CN104821880A - Certificate-free generalized proxy signcryption method - Google Patents
Certificate-free generalized proxy signcryption method Download PDFInfo
- Publication number
- CN104821880A CN104821880A CN201510222252.3A CN201510222252A CN104821880A CN 104821880 A CN104821880 A CN 104821880A CN 201510222252 A CN201510222252 A CN 201510222252A CN 104821880 A CN104821880 A CN 104821880A
- Authority
- CN
- China
- Prior art keywords
- allograph
- identity
- private key
- sign
- agent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention, which belongs to the secret communication field, discloses a certificate-free generalized proxy signcryption method. The method comprises: a secret key generation center sets a system parameter; the secret key generation center generates a partial private key Di; a user generates a secret value based on the system parameter and sets a complete SKi according to the partial private key Di, and calculates a public key PKi; an original signer or signcryption person generates proxy authorization by using his/her private key and public key; and after a proxy signer or signcryption person verifies the proxy authorization successfully, generalized proxy signcryption processing is carried out on a message needed to be sent based on the proxy authorization, his/her private key, a public key of a receiving part, and the system parameter and then a result is sent to the receiver to carry out generalized proxy unsigncryption processing. According to the invention, proxy signature and proxy signcryption can be realized by the proxy signer or signcryption person only by using one pair of secret keys and one algorithm and security and/or authentication can be provided for the user. Moreover, on the basis of the certificate-free cryptosystem, a problem of secret key management can be solved and the high costs of public key management can be reduced.
Description
Technical field
The invention belongs to field of information security technology, be specifically related to a kind of without certificate broad sense agent signcryption method.
Background technology
In traditional public-key cryptosystem, PKI is a pile mess code, so need a trusted third party--authentication center (CertificateAuthority, hereinafter referred to as CA) issues a certificate and the PKI of user and its identity information is bound.And the administrative expenses of certificate are high, which prevent widely using of conventional public-key cryptographic system.
Identity-based cryptography can reduce high certificate management expense, and it is the concept that Shamir proposed in CRYPTO ' 84 in 1984.Identity-based cryptography is the PKI first determining user, then calculates corresponding private key.Thus PKI can be taken as the identity information of user, thus eliminates public key certificate, reduces the expense of public key management.But the private key of Identity-based cryptography must be produced by trusted third party-private key generating center (Private Key Generator, hereinafter referred to as PKG), and inevitably cause key escrow, namely PKG knows the private key of all users.
Certificateless cryptosystem not only can reduce the administrative expenses of PKI but also can solve key escrow, and it is the concept that Al-Riyami and Paterson proposed in ASIACRYPT ' 2003 in 2003.The private key of certificateless cryptosystem is made up of two parts.A part is the part private key that key generation centre (KeyGeneration Center, hereinafter referred to as KGC) generates; Another part is the secret value that user oneself chooses.PKI is also made up of two parts.A part is the identity information of user; Another part is PKI corresponding to secret value.Because KGC does not know the complete private key of user, thus solve key escrow.And the PKI of the user not certificate of necessity, thus reduces the administrative expenses of PKI.
Confidentiality and authentication property are two basic demands for security in information security field.Confidentiality can be realized by encryption technology; And authentication property can be realized by digital signature.When us while when need to be keep secret and authentication property, traditional method is " first sign and encrypt ".Sign close can be implemented in a logic step and realize encryption and signature two functions simultaneously, and its calculation cost and communications cost realize much smaller than two steps of traditional " first sign and encrypt ", it is the concept that Zheng proposed in CRYPTO ' 97 in 1997.
Need the occasion of confidentiality and authentication property at the same time, sign close really very efficient.But when system only needs confidentiality or authentication property, sign close will be no longer applicable.So system must use other cryptographic algorithm or Digital Signature Algorithm just can meet the demands, this certainly will will increase the expense of system and realize complexity.For overcoming this deficiency, the people such as Han Yiliang proposed the concept of Generalized Signcryption in 2006.Generalized Signcryption can only realize with an algorithm and pair of secret keys simultaneously or encrypt or sign and or sign close three functions.
Allograph can allow an original signer when oneself inconvenience, and entrust a proxy signer trusty to replace oneself signature, it is the concept that the people such as Mambo proposed in 1996.After this concept proposes, allograph is widely used.1999, the concept of allograph and the close concept of label combined by the people such as Gamage, propose the concept of agent signcryption.
