CN105933116A - SM2-based electronic signature generating and verifying methods and devices - Google Patents
SM2-based electronic signature generating and verifying methods and devices Download PDFInfo
- Publication number
- CN105933116A CN105933116A CN201610480445.3A CN201610480445A CN105933116A CN 105933116 A CN105933116 A CN 105933116A CN 201610480445 A CN201610480445 A CN 201610480445A CN 105933116 A CN105933116 A CN 105933116A
- Authority
- CN
- China
- Prior art keywords
- electronic signature
- factor
- user
- verified
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
Abstract
The invention provides electronic signature generating and verifying methods and devices. The electronic signature generating method comprises the following steps: acquiring a user factor specific to a user based on a password which is input by the user to generate an electronic signature; acquiring a random factor; acquiring an equipment factor specific to mobile equipment on the mobile equipment through which the user inputs the password; and generating the electronic signature through an SM2 algorithm based on a segmented mold feature on the basis of the user factor, the random factor and the equipment factor, wherein the SM2 algorithm based on the segmented mold feature is an algorithm for ensuring that any of the user factor, the random factor, the equipment factor and an interference factor is different from the others and that all electronic signatures are different. The electronic signature generating and verifying methods and devices conform to an SM2 domestic password standard, and the security of the electronic signatures is improved through segmented mold calculation and distributed operation of the mobile equipment and password equipment.
Description
Technical field
The present invention relates to mobile device security technology area, particularly relate to a kind of based on SM2
Electronic signature generates and verification method and device.
Background technology
Developing rapidly and extensively applying along with development of Mobile Internet technology, intelligent mobile terminal progressively takes
Generation tradition PC, accelerates to penetrate in tradition application, becomes the main entrance of types of applications.Increasingly
Many users use mobile terminal to carry out doing shopping, transferring accounts, and user is enjoying more convenient service
While, the most incident safety issue highlights the most further.
Traditional electronic signature product, is mostly based on U-shield etc..Existing electronic signature schemes, electricity
Son signature generates based on user password and some random numbers etc., and security is the highest.
Summary of the invention
It is an object of the invention to improve the security of electronic signature.
According to an aspect of the invention, it is provided a kind of electronic signature generation side based on SM2
Method, described method includes:
Obtain based on user be generate electronic signature input password, specific to user user because of
Son;
Obtain random factor;
Obtain user and input the equipment factor in the mobile device of password, specific to mobile device;
Based on described user's factor, random factor, the equipment factor, through based on segmentation mould estimated performance
SM2 algorithm based on segmentation module feature, generate electronic signature, wherein based on segmentation module feature
SM2 algorithm is to ensure that in user's factor, random factor, the equipment factor that any one is different, electronics
Sign the most different algorithms.
According to an aspect of the invention, it is provided a kind of electronic signature process side based on SM2
Method, described method includes:
The electronic signature that mobile device shield plug-in unit generates is received from mobile device shield plug-in unit, wherein said
Sign electronically from mobile device shield plug-in unit end group in user be generate electronic signature input password
The user's factor specific to user, random factor, user input the spy in the mobile device of password
Due to the equipment factor of mobile device, generate through SM2 algorithm based on segmentation module feature, and utilize
Obtain scrambles for the interference factor scrambling electronic signature;
Described electronic signature is descrambled;
Electronic signature after descrambling is sent to authentication platform.
According to an aspect of the invention, it is provided a kind of electronic signature to be verified based on SM2
Verification method, described method includes:
Obtain based on user be checking electronic signature generation password, specific to user user because of
Son;
Obtain at locally stored, locally generated when generating electronic signature random factor;
Obtain user and input the equipment factor in the mobile device of password, specific to mobile device;
Based on described user's factor, random factor, the equipment factor, through based on segmentation mould estimated performance
SM2 algorithm based on segmentation module feature, generate electronic signature to be verified, wherein based on segmentation mould
The SM2 algorithm based on segmentation module feature that the SM2 algorithm of characteristic uses when being to generate electronic signature;
Electronic signature to be verified is sent, in order to be forwarded to authentication platform and electronics to distributed cipher key machine
The public key verifications result that signature is corresponding is compared checking.
According to an aspect of the invention, it is provided a kind of electronic signature to be verified based on SM2
Verification method, described method includes:
From mobile device shield plug-in unit receive electronic signature to be verified, described electronic signature to be verified be by
According to based on user be checking electronic signature generate password, specific to user user's factor,
Locally stored, locally generated when generating electronic signature random factor, user input password
The equipment factor in mobile device, specific to mobile device, through based on segmentation mould estimated performance
SM2 algorithm based on segmentation module feature generate, and utilize acquisition for electronic signature to be verified
The interference factor carrying out scrambling scrambles, and wherein SM2 algorithm based on segmentation module feature is to generate
The SM2 algorithm based on segmentation module feature used during electronic signature;
Described electronic signature to be verified is descrambled;
Electronic signature to be verified after descrambling is sent to authentication platform, in order to public key verifications result
Compare checking.
Set according to an aspect of the invention, it is provided a kind of electronic signature based on SM2 generates
Standby, described equipment includes:
For obtaining use based on the password that user is generation electronic signature input, specific to user
The device of the family factor;
For obtaining the device of random factor;
For obtain user input in the mobile device of password, specific to mobile device equipment because of
The device of son;
For based on described user's factor, random factor, the equipment factor, through calculating based on segmentation mould
The SM2 algorithm based on segmentation module feature of characteristic, generates the device of electronic signature, wherein based on dividing
The SM2 algorithm of section module feature is to ensure that any one in user's factor, random factor, the equipment factor
Difference, sign electronically the most different algorithms.
According to an aspect of the invention, it is provided a kind of electronic signature processing equipment, described equipment
Including:
For receiving the dress of the electronic signature that mobile device shield plug-in unit generates from mobile device shield plug-in unit
Putting, wherein said electronic signature is signing electronically for generating in user from mobile device shield plug-in unit end group
User's factor specific to user of password of input, random factor, user input the movement of password
The equipment factor specific to mobile device on equipment, through based on segmentation mould estimated performance based on dividing
The SM2 algorithm of section module feature generates, and utilizes the dry for scramble electronic signature of acquisition
Disturb the factor to scramble;
For the device that described electronic signature is descrambled;
For the electronic signature after descrambling being sent to the device of authentication platform.
According to an aspect of the invention, it is provided a kind of electronic signature to be verified based on SM2
Checking equipment, described equipment includes:
For obtaining use based on the password that user is checking electronic signature generation, specific to user
The device of the family factor;
For obtaining at locally stored, locally generated when generating electronic signature random factor
Device;
For obtain user input in the mobile device of password, specific to mobile device equipment because of
The device of son;
For based on described user's factor, random factor, the equipment factor, through calculating based on segmentation mould
The SM2 algorithm based on segmentation module feature of characteristic, generates the device of electronic signature to be verified, wherein
SM2 algorithm based on segmentation module feature be generate electronic signature time use based on segmentation module feature
SM2 algorithm;
For sending electronic signature to be verified to distributed cipher key machine, in order to corresponding with electronic signature
Public key verifications result compare checking device.
According to an aspect of the invention, it is provided a kind of electronic signature to be verified based on SM2
Checking equipment, described equipment includes:
For receiving the device of electronic signature to be verified, described electricity to be verified from mobile device shield plug-in unit
Son signature is according to based on the password that user be checking electronic signature generation, specific to the use of user
The family factor, the random factor locally stored, locally generated when generating electronic signature, user
The equipment factor in the mobile device of input password, specific to mobile device, through based on segmentation mould
The SM2 algorithm based on segmentation module feature of estimated performance generates, and utilize acquisition for to be tested
The interference factor that card electronic signature carries out scrambling scrambles, wherein SM2 based on segmentation module feature
The SM2 algorithm based on segmentation module feature that algorithm uses when being to generate electronic signature;
For the device that described electronic signature to be verified is descrambled;
For the electronic signature to be verified after descrambling is sent to authentication platform, in order to electronic signature
Corresponding public key verifications result is compared the device of checking.
Compared with prior art, the invention have the advantages that due to based on user's factor, equipment
The factor, three orthogonal factors of random factor generate electronic signature, and the these three factor is indispensable,
User's factor does not stores and is grasped by user, and the equipment factor is that mobile device is distinctive, Zhi Neng
Arranging in the mobile device of binding when user generates electronic signature, these three aspect checks and balance,
When checking signs electronically, the these three factor is necessary complete and generates three factors one when signing electronically
Cause, just can be verified, greatly improve electronic signature security.Preferably, based on user because of
Son, random factor, the equipment factor, interference factor, generate electronic signature, wherein ensures to use
In the family factor, random factor, the equipment factor, interference factor, any one is different, electronics label
Name is all different.The present invention meets the domestic password standard of SM2, is calculated by segmentation mould, and
Mobile device and the distributed arithmetic of encryption device, improve the security of electronic signature.
