CN105357010B - A kind of crypto-operation method for computing resource constrained devices - Google Patents
A kind of crypto-operation method for computing resource constrained devices Download PDFInfo
- Publication number
- CN105357010B CN105357010B CN201510644906.1A CN201510644906A CN105357010B CN 105357010 B CN105357010 B CN 105357010B CN 201510644906 A CN201510644906 A CN 201510644906A CN 105357010 B CN105357010 B CN 105357010B
- Authority
- CN
- China
- Prior art keywords
- crypto
- data
- private data
- computing resource
- constrained devices
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000000354 decomposition reaction Methods 0.000 claims abstract description 7
- 241001269238 Data Species 0.000 claims description 6
- 238000004364 calculation method Methods 0.000 claims description 6
- 230000002441 reversible effect Effects 0.000 claims description 3
- 238000013475 authorization Methods 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Optimization (AREA)
- Mathematical Analysis (AREA)
- General Physics & Mathematics (AREA)
- Algebra (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention relates to a kind of crypto-operation methods for computing resource constrained devices, specifically, when a computing resource constrained devices carry out crypto-operation using a private data, it will be decomposed from private data or derived n parts of data pass through network together with unclassified data and are submitted to n crypto-operation system respectively, i.e., each crypto-operation system respectively obtains 1 part from private data decomposition or derived data and same unclassified data;Each crypto-operation system carries out crypto-operation using the slave private data decomposition received or derived data and unclassified data, and the result of crypto-operation is then returned to computing resource constrained devices;Last computing resource constrained devices are calculated using the crypto-operation result that n crypto-operation system returns and obtain final crypto-operation result.Based on the present invention, a computing resource constrained devices can use other safely under the premise of not exposing private data and calculate the close crypto-operation of facility progress.
Description
Technical field
The invention belongs to field of information security technology, especially a kind of crypto-operation side for computing resource constrained devices
Method.
Background technique
During carrying out application operating using mobile terminals such as mobile phones, it is often necessary to carry out being related to public key cryptography
The crypto-operation of algorithm, such as data encryption, decryption, digital signature, signature verification, these operations often refer to Large-number operation, with
The computing capability of the mobile terminals such as mobile phone is difficult the acceptable time to complete a crypto-operation (usual operational motion in user
It has been more than just to have response in 2 seconds, then user can not receive), in this regard, needing to solve the problems, such as this by other technologies means.Such as
Fruit crypto-operation does not involve a need to the sensitive data of secrecy, and such as signature verification, then the mobile terminals such as mobile phone can entrust other tools
There is the system (such as special crypto-operation service system) of stronger computing capability to carry out associated cryptographic operation.But if password
Operation involves a need to the sensitive data of secrecy, then this to entrust the leakage for being likely to result in sensitive data, the present invention seeks to solve
Certainly this problem.
Summary of the invention
The purpose of the present invention is to propose to a kind of crypto-operation methods for computing resource constrained devices to solve to calculate money
Source constrained devices carry out the problem of complicated crypto-operation.
In order to achieve the object of the present invention, technical solution proposed by the invention is: one kind is for the limited dress of computing resource
The crypto-operation method set, it is characterized in that:
When a computing resource constrained devices carry out crypto-operation using a private data, crypto-operation process is by such as
Under type carries out:
Step 1: computing resource constrained devices will be decomposed from private data or derived n parts of data are together with unclassified data
It is submitted to n crypto-operation system respectively by network, i.e., each crypto-operation system respectively obtains 1 part and decomposes from private data
Or derived data and same unclassified data;
Step 2: each crypto-operation system is decomposed using the slave private data received or derived data and unclassified
Data carry out crypto-operation, and the result of crypto-operation is then returned to computing resource constrained devices;
Step 3: computing resource constrained devices are calculated using the crypto-operation result that n crypto-operation system returns
Final crypto-operation result;
The computing resource constrained devices refer to the computing device that crypto-operation cannot be completed within user's desired time;
The crypto-operation system is to aid in the system that computing resource constrained devices carry out crypto-operation.
