CN104821880A - Certificate-free generalized proxy signcryption method - Google Patents

Certificate-free generalized proxy signcryption method Download PDF

Info

Publication number
CN104821880A
CN104821880A CN201510222252.3A CN201510222252A CN104821880A CN 104821880 A CN104821880 A CN 104821880A CN 201510222252 A CN201510222252 A CN 201510222252A CN 104821880 A CN104821880 A CN 104821880A
Authority
CN
China
Prior art keywords
allograph
identity
private key
sign
agent
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510222252.3A
Other languages
Chinese (zh)
Other versions
CN104821880B (en
Inventor
周才学
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiujiang University
Original Assignee
Jiujiang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiujiang University filed Critical Jiujiang University
Priority to CN201510222252.3A priority Critical patent/CN104821880B/en
Publication of CN104821880A publication Critical patent/CN104821880A/en
Application granted granted Critical
Publication of CN104821880B publication Critical patent/CN104821880B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention, which belongs to the secret communication field, discloses a certificate-free generalized proxy signcryption method. The method comprises: a secret key generation center sets a system parameter; the secret key generation center generates a partial private key Di; a user generates a secret value based on the system parameter and sets a complete SKi according to the partial private key Di, and calculates a public key PKi; an original signer or signcryption person generates proxy authorization by using his/her private key and public key; and after a proxy signer or signcryption person verifies the proxy authorization successfully, generalized proxy signcryption processing is carried out on a message needed to be sent based on the proxy authorization, his/her private key, a public key of a receiving part, and the system parameter and then a result is sent to the receiver to carry out generalized proxy unsigncryption processing. According to the invention, proxy signature and proxy signcryption can be realized by the proxy signer or signcryption person only by using one pair of secret keys and one algorithm and security and/or authentication can be provided for the user. Moreover, on the basis of the certificate-free cryptosystem, a problem of secret key management can be solved and the high costs of public key management can be reduced.