Further, since in the embodiment of the present invention, electronic signature uses interference protection mechanism, i.e. passes through
Electronic signature is scrambled by mobile device shield plug-in unit, and the distributed cipher key machine on backstage carries out descrambling
Electronic signature can be recovered.Only distributed cipher key machine could descramble.If the electronic signature quilt of scrambling
Any third party intercepts, and third party cannot descramble recovery electronic signature.That is, interference mechanism is used,
Each digital signature, is required for mobile terminal, background key machine has acted on jointly, and private key is each other
Shielding, process pins down each other, indispensable, substantially increases the security of electronic signature.And divide
Cloth key machine can only eliminate signature interference component, i.e. descrambles, it is impossible to generates user's signature, the most not
User's signature can be replaced, it is ensured that the privacy that user's signature generates.
Accompanying drawing explanation
The detailed description that non-limiting example is made made with reference to the following drawings by reading,
The other features, objects and advantages of the present invention will become more apparent upon:
Fig. 1 shows that electronic signature based on SM2 according to an embodiment of the invention is raw
One-tenth method both-end interaction diagrams between mobile device shield plug-in unit and distributed cipher key machine.
Fig. 2 shows electronics to be verified based on SM2 according to an embodiment of the invention
Signature verification method both-end interactive stream between mobile device shield plug-in unit and distributed cipher key machine
Cheng Tu.
Fig. 3 show mobile device shield plug-in unit side according to an embodiment of the invention based on
The block diagram of the electronic signature generation equipment of SM2.
Fig. 4 show distributed cipher key pusher side according to an embodiment of the invention based on
The block diagram of the electronic signature processing equipment of SM2.
Fig. 5 show mobile device shield plug-in unit side according to an embodiment of the invention based on
The block diagram of the electric signing verification equipment to be verified of SM2.
Fig. 6 show distributed cipher key pusher side according to an embodiment of the invention based on
The block diagram of the electric signing verification equipment to be verified of SM2.
Detailed description of the invention
Below in conjunction with the accompanying drawings the present invention is described in further detail.
Fig. 1 shows that electronic signature based on SM2 according to an embodiment of the invention is raw
One-tenth method both-end interaction diagrams between mobile device shield plug-in unit and distributed cipher key machine.
SM2 is a kind of algorithm that state that those skilled in the art know about is close.One enforcement of the application
The electronic signature of example generate checking system include mobile device shield plug-in unit, distributed cipher key machine, with
And authentication platform.Mobile device shield plug-in unit is positioned in the mobile device of user, such as, bind movement
In the application of equipment.And distributed cipher key machine is positioned at background server, such as in machine room.The two
Distributed collaboration computing, provides the user electronic signature functionality.
As a example by electronic bank application in user's mobile device (such as mobile phone).User is open-minded
Electronic bank application in mobile device (is such as installed to mobile by download electronic bank application
On equipment) time, electronic bank application binding has a mobile device shield plug-in unit, this plug-in unit and U
Shield is different, and it is not individualism, but is bundled in the electronic bank application of installation, uses
In generating in electronic signature and checking working in coordination with computing with distributed cipher key machine, complete electronic signature
Generation and checking.After installing electronic bank application, user has needed registration.When registration
Input user password.User to remember this password, and the most every time should by e-bank
Identical password is inputted during with transacting business (such as transferring accounts).At this moment, mobile device shield is inserted
Part according to the user's factor generated based on this user password, the random factor got and specific to
The equipment factor of mobile device, generate electronic signature, and utilize scrambling the factor scrambling after issue after
The distributed cipher key machine of platform.Distributed cipher key machine issues authentication platform after descrambling this electronic signature
Registration.When needing after user by this electronic bank application transacting business (such as transferring accounts),
Need the proof procedure of electronic signature.Checking user just can handle this business, otherwise concludes the business
Dangerous.At this moment, user needs to input oneself user password of input when registration.Move and set
Standby shield plug-in unit based on this user password by with when registration based on user password obtain user because of
The identical algorithm of son obtains the user factor identical with during registration.User generates electronics when registration
The random factor obtained during signature is in the fixing mobile device being saved in user, because of
This, mobile device shield plug-in unit can also get storage production electronic signature during use
Random factor.The equipment factor is specific for mobile device, it is also possible to inserted by mobile device shield
Part gets.The equipment factor now got is also identical with during generation electronic signature.Cause
This, now mobile device shield plug-in unit is based on user's factor now, random factor, the equipment factor
The electronic signature to be verified generated should also be and the electronic signature generated when generating electronic signature
Identical.Mobile device shield plug-in unit is dealt into distributed cipher key after this electronic signature scrambling to be verified
Machine, distributed cipher key machine be dealt into authentication platform after descrambling, and generates and registration when registering with user
Electronic signature at authentication platform is compared checking.Theoretically, this electronic signature to be verified
The electronic signature generating and being registered in authentication platform when registering with user should be identical.Such as not phase
With, then explanation user have input mistake user password, user use be not to register at the beginning
Mobile device used or the electronic signature generated or electronic signature to be certified are in the mistake transmitted
Journey is suffered illegally distort.Due in the embodiment of the present invention, based on user's factor, equipment because of
Son, three orthogonal factors of random factor generate electronic signature, and the these three factor is indispensable,
User's factor does not stores and is grasped by user, and the equipment factor is that mobile device is distinctive, and these are three years old
The individual factor checks and balance, and when checking electronic signature, the these three factor is necessary complete and generates electronics
Three factors during signature are consistent, just can be verified so that even if in user password leakage etc.
In the case of other people also are difficult to only be proved to be successful with user password, greatly improving electronic signature peace
Quan Xing.And, electronic signature uses interference protection mechanism, i.e. by mobile device shield plug-in unit pair
Electronic signature scrambles, and the distributed cipher key machine on backstage carries out descrambling could recover electronics label
Name.Only distributed cipher key machine could descramble.If the electronic signature of scrambling is by any third party
Intercepting, third party cannot descramble recovery electronic signature and distributed cipher key machine can only eliminate label
Name interference component, i.e. descrambles, it is impossible to generate user's signature, the therefore pipe of distributed cipher key machine end
Reason person also cannot distort user's signature, this mobile device shield plug-in unit and distributed cipher key machine privately
The mode mutually pind down ensure that the privacy that user's signature generates.
Distributed cipher key machine on backstage for having matched electronics label with mobile device shield plug-in unit
Name generates and the computing in proof procedure, such as descrambling etc..Such as, the machine of the subbranch of each bank
Room arranges a distributed cipher key machine, is responsible for all electronic bank application phases that this subbranch is issued
The generation of the electronic signature closed and checking.
As it is shown in figure 1, the one of mobile device shield plug-in unit side according to an embodiment of the invention
Electronic signature based on SM2 generates method and includes:
Step S110, obtain based on user be generate electronic signature input password, specific to
User's factor at family;
Step S120, acquisition random factor;
Step S130, acquisition user input in the mobile device of password, specific to mobile device
The equipment factor;
Step S140, based on described user's factor, random factor, the equipment factor, through based on segmentation
The SM2 algorithm based on segmentation module feature of mould estimated performance, generates electronic signature, wherein based on dividing
The SM2 algorithm of section module feature is to ensure that any one in user's factor, random factor, the equipment factor
Difference, sign electronically the most different algorithms.
Below these steps are described in detail.
Step S110, obtain based on user be generate electronic signature input password, specific to
User's factor at family.
In one embodiment, step S110 includes:
Obtain the password of user's input;
The password entry user's factor generating algorithm that will obtain, obtains the user's factor specific to user,
Wherein said user's factor generating algorithm is to ensure that the password of input is different, and user's factor of generation is all
Different algorithms.
As it was previously stated, the password of user's input is user's input user password when registration.Typically,
When user registers, user can be pointed out defeated with the interface of the application bound in mobile device shield plug-in unit
Access customer password.After user inputs this password, mobile device shield plug-in unit just obtains this password.
User to remember this password, and the most every time by electronic bank application transacting business (example
As transferred accounts) time to input identical password.
Described user's factor generating algorithm is to ensure that the password of input is different, and user's factor of generation is all
Different algorithms.And, when verifying electronic signature to be verified, produce electronic signature to be verified also
Same user's factor generating algorithm is used to generate user's factor when verifying.
User's factor is existing concept, is specific for a factor of user, such as different with user
And different numbers.The feature of user's factor generating algorithm is the password value with output of input
(user's factor) all unique correspondence, the password i.e. inputted is different, and user's factor of generation is the most not
With.It is currently known many algorithms and can be used for user's factor generating algorithm, therefore do not repeat.
Step S120, acquisition random factor.
In one embodiment, step S120 includes:
Receive the hardware random number that distributed cipher key machine sends;
In locally generated local random number;
By described hardware random number and described local random number synthesis, obtain random factor.
Random factor generally refers to the number randomly generated.