Calculation formula used in crypto-operation is carried out using private data in the method to have a characteristic that
Using a private data with unclassified data carry out crypto-operation after obtain result (data) be using from this guarantor
Ciphertext data decomposes or derived n parts of data carry out the group of the result (data) obtained after crypto-operation with unclassified data respectively
It closes.
From the above description it can be seen that, unless attacker gets n parts of secret numbers from n crypto-operation system simultaneously
According to otherwise attacker can not obtain the private data (such as private key) of user, get n parts of guarantors simultaneously from n crypto-operation system
Ciphertext data be it is highly difficult, especially when this n crypto-operation system is located at different location, belongs to different operators, therefore,
Based on method of the invention, a computing resource constrained devices can use other safely and calculate facility progress crypto-operation.
Detailed description of the invention
Nothing.
Specific embodiment
Specific implementation of the invention is described below with reference to embodiment.
Implementation of the invention need not be for the complete computation of a crypto-operation (such as encryption, decryption, signature, signature verification)
Process, only need to for concerning security matters, computationally intensive part in entire calculating process, not concerning security matters, part that calculation amount is little, no
Need to implement method of the invention.It is illustrated below as what is in the crypto-operation for being related to private data, the decomposition of private data
Or export, the integration of crypto-operation result are illustrated.
Case 1.It needs to calculate m in the data encryption calculating process of rsa cryptosystem algorithmeMod t, m is to be encrypted here
Private data, e is decrypted user, the public key for not needing secrecy, and mod t is to calculate mould t remainder operator, and t is positive integer, 0
≤ m < t, t are sufficiently large to guarantee safety.Since e and m are very big, calculate meNeed to consume many computing resources,
Calculating the time it takes is carried out on the limited mobile terminal of the computing capabilitys such as mobile phone usually has been out the acceptable limit of people
Degree, therefore can be calculated as follows:
Choose m1,m2,…,mn, so that m=m1*m2*…*mnMod t, by m1, e and t, m2, e and t ..., mn, e and t points
It indescribably gives n crypto-operation system-computed and obtains m1exp(e)mod t,m2exp(e)mod t,…,mn exp(e)mod t
(m hereiExp (e) indicates miE power), then calculate m on the mobile terminals such as mobile phone againeMod t=(m1exp(e)
mod t)*(m2exp(e)mod t)*…*(mn exp(e)mod t)mod t。
m1,m2,…,mnIt can obtain as follows:
Randomly select the n-1 positive integer m coprime with t1,m2,…,mn-1, obtain mn=m* (m1*m2*…*mn-1)-1mod
T, here (m1*m2*…*mn-1)-1It is m1*m2*…*mn-1Mould t multiplication it is inverse.m1,m2,…,mnIt is temporarily given birth to when can calculate every time
At (different every time) or m1,m2,…,mn-1It is used for multiple times after generation more than certain number or is updated after the time, and mnIt needs every
It is secondary to be calculated according to m.
N=2 in practical applications.
Case 1 extends to more generally situation.
If all private datas of crypto-operation are a multiplication or addition semigroup (monoid), and work as private data table
Be shown as in semigroup n element product or addition and when, the crypto-operation for private data is the result is that first for n respectively
N parts of data m are then decomposed or are exported in the combination of the crypto-operation result of element from a private data m1,m2,…,mnA kind of method
It is as follows:
The optionally n-1 element m in the subgroup that all reversible elements of private data semigroup are constituted1,m2,…,mn-1If
Semigroup is multiplication semigroup, then mn=m* (m1*m2*…*mn-1)-1, wherein (m1*m2*…*mn-1)-1It is m1*m2*…*mn-1's
Multiplication is inverse;If semigroup is addition semigroup, mn=m- (m1+m2+…+mn-1), wherein-(m1+m2+…+mn-1) it is m1+m2
+…+mn-1Addition it is inverse.
