKI, reduce the expense of public key management, be subject to people's favor.Particularly from calendar year 2001 based on after computing having been proposed practical ID-based cryptographic algorithm, the ID-based cryptographic system has received the concern that continues.
Common digital signature has the broad sense verifiability, and namely anyone can verify that whether certain signature is the signature to certain particular message.This characteristic has very use in some cases, such as the issue of overt propaganda product.But in a lot of other are used, particularly when protecting signer or recipient's privacy, do not wish to allow everyone can verify that message/signature is right.This has just produced the contradiction between broad sense verifiability and privacy in the digital signature system.For example, certain signer has been signed a bidding documents and has been gone to submit a tender, the marked price of bidding documents belongs to privacy information usually, this moment, this signer was just wished the not openly checking of its signature, otherwise its competitor just can confirm that certain marked price belongs to this signer really by its bidding documents, to such an extent as to can with the later competition of this signer in be on a good wicket.Also have many other examples to highlight above-mentioned contradiction, need to design special digital signature for this reason and solve problem.
Chaum and Van Antwerpen have proposed undeniable signature and have solved the problems referred to above.Because the checking of signature must just can be completed by the cooperation of signer, so signature does not satisfy the broad sense verifiability.Further, signer can determine that signature only just can be verified or can only be verified by certain specific entity under certain condition.
Krawcayk and Rabin have proposed Chameleon signature and have come more effective addressing the above problem.The measured digital signature of Chameleon signature generation method, that is: first Hash is signed again.Wherein the chameleon hash function is used to calculate the message cryptographic Hash.The chameleon hash function is a kind of unidirectional trapdoor hash function, and the owner of trap door information can calculate the collision of a random input effectively; And in the situation that there is no trap door information, function is crash-resistant.Chameleon signature can provide non-repudiation and non-transferability simultaneously as undeniable signature, but with respect to the latter, the former can simpler, realization more efficiently.More accurate, Chameleon signature is noninteractive, and does not relate to complicated zero-knowledge proof, and this is the basis that traditional undeniable signature is realized.Although have noninteractive undeniable signature, the realization of Chameleon signature is more simple.
In some initial designed Chameleon signature schemes, if the verifier forges a signature, and signer has obtained forging a signature, and signer just can utilize the collision calculation of this chameleon hash function to go out verifier's private key, causes verifier's key exposure.Although this characteristic can prevent effectively that the verifier from forging a signature, but the third party may be because believe that the danger that the verifier dare not emit private key to reveal forges a signature, and then believe that certain signature is that signer is signed really, thereby weakened the not transferability of signature.
To having proposed first completely without the chameleon hash function of key exposure, new departure has well solved this problem to the people such as Chen Xiaofeng based on bilinearity.Subsequently, the people such as Ateniese proposed more based on the difference hypothesis without Key Exposure chameleon hash function.The people such as Ateniese point out that the promise scheme of traditional single trapdoor can't be used for constructing the chameleon hash function without Key Exposure; Only have the promise scheme of two trapdoors can be used for designing chameleon hash function or ID-based chameleon hash function without Key Exposure.
Yet do not exist ID-based without the Chameleon signature method of Key Exposure at present, thereby can't carry out in practice the Chameleon signature of high level of security with the ID-based system, have to rely on the support of traditional PKIX, perhaps transfer to use the lower scheme of some level of securitys that can not prevent Key Exposure.
From the above, the ID-based of having announced in prior art does not exist without the Chameleon digital signature method of Key Exposure.We wish to provide a kind of Chameleon digital signature scheme, enable based on identity, can solve the Key Exposure problem simultaneously, have public key management characteristic easily.
Summary of the invention