Random factor in this embodiment is divided into two parts.A part is hardware random number, is from dividing
Cloth key machine receives next.Another part is local random number, is that mobile device shield plug-in unit is local
Produce.The benefit that this random factor is synthesized by two parts is, owing to this random factor part is come
From in distributed cipher key machine, even if mobile device shield plug-in unit is under attack, assailant is also only energy
Grasp locally generated random number;And this random factor some from this locality, even if distribution
Formula key machine is under attack, be also only wherein part from distributed cipher key machine decoded,
Still cannot steal whole random factor, improve the security that electronic signature generates.
Step S130, acquisition user input in the mobile device of password, specific to mobile device
The equipment factor.
This equipment factor can be user's device id of inputting in the mobile device of password or equipment goes out
Factory number etc., it is also possible to be to carry out certain specific computing based on device id or equipment factory serial number etc. and
The number obtained.Device id in mobile device or equipment factory serial number etc. can be stored in movement
A certain ad-hoc location in the memory of equipment.As long as mobile device shield plug-in unit reads this position and deposits
The content of storage, it is possible to obtain the device id in mobile device or equipment factory serial number etc..Certain is special
Fixed computing is known, and fixing, equipment is calculated because of the period of the day from 11 p.m. to 1 a.m just for any mobile device
Use same computing.Such as, after this specific computing is the device id XOR in mobile device
Connect with equipment factory serial number.In general, this computing needs have input and output property one to one,
I.e. for different inputs, different output will necessarily be produced.
Step S140, based on described user's factor, random factor, the equipment factor, through based on segmentation
The SM2 algorithm of module feature, generates electronic signature, wherein SM2 algorithm based on segmentation module feature
Being to ensure that in user's factor, random factor, the equipment factor that any one is different, electronic signature is the most not
Same algorithm.
The embodiment of the present invention realizes based on SM2 algorithm.SM2 be country Password Management office in
The ellipse curve public key cipher algorithm that on December 17th, 2010 is issued.In the embodiment of the present invention, base
SM2 algorithm in segmentation mould estimated performance has an input and output property one to one, i.e. ensure user because of
In son, random factor, the equipment factor, any one is different, and electronic signature is all different.In the algorithm,
The each section factor respectively iteration fortune orthogonal by user's factor, the hardware factor, random factor three
Calculate, it is not necessary to be assembled into partial data.
Preferably, iterative algorithm should be included by SM2 algorithm based on segmentation module feature, user's factor,
The equipment factor, random factor are through iterative algorithm, it is not necessary to three factor set are dressed up complete use
Signing in family, is difficult to three factors before analyzing iteration from complete user's signature, greatly improves
The security of electronic signature.
Before step S140, in one embodiment, the method also includes: step S135,
Obtain the interference factor for electronic signature is scrambled.
The effect before electronic signature is sent to distributed cipher key machine, electronic signature scrambled
It is, prevents electronic signature from being intercepted by third party and revealing.In the case of scrambling, technology electronics
Signature is intercepted by third party, owing to third party does not knows the interference factor of scrambling, and still cannot be extensive
Multiple electronic signature.That is, use interference mechanism, each digital signature, be required for mobile terminal, after
Platform key machine has acted on jointly, and private key is shielded from one another, and process pins down each other, indispensable, greatly
Improve greatly the security of electronic signature.And distributed cipher key machine can only eliminate signature interference component,
I.e. descramble, it is impossible to generate user's signature, it is ensured that the privacy that user's signature generates.
In one embodiment, step S135 includes:
Receive the interference PKI that distributed cipher key machine sends;
Interference factor is determined according to described interference PKI.
Distributed cipher key machine is provided with interference PKI, interference private key pair.Interference PKI, interference private
Key is to can be the most identical with checking to the generation of every time electronic signature, but preferably to each electronics label
The generation of name uses different interference PKI, interference private key pair with checking.Distributed cipher key machine will be dry
Disturb PKI and be sent to mobile device shield plug-in unit, determine therefrom that interference factor for mobile device shield plug-in unit.
Distributed cipher key machine retains interference private key.At the mobile device shield plug-in unit interference factor electricity to generating
After beaming back distributed cipher key machine after son signature scrambling, distributed cipher key machine interference private key descrambling.By
In disturbing private key to be corresponding with interference PKI, distributed cipher key machine can descramble open the electronics of generation
Signature, even and if other equipment intercept this electronic signature, also because lack interference private key, it is impossible to
It is descrambled.
Interference factor is the number etc. for scrambling the electronic signature generated.According to described interference
PKI determines that interference factor produces algorithm often by predetermined interference factor.This interference factor produces
Algorithm has input and output property one to one, i.e. produces different output for different inputs.Known
Many algorithms have input and output property one to one, can produce algorithm as interference factor, therefore not go to live in the household of one's in-laws on getting married
State.
After step s 140, described method also includes: the interference that step S145, utilization obtain
The electronic signature that factor pair generates scrambles, and generates the electronic signature after scrambling.
Scrambling belongs to prior art.There are many scrambling algorithms can be utilized to the interference factor obtained
Electronic signature to generating scrambles, and generates the electronic signature after scrambling, therefore does not repeats.
As it is shown in figure 1, in one embodiment, after step S145, described method includes:
Step S150, to distributed cipher key machine send scrambling after electronic signature.
The purpose of the electronic signature after distributed cipher key machine sends scrambling is to make distributed cipher key function
Enough electronic signatures utilized after disturbing private key descrambling scrambling, thus the electronic signature of recovery is sent to
Authentication platform is registered, in order to verify electronic signature to be verified later.
As it can be seen, in one embodiment, according to an embodiment of the invention distributed close
A kind of based on SM2 electronic signature processing method of key pusher side includes:
Step S210, the electronics label generated from mobile device shield plug-in unit reception mobile device shield plug-in unit
Name, wherein said electronic signature is signing electronically for generating in user from mobile device shield plug-in unit end group
User's factor specific to user of password of input, random factor, user input the movement of password
The equipment factor specific to mobile device on equipment, raw through SM2 algorithm based on segmentation module feature
Become, and utilize scrambling for the interference factor that electronic signature is scrambled of acquisition;
Step S220, described electronic signature is descrambled;
Step S230, will descrambling after electronic signature be sent to authentication platform.
Electronic signature processing method refers to the electronics after the scrambling that mobile device shield plug-in unit receives
Signature carries out descrambling etc. and processes, and is sent to the side of the electronic signature that authentication platform is registered as user
Method.
Below these steps are described in detail.
Step S210, the electronics label generated from mobile device shield plug-in unit reception mobile device shield plug-in unit
Name, wherein said electronic signature is signing electronically for generating in user from mobile device shield plug-in unit end group
User's factor specific to user of password of input, random factor, user input the movement of password
The equipment factor specific to mobile device on equipment, raw through SM2 algorithm based on segmentation module feature
Become, and utilize scrambling for the interference factor that electronic signature is scrambled of acquisition.
Described electronic signature inputs for generating electronic signature in user from mobile device shield plug-in unit end group
The user's factor specific to user of password, random factor, user input the mobile device of password
On the equipment factor specific to mobile device, through SM2 algorithm based on segmentation module feature generate,
And utilize the Cheng Qian excessively scrambled for the interference factor that electronic signature is scrambled of acquisition
Face integrating step S110-S145 has been described above, and therefore repeats no more.
Step S220, described electronic signature is descrambled.
In one embodiment, it is based on the interference being sent to mobile device shield plug-in unit at interference factor
In the case of PKI is determined, the described step descrambling described electronic signature includes: with dry
Disturb private key electronic signature is descrambled.
As it was previously stated, distributed cipher key machine is provided with interference PKI, interference private key pair.Distributed
Interference PKI is sent to mobile device shield plug-in unit by key machine, determines therefrom that for mobile device shield plug-in unit
Interference factor.Distributed cipher key machine retains interference private key.At mobile device shield plug-in unit interference factor
After beaming back distributed cipher key machine after the electronic signature scrambling generated, the interference private of distributed cipher key machine
Key descrambles.Owing to disturbing private key to be corresponding with interference PKI, distributed cipher key machine can descramble out
The electronic signature generated, even and if other equipment intercept this electronic signature, also because lacking interference
Private key, it is impossible to it is descrambled.
Step S230, will descrambling after electronic signature be sent to authentication platform.
It is at authentication platform as user using the purpose that the electronic signature after descrambling is sent to authentication platform
The electronic signature of registration.When later user needs to use the application bound in mobile device shield plug-in unit
When (such as electronic bank application) carries out certain operation, generate electronic signature to be verified by aftermentioned mode,
It is sent to authentication platform enter with the electronic signature that user when generating electronic signature is registered in authentication platform
Row comparison.As consistent then by checking.
As in figure 2 it is shown, the one of mobile device shield plug-in unit side according to an embodiment of the invention
Electric signing verification method to be verified based on SM2 includes:
Step S310, obtain based on user be checking electronic signature generation password, specific to
User's factor at family;
Step S320, obtain locally stored, when generating electronic signature locally generated random
The factor;
Step S330, acquisition user input in the mobile device of password, specific to mobile device
The equipment factor;
Step S340, based on described user's factor, random factor, the equipment factor, through based on segmentation
The SM2 algorithm of module feature, generates electronic signature to be verified, wherein SM2 based on segmentation module feature
The SM2 algorithm based on segmentation module feature that algorithm uses when being to generate electronic signature;
Step S350, to distributed cipher key machine send electronic signature to be verified, in order to be forwarded to certification
Platform and public key verifications result are compared checking.
