CN104168115A - Forward-secure undetachable digital signature method - Google Patents
Forward-secure undetachable digital signature method Download PDFInfo
- Publication number
- CN104168115A CN104168115A CN201410407512.XA CN201410407512A CN104168115A CN 104168115 A CN104168115 A CN 104168115A CN 201410407512 A CN201410407512 A CN 201410407512A CN 104168115 A CN104168115 A CN 104168115A
- Authority
- CN
- China
- Prior art keywords
- algorithm
- signature
- key
- client
- output
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a forward-secure undetachable digital signature method. According to the forward-secure undetachable digital signature method, a key generation algorithm KGen, a key updating algorithm KUpd, an undetachable signature method generation algorithm UndSigFunGen, an undetachable signature algorithm FSUndSig, an undetachable signature verification algorithm FSUndVrfy, a signature algorithm Sign and a verification algorithm Vrfy are included. The forward-secure undetachable digital signature method realizes a forward-secure undetachable digital signature under the white-box attack environment. In the whole scheme, a mobile agent does not need to carry private keys to use digital signatures generated by the private keys as original signatures, so that the private keys will not be affected. The encryption function and the requirement for original signers are combined so that fault operation of the signature algorithm can be prevented. A special key distribution mechanism is not needed, and the forward-secure undetachable digital signature method still has the forward-secure property even if the signers are attacked.
Description
Technical field
The present invention relates to field of information security technology, be specifically related to mobile security agent skill group, be applied to ecommerce, mobile computing etc.
Background technology
Along with more and more entering the practice stage based on mobile proxy technology; if do not have suitable, safety, believable and concealed technology to protect responsive business data and allow business parnters have sufficient confidence to cooperate together, these application are impossible success to realize.Yet mobile agent is faced with huge security threat, current mobile security is acted on behalf of the undetachable digital signatures method based on identity on field and can well and be finished the work safely and effectively.
But the undetachable digital signatures method based on identity must need the release mechanism of a centralization distributed key, is there is no this authority that has and in fact there are a lot of situations, the mechanism of reliability.Therefore be badly in need of one here and do not rely on cipher key distribution mechanism, have again high security simultaneously, the method for high reliability is protected mobile agent.
This scheme is based upon bilinearity on basis.Its fail safe depends on solving in Diffie-Hellman group on the degree of difficulty that calculates Diffie-Hellman problem.Most of basic conception wherein, for example group, ring, territory all belong to standard concept in Abstract Algebra one section.
Similar technique (product) summary:
In order to solve in conditional electronic signature scheme is in the past realized, mobile agent is when acting on behalf of original user activity, generating electronic signature needs in the process of self-contained signature algorithm and signature key, can allow assailant from the agent side algorithm that forges a signature, even crack the safety problem of signature key.Adopt Kotzanikolaous, P., Burmester, M., Chrissikopoulos, V., Secure Transactions with Mobile Agents in Hostile Environments, proceeding of ACISP 2000, pp289-297,2000, Yang Shi, Xiaoping Wang, Liming Cao, et.al.A Security Scheme of Electronic Commerce for Mobile Agents Uses Undetachable Digital Signatures.The Third International Conference on Information Security, ACM Press, 2004:pp.242-243. and Yang Shi, Xiaoping Wang, Liming Cao, Jianxin Ren.Secure Mobile Agents in Electronic Commerce by Using Undetachable Signatures from Pairings.Proc.The 4th International Conference on Electronic Business, pp.1038-1043. three pieces of documents provide any one can not be split electronic signature, can control to a certain extent the leakage of signature key or endorsement method.
In order to solve, do not having in reliable cipher key distribution mechanism situation, key generation person can be attacked the security threat H.Krawezyk.Simple forward-secure signatures from any Signature seheme.Proceedings of the 7th ACM Conference on Computer and Communications Seeurity that obtains signature key, 2000, pp.108-115. document has proposed forward secrecy endorsement method and has solved this class problem, and, be that convenient signer main frame is captured while forming white box attack context, still can guarantee that signature key is forward secrecy, this scheme key is time dependent, used signature key before the time point of being captured all cannot obtain, therefore named forward secrecy.
But these several signature schemes can not meet the demand of current mobile agent security separately.
