CN105721430B - General surrogate production method in the proxypassword method of identity-based - Google Patents
General surrogate production method in the proxypassword method of identity-based Download PDFInfo
- Publication number
- CN105721430B CN105721430B CN201610028750.9A CN201610028750A CN105721430B CN 105721430 B CN105721430 B CN 105721430B CN 201610028750 A CN201610028750 A CN 201610028750A CN 105721430 B CN105721430 B CN 105721430B
- Authority
- CN
- China
- Prior art keywords
- private key
- operation people
- parameter
- warrant
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
General surrogate production method in a kind of proxypassword method of identity-based, it may be used in any one known ID-ased cryptography method, the general surrogate production method directly uses the certificate of authority as acting on behalf of public key key, intermediate parameters are encrypted using hash function, use the proxypassword method for the various efficient identity-baseds that this method is established, it can be widely applied to e-commerce, mobile agent, distributed network etc., be greatly improved their operational efficiency and safety.
Description
Technical field
The present invention relates to general in field of information security technology more particularly to a kind of proxypassword method of identity-based
Surrogate production method.
Background technique
Either in actual environment or network environment, people are frequently necessary to entrust to the certain rights of oneself reliably
Agent allows agent to represent and oneself goes to exercise these rights.For example the manager of company or the leader of a unit go out
Difference, in order to not influence company perhaps unit normal operation he his secretary or assistant can be entrusted to go on business at him during
Him is represented to sign on some important files;A for another example online sale company, since the user of transaction much causes to lead
The decline of server service quality, network delay lengthen, and have seriously affected the experience of user.Company can entrust some second levels at this time
Service provider, the burden etc. for allowing them that the right of primary server enforcement user's checking is replaced to alleviate primary server with this.The above
Very common commission problem in society or in network environment can use the method effective solution of agency.However as
The fast development of information technology, information security issue frequently occur, so that the agency of network environment is much than in actual environment
Agency want complicated more.
Core technology one of of the cryptographic technique as information security field is the most frequently used skill to solve network security problem
Art.Therefore, various largely to be proposed based on the Proxy Signature Scheme of cryptographic technique, for solving the peace under network environment
Full Proxy problem.Wherein, the proxypassword scheme of identity-based is not due to needing traditional Public Key Infrastructure (PKI), can save
It saves the cost of public key management and maintenance and has become a hot topic of research, be widely used in e-commerce, mobile agent, distribution
In network environment.However, the generally existing some disadvantages below of the proxypassword scheme of the identity-based proposed at present:
1, it is complicated, computationally intensive to act on behalf of public key key construction.It is mostly based in the proxypassword scheme of identity, proxy private key
Key is made of following components: signature+agent operation people private of the primitive operation people with the private key of oneself on the certificate of authority
Key, agent operation people act on behalf of public key key by the generation of this proxy private key key again.It can thus be seen that generate act on behalf of public key key by
The public key of primitive operation people, the public key of agent operation people, the certificate of authority and some other auxiliary parameter composition.Since scheme exists
It is needed in verification process using public key key is acted on behalf of, this makes the scheme finally generated require a great deal of time to reconstruct agency
Public key key calculates complicated and inefficiency.
2, the producing method of surrogate is single, without versatility.Surrogate (including generation of current most identity-based
Reason public key key, proxy private key key) generate be all based on certain special application background, such as: be suitble to signature environment (be based on body
The allograph key of part), it is suitble to (the proxy re-encryption key of identity-based) etc. of encryption environment.Importantly, these generations
Reason key production method is only used for this scheme of this author proposition, it is impossible to be used in the scheme that other authors propose.Due to every
The secondary production method for requiring to re-establish surrogate, so that design cost and time overhead greatly increase.
3, the transmitting of surrogate needs hidden passageway, reduces safety.It is mostly based on the proxypassword scheme of identity
The parameter for needing secret channel transfer to generate during surrogate generates, if not having to hidden passageway, these parameters will
Exposure, opponent can easy these parameters of acquisition, once opponent obtains these parameters, they just can be carried out attack, do
Various destructions, this undoubtedly greatly reduces the safety of scheme.
Summary of the invention
The present invention provides surrogate production method general in a kind of proxypassword method of identity-based, and direct use is awarded
Warrant book encrypts intermediate parameters using hash function as public key key is acted on behalf of, and is established using this method various efficient
Identity-based proxypassword method, can be widely applied to e-commerce, mobile agent, distributed network etc., can mention significantly
Height their operational efficiency and safety.