In existing realization, allograph and agent signcryption separate.If someone wants to use allograph function sometimes, want again to use agent signcryption function when other, then he must preserve two pairs of keys and use two algorithms.Allograph an algorithm and pair of secret keys; Agent signcryption uses another one algorithm and other pair of secret keys.What certainly will will increase the space of system storage key, the cost of managing keys, the time of authentication secret like this and realize that two algorithms bring to system realizes complexity.
Summary of the invention
The object of the invention is to the defect overcoming above-mentioned prior art, use for reference the concept of Generalized Signcryption, in conjunction with the superiority of certificateless cryptosystem, there is provided a kind of the one that an algorithm and pair of secret keys need be used just can to realize allograph and agent signcryption two functions without certification agency label decryption method, we are called broad sense agent signcryption method.
The present invention is achieved through the following technical solutions:
A kind of without certificate broad sense agent signcryption method, agent only need use pair of secret keys and an algorithm just can realize allograph and agent signcryption two functions, original signature or sign close people and authorize his allograph of trusting or sign close people and represent him and carry out signing or sign close; For sensitive data, agent can use agent signcryption method; For out of Memory, he can use allograph method; Comprise following concrete steps:
Step 1, system initialization: initialization system parameter, it is close that private key and PKI, agent authorization generation, broad sense agent signcryption and broad sense agency for generating user separate label.
Step 2, part private key generate: user submits oneself identity information ID to
ito key generation centre KGC, KGC according to system parameters and subscriber identity information ID
igenerate the part private key D of user
iand send to user in confidence.
Step 3, user key generate: user is based on system parameters stochastic generation secret value x
i, calculate the PKI corresponding to this secret value and oneself complete private key be set;
Step 4, agent authorization generate: original signature or sign close people and produce a certificate of authority m
w, then signature is carried out to the certificate of authority and produces agent authorization σ according to system parameters, oneself complete private key, the identity of oneself and PKI and openly send σ to allograph or sign close people.Allograph or sign close people according to system parameters, original signature or sign the identity of close people and PKI and m
wσ is verified, after being verified, accepts agent authorization σ, otherwise require original signature or sign close people to regenerate agent authorization σ.
Step 5, broad sense agent signcryption: allograph or sign close people according to system parameters, the complete private key of oneself, agent authorization σ, certificate of authority m
w, message M, the identity of the identity of oneself and PKI and recipient and PKI generate broad sense agent signcryption literary composition σ
p.This step comprises two kinds of patterns: allograph pattern and agent signcryption pattern.If recipient's identity is sky, it works in allograph pattern; If recipient's identity is not empty, it works in agent signcryption pattern.
It is close that step 6, broad sense agency separates label: this step also comprises two kinds of patterns: allograph Validation Mode and agency separate and sign close pattern.If the identity of recipient is empty, then it works in allograph Validation Mode, and anyone can according to system parameters, original signature or sign the identity of close people and PKI, allograph or sign the identity of close people and PKI and certificate of authority m
wchecking allograph σ
pcorrectness, then accept this allograph σ if the verification passes
p, otherwise refusal; If the identity of recipient is not empty, then it works in agency and separates and sign close pattern, and recipient can according to system parameters, original signature or sign the identity of close people and PKI, allograph or sign the identity of close people and PKI, the identity of oneself and PKI and certificate of authority m
wchecking agent signcryption literary composition σ
pcorrectness, then accept this agent signcryption literary composition σ if the verification passes
p, and then use the complete private key of oneself to decrypt message M, otherwise refusal.