The object of the present invention is to provide a kind of ID-based without the implementation method of the Chameleon digital signature scheme of Key Exposure, do not exist ID-based without the Chameleon digital signature method of Key Exposure in the solution background technology, can not utilize ID-based system public key management advantage easily.
For achieving the above object, the invention provides a kind of ID-based without the implementation method of the Chameleon digital signature scheme of Key Exposure: disclosed system parameters is set; Signature private key and disclosed verification public key that signer has are set; Trapdoor private key and disclosed chameleon PKI that the verifier has are set; Signer uses signature private key and chameleon PKI to calculate the Chameleon digital signature of digital content; The verifier verifies the correctness of Chameleon digital signature with the disclosed verification public key of signer, chameleon PKI and trapdoor private key; Signer denies to trusted third party the Chameleon signature that the verifier generates.
1) disclosed system parameters comprises: clearance D iffie-Hellman group G 1, group G 1Generator P, the rank of generator P are large prime number q, cyclic group G 2, group G 2Rank be also large prime number q, the collisionless hash function H:{0 of universe, 1} *→ G 1, to mapping function e:G 1* G 1→ G 2, the PKI P of trusted third party pub=sP, wherein s is the private key of trusted third party; Any one safe identity-based digital signature algorithm (JG, JE, JS, JV).
Wherein about group G 1, G 2, be difficult to the Bilinear Diffie-Hellman problem of computing e.
Wherein the Digital Signature Algorithm of safety refers to that this algorithm has unforgeable under adaptability selection message attack.
2) the signature private key x that has of signer SGenerated by algorithm JE.According to the difference of Digital Signature Algorithm (JG, JE, JS, JV), signature private key and verification public key can have various form.
3) the trapdoor private key that has of verifier is x R=sQ R, disclosed chameleon PKI is Q R=H (R).
4) signer uses signature private key and chameleon PKI to calculate digital content m ∈ Z q * The step of Chameleon digital signature as follows:
(1) signer is selected random integers α ∈ R Z q * ;
(2) generate Bit String I;
(3) calculate chameleon Hash Value H;
(4) use signature private key x s, use Digital Signature Algorithm JS, to chameleon Hash Value H signature, obtain the signature value δ = JS x S ( H ) ;
(5) use chameleon PKI Q R, the PKI P of trusted third party pub, integer α to mapping function e, calculates group G 1Element α P and group G 2Element e (α P pub, Q R);
(6) signer series connection α P, e (α P pub, Q R), δ, Chameleon signature (α P, e (the α P of formation digital content m pub, Q R), δ).
Wherein the computational methods of chameleon Hash Value H are at clearance D iffie-Hellman group G 1Upper calculating H=α P+mH (I).
Wherein Bit String I comprises the temporal information that signer identity information, verifier's identity information and signer and verifier make an appointment.
5) verifier verifies Chameleon digital signature (α P, e (the α P of digital content m with the disclosed verification public key of signer, chameleon PKI and trapdoor private key pub, Q R), the step of correctness δ) is as follows:
(1) verifier uses the trapdoor private key to first element α P and the private key sQ of signature RCalculating e (α P,, sQ R);
(2) compare e (α P pub, Q R) with step (1) in the value e (α P, the sQ that calculate R) whether identical, if difference think that this signature is false, otherwise would continue judgement;
(3) verifier generates Bit String I;
(4) use message m to calculate mH (I);
(5) verifier uses first element of signature and calculates resulting mH (I) and calculate chameleon Hash Value H=α P+mH (I)
(6) verifier uses disclosed verification public key y S, chameleon Hash Value H, proof procedure defined according to digital signature verification algorithm JV comes the correctness of certifying signature δ.Think that if signature verification is failed signature is false, otherwise think that signature is true.
6) signer to trusted third party deny that the verifier generates about message m *Chameleon signature (α *P, e (α *P pub, Q R), step δ) is as follows:
(1) whether trusted third party's checking Chameleon signature satisfies following attribute:
-verifier submits α to trusted third party *P, e (α *P pub, Q R) contain same integer α *Evidence;
-trusted third party recomputates Bit String I, m *H (I), H=α *P+m *H (I), the identity S of use signer, proof procedure defined according to digital signature verification algorithm JV verified δ, can be by checking.
(2) if trusted third party thinks that the Chameleon signature that the verifier submits to satisfies above-mentioned two attributes, require signer to deny Chameleon signature, otherwise assert that directly Chameleon signature is false.