Description

A kind of without certificate broad sense agent signcryption method
Technical field
The invention belongs to field of information security technology, be specifically related to a kind of without certificate broad sense agent signcryption method.
Background technology
In traditional public-key cryptosystem, PKI is a pile mess code, so need a trusted third party--authentication center (CertificateAuthority, hereinafter referred to as CA) issues a certificate and the PKI of user and its identity information is bound.And the administrative expenses of certificate are high, which prevent widely using of conventional public-key cryptographic system.
Identity-based cryptography can reduce high certificate management expense, and it is the concept that Shamir proposed in CRYPTO ' 84 in 1984.Identity-based cryptography is the PKI first determining user, then calculates corresponding private key.Thus PKI can be taken as the identity information of user, thus eliminates public key certificate, reduces the expense of public key management.But the private key of Identity-based cryptography must be produced by trusted third party-private key generating center (Private Key Generator, hereinafter referred to as PKG), and inevitably cause key escrow, namely PKG knows the private key of all users.
Certificateless cryptosystem not only can reduce the administrative expenses of PKI but also can solve key escrow, and it is the concept that Al-Riyami and Paterson proposed in ASIACRYPT ' 2003 in 2003.The private key of certificateless cryptosystem is made up of two parts.A part is the part private key that key generation centre (KeyGeneration Center, hereinafter referred to as KGC) generates; Another part is the secret value that user oneself chooses.PKI is also made up of two parts.A part is the identity information of user; Another part is PKI corresponding to secret value.Because KGC does not know the complete private key of user, thus solve key escrow.And the PKI of the user not certificate of necessity, thus reduces the administrative expenses of PKI.
Confidentiality and authentication property are two basic demands for security in information security field.Confidentiality can be realized by encryption technology; And authentication property can be realized by digital signature.When us while when need to be keep secret and authentication property, traditional method is " first sign and encrypt ".Sign close can be implemented in a logic step and realize encryption and signature two functions simultaneously, and its calculation cost and communications cost realize much smaller than two steps of traditional " first sign and encrypt ", it is the concept that Zheng proposed in CRYPTO ' 97 in 1997.
Need the occasion of confidentiality and authentication property at the same time, sign close really very efficient.But when system only needs confidentiality or authentication property, sign close will be no longer applicable.So system must use other cryptographic algorithm or Digital Signature Algorithm just can meet the demands, this certainly will will increase the expense of system and realize complexity.For overcoming this deficiency, the people such as Han Yiliang proposed the concept of Generalized Signcryption in 2006.Generalized Signcryption can only realize with an algorithm and pair of secret keys simultaneously or encrypt or sign and or sign close three functions.
Allograph can allow an original signer when oneself inconvenience, and entrust a proxy signer trusty to replace oneself signature, it is the concept that the people such as Mambo proposed in 1996.After this concept proposes, allograph is widely used.1999, the concept of allograph and the close concept of label combined by the people such as Gamage, propose the concept of agent signcryption.
In existing realization, allograph and agent signcryption separate.If someone wants to use allograph function sometimes, want again to use agent signcryption function when other, then he must preserve two pairs of keys and use two algorithms.Allograph an algorithm and pair of secret keys; Agent signcryption uses another one algorithm and other pair of secret keys.What certainly will will increase the space of system storage key, the cost of managing keys, the time of authentication secret like this and realize that two algorithms bring to system realizes complexity.
Summary of the invention
The object of the invention is to the defect overcoming above-mentioned prior art, use for reference the concept of Generalized Signcryption, in conjunction with the superiority of certificateless cryptosystem, there is provided a kind of the one that an algorithm and pair of secret keys need be used just can to realize allograph and agent signcryption two functions without certification agency label decryption method, we are called broad sense agent signcryption method.
The present invention is achieved through the following technical solutions:
A kind of without certificate broad sense agent signcryption method, agent only need use pair of secret keys and an algorithm just can realize allograph and agent signcryption two functions, original signature or sign close people and authorize his allograph of trusting or sign close people and represent him and carry out signing or sign close; For sensitive data, agent can use agent signcryption method; For out of Memory, he can use allograph method; Comprise following concrete steps:
Step 1, system initialization: initialization system parameter, it is close that private key and PKI, agent authorization generation, broad sense agent signcryption and broad sense agency for generating user separate label.
Step 2, part private key generate: user submits oneself identity information ID to ito key generation centre KGC, KGC according to system parameters and subscriber identity information ID igenerate the part private key D of user iand send to user in confidence.
Step 3, user key generate: user is based on system parameters stochastic generation secret value x i, calculate the PKI corresponding to this secret value and oneself complete private key be set;
Step 4, agent authorization generate: original signature or sign close people and produce a certificate of authority m w, then signature is carried out to the certificate of authority and produces agent authorization σ according to system parameters, oneself complete private key, the identity of oneself and PKI and openly send σ to allograph or sign close people.Allograph or sign close people according to system parameters, original signature or sign the identity of close people and PKI and m wσ is verified, after being verified, accepts agent authorization σ, otherwise require original signature or sign close people to regenerate agent authorization σ.
Step 5, broad sense agent signcryption: allograph or sign close people according to system parameters, the complete private key of oneself, agent authorization σ, certificate of authority m w, message M, the identity of the identity of oneself and PKI and recipient and PKI generate broad sense agent signcryption literary composition σ p.This step comprises two kinds of patterns: allograph pattern and agent signcryption pattern.If recipient's identity is sky, it works in allograph pattern; If recipient's identity is not empty, it works in agent signcryption pattern.
It is close that step 6, broad sense agency separates label: this step also comprises two kinds of patterns: allograph Validation Mode and agency separate and sign close pattern.If the identity of recipient is empty, then it works in allograph Validation Mode, and anyone can according to system parameters, original signature or sign the identity of close people and PKI, allograph or sign the identity of close people and PKI and certificate of authority m wchecking allograph σ pcorrectness, then accept this allograph σ if the verification passes p, otherwise refusal; If the identity of recipient is not empty, then it works in agency and separates and sign close pattern, and recipient can according to system parameters, original signature or sign the identity of close people and PKI, allograph or sign the identity of close people and PKI, the identity of oneself and PKI and certificate of authority m wchecking agent signcryption literary composition σ pcorrectness, then accept this agent signcryption literary composition σ if the verification passes p, and then use the complete private key of oneself to decrypt message M, otherwise refusal.
As preferably of the present invention, further, the system parameter setting of described step 1 is specially: the system parameter setting of described step 1 is specially:
Security parameter k is positive integer; A circled addition group G 1with a circulation multiplicative group G 2, two orders of a group are all prime number q; A random G 1generator P; A bilinear map e:G 1× G 1→ G 2; The hash function of four safety with wherein { 0,1} *represent the set of the binary sequence composition of any bit long, represent the module removing identical element gained, 1 is more than or equal to and the finite field that forms of the positive integer being less than q, { 0,1} by all mrepresent that bit long is the set of the binary sequence composition of m, m is parameter preset, represents the bit length of message; Special function f (ID), wherein ID ∈ { 0 a, 1} *for user identity; If identity is empty, makes f (ID)=0, otherwise make f (ID)=1; A random number as main private key, calculate P pub=sP is as Your Majesty's key; Open system parameters is { e, G 1, G 2, P, P pub, m, H 1, H 2, H 3, H 4, f (ID) }, secret master key s;
Described step 2 part private key generates and specifically comprises:
Key generation centre calculates the part private key D of user i=sQ i, wherein Q i=H 1(ID i); Then identity is ID aoriginal signature or the part private key of signing close people be D a, identity is ID pallograph or the part private key of signing close people be D p, identity is ID bthe part private key of recipient be D b;