As preferably of the present invention, further, the system parameter setting of described step 1 is specially: the system parameter setting of described step 1 is specially:
Security parameter k is positive integer; A circled addition group G
1with a circulation multiplicative group G
2, two orders of a group are all prime number q; A random G
1generator P; A bilinear map e:G
1× G
1→ G
2; The hash function of four safety
with
wherein { 0,1}
*represent the set of the binary sequence composition of any bit long,
represent the module removing identical element gained,
1 is more than or equal to and the finite field that forms of the positive integer being less than q, { 0,1} by all
mrepresent that bit long is the set of the binary sequence composition of m, m is parameter preset, represents the bit length of message; Special function f (ID), wherein ID ∈ { 0 a, 1}
*for user identity; If identity is empty, makes f (ID)=0, otherwise make f (ID)=1; A random number
as main private key, calculate P
pub=sP is as Your Majesty's key; Open system parameters is { e, G
1, G
2, P, P
pub, m, H
1, H
2, H
3, H
4, f (ID) }, secret master key s;
Described step 2 part private key generates and specifically comprises:
Key generation centre calculates the part private key D of user
i=sQ
i, wherein Q
i=H
1(ID
i); Then identity is ID
aoriginal signature or the part private key of signing close people be D
a, identity is ID
pallograph or the part private key of signing close people be D
p, identity is ID
bthe part private key of recipient be D
b;
Described step 3 user key generates and specifically comprises:
User's random selecting secret value
calculate PKI PK
i=x
ip, and to arrange complete private key be SK
i=(D
i, x
i); Then identity is ID
aoriginal signature or the secret value of signing close people be x
a, PKI is PK
a, complete private key is SK
a=(D
a, x
a); Identity is ID
pallograph or the secret value of signing close people be x
p, PKI is PK
p, complete private key is SK
p=(D
p, x
p); Identity is ID
bthe secret value of recipient be x
b, PKI is PK
b, complete private key is SK
b=(D
b, x
b);
Described step 4 agent authorization generates and specifically comprises:
Original signature or sign close people A random selecting
calculate U=rP, h
2=H
2(m
w, U, ID
a, PK
a), h
3=H
3(m
w, U, ID
a, PK
a), V=(r+h
2x
a) Q
a+ h
3d
a, wherein m
wfor described original signature or sign close people to allograph or the certificate of authority signing close people, m
win clearly state original signature or sign close people and allograph or sign identity, PKI, the information such as type of message and the term of validity of close people; Original signature or sign close people A agent authorization σ=(m
w, U, V) and being sent to allograph by overt channel or signed close people P, P can by checking e (V, P)=e (Q
a, U+h
2pK
a+ h
3p
pub) whether equation carry out surveying agent and authorize σ effective, if invalid, then require original signature or sign close people to regenerate agent authorization;
Described step 5 broad sense agent signcryption specifically comprises:
Suppose allograph or sign close people P to want to send broad sense agent signcryption message to recipient B; If message M ∈ is { 0,1}
m, tag ∈ { 0,1}; Allograph or sign close people P and first calculate f (ID
b), as f (ID
bthe seasonal tag=0 in)=0, otherwise make tag=1; Random selecting
calculate R=tP, T=e (P
pub, Q
b)
ttag, h
4=tagH
4(R, T, tPK
b, ID
p, PK
p, ID
b, PK
b),
h
5=H
2(m
w, S, R, ID
p, PK
p, ID
b, PK
b), h
6=H
3(m
w, S, R, ID
p, PK
p, ID
b, PK
b), X=V+ (t+h
5x
p) Q
p+ h
6d
p, export σ
p=(m
w, U, R, S, X, tag) and as broad sense agent signcryption literary composition, wherein
represent XOR;
(1) allograph pattern: if tag=0, then σ
p=(m
w, U, R, S=M, X, tag=0) and be allograph;
(2) agent signcryption pattern: if tag=1, then σ
p=(m
w, U, R, S, X, tag) and be agent signcryption;
Described step 6 broad sense agency solution label are close specifically to be comprised:
Recipient B calculates h
2=H
2(m
w, U, ID
a, PK
a), h
3=H
3(m
w, U, ID
a, PK
a), h
5=H
2(m
w, S, R, ID
p, PK
p, ID
b, PK
b), h
6=H
3(m
w, S, R, ID
p, PK
p, ID
b, PK
b);
(1) tag=0; Recipient B verifies e (X, P)=e (Q
a, U+h
2pK
a+ h
3p
pub) e (Q
p, R+h
5pK
p+ h
6p
pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this allograph σ
p=(m
w, U, R, S, X, tag);
(2) tag=1; Recipient B verifies e (X, P)=e (Q
a, U+h
2pK
a+ h
3p
pub) e (Q
p, R+h
5pK
p+ h
6p
pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this agent signcryption σ
p=(m
w, U, R, S, X, tag), calculate h
4=H
4(R, e (R, D
b), x
br, ID
p, PK
p, ID
b, PK
b), message recovery
Owing to have employed technique scheme, the invention has the beneficial effects as follows:
1, allograph or sign close people an algorithm and pair of secret keys only need be used just can to realize allograph and agent signcryption two functions;
2, realize based on certificateless cryptosystem, neither there is the high expense that key escrow again reduces public key management;
3, achieve the authentication property of sharable content object, all parameters in checking equation are all known or computable, and when there is dispute, anyone can carry out validation verification when not revealing any secret information to Generalized Signcryption literary composition;
4, original signature or sign close people and allograph or sign between close people and do not need safe lane, reduces the complexity that system realizes.
Accompanying drawing explanation
Fig. 1 is the flow chart of the present invention without certificate broad sense agent signcryption method;
Fig. 2 is the handling process schematic diagram of the present invention without certificate broad sense agent signcryption method.
Embodiment
Below in conjunction with accompanying drawing, the present invention is described in detail.