In order to achieve the above object, the present invention provides surrogate general in a kind of proxypassword method of identity-based and produces
Generation method, the general surrogate production method may be used in any one known ID-ased cryptography method, this is logical
Surrogate production method comprises the steps of:
Step S101, primitive operation people O establishes certificate of authority Warrant, directly using certificate of authority Warrant as agency
Public key;
Step S102, primitive operation people O utilizes the private key d of primitive operation peopleoCertificate of authority Warrant is encrypted,
Obtain the first encryption parameter σ1, by first encryption parameter σ1Agent operation people P is issued by overt channel;
If step S103, agent operation people P receives the commission of primitive operation people O, the private key of agent operation people is utilized
dpTo the first encryption parameter σ1It is encrypted, obtains the second encryption parameter σ2, by second encryption parameter σ2It is sent out by overt channel
To PKG;
Step S104, PKG is to the second encryption parameter σ2It is verified, if produced by verifying using system master key s
The corresponding proxy private key d of life certificate of authority WarrantW, utilize the private key d of agent operation peoplepTo proxy private key dWIt is encrypted,
Generate third encryption parameter σ3, and by third encryption parameter σ3Agent operation people P is issued by overt channel;
Step S105, agent operation people P utilizes the private key d of agent operation peoplepFrom third encryption parameter σ3Middle extraction agency is private
Key skW。
The certificate of authority Warrant include the identity information of primitive operation people O, agent operation people P identity information,
The content of agent authorization, date range.
The first encryption parameter σ1It is the private key d by primitive operation peopleo, certificate of authority Warrant and current time
It stabs Stamp and passes through hash function H1It calculates and generates, i.e. σ1=H1(do| | Warrant | | Stamp), wherein hash function H1It is PKG
(private key generator, Private Key Generator) is established, hash function H1:{0,1}*→Zp *;If primitive operation people
Private key doComprising more than one parameter, then need all parameter series connection input hash function H1In.
The second encryption parameter σ2It is to be passed through by certificate of authority Warrant, current timestamp Stamp and secret value R
Cross hash function H1It calculates and generates, i.e. σ2=H1(R | | Warrant | | Stamp), wherein R=σ1×dp;If agent operation people's
Private key dpComprising more than one parameter, then need by all parameters respectively with the first encryption parameter σ1It is multiplied, then connects defeated
Enter hash function H1In.
It is described to the second encryption parameter σ2Carrying out verifying includes: verifying equation t1=H1(do||Warrant||Stamp)
And t3=H1(t2| | Warrant | | Stamp) it is whether true, wherein t2=t1×dpIf two equatioies are set up, by testing
Card;If the private key d of primitive operation peopleoWith the private key d of agent operation peoplepIt is made of multiple parameters, then do=do1||do2|
| ..., t2=t1×dp1||t1×dp2||……。
The utilization system master key s generates the corresponding proxy private key d of certificate of authority WarrantWInclude: PKG operation
IDC.Extract, input system common parameter params, system master key s and certificate of authority Warrant, output agent private key
dW, i.e. IDC.Extract (params, s, W) → dW, wherein IDC.Extract is the close of any one known identity-based
Private key extraction stage in code method IDC, system common parameter params and system master key s are that PKG is transported according to security parameter k
Row IDC.Setup is obtained, and IDC.Setup is that the system in any one known ID-ased cryptography method IDC is initial
The change stage.
The third encryption parameter σ3It is the private key d by agent operation peoplep, certificate of authority Warrant and current time
It stabs Stamp and passes through hash function H1Calculating after add proxy private key dWIt generates, i.e. σ3=dW+H1(dp||Warrant||
Stamp)×dp;If proxy private key dWComprising more than one parameter, then need all parameters respectively and H1(dp||
Warrant||Stamp)×dpIt is added, then by these addition results together as third encryption parameter σ3。
The proxy private key skWIt is by third encryption parameter σ3Subtract hash function H1To the private key d of agent operation peoplep、
The cryptographic Hash of certificate of authority Warrant and current timestamp Stamp generate, i.e. skW=σ3-H1(dp||Warrant||
Stamp)×dp=dW;If third encryption parameter σ3Comprising more than one parameter, then need that H is individually subtracted to each parameter1
(dp||Warrant||Stamp)×dp, obtained all results of subtracting each other are exactly the complete proxy private key sk extractedW。
The present invention also provides a kind of proxypassword methods of identity-based comprising the steps of:
Step S1, system initialization: PKG establishes hash function H1, and system parameter params is established according to security parameter k
With system master key s, PKG public address system parameter params and hash function H1, secret preservation system master key s;
Step S2, private key: the identity information ID that PKG is submitted according to primitive operation people O is extractedo, generated with system master key s
The private key d of primitive operation peopleo, public key directlys adopt the identity information ID of primitive operation people Oo, by hidden passageway by primitive operation
The private key d of peopleoIt is sent to the identity information ID that primitive operation people O, PKG are submitted according to agent operation people Pp, with system master key s
Generate the private key d of agent operation peoplep, public key directlys adopt the identity information ID of agent operation peoplep, will be acted on behalf of by hidden passageway
The private key d of operatorpIt is sent to agent operation people P;
Step S3, generation is generated using surrogate production method general in the proxypassword method of the identity-based
Manage key;
Step S4, generate allograph: agent operation people P uses the agency generated in system parameter params and step S3
Key generates allograph in the message m for requiring signature;
Step S5, it verifies allograph: after allograph identifier receives an allograph with step S4 generation, making
The allograph received is verified with system parameter params and certificate of authority Warrant, if the verification passes, then connecing
By this allograph, otherwise refuse.