Described step 3 user key generates and specifically comprises:
User's random selecting secret value calculate PKI PK i=x ip, and to arrange complete private key be SK i=(D i, x i); Then identity is ID aoriginal signature or the secret value of signing close people be x a, PKI is PK a, complete private key is SK a=(D a, x a); Identity is ID pallograph or the secret value of signing close people be x p, PKI is PK p, complete private key is SK p=(D p, x p); Identity is ID bthe secret value of recipient be x b, PKI is PK b, complete private key is SK b=(D b, x b);
Described step 4 agent authorization generates and specifically comprises:
Original signature or sign close people A random selecting calculate U=rP, h 2=H 2(m w, U, ID a, PK a), h 3=H 3(m w, U, ID a, PK a), V=(r+h 2x a) Q a+ h 3d a, wherein m wfor described original signature or sign close people to allograph or the certificate of authority signing close people, m win clearly state original signature or sign close people and allograph or sign identity, PKI, the information such as type of message and the term of validity of close people; Original signature or sign close people A agent authorization σ=(m w, U, V) and being sent to allograph by overt channel or signed close people P, P can by checking e (V, P)=e (Q a, U+h 2pK a+ h 3p pub) whether equation carry out surveying agent and authorize σ effective, if invalid, then require original signature or sign close people to regenerate agent authorization;
Described step 5 broad sense agent signcryption specifically comprises:
Suppose allograph or sign close people P to want to send broad sense agent signcryption message to recipient B; If message M ∈ is { 0,1} m, tag ∈ { 0,1}; Allograph or sign close people P and first calculate f (ID b), as f (ID bthe seasonal tag=0 in)=0, otherwise make tag=1; Random selecting calculate R=tP, T=e (P pub, Q b) ttag, h 4=tagH 4(R, T, tPK b, ID p, PK p, ID b, PK b), h 5=H 2(m w, S, R, ID p, PK p, ID b, PK b), h 6=H 3(m w, S, R, ID p, PK p, ID b, PK b), X=V+ (t+h 5x p) Q p+ h 6d p, export σ p=(m w, U, R, S, X, tag) and as broad sense agent signcryption literary composition, wherein represent XOR;
(1) allograph pattern: if tag=0, then σ p=(m w, U, R, S=M, X, tag=0) and be allograph;
(2) agent signcryption pattern: if tag=1, then σ p=(m w, U, R, S, X, tag) and be agent signcryption;
Described step 6 broad sense agency solution label are close specifically to be comprised:
Recipient B calculates h 2=H 2(m w, U, ID a, PK a), h 3=H 3(m w, U, ID a, PK a), h 5=H 2(m w, S, R, ID p, PK p, ID b, PK b), h 6=H 3(m w, S, R, ID p, PK p, ID b, PK b);
(1) tag=0; Recipient B verifies e (X, P)=e (Q a, U+h 2pK a+ h 3p pub) e (Q p, R+h 5pK p+ h 6p pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this allograph σ p=(m w, U, R, S, X, tag);
(2) tag=1; Recipient B verifies e (X, P)=e (Q a, U+h 2pK a+ h 3p pub) e (Q p, R+h 5pK p+ h 6p pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this agent signcryption σ p=(m w, U, R, S, X, tag), calculate h 4=H 4(R, e (R, D b), x br, ID p, PK p, ID b, PK b), message recovery M = S ⊕ h 4 .
Owing to have employed technique scheme, the invention has the beneficial effects as follows:
1, allograph or sign close people an algorithm and pair of secret keys only need be used just can to realize allograph and agent signcryption two functions;
2, realize based on certificateless cryptosystem, neither there is the high expense that key escrow again reduces public key management;
3, achieve the authentication property of sharable content object, all parameters in checking equation are all known or computable, and when there is dispute, anyone can carry out validation verification when not revealing any secret information to Generalized Signcryption literary composition;
4, original signature or sign close people and allograph or sign between close people and do not need safe lane, reduces the complexity that system realizes.
Accompanying drawing explanation
Fig. 1 is the flow chart of the present invention without certificate broad sense agent signcryption method;
Fig. 2 is the handling process schematic diagram of the present invention without certificate broad sense agent signcryption method.
Embodiment
Below in conjunction with accompanying drawing, the present invention is described in detail.
As shown in Figure 1, 2, the invention provides based on the broad sense agent signcryption method without certificate, in the application scenarios of described broad sense agent signcryption method, original signature or sign close people and authorize his allograph of trusting or sign close people and represent him and carry out signing or sign close.For sensitive data, allograph or sign close people and can use agent signcryption method; For out of Memory, he can use allograph method.Allograph or sign close people and only need preserve pair of secret keys and only use an algorithm, reduces the complexity that the administrative expenses of key and system realize.Detailed process of the present invention is as follows:
Step 1, system initialization.
Security parameter k is integer, and generator is an addition cyclic group G of P 1with a multiplication loop group G 2, two orders of a group are all prime number q.E:G 1× G 1→ G 2it is a bilinear map.The Hash function of definition four safety wherein { 0,1} *represent the set of the binary sequence composition of any bit long, represent the module removed identical element and obtain, 1 is more than or equal to and the finite field that forms of the positive integer being less than q, { 0,1} by all mrepresent that bit long is the set of the binary sequence composition of m, m is parameter preset, represents the bit length of message.Special function f (ID), wherein ID ∈ { 0 a, 1} *for user identity; If identity is empty, makes f (ID)=0, otherwise make f (ID)=1.Key generation centre KGC random selecting as main private key, calculate P pub=sP is as Your Majesty's key.Open system parameters is { e, G 1, G 2, P, P pub, m, H 1, H 2, H 3, H 4, f (ID) }, secret master key s.
Step 2, part private key generate.
KGC is original signature or signs close people's calculating section private key D a=sQ a, wherein Q a=H 1(ID a); For allograph or sign close people's calculating section private key D p=sQ p, wherein Q p=H 1(ID p); For recipient's calculating section private key D b=sQ b, wherein Q b=H 1(ID b).
Step 3, user key generate.
User's random selecting secret value calculate PKI PK i=x ip, and to arrange complete private key be SK i=(D i, x i).Then original signature or the secret value of signing close people are x a, PKI is PK a, complete private key is SK a=(D a, x a); Identity is ID pallograph or the secret value of signing close people be x p, PKI is PK p, complete private key is SK p=(D p, x p); Identity is ID bthe secret value of recipient be x b, PKI is PK b, complete private key is SK b=(D b, x b).
Step 4, agent authorization generate.
Original signature or sign close people A random selecting calculate U=rP, h 2=H 2(m w, U, ID a, PK a), h 3=H 3(m w, U, ID a, PK a), V=(r+h 2x a) Q a+ h 3d a, wherein m wfor described original signature or sign close people to allograph or the certificate of authority signing close people, m win clearly state original signature or sign close people and allograph or sign identity, PKI, the information such as type of message and the term of validity of close people; Original signature or sign close people A agent authorization σ=(m w, U, V) send allograph to by overt channel or sign close people P.P can by checking e (V, P)=e (Q a, U+h 2pK a+ h 3p pub) whether equation carry out surveying agent and authorize σ effective, if invalid, then require original signature or sign close people to regenerate agent authorization.
Step 5, broad sense agent signcryption.
Suppose allograph or sign close people P to want to send broad sense agent signcryption message to recipient B; If message M ∈ is { 0,1} m, tag ∈ { 0,1}; Allograph or sign close people P and first calculate f (ID b), as f (ID bthe seasonal tag=0 in)=0, otherwise make tag=1; Random selecting calculate R=tP, T=e (P pub, Q b) ttag, h 4=tagH 4(R, T, tPK b, ID p, PK p, ID b, PK b), h 5=H 2(m w, S, R, ID p, PK p, ID b, PK b), h 6=H 3(m w, S, R, ID p, PK p, ID b, PK b), X=V+ (t+h 5x p) Q p+ h 6d p, export σ p=(m w, U, R, S, X, tag) and as broad sense agent signcryption literary composition, wherein represent XOR.
Allograph pattern: if tag=0, then σ p=(m w, U, R, S=M, X, tag=0) and be allograph.
Agent signcryption pattern: if tag=1, then σ p=(m w, U, R, S, X, tag) and be agent signcryption.
It is close that step 6, broad sense agency separates label.
Recipient B calculates h 2=H 2(m w, U, ID a, PK a), h 3=H 3(m w, U, ID a, PK a), h 5=H 2(m w, S, R, ID p, PK p, ID b, PK b), h 6=H 3(m w, S, R, ID p, PK p, ID b, PK b);
(1) tag=0; Recipient B verifies e (X, P)=e (Q a, U+h 2pK a+ h 3p pub) e (Q p, R+h 5pK p+ h 6p pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this allograph σ p=(m w, U, R, S, X, tag);
(2) tag=1; Recipient B verifies e (X, P)=e (Q a, U+h 2pK a+ h 3p pub) e (Q p, R+h 5pK p+ h 6p pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this agent signcryption σ p=(m w, U, R, S, X, tag), calculate h 4=H 4(R, e (R, D b), x br, ID p, PK p, ID b, PK b), message recovery M = S ⊕ h 4 .
The invention enables allograph or signing close people only to use an algorithm and pair of secret keys just can realize allograph and agent signcryption two functions; Realize based on certificateless cryptosystem, solve key escrow and the high expense reducing certificate management; Achieve the authentication property of sharable content object, when there is dispute, anyone can carry out validation verification when not revealing any secret information to Generalized Signcryption literary composition; Original signature or sign close people and allograph or sign between close people and do not need safe lane, reduces the complexity that system realizes.

