CN105049453A - Signature verification method - Google Patents

Signature verification method Download PDF

Info

Publication number
CN105049453A
CN105049453A CN201510532047.7A CN201510532047A CN105049453A CN 105049453 A CN105049453 A CN 105049453A CN 201510532047 A CN201510532047 A CN 201510532047A CN 105049453 A CN105049453 A CN 105049453A
Authority
CN
China
Prior art keywords
signature
information
key
algorithm
signed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510532047.7A
Other languages
Chinese (zh)
Inventor
史扬
韩景轩
唐宇迪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tongji University
Original Assignee
Tongji University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tongji University filed Critical Tongji University
Priority to CN201510532047.7A priority Critical patent/CN105049453A/en
Publication of CN105049453A publication Critical patent/CN105049453A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates

Abstract

The invention provides a signature verification method. The signature verification method comprises steps that: a trusted authority generates public key shared information and generates a corresponding initial private key for each terminal based on the public key shared information, and each terminal obtains the corresponding initial private key and stores the initial private key in a safety device of the terminal, wherein data in the safety devices cannot be changed by the terminals; each safety device periodically updates the current key of each terminal based on the initial private key and a set signature key generation algorithm; a pre-signature function is obtained based on a set pre-signature function generation algorithm, a current key and transaction demand information; a signature is obtained based on a set signature algorithm, the pre-signature function and to-be-signed information, wherein the to-be-signed information comprises the transaction demand information; the signature key generation algorithm, the pre-signature function generation algorithm and the signature algorithm are set based on the public key shared information. According to the scheme of the signature verification method, the signature safety, in particular, the signature safety of mobile agents is improved greatly.