It is described system parameter params to be established according to security parameter k and system master key s includes: one safety ginseng of input
Number k, PKG run output system common parameter params system master key s, i.e. IDC.Setup (1 after IDC.Setupk)→
(params, s), wherein IDC is any one known ID-ased cryptography method, and IDC.Setup is the system in IDC
Initial phase;
The private key d that primitive operation people is generated with system master key soInclude: input system common parameter params,
The identity information ID that system master key s and primitive operation people O is submittedo, PKG run IDC.Extract after export primitive operation people
Private key do, i.e. IDC.Extract (params, s, IDo)→do, wherein IDC.Extract is that the private key in IDC extracts rank
Section;
The private key d that agent operation people is generated with system master key spInclude: input system common parameter params,
The identity information ID that system master key s and agent operation people P is submittedp, PKG run IDC.Extract after output agent operator
Private key dp, i.e. IDC.Extract (params, s, IDo)→dp。
The present invention has the advantage that
1, it is small that public key key simple structure, calculation amount are acted on behalf of.Directly use certificate of authority W as acting on behalf of public key key in the present invention,
Without any extra computation, the complicated establishment process in conventional art is eliminated, calculating is greatly saved and spends.
2, surrogate producing method has versatility.Surrogate production method in the present invention has versatility, the present invention
In IDC do not indicate specifically any, it can be any one known ID-ased cryptography scheme, that is to say, that
The present invention program can be applied in any ID-ased cryptography scheme to obtain it is a kind of it is efficient, based on body
The proxypassword scheme of part.Such as: if by IDC Paterson and Schuldt propose it is famous, classical based on
The signature scheme of identity is replaced, then with efficient, identity-based a allograph has just been obtained after the present invention
Scheme.
3, the transmitting of surrogate is not necessarily to hidden passageway, improves the convenience and safety of scheme execution.Make in the present invention
The parameter of transmitting is encrypted with the private key of hash function and primitive operation people or agent operation people, so that surrogate was established
The parameter transmitted in journey does not need to maintain secrecy, for example (Warrant, Stamp, σ 1, σ 2, σ 3) is all added with corresponding private key
It is close, even if so opponent has obtained these information and can not obtain secret value.Therefore, the disclosure used usually can be used in user
Channel is transmitted, and is not only facilitated but also safe.
Detailed description of the invention
Fig. 1 is the flow chart of surrogate production method general in a kind of proxypassword method of identity-based.
Fig. 2 is the flow chart of a kind of proxypassword method of identity-based.
Fig. 3 is the flow chart of one embodiment of the invention.
Specific embodiment
Below according to FIG. 1 to FIG. 3, presently preferred embodiments of the present invention is illustrated.