Claims (5)

1. without a certificate broad sense agent signcryption method, it is characterized in that allograph or sign close people and only need preserve pair of secret keys and only use an algorithm specifically comprises the following steps:
Step 1: system initialization: initialization system parameter, it is close that private key and PKI, agent authorization generation, broad sense agent signcryption and broad sense agency for generating user separate label.
Step 2: part private key generates: original signature or sign close people, allograph or sign the identity information ID that close people and recipient submit oneself to ito key generation centre, key generation centre is according to system parameters and identity information ID igenerate the part private key D of user iand send to user in confidence;
Step 3: user key generates: user is based on system parameters stochastic generation secret value x i, calculate PKI PK i, according to secret value x iwith part private key D ithe complete private key SK of oneself is set i;
Step 4: agent authorization generates: original signature or sign close people and produce a certificate of authority m w, according to system parameters, certificate of authority m w, the complete private key SK of oneself a, the identity ID of oneself awith the PKI PK of oneself aproduce agent authorization σ and send agent authorization σ to allograph or sign close people;
Step 5: broad sense agent signcryption: allograph or sign close people according to system parameters, certificate of authority m w, agent authorization σ, the complete private key SK of oneself p, the identity ID of oneself p, the PKI PK of oneself p, recipient identity ID b, recipient PKI PK bbroad sense agent signcryption literary composition σ is generated with message m pand send σ pto recipient;
Step 6: it is close that broad sense agency separates label: recipient is according to system parameters, the complete private key SK of oneself b, the identity ID of oneself b, the PKI PK of oneself b, original signature or sign the identity ID of close people a, original signature or sign the PKI PK of close people a, allograph or sign the identity ID of close people p, allograph or sign the PKI PK of close people pwith broad sense agent signcryption literary composition σ pcarry out broad sense agency and separate the close process of label.
2. according to claim 1 a kind of without certificate broad sense agent signcryption method, it is characterized in that, also comprise allograph in step 4 or sign close people according to system parameters, original signature or the identity ID signing close people awith PKI PK awith certificate of authority m wagent authorization σ is verified, after being verified, accepts agent authorization σ, otherwise require original signature or sign close people to regenerate agent authorization σ.
3. according to claim 1 and 2 a kind of without certificate broad sense agent signcryption method, it is characterized in that, step 5 comprises two kinds of patterns: allograph pattern and agent signcryption pattern, if recipient's identity is sky, it works in allograph pattern; If recipient's identity is not empty, it works in agent signcryption pattern.
4. according to claim 1 and 2 a kind of without certificate broad sense agent signcryption method, it is characterized in that, step 6 comprises two kinds of patterns: allograph Validation Mode and agency separate and sign close pattern, if recipient's identity is sky, it works in allograph Validation Mode; If recipient's identity is not empty, it works in agency and separates the close pattern of label.
5. according to claim 1 a kind of without certificate broad sense agent signcryption method, it is characterized in that, the system parameter setting of described step 1 is specially:
Security parameter k is positive integer; A circled addition group G 1with a circulation multiplicative group G 2, two orders of a group are all prime number q; A random G 1generator P; A bilinear map e:G 1× G 1→ G 2; The hash function of four safety and H 4: { 0,1} *→ { 0,1} m, wherein { 0,1} *represent the set of the binary sequence composition of any bit long, represent the module removing identical element gained, 1 is more than or equal to and the finite field that forms of the positive integer being less than q, { 0,1} by all mrepresent that bit long is the set of the binary sequence composition of m, m is parameter preset, represents the bit length of message; Special function f (ID), wherein ID ∈ { 0 a, 1} *for user identity; If identity is empty, makes f (ID)=0, otherwise make f (ID)=1; A random number as main private key, calculate P pub=sP is as Your Majesty's key; Open system parameters is { e, G 1, G 2, P, P pub, m, H 1, H 2, H 3, H 4, f (ID) }, secret master key s;
Described step 2 part private key generates and specifically comprises:
Key generation centre calculates the part private key D of user i=sQ i, wherein Q i=H 1(ID i); Then identity is ID aoriginal signature or the part private key of signing close people be D a, identity is ID pallograph or the part private key of signing close people be D p, identity is ID bthe part private key of recipient be D b;
Described step 3 user key generates and specifically comprises:
User's random selecting secret value calculate PKI PK i=x ip, and to arrange complete private key be SK i=(D i, x i); Then identity is ID aoriginal signature or the secret value of signing close people be x a, PKI is PK a, complete private key is SK a=(D a, x a); Identity is ID pallograph or the secret value of signing close people be x p, PKI is PK p, complete private key is SK p=(D p, x p); Identity is ID bthe secret value of recipient be x b, PKI is PK b, complete private key is SK b=(D b, x b);
Described step 4 agent authorization generates and specifically comprises:
Original signature or sign close people A random selecting calculate U=rP, h 2=H 2(m w, U, ID a, PK a), h 3=H 3(m w, U, ID a, PK a), V=(r+h 2x a) Q a+ h 3d a, wherein m wfor described original signature or sign close people to allograph or the certificate of authority signing close people, m win clearly state original signature or sign close people and allograph or sign identity, PKI, the information such as type of message and the term of validity of close people; Original signature or sign close people A agent authorization σ=(m w, U, V) and being sent to allograph by overt channel or signed close people P, P can by checking e (V, P)=e (Q a, U+h 2pK a+ h 3p pub) whether equation carry out surveying agent and authorize σ effective, if invalid, then require original signature or sign close people to regenerate agent authorization;
Described step 5 broad sense agent signcryption specifically comprises:
Suppose allograph or sign close people P to want to send broad sense agent signcryption message to recipient B; If message M ∈ is { 0,1} m, tag ∈ { 0,1}; Allograph or sign close people P and first calculate f (ID b), as f (ID bthe seasonal tag=0 in)=0, otherwise make tag=1; Random selecting calculate R=tP, T=e (P pub, Q b) ttag, h 4=tagH 4(R, T, tPK b, ID p, PK p, ID b, PK b), h 5=H 2(m w, S, R, ID p, PK p, ID b, PK b), h 6=H 3(m w, S, R, ID p, PK p, ID b, PK b), X=V+ (t+h 5x p) Q p+ h 6d p, export σ p=(m w, U, R, S, X, tag) and as broad sense agent signcryption literary composition, wherein represent XOR;
(1) allograph pattern: if tag=0, then σ p=(m w, U, R, S=M, X, tag=0) and be allograph;
(2) agent signcryption pattern: if tag=1, then σ p=(m w, U, R, S, X, tag) and be agent signcryption;
Described step 6 broad sense agency solution label are close specifically to be comprised:
Recipient B calculates h 2=H 2(m w, U, ID a, PK a), h 3=H 3(m w, U, ID a, PK a), h 5=H 2(m w, S, R, ID p, PK p, ID b, PK b), h 6=H 3(m w, S, R, ID p, PK p, ID b, PK b);
(1) tag=0; Recipient B verifies e (X, P)=e (Q a, U+h 2pK a+ h 3p pub) e (Q p, R+h 5pK p+ h 6p pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this allograph σ p=(m w, U, R, S, X, tag);
(2) tag=1; Recipient B verifies e (X, P)=e (Q a, U+h 2pK a+ h 3p pub) e (Q p, R+h 5pK p+ h 6p pub) whether set up, be false, return ⊥ and represent refusal; Otherwise accept this agent signcryption σ p=(m w, U, R, S, X, tag), calculate h 4=H 4(R, e (R, D b), x br, ID p, PK p, ID b, PK b), message recovery M = S ⊕ h 4 .
CN201510222252.3A 2015-05-05 2015-05-05 One kind is without certificate broad sense agent signcryption method Expired - Fee Related CN104821880B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510222252.3A CN104821880B (en) 2015-05-05 2015-05-05 One kind is without certificate broad sense agent signcryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510222252.3A CN104821880B (en) 2015-05-05 2015-05-05 One kind is without certificate broad sense agent signcryption method