Description

A kind of signature verification method
Technical field
The present invention relates to a kind of computer security technique, particularly relate to a kind of signature verification method.
Background technology
MobileAgent (mobile agent) refers to one section of program that representative of consumer is finished the work, can be autonomous from a host mobility to another main frame in distributed network environment.It has the characteristics such as mobility, autonomy and asynchronous computing, bandwidth can be effectively utilized, reduce network traffics, improve the corresponding time, thus provide new means for the Distributed Application solving low bandwidth, high latency, network connect under unstable environment, the fields such as information retrieval, network management, ecommerce can be widely used in.Because mobile agent is when proxy user operates accordingly, needs constantly to carry out to move, finish the work, move again, last regenerative ratio key.Due to this feature, if use common signature algorithm, need to carry signature key in the process of migration, be easy to so just be stolen signature key by malicious host, the confidence level of therefore signing reduces greatly.Meanwhile, at common PC, because fail safe is not high enough, be easy to, by malicious intrusions, make Key Exposure, the thing followed is that Transaction Information is forged, and then causes extreme loss.
Given this, a kind of safer mobile agent signature verification technique scheme how is found just to become those skilled in the art's problem demanding prompt solution.
Summary of the invention
The shortcoming of prior art in view of the above, the object of the present invention is to provide a kind of signature verification method, the problem that the signature verification method fail safe adopted for solving mobile agent in prior art has much room for improvement.
For achieving the above object and other relevant objects, the invention provides a kind of signature verification method, described signature verification method comprises: generate public keys by trust authority and have information, information is had for the corresponding initial private cipher key of each terminal generation according to described public keys, described terminal obtains corresponding initial private cipher key and is kept in the safety device of described terminal, and the data of described safety device can not be changed by described terminal; The current key of described safety device terminal according to the signature key generating algorithm regular update of described initial private cipher key and setting; A pre-signature function is obtained according to the pre-signature function generating algorithm of setting and described current key, transactions demand information; Obtain a signature according to the signature algorithm of setting and described pre-signature function, information to be signed, described information to be signed comprises transactions demand information; Wherein, described signature key generating algorithm, pre-signature function generating algorithm and signature algorithm all have information to set based on described public keys.
Alternatively, described signature verification algorithm also comprises: the validity of signing according to the signature verification proof of algorithm of setting; Described signature verification algorithm has information to set based on described public keys.
Alternatively, described signature verification method also comprises: be tied on mobile agent by described pre-signature function, completes signature according to the described pre-signature function on mobile agent and information to be signed.
Alternatively, described public keys has information wherein, with the rank produced for generator P are the cyclic group of q, and q is prime number; E () is the mapping algorithm meeting bilinear map; Hash function for random length binary numeral is mapped to addition of integer group on; Hash function for random length binary numeral is mapped as group in element.
Alternatively, described information to be signed comprises client identity information ID c, transactions demand information REQ_C, shop identity information ID swith Transaction Information BID_S.
Alternatively, described signature key generating algorithm comprises: input to the section of fixing time j, user's initial key s iD; Time period j is passed through H 2function Mapping arrives then with s iDbe multiplied and obtain current key D j.
Alternatively, described pre-signature function generating algorithm comprises: with described current key D j, and transactions demand information and client identity information REQ_C||ID cfor input; From random value r is got, from D in group jthe time period j of the current correspondence of middle extraction, by r and H 2j () is multiplied and obtains U, calculate h ← H 1(REQ_C||ID c, U), calculate V ← (r+h) D j, calculate Q ← U+H 1(REQ_C||ID c, U) and H 2(j), from get another random value t in group, calculate R' ← tQ, calculate W' ← tV, obtain pre-signature function f signed(x)=<<U, V, R'>, xV+W'>.
Alternatively, described signature algorithm comprises: input information to be signed and current slot j, uses H 1method, by described information MAP to be signed is in value x, calculate pre-signature function f signedx (), obtains the z=<f that signs signed, j(x), j>.
Alternatively, described signature verification algorithm comprises: with information to be signed and described signature z=<f signed, j(x), j> is as input; Described information to be signed comprises businessman by client identity information ID c, transactions demand information REQ_C, shop identity information ID swith Transaction Information BID_S; When BID_S does not meet REQ_C, return authentication failed; <<<U, V, R'>, Z'>, j> ← z: extract corresponding value, as e (V, P) ≠ e (U+H from signature 1(REQ_C||ID c, U) and H 2(j), P pub), return authentication failed; Calculate calculate when time, return authentication failed, otherwise, return and be proved to be successful.
Alternatively, the data of described safety device can not be read by described terminal.
Alternatively, described public keys has information and generates based on Setup algorithm.