Summary of the invention
As everyone knows, signature key is the core of a signature scheme, if signature key is stolen, so whole endorsement method has just lost effect, and therefore forward secrecy endorsement method mentioned above can allow signature key upgrade with the passing of time, do not have a time period just irreversibly to upgrade a secondary key, like this, after convenient signer is captured, still can guarantee the fail safe of current time fragment signature key in the past, that is, signed to such an extent that data cannot be copied again.
But the signature scheme of forward secrecy cannot reach the effect that can not be split signature again at present.The signature scheme simultaneously with two kinds of features becomes the blank in current mobile agent security field, because in disclosed signature scheme, the effective scheme of scheme is not two kinds of feature combinations, because this combination can be described as suitable difficulty.And the object of the invention is to overcome current this two schemes in mobile agent security field deficiency separately, can solve generation electronic signature needs in the process of self-contained signature algorithm and signature key, can allow assailant from the agent side algorithm that forges a signature, even crack the safety problem of signature key, can remove again mobile agent and when passing by certain malicious host, may form the threat facing when white box is attacked (WBAC) environment, do not need special release mechanism to issue certificate or key simultaneously yet, increased the scope of application of endorsement method, moreover, not only make communication risk lower, also offset grave danger that authoritative institution is broken, filled up this blank of mobile security field.
Innovation of the present invention is by special algorithm design, and then reaches forward secrecy and the security feature that can not be split signature simultaneously.It is not that simple simple algorithm is assembled, but by theoretical reasoning, is proved and tested accordingly the combination of two kinds of safety approachs that reach.
For this reason, the technical scheme that the present invention provides is:
A kind of undetachable digital signatures method of forward secrecy, it is characterized in that, it comprises that eight steps are as follows: certain client of step 1. completes shopping on a client computer, immediately, computer generates mobile agent, client computer (the safety index k that input needs) executing arithmetic 1. under good level of security according to the rules afterwards, algorithm is defined as follows
Algorithm 1. key schedules: KGen (1
k) input timeslice hop count T and 1 altogether
ka security parameter when k ∈ (is natural number), the setting of algorithm output public keys
And initial key S
0.
Ω explains: in above-mentioned, about security parameter 1
kbe a conceptual saying, k is exactly safety index, can simply be interpreted as that encryption system is k bit length, when specific implementation, depending on the public key encryp (such as hyperelliptic elliptic curve etc.) of project demands and employing.
G in Ω
1that rank are q multiplication loop group, G
2a multiplication loop group that rank are q equally.G and P are G
1and G
2fixedly generator separately.
a Linear Mapping, by G
1and G
2in element first do cartesian product, be then mapped to G
tin element on.
and H
2: { 0,1}
*→ G
1be two special Hash mapping, effect is exactly respectively any binary numeral to be mapped to
and G
1,
to take prime number q as rank and without the addition of integer group of null element.
Explain: suppose to exist Homomorphic Mapping ψ: G
2→ G
1there is ψ (P)=G.
Definition: at (G
1, G
2) on judgement Diffie-Hellman problem (co-DDH): provide P, P
a∈ G
2and Y, Y
b∈ G
1as input, if a=b exports yes so, otherwise output no.When being output as yes, we claim (P, P
a, Y, Y
b) be a Diffie-Hellman tuple (co-DHT).
Suppose: we suppose
can be calculated fast, so co-DDH is at (G
1, G
2) on be easily to solve.This method is based upon in this hypothesis.
Initial key S
0generate:
from
in take out immediately S
0, calculate U
0
For(j=1;j≤T;j++) do
EndFor
Circulate complete, s erases
j, j=1 ..., T, storage CERT
j, j=1 ..., T
Annotation: at this, this algorithm hypothesis U
0be a data aggregate, therefore, the overall situation set to Ω and be stored in U
0, namely PKI element is carrying global information.
KGen (1
k) algorithm completes, output PKI U
0with initial key S
0, carry out next step.
Step 2 then client is inputted PKI U to algorithm 2
0, initial key s
0, CERT
jwith current time sheet j, then executing arithmetic 2, and it is defined as follows:
Algorithm 2.
KUpd(s
j-1,CERT
j,j,U
0)
BEGIN
<U
0′,j′,U
j′,Λ
j>←CERT
j
return ⊥ //abort
erase s
j-1
return s
j
END
S erases
0after, algorithm returns to S
1, carry out next step
Step 3. client completes transaction, is ready for sending mobile agent and concludes the business.