Below these steps are described in detail.
Step S310, obtain based on user be checking electronic signature generation password, specific to
User's factor at family.
Such as, user needs to utilize the electronic bank application in mobile device to transfer accounts, and at this moment needs
User to be produces an electronic signature to be verified, is sent to authentication platform and verifies.
Under the prompting of the application interface bound in mobile device shield plug-in unit, user inputs user password.
Mobile device shield plug-in unit gets this user password, generates specific to user's based on this user password
User's factor.Generate in user's factor and step S110 of user based on this user password
Unanimously, and using identical algorithms, the electronic signature of such guarantee generates and the uniformity of checking.
Difference with step S110 is, what this step obtained is the use for electric signing verification
The family factor, and the generation of step S110 is the user's factor for the generation that signs electronically.
Step S320, obtain locally stored, when generating electronic signature locally generated random
The factor.
Random factor owing to producing when generating the electronic signature of user has been saved in mobile device shield
In the memory of plug-in unit, therefore can directly obtain this random factor.
Step S330, acquisition user input in the mobile device of password, specific to mobile device
The equipment factor.
Step S330 obtains user and inputs in the mobile device of password, specific to mobile device
The process of the equipment factor is completely the same with step S130.Difference with step S130 is, step
The equipment factor obtained in rapid S130 is for the generation of user's electronic signature.Step S330 obtains
The equipment factor for user electronic signature checking.
Step S340, based on described user's factor, random factor, the equipment factor, through based on segmentation
The SM2 algorithm of module feature, generates electronic signature to be verified, wherein SM2 based on segmentation module feature
The SM2 algorithm based on segmentation module feature that algorithm uses when being to generate electronic signature.
This step is essentially identical with step S140.Unlike step S140, step S140
It is to generate electronics based on the user's factor generated for signing electronically, random factor, the equipment factor
Signature, and this step be in for user's factor of electric signing verification, random factor, equipment because of
Son generates electronic signature to be verified.
Step S350, to distributed cipher key machine send electronic signature to be verified, in order to be forwarded to certification
Platform and public key verifications result are compared checking.
This step is essentially identical with step S150.Unlike step S150, step S150
It is to be sent as the electronic signature that user generates, and this step is to send the electronics label to be verified generated
Name.
In one embodiment, before step S340, described method also includes: step S335
Obtain the interference factor for electronic signature to be verified is scrambled.
This step is essentially identical with step S135.Unlike step S135, step S135
It is to obtain the interference factor for the electronic signature generated is scrambled, and step S335 is to obtain
Take in the interference factor that electronic signature to be verified is scrambled.
After step S340, described method also includes: the interference that step S345, utilization obtain
The electronic signature to be verified that factor pair generates scrambles, and generates the electronics label to be verified after scrambling
Name.
This step is essentially identical with step S145.Unlike step S145, step S145
It is to utilize the interference factor obtained that the electronic signature generated when registering for user is scrambled, generates
Electronic signature after scrambling.Step S345 is to utilize the interference factor obtained to need user to use
The electronic signature to be verified generated during the function applied scrambles, and generates the electricity to be verified after scrambling
Son signature.
Now, step S350 includes: the electronics label to be verified after distributed cipher key machine sends scrambling
Name, in order to be forwarded to authentication platform after distributed cipher key machine descrambling and compare with public key verifications result
Checking.
As in figure 2 it is shown, to be tested at distributed cipher key pusher side according to an embodiment of the invention
Card electric signing verification method includes:
Step S410, from mobile device shield plug-in unit receive electronic signature to be verified, described electricity to be verified
Son signature is according to based on the password that user be checking electronic signature generation, specific to the use of user
The family factor, the random factor locally stored, locally generated when generating electronic signature, user
The equipment factor in the mobile device of input password, specific to mobile device, through based on segmentation mould
The SM2 algorithm of characteristic generates, and utilize acquisition for electronic signature to be verified is scrambled
Interference factor scrambles, when wherein SM2 algorithm based on segmentation module feature is to generate electronic signature
The SM2 algorithm based on segmentation module feature used;
Step S420, described electronic signature to be verified is descrambled;
Step S430, will descrambling after electronic signature to be verified be sent to authentication platform, in order to public affairs
Key the result is compared checking.
Below these steps are described in detail.
Step S410, from mobile device shield plug-in unit receive electronic signature to be verified, described electricity to be verified
Son signature is according to based on the password that user be checking electronic signature generation, specific to the use of user
The family factor, the random factor locally stored, locally generated when generating electronic signature, user
The equipment factor in the mobile device of input password, specific to mobile device, through based on segmentation mould
The SM2 algorithm of characteristic generates, and utilize acquisition for electronic signature to be verified is scrambled
Interference factor scrambles, when wherein SM2 algorithm based on segmentation module feature is to generate electronic signature
The SM2 algorithm based on segmentation module feature used.
Described electronic signature to be verified according to based on user be checking electronic signature generate password,
Specific to user user's factor, locally stored, when generating electronic signature locally generated
Random factor, user input the equipment factor in the mobile device of password, specific to mobile device,
Through SM2 algorithm based on segmentation module feature generate, and utilize acquisition for electronics label to be verified
The process that the interference factor that name carries out scrambling carries out scrambling is as shown in step S310-S345.
Step S420, described electronic signature to be verified is descrambled.
In one embodiment, it is based on the interference being sent to mobile device shield plug-in unit at interference factor
In the case of PKI is determined, step S420 includes:
With interference private key, electronic signature to be verified is descrambled.
Step S430, will descrambling after electronic signature to be verified be sent to authentication platform, in order to public affairs
Key the result is compared checking.
After electronic signature to be verified after descrambling is sent to authentication platform, if to be tested after Xie Rao
Card electronic signature is consistent, then with the electronic signature that user when generating electronic signature registers at authentication platform
It is verified.Otherwise, then verify and do not pass through.
As it is shown on figure 3, the one of mobile device shield plug-in unit side according to an embodiment of the invention
Electronic signature based on SM2 generates equipment 3 and includes:
For obtaining use based on the password that user is generation electronic signature input, specific to user
The device (lower referred to as " generating signs electronically uses user's factor acquisition device ") 301 of the family factor;
For obtaining the device of random factor, (lower referred to as " generation electronic signature random factor obtains
Device ") 302;
For obtain user input in the mobile device of password, specific to mobile device equipment because of
The device (lower referred to as " generation electronic signature equipment factor acquisition device ") 303 of son;
For based on described user's factor, random factor, the equipment factor, through based on segmentation module feature
SM2 algorithm, generate the device (referred to as lower " electronic signature generating means ") 304 of electronic signature.
Below these devices are described in detail.
In one embodiment, generate electronic signature to be used for user's factor acquisition device 301:
Obtain the password of user's input;
The password entry user's factor generating algorithm that will obtain, obtains the user's factor specific to user,
Wherein said user's factor generating algorithm is to ensure that the password of input is different, and user's factor of generation is all
Different algorithms.
As it was previously stated, the password of user's input is user's input user password when registration.Typically,
When user registers, user can be pointed out defeated with the interface of the application bound in mobile device shield plug-in unit
Access customer password.After user inputs this password, mobile device shield plug-in unit just obtains this password.
User to remember this password, and the most every time by electronic bank application transacting business (example
As transferred accounts) time to input identical password.
Described user's factor generating algorithm is to ensure that the password of input is different, and user's factor of generation is all
Different algorithms.And, when verifying electronic signature to be verified, produce electronic signature to be verified also
Same user's factor generating algorithm is used to generate user's factor when verifying.
User's factor is existing concept, is specific for a factor of user, such as different with user
And different numbers.The feature of user's factor generating algorithm is the password value with output of input
(user's factor) all unique correspondence, the password i.e. inputted is different, and user's factor of generation is the most not
With.It is currently known many algorithms and can be used for user's factor generating algorithm, therefore do not repeat.
In one embodiment, generate electronic signature random factor acquisition device 302 to be used for:
Receive the hardware random number that distributed cipher key machine sends;
In locally generated local random number;
By described hardware random number and described local random number synthesis, obtain random factor.
Random factor generally refers to the number randomly generated.
Random factor in this embodiment is divided into two parts.A part is hardware random number, is from dividing
Cloth key machine receives next.Another part is local random number, is that mobile device shield plug-in unit is local
Produce.The benefit that this random factor is synthesized by two parts is, owing to this random factor part is come
From in distributed cipher key machine, even if mobile device shield plug-in unit is under attack, assailant is also only energy
Grasp locally generated random number;And this random factor some from this locality, even if distribution
Formula key machine is under attack, be also only wherein part from distributed cipher key machine decoded,
Still cannot steal whole random factor, improve the security that electronic signature generates.