Alternatively, described e () matches based on Weil pairing or Tate the mapping algorithm meeting bilinear map be transformed into, and it meets bilinearity, non-degeneracy and computability.
As mentioned above, a kind of signature verification method of the present invention, there is following beneficial effect: carry out storing initial key by adopting particular security device and regularly upgrade current key, use and there is ageing current key to complete the signature in mobile agent, by Key-insulated algorithm with can not be split algorithm and combined by method cleverly, formation Key-insulated undetachable digital signatures.Thus not only solving the Key Exposure problem of mobile agent in transition process, the PC greatly reducing again client is caused the risk of Key Exposure because invading, to have filled up in mobile security field this blank.The solution of the present invention improves the signature safety of signature safety, particularly mobile agent greatly.
Accompanying drawing explanation
Fig. 1 is shown as the schematic flow sheet of an embodiment of signature verification method of the present invention.
Fig. 2 is shown as system environments and the process schematic of an embodiment of signature verification method of the present invention.
Element numbers explanation
S1 ~ S5 step
Embodiment
Below by way of specific instantiation, embodiments of the present invention are described, those skilled in the art the content disclosed by this specification can understand other advantages of the present invention and effect easily.The present invention can also be implemented or be applied by embodiments different in addition, and the every details in this specification also can based on different viewpoints and application, carries out various modification or change not deviating under spirit of the present invention.
It should be noted that, the diagram provided in the present embodiment only illustrates basic conception of the present invention in a schematic way, then only the assembly relevant with the present invention is shown in graphic but not component count, shape and size when implementing according to reality is drawn, it is actual when implementing, and the kenel of each assembly, quantity and ratio can be a kind of change arbitrarily, and its assembly layout kenel also may be more complicated.
The invention provides a kind of signature verification method.Described signature verification method achieves the Key-insulated of digital signature simultaneously and can not be split.The cryptography of Key-insulated is that the scholars such as Dodis propose, and its model stores " master key " in the equipment be perfectly safe, and uses the key developed by some cycles to carry out in the environment that daily Password Operations not can be perfectly safe at.The object of undetachable digital signatures (undetachabledigitalsignatures) technology be make mobile agent Agent can safety carry out digital signature in the white-box attack context.In one embodiment, described signature verification method comprises:
Step S1, generate public keys by trust authority and have information, information is had for the corresponding initial private cipher key of each terminal generation and public-key cryptography according to described public keys, described terminal obtains corresponding initial private cipher key and is kept in the safety device of described terminal, and the data of described safety device can not be changed by described terminal.In one embodiment, described public keys has information (also can be described as public keys to arrange) wherein, with the rank produced for generator P are the cyclic group of q, and q is prime number; E () is the mapping algorithm meeting bilinear map; Hash function for random length binary numeral is mapped to addition of integer group on; Hash function for random length binary numeral is mapped as group in element.E () matches based on Weil pairing or Tate the mapping algorithm meeting bilinear map be transformed into.It meets following three conditions: condition 1, bilinearity: simultaneously meet e (P 1+ P 2, Q) and=e (P 1, Q) and e (P 2, Q) and e (P, Q 1+ Q 2)=e (P, Q 1) e (P, Q 2), or meet separately e (aP, bQ)=e (P, Q) ab.Above-mentioned for being rank with prime number q and without the addition of integer group of null element.Condition 2, non-degeneracy: exist with be limited by e (P, Q) ≠ 1.Condition 3, computability: there is an effective algorithm and calculate e (P, Q), to all described public keys has information and runs the generation of Setup algorithm by trust authority, and it is open to all participants that this public keys has information.Environmental parameter generating algorithm Setup () is defined as follows: input k for security parameter, algorithm exports public keys and has information wherein, security parameter k represents the order of a group number that will set, and the larger fail safe of k value is higher, q=k.Information is had for the corresponding initial private cipher key of each terminal generation according to described public keys.In one embodiment, trust authority generates corresponding private cipher key for each participant (terminal) runs KGen algorithm and sends to corresponding participant (terminal) by credible channel.Described KGen algorithm has information based on public keys, and this algorithm comprises: from random value s is got in group iDas initial key; Calculate s iDthe P be multiplied by Ω obtains client public key P iD; The private cipher key s generated iDwith PKI P iDto be sent to by credible channel in participant's (i.e. terminal, also can be described as client terminal) hand of corresponding ID.First the private signature key received is stored in the device of a physical security by each client (terminal), this device and client rs PC (i.e. terminal) collaborative work, its task is the initial key that the storage be perfectly safe obtains from trust authority, and can regularly for client rs PC upgrades current key.Safety device and terminal between the two, employ a kind of special mode and connect, make information only with one-way transmission, and the data (regularly obtaining new key) when safety device runs are pushed to terminal.Namely the equipment (safety device) of physical security is had, regularly new key, write in common computer (terminal).That is, to before next initialization (regaining accordingly initially private cipher key) after an initialization (obtain corresponding initial private cipher key), safety device can change the current key that client rs PC (terminal) stores, and client (terminal) cannot change any data on safety device.In one embodiment, terminal cannot read any data on safety device, further ensures isolation and the safety of password.