(3) signer denies that to trusted third party the process of Chameleon signature is as follows:
-signer is showed Chameleon signature value (α P, e (α P to trusted third party pub, Q R), δ);
-signer shows that to trusted third party message m or the m that gives information are group element H/g αWith H (y R, I) be the knowledge proof of the discrete logarithm at the end;
-signer produces evidence to prove (α P, e (α P to trusted third party pub, Q R) contain identical integer α;
(4) if signer provides message m, trusted third party checks the message m that Chameleon signature is signed *Different from m, but H=g αH(y R, I) m, and signer (α P, e (the α P that provide pub, the evidence that QR) contains identical integer α is reliable through checking, and just can judge that Chameleon signature is vacation;
(5) m if signer does not give information, trusted third party checks g α ≠ g α * , And (α P, e (α P that signer provides pub, Q R) contain identical integer α evidence reliable through checking, the m that signer provides is group element H/g αWith H (y R, I) reliable through checking for the knowledge proof of the discrete logarithm at the end, just can judge that Chameleon signature is vacation.
The present invention has the following advantages:
The present invention is based on the hypothesis of Bilinear Diffie-Hellman problem difficulty, constructed the ID-based Chameleon digital signature scheme without Key Exposure, this scheme can utilize the ID-based system not need the advantage of PKIX, facilitate the management of key, and had higher efficient.
The implementation method of the ID-based Chameleon digital signature scheme without Key Exposure provided by the invention is applicable to the fields such as electronic bidding, electronic auction, copyright protection, copyright be false proof.
Description of drawings
Fig. 1 is the ID-based Chameleon digital signature scheme implementation method block diagram without Key Exposure
Embodiment
Copyright protection take software illustrates the concrete enforcement of this programme as example.The software copyright owner is the signer of this programme, and the consumer of software is the verifier of this programme.Enforcement by this programme, the software copyright owner can sign Chameleon signature for digital product, the consumer of software can confirm by the checking Chameleon signature authenticity of digital product, yet come from the not transferability of Chameleon signature, the consumer can't prove that its product used is certified products to anyone, carries out two time selling thereby make digital product can not copied by the consumer.Specific implementation process is as follows:
1) everyone and consumer of software copyright has following disclosed system parameters:
The identity-based digital signature algorithm (JG, JE, JS, JV) of-safety: can be chosen to be Cha-Cheon identity-based digital signature algorithm, signature length 1024 bits, the parameter of this signature algorithm (E, p, q, k, P, G 1) as follows:
E:y 2=x 3+1
p=
1005585594745694782468051874865438459560952436544
4295033292671082791323022555160232602838231103021
8299615970507030097306168828238323448310057449840
09826581
q=
1675975991242824637446753124775730765934920727574
0491722154451804652205037591933721004730385171703
0499359950845050162176948047063872413850095749733
4971097
k=2
P=(x,y)
x=
2218248283148307312060782604701661398038778976686
8776087296524683183375451964436704312239069091547
2603013162873873034608314248613358036757769762946
5320989
y=
4515056003532170177558482288850754893020739301430
3695723827477100680433208082449098697164691334340
9487874330444808136912136808585726273940504926721
5539276
G 1=<P 〉, be a group of P generation;
Computing e is adopted the Miller algorithm
G 2GF (p 2) on subgroup, q rank, generator is e (P, P).
Open parameter G in-Chameleon signature scheme 1, G 2, to computing e, G 1Generator P, the relevant parameter in prime number q and identity-based digital signature algorithm (JG, JE, JS, JV) is identical.
The collisionless hash function H of-universe can adopt SHA-256 first the input bit string to be carried out hash in this concrete enforcement, and then to Hash Value mould q, acquisition value x is this value substitution elliptic curve equation y 2=x 3+ ax+b if can solve y, obtains the output (x, y) of H; Otherwise repeat said process with i series connection input bit string, obtain x i, wherein i successively value { 1,2,3...} is until solve y iTill, obtain H and be output as (x i, y i).
The PKI P of-trusted third party pub=sP, s are trusted third party's private key.
2) the signature private key x that has of the software copyright owner SGenerated by Cha-Cheon identity-based digital signature algorithm, PKI is this copyright owner's identity information.
3) the trapdoor private key that has of consumer is x R=sQ R, the identity information R that disclosed chameleon PKI is the consumer.