Generate electronic signature equipment factor acquisition device 303 to be used for obtaining the equipment factor.This equipment
The factor can be user's device id of inputting in the mobile device of password or equipment factory serial number etc., also
Can be carrying out certain specific computing based on device id or equipment factory serial number etc. and obtaining
Number.Device id in mobile device or equipment factory serial number etc. can be stored in the storage of mobile device
A certain ad-hoc location in device.As long as mobile device shield plug-in unit reads the content of this position storage,
Can be obtained by the device id in mobile device or equipment factory serial number etc..Certain specific computing is
Known and fixing, equipment is calculated for any mobile device and just uses because of the period of the day from 11 p.m. to 1 a.m same
Computing.Such as, this specific computing is dispatched from the factory with equipment after being the device id XOR in mobile device
Number series connection etc..In general, this computing needs have input and output property one to one, i.e. for difference
Input, different output will necessarily be produced.
Electronic signature generating means 304 based on described user's factor, random factor, the equipment factor,
Through SM2 algorithm based on segmentation module feature, generate electronic signature, wherein based on segmentation module feature
SM2 algorithm is to ensure that in user's factor, random factor, the equipment factor that any one is different, electronics
Sign the most different algorithms.
SM2 algorithm based on segmentation module feature has an input and output property one to one, i.e. ensure user because of
In son, random factor, the equipment factor, any one is different, and electronic signature is all different.Known many
Algorithm has input and output property one to one, can serve as SM2 algorithm based on segmentation module feature.This
A part does not repeats.
Preferably, iterative algorithm should be included by SM2 algorithm based on segmentation module feature, user's factor,
The equipment factor, random factor are through iterative algorithm, it is not necessary to three factor set are dressed up complete use
Signing in family, is difficult to three factors before analyzing iteration from complete user's signature, greatly improves
The security of electronic signature.
In one embodiment, described equipment also includes: for through SM2 based on segmentation module feature
Before algorithm generates electronic signature, obtain for the dress to the interference factor that electronic signature scrambles
Put (lower abbreviation " generates electronic signature scrambling interference factor acquisition device ", does not shows in figure).
The effect before electronic signature is sent to distributed cipher key machine, electronic signature scrambled
It is, prevents electronic signature from being intercepted by third party and revealing.In the case of scrambling, technology electronics
Signature is intercepted by third party, owing to third party does not knows the interference factor of scrambling, and still cannot be extensive
Multiple electronic signature.That is, use interference mechanism, each digital signature, be required for mobile terminal, after
Platform key machine has acted on jointly, and private key is shielded from one another, and process pins down each other, indispensable, greatly
Improve greatly the security of electronic signature.And distributed cipher key machine can only eliminate signature interference component,
I.e. descramble, it is impossible to generate user's signature, it is ensured that the privacy that user's signature generates.
Generate electronic signature scrambling interference factor acquisition device to be used for:
Receive the interference PKI that distributed cipher key machine sends;
Interference factor is determined according to described interference PKI.
Distributed cipher key machine is provided with interference PKI, interference private key pair.Interference PKI, interference private
Key is to can be the most identical with checking to the generation of every time electronic signature, but preferably to each electronics label
The generation of name uses different interference PKI, interference private key pair with checking.Distributed cipher key machine will be dry
Disturb PKI and be sent to mobile device shield plug-in unit, determine therefrom that interference factor for mobile device shield plug-in unit.
Distributed cipher key machine retains interference private key.At the mobile device shield plug-in unit interference factor electricity to generating
After beaming back distributed cipher key machine after son signature scrambling, distributed cipher key machine interference private key descrambling.By
In disturbing private key to be corresponding with interference PKI, distributed cipher key machine can descramble open the electronics of generation
Signature, even and if other equipment intercept this electronic signature, also because lack interference private key, it is impossible to
It is descrambled.
Interference factor is the number etc. for scrambling the electronic signature generated.According to described interference
PKI determines that interference factor produces algorithm often by predetermined interference factor.This interference factor produces
Algorithm has input and output property one to one, i.e. produces different output for different inputs.Known
Many algorithms have input and output property one to one, can produce algorithm as interference factor, therefore not go to live in the household of one's in-laws on getting married
State.
In one embodiment, described equipment also includes: for through SM2 based on segmentation module feature
After algorithm generates electronic signature, utilize the interference factor obtained that the electronic signature generated is added
Disturb, generate the device (not shown) of the electronic signature after scrambling.
Scrambling belongs to prior art.There are many scrambling algorithms can be utilized to the interference factor obtained
Electronic signature to generating scrambles, and generates the electronic signature after scrambling, therefore does not repeats.
In one embodiment, described equipment also includes:
The device (not shown) of the electronic signature after sending scrambling to distributed cipher key machine.
As shown in Figure 4, in one embodiment, according to an embodiment of the invention distributed
A kind of based on SM2 electronic signature processing equipment 4 of key pusher side includes:
For receiving the device of the electronic signature that mobile device shield plug-in unit generates from mobile device shield plug-in unit
(lower abbreviation " generates electronic signature and receives device ") 401, wherein said electronic signature is setting from mobile
Standby shield plug-in unit end group is in the user specific to user that user is the password generating electronic signature input
The factor, random factor, user input the equipment specific to mobile device in the mobile device of password
The factor, through SM2 algorithm based on segmentation module feature generate, and utilize acquisition for electronics label
The interference factor that name carries out scrambling scrambles;
For device (lower abbreviation " the generation electronic signature descrambling dress that described electronic signature is descrambled
Put ") 402;
For the electronic signature after descrambling is sent to the device of authentication platform, (lower abbreviation, " descrambles electronics
Signature dispensing device ") 403.
Below these devices are described in detail.
Generate electronic signature and receive device 401 for receiving mobile device shield from mobile device shield plug-in unit
Plug-in unit generate electronic signature, wherein said electronic signature from mobile device shield plug-in unit end group in
Family is to generate the user's factor specific to user of password of electronic signature input, random factor, use
The equipment factor specific to mobile device in the mobile device of family input password, through based on segmentation mould
The SM2 algorithm of characteristic generates, and utilize acquisition for interference that electronic signature is scrambled because of
Son scrambles.
Described electronic signature inputs for generating electronic signature in user from mobile device shield plug-in unit end group
The user's factor specific to user of password, random factor, user input the mobile device of password
On the equipment factor specific to mobile device, through SM2 algorithm based on segmentation module feature generate,
And utilize the Cheng Qian excessively scrambled for the interference factor that electronic signature is scrambled of acquisition
Face integrating step S110-S145 has been described above, and therefore repeats no more.
Generate electronic signature descrambler 402 for the device that described electronic signature is descrambled.
In one embodiment, it is based on the interference being sent to mobile device shield plug-in unit at interference factor
In the case of PKI is determined, generate electronic signature descrambler 402 and be used for:
With interference private key, electronic signature is descrambled.
As it was previously stated, distributed cipher key machine is provided with interference PKI, interference private key pair.Distributed
Interference PKI is sent to mobile device shield plug-in unit by key machine, determines therefrom that for mobile device shield plug-in unit
Interference factor.Distributed cipher key machine retains interference private key.At mobile device shield plug-in unit interference factor
After beaming back distributed cipher key machine after the electronic signature scrambling generated, the interference private of distributed cipher key machine
Key descrambles.Owing to disturbing private key to be corresponding with interference PKI, distributed cipher key machine can descramble out
The electronic signature generated, even and if other equipment intercept this electronic signature, also because lacking interference
Private key, it is impossible to it is descrambled.
Descrambling electronic signature dispensing device 403 is put down for the electronic signature after descrambling is sent to certification
Platform.
It is at authentication platform as user using the purpose that the electronic signature after descrambling is sent to authentication platform
The electronic signature of registration.When later user needs to use the application bound in mobile device shield plug-in unit
When (such as electronic bank application) carries out certain operation, generate electronic signature to be verified by aftermentioned mode,
It is sent to authentication platform enter with the electronic signature that user when generating electronic signature is registered in authentication platform
Row comparison.As consistent then by checking.
As it is shown in figure 5, the one of mobile device shield plug-in unit side according to an embodiment of the invention
Electric signing verification equipment 5 to be verified based on SM2 includes:
For obtaining use based on the password that user is checking electronic signature generation, specific to user
The device (lower abbreviation " checking electronic signature user's factor acquisition device ") 501 of the family factor;
For obtaining at locally stored, locally generated when generating electronic signature random factor
Device (lower abbreviation " checking electronic signature random factor acquisition device ") 502;
For obtain user input in the mobile device of password, specific to mobile device equipment because of
The device (lower abbreviation " checking electronic signature equipment factor acquisition device ") 503 of son;
For based on described user's factor, random factor, the equipment factor, through based on segmentation module feature
SM2 algorithm, the device generating electronic signature to be verified (lower is called for short that " electronic signature to be verified is raw
Become device ") 504, wherein SM2 algorithm based on segmentation module feature uses when being to generate electronic signature
SM2 algorithm based on segmentation module feature;
For to distributed cipher key machine send electronic signature to be verified, in order to be forwarded to authentication platform with
Public key verifications result is compared the device (lower be called for short " electronic signature dispensing device to be verified ") of checking
505。
Below these devices are described in detail.