Step S2, the current key of described safety device terminal according to the signature key generating algorithm regular update of described initial private cipher key and setting.Described signature key generating algorithm has information to set based on described public keys.In one embodiment, described signature key generating algorithm comprises: input to the section of fixing time j, user's initial key s iD; Time period j is passed through H 2function Mapping arrives then with s iDbe multiplied and obtain current key D j.First the private cipher key received is stored in the device of a physical security by each client, then the above-mentioned safety device of relatively unsafe terminal (such as relatively easily by the PC of hacker attacks) Periodic Notice every day runs signature key generating algorithm, upgrades current key.
Step S3, obtains a pre-signature function according to the pre-signature function generating algorithm of setting and described current key, transactions demand information.Described pre-signature function generating algorithm has information to set based on described public keys.The transactions demand of described pre-signature function and client is closely related, and the merchandise news that client can look for it carries out corresponding demand restriction, is denoted as REQ_C||ID c, then client can by demand information REQ_C||ID c, the key D of current slot jas input parameter, the pre-signature function generating algorithm UndSigFunGen running setting obtains pre-signature function.In one embodiment, the pre-signature information (pre-signature function) obtained after operation pre-signature function generating algorithm can be bound with mobile agent, then send mobile agent and make it move, find the businessman met customer need.In one embodiment, described pre-signature function generating algorithm comprises: with described current key D j, and transactions demand information and client identity information REQ_C||ID cfor input; from random value r is got, from D in group jthe time period j of the current correspondence of middle extraction, U ← rH 2(j): by r and H 2j () is multiplied and obtains U, calculate h ← H 1(REQ_C||ID c, U), calculate V ← (r+h) D j, calculate Q ← U+H 1(REQ_C||ID c, U) and H 2(j), from get another random value t in group, calculate R' ← tQ, calculate W' ← tV, obtain pre-signature function f signed(x)=<<U, V, R'>, xV+W'>.
Step S4, obtain a signature according to the signature algorithm of setting and described pre-signature function, information to be signed, described information to be signed comprises transactions demand information.Described signature algorithm has information to set based on described public keys.In one embodiment, described signature verification method also comprises: be tied on mobile agent by described pre-signature function, completes signature according to the described pre-signature function on mobile agent and information to be signed.Described information to be signed comprises client identity information ID c, transactions demand information REQ_C, shop identity information ID swith Transaction Information BID_S.After the mobile agent (having bound pre-signature function) representing customers buying behavior is concluded the transaction with businessman's (or intelligent agent of businessman), businessman is by client identity information ID c, transactions demand information REQ_C, shop identity information ID swith Transaction Information BID_S, and current slot j is as input, from mobile agent, extract pre-signature function subsequently, then run signature algorithm and sign for this transaction, the Transaction Information of businessman's generation is here the transactions demand information that will meet client.Described signature algorithm comprises: input information to be signed and current slot j, uses H 1method, by described information MAP to be signed is in value x, calculate pre-signature function f signedx (), obtains the z=<f that signs signed, j(x), j>.Particularly, described signature algorithm comprises: input ID c|| REQ_C||ID s|| BID_S and j; X ← H 1(ID c|| REQ_C||ID s|| BID_S): use H 1method, by ID c|| REQ_C||ID s|| BID_S is mapped as in value x; Extract pre-signature function and calculate f signed(x); Return signature z=<f signed, j(x), j>.
In one embodiment, described signature verification algorithm also comprises:
Step S5, the validity of signing according to the signature verification proof of algorithm of setting; Described signature verification algorithm has information to set based on described public keys.In one embodiment, signature verification algorithm comprises: with information to be signed and described signature z=<f signed, j(x), j> is as input; Described information to be signed comprises businessman by client identity information ID c, transactions demand information REQ_C, shop identity information ID swith Transaction Information BID_S; When BID_S does not meet REQ_C, return authentication failed; <<<U, V, R'>, Z'>, j> ← z: extract corresponding value, as e (V, P) ≠ e (U+H from signature 1(REQ_C||ID c, U) and H 2(j), P pub), return authentication failed; Calculate calculate when time, return authentication failed, otherwise, return and be proved to be successful.If all participants run the method and return and successfully illustrate that Transaction Information is legal, otherwise Transaction Information is illegal.
In one embodiment, as shown in Figure 2, first select CA (CertificationAuthority) server as trust authority, CA server name can be set to CA_server here.First carry out initialization procedure, namely public keys has information generative process, and this process comprises two key steps: the generation of the setting of security context parameter and announcement, key and distribution.