If the expired execution step 4 of current key, otherwise execution step 5.
Step 4. client above one period key S
j-1, current period j, PKI U
0and the CERT of algorithm 1 generation
jfor input, rerun KUpd, obtain next time period key S
j, carry out next step.
Step 5. client is with REQ_C||ID
c, s
j, CERT
jfor input, wherein REQ_C||ID
cbe that customer demand and user ID belong to sensitive data executing arithmetic 3, it is defined as follows:
Algorithm 3.
UndSigFunGen(REQ_C||ID
C,s
j,CERT
j)
Begin
H←H
2(REQ_C||ID
C);
End
Output
Agency is carried;
Client executing arithmetic 6, for acting on behalf of sensitive data signature, is input as sensitive data, current time fragment j and current key s subsequently
j, algorithm is defined as follows
Algorithm 6.
Sign(s
j,j,Msg)
Begin
return σ
j
End
Be output as the j signature in period, make equally agency carry.Carry out next step
Step 6. shop receives agency, first uses algorithm 7 surveying agents' legitimacy, checks σ
j, being input as PKI, signature information, signature and current period, algorithm is defined as follows:
Algorithm 7.
Vrfy(U
0,σ,j,Msg)
Begin
<CERT
j,σ′>←σ;<U
0′,j′,U
j′,Λ
j>←CERT
j
If(U
0≠U
0′) return 0
If(j≠j′) return 0
Else return 1
End
If be output as 0, exit transaction
If be output as 1, judge whether that agency continues to move between shop, if needed, repeat this step, carry out step 6; Otherwise carry out step 7.
Step 7. is at this, and final decision has been made in shop, if complete transaction, generates so CONTRACT and other Transaction Informations as input, and executing arithmetic 4, is defined as follows:
Algorithm 4.
UndSig(Msg)
Begin
h=H
1(Msg)
End
Be output as the final signature that can not be split, at this, be designated as Z.Be saved in agency, then make agency's migration get back to client, carry out next step.
Step 8. client is received the agency who has concluded the business, with U
0, Z, j, Msg, REQ_C||ID
cfor input, wherein Msg is CONTRACT and other Transaction Informations, the legitimacy of executing arithmetic 5 check Msg, and algorithm is defined as follows:
Algorithm 5.
UndVrfy(U
0,Z,j,Msg,REQ_C||ID
C)
Begin
<<CERT
j,Z′>,j>←Z;<U
0′,j′,U
j′,Λ
j>←CERT
j
If(U
0≠U
0′) return 0
If(j≠j′) return 0
If(Msg does not satisfy REQ_C) return 0
else return 1
End
If algorithm is output as 0, stop transaction;
Otherwise be output as 1, complete transaction.
If user still needs transaction, leap to step 3
Arrive this, the method that can not be split of whole forward secrecy completes.
By above technical scheme, the present invention, under white box attack context (for example, on unsafe computer), can realize the undetachable digital signatures of forward secrecy.This programme has solved the problem that lacks good safety approach on current mobile agent.In whole scheme, mobile agent does not need to carry private cipher key and represents original signature when the digital signature of their generations, so private key will can not be affected.The function of encrypting combines with original signatory's requirement, so the misoperation of signature algorithm can be prevented from.In addition, because this scheme is forward secrecy, this scheme does not need special cipher key distribution mechanism, even if signer is broken simultaneously, this scheme still has forward security (being broken current time sheet signature key before can not reveal).Therefore, this scheme can well resist that current mobile agent faces threat.
Accompanying drawing explanation
Fig. 1 is the operation principle of the non-removable digital signature method of forward secrecy of the present invention.
Fig. 2 is the schematic flow sheet of the whole method of contrast.
Fig. 3 is the fundamental relation of 7 rudimentary algorithms.
Embodiment
The invention discloses a kind of undetachable digital signatures method of forward secrecy, as Fig. 3, the method comprises following seven algorithms:
1) KGen: key schedule KGen is with security parameter 1
k(k ∈) and scheme be total epoch number T of operation, or the relevant parameter that also has other is as input, returns to a basic PKI PK and corresponding initial key (signature key) SK
0.Algorithm complex is uncertain.
2) KUpd: key upgrading algorithm KUpd is with the key key SK in last period
j-1for input, return to current signature key SK
j.Algorithm time complexity is normally determined.