4) the software copyright owner to the computing of software product operation SHA-256 hash, obtains the digital finger-print of this software product, carries out afterwards mould q computing and obtains message m to be signed.The software copyright owner moves following steps afterwards:
(1) signer is selected random integers α ∈ R Z q * ;
(2) use the possessory identity information of software copyright, consumer's identity information, the disclosed added time of digital product generates Bit String I;
(3) use universe collisionless function calculation chameleon Hash Value H=α P+mH (I);
(4) use signature private key x s, use Digital Signature Algorithm JS, to chameleon Hash Value H signature, obtain the signature value δ = JS x S ( H ) ;
(5) use chameleon PKI R to calculate Q R=H (R), integer α, the PKI P of trusted third party pub, calculate α P and e (α P pub, Q R);
(6) the software copyright owner α P that connects, e (α P pub, Q R), δ, Chameleon signature (α P, e (the α P of formation digital product pub, Q R), δ), and issue simultaneously with digital product, added time of digital product.
5) consumer is with owner's identity information of software product, with oneself identity information and the trapdoor private key Chameleon digital signature (α P, e (the α P that verify digital product pub, Q R), the step of correctness δ) is as follows:
(1) consumer calculates e (α P, sQ with the trapdoor private key to first element α P that signs R);
(2) second element e (the α P that relatively signs pub, Q R) with the e (α P, the sQ that calculate R) whether identical, if difference think that this signature is false, otherwise would continue judgement;
(3) use the possessory identity of software copyright, consumer's identity information, the disclosed added time of digital product generates Bit String I;
(4) consumer to not comprising the software product operation SHA-256 hash computing of signature, obtains the digital finger-print of this software product, carries out afterwards mould q computing and obtains message m to be signed.
(5) consumer calculates mH (I);
(5) consumer uses first element of signature and calculates resulting mH (I) and calculate chameleon Hash Value H=α P+mH (I)
(6) consumer uses copyright owner's identity S, chameleon Hash Value H, and proof procedure defined according to digital signature verification algorithm JV comes the correctness of certifying signature δ.Think that if signature verification is failed signature is false, otherwise think that signature is true.
6) the software copyright owner denies to trusted third party the incidental Chameleon signature (α of digital product about consumer oneself generation or change that consumer person generates *P, e (α *P pub, Q R), the step of authenticity δ) is as follows:
(1) whether the pseudo-Chameleon signature of trusted third party's checking satisfies following attribute:
-consumer submits α to trusted third party *P, e (α *P pub, Q R) contain identical α *Evidence;
-trusted third party recomputates the digital finger-print of digital product, obtains message m after mould q *, recomputate Bit String I, m *H (I), H=α *P+m *H (I),
Use disclosed copyright owner's identity S, proof procedure defined according to digital signature verification algorithm JV verified δ, can be by checking.
(2) if trusted third party thinks that the Chameleon signature of submitting to satisfies above-mentioned two attributes, require the software copyright owner to deny Chameleon signature, otherwise assert that directly Chameleon signature is false.
(3) the software copyright owner denies that to trusted third party the process of Chameleon signature is as follows:
-software copyright the owner shows Chameleon signature value (α P, e (α P to trusted third party pub, Q R), δ);
-software copyright the owner shows that to trusted third party message m or the m that gives information are the knowledge proof of group element mH (I) take H (I) as the discrete logarithm at the end;
-software copyright the owner produces evidence to prove α P and e (α P to trusted third party pub, Q R) contain identical integer α;
(4) if the software copyright owner provides message m, the message m that the Chameleon signature that trusted third party checks needs the checking true and false is signed *Different from m, but H=α P+mH (I), and signer (α P, e (the α P that provide pub, Q R) contain identical integer α evidence reliable through checking, just can judge that the Chameleon signature of submission is vacation, product is forgery;
(5) m if the software copyright owner does not give information, trusted third party checks α P ≠ α *P, and signer (α P, e (the α P that provide pub, Q R) contain identical integer α evidence reliable through checking, the m that signer provides is group element H/g αWith H (y R, I) reliable through checking for the knowledge proof of the discrete logarithm at the end, just can judge that Chameleon signature is vacation, product is forgery.