As shown in Figure 1, the present invention provides surrogate production method general in a kind of proxypassword method of identity-based,
The general surrogate production method may be used in any one known ID-ased cryptography method, the general agency
Key production method comprises the steps of:
Step S101, primitive operation people O establishes certificate of authority Warrant, directly using certificate of authority Warrant as agency
Public key;
Wherein, certificate of authority Warrant include the identity information of primitive operation people O, agent operation people P identity information,
Content, date range of agent authorization etc.;
Step S102, primitive operation people O utilizes the private key d of primitive operation peopleoCertificate of authority Warrant is encrypted,
Obtain the first encryption parameter σ1, by first encryption parameter σ1Agent operation people P is issued by overt channel;
The first encryption parameter σ1It is the private key d by primitive operation peopleo, certificate of authority Warrant and current time
It stabs Stamp and passes through hash function H1It calculates and generates, i.e. σ1=H1(do| | Warrant | | Stamp), wherein hash function H1It is PKG
(private key generator, Private Key Generator) is established, hash function H1:{0,1}*→Zp *;
If the private key d of primitive operation peopleoComprising more than one parameter, then need to breathe out all parameter series connection inputs
Uncommon function H1In, such as: the private key d of primitive operation peopleoIt is made of two parameters, do=(do1,do2), then the two parameter strings
Hash function H is inputted after connection1, i.e. H1(do1||do2| | Warrant | | Stamp), more than two and so on;
If step S103, agent operation people P receives the commission of primitive operation people O, the private key of agent operation people is utilized
dpTo the first encryption parameter σ1It is encrypted, obtains the second encryption parameter σ2, by second encryption parameter σ2It is sent out by overt channel
To PKG;
The second encryption parameter σ2It is to be passed through by certificate of authority Warrant, current timestamp Stamp and secret value R
Cross hash function H1It calculates and generates, i.e. σ2=H1(R | | Warrant | | Stamp), wherein R=σ1×dp;
If the private key d of agent operation peoplepComprising more than one parameter, then need all parameters respectively with first
Encryption parameter σ1It is multiplied, then series connection input hash function H1In, such as: the private key d of agent operation peoplepIt is made of two parameters
dp=(dp1,dp2), then calculating separately R to each component1=σ1×dp1And R2=σ1×dp2And by resulting all parameter strings
H is inputted after connection1, i.e. H1(R1||R2| | Warrant | | Stamp), more than two and so on;
Step S104, PKG is to the second encryption parameter σ2It is verified, if produced by verifying using system master key s
The corresponding proxy private key d of life certificate of authority WarrantW, utilize the private key d of agent operation peoplepTo proxy private key dWIt is encrypted,
Generate third encryption parameter σ3, and by third encryption parameter σ3Agent operation people P is issued by overt channel;
It is described to the second encryption parameter σ2Carrying out verifying includes: verifying equation t1=H1(do||Warrant||Stamp)
And t3=H1(t2| | Warrant | | Stamp) it is whether true, wherein t2=t1×dpIf two equatioies are set up, by testing
Card;
If the private key d of primitive operation peopleoWith the private key d of agent operation peoplepIt is made of multiple parameters, then do=do1||
do2| | ..., t2=t1×dp1||t1×dp2||……;
The utilization system master key s generates the corresponding proxy private key d of certificate of authority WarrantWInclude: PKG operation
IDC.Extract, input system common parameter params, system master key s and certificate of authority Warrant, output agent private key
dW, i.e. IDC.Extract (params, s, W) → dW, wherein IDC.Extract is the close of any one known identity-based
Private key extraction stage in code method IDC, system common parameter params and system master key s are that PKG is transported according to security parameter k
Row IDC.Setup is obtained, and IDC.Setup is that the system in any one known ID-ased cryptography method IDC is initial
The change stage;
The third encryption parameter σ3It is the private key d by agent operation peoplep, certificate of authority Warrant and current time
It stabs Stamp and passes through hash function H1Calculating after add proxy private key dWIt generates, i.e. σ3=dW+H1(dp||Warrant||
Stamp)×dp;
If proxy private key dWComprising more than one parameter, then need all parameters respectively and H1(dp||
Warrant||Stamp)×dpIt is added, then by these addition results together as third encryption parameter σ3, such as: proxy private key
dWD is formed by two parametersw=(dw1,dw2), then calculating separately σ to each component3,1=dw1+H1(dp1||dp2||Warrant
||Stamp)×dp1And σ3,2=dw2+H1(dp1||dp2||Warrant||Stamp)×dp2, and by (σ3,1,σ3,2) together as
Three encryption parameter σ3, more than two and so on;
Step S105, agent operation people P utilizes the private key d of agent operation peoplepFrom third encryption parameter σ3Middle extraction agency is private
Key skW;
The proxy private key skWIt is by third encryption parameter σ3Subtract hash function H1To the private key d of agent operation peoplep、
The cryptographic Hash of certificate of authority Warrant and current timestamp Stamp generate, i.e. skW=σ3-H1(dp||Warrant||
Stamp)×dp=dW;
If third encryption parameter σ3Comprising more than one parameter, then need that H is individually subtracted to each parameter1(dp||
Warrant||Stamp)×dp, obtained all results of subtracting each other are exactly the complete proxy private key sk extractedW, such as: third encryption
Parameter σ3σ is formed by two parameters3=(σ3,1,σ3,2), then calculating separately sk to each componentW1=σ3,1-H1(dp1||dp2||
Warrant||Stamp)×dp1=dw1And skW2=σ3,2-H1(dp1||dp2||Warrant||Stamp)×dp2=dw2, then generation
Operator is managed by skW=(skW1,skW2) it is used as proxy private key skW, more than two and so on.
Thus agent operation people P obtains agency's private/public key (skW, W), agent operation people P can act on behalf of public and private key with this
Subsequent operation, such as encryption, signature etc. are carried out, depending on the Password Operations specifically used.