As shown in Figure 1, 2, the invention provides based on the broad sense agent signcryption method without certificate, in the application scenarios of described broad sense agent signcryption method, original signature or sign close people and authorize his allograph of trusting or sign close people and represent him and carry out signing or sign close.For sensitive data, allograph or sign close people and can use agent signcryption method; For out of Memory, he can use allograph method.Allograph or sign close people and only need preserve pair of secret keys and only use an algorithm, reduces the complexity that the administrative expenses of key and system realize.Detailed process of the present invention is as follows:
Step 1, system initialization.
Security parameter k is integer, and generator is an addition cyclic group G of P
1with a multiplication loop group G
2, two orders of a group are all prime number q.E:G
1× G
1→ G
2it is a bilinear map.The Hash function of definition four safety
wherein { 0,1}
*represent the set of the binary sequence composition of any bit long,
represent the module removed identical element and obtain,
1 is more than or equal to and the finite field that forms of the positive integer being less than q, { 0,1} by all
mrepresent that bit long is the set of the binary sequence composition of m, m is parameter preset, represents the bit length of message.Special function f (ID), wherein ID ∈ { 0 a, 1}
*for user identity; If identity is empty, makes f (ID)=0, otherwise make f (ID)=1.Key generation centre KGC random selecting
as main private key, calculate P
pub=sP is as Your Majesty's key.Open system parameters is { e, G
1, G
2, P, P
pub, m, H
1, H
2, H
3, H
4, f (ID) }, secret master key s.
Step 2, part private key generate.
KGC is original signature or signs close people's calculating section private key D
a=sQ
a, wherein Q
a=H
1(ID
a); For allograph or sign close people's calculating section private key D
p=sQ
p, wherein Q
p=H
1(ID
p); For recipient's calculating section private key D
b=sQ
b, wherein Q
b=H
1(ID
b).
Step 3, user key generate.
User's random selecting secret value
calculate PKI PK
i=x
ip, and to arrange complete private key be SK
i=(D
i, x
i).Then original signature or the secret value of signing close people are x
a, PKI is PK
a, complete private key is SK
a=(D
a, x
a); Identity is ID
pallograph or the secret value of signing close people be x
p, PKI is PK
p, complete private key is SK
p=(D
p, x
p); Identity is ID
bthe secret value of recipient be x
b, PKI is PK
b, complete private key is SK
b=(D
b, x
b).
Step 4, agent authorization generate.
Original signature or sign close people A random selecting
calculate U=rP, h
2=H
2(m
w, U, ID
a, PK
a), h
3=H
3(m
w, U, ID
a, PK
a), V=(r+h
2x
a) Q
a+ h
3d
a, wherein m
wfor described original signature or sign close people to allograph or the certificate of authority signing close people, m
win clearly state original signature or sign close people and allograph or sign identity, PKI, the information such as type of message and the term of validity of close people; Original signature or sign close people A agent authorization σ=(m
w, U, V) send allograph to by overt channel or sign close people P.P can by checking e (V, P)=e (Q
a, U+h
2pK
a+ h
3p
pub) whether equation carry out surveying agent and authorize σ effective, if invalid, then require original signature or sign close people to regenerate agent authorization.
Step 5, broad sense agent signcryption.
Suppose allograph or sign close people P to want to send broad sense agent signcryption message to recipient B; If message M ∈ is { 0,1}
m, tag ∈ { 0,1}; Allograph or sign close people P and first calculate f (ID
b), as f (ID
bthe seasonal tag=0 in)=0, otherwise make tag=1; Random selecting
calculate R=tP, T=e (P
pub, Q
b)
ttag, h
4=tagH
4(R, T, tPK
b, ID
p, PK
p, ID
b, PK
b),
h
5=H
2(m
w, S, R, ID
p, PK
p, ID
b, PK
b), h
6=H
3(m
w, S, R, ID
p, PK
p, ID
b, PK
b), X=V+ (t+h
5x
p) Q
p+ h
6d
p, export σ
p=(m
w, U, R, S, X, tag) and as broad sense agent signcryption literary composition, wherein
represent XOR.
Allograph pattern: if tag=0, then σ
p=(m
w, U, R, S=M, X, tag=0) and be allograph.
Agent signcryption pattern: if tag=1, then σ
p=(m
w, U, R, S, X, tag) and be agent signcryption.
It is close that step 6, broad sense agency separates label.