Publications (2)

Publication Number Publication Date
CN104821880A true CN104821880A (en) 2015-08-05
CN104821880B CN104821880B (en) 2018-01-30

Family

ID=53732056

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510222252.3A Expired - Fee Related CN104821880B (en) 2015-05-05 2015-05-05 One kind is without certificate broad sense agent signcryption method

Country Status (1)

Country Link
CN (1) CN104821880B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105530093A (en) * 2015-12-10 2016-04-27 中国电子科技集团公司第三十研究所 Method for signcryption with non-interactive undeniable property
CN105553664A (en) * 2015-12-10 2016-05-04 中国电子科技集团公司第三十研究所 Signcryption method with non-interactive undeniable property
CN107017993A (en) * 2017-04-01 2017-08-04 北京江南天安科技有限公司 A kind of multi-party joint key is produced and digital signature method and system
CN107248909A (en) * 2017-03-16 2017-10-13 北京百旺信安科技有限公司 It is a kind of based on SM2 algorithms without Credential-Security endorsement method
CN109286485A (en) * 2018-10-17 2019-01-29 西安邮电大学 General Identity Proxy label decryption method that can be compound
CN109347632A (en) * 2018-10-23 2019-02-15 北京金山安全软件有限公司 Block chain ID generation and use method, device, electronic equipment and storage medium
CN109902483A (en) * 2019-01-10 2019-06-18 如般量子科技有限公司 Anti- quantum calculation Proxy Digital Signature method and system based on multiple pool of keys
CN110650017A (en) * 2019-09-02 2020-01-03 西安电子科技大学 Non-bilinear pairing multi-message multi-receiver signcryption method and Internet of things communication system
CN112055333A (en) * 2020-10-21 2020-12-08 西南交通大学 LTE-R vehicle-ground wireless communication security authentication method without certificate proxy signature
CN112703702A (en) * 2018-06-15 2021-04-23 艾欧特可有限公司 Distributed authentication
CN112804062A (en) * 2020-12-31 2021-05-14 北京海泰方圆科技股份有限公司 Certificateless signature method, device, equipment and medium based on SM2 algorithm
CN115348033A (en) * 2022-08-12 2022-11-15 四川启睿克科技有限公司 Short identity-based designated verifier proxy signature method
CN115664852A (en) * 2022-12-14 2023-01-31 金钱猫科技股份有限公司 Data management method and system based on block chain technology

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101051902A (en) * 2006-06-16 2007-10-10 上海交通大学 Agent signcryption method and system
CN103905189A (en) * 2012-12-24 2014-07-02 航天信息股份有限公司 Method and system for certificateless and pairing-free identity-based proxy signcryption

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101051902A (en) * 2006-06-16 2007-10-10 上海交通大学 Agent signcryption method and system
CN103905189A (en) * 2012-12-24 2014-07-02 航天信息股份有限公司 Method and system for certificateless and pairing-free identity-based proxy signcryption

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
唐鸣: "无证书签密方案的分析与研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *
王会歌,曹浩,庄锁法,赵靖,沈峰: "一种无证书前向安全代理签密方案", 《淮北师范大学学报(自然科学版)》 *