General surrogate production method may be used on arbitrarily in the proxypassword method of identity-based provided by the invention
In ID-ased cryptography method known to a kind of, so that ID-ased cryptography method is become a kind of specific identity-based
Proxypassword method, for example primitive operation people becomes original signer, agent operation people becomes proxy signer, then just becoming
Identity-based is reformed into if becoming original encryption people and proxy-encrypted people at the allograph method of identity-based
Proxy-encrypted method, and so on.
As shown in Fig. 2, the present invention also provides a kind of proxypassword methods of identity-based comprising the steps of:
Step S1, system initialization IDPC.Setup:PKG establishes hash function H1, and system is established according to security parameter k
Parameter params and system master key s, PKG public address system parameter params and hash function H1, secret preservation system master key
s;
It is described system parameter params to be established according to security parameter k and system master key s includes: one safety ginseng of input
Number k, PKG run output system common parameter params system master key s, i.e. IDC.Setup (1 after IDC.Setupk)→
(params, s), wherein IDC is any one known ID-ased cryptography method, and IDC.Setup is the system in IDC
Initial phase;
Step S2, the identity information ID that private key IDPC.Extract:PKG is submitted according to primitive operation people O is extractedo, with system
The master key s that unites generates the private key d of primitive operation peopleo, public key directlys adopt the identity information ID of primitive operation people Oo, pass through secret
Channel is by the private key d of primitive operation peopleoIt is sent to the identity information ID that primitive operation people O, PKG are submitted according to agent operation people Pp,
The private key d of agent operation people is generated with system master key sp, public key directlys adopt the identity information ID of agent operation peoplep, by secret
Secret letter road is by the private key d of agent operation peoplepIt is sent to agent operation people P;
The private key d that primitive operation people is generated with system master key soInclude: input system common parameter params,
The identity information ID that system master key s and primitive operation people O is submittedo, PKG run IDC.Extract after export primitive operation people
Private key do, i.e. IDC.Extract (params, s, IDo)→do, wherein IDC.Extract is that the private key in IDC extracts rank
Section;
The private key d that agent operation people is generated with system master key spInclude: input system common parameter params,
The identity information ID that system master key s and agent operation people P is submittedp, PKG run IDC.Extract after output agent operator
Private key dp, i.e. IDC.Extract (params, s, IDo)→dp;
Step S3, it generates surrogate IDPC.Delegation: utilizing a kind of proxypassword method of above-mentioned identity-based
In general surrogate production method generate surrogate;
Step S4, it generates allograph IDPC.Signature: agent operation people P and uses system parameter params and step
The surrogate generated in S3 generates allograph in the message m for requiring signature.
Step S5, verify allograph IDPC.Verification: allograph identifier receives one and is produced with step S4
After raw allograph, the allograph received is verified using system parameter params and certificate of authority Warrant, such as
Fruit is verified, then receiving this allograph, otherwise refuses.
As shown in figure 3, by surrogate production method general in the proxypassword method of identity-based provided by the invention
It applies in the classical id-based signatures method of Paterson and Schuldt, it is specific real to provide of the invention one
Apply example.
Specific implementation step is as follows:
The Setup stage that step 1, system initialization IDPC.Setup:PKG run Paterson and Schuldt obtains
Relevant parameter discloses system parameter params={ G1,G2,e,q,g,g1,g2,u0,m0,U,M,H1, wherein G1And G2It is respectively
The addition cyclic group and multiplicative cyclic group that one rank is q, e:G1×G1→G2It is a Bilinear map, g is G1One generation
Member, g1=gs, s is one and belongs to Zp *Random number, (g2u0,m0) be three and belong to G1Random number, U=(ui) it is a length
For nIDVector (1≤i≤nID), M=(mi) be a length be nmVector (1≤j≤nm), nIDIt is an identity information
Length, nmIt is the length of a signature information, uiAnd miRandomly from G1Middle selection, H1:{0,1}*→Zp *It is a hash function,
PKG secret saves system master key s;
The Extract rank of step 2, private key extraction stage IDPC.Extract:PKG operation Paterson and Schuldt
Section, i.e., the identity information ID submitted for primitive operation people or agent operation peopleoOr IDp, PKG random two number r of selectiono,rp
∈Zp *, then calculate their own private key: the private key of primitive operation peopleAgent operation
The private key of peopleWherein IoIt is to meet IDoThe set of all i of [i]=1, and IDo[i] table
Show primitive operation person part Information IDoI-th bit be 1, IpIt is to meet IDpThe set of all i of [i]=1, and IDp[i] is indicated
Agent operation person part Information IDpI-th bit be 1;
Step 3, surrogate generate stage IDPC.Delegation, comprising the following steps:
Step 3.1, primitive operation people establish a certificate of authority W (comprising IDo、IDp, the content of agent authorization, date model