It is checking electricity that checking electronic signature is used for obtaining based on user with user's factor acquisition device 501
The password that son signature generates, specific to user's factor of user.
Such as, user needs to utilize the electronic bank application in mobile device to transfer accounts, and at this moment needs
User to be produces an electronic signature to be verified, is sent to authentication platform and verifies.
Under the prompting of the application interface bound in mobile device shield plug-in unit, user inputs user password.
Mobile device shield plug-in unit gets this user password, generates specific to user's based on this user password
User's factor.One is generated in user's factor and the device 301 of user based on this user password
Causing, and use identical algorithms, the electronic signature of such guarantee generates and the uniformity of checking.With
The difference of device 301 is, this device obtain be one for electric signing verification user because of
Son, and device 301 generation is the user's factor for the generation that signs electronically.
Checking electronic signature random factor acquisition device 502 for obtain locally stored,
Generate random factor locally generated during electronic signature.
Random factor owing to producing when generating the electronic signature of user has been saved in mobile device shield
In the memory of plug-in unit, therefore can directly obtain this random factor.
Checking electronic signature equipment factor acquisition device 503 inputs the shifting of password for obtaining user
The equipment factor on dynamic equipment, specific to mobile device.
This device obtains user and inputs in the mobile device of password, setting specific to mobile device
The process of the standby factor is completely the same with device 303.Difference with device 303 is, device 303
The equipment factor of middle acquisition is for the generation of user's electronic signature.The equipment factor obtained in this device
Checking for electronic signature to be verified.
Electronic signature generating means to be verified 504 for based on described user's factor, random factor,
The equipment factor, through SM2 algorithm based on segmentation module feature, generates electronic signature to be verified, wherein
SM2 algorithm based on segmentation module feature be generate electronic signature time use based on segmentation module feature
SM2 algorithm.
This device is essentially identical with device 304.Unlike device 304, device 304 is base
In the user's factor generated for signing electronically, random factor, the equipment factor to generate electronic signature,
And this device is in for user's factor of electric signing verification, random factor, equipment factor next life
Become electronic signature to be verified.
Electronic signature dispensing device 505 to be verified is for sending electronics to be verified to distributed cipher key machine
Signature, in order to be forwarded to authentication platform and public key verifications result and compare checking.
In one embodiment, described equipment also includes: for through SM2 based on segmentation module feature
Algorithm generates before electronic signature to be verified, obtains for scrambling electronic signature to be verified
The device (not shown) of interference factor.
In one embodiment, described equipment also includes: for through SM2 based on segmentation module feature
After algorithm generates electronic signature to be verified, utilize the interference factor the obtained electricity to be verified to generating
Son signature scrambles, and generates the device (not shown) of the electronic signature to be verified after scrambling.
In one embodiment, electronic signature dispensing device 505 to be verified is used for:
Electronic signature to be verified after distributed cipher key machine sends scrambling, in order to distributed cipher key machine
It is forwarded to authentication platform and public key verifications result after descrambling compare checking.
As shown in Figure 6, according to an embodiment of the invention distributed cipher key pusher side based on
The electric signing verification equipment 6 to be verified of SM2 includes:
For receiving the device of electronic signature to be verified from mobile device shield plug-in unit, (lower abbreviation is " to be verified
Electronic signature receive device) 601, described electronic signature to be verified be according to based on user for checking
The password that electronic signature generates, specific to user user's factor, locally stored, giving birth to
Random factor, user locally generated during one-tenth electronic signature input in the mobile device of password, special
Due to the equipment factor of mobile device, generate through SM2 algorithm based on segmentation module feature, and utilize
Obtain scrambles for the interference factor that scrambles electronic signature to be verified, wherein based on
The SM2 algorithm of segmentation module feature be generate electronic signature time use based on segmentation module feature
SM2 algorithm;
For device (lower abbreviation " the electronics label to be verified that described electronic signature to be verified is descrambled
Name descrambler ") 602;
For the electronic signature to be verified after descrambling is sent to authentication platform, in order to public key verifications
Result is compared the device (lower be called for short " electronic signature dispensing device to be verified after descrambling ") of checking
603。
Below these devices are described in detail.
Electronic signature to be verified receives device 601 for receiving electricity to be verified from mobile device shield plug-in unit
Son signature, described electronic signature to be verified is according to based on the mouth that user is checking electronic signature generation
Order, specific to user user's factor, locally stored, when generating electronic signature local
The random factor, the user that produce input in the mobile device of password, setting specific to mobile device
The standby factor, generates through SM2 algorithm based on segmentation module feature, and utilize acquisition for to be tested
The interference factor that card electronic signature carries out scrambling scrambles, wherein SM2 based on segmentation module feature
The SM2 algorithm based on segmentation module feature that algorithm uses when being to generate electronic signature.
Described electronic signature to be verified according to based on user be checking electronic signature generate password,
Specific to user user's factor, locally stored, when generating electronic signature locally generated
Random factor, user input the equipment factor in the mobile device of password, specific to mobile device,
Through SM2 algorithm based on segmentation module feature generate, and utilize acquisition for electronics label to be verified
The process that the interference factor that name carries out scrambling carries out scrambling is as shown in step S310-S345.
Electronic signature descrambler 602 to be verified is for solving described electronic signature to be verified
Disturb.
In one embodiment, described electronic signature descrambler 602 to be verified is used for: in interference
The factor be determine based on the interference PKI being sent to mobile device shield plug-in unit in the case of, with interference
Electronic signature to be verified is descrambled by private key.
After descrambling, electronic signature dispensing device 603 to be verified is for by the electronics label to be verified after descrambling
Name is sent to authentication platform, in order to compare checking with public key verifications result.
After electronic signature to be verified after descrambling is sent to authentication platform, if to be tested after Xie Rao
Card electronic signature is consistent, then with the electronic signature that user when generating electronic signature registers at authentication platform
It is verified.Otherwise, then verify and do not pass through.
Wherein, the method according to the invention is come real by the device being contained in computer equipment
Existing.Described computer equipment include a kind of can be according to the instruction being previously set or storing, automatically
Carrying out the electronic equipment of numerical computations and/or information processing, its hardware includes but not limited to micro-process
Device, special IC (ASIC), programmable gate array (FPGA), digital processing unit (DSP),
Embedded device etc..Described computer equipment includes the network equipment and/or subscriber equipment.Wherein,
The described network equipment includes but not limited to what single network server, multiple webserver formed
Server group or based on cloud computing (Cloud Computing) by a large amount of main frames or network service
The cloud that device is constituted, wherein, cloud computing is the one of Distributed Calculation, loosely-coupled by a group
One super virtual machine of computer collection composition.Described subscriber equipment includes but not limited to appoint
What one can be with user by sides such as keyboard, mouse, remote controller, touch pad or voice-operated devices
Formula carries out the electronic product of man-machine interaction, such as, personal computer, panel computer, intelligence hand
Machine, PDA, game machine or IPTV etc..Wherein, described subscriber equipment and network equipment institute
The network at place includes but not limited to internet, wide area network, Metropolitan Area Network (MAN), LAN, VPN etc..
It should be noted that described subscriber equipment, the network equipment and network are only for example, its
He is such as applicable to existing or that be likely to occur from now on subscriber equipment, the network equipment and network
The present invention, within also should being included in scope, and is incorporated herein with way of reference.
The software program of the present invention can by processor perform to realize steps described above or
Function.Similarly, the software program of the present invention can be deposited (including the data structure being correlated with)
Store up in computer readable recording medium storing program for performing, such as, RAM memory, magnetically or optically driver or
Floppy disc and similar devices.It addition, some steps of the present invention or function can employ hardware to reality
Existing, such as, perform the circuit of each function or step as coordinating with processor.
It addition, the part of the present invention can be applied to computer program, such as computer
Programmed instruction, when it is computer-executed, by the operation of this computer, can call or
The method according to the invention and/or technical scheme are provided.And the program calling the method for the present invention refers to
Order, is possibly stored in fixing or movably in record medium, and/or by broadcast or its
Data stream in his signal bearing media and be transmitted, and/or be stored in and refer to according to described program
In the working storage of the computer equipment that order runs.Here, according to an enforcement of the present invention
Example includes a device, and this device includes the memory for storing computer program instructions and use
In the processor of execution programmed instruction, wherein, when this computer program instructions is held by this processor
During row, trigger this plant running method based on aforementioned multiple embodiments according to the present invention and/
Or technical scheme.