Here the sub- order of a group that the reversible element of semigroup is constituted wants sufficiently large to guarantee computational security, i.e., attacker without
Method cracks out m by the method for exhaustion in the acceptable time range of cryptography1,m2,…,mn-1。
Case 2.It needs to calculate m in the data deciphering of rsa cryptosystem algorithm or digital signature calculating processdMod t, this
In m be data or data to be signed (message Hash value) (m itself is not necessarily to maintain secrecy here) to be decrypted, d is decryption or signature
The private key of the need for confidentiality of user, mod t are to calculate mould t remainder operator, and t is positive integer, and 0≤m < t, t are sufficiently large to ensure peace
Quan Xing.Since d and m are very big, calculate mdNeed to consume many computing resources, it is limited in computing capabilitys such as mobile phones
Carry out calculating the time it takes on mobile terminal and usually be out the acceptable limit of people, thus can as follows into
Row calculates:
Optionally take positive integer d1,d2,…,dn, so that d=d1+d2+…+dn, by d1, m and t, d2, m and t ..., dn, m and t
N crypto-operation system-computed is submitted to respectively obtains m exp (d1)mod t,m exp(d2)mod t,…,m exp(dn)mod
T (m exp (d herei) indicate m diPower), then m is calculated on the mobile terminals such as mobile phone againdMod t=(m exp (d1)
mod t)*(m exp(d2)mod t)*…*(m exp(dn)mod t)mod t。
d1,d2,…,dnIt can obtain as follows:
N-1 positive integer d is selected at random1,d2,…,dn-1, and make dn=d- (d1+d2+…+dn-1) > 0, then d1,d2,…,dn
It is as required.
d1,d2,…,dn(different every time) are temporarily generated when can calculate every time, or it is more than certain for being used for multiple times after generating
Number updates after the time.
N=2 in practical applications.
Case 3.(the Elliptic Curve Digital Signature in elliptic curve digital signature algorithm
Algorithm), can be related to calculating kG when signature, wherein k is the big positive integer (random number) an of need for confidentiality, and G is oval
A bit (basic point, base point) on curve.Since k is very big, it calculates kG and needs to consume many computing resources,
Calculating the time it takes is carried out on the limited mobile terminal of the computing capabilitys such as mobile phone usually has been out the acceptable limit of people
Degree, therefore can be calculated as follows:
Choose k1,k2,…,kn, so that k=k1+k2+…+kn, by k1And G, k2And G ..., knIt is a close to submit to n respectively with G
Code arithmetic system, which calculates, obtains k1G,k2G,…,knThen G calculates kG=k on the mobile terminals such as mobile phone again1G+k2G+…+
knG, or by k1G,k2G,…,knG submits to (n+1)th crypto-operation system-computed and obtains kG=k1G+k2G+…+knG。
k1,k2,…,knIt can obtain as follows:
Any given n-1 integer k1,k2,…,kn-1, obtain kn=k- (k1+k2+…+kn-1).Although (k is usually to take just
Integer, but k here1,k2,…,knIt need not all be positive integer)
k1,k2,…,kn(different every time) or k are temporarily generated when calculating every time1,k2,…,kn-1It is used for multiple times after generation
It is updated more than certain number or after the time, and kn-1It is calculated every time according to k.
N=2 in practical applications.
Case 4.(Elliptic Curve Integrated Encryption is integrated in encipherment scheme in elliptic curve
Scheme), can be related to calculating rG and rK when encryptionB, wherein r is the big integer (random number) an of need for confidentiality, and G is oval
A bit (basic point, base point) on curve, KBIt is the public key (K of decryption sideB=sG, s are the private keys of decryption side).At this moment close
The code decomposition of operation, integrated scheme are the same as case 3.
Case 5.Identify-based encryption (Identity Based based on bilinear map (such as Wei Pairing)
Encryption, IBE) (referring to Dan Boneh, Matthew Franklin, Identity-Based Encryption from
The Weil Pairing, SIAM J.of Computing, Vol.32, No.3, pp.586-615,2003.), when decryption, can relate to
And pairing e (dID, U) operation, d hereID=sQIDIt is the private key of decrypted user, QIDThe mark for being decrypted user must after mapping
The point arrived (in hash to elliptic curve).Pairing, which calculates, needs to consume many computing resources, limited in computing capabilitys such as mobile phones
Mobile terminal on carry out calculating the time it takes and usually be out the acceptable limit of people, therefore can be as follows
It is calculated:
Choose d1,d2,…,dn, so that dID=d1+d2+…+dn, by d1And U, d2And U ..., dnSubmit to n respectively with U
Crypto-operation system-computed obtains e (d1,U),e(d2,U),…,e(dn, U), then e is calculated on the mobile terminals such as mobile phone again
(dID, U) and=e (d1,U)*e(d2,U)*…*e(dn,U)
d1,d2,…,dnIt can obtain as follows:
Any given n-1 integer r1,r2,…,rn-1, obtain d1=r1QID, d2=r2QID, dn-1=rn-1QID, dn=dID-
(d1+d2+…+dn-1)。
d1,d2,…,dnIt can pre-generate, or be used for multiple times after generating more than certain number or updated after the time.Into
One step, d1,d2,…,dn-1Calculating can be carried out by crypto-operation system.