Enclose), calculate current system time T;
Step 3.2 calculatesAnd by (W, T, σ1) sent out by overt channel
Give agent operation people;
Step 3.3, agent operation people receive (W, T, σ1) after, if receiving this time to entrust, step 3.4 is carried out, if
Do not receive this time to entrust, then exits;
Step 3.4, agent operation people oneself private keyIt calculates WithThen σ is calculated2=H1(R1||R1| | W | | T) and by (W, T, σ2) pass through open letter
Issue PKG in road;
Step 3.5, PKG receive (W, T, σ2) after, first verify that whether meet following two equation t1=And t3=H1(t2| | W | | T), wherein If the two equatioies are set up, step 3.6 is carried out, if the two equatioies are invalid, is exited;
Step 3.6, PKG random selection rw∈Zp *And it calculates and then calculates Wherein IwIt is to meet the set of all i of W [i]=1, and W [i]
The i-th bit for indicating certificate of authority W is 1, PKG by (σ3,1,σ3,2) agent operation people issued by overt channel;
Step 3.7, agent operation people receive (σ3,1,σ3,2) after, with the existing W and T and private key d of oneselfpIt calculates Thus agent operation people obtain proxy private key key agent operation people can with this proxy private key key as follows into
Row signature operation;
Step 4, allograph stage IDPC.Signature: the Signature of operation Paterson and Schuldt
Stage, i.e., when a user submits a message m to require allograph, the random selection r of agent operation peoplem∈Zp *, then
With the proxy private key key of oneself It is as follows to calculate allograph Wherein
ImIt is to meet the set of all j of m [j]=1, and m [j] indicates that the jth position of signature information m is 1;
Step 5, allograph Qualify Phase IDPC.Verification: operation Paterson and Schuldt's
The Verification stage gives an allograph
And system parameter params, whether identifier verifies following equation true If this equation is set up, identifier receives this signature, it is believed that this
A allograph is that effectively, it is invalid otherwise to determine, refuses this signature.
The present invention directly uses the certificate of authority as public key key is acted on behalf of, and is encrypted using hash function to intermediate parameters,
Using this method establish various efficient identity-baseds proxypassword method, as identity-based allograph (re-encryption,
Ring signatures etc.) method, it can be widely applied to e-commerce, mobile agent, distributed network etc., be greatly improved their operation
Efficiency and safety.
It is discussed in detail although the contents of the present invention have passed through above preferred embodiment, but it should be appreciated that above-mentioned
Description is not considered as limitation of the present invention.After those skilled in the art have read above content, for of the invention
A variety of modifications and substitutions all will be apparent.Therefore, protection scope of the present invention should be limited to the appended claims.
Claims (10)
1. general surrogate production method in a kind of proxypassword method of identity-based, which is characterized in that the general generation
Reason key production method may be used in any one known ID-ased cryptography method, the general surrogate production method
It comprises the steps of:
Step S101, primitive operation people O establishes certificate of authority Warrant, directly public using certificate of authority Warrant as agency
Key;
Step S102, primitive operation people O utilizes the private key d of primitive operation peopleoCertificate of authority Warrant is encrypted, obtains the
One encryption parameter σ1, by first encryption parameter σ1Agent operation people P is issued by overt channel;
If step S103, agent operation people P receives the commission of primitive operation people O, the private key d of agent operation people is utilizedpTo
One encryption parameter σ1It is encrypted, obtains the second encryption parameter σ2, by second encryption parameter σ2PKG is issued by overt channel;
Step S104, PKG is to the second encryption parameter σ2It is verified, if awarded by verifying using system master key s generation
The corresponding proxy private key d of warrant book WarrantW, utilize the private key d of agent operation peoplepTo proxy private key dWIt is encrypted, is generated
Third encryption parameter σ3, and by third encryption parameter σ3Agent operation people P is issued by overt channel;
Step S105, agent operation people P utilizes the private key d of agent operation peoplepFrom third encryption parameter σ3It is private that middle extraction obtains agency
Key skW。
2. general surrogate production method, feature exist in the proxypassword method of identity-based as described in claim 1
In the certificate of authority Warrant includes the identity information of primitive operation people O, the identity information of agent operation people P, agency
The content of authorization, date range.
3. general surrogate production method, feature exist in the proxypassword method of identity-based as described in claim 1
In the first encryption parameter σ1It is the private key d by primitive operation peopleo, certificate of authority Warrant and current timestamp
Stamp passes through hash function H1It calculates and generates, i.e. σ1=H1(do| | Warrant | | Stamp), wherein hash function H1It is PKG
(private key generator, PrivateKey Generator) is established, hash function H1:{0,1}*→Zp *;If primitive operation people
Private key doComprising more than one parameter, then need all parameter series connection input hash function H1In.