Claims (2)

1. one kind generates and the ID-based Chameleon digital signature method of checking digital content, it is characterized in that:
(1) comprise be used to the step of calculating disclosed system parameters; Disclosed system parameters comprises: clearance D iffie-Hellman group G 1, group G 1Generator P, the rank of generator P are large prime number q, cyclic group G 2, group G 2Rank be also large prime number q, to mapping function e:G 1* G 1→ G 2, the collisionless hash function H:{0 of universe, 1}* → G 1, any one safe identity-based digital signature algorithm (JG, JE, JS, JV), the PKI P of trusted third party pub=sP, wherein s is the private key of trusted third party;
(2) comprise the signature private key that has for compute signature person and the step of disclosed verification public key; The signature private key xs that signer has is generated by algorithm JE, and its verification public key QS=H (S), S are the signer identity;
(3) comprise the trapdoor private key that has for the Calculation Verification person and the step of disclosed chameleon PKI; The trapdoor private key that the verifier has is x R=sQ R, disclosed chameleon PKI Q R=H (R), R are verifier's identity;
(4) comprise the step of using the Chameleon digital signature of signature private key and chameleon PKI calculating digital content for signer; Digital content is exactly the message of signing
Figure FSB00000979303600011
(i) signer is selected random integers
Figure FSB00000979303600012
Generate Bit String I, calculate chameleon Hash Value H, the computational methods of this chameleon Hash Value H relate to Bit String I, message m, and generator P, integer α, computational methods are H=α P+mH (I);
(ii) signer uses signature private key x s, use Digital Signature Algorithm JS, to chameleon Hash Value H signature, obtain the signature value δ = JS x s ( H ) ;
(iii) signer uses chameleon PKI Q R, the PKI P of trusted third party pub, integer α to mapping function e, calculates group G 1Element α P and group G 2Element e (α P pub, Q R);
(iv) signature about message m of signer generation is (α P, e (α P pub, Q R), δ);
(5) comprise and verify the step of the correctness of Chameleon digital signature for the verifier with the disclosed verification public key of signer, chameleon PKI and trapdoor private key;
(i) at first the verifier utilizes first element α P and the private key sQ of signature RCalculate e (α P, sQ R);
(ii) second element e (the α P that relatively signs pub, Q R) with step (i) in the value e (α P, the sQ that calculate R) whether identical, if difference think that this signature is false, otherwise would continue judgement;
(iii) verifier generates Bit String I;
(iv) use message m to calculate mH (I);
(v) verifier uses first element of signature and calculates resulting mH (I) and calculate chameleon Hash Value H=α P+mH (I);
(vi) verifier uses the identity S of signer, and the chameleon Hash Value H of gained in step (v) comes the correctness of certifying signature δ according to the defined proof procedure of identity-based digital signature verification algorithm JV; Think that if signature verification is failed signature is false, otherwise think that signature is true;
(6) comprise and deny the step of the Chameleon signature that the verifier generates for signer to trusted third party; The Chameleon signature that the verifier generates is expressed as (α * P, e (α * P pub, Q R), δ);
(i) signer is to part Chameleon signature value (α P, e (the α P of trusted third party's displaying about message m pub, Q R)), message m and α P and e (α P pub, Q R) have the evidence of identical integer α, perhaps show part Chameleon signature value about message m to trusted third party
Figure FSB00000979303600021
Message m is knowledge proof and α P and e (the α P of group element H-α P take H (I) as the Elliptic Curve Discrete Logarithm at the end pub, Q R) have the evidence of identical integer α;
(ii) if signer provides message m, if the message that the Chameleon signature that the inspection verifier of trusted third party provides is signed is different from m, H=α P+mH (I), and checking α P and e (α P pub, Q R) have and regard as after the evidence of identical integer α correctly, just can judge that the Chameleon signature of submitting to trusted third party is vacation; The m if signer does not give information, trusted third party check α P ≠ α * P, and checking m to be that group element H-α P regards as after take H (I) as the knowledge proof of the Elliptic Curve Discrete Logarithm at the end correct, verify α P and e (α P pub, Q R) have and regard as after the evidence of identical integer α correctly, just can judge that the Chameleon signature of submitting to trusted third party is vacation.
2. a kind of the generation and the Chameleon digital signature method of checking digital content according to claim 1 is characterized in that described Bit String I comprises the temporal information that signer identity information, verifier's identity information or signer and verifier consult.
CN 200910193201 2009-10-20 2009-10-20 Key exposure free chameleon digital signature method based on ID (Identity) Expired - Fee Related CN102045164B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 200910193201 CN102045164B (en) 2009-10-20 2009-10-20 Key exposure free chameleon digital signature method based on ID (Identity)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 200910193201 CN102045164B (en) 2009-10-20 2009-10-20 Key exposure free chameleon digital signature method based on ID (Identity)

Publications (2)

Publication Number Publication Date
CN102045164A CN102045164A (en) 2011-05-04
CN102045164B true CN102045164B (en) 2013-06-05

Family

ID=43910985

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 200910193201 Expired - Fee Related CN102045164B (en) 2009-10-20 2009-10-20 Key exposure free chameleon digital signature method based on ID (Identity)

Country Status (1)

Country Link
CN (1) CN102045164B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10326753B2 (en) 2016-06-23 2019-06-18 International Business Machines Corporation Authentication via revocable signatures

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102256247B (en) * 2011-06-17 2014-06-04 西安电子科技大学 Universal construction for safely and effectively switching authentication scheme in wireless network
CN104219047B (en) * 2013-05-31 2017-12-15 华为技术有限公司 A kind of method and apparatus of signature verification
CN107172586B (en) * 2017-05-19 2020-05-12 北京航空航天大学 Mobile terminal network positioning method based on block chain
CN110071812B (en) * 2019-04-29 2021-06-08 电子科技大学 Editable, linkable and non-repudiatable ring signature method
CN114710298B (en) * 2022-06-02 2022-09-06 深圳天谷信息科技有限公司 Chameleon hash-based document batch signing method, device, equipment and medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6108783A (en) * 1998-02-11 2000-08-22 International Business Machines Corporation Chameleon hashing and signatures
CN101252431A (en) * 2007-09-06 2008-08-27 广州信睿网络科技有限公司 Realizing method of general-purpose digital signing scheme

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7639799B2 (en) * 2004-12-14 2009-12-29 Microsoft Corporation Cryptographically processing data based on a Cassels-Tate pairing

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6108783A (en) * 1998-02-11 2000-08-22 International Business Machines Corporation Chameleon hashing and signatures
CN101252431A (en) * 2007-09-06 2008-08-27 广州信睿网络科技有限公司 Realizing method of general-purpose digital signing scheme

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Xiaofeng Chen等.Chameleon Hashing without Key Exposure.《Information Security Conference (ISC)》.Springer-Verlag,2004,全文. *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10326753B2 (en) 2016-06-23 2019-06-18 International Business Machines Corporation Authentication via revocable signatures

Also Published As

Publication number Publication date
CN102045164A (en) 2011-05-04

Similar Documents

Publication Publication Date Title
US10944575B2 (en) Implicitly certified digital signatures
CN107196762B (en) Big data oriented power determining method
CN108551392B (en) Blind signature generation method and system based on SM9 digital signature
CN102377565A (en) Linkable ring signature method based on appointed verifier
CN102045164B (en) Key exposure free chameleon digital signature method based on ID (Identity)
CN102983971B (en) Certificateless signature algorithm for user identity authentication in network environment
CN101741559B (en) Chameleon digital signature method without key disclosure
CN108989054B (en) Cipher system and digital signature method
US20120314856A1 (en) Implicitly certified public keys
WO2020038137A1 (en) Two-dimensional code generation method, data processing method, apparatus, and server
CN103856477A (en) Trusted computing system, corresponding attestation method and corresponding devices
CN103220147B (en) Strong designated verifier signature method based on multivariate public key cryptosystem
CN103220146B (en) Zero Knowledge digital signature method based on multivariate public key cryptosystem
CN106789019B (en) Certificate-free partial blind signature method and device
CN108881225B (en) Vehicle networking condition privacy protection method for verifying signatures in batches
CN101667913A (en) Authenticated encryption method and encryption system based on symmetric encryption
CN105515778B (en) Cloud storage data integrity services signatures method
CN103095697A (en) Multiple signature generation and verification system and method thereof
KR20030062401A (en) Apparatus and method for generating and verifying id-based blind signature by using bilinear parings
CN114499952A (en) Alliance chain consensus identity authentication method
CN116346328A (en) Digital signature method, system, equipment and computer readable storage medium
CN104917615B (en) A kind of credible calculating platform attribute verification method based on ring signatures
CN109617700A (en) Unidirectional multi-hop based on no certificate acts on behalf of weight endorsement method
CN105187208B (en) The unauthorized strong designated verifier signature system based on no certificate
CN107332665A (en) A kind of Partial Blind Signature method of identity-based on lattice

Legal Events

Date Code Title Description
DD01 Delivery of document by public notice

Addressee: Chen Manxiang

Document name: Notification of Passing Preliminary Examination of the Application for Invention

C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
DD01 Delivery of document by public notice

Addressee: Guangzhou Xinrui Network Technology Co., Ltd.

Document name: Notification to Pay the Fees

DD01 Delivery of document by public notice
DD01 Delivery of document by public notice

Addressee: Guangzhou Xinrui Network Technology Co., Ltd.

Document name: Notification to Pay the Fees

CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20130605

Termination date: 20141020

EXPY Termination of patent right or utility model