Equally, n=2 in practical applications.
The implementation of crypto-operation system can use any suitable information technology, realize crypto-operation function;Password fortune
Data interaction between calculation system and mobile terminal is carried out by data network, and data format is customized.
In order to protect crypto-operation system, so that the user for only obtaining authorization uses and uses crypto-operation system, it can be with
Take following technical measures:
It needs to obtain the security token of access crypto-operation system using the mobile terminal of crypto-operation system, and accesses not
Security token with crypto-operation system is different, and security token proves that mobile terminal user is crypto-operation with anonymous way
Legal, the authorized user of system, security token guarantee its authenticity, validity by symmetrically or non-symmetrically key digital signature,
It and include that encryption key (encrypted symmetric key) is same as between mobile terminal and crypto-operation system in security token
Data confidentiality (implementation of security token can refer to the Ticket of Kerberos);Security token has term of validity, enables in safety
Board is when validity period, the mobile terminal security token that overdue effective and safe token is obtained to update.
Other unaccounted particular techniques are implemented, and are it is well known that not saying certainly for those skilled in the relevant art
Bright.
Claims (10)
1. a kind of crypto-operation method for computing resource constrained devices, it is characterized in that:
When a computing resource constrained devices carry out crypto-operation using a private data, crypto-operation process presses such as lower section
Formula carries out:
Step 1: computing resource constrained devices will be decomposed from private data or derived n parts of data pass through together with unclassified data
Network is submitted to n crypto-operation system respectively, i.e., each crypto-operation system respectively obtains 1 part and decomposes or lead from private data
Data and same unclassified data out;
Step 2: each crypto-operation system utilizes the slave private data decomposition received or derived data and unclassified data
Crypto-operation is carried out, the result of crypto-operation is then returned into computing resource constrained devices;
Step 3: computing resource constrained devices are calculated finally using the crypto-operation result that n crypto-operation system returns
Crypto-operation result;
The computing resource constrained devices refer to the computing device that crypto-operation cannot be completed within user's desired time;It is described
Crypto-operation system is to aid in the system that computing resource constrained devices carry out crypto-operation;The private data include private key, to
The random number of need for confidentiality in the data or crypto-operation of encryption.
2. the crypto-operation method according to claim 1 for computing resource constrained devices, it is characterized in that: the method
It is middle to be had a characteristic that using calculation formula used in private data progress crypto-operation
It is obtained after carrying out crypto-operation with unclassified data using a private data the result is that being decomposed using from this private data
Or derived n parts of data carry out the combination of the result obtained after crypto-operation with unclassified data respectively.
3. the crypto-operation method according to claim 1 for computing resource constrained devices, it is characterized in that:
If all private datas of crypto-operation are a multiplication or addition semigroup, and when private data is expressed as in semigroup
The product or addition of n element and when, the crypto-operation for private data the result is that be directed to the crypto-operation of n element respectively
As a result n parts of data m are then decomposed or are exported in combination from a private data m1,m2,…,mnA kind of method it is as follows:
The optionally n-1 element m in the subgroup that all reversible elements of private data semigroup are constituted1,m2,…,mn-1If half
Group is multiplication semigroup, then mn=m* (m1*m2*…*mn-1)-1, wherein (m1*m2*…*mn-1)-1It is m1*m2*…*mn-1Multiplication
It is inverse;If semigroup is addition semigroup, mn=m- (m1+m2+…+mn-1), wherein-(m1+m2+…+mn-1) it is m1+m2+…+
mn-1Addition it is inverse.