It is obvious to a person skilled in the art that the invention is not restricted to above-mentioned one exemplary embodiment
Details, and without departing from the spirit or essential characteristics of the present invention, it is possible to it
His concrete form realizes the present invention.Therefore, no matter from the point of view of which point, all should be by embodiment
Regarding exemplary as, and be nonrestrictive, the scope of the present invention is by claims
Rather than described above limit, it is intended that by fall claim equivalency implication and
In the range of all changes be included in the present invention.Should be by any accompanying drawing mark in claim
Note is considered as limiting involved claim.Furthermore, it is to be understood that " an including " word is not excluded for other lists
Unit or step, odd number is not excluded for plural number.The multiple unit stated in system claims or device
Can also be realized by software or hardware by a unit or device.The first, the second word such as grade
Pragmatic represents title, and is not offered as any specific order.
Although the most specifically shown and describe exemplary embodiment, but people in the art
Member will be understood that in the case of without departing substantially from the spirit and scope of claims, at it
Form and details aspect can be varied from.Protection sought herein is at appended claims
In illustrate.
Claims (28)
1. an electronic signature based on SM2 generates method, it is characterised in that described method bag
Include:
Obtain based on user be generate electronic signature input password, specific to user user because of
Son;
Obtain random factor;
Obtain user and input the equipment factor in the mobile device of password, specific to mobile device;
Based on described user's factor, random factor, the equipment factor, through SM2 based on segmentation module feature
Algorithm, generate electronic signature, wherein SM2 algorithm based on segmentation module feature be to ensure that user's factor,
In random factor, the equipment factor, any one is different, and sign electronically the most different algorithms.
Method the most according to claim 1, it is characterised in that through based on segmentation module feature
SM2 algorithm generate electronic signature step before, described method also includes: obtain for electricity
Son signature carries out the interference factor scrambled;
After generate the step of electronic signature through SM2 algorithm based on segmentation module feature, described side
Method also includes: utilizes the interference factor obtained to scramble the electronic signature generated, generates scrambling
After electronic signature.
Method the most according to claim 2, it is characterised in that the electronics after generating scrambling
After signature, described method also includes:
Electronic signature after distributed cipher key machine sends scrambling.
Method the most according to claim 1, it is characterised in that described acquisition based on user is
Generate electronic signature input password, include specific to the step of user's factor of user:
Obtain the password of user's input;
The password entry user's factor generating algorithm that will obtain, obtains the user's factor specific to user,
Wherein said user's factor generating algorithm is to ensure that the password of input is different, and user's factor of generation is all
Different algorithms.
Method the most according to claim 1, it is characterised in that described acquisition random factor
Step includes:
Receive the hardware random number that distributed cipher key machine sends;
In locally generated local random number;
By described hardware random number and described local random number synthesis, obtain random factor.
Method the most according to claim 1, it is characterised in that described based on segmentation module feature
SM2 algorithm include iterative algorithm.
Method the most according to claim 2, it is characterised in that described acquisition is for electronics
The step of interference factor that signature carries out scrambling includes:
Receive the interference PKI that distributed cipher key machine sends;
Interference factor is determined according to described interference PKI.
8. an electronic signature processing method based on SM2, it is characterised in that described method bag
Include:
The electronic signature that mobile device shield plug-in unit generates is received from mobile device shield plug-in unit, wherein said
Sign electronically from mobile device shield plug-in unit end group in user be generate electronic signature input password
The user's factor specific to user, random factor, user input the spy in the mobile device of password
Due to the equipment factor of mobile device, generate through SM2 algorithm based on segmentation module feature, and utilize
Obtain scrambles for the interference factor scrambling electronic signature;
Described electronic signature is descrambled;
Electronic signature after descrambling is sent to authentication platform.
Method the most according to claim 8, it is characterised in that interference factor be based on send out
Deliver in the case of the interference PKI of mobile device shield plug-in unit determines, described to described electronic signature
The step carrying out descrambling includes:
With interference private key, electronic signature is descrambled.
10. an electric signing verification method to be verified based on SM2, it is characterised in that described
Method includes:
Obtain based on user be checking electronic signature generation password, specific to user user because of
Son;
Obtain at locally stored, locally generated when generating electronic signature random factor;
Obtain user and input the equipment factor in the mobile device of password, specific to mobile device;
Based on described user's factor, random factor, the equipment factor, through SM2 based on segmentation module feature
Algorithm, generates electronic signature to be verified, and wherein SM2 algorithm based on segmentation module feature is to generate electricity
The SM2 algorithm based on segmentation module feature used during son signature;
Electronic signature to be verified is sent, in order to be forwarded to authentication platform and electronics to distributed cipher key machine
The public key verifications result that signature is corresponding is compared checking.
11. methods according to claim 10, it is characterised in that through based on segmentation model
Property SM2 algorithm generate electronic signature to be verified step before, described method also includes: obtain
For the interference factor that electronic signature to be verified is scrambled;
After generate the step of electronic signature to be verified through SM2 algorithm based on segmentation module feature,
Described method also includes: utilize the interference factor obtained to add the electronic signature to be verified generated
Disturb, generate the electronic signature to be verified after scrambling.
12. methods according to claim 11, it is characterised in that described to distributed cipher key
Machine sends electronic signature to be verified, in order to the PKI being forwarded to authentication platform corresponding with electronic signature is tested
Card result compare checking step include:
Electronic signature to be verified after distributed cipher key machine sends scrambling, in order to distributed cipher key machine
It is forwarded to authentication platform and public key verifications result after descrambling compare checking.
13. 1 kinds of electric signing verification methods to be verified based on SM2, it is characterised in that described
Method includes:
From mobile device shield plug-in unit receive electronic signature to be verified, described electronic signature to be verified be by
According to based on user be checking electronic signature generate password, specific to user user's factor,
Locally stored, locally generated when generating electronic signature random factor, user input password
The equipment factor in mobile device, specific to mobile device, through SM2 based on segmentation module feature
Algorithm generates, and utilizes entering for the interference factor scrambling electronic signature to be verified of acquisition
Row scrambling, wherein SM2 algorithm based on segmentation module feature be generate electronic signature time use based on
The SM2 algorithm of segmentation module feature;
Described electronic signature to be verified is descrambled;
Electronic signature to be verified after descrambling is sent to authentication platform, in order to corresponding with electronic signature
Public key verifications result compare checking.
14. methods according to claim 13, it is characterised in that interference factor be based on
It is sent in the case of the interference PKI of mobile device shield plug-in unit determines, described to described to be verified
The step that electronic signature carries out descrambling includes:
With interference private key, electronic signature to be verified is descrambled.
15. 1 kinds of electronic signatures based on SM2 generate equipment, it is characterised in that described equipment bag
Include:
For obtaining use based on the password that user is generation electronic signature input, specific to user
The device of the family factor;
For obtaining the device of random factor;
For obtain user input in the mobile device of password, specific to mobile device equipment because of
The device of son;
For based on described user's factor, random factor, the equipment factor, through based on segmentation module feature
SM2 algorithm, generate electronic signature device, wherein SM2 algorithm based on segmentation module feature
Being to ensure that in user's factor, random factor, the equipment factor that any one is different, electronic signature is the most not
Same algorithm.
16. equipment according to claim 15, it is characterised in that described equipment also includes:
For before generating electronic signature through SM2 algorithm based on segmentation module feature, acquisition is used for
Device to the interference factor that electronic signature scrambles;
For after generating electronic signature through SM2 algorithm based on segmentation module feature, utilize and obtain
Interference factor the electronic signature generated is scrambled, generate the dress of electronic signature after scrambling
Put.
17. equipment according to claim 15, it is characterised in that described equipment also includes:
The device of the electronic signature after sending scrambling to distributed cipher key machine.
18. equipment according to claim 15, it is characterised in that described acquisition is based on user
For generate the password of electronic signature input, be used for specific to the device of user's factor of user:
Obtain the password of user's input;
The password entry user's factor generating algorithm that will obtain, obtains the user's factor specific to user,
Wherein said user's factor generating algorithm is to ensure that the password of input is different, and user's factor of generation is all
Different algorithms.
19. equipment according to claim 15, it is characterised in that described acquisition random factor
Device be used for:
Receive the hardware random number that distributed cipher key machine sends;
In locally generated local random number;
By described hardware random number and described local random number synthesis, obtain random factor.
20. equipment according to claim 15, it is characterised in that described based on segmentation model
The SM2 algorithm of property includes iterative algorithm.
21. equipment according to claim 16, it is characterised in that described acquisition is for electricity
Son signature carry out the device of interference factor that scrambles for:
Receive the interference PKI that distributed cipher key machine sends;
Interference factor is determined according to described interference PKI.
22. 1 kinds of electronic signature processing equipments based on SM2, it is characterised in that described equipment bag
Include:
For receiving the dress of the electronic signature that mobile device shield plug-in unit generates from mobile device shield plug-in unit
Putting, wherein said electronic signature is signing electronically for generating in user from mobile device shield plug-in unit end group
User's factor specific to user of password of input, random factor, user input the movement of password
The equipment factor specific to mobile device on equipment, raw through SM2 algorithm based on segmentation module feature
Become, and utilize scrambling for the interference factor that electronic signature is scrambled of acquisition;
For the device that described electronic signature is descrambled;
For the electronic signature after descrambling being sent to the device of authentication platform.