4. general surrogate production method, feature exist in the proxypassword method of identity-based as described in claim 1
In the second encryption parameter σ2It is by certificate of authority Warrant, current timestamp Stamp and secret value R by Hash
Function H1It calculates and generates, i.e. σ2=H1(R | | Warrant | | Stamp), wherein R=σ1×dp;If the private key d of agent operation peoplep
Comprising more than one parameter, then need by all parameters respectively with the first encryption parameter σ1It is multiplied, then series connection input is breathed out
Uncommon function H1In.
5. general surrogate production method, feature exist in the proxypassword method of identity-based as described in claim 1
In described to the second encryption parameter σ2Carrying out verifying includes: verifying equation t1=H1(do| | Warrant | | Stamp) and t3=
H1(t2| | Warrant | | Stamp) it is whether true, wherein t2=t1×dpIf two equatioies are set up, pass through verifying;If
The private key d of primitive operation peopleoWith the private key d of agent operation peoplepIt is made of multiple parameters, then do=do1||do2| | ..., t2=
t1×dp1||t1×dp2||……。
6. general surrogate production method, feature exist in the proxypassword method of identity-based as described in claim 1
In the utilization system master key s generates the corresponding proxy private key d of certificate of authority WarrantWInclude: PKG operation
IDC.Extract, input system common parameter params, system master key s and certificate of authority Warrant, output agent private key
dW, i.e. IDC.Extract (params, s, W) → dW, wherein IDC.Extract is the close of any one known identity-based
Private key extraction stage in code method IDC, system common parameter params and system master key s are that PKG is transported according to security parameter k
Row IDC.Setup is obtained, and IDC.Setup is that the system in any one known ID-ased cryptography method IDC is initial
The change stage.
7. general surrogate production method, feature exist in the proxypassword method of identity-based as described in claim 1
In the third encryption parameter σ3It is the private key d by agent operation peoplep, certificate of authority Warrant and current timestamp
Stamp passes through hash function H1Calculating after add proxy private key dWIt generates, i.e. σ3=dW+H1(dp||Warrant||Stamp)
×dp;If proxy private key dWComprising more than one parameter, then need all parameters respectively and H1(dp||Warrant||
Stamp)×dpIt is added, then by these addition results together as third encryption parameter σ3。
8. general surrogate production method, feature exist in the proxypassword method of identity-based as described in claim 1
In the proxy private key sk that the extraction obtainsWIt is by third encryption parameter σ3Subtract hash function H1Private to agent operation people
Key dp, certificate of authority Warrant and current timestamp Stamp cryptographic Hash generate, i.e. skW=σ3-H1(dp||Warrant||
Stamp)×dp=dW;If third encryption parameter σ3Comprising more than one parameter, then need that H is individually subtracted to each parameter1
(dp||Warrant||Stamp)×dp, obtained all results of subtracting each other are exactly to extract obtained complete proxy private key skW。
9. a kind of proxypassword method of identity-based, which is characterized in that comprise the steps of:
Step S1, system initialization: PKG establishes hash function H1, and system parameter params is established according to security parameter k and is
Unite master key s, PKG public address system parameter params and hash function H1, secret preservation system master key s;
Step S2, private key: the identity information ID that PKG is submitted according to primitive operation people O is extractedo, generated with system master key s original
The private key d of operatoro, public key directlys adopt the identity information ID of primitive operation people Oo, by hidden passageway by primitive operation people's
Private key doIt is sent to the identity information ID that primitive operation people O, PKG are submitted according to agent operation people Pp, generated with system master key s
The private key d of agent operation peoplep, public key directlys adopt the identity information ID of agent operation peoplep, by hidden passageway by agent operation
The private key d of peoplepIt is sent to agent operation people P;
Step S3, generation general in the proxypassword method using identity-based any one of in such as claim 1-8
Key production method is managed to generate surrogate;
Step S4, generate allograph: agent operation people P is existed using the surrogate generated in system parameter params and step S3
It is required that generating allograph in the message m of signature;
Step S5, it verifies allograph: after allograph identifier receives an allograph with step S4 generation, using system
System parameter params and certificate of authority Warrant verifies the allograph received, if receiving this by verifying
Otherwise allograph is refused.