Step 1. runs Setup algorithm on CA_server, then to all participants announce algorithm generate public keys have information.This example Setup algorithm, based on elliptic curve encryption algorithm.Concrete:
[1] elliptic curve is: y 2=x 3+ x;
[2] point on curve is all based on finite field structure, wherein
Q=878071079966331252243778198475404981580688319941420821 10,286,533,992,664,756,308,802,229,570,786,251,794,226,622,214,231,558,587 69582317459277713367317481324925129998224791 and have q=3mod4.
[3] the positive integer module selected by this example is wherein
r=730750818665451621361119245571504901405976559617
[4] with all based on finite field the group that the point constructed forms.
[5] e () be based on this elliptic curve construct from arrive bilinear map, be the subgroup of the point group formed.In this example,
[6] H 1any binary number maps and is uniquely mapped to by method on.
[7] H 2any binary number maps and is uniquely mapped to by method on.
[8] this example point P is from group by random the method of taking out generates, and each initialization is different.
The public keys of generation is had information announcement by CA_server.
Step 2.CA_server runs KGen algorithm for each participant, then by each participant's (terminal can be sent to by new channel, or client rs PC), owing to having random characteristic in KGen algorithm, so the private cipher key of each participant and Public Key are not identical.This example is provided with 10 participants, and therefore algorithm obtains 10 couples of key s 01, P pub01..., s 10, P pub10, and sent in 10 participant's hands by credible channel.
After above-mentioned initialization procedure deployment is complete, (this example uses common PC as client to each client here, also can be described as terminal, always have 10 clients, therefore have PC01 ... PC10) private cipher key that CA_server sends over can all be received, then be saved in by private cipher key in the device of the physical security that the present invention mentions, this safety device can revise the signature key in client, and the private cipher key D in every day regular update client j, 10 safety devices corresponding with 10 clients in this example are respectively SD01 ..., SD10.
Key updating process is as follows: concrete, the renewal that every day time period can be fixed, and when supposing that the time period becomes 2 from 1, safety device SD01 runs signature key generating algorithm KUpd (s 01, 2) and upgrade current private cipher key D on PC01 2 pC01.Just completely independent after this process operation, just every day, fixed time upgraded current private cipher key (referred to as current key) D j.
Method of the present invention is adopted to carry out mobile agent arm's length dealing process as follows: within the time period 2, terminal PC 01 generates mobile agent, and additional transactions demand information REQ_C=XXX model mobile phone is less than 4000 yuan, now ID c=PC01, then PC01 run pre-signature function generating algorithm UndSigFunGen (XXX model mobile phone is less than 4000 yuan || PC01, D 2 pC01, 2) and obtain a pre-signature function f signedx (), then PC01 is by pre-signature function f signedx () is tied in the mobile agent of generation, and send agency, makes agent migration.Described mobile agent moves in multiple shop server, finds suitable merchant.In certain moment, the mobile agent of PC01 have found a businessman S01 and meets above-mentioned requirements completely, and therefore conclude the transaction with agency contract, generates following Transaction Information: REQ_C=XXX model mobile phone is less than 4000 yuan, ID c=PC01, ID s=S01, BID_S=price 3888.Now, businessman S01 is by the transaction contract signature of for reaching.Businessman S01 runs and transfers pre-signature function, and allow signature algorithm UndSign (PC01||XXX model mobile phone is less than 4000 yuan || S01|| price 3888,2) z that signs is obtained, signature z and PC01||XXX model mobile phone are less than 4000 yuan by businessman S01 subsequently || S01|| price 3888, time period 2 is all saved in mobile agent, and makes it move.Now businessman S01 first can run signature verification function UndVrfy whether carry out authorization information legal.
Then, the mobile agent completing transaction moves to client terminal PC01 by continuing, and client terminal PC01 has received the mobile agent of transaction, carries out validation verification to this transaction.Information PC01||XXX model mobile phone is less than 4000 yuan by client terminal PC01 || and S01|| price 3888, the time period 2, signature z extracts, and runs signature verification algorithm UndVrfy (z, ID c|| REQ_C||ID s|| BID_S) verify whether this transaction is legal, just confirm transaction if legal, if this transaction of illegal direct refusal.
In sum, a kind of signature verification method of the present invention is by adopting particular security device to carry out storing initial key and regularly upgrading current key, use and there is ageing current key to complete the signature in mobile agent, by Key-insulated algorithm with can not be split algorithm and combined by method cleverly, formation Key-insulated undetachable digital signatures.Thus not only solving the Key Exposure problem of mobile agent in transition process, the PC greatly reducing again client is caused the risk of Key Exposure because invading, to have filled up in mobile security field this blank.So the present invention effectively overcomes various shortcoming of the prior art and tool high industrial utilization.
Above-described embodiment is illustrative principle of the present invention and effect thereof only, but not for limiting the present invention.Any person skilled in the art scholar all without prejudice under spirit of the present invention and category, can modify above-described embodiment or changes.Therefore, such as have in art usually know the knowledgeable do not depart from complete under disclosed spirit and technological thought all equivalence modify or change, must be contained by claim of the present invention.