4. the crypto-operation method according to claim 1 for computing resource constrained devices, it is characterized in that:
If the private data of crypto-operation is an integer, and is allowed in crypto-operation formula when private data is expressed as n
The integer of value and when, crypto-operation for private data is the result is that respectively for the crypto-operation result of n integer
N parts of data d are then decomposed or are exported in combination from a private data d1,d2,…,dnA kind of method it is as follows:
Optional n-1 private data allows the integer d of value in crypto-operation formula1,d2,…,dn-1, and make d- (d1+d2
+…+dn-1) it is the integer that private data allows value in crypto-operation formula, then dn=d- (d1+d2+…+dn-1);
The private data allows the integer of value to refer to that private data is close when carrying out crypto-operation in crypto-operation formula
The integer value that variable in code operational formula in appearance position is allowed to.
5. the crypto-operation method according to claim 1 for computing resource constrained devices, it is characterized in that:
If all private datas of crypto-operation are a modules, and when private data is expressed as in module n element
And when, the crypto-operation for private data is the result is that respectively for the combination of the crypto-operation result of n element, then from one
Private data d is decomposed or n parts of data d of export1,d2,…,dnA kind of method it is as follows:
The optionally n-1 element d in private data encryption group1,d2,…,dn-1, utilize dn=d- (d1+d2+…+dn-1) use group
Operation generates private data dn。
6. the crypto-operation method according to claim 1 for computing resource constrained devices, it is characterized in that:
If all private datas of crypto-operation are a modules, and when private data is expressed as in module n element
And when, the crypto-operation for private data the result is that be directed to the combination of the crypto-operation result of n element, and Q is to add respectively
An element in method group then decomposes or exports n parts of data d from a private data d1,d2,…,dnA kind of method it is as follows:
Any given n-1 integer r1,r2,…,rn-1, obtain d1=r1Q, d2=r2Q, dn-1=rn-1Q, dn=d- (d1+d2+…+
dn-1)。
7. the crypto-operation method according to claim 5 for computing resource constrained devices, it is characterized in that:
If all private datas of crypto-operation are a multiplicative groups, and when private data is expressed as in multiplicative group n element
When product, the crypto-operation for private data is then directed to the result is that respectively for the combination of the crypto-operation result of n element
Multiplicative group has one corresponding with module to decompose from private data d or n parts of data d of export1,d2,…,dnMethod: will
Decomposing or export in calculation formula plus operation becomes multiplication, is that multiplication is inverse by addition inversion.
8. the crypto-operation method according to claim 6 for computing resource constrained devices, it is characterized in that:
If all private datas of crypto-operation are a multiplicative groups, and when private data is expressed as in multiplicative group n element
When product, the crypto-operation for private data the result is that be directed to the combination of the crypto-operation result of n element, and Q is respectively
An element in multiplicative group, then for multiplicative group have one it is corresponding with module utilization Q decomposed from a private data d or
Export n parts of data d1,d2,…,dnMethod: will decompose or export calculation formula in plus operation become multiplication, will arbitrarily give
Determine n-1 integer r1,r2,…,rn-1Multiply the integer power for becoming Q with the number of Q, is that multiplication is inverse by addition inversion.
9. the crypto-operation method according to claim 1 for computing resource constrained devices, it is characterized in that:
If private data used in crypto-operation is a constant, when computing resource constrained devices carry out crypto-operation every time, from
Private data used is decomposed or n part data of export, alternatively, computing resource constrained devices are in advance from private data decomposition or derived
N parts of data are using more than certain number or after the time again from private data from private data decomposition or derived n parts of data
Decompose or export n parts of data;
If private data used in crypto-operation is not a constant, when computing resource constrained devices carry out crypto-operation every time,
The private data used in the crypto-operation is decomposed or n parts of data of export, alternatively, computing resource constrained devices randomly select n-1 in advance
Part data, when computing resource constrained devices carry out crypto-operation every time, using the n-1 part data randomly selected in advance from guarantor used
Ciphertext data decomposes or n-th part of data of export, uses more than certain number in the n-1 part data randomly selected in advance or after the time,
Again n-1 parts of data are randomly selected.