10. the proxypassword method of identity-based as claimed in claim 9, which is characterized in that
It is described system parameter params to be established according to security parameter k and system master key s includes: one security parameter k of input,
PKG runs output system common parameter params system master key s, i.e. IDC.Setup (1 after IDC.Setupk)→(params,
S), wherein IDC is any one known ID-ased cryptography method, and IDC.Setup is the system initialization rank in IDC
Section;
The private key d that primitive operation people is generated with system master key soInclude: input system common parameter params, system
The identity information ID that master key s and primitive operation people O is submittedo, PKG run IDC.Extract after export primitive operation people private
Key do, i.e. IDC.Extract (params, s, IDo)→do, wherein IDC.Extract is the private key extraction stage in IDC;
The private key d that agent operation people is generated with system master key spInclude: input system common parameter params, system
The identity information ID that master key s and agent operation people P is submittedp, PKG run IDC.Extract after output agent operator private
Key dp, i.e. IDC.Extract (params, s, IDo)→dp。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610028750.9A CN105721430B (en) | 2016-01-15 | 2016-01-15 | General surrogate production method in the proxypassword method of identity-based |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610028750.9A CN105721430B (en) | 2016-01-15 | 2016-01-15 | General surrogate production method in the proxypassword method of identity-based |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105721430A CN105721430A (en) | 2016-06-29 |
CN105721430B true CN105721430B (en) | 2019-03-05 |
Family
ID=56147287
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610028750.9A Expired - Fee Related CN105721430B (en) | 2016-01-15 | 2016-01-15 | General surrogate production method in the proxypassword method of identity-based |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105721430B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109286485B (en) * | 2018-10-17 | 2019-10-25 | 西安邮电大学 | General Identity Proxy label decryption method that can be compound |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101378316A (en) * | 2007-08-29 | 2009-03-04 | 索尼(中国)有限公司 | Proxy blind signing system and method based on identification |
WO2014088130A1 (en) * | 2012-12-05 | 2014-06-12 | Inha-Industry Partnership Institute | Proxy signature scheme |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013115522A (en) * | 2011-11-25 | 2013-06-10 | Internatl Business Mach Corp <Ibm> | Link access control method, program, and system |
-
2016
- 2016-01-15 CN CN201610028750.9A patent/CN105721430B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101378316A (en) * | 2007-08-29 | 2009-03-04 | 索尼(中国)有限公司 | Proxy blind signing system and method based on identification |
WO2014088130A1 (en) * | 2012-12-05 | 2014-06-12 | Inha-Industry Partnership Institute | Proxy signature scheme |
Non-Patent Citations (2)
Title |
---|
ID-Based Aggregate Proxy Signature Scheme Realizing Warrant-Based Delegation;Yenching LIN,等;《journal of information science and engineering 29》;20131231;全文 |
Provable Security of ID-Based Proxy Signature Schemes;Chunxiang Gu ,等;《ICCNMC 2005 LNCS 3619》;20051231;全文 |
Also Published As
Publication number | Publication date |
---|---|
CN105721430A (en) | 2016-06-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106961336B (en) | A kind of key components trustship method and system based on SM2 algorithm | |
Huang et al. | Building redactable consortium blockchain for industrial Internet-of-Things | |
CN105592100B (en) | A kind of government affairs cloud access control method based on encryption attribute | |
CN109495465A (en) | Privacy set intersection method based on intelligent contract | |
CN107947913A (en) | The anonymous authentication method and system of a kind of identity-based | |
CN101958796B (en) | Secret key devices for supporting anonymous authentication, generation method and unlocking method thereof | |
Yin et al. | SmartDID: a novel privacy-preserving identity based on blockchain for IoT | |
Shang et al. | Identity-based dynamic data auditing for big data storage | |
CN106130716A (en) | Cipher key exchange system based on authentication information and method | |
CN103731261A (en) | Secret key distribution method under encrypted repeating data deleted scene | |
CN106341232A (en) | Anonymous entity identification method based on password | |
CN106487786B (en) | Cloud data integrity verification method and system based on biological characteristics | |
CN101488853A (en) | Cross-certification method based on seed key management | |
CN104901804A (en) | User autonomy-based identity authentication implementation method | |
CN108737391A (en) | Information service entities identity manages system and identifies quick cancelling method | |
KR20030062401A (en) | Apparatus and method for generating and verifying id-based blind signature by using bilinear parings | |
CN111274594A (en) | Block chain-based secure big data privacy protection sharing method | |
CN108712259A (en) | Identity-based acts on behalf of the efficient auditing method of cloud storage for uploading data | |
Ding et al. | A public auditing protocol for cloud storage system with intrusion-resilience | |
CN114124371A (en) | Certificateless public key searchable encryption method meeting MTP (Multi-time programmable) security | |
CN113468570A (en) | Private data sharing method based on intelligent contract | |
CN114666032A (en) | Block chain transaction data privacy protection method based on homomorphic encryption | |
CN104780047A (en) | Certificateless verifiable encrypted signature method with forward security | |
CN113346992B (en) | Identity-based multi-proxy signature method and device for protecting private key | |
CN108259180A (en) | A kind of method of quantum Universal designated verifier signature |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190305 Termination date: 20220115 |
|
CF01 | Termination of patent right due to non-payment of annual fee |