23. equipment according to claim 22, it is characterised in that interference factor be based on
It is sent in the case of the interference PKI of mobile device shield plug-in unit determines, described to described electronics label
Name carry out the device that descrambles for:
With interference private key, electronic signature is descrambled.
24. 1 kinds of electric signing verification equipment to be verified based on SM2, it is characterised in that described
Equipment includes:
For obtaining use based on the password that user is checking electronic signature generation, specific to user
The device of the family factor;
For obtaining at locally stored, locally generated when generating electronic signature random factor
Device;
For obtain user input in the mobile device of password, specific to mobile device equipment because of
The device of son;
For based on described user's factor, random factor, the equipment factor, through based on segmentation module feature
SM2 algorithm, generate the device of electronic signature to be verified, wherein SM2 based on segmentation module feature
The SM2 algorithm based on segmentation module feature that algorithm uses when being to generate electronic signature;
For to distributed cipher key machine send electronic signature to be verified, in order to be forwarded to authentication platform with
Public key verifications result corresponding to electronic signature is compared the device of checking.
25. equipment according to claim 24, it is characterised in that described equipment also includes:
For, before generating electronic signature to be verified through SM2 algorithm based on segmentation module feature, obtaining
Take in the device to the interference factor that electronic signature to be verified scrambles;
For after generating electronic signature to be verified through SM2 algorithm based on segmentation module feature, sharp
With the interference factor obtained, the electronic signature to be verified generated is scrambled, generate treating after scrambling
The device of checking electronic signature.
26. equipment according to claim 25, it is characterised in that described to distributed cipher key
Machine sends electronic signature to be verified, in order to the PKI being forwarded to authentication platform corresponding with electronic signature is tested
Card result compare checking device for:
Electronic signature to be verified after distributed cipher key machine sends scrambling, in order to distributed cipher key machine
It is forwarded to authentication platform and public key verifications result after descrambling compare checking.
27. 1 kinds of electric signing verification equipment to be verified based on SM2, it is characterised in that described
Equipment includes:
For receiving the device of electronic signature to be verified, described electricity to be verified from mobile device shield plug-in unit
Son signature is according to based on the password that user be checking electronic signature generation, specific to the use of user
The family factor, the random factor locally stored, locally generated when generating electronic signature, user
The equipment factor in the mobile device of input password, specific to mobile device, through based on segmentation mould
The SM2 algorithm of characteristic generates, and utilize acquisition for electronic signature to be verified is scrambled
Interference factor scrambles, when wherein SM2 algorithm based on segmentation module feature is to generate electronic signature
The SM2 algorithm based on segmentation module feature used;
For the device that described electronic signature to be verified is descrambled;
For the electronic signature to be verified after descrambling is sent to authentication platform, in order to electronic signature
Corresponding public key verifications result is compared the device of checking.
28. equipment according to claim 27, it is characterised in that described to described to be verified
Electronic signature carry out the device that descrambles for: be to insert based on being sent to mobile device shield at interference factor
In the case of the interference PKI of part is determined, with interference private key, electronic signature to be verified is solved
Disturb.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610480445.3A CN105933116B (en) | 2016-06-27 | 2016-06-27 | The electronic signature generation of SM2 based on segmentation module feature and verification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610480445.3A CN105933116B (en) | 2016-06-27 | 2016-06-27 | The electronic signature generation of SM2 based on segmentation module feature and verification method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105933116A true CN105933116A (en) | 2016-09-07 |
| CN105933116B CN105933116B (en) | 2018-01-09 |
Family
ID=56829259
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610480445.3A Active CN105933116B (en) | 2016-06-27 | 2016-06-27 | The electronic signature generation of SM2 based on segmentation module feature and verification method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105933116B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109547212A (en) * | 2018-12-04 | 2019-03-29 | 中国电子科技集团公司第三十研究所 | A kind of Threshold Signature method based on SM2 signature algorithm |
| CN110881048A (en) * | 2019-12-16 | 2020-03-13 | 苏宁云计算有限公司 | Safety communication method and device based on identity authentication |
| CN110990896A (en) * | 2019-12-03 | 2020-04-10 | 成都卫士通信息产业股份有限公司 | Digital signature device, method, storage medium and equipment based on SM2 white box |
| CN111274613A (en) * | 2020-01-20 | 2020-06-12 | 广州安研信息科技有限公司 | Iterative SM2 digital signature generation method, system, medium, and apparatus |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102388386A (en) * | 2009-04-10 | 2012-03-21 | 皇家飞利浦电子股份有限公司 | Device and user authentication |
| CN103916842A (en) * | 2012-12-30 | 2014-07-09 | 北京握奇数据系统有限公司 | Method for binding and validating user ID and external device |
| CN103973454A (en) * | 2014-05-23 | 2014-08-06 | 公安部第一研究所 | Satellite positioning data encryption system and method |
-
2016
- 2016-06-27 CN CN201610480445.3A patent/CN105933116B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102388386A (en) * | 2009-04-10 | 2012-03-21 | 皇家飞利浦电子股份有限公司 | Device and user authentication |
| CN103916842A (en) * | 2012-12-30 | 2014-07-09 | 北京握奇数据系统有限公司 | Method for binding and validating user ID and external device |
| CN103973454A (en) * | 2014-05-23 | 2014-08-06 | 公安部第一研究所 | Satellite positioning data encryption system and method |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109547212A (en) * | 2018-12-04 | 2019-03-29 | 中国电子科技集团公司第三十研究所 | A kind of Threshold Signature method based on SM2 signature algorithm |
| CN109547212B (en) * | 2018-12-04 | 2021-06-18 | 中国电子科技集团公司第三十研究所 | Threshold signature method based on SM2 signature algorithm |
| CN110990896A (en) * | 2019-12-03 | 2020-04-10 | 成都卫士通信息产业股份有限公司 | Digital signature device, method, storage medium and equipment based on SM2 white box |
| CN110881048A (en) * | 2019-12-16 | 2020-03-13 | 苏宁云计算有限公司 | Safety communication method and device based on identity authentication |
| CN110881048B (en) * | 2019-12-16 | 2021-11-09 | 苏宁云计算有限公司 | Safety communication method and device based on identity authentication |
| CN111274613A (en) * | 2020-01-20 | 2020-06-12 | 广州安研信息科技有限公司 | Iterative SM2 digital signature generation method, system, medium, and apparatus |
| CN111274613B (en) * | 2020-01-20 | 2022-05-20 | 广州安研信息科技有限公司 | Iterative SM2 digital signature generation method, system, medium and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105933116B (en) | 2018-01-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Xu et al. | Blockchain-enabled accountability mechanism against information leakage in vertical industry services | |
| CN106357401B (en) | A kind of storage of private key and application method | |
| CN105959108A (en) | Method, device and system for encrypting and decrypting cloud payment limiting secret key | |
| US8171306B2 (en) | Universal secure token for obfuscation and tamper resistance | |
| CN109074462A (en) | Method and system for verifying ownership of digital assets using distributed hash tables and point-to-point distributed ledgers | |
| CN110677376B (en) | Authentication method, related device and system and computer readable storage medium | |
| CN104735065B (en) | A kind of data processing method, electronic equipment and server | |
| CN102025507B (en) | Digital copyright management method for protecting digital content consumer privacy | |
| Jakobsson et al. | Proving without knowing: On oblivious, agnostic and blindfolded provers | |
| US8959357B2 (en) | Biometric encryption and key generation | |
| CN109600228B (en) | Anti-quantum-computation signature method and system based on public key pool | |
| CN105933116A (en) | SM2-based electronic signature generating and verifying methods and devices | |
| CN106100831B (en) | A kind of method and system of transmission and processing data | |
| CN106453276B (en) | A kind of compound module exponent outsourcing calculation method of safety based on single server | |
| CN109862046A (en) | Anonymous methods can be traced in a kind of alliance's chain | |
| Bi et al. | Internet of things assisted public security management platform for urban transportation using hybridised cryptographic‐integrated steganography | |
| CN107483199A (en) | Information Authentication method and device | |
| Thomas et al. | Joint watermarking scheme for multiparty multilevel DRM architecture | |
| CN108805574B (en) | Transaction method and system based on privacy protection | |
| CN109934001A (en) | A kind of data ciphering method based on normal cloud model | |
| Shankar et al. | Secure image transmission in wireless sensor network (WSN) applications | |
| CN108965315A (en) | A kind of authentic authentication method of terminal device, device and terminal device | |
| CN112787810A (en) | Electronic voting method and device based on block chain and safe multi-party calculation | |
| Abboud | Multifactor authentication for software protection | |
| CN101661573A (en) | Method for producing electronic seal and method for using electronic seal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20180627 Address after: 101599 Beijing Miyun District ten mile town credit cooperatives West 101 National Road north 3 building 101 Patentee after: Beijing collection and payment information security technology Co., Ltd. Address before: 100091 the Summer Palace road 66, the Summer Palace, Beijing, 8110 rooms, Jiale happy business hotel Patentee before: The precious Science and Technology Ltd. of receipt and payment |