10. the crypto-operation method according to claim 1 for computing resource constrained devices, it is characterized in that:
Computing resource constrained devices are obtained using the Anonymous Secure token that regularly updates and use the authorization of crypto-operation system and right
Data used in crypto-operation include that private data carries out safeguard protection, and accesses the Anonymous Secure token of different crypto-operation systems
It is not identical.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510644906.1A CN105357010B (en) | 2015-10-08 | 2015-10-08 | A kind of crypto-operation method for computing resource constrained devices |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510644906.1A CN105357010B (en) | 2015-10-08 | 2015-10-08 | A kind of crypto-operation method for computing resource constrained devices |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105357010A CN105357010A (en) | 2016-02-24 |
CN105357010B true CN105357010B (en) | 2019-04-02 |
Family
ID=55332889
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510644906.1A Expired - Fee Related CN105357010B (en) | 2015-10-08 | 2015-10-08 | A kind of crypto-operation method for computing resource constrained devices |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105357010B (en) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102131198A (en) * | 2011-03-01 | 2011-07-20 | 广州杰赛科技股份有限公司 | Realizing method of elliptic curve cryptography arithmetic device in authentication system |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1207866C (en) * | 2001-09-28 | 2005-06-22 | 中国科学院研究生院 | Safe digital signature system and method |
WO2012090289A1 (en) * | 2010-12-27 | 2012-07-05 | 富士通株式会社 | Encryption processing device and method |
CN103095459B (en) * | 2013-01-17 | 2016-09-28 | 数安时代科技股份有限公司 | Montgomery Algorithm method, equipment and server in public-key cryptosystem |
-
2015
- 2015-10-08 CN CN201510644906.1A patent/CN105357010B/en not_active Expired - Fee Related
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102131198A (en) * | 2011-03-01 | 2011-07-20 | 广州杰赛科技股份有限公司 | Realizing method of elliptic curve cryptography arithmetic device in authentication system |
Also Published As
Publication number | Publication date |
---|---|
CN105357010A (en) | 2016-02-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110268676B (en) | Private key calculation system and method for identity-based self-authentication signature scheme | |
CN109309569B (en) | SM2 algorithm-based collaborative signature method and device and storage medium | |
CN104486315B (en) | A kind of revocable key outsourcing decryption method based on contents attribute | |
RU2018103181A (en) | CONFIDENTIAL AUTHENTICATION AND SECURITY | |
CN110545279A (en) | block chain transaction method, device and system with privacy and supervision functions | |
CN103957109A (en) | Cloud data privacy protection security re-encryption method | |
EP3552338A1 (en) | Method of rsa signature or decryption protected using a homomorphic encryption | |
CN103490901A (en) | Secret key generating and releasing method based on combined secrete key system | |
CN107733648A (en) | The RSA digital signature generation method and system of a kind of identity-based | |
CN103618728A (en) | Attribute-based encryption method for multiple authority centers | |
CN107872322A (en) | Digital signature collaboration generation method and system based on homomorphic cryptography | |
EP3664360A1 (en) | Certificateless public key encryption using pairings | |
CN109309566B (en) | Authentication method, device, system, equipment and storage medium | |
CN104767612A (en) | Signcryption method from certificateless environment to public key infrastructure environment | |
KR101516114B1 (en) | Certificate-based proxy re-encryption method and its system | |
CN103916248A (en) | Fully homomorphic encryption public key space compression method | |
CN105763528A (en) | Multi-recipient anonymous encryption apparatus under hybrid mechanism | |
CN104767611A (en) | Signcryption method from public key infrastructure environment to certificateless environment | |
Khatarkar et al. | A survey and performance analysis of various RSA based encryption techniques | |
CN108055134B (en) | Collaborative computing method and system for elliptic curve point multiplication and pairing operation | |
CN110798313B (en) | Secret dynamic sharing-based collaborative generation method and system for number containing secret | |
US20220038267A1 (en) | Methods and devices for secured identity-based encryption systems with two trusted centers | |
CN114362912A (en) | Identification password generation method based on distributed key center, electronic device and medium | |
CN105763322A (en) | Obfuscatable encryption key-insulated digital signature making method and system | |
KR101793528B1 (en) | Certificateless public key encryption system and receiving terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190402 |