3) UndSigFunGen: can not be split endorsement method generating algorithm UndSigFunGen and be one definite, polynomial time complexity algorithm, it is with user's demand REQ_C, user's identity ID
cwith user's PKI and the key in current period as input, algorithm return method to f () and
4) UndSig: can not be split signature algorithm FSUndSig is a polynomial time complexity algorithm, the relevant contract restriction (or corresponding cryptographic Hash) of usining, as input, is returned to undetachable digital signatures z=ζ
j=< ζ, j>.
5) UndVrfy: can not be split signature verification algorithm FSUndVrfy is a polynomial time complexity algorithm, the relevant contract of usining limits and can not be split signature z as input.Algorithm returns to " acceptance " or " refusal ", and in simple terms 1 or 0.
6) Sign: signature algorithm Sign is with key SK in current period
jas input, return to j and the signature of message M in period with message M.Be denoted as herein
algorithm complex may be uncertain.The normally a pair of value of signing, period j and corresponding label σ.
7) Vrfy: verification algorithm Vrfy is with PKI PK, message M and signature <j, σ >, returns to " acceptance " or " refusal ", and in simple terms 1 or 0.Here be denoted as b ← Vrfy
pK(M, <j, σ >).
Fig. 1, Fig. 2 describe the use of this algorithm in the digital signature scheme can not be split of forward secrecy.
As shown in Figure 1, the common operation principle of non-removable digital signature scheme based on identity is as follows.First, client is first moved KGen (1
k) generate corresponding global parameter, PKI and initial key.Move subsequently KUpd and upgrade initial key, subsequently according to time lapse, constantly update key.Then client completes shopping, produces agency, first uses UndSigFunGen to generate and can not be split signature function
then use the sensitive data signature that Sign is agency.Agency moves to shop server afterwards, shop receives the legitimacy that agency first uses Vrfy surveying agent afterwards, if illegal direct termination transaction, if rationally, continue to process transaction, then between shop, moved transaction, finally generation contract and other Transaction Informations in final shop, then can not be split signature with UndSig for these information produce, and then sends agency and get back to client.Client, to agency, is checked the legitimacy of transaction with UndVrfy, only have algorithm to be output as 1 and just make Transaction Success.If continue afterwards other transaction, so just may use new key to sign, even if current key is stolen, the transaction before also guaranteeing is safe.
As shown in Figure 2, the signature scheme can not be split of forward secrecy comprises following eight steps:
1) client operation KGen, produces overall situation setting, PKI U
0with initial key s
0
2) client operation KUpd output very first time section key s
1
3) complete purchase inventory, conclude the business, expired if key does not have, directly carry out 5)
4) client operation KUpd exports next time period key s
j
5) client operation UndSigFunGen output
agency is carried
Client operation Sign is for acting on behalf of sensitive data signature;
6) Vrfy checking agency, illegal direct termination transaction for shop server
7) conclude the business, and be that contract is signed with UndSig
8) client is carried out checking contract with UndVrfy, if illegal termination transaction.
In Fig. 3, be the contact effect for 7 algorithms: first by KGen, generate global variable, PKI and initial key, then KUpd is responsible for constantly updating key in passage process in time, UndSigFunGen is responsible for producing a kind of " semi-finished product ", make needn't expose signature key in transmittance process, UndSig is " semi-finished product " generation " finished product " by above, can not be split signature, UndVrfy is corresponding verification method, and remaining Sign and Vrfy are corresponding common endorsement methods.
With specific embodiment, the invention will be further described below:
This programme is based upon bilinearity on basis.Its fail safe depends on solving in Diffie-Hellman group on the degree of difficulty that calculates Diffie-Hellman problem.
This example is to adopt JAVA language compilation, uses The Java Pairing Based Cryptography Library (JPBC) storehouse to realize.JPBC storehouse be one group about a set of standard A PI of asymmetric cryptosystem, the network address http://gas.dia.unisa.it/projects/jpbc/ of official.