Recipient B calculates h
2=H
2(m
w, U, ID
a, PK
a), h
3=H
3(m
w, U, ID
a, PK
a), h
5=H
2(m
w, S, R, ID
p, PK
p, ID
b, PK
b), h
6=H
3(m
w, S, R, ID
p, PK
p, ID
b, PK
b);
(1) tag=0; Recipient B verifies e (X, P)=e (Q
a, U+h
2pK
a+ h
3p
pub) e (Q
p, R+h
5pK
p+ h
6p
pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this allograph σ
p=(m
w, U, R, S, X, tag);
(2) tag=1; Recipient B verifies e (X, P)=e (Q
a, U+h
2pK
a+ h
3p
pub) e (Q
p, R+h
5pK
p+ h
6p
pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this agent signcryption σ
p=(m
w, U, R, S, X, tag), calculate h
4=H
4(R, e (R, D
b), x
br, ID
p, PK
p, ID
b, PK
b), message recovery
The invention enables allograph or signing close people only to use an algorithm and pair of secret keys just can realize allograph and agent signcryption two functions; Realize based on certificateless cryptosystem, solve key escrow and the high expense reducing certificate management; Achieve the authentication property of sharable content object, when there is dispute, anyone can carry out validation verification when not revealing any secret information to Generalized Signcryption literary composition; Original signature or sign close people and allograph or sign between close people and do not need safe lane, reduces the complexity that system realizes.
Claims (5)
1. without a certificate broad sense agent signcryption method, it is characterized in that allograph or sign close people and only need preserve pair of secret keys and only use an algorithm specifically comprises the following steps:
Step 1: system initialization: initialization system parameter, it is close that private key and PKI, agent authorization generation, broad sense agent signcryption and broad sense agency for generating user separate label.
Step 2: part private key generates: original signature or sign close people, allograph or sign the identity information ID that close people and recipient submit oneself to
ito key generation centre, key generation centre is according to system parameters and identity information ID
igenerate the part private key D of user
iand send to user in confidence;
Step 3: user key generates: user is based on system parameters stochastic generation secret value x
i, calculate PKI PK
i, according to secret value x
iwith part private key D
ithe complete private key SK of oneself is set
i;
Step 4: agent authorization generates: original signature or sign close people and produce a certificate of authority m
w, according to system parameters, certificate of authority m
w, the complete private key SK of oneself
a, the identity ID of oneself
awith the PKI PK of oneself
aproduce agent authorization σ and send agent authorization σ to allograph or sign close people;
Step 5: broad sense agent signcryption: allograph or sign close people according to system parameters, certificate of authority m
w, agent authorization σ, the complete private key SK of oneself
p, the identity ID of oneself
p, the PKI PK of oneself
p, recipient identity ID
b, recipient PKI PK
bbroad sense agent signcryption literary composition σ is generated with message m
pand send σ
pto recipient;
Step 6: it is close that broad sense agency separates label: recipient is according to system parameters, the complete private key SK of oneself
b, the identity ID of oneself
b, the PKI PK of oneself
b, original signature or sign the identity ID of close people
a, original signature or sign the PKI PK of close people
a, allograph or sign the identity ID of close people
p, allograph or sign the PKI PK of close people
pwith broad sense agent signcryption literary composition σ
pcarry out broad sense agency and separate the close process of label.
2. according to claim 1 a kind of without certificate broad sense agent signcryption method, it is characterized in that, also comprise allograph in step 4 or sign close people according to system parameters, original signature or the identity ID signing close people
awith PKI PK
awith certificate of authority m
wagent authorization σ is verified, after being verified, accepts agent authorization σ, otherwise require original signature or sign close people to regenerate agent authorization σ.
3. according to claim 1 and 2 a kind of without certificate broad sense agent signcryption method, it is characterized in that, step 5 comprises two kinds of patterns: allograph pattern and agent signcryption pattern, if recipient's identity is sky, it works in allograph pattern; If recipient's identity is not empty, it works in agent signcryption pattern.
4. according to claim 1 and 2 a kind of without certificate broad sense agent signcryption method, it is characterized in that, step 6 comprises two kinds of patterns: allograph Validation Mode and agency separate and sign close pattern, if recipient's identity is sky, it works in allograph Validation Mode; If recipient's identity is not empty, it works in agency and separates the close pattern of label.