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105553664A (en) * 2015-12-10 2016-05-04 中国电子科技集团公司第三十研究所 Signcryption method with non-interactive undeniable property
CN105553664B (en) * 2015-12-10 2018-09-28 中国电子科技集团公司第三十研究所 A kind of label decryption method with the undeniable property of non-interactive type
CN105530093B (en) * 2015-12-10 2019-02-01 中国电子科技集团公司第三十研究所 A kind of label decryption method with the undeniable property of non-interactive type
CN105530093A (en) * 2015-12-10 2016-04-27 中国电子科技集团公司第三十研究所 Method for signcryption with non-interactive undeniable property
CN107248909A (en) * 2017-03-16 2017-10-13 北京百旺信安科技有限公司 It is a kind of based on SM2 algorithms without Credential-Security endorsement method
CN107017993A (en) * 2017-04-01 2017-08-04 北京江南天安科技有限公司 A kind of multi-party joint key is produced and digital signature method and system
CN107017993B (en) * 2017-04-01 2020-05-05 北京江南天安科技有限公司 Multi-party combined key generation and digital signature method and system
CN112703702A (en) * 2018-06-15 2021-04-23 艾欧特可有限公司 Distributed authentication
CN109286485A (en) * 2018-10-17 2019-01-29 西安邮电大学 General Identity Proxy label decryption method that can be compound
CN109286485B (en) * 2018-10-17 2019-10-25 西安邮电大学 General Identity Proxy label decryption method that can be compound
CN109347632A (en) * 2018-10-23 2019-02-15 北京金山安全软件有限公司 Block chain ID generation and use method, device, electronic equipment and storage medium
CN109347632B (en) * 2018-10-23 2022-02-25 北京金山安全软件有限公司 Block chain ID generation and use method, device, electronic equipment and storage medium
CN109902483A (en) * 2019-01-10 2019-06-18 如般量子科技有限公司 Anti- quantum calculation Proxy Digital Signature method and system based on multiple pool of keys
CN110650017A (en) * 2019-09-02 2020-01-03 西安电子科技大学 Non-bilinear pairing multi-message multi-receiver signcryption method and Internet of things communication system
CN112055333A (en) * 2020-10-21 2020-12-08 西南交通大学 LTE-R vehicle-ground wireless communication security authentication method without certificate proxy signature
CN112804062A (en) * 2020-12-31 2021-05-14 北京海泰方圆科技股份有限公司 Certificateless signature method, device, equipment and medium based on SM2 algorithm
CN115348033A (en) * 2022-08-12 2022-11-15 四川启睿克科技有限公司 Short identity-based designated verifier proxy signature method
CN115664852A (en) * 2022-12-14 2023-01-31 金钱猫科技股份有限公司 Data management method and system based on block chain technology

Also Published As

Publication number Publication date
CN104821880B (en) 2018-01-30

Similar Documents

Publication Publication Date Title
CN104821880B (en) One kind is without certificate broad sense agent signcryption method
US8464058B1 (en) Password-based cryptographic method and apparatus
CN104539423B (en) A kind of implementation method without CertPubKey cipher system of no Bilinear map computing
CN104270249B (en) It is a kind of from the label decryption method without certificate environment to identity-based environment
US7574596B2 (en) Cryptographic method and apparatus
CN104767612B (en) It is a kind of from the label decryption method without certificate environment to PKIX environment
US20060215837A1 (en) Method and apparatus for generating an identifier-based public/private key pair
CN102420691B (en) Certificate-based forward security signature method and system thereof
CN110113150B (en) Encryption method and system based on non-certificate environment and capable of repudiation authentication
US11870891B2 (en) Certificateless public key encryption using pairings
CN103746811B (en) Anonymous signcryption method from identity public key system to certificate public key system
US20150288527A1 (en) Verifiable Implicit Certificates
CN104168114A (en) Distributed type (k, n) threshold certificate-based encrypting method and system
CN104767611B (en) It is a kind of from PKIX environment to the label decryption method without certificate environment
CN104301108A (en) Signcryption method based from identity environment to certificateless environment
EP2846492A1 (en) Cryptographic group signature methods and devices
CN105790941A (en) Identity-based combined key generation and authentication method with field partition
CN102970144A (en) Identity-based authentication method
Wei et al. Remove key escrow from the BF and Gentry identity-based encryption with non-interactive key generation
CN106453253A (en) Efficient identity-based concealed signcryption method
CN103746810A (en) Anonymous sign-cryption method from certificate public key system to identity public key system
CN110519040B (en) Anti-quantum computation digital signature method and system based on identity
US20220038267A1 (en) Methods and devices for secured identity-based encryption systems with two trusted centers
Elkamchouchi et al. An efficient proxy signcryption scheme based on the discrete logarithm problem
CN101957962A (en) Application and verification method of electronic stamp software system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
EXSB Decision made by sipo to initiate substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180130

Termination date: 20200505