Claims (10)

1. a signature verification method, is characterized in that, described signature verification method comprises:
Generate public keys by trust authority and have information, information is had for the corresponding initial private cipher key of each terminal generation and public-key cryptography according to described public keys, described terminal obtains corresponding initial private cipher key and is kept in the safety device of described terminal, and the data of described safety device can not be changed by described terminal;
The current key of described safety device terminal according to the signature key generating algorithm regular update of described initial private cipher key and setting;
A pre-signature function is obtained according to the pre-signature function generating algorithm of setting and described current key, transactions demand information;
Obtain a signature according to the signature algorithm of setting and described pre-signature function, information to be signed, described information to be signed comprises transactions demand information;
Wherein, described signature key generating algorithm, pre-signature function generating algorithm and signature algorithm all have information to set based on described public keys.
2. signature verification method according to claim 1, is characterized in that: described signature verification algorithm also comprises: the validity of signing according to the signature verification proof of algorithm of setting; Described signature verification algorithm has information to set based on described public keys.
3. signature verification method according to claim 1 and 2, it is characterized in that: described signature verification method also comprises: described pre-signature function is tied on mobile agent, complete described signature according to the described pre-signature function on mobile agent and information to be signed.
4. signature verification method according to claim 1 and 2, is characterized in that: described public keys has information wherein, with the rank produced for generator P are the cyclic group of q, and q is prime number; E () is the mapping algorithm meeting bilinear map; Hash function for random length binary numeral is mapped to addition of integer group on; Hash function for random length binary numeral is mapped as group in element.
5. signature verification method according to claim 4, is characterized in that: described signature key generating algorithm comprises: input to the section of fixing time j, user's initial key s iD; Time period j is passed through H 2function Mapping arrives then with s iDbe multiplied and obtain current key D j.
6. signature verification method according to claim 5, is characterized in that: described pre-signature function generating algorithm comprises: with described current key D j, and transactions demand information and client identity information REQ_C||ID cfor input; From random value r is got, from D in group jthe time period j of the current correspondence of middle extraction, by r and H 2j () is multiplied and obtains U, calculate h ← H 1(REQ_C||ID c, U), calculate V ← (r+h) D j, calculate Q ← U+H 1(REQ_C||ID c, U) and H 2(j), from get another random value t in group, calculate R' ← tQ, calculate W' ← tV, obtain pre-signature function f signed(x)=<<U, V, R'>, xV+W'>.
7. signature verification method according to claim 6, is characterized in that: described signature algorithm comprises: input information to be signed and current slot j, uses H 1method, by described information MAP to be signed is in value x, calculate pre-signature function f signedx (), obtains the z=<f that signs signed, j(x), j>.
8. signature verification method according to claim 7, is characterized in that: described signature verification algorithm comprises: with information to be signed and described signature z=<f signed, j(x), j> is as input; Described information to be signed comprises businessman by client identity information ID c, transactions demand information REQ_C, shop identity information ID swith Transaction Information BID_S; When BID_S does not meet REQ_C, return authentication failed; <<<U, V, R'>, Z'>, j> ← z: extract corresponding value, as e (V, P) ≠ e (U+H from signature 1(REQ_C||ID c, U) and H 2(j), P pub), return authentication failed; Calculate Q &OverBar; &LeftArrow; U + H 1 ( R E Q _ C | | ID C , U ) H 2 ( j ) , Calculate x &OverBar; &LeftArrow; H 1 ( ID C | | R E Q _ C | | ID S | | B I D _ S ) , When time, return authentication failed, otherwise, return and be proved to be successful.
9. signature verification method according to claim 1, is characterized in that: the data of described safety device can not be read by described terminal.
10. signature verification method according to claim 1, is characterized in that: described public keys has information and generates based on Setup algorithm.
CN201510532047.7A 2015-08-26 2015-08-26 Signature verification method Pending CN105049453A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510532047.7A CN105049453A (en) 2015-08-26 2015-08-26 Signature verification method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510532047.7A CN105049453A (en) 2015-08-26 2015-08-26 Signature verification method