Algorithm KGen (1
k) realization be the Type A type elliptic curve based on JPBC, the configuration file a.properties of Ci You official is as input, so this strength does not need obvious 1
kparameter.And the elliptic curve character of setting up is as follows:
Elliptic curve adopts territory F
qthe y of upper structure
2=x
3+ x, prime number q=3mod4 wherein, JPBC storehouse provides mapping e:G
11 * G
2→ G
taPI, in the elliptic curve system of current setting, the G in mapping
1=G
2, therefore meet KGen (1
k) there is Homomorphic Mapping ψ: G in definition
2→ G
1there is ψ (P)=G condition.At this, in use, after elliptic curve system initialization completes, can obtain a Pairing object, by the member function of Pairing, getG1 (), getGT () and getZr () can obtain G
1, G
2with
and then get G by getG1 () .newRandomElement ()
1generator P, in like manner from
get S, the member function powZn (s) that just can call P calculates P
pub, and by calling G
1or
under member function newElementFromHash () can realize two hash functions in Ω.By arthmetic statement, just can construct easily Ω.
Equally, make a general survey of 7 algorithms, calling also is wherein just basic for superior function, there is no more that multi-region is other, in this just not total number introduction, at 7 algorithms, all uses after JAVA realizes, and just can carry out according to the following steps:
Certain client of step 1. completes shopping on a client computer, and immediately, computer generates mobile agent, client computer (the safety index k that input needs) executing arithmetic 1 under good level of security according to the rules afterwards, the setting of algorithm output public keys
U
0and initial key S
0.The overall situation is set to Ω and be stored in U
0, namely PKI element is carrying global information.
KGen (1
k) algorithm completes, output PKI U
0with initial key S
0, carry out next step.
Step 2 then client is inputted PKI U to algorithm 2
0, initial key S
0, CERT
jwith current time sheet j, then executing arithmetic 2, and algorithm returns to S
1, carry out next step
Step 3. client completes transaction, is ready for sending mobile agent and concludes the business.
If the expired execution step 4 of current key, otherwise execution step 5.
Step 4. client above one period key S
j-1, current period j, PKI U
0and the CERT of algorithm 1 generation
jfor input, rerun KUpd, obtain next time period key S
j, carry out next step.
Step 5. client is with REQ_C||ID
c, s
j, CERT
jfor input, wherein REQ_C||ID
cthat customer demand and user ID belong to sensitive data executing arithmetic 3, output
deposit during agency takes; Client executing arithmetic 6, for acting on behalf of sensitive data signature, is input as sensitive data, current time fragment j and current key S subsequently
j, be output as the j signature in period, deposit equally in agency.Carry out next step
Step 6. shop receives agency, first uses algorithm 7 surveying agents' legitimacy, is input as PKI, signature information, signature and current period, if be output as 0, exits transaction; If be output as 1, judge whether that agency continues to move between shop, if needed, repeat this step, carry out step 6; Otherwise carry out step 7.
Step 7. is at this, and final decision has been made in shop, if complete transaction, generates so CONTRACT and other Transaction Informations as input, and executing arithmetic 4, is output as the final signature that can not be split, and at this, is designated as Z.Be saved in agency, then make agency's migration get back to client, carry out next step.
Step 8. client is received the agency who has concluded the business, with U
0, Z, j, Msg, REQ_C||ID
cfor input, wherein Msg is CONTRACT and other Transaction Informations, and the legitimacy of executing arithmetic 5 check Msg, if algorithm is output as 0, stops transaction; Otherwise be output as 1, complete transaction.
If user still needs transaction, leap to step 3
Arrive this, the method that can not be split of whole forward secrecy completes.
Claims (1)
1. a undetachable digital signatures method for forward secrecy, is characterized in that, it comprises that eight steps are as follows:
Certain client of step 1. completes shopping on a client computer, and immediately, computer generates mobile agent, client computer (the safety index k that input needs) executing arithmetic 1. under good level of security according to the rules afterwards, and algorithm is defined as follows
Algorithm 1. key schedules: KGen (1
k) input timeslice hop count T and 1 altogether
ka security parameter when k ∈ (is natural number), the setting of algorithm output public keys
and initial key S
0;
G in Ω
1that rank are q multiplication loop group, G
2a multiplication loop group that rank are q equally; G and P are G
1and G
2fixedly generator separately;
a Linear Mapping, by G
1and G
2in element first do cartesian product, be then mapped to G
tin element on;
and H
2: { 0,1}
*→ G
1be two special Hash mapping, effect is exactly respectively any binary numeral to be mapped to
and G
1,
to take prime number q as rank and without the addition of integer group of null element;
Definition: at (G
1, G
2) on judgement Diffie-Hellman problem (co-DDH): provide P, P
a∈ G
2and Y, Y
b∈ G
1as input, if a=b exports yes so, otherwise output no; When being output as yes, claim (P, P
a, Y, Y
b) be a Diffie-Hellman tuple (co-DHT);
The overall situation is set to Ω and be stored in U
0, namely PKI element is carrying global information;
KGen (1
k) algorithm completes, output PKI U
0with initial key S
0, carry out next step;
Step 2 then client is inputted PKI U to algorithm 2
0, initial key s
0, CERT
jwith current time sheet j, then executing arithmetic 2, and it is defined as follows:
Algorithm 2.