5. according to claim 1 a kind of without certificate broad sense agent signcryption method, it is characterized in that, the system parameter setting of described step 1 is specially:
Security parameter k is positive integer; A circled addition group G
1with a circulation multiplicative group G
2, two orders of a group are all prime number q; A random G
1generator P; A bilinear map e:G
1× G
1→ G
2; The hash function of four safety
and H
4: { 0,1}
*→ { 0,1}
m, wherein { 0,1}
*represent the set of the binary sequence composition of any bit long,
represent the module removing identical element gained,
1 is more than or equal to and the finite field that forms of the positive integer being less than q, { 0,1} by all
mrepresent that bit long is the set of the binary sequence composition of m, m is parameter preset, represents the bit length of message; Special function f (ID), wherein ID ∈ { 0 a, 1}
*for user identity; If identity is empty, makes f (ID)=0, otherwise make f (ID)=1; A random number
as main private key, calculate P
pub=sP is as Your Majesty's key; Open system parameters is { e, G
1, G
2, P, P
pub, m, H
1, H
2, H
3, H
4, f (ID) }, secret master key s;
Described step 2 part private key generates and specifically comprises:
Key generation centre calculates the part private key D of user
i=sQ
i, wherein Q
i=H
1(ID
i); Then identity is ID
aoriginal signature or the part private key of signing close people be D
a, identity is ID
pallograph or the part private key of signing close people be D
p, identity is ID
bthe part private key of recipient be D
b;
Described step 3 user key generates and specifically comprises:
User's random selecting secret value
calculate PKI PK
i=x
ip, and to arrange complete private key be SK
i=(D
i, x
i); Then identity is ID
aoriginal signature or the secret value of signing close people be x
a, PKI is PK
a, complete private key is SK
a=(D
a, x
a); Identity is ID
pallograph or the secret value of signing close people be x
p, PKI is PK
p, complete private key is SK
p=(D
p, x
p); Identity is ID
bthe secret value of recipient be x
b, PKI is PK
b, complete private key is SK
b=(D
b, x
b);
Described step 4 agent authorization generates and specifically comprises:
Original signature or sign close people A random selecting
calculate U=rP, h
2=H
2(m
w, U, ID
a, PK
a), h
3=H
3(m
w, U, ID
a, PK
a), V=(r+h
2x
a) Q
a+ h
3d
a, wherein m
wfor described original signature or sign close people to allograph or the certificate of authority signing close people, m
win clearly state original signature or sign close people and allograph or sign identity, PKI, the information such as type of message and the term of validity of close people; Original signature or sign close people A agent authorization σ=(m
w, U, V) and being sent to allograph by overt channel or signed close people P, P can by checking e (V, P)=e (Q
a, U+h
2pK
a+ h
3p
pub) whether equation carry out surveying agent and authorize σ effective, if invalid, then require original signature or sign close people to regenerate agent authorization;
Described step 5 broad sense agent signcryption specifically comprises:
Suppose allograph or sign close people P to want to send broad sense agent signcryption message to recipient B; If message M ∈ is { 0,1}
m, tag ∈ { 0,1}; Allograph or sign close people P and first calculate f (ID
b), as f (ID
bthe seasonal tag=0 in)=0, otherwise make tag=1; Random selecting
calculate R=tP, T=e (P
pub, Q
b)
ttag, h
4=tagH
4(R, T, tPK
b, ID
p, PK
p, ID
b, PK
b),
h
5=H
2(m
w, S, R, ID
p, PK
p, ID
b, PK
b), h
6=H
3(m
w, S, R, ID
p, PK
p, ID
b, PK
b), X=V+ (t+h
5x
p) Q
p+ h
6d
p, export σ
p=(m
w, U, R, S, X, tag) and as broad sense agent signcryption literary composition, wherein
represent XOR;
(1) allograph pattern: if tag=0, then σ
p=(m
w, U, R, S=M, X, tag=0) and be allograph;
(2) agent signcryption pattern: if tag=1, then σ
p=(m
w, U, R, S, X, tag) and be agent signcryption;
Described step 6 broad sense agency solution label are close specifically to be comprised:
Recipient B calculates h
2=H
2(m
w, U, ID
a, PK
a), h
3=H
3(m
w, U, ID
a, PK
a), h
5=H
2(m
w, S, R, ID
p, PK
p, ID
b, PK
b), h
6=H
3(m
w, S, R, ID
p, PK
p, ID
b, PK
b);
(1) tag=0; Recipient B verifies e (X, P)=e (Q
a, U+h
2pK
a+ h
3p
pub) e (Q
p, R+h
5pK
p+ h
6p
pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this allograph σ
p=(m
w, U, R, S, X, tag);
(2) tag=1; Recipient B verifies e (X, P)=e (Q
a, U+h
2pK
a+ h
3p
pub) e (Q
p, R+h
5pK
p+ h
6p
pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this agent signcryption σ