Publications (1)

Publication Number Publication Date
CN105049453A true CN105049453A (en) 2015-11-11

Family

ID=54455663

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510532047.7A Pending CN105049453A (en) 2015-08-26 2015-08-26 Signature verification method

Country Status (1)

Country Link
CN (1) CN105049453A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105763322A (en) * 2016-04-13 2016-07-13 同济大学 Obfuscatable encryption key-insulated digital signature making method and system
CN110233733A (en) * 2019-06-05 2019-09-13 同济大学 Undetachable digital signatures general construction method towards block chain intelligence contract
CN115037507A (en) * 2022-04-22 2022-09-09 京东科技控股股份有限公司 Method, device and system for user access management

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102420691A (en) * 2011-12-16 2012-04-18 河海大学 Certificate-based forward security signature method and system thereof
CN103414557A (en) * 2013-08-29 2013-11-27 青岛大学 Novel secret key separated signing method and system
CN104052601A (en) * 2013-12-30 2014-09-17 国家电网公司 Secret key isolation signcryption method
CN104168115A (en) * 2014-08-19 2014-11-26 同济大学 Forward-secure undetachable digital signature method
CN104184588A (en) * 2014-08-15 2014-12-03 同济大学 Undetachable digital signature method based on identity

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102420691A (en) * 2011-12-16 2012-04-18 河海大学 Certificate-based forward security signature method and system thereof
CN103414557A (en) * 2013-08-29 2013-11-27 青岛大学 Novel secret key separated signing method and system
CN104052601A (en) * 2013-12-30 2014-09-17 国家电网公司 Secret key isolation signcryption method
CN104184588A (en) * 2014-08-15 2014-12-03 同济大学 Undetachable digital signature method based on identity
CN104168115A (en) * 2014-08-19 2014-11-26 同济大学 Forward-secure undetachable digital signature method

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105763322A (en) * 2016-04-13 2016-07-13 同济大学 Obfuscatable encryption key-insulated digital signature making method and system
CN105763322B (en) * 2016-04-13 2019-01-25 同济大学 A kind of encryption key isolation digital signature method and system obscured
CN110233733A (en) * 2019-06-05 2019-09-13 同济大学 Undetachable digital signatures general construction method towards block chain intelligence contract
CN110233733B (en) * 2019-06-05 2022-02-01 同济大学 Block chain intelligent contract-oriented universal construction method for non-separable digital signature
CN115037507A (en) * 2022-04-22 2022-09-09 京东科技控股股份有限公司 Method, device and system for user access management
CN115037507B (en) * 2022-04-22 2024-04-05 京东科技控股股份有限公司 User access management method, device and system

Similar Documents

Publication Publication Date Title
CN103268460B (en) A kind of cloud integrity of data stored verification method
CN106961336B (en) A kind of key components trustship method and system based on SM2 algorithm
CN104753917B (en) Key management system and method based on ID
CN111680324B (en) Credential verification method, management method and issuing method for blockchain
CN110264200B (en) Block chain data processing method and device
CN107483191B (en) SM2 algorithm key segmentation signature system and method
US9021572B2 (en) Anonymous access to a service by means of aggregated certificates
CN109981641A (en) A kind of safe distribution subscription system and distribution subscription method based on block chain technology
CN105827412A (en) Authentication method, server and client
US20130326602A1 (en) Digital Signatures
CN104184588B (en) The undetachable digital signatures method of identity-based
CN101316424A (en) Information transmission method, system and device
CN104023044A (en) Cloud-storage data lightweight-level public auditing method with privacy protection
JP7164672B2 (en) Digital signature method, signature information verification method, related device and electronic device
CN105721158A (en) Cloud safety privacy and integrity protection method and cloud safety privacy and integrity protection system
CN111835526B (en) Method and system for generating anonymous credential
US11184168B2 (en) Method for storing data on a storage entity
CN115333857B (en) Detection method for preventing data from being tampered based on smart city system cloud platform
CN103475624A (en) Internet of Things key management center system, key distribution system and method
CN105141419B (en) The attribute base endorsement method and system in large attribute domain
CN105376064A (en) Anonymous message authentication system and message signing method thereof
CN105049453A (en) Signature verification method
Zhao et al. Fuzzy identity-based dynamic auditing of big data on cloud storage
US9787476B2 (en) Image verification by an electronic device
Wu et al. Towards secure and cost-effective fuzzy access control in mobile cloud computing

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20151111

RJ01 Rejection of invention patent application after publication