KUpd(s
j-1,CERT
j,j,U
0)
BEGIN
<U
0′,j′,U
j′,Λ
j>←CERT
j
return ⊥ //abort
erase s
j-1
return s
j
END
S erases
0after, algorithm returns to S
1, carry out next step;
Step 3. client completes transaction, is ready for sending mobile agent and concludes the business;
If the expired execution step 4 of current key, otherwise execution step 5;
Step 4. client above one period key S
j-1, current period j, PKI U
0and the CERT of algorithm 1 generation
jfor input, rerun KUpd, obtain next time period key S
j, carry out next step;
Step 5. client is with REQ_C||ID
c, s
j, CERT
jfor input, wherein REQ_C||ID
cbe that customer demand and user ID belong to sensitive data executing arithmetic 3, it is defined as follows:
Algorithm 3.
UndSigFunGen(REQ_C||ID
C,s
j,CERT
j)
Begin
H←H
2(REQ_C||ID
C);
End
Output
agency is carried;
Client executing arithmetic 6, for acting on behalf of sensitive data signature, is input as sensitive data, current time fragment j and current key S subsequently
j, algorithm is defined as follows
Algorithm 6.
Sign(s
j,j,Msg)
Begin
return σ
j
End
Be output as the j signature in period, make equally agency carry; Carry out next step
Step 6. shop receives agency, first uses algorithm 7 surveying agents' legitimacy, checks σ
j, being input as PKI, signature information, signature and current period, algorithm is defined as follows:
Algorithm 7.
Vrfy(U
0,σ,j,Msg)
Begin
<CERT
j,σ′>←σ;<U
0′,j′,U
j′,Λ
j>←CERT
j
If(U
0≠U
0′) return 0
If(j≠j′) return 0
Else return 1
End
If be output as 0, exit transaction
If be output as 1, judge whether that agency continues to move between shop, if needed, repeat this step, carry out step 6; Otherwise carry out step 7;
Step 7. is at this, and final decision has been made in shop, if complete transaction, generates so CONTRACT and other Transaction Informations as input, and executing arithmetic 4, is defined as follows:
Algorithm 4.
UndSig(Msg)
Begin
h=H
1(Msg)
End
Be output as the final signature that can not be split, at this, be designated as Z.Be saved in agency, then make agency's migration get back to client, carry out next step.
Step 8. client is received the agency who has concluded the business, with U
0, Z, j, Msg, REQ_C||ID
cfor input, wherein Msg is CONTRACT and other Transaction Informations, the legitimacy of executing arithmetic 5 check Msg, and algorithm is defined as follows:
Algorithm 5.
UndVrfy(U
0,Z,j,Msg,REQ_C||ID
C)
Begin
<<CERT
j,Z′>,j>←Z;<U
0′,j′,U
j′,Λ
j>←CERT
j
If(U
0≠U
0′) return 0
If(j≠j′) return 0
If(Msg does not satisfy REQ_C) return 0
else return 1
End
If algorithm is output as 0, stop transaction;
Otherwise be output as 1, complete transaction.