p=(m
w, U, R, S, X, tag), calculate h
4=H
4(R, e (R, D
b), x
br, ID
p, PK
p, ID
b, PK
b), message recovery
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510222252.3A CN104821880B (en) | 2015-05-05 | 2015-05-05 | One kind is without certificate broad sense agent signcryption method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510222252.3A CN104821880B (en) | 2015-05-05 | 2015-05-05 | One kind is without certificate broad sense agent signcryption method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104821880A true CN104821880A (en) | 2015-08-05 |
CN104821880B CN104821880B (en) | 2018-01-30 |
Family
ID=53732056
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510222252.3A Expired - Fee Related CN104821880B (en) | 2015-05-05 | 2015-05-05 | One kind is without certificate broad sense agent signcryption method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104821880B (en) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105530093A (en) * | 2015-12-10 | 2016-04-27 | 中国电子科技集团公司第三十研究所 | Method for signcryption with non-interactive undeniable property |
CN105553664A (en) * | 2015-12-10 | 2016-05-04 | 中国电子科技集团公司第三十研究所 | Signcryption method with non-interactive undeniable property |
CN107017993A (en) * | 2017-04-01 | 2017-08-04 | 北京江南天安科技有限公司 | A kind of multi-party joint key is produced and digital signature method and system |
CN107248909A (en) * | 2017-03-16 | 2017-10-13 | 北京百旺信安科技有限公司 | It is a kind of based on SM2 algorithms without Credential-Security endorsement method |
CN109286485A (en) * | 2018-10-17 | 2019-01-29 | 西安邮电大学 | General Identity Proxy label decryption method that can be compound |
CN109347632A (en) * | 2018-10-23 | 2019-02-15 | 北京金山安全软件有限公司 | Block chain ID generation and use method, device, electronic equipment and storage medium |
CN109902483A (en) * | 2019-01-10 | 2019-06-18 | 如般量子科技有限公司 | Anti- quantum calculation Proxy Digital Signature method and system based on multiple pool of keys |
CN110650017A (en) * | 2019-09-02 | 2020-01-03 | 西安电子科技大学 | Non-bilinear pairing multi-message multi-receiver signcryption method and Internet of things communication system |
CN112055333A (en) * | 2020-10-21 | 2020-12-08 | 西南交通大学 | LTE-R vehicle-ground wireless communication security authentication method without certificate proxy signature |
CN112703702A (en) * | 2018-06-15 | 2021-04-23 | 艾欧特可有限公司 | Distributed authentication |
CN112804062A (en) * | 2020-12-31 | 2021-05-14 | 北京海泰方圆科技股份有限公司 | Certificateless signature method, device, equipment and medium based on SM2 algorithm |
CN115348033A (en) * | 2022-08-12 | 2022-11-15 | 四川启睿克科技有限公司 | Short identity-based designated verifier proxy signature method |
CN115664852A (en) * | 2022-12-14 | 2023-01-31 | 金钱猫科技股份有限公司 | Data management method and system based on block chain technology |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101051902A (en) * | 2006-06-16 | 2007-10-10 | 上海交通大学 | Agent signcryption method and system |
CN103905189A (en) * | 2012-12-24 | 2014-07-02 | 航天信息股份有限公司 | Method and system for certificateless and pairing-free identity-based proxy signcryption |
-
2015
- 2015-05-05 CN CN201510222252.3A patent/CN104821880B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101051902A (en) * | 2006-06-16 | 2007-10-10 | 上海交通大学 | Agent signcryption method and system |
CN103905189A (en) * | 2012-12-24 | 2014-07-02 | 航天信息股份有限公司 | Method and system for certificateless and pairing-free identity-based proxy signcryption |
Non-Patent Citations (2)
Title |
---|
唐鸣: "无证书签密方案的分析与研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
王会歌,曹浩,庄锁法,赵靖,沈峰: "一种无证书前向安全代理签密方案", 《淮北师范大学学报(自然科学版)》 * |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105553664A (en) * | 2015-12-10 | 2016-05-04 | 中国电子科技集团公司第三十研究所 | Signcryption method with non-interactive undeniable property |
CN105553664B (en) * | 2015-12-10 | 2018-09-28 | 中国电子科技集团公司第三十研究所 | A kind of label decryption method with the undeniable property of non-interactive type |
CN105530093B (en) * | 2015-12-10 | 2019-02-01 | 中国电子科技集团公司第三十研究所 | A kind of label decryption method with the undeniable property of non-interactive type |
CN105530093A (en) * | 2015-12-10 | 2016-04-27 | 中国电子科技集团公司第三十研究所 | Method for signcryption with non-interactive undeniable property |
CN107248909A (en) * | 2017-03-16 | 2017-10-13 | 北京百旺信安科技有限公司 | It is a kind of based on SM2 algorithms without Credential-Security endorsement method |
CN107017993A (en) * | 2017-04-01 | 2017-08-04 | 北京江南天安科技有限公司 | A kind of multi-party joint key is produced and digital signature method and system |
CN107017993B (en) * | 2017-04-01 | 2020-05-05 | 北京江南天安科技有限公司 | Multi-party combined key generation and digital signature method and system |
CN112703702A (en) * | 2018-06-15 | 2021-04-23 | 艾欧特可有限公司 | Distributed authentication |
CN109286485A (en) * | 2018-10-17 | 2019-01-29 | 西安邮电大学 | General Identity Proxy label decryption method that can be compound |
CN109286485B (en) * | 2018-10-17 | 2019-10-25 | 西安邮电大学 | General Identity Proxy label decryption method that can be compound |
CN109347632A (en) * | 2018-10-23 | 2019-02-15 | 北京金山安全软件有限公司 | Block chain ID generation and use method, device, electronic equipment and storage medium |
CN109347632B (en) * | 2018-10-23 | 2022-02-25 | 北京金山安全软件有限公司 | Block chain ID generation and use method, device, electronic equipment and storage medium |
CN109902483A (en) * | 2019-01-10 | 2019-06-18 | 如般量子科技有限公司 | Anti- quantum calculation Proxy Digital Signature method and system based on multiple pool of keys |
CN110650017A (en) * | 2019-09-02 | 2020-01-03 | 西安电子科技大学 | Non-bilinear pairing multi-message multi-receiver signcryption method and Internet of things communication system |
CN112055333A (en) * | 2020-10-21 | 2020-12-08 | 西南交通大学 | LTE-R vehicle-ground wireless communication security authentication method without certificate proxy signature |
CN112804062A (en) * | 2020-12-31 | 2021-05-14 | 北京海泰方圆科技股份有限公司 | Certificateless signature method, device, equipment and medium based on SM2 algorithm |
CN115348033A (en) * | 2022-08-12 | 2022-11-15 | 四川启睿克科技有限公司 | Short identity-based designated verifier proxy signature method |
CN115664852A (en) * | 2022-12-14 | 2023-01-31 | 金钱猫科技股份有限公司 | Data management method and system based on block chain technology |
Also Published As
Publication number | Publication date |
---|---|
CN104821880B (en) | 2018-01-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104821880B (en) | One kind is without certificate broad sense agent signcryption method | |
US8464058B1 (en) | Password-based cryptographic method and apparatus | |
CN104539423B (en) | A kind of implementation method without CertPubKey cipher system of no Bilinear map computing | |
CN104270249B (en) | It is a kind of from the label decryption method without certificate environment to identity-based environment | |
US7574596B2 (en) | Cryptographic method and apparatus | |
CN104767612B (en) | It is a kind of from the label decryption method without certificate environment to PKIX environment | |
US20060215837A1 (en) | Method and apparatus for generating an identifier-based public/private key pair | |
CN102420691B (en) | Certificate-based forward security signature method and system thereof | |
CN110113150B (en) | Encryption method and system based on non-certificate environment and capable of repudiation authentication | |
US11870891B2 (en) | Certificateless public key encryption using pairings | |
CN103746811B (en) | Anonymous signcryption method from identity public key system to certificate public key system | |
US20150288527A1 (en) | Verifiable Implicit Certificates | |
CN104168114A (en) | Distributed type (k, n) threshold certificate-based encrypting method and system | |
CN104767611B (en) | It is a kind of from PKIX environment to the label decryption method without certificate environment | |
CN104301108A (en) | Signcryption method based from identity environment to certificateless environment | |
EP2846492A1 (en) | Cryptographic group signature methods and devices | |
CN105790941A (en) | Identity-based combined key generation and authentication method with field partition | |
CN102970144A (en) | Identity-based authentication method | |
Wei et al. | Remove key escrow from the BF and Gentry identity-based encryption with non-interactive key generation | |
CN106453253A (en) | Efficient identity-based concealed signcryption method | |
CN103746810A (en) | Anonymous sign-cryption method from certificate public key system to identity public key system | |
CN110519040B (en) | Anti-quantum computation digital signature method and system based on identity | |
US20220038267A1 (en) | Methods and devices for secured identity-based encryption systems with two trusted centers | |
Elkamchouchi et al. | An efficient proxy signcryption scheme based on the discrete logarithm problem | |
CN101957962A (en) | Application and verification method of electronic stamp software system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
EXSB | Decision made by sipo to initiate substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180130 Termination date: 20200505 |