If user still needs transaction, leap to step 3.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410407512.XA CN104168115B (en) | 2014-08-19 | 2014-08-19 | The undetachable digital signatures method of forward secrecy |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410407512.XA CN104168115B (en) | 2014-08-19 | 2014-08-19 | The undetachable digital signatures method of forward secrecy |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104168115A true CN104168115A (en) | 2014-11-26 |
CN104168115B CN104168115B (en) | 2017-07-11 |
Family
ID=51911767
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410407512.XA Active CN104168115B (en) | 2014-08-19 | 2014-08-19 | The undetachable digital signatures method of forward secrecy |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104168115B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105049453A (en) * | 2015-08-26 | 2015-11-11 | 同济大学 | Signature verification method |
CN108011723A (en) * | 2017-12-13 | 2018-05-08 | 同济大学 | Invade the undetachable digital signatures method of rebound |
CN108259506A (en) * | 2018-02-08 | 2018-07-06 | 上海交通大学 | SM2 whitepack password implementation methods |
CN110233733A (en) * | 2019-06-05 | 2019-09-13 | 同济大学 | Undetachable digital signatures general construction method towards block chain intelligence contract |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101707523A (en) * | 2009-12-03 | 2010-05-12 | 电子科技大学 | Forward-secure digital signature method and system capable of balancing cost |
CN101714919A (en) * | 2009-10-29 | 2010-05-26 | 电子科技大学 | Forward-secure digital signature algorithm based on RSA algorithm |
CN101873307A (en) * | 2010-03-19 | 2010-10-27 | 上海交通大学 | Digital signature method, device and system based on identity forward secrecy |
-
2014
- 2014-08-19 CN CN201410407512.XA patent/CN104168115B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101714919A (en) * | 2009-10-29 | 2010-05-26 | 电子科技大学 | Forward-secure digital signature algorithm based on RSA algorithm |
CN101707523A (en) * | 2009-12-03 | 2010-05-12 | 电子科技大学 | Forward-secure digital signature method and system capable of balancing cost |
CN101873307A (en) * | 2010-03-19 | 2010-10-27 | 上海交通大学 | Digital signature method, device and system based on identity forward secrecy |
Non-Patent Citations (2)
Title |
---|
刘亚丽: "前向安全数字签名技术的分析与研究", 《中国优秀硕士学位论文全文数据库》 * |
李万鹏: "基于不可信更新环境的前向安全密码算法研究", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105049453A (en) * | 2015-08-26 | 2015-11-11 | 同济大学 | Signature verification method |
CN108011723A (en) * | 2017-12-13 | 2018-05-08 | 同济大学 | Invade the undetachable digital signatures method of rebound |
CN108259506A (en) * | 2018-02-08 | 2018-07-06 | 上海交通大学 | SM2 whitepack password implementation methods |
CN110233733A (en) * | 2019-06-05 | 2019-09-13 | 同济大学 | Undetachable digital signatures general construction method towards block chain intelligence contract |
Also Published As
Publication number | Publication date |
---|---|
CN104168115B (en) | 2017-07-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3563553B1 (en) | Method for signing a new block in a decentralized blockchain consensus network | |
US10728038B2 (en) | Multiple secrets in quorum based data processing | |
CA3010116C (en) | Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys | |
JP4593533B2 (en) | System and method for updating keys used for public key cryptography | |
US20190356481A1 (en) | System and method for securing digital assets | |
CN110289968B (en) | Private key recovery method, collaborative address creation method, collaborative address signature device and storage medium | |
CN104184588B (en) | The undetachable digital signatures method of identity-based | |
Awadallah et al. | An integrated architecture for maintaining security in cloud computing based on blockchain | |
CN109919611B (en) | Quantum computation resistant blockchain transaction method and system based on symmetric key pool server | |
CN104023044A (en) | Cloud-storage data lightweight-level public auditing method with privacy protection | |
CN108768652A (en) | It is a kind of can the attack of anti-quantum alliance's block chain bottom encryption method | |
CN103733564A (en) | Digital signatures with implicit certificate chains | |
CN111464315B (en) | Digital signature processing method, device, computer equipment and storage medium | |
Bai et al. | Elliptic curve cryptography based security framework for Internet of Things (IoT) enabled smart card | |
CN104901804A (en) | User autonomy-based identity authentication implementation method | |
CN115564434A (en) | Block chain supervision privacy protection method based on zero knowledge proof | |
Wang et al. | Privacy-preserving energy storage sharing with blockchain | |
CN105376064A (en) | Anonymous message authentication system and message signing method thereof | |
CN104168115A (en) | Forward-secure undetachable digital signature method | |
CN103493428A (en) | Data encryption | |
CN110557247B (en) | Identity-based blockchain method and system | |
CN110363528B (en) | Collaborative address generation method, collaborative address generation device, transaction signature method, transaction signature device and storage medium | |
CN117195306A (en) | Malicious participation behavior detection method based on multiparty energy data privacy calculation | |
CN108011723B (en) | Inseparable digital signature method for intrusion resilience | |
KR100971038B1 (en) | Cryptographic method for distributing load among several entities and devices therefor |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |