CN106685651A - Method for creating digital signatures by cooperation of client and server - Google Patents

Method for creating digital signatures by cooperation of client and server Download PDF

Info

Publication number
CN106685651A
CN106685651A CN201611194899.0A CN201611194899A CN106685651A CN 106685651 A CN106685651 A CN 106685651A CN 201611194899 A CN201611194899 A CN 201611194899A CN 106685651 A CN106685651 A CN 106685651A
Authority
CN
China
Prior art keywords
signature
elliptic curve
client
private key
point
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611194899.0A
Other languages
Chinese (zh)
Inventor
张庆勇
胡进
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
WUHAN ARGUSEC TECHNOLOGY CO LTD
Beijing Infosec Technologies Co Ltd
Original Assignee
WUHAN ARGUSEC TECHNOLOGY CO LTD
Beijing Infosec Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by WUHAN ARGUSEC TECHNOLOGY CO LTD, Beijing Infosec Technologies Co Ltd filed Critical WUHAN ARGUSEC TECHNOLOGY CO LTD
Priority to CN201611194899.0A priority Critical patent/CN106685651A/en
Publication of CN106685651A publication Critical patent/CN106685651A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols

Abstract

The invention discloses a method for creating digital signatures by cooperation of a client and a server comprising that the client receives the requests of digital signatures from the external applications. The client sends signature original text m and personal identifying information identity of users to the server according to the requests of digital signatures from the external applications. The server tests whether a private key is revoked or not according to the personal identifying information identity of users. The server lookups corresponding second private key d2 according to the personal identifying information identity of users received if the private keys are revoked. First signature information S 1 is produced by utilizing the corresponding second private key d2 to make digital signatures through the signature original text m. And the first signature information S 1 is sent to the client. The method for creating the digital signatures by the cooperation of the client and the server has the advantages of achieving the high use complexity of users caused by the requirements that the users must carry hardware security devices to complete the digital signature operation in existing methods, and achieving the technical matters that users' signature operation cannot be terminated caused by the cancellation of the client key in time in the existing methods.

Description

A kind of method that client and service end cooperation generate digital signature
Technical field
The invention belongs to information security field, generates numeral and signs more particularly, to a kind of client and service end cooperation The method of name.
Background technology
At present, using PKIX (the Public Key based on digital certificate more than operation system Infrastructure, abbreviation PKI) ensureing business datum safety, digital certificate is by certificate granting to system What (Certificate Authority, abbreviation CA) or third party CA were signed and issued, the public key cryptography mechanism with digital certificate as core The information of transmission over networks can be encrypted and decrypted, digital signature and checking, to guarantee to be transmitted on network the machine of message The verity of close property, integrity and transaction entity, and the non-repudiation of signature, and then the safety of Logistics networks application Property.
In the PKI system with digital certificate as core, digital signature is corresponding by client call customer digital certificate Private key independently to calculate to complete.Conventional Digital Signature Algorithm includes RSA signature algorithm and the numeral based on elliptic curve cipher Signature algorithm, wherein the Digital Signature Algorithm based on elliptic curve cipher includes most popular elliptic curve numeral in the world Signature algorithm (Elliptic Curve Digital Signature Algorithm, abbreviation ECDSA) and China national password The SM2 Digital Signature Algorithms of standard.
However, there is following technical problem in above-mentioned Digital Signature Algorithm:
First, the corresponding private key for user of digital certificate is generated by user, and is taken care of by user, is easily stolen by hacker, In order to ensure the safety of private key for user, at present current way be use special security hardware (for example smart card, U-shield, Intelligent cipher key equipment etc.) storing and protect private key for user, but this requires user to buy and carries with hardware peace Full equipment can just complete digital signing operations, so as to both increased the cost that user uses, also increase the complexity that user uses Degree.
Second, because private key for user is stored in client, and use in client, therefore user can at any time generate number Word is signed;If user loses digital certificate, or needs calcellation digital certificate because user leaves office, service end can not in time by user The client part of private key cancels, and terminates the signature operation of user.
The content of the invention
For the disadvantages described above or Improvement requirement of prior art, the invention provides a kind of client and service end cooperation life Into the method for digital signature, it is intended that solving user present in existing method must carry with security hardware Use complexity high to complete the user caused by digital signing operations, and client key can not be caused by cancelling in time The technical problem that the signature operation of user can not be terminated.
For achieving the above object, according to one aspect of the present invention, there is provided a kind of client and service end cooperation are generated Digital signature method, comprises the following steps:
(1) client receives the digital signature request from applications, and sends signature according to the digital signature request , to service end, wherein individual subscriber identification information ID may include user name for original text m and individual subscriber identification information ID, and/or The first public key P1 that client is obtained after being processed the first private key d1 that its own is generated using public key algorithm;
(2) service end according to individual subscriber identification information ID detect private key for user whether be revoked, if not by Revocation then enters step (3), and else process terminates;
(3) service end searches corresponding second private key according to individual subscriber identification information ID for receiving in its own D2, is digitally signed using the second private key d2 to the original text m that signs, and to generate the first signing messages S1, and first is signed Information S1 is sent to client;
(4) combination of the client using the first private key d1 to sign original text m and the first signing messages S1 is digitally signed, To generate full signature information S, and full signature information S is returned to into applications.
Preferably, the step of generating the first signing messages S1 is as follows:
(3-1) elliptic curve point P2 is obtained according to the second private key d2 and signature original text m and using below equation:
P2=H (d2, m) * G
Or obtain oval according to personal user's identification information ID, the second private key d2 and signature original text m and using below equation Curve point P2:
P2=H (ID, d2, m) * G
Wherein H represents hash algorithm, and G is the basic point of the elliptic curve that Digital Signature Algorithm is adopted, and * represents elliptic curve Point multiplication operation;
(3-2) the elliptic curve point P2 for calculating acquisition is assigned to into the first signing messages S1.
Preferably, the Digital Signature Algorithm used in step (4) is SM2 ellipse curve signature algorithms, and step (4) is concrete Including following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and obtains the point k*G on elliptic curve, wherein n is the numeral label for using The rank of elliptic curve in name algorithm;
(4-2) elliptic curve point is obtained according to the point k*G and the first signing messages on the elliptic curve of step (4-1) acquisition P1=k*G+S1, wherein the point add operation of+expression elliptic curve;
(4-3) signature result is obtained according to the elliptic curve point P1 and individual subscriber identification information obtained in step (4-2) First element r=(e+x1) mod n, wherein e=H (Z | | m), Z represents the digest value of individual subscriber identification information;X1 represents P1 The abscissa of point, y1 represents the vertical coordinate of P1 points;
(4-4) the signature result first element r obtained according to the first private key d1, random number k, step (4-3) obtains signature As a result the second key element s=((1+d1)-1·(k-r·d1))mod n;
(4-5) the signature result the obtained in the signature result first element r for obtaining step (4-3) and step (4-4) Two key elements s synthesize, to obtain full signature information S.
Preferably, the Digital Signature Algorithm used in step (4) is SM2 ellipse curve signature algorithms, and step (4) is concrete Including following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and elliptic curve point is obtained according to the random number and the first signing messages P1=k*S1, wherein n are the rank of elliptic curve in the Digital Signature Algorithm for using;
(4-2) signature result is obtained according to the elliptic curve point P1 and individual subscriber identification information obtained in step (4-1) First element r=(e+x1) mod n, wherein e=H (Z | | m), Z represents the digest value of individual subscriber identification information;X1 represents P1 The abscissa of point, y1 represents the vertical coordinate of P1 points;
(4-3) the signature result first element r obtained according to the first private key d1, random number k, step (4-2) obtains signature As a result the second key element s=((1+d1)-1·(k-r·d1))mod n;
(4-4) the signature result the obtained in the signature result first element r for obtaining step (4-2) and step (4-3) Two key elements s synthesize, to obtain full signature information S.
Preferably, the Digital Signature Algorithm used in step (4) is ECDSA ellipse curve signature algorithms, then step (4) tool Body includes following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and obtains the point k*G on elliptic curve, wherein n is the numeral label for using The rank of elliptic curve in name algorithm;
(4-2) elliptic curve point is obtained according to the point k*G and the first signing messages on the elliptic curve of step (4-1) acquisition P1=k*G+S1, wherein the point add operation of+expression elliptic curve;
(4-3) signature result first element r=x1mod n are obtained according to the elliptic curve point P1 obtained in step (4-2), Wherein x1 represents the abscissa of P1 points;
(4-4) the signature result first element r obtained according to the first private key d1, random number k, step (4-3) obtains signature As a result the second key element s=k-1·(e+r·d1)mod n;Wherein e is equal to H (m);
(4-5) the signature result the obtained in the signature result first element r for obtaining step (4-3) and step (4-4) Two key elements s synthesize, to obtain full signature information S.
Preferably, the Digital Signature Algorithm used in step (4) is ECDSA ellipse curve signature algorithms, then step (4) tool Body includes following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and elliptic curve point is obtained according to the random number and the first signing messages P1=k*S1, wherein n are the rank of elliptic curve in the Digital Signature Algorithm for using;
(4-2) signature result first element r=x1mod n are obtained according to the elliptic curve point P1 obtained in step (4-1), Wherein x1 represents the abscissa of P1 points;
(4-3) the signature result first element r obtained according to the first private key d1, random number k, step (4-2) obtains signature As a result the second key element s=k-1·(e+r·d1)mod n;Wherein e is equal to H (m);
(4-4) the signature result the obtained in the signature result first element r for obtaining step (4-2) and step (4-3) Two key elements s synthesize, to obtain full signature information S.
Preferably, the step of generating the first signing messages S1 is as follows:
(3-1) elliptic curve point P2 is obtained according to the second private key d2 and signature original text m and using below equation:
P2=H (d2, m) * G
Or obtain oval according to personal user's identification information ID, the second private key d2 and signature original text m and using below equation Curve point P2:
P2=H (ID, d2, m) * G
(3-2) the abscissa x2 for calculating the elliptic curve point P2 for obtaining is assigned to into the first signing messages S1.
Preferably, the Digital Signature Algorithm used in step (4) is SM2 ellipse curve signature algorithms, and step (4) is concrete Including following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and elliptic curve point P1=k*G is obtained according to the random number, wherein n is The rank of elliptic curve in the Digital Signature Algorithm for using;
(4-2) signature knot is obtained according to the point P1 on individual subscriber identification information, elliptic curve and the first signing messages S1 Fruit first element r=(e+x1+S1) mod n;
(4-3) the signature result first element r obtained according to the first private key d1, random number k, step (4-2) obtains signature As a result the second key element s=((1+d1)-1·(k-r·d1))mod n;
(4-4) the signature result the obtained in the signature result first element r for obtaining step (4-2) and step (4-3) Two key elements s synthesize, to obtain full signature information S.
Preferably, the Digital Signature Algorithm used in step (4) is ECDSA ellipse curve signature algorithms, and step (4) has Body includes following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and elliptic curve point P1=k*G is obtained according to the random number, wherein n is The rank of elliptic curve in the Digital Signature Algorithm for using;
(4-2) signature result first element r=(x1+ are obtained according to the point P1 on elliptic curve and the first signing messages S1 S1)mod n;
(4-3) the signature result first element r obtained according to the first private key d1, random number k, step (4-2) obtains signature As a result the second key element s=k-1·(e+r·d1)mod n;Wherein e is equal to H (m);
(4-4) the signature result the obtained in the signature result first element r for obtaining step (4-2) and step (4-3) Two key elements s synthesize, to obtain full signature information S.
It is another aspect of this invention to provide that providing a kind of client and service end cooperation generation digital signature method, bag Include following steps:
(1) client receives the digital signature request from applications, and sends signature according to the digital signature request , to service end, the wherein individual subscriber identification information may include user name, and/or client for original text and individual subscriber identification information The the first public key P1 obtained after being processed the first private key d1 that its own is generated using public key algorithm;
(2) service end detects whether private key for user has been revoked according to individual subscriber identification information, if do not removed Pin then enters step (3), and else process terminates;
(3) service end searches corresponding second private key d2 according to the individual subscriber identification information for receiving in its own, Original text of signing is digitally signed using the second private key d2, to generate the first signing messages S1, and by the first signing messages S1 is sent to client;
(4) client is digitally signed using the first private key d1 to original text of signing, to generate the second signing messages S2, will First signing messages S1 and the second signing messages S2 synthesize full signature information S, and full signature information S is returned to into outside Using.
In general, by the contemplated above technical scheme of the present invention compared with prior art, can obtain down and show Beneficial effect:
1st, the method for the present invention generates and preserves the private key for user of part simultaneously as a result of client and service end, and In client and service end any one party can not separately synthesized complete private key for user, so as to ensure that the safety of private key for user Property, even if the client part (i.e. the first private key) of private key for user is stolen by hacker, the hacker also cannot recover completely at all Private key for user;
2nd, the method for the present invention simultaneously participates in signature computing flow process as a result of client and service end, private key for user Client part (i.e. the first private key) and service end part (i.e. the second private key) the only participation signature computing under the conditions of satisfaction, with Generating portion is signed, and any one party can not generate complete signature in client and service end, so as to ensure that user signs The safety of name.
3rd, the private key for user in the present invention is to be saved in decentralized manner, and client does not need special hardware security to set It is standby preserving private key for user such that it is able to ensure the safety of complete private key for user, at the same user of the present invention using complexity Degree is low.
4th, the present invention is removed by participating in signature computing using server, and detecting private key for user whether there is before signing Pin, terminates signature, so as to ensure that it is ageing that private key for user is used if being revoked.
Description of the drawings
Fig. 1 is the stream of the method that digital signature is generated according to the client and service end cooperation of first embodiment of the invention Cheng Tu.
Fig. 2 is the stream of the method that digital signature is generated according to the client and service end cooperation of second embodiment of the invention Cheng Tu.
Specific embodiment
In order that the objects, technical solutions and advantages of the present invention become more apparent, it is right below in conjunction with drawings and Examples The present invention is further elaborated.It should be appreciated that specific embodiment described herein is only to explain the present invention, and It is not used in the restriction present invention.As long as additionally, technical characteristic involved in invention described below each embodiment Not constituting conflict each other just can be mutually combined.
As shown in figure 1, client of the present invention and service end cooperation generate digital signature method and comprise the following steps:
(1) client receives the digital signature request from applications, and sends signature according to the digital signature request Original text and individual subscriber identification information are to service end;Specifically, the individual subscriber identification information may include user name, and/or The first public key P1 that client is obtained after being processed the first private key d1 that its own is generated using public key algorithm, wherein First private key d1 can be that client is generated at random and preserved, or client is generated by performing cipher key derivation function;It is outside Using app applications, web applications, various processes that can be outside etc.;
(2) service end detects whether private key for user has been revoked according to individual subscriber identification information, if do not removed Pin then enters step (3), and else process terminates;Specifically, service end checks corresponding mark letter in the personally identifiable information Breath, the identification information can be identified for that whether private key for user has been revoked;
(3) service end searches corresponding second private key d2 according to the individual subscriber identification information for receiving in its own, Original text of signing is digitally signed using the second private key d2, to generate the first signing messages S1, and by the first signing messages S1 is sent to client;Wherein second private key d2 be user first in service end registration phase, generated at random simultaneously by service end Preserve, or service end is generated by performing cipher key derivation function;
Specifically, the step of a kind of embodiment of the invention, the first signing messages S1 of generation, is as follows:
First, elliptic curve point P2 is obtained according to the second private key d2 and signature original text m and using below equation:
P2=H (d2, m) * G
Or obtain oval according to personal user's identification information ID, the second private key d2 and signature original text m and using below equation Curve point P2:
P2=H (ID, d2, m) * G
Wherein H represents hash algorithm, and G is the basic point of the elliptic curve that Digital Signature Algorithm is adopted, and * represents elliptic curve Point multiplication operation;
Secondly, the elliptic curve point P2 for calculating acquisition is assigned to into the first signing messages S1.
The step of another embodiment of the invention, the first signing messages S1 of generation, is as follows:
First, elliptic curve point P2 is obtained according to the second private key d2 and signature original text m and using below equation:
P2=H (d2, m) * G
Or obtain oval according to personal user's identification information ID, the second private key d2 and signature original text m and using below equation Curve point P2:
P2=H (ID, d2, m) * G
Secondly, the abscissa x2 for calculating the elliptic curve point P2 for obtaining is assigned to into the first signing messages S1.
(4) combination of the client using the first private key d1 to sign original text and the first signing messages S1 is digitally signed, To generate full signature information S, and full signature information S is returned to into applications.
As a further improvement on the present invention, the method for the present invention is additionally may included in after above-mentioned steps (1), step (2) following steps before:
(1 ') service end carries out authentication according to individual subscriber identification information to user;Authentication includes requiring user Any one or a few combination in PIN code information, voice messaging, finger print information, face information, iris information is provided, then The information is verified.
As a further improvement on the present invention, the method for the present invention is additionally may included in after above-mentioned steps (3), step (4) following steps before:
(3 ') client carries out authentication to user according to individual subscriber identification information, and authentication includes requiring user Any one or a few combination in PIN code information, voice messaging, finger print information, face information, iris information is provided, then The information is verified.
As another embodiment of the invention, as shown in Fig. 2 above-mentioned steps (4) also can be replaced by:
(4 ') client is digitally signed using the first private key d1 to original text of signing, to generate the second signing messages S2, First signing messages S1 and the second signing messages S2 are synthesized into full signature information S, and full signature information S is returned to outer Apply in portion.
In one embodiment of the present invention, if the Digital Signature Algorithm used in step (4) is SM2 ellipse curve signatures Algorithm, then above-mentioned steps (4) specifically include following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, wherein n is the rank of elliptic curve in the Digital Signature Algorithm for using, and Obtain the point k*G on elliptic curve;
(4-2) elliptic curve point is obtained according to the point k*G and the first signing messages on the elliptic curve of step (4-1) acquisition P1=k*G+S1, wherein the point add operation of+expression elliptic curve;
(4-3) signature result is obtained according to the elliptic curve point P1 and individual subscriber identification information obtained in step (4-2) First element r=(e+x1) mod n, wherein e=H (Z | | m), H represents Hash operation, and Z represents plucking for individual subscriber identification information It is worth;X1 represents the abscissa of P1 points, and y1 represents the vertical coordinate of P1 points;
(4-4) the signature result first element r obtained according to the first private key d1, random number k, step (4-3) obtains signature As a result the second key element s=((1+d1)-1·(k-r·d1))mod n;
(4-5) the signature result the obtained in the signature result first element r for obtaining step (4-3) and step (4-4) Two key elements s synthesize, to obtain full signature information S.
As a further improvement on the present invention, above-mentioned steps (4-1) and step (4-2) can also be replaced by following step:
(4-1 ') generates random number k ∈ [1, n-1], and obtains elliptic curve point according to the random number and the first signing messages P1=k*S1;
As a further improvement on the present invention, above-mentioned steps (4-1), step (4-2) and step (4-3) also can be replaced by Following step:
(4-1 ") random number k ∈ [1, n-1] is generated, and elliptic curve point P1=k*G is obtained according to the random number;
(4-2 ") signature knot is obtained according to the point P1 on individual subscriber identification information, elliptic curve and the first signing messages S1 Fruit first element r=(e+x1+S1) mod n;
In one embodiment of the present invention, if the Digital Signature Algorithm used in step (4) is ECDSA elliptic curve label Name algorithm, then above-mentioned steps (4) specifically include following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and obtains the point k*G on elliptic curve;
(4-2) elliptic curve point is obtained according to the point k*G and the first signing messages on the elliptic curve of step (4-1) acquisition P1=k*G+S1, wherein the point add operation of+expression elliptic curve;
(4-3) signature result first element r=x1mod n are obtained according to the elliptic curve point P1 obtained in step (4-2), Wherein x1 represents the abscissa of P1 points;
(4-4) the signature result first element r obtained according to the first private key d1, random number k, step (4-3) obtains signature As a result the second key element s=k-1·(e+r·d1)mod n;Wherein e is equal to H (m);
(4-5) the signature result the obtained in the signature result first element r for obtaining step (4-3) and step (4-4) Two key elements s synthesize, to obtain full signature information S.
As a further improvement on the present invention, above-mentioned steps (4-1) and step (4-2) can also be replaced by following step:
(4-1 ') generates random number k ∈ [1, n-1], and obtains elliptic curve point according to the random number and the first signing messages P1=k*S1;
As a further improvement on the present invention, above-mentioned steps (4-1), step (4-2) and step (4-3) also can be replaced by Following step:
(4-1 ") random number k ∈ [1, n-1] is generated, and elliptic curve point P1=k*G is obtained according to the random number;
(4-2 ") signature result first element r=(x1+ are obtained according to the point P1 on elliptic curve and the first signing messages S1 S1)mod n。
As it will be easily appreciated by one skilled in the art that the foregoing is only presently preferred embodiments of the present invention, not to The present invention, all any modification, equivalent and improvement made within the spirit and principles in the present invention etc. are limited, all should be included Within protection scope of the present invention.

Claims (10)

1. a kind of client and service end cooperation generates digital signature method, it is characterised in that comprise the following steps:
(1) client receives the digital signature request from applications, and sends signature original text m according to the digital signature request With individual subscriber identification information ID to service end, wherein individual subscriber identification information ID may include user name, and/or client The the first public key P1 obtained after being processed the first private key d1 that its own is generated using public key algorithm;
(2) service end detects whether private key for user has been revoked according to individual subscriber identification information ID, if be not revoked Step (3) is then entered, else process terminates;
(3) service end searches corresponding second private key d2 according to individual subscriber identification information ID for receiving in its own, profit The original text m that signs is digitally signed with the second private key d2, to generate the first signing messages S1, and by the first signing messages S1 It is sent to client;
(4) combination of the client using the first private key d1 to sign original text m and the first signing messages S1 is digitally signed, with life Into full signature information S, and full signature information S is returned to into applications.
2. client according to claim 1 and service end cooperation generates digital signature method, it is characterised in that generate the The step of one signing messages S1, is as follows:
(3-1) elliptic curve point P2 is obtained according to the second private key d2 and signature original text m and using below equation:
P2=H (d2, m) * G
Or obtain elliptic curve according to personal user's identification information ID, the second private key d2 and signature original text m and using below equation Point P2:
P2=H (ID, d2, m) * G
Wherein H represents hash algorithm, and G is the basic point of the elliptic curve that Digital Signature Algorithm is adopted, and * represents the dot product of elliptic curve Computing;
(3-2) the elliptic curve point P2 for calculating acquisition is assigned to into the first signing messages S1.
3. client according to claim 2 and service end cooperation generates digital signature method, it is characterised in that step (4) Digital Signature Algorithm used in is SM2 ellipse curve signature algorithms, and step (4) specifically includes following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and obtains the point k*G on elliptic curve, wherein n is that the digital signature for using is calculated The rank of elliptic curve in method;
(4-2) elliptic curve point P1=is obtained according to the point k*G and the first signing messages on the elliptic curve of step (4-1) acquisition K*G+S1, wherein the point add operation of+expression elliptic curve;
(4-3) signature result first is obtained according to the elliptic curve point P1 and individual subscriber identification information obtained in step (4-2) Key element r=(e+x1) mod n, wherein e=H (Z | | m), Z represents the digest value of individual subscriber identification information;X1 represents P1 points Abscissa, y1 represents the vertical coordinate of P1 points;
(4-4) the signature result first element r obtained according to the first private key d1, random number k, step (4-3) obtains signature result Second key element s=((1+d1)-1·(k-r·d1))mod n;
(4-5) the signature result second obtained in the signature result first element r for obtaining step (4-3) and step (4-4) will Plain s synthesis, to obtain full signature information S.
4. client according to claim 2 and service end cooperation generates digital signature method, it is characterised in that step (4) Digital Signature Algorithm used in is SM2 ellipse curve signature algorithms, and step (4) specifically includes following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and elliptic curve point P1=is obtained according to the random number and the first signing messages K*S1, wherein n are the rank of elliptic curve in the Digital Signature Algorithm for using;
(4-2) signature result first is obtained according to the elliptic curve point P1 and individual subscriber identification information obtained in step (4-1) Key element r=(e+x1) mod n, wherein e=H (Z | | m), Z represents the digest value of individual subscriber identification information;X1 represents P1 points Abscissa, y1 represents the vertical coordinate of P1 points;
(4-3) the signature result first element r obtained according to the first private key d1, random number k, step (4-2) obtains signature result Second key element s=((1+d1)-1·(k-r·d1))mod n;
(4-4) the signature result second obtained in the signature result first element r for obtaining step (4-2) and step (4-3) will Plain s synthesis, to obtain full signature information S.
5. client according to claim 2 and service end cooperation generates digital signature method, it is characterised in that step (4) Digital Signature Algorithm used in is ECDSA ellipse curve signature algorithms, then step (4) specifically includes following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and obtains the point k*G on elliptic curve, wherein n is that the digital signature for using is calculated The rank of elliptic curve in method;
(4-2) elliptic curve point P1=is obtained according to the point k*G and the first signing messages on the elliptic curve of step (4-1) acquisition K*G+S1, wherein the point add operation of+expression elliptic curve;
(4-3) signature result first element r=x1mod n are obtained according to the elliptic curve point P1 obtained in step (4-2), wherein X1 represents the abscissa of P1 points;
(4-4) the signature result first element r obtained according to the first private key d1, random number k, step (4-3) obtains signature result Second key element s=k-1·(e+r·d1)mod n;Wherein e is equal to H (m);
(4-5) the signature result second obtained in the signature result first element r for obtaining step (4-3) and step (4-4) will Plain s synthesis, to obtain full signature information S.
6. client according to claim 2 and service end cooperation generates digital signature method, it is characterised in that step (4) Digital Signature Algorithm used in is ECDSA ellipse curve signature algorithms, then step (4) specifically includes following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and elliptic curve point P1=is obtained according to the random number and the first signing messages K*S1, wherein n are the rank of elliptic curve in the Digital Signature Algorithm for using;
(4-2) signature result first element r=x1mod n are obtained according to the elliptic curve point P1 obtained in step (4-1), wherein X1 represents the abscissa of P1 points;
(4-3) the signature result first element r obtained according to the first private key d1, random number k, step (4-2) obtains signature result Second key element s=k-1·(e+r·d1)mod n;Wherein e is equal to H (m);
(4-4) the signature result second obtained in the signature result first element r for obtaining step (4-2) and step (4-3) will Plain s synthesis, to obtain full signature information S.
7. client according to claim 1 and service end cooperation generates digital signature method, it is characterised in that generate the The step of one signing messages S1, is as follows:
(3-1) elliptic curve point P2 is obtained according to the second private key d2 and signature original text m and using below equation:
P2=H (d2, m) * G
Or obtain elliptic curve according to personal user's identification information ID, the second private key d2 and signature original text m and using below equation Point P2:
P2=H (ID, d2, m) * G
(3-2) the abscissa x2 for calculating the elliptic curve point P2 for obtaining is assigned to into the first signing messages S1.
8. client according to claim 7 and service end cooperation generates digital signature method, it is characterised in that step (4) Digital Signature Algorithm used in is SM2 ellipse curve signature algorithms, and step (4) specifically includes following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and elliptic curve point P1=k*G is obtained according to the random number, wherein n is to use Digital Signature Algorithm in elliptic curve rank;
(4-2) signature result the is obtained according to the point P1 on individual subscriber identification information, elliptic curve and the first signing messages S1 One key element r=(e+x1+S1) mod n;
(4-3) the signature result first element r obtained according to the first private key d1, random number k, step (4-2) obtains signature result Second key element s=((1+d1)-1·(k-r·d1))mod n;
(4-4) the signature result second obtained in the signature result first element r for obtaining step (4-2) and step (4-3) will Plain s synthesis, to obtain full signature information S.
9. client according to claim 7 and service end cooperation generates digital signature method, it is characterised in that step (4) Digital Signature Algorithm used in is ECDSA ellipse curve signature algorithms, and step (4) specifically includes following sub-step:
(4-1) random number k ∈ [1, n-1] is generated, and elliptic curve point P1=k*G is obtained according to the random number, wherein n is to use Digital Signature Algorithm in elliptic curve rank;
(4-2) signature result first element r=(x1+S1) is obtained according to the point P1 on elliptic curve and the first signing messages S1 mod n;
(4-3) the signature result first element r obtained according to the first private key d1, random number k, step (4-2) obtains signature result Second key element s=k-1·(e+r·d1)mod n;Wherein e is equal to H (m);
(4-4) the signature result second obtained in the signature result first element r for obtaining step (4-2) and step (4-3) will Plain s synthesis, to obtain full signature information S;
10. a kind of client and service end cooperation generates digital signature method, and its feature exists, comprises the following steps:
(1) client receives the digital signature request from applications, and sends signature original text according to the digital signature request With individual subscriber identification information to service end, wherein the individual subscriber identification information may include user name, and/or client is used The first public key P1 that public key algorithm is obtained after processing the first private key d1 that its own is generated;
(2) service end detects whether private key for user has been revoked according to individual subscriber identification information, if not being revoked Into step (3), else process terminates;
(3) service end searches corresponding second private key d2 according to the individual subscriber identification information for receiving in its own, utilizes The second private key d2 is digitally signed to original text of signing, and to generate the first signing messages S1, and the first signing messages S1 is sent out Give client;
(4) client is digitally signed using the first private key d1 to original text of signing, to generate the second signing messages S2, by first Signing messages S1 and the second signing messages S2 synthesize full signature information S, and full signature information S is returned to into outside answering With.
CN201611194899.0A 2016-12-22 2016-12-22 Method for creating digital signatures by cooperation of client and server Pending CN106685651A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611194899.0A CN106685651A (en) 2016-12-22 2016-12-22 Method for creating digital signatures by cooperation of client and server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611194899.0A CN106685651A (en) 2016-12-22 2016-12-22 Method for creating digital signatures by cooperation of client and server

Publications (1)

Publication Number Publication Date
CN106685651A true CN106685651A (en) 2017-05-17

Family

ID=58870970

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611194899.0A Pending CN106685651A (en) 2016-12-22 2016-12-22 Method for creating digital signatures by cooperation of client and server

Country Status (1)

Country Link
CN (1) CN106685651A (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107124274A (en) * 2017-05-18 2017-09-01 深圳奥联信息安全技术有限公司 Digital signature method and device based on SM2
CN107360002A (en) * 2017-08-15 2017-11-17 武汉信安珞珈科技有限公司 A kind of application method of digital certificate
CN107483212A (en) * 2017-08-15 2017-12-15 武汉信安珞珈科技有限公司 A kind of method of both sides' cooperation generation digital signature
CN107566128A (en) * 2017-10-10 2018-01-09 武汉大学 A kind of two side's distribution SM9 digital signature generation methods and system
CN108964906A (en) * 2018-07-19 2018-12-07 数安时代科技股份有限公司 The digital signature method of co-EC C
CN109088726A (en) * 2018-07-19 2018-12-25 郑州信大捷安信息技术股份有限公司 Communicating pair collaboration signature and decryption method and system based on SM2 algorithm
CN109245903A (en) * 2018-09-29 2019-01-18 北京信安世纪科技股份有限公司 Both sides cooperate with endorsement method, device and the storage medium for generating SM2 algorithm
CN109672539A (en) * 2019-03-01 2019-04-23 深圳市电子商务安全证书管理有限公司 SM2 algorithm collaboration signature and decryption method, apparatus and system
CN109936455A (en) * 2017-12-19 2019-06-25 航天信息股份有限公司 A kind of methods, devices and systems of digital signature
CN110690969A (en) * 2018-07-06 2020-01-14 武汉信安珞珈科技有限公司 Method and system for completing bidirectional SSL/TLS authentication in cooperation of multiple parties
CN111756536A (en) * 2020-07-03 2020-10-09 北京无字天书科技有限公司 Signature private key generation and digital signature method
WO2023174350A1 (en) * 2022-03-17 2023-09-21 中国移动通信集团有限公司 Identity authentication method, apparatus and device, and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1505313A (en) * 2002-11-29 2004-06-16 海南信安数据系统有限公司 Elliptic curve signature and signature verification method and apparatus
CN102291240A (en) * 2011-09-01 2011-12-21 清华大学 Method and system for authenticating SM2 (Smart Media 2) signature
CN103701598A (en) * 2013-12-05 2014-04-02 武汉信安珞珈科技有限公司 SM2 signature algorithm-based double-check signature method and digital signature equipment
CN104243456A (en) * 2014-08-29 2014-12-24 中国科学院信息工程研究所 Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm
CN104618116A (en) * 2015-01-30 2015-05-13 北京数字认证股份有限公司 Collaborative digital signature system and method
CN105827412A (en) * 2016-03-14 2016-08-03 中金金融认证中心有限公司 Authentication method, server and client

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1505313A (en) * 2002-11-29 2004-06-16 海南信安数据系统有限公司 Elliptic curve signature and signature verification method and apparatus
CN102291240A (en) * 2011-09-01 2011-12-21 清华大学 Method and system for authenticating SM2 (Smart Media 2) signature
CN103701598A (en) * 2013-12-05 2014-04-02 武汉信安珞珈科技有限公司 SM2 signature algorithm-based double-check signature method and digital signature equipment
CN104243456A (en) * 2014-08-29 2014-12-24 中国科学院信息工程研究所 Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm
CN104618116A (en) * 2015-01-30 2015-05-13 北京数字认证股份有限公司 Collaborative digital signature system and method
CN105827412A (en) * 2016-03-14 2016-08-03 中金金融认证中心有限公司 Authentication method, server and client

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107124274A (en) * 2017-05-18 2017-09-01 深圳奥联信息安全技术有限公司 Digital signature method and device based on SM2
CN107360002A (en) * 2017-08-15 2017-11-17 武汉信安珞珈科技有限公司 A kind of application method of digital certificate
CN107483212A (en) * 2017-08-15 2017-12-15 武汉信安珞珈科技有限公司 A kind of method of both sides' cooperation generation digital signature
CN107566128A (en) * 2017-10-10 2018-01-09 武汉大学 A kind of two side's distribution SM9 digital signature generation methods and system
CN109936455A (en) * 2017-12-19 2019-06-25 航天信息股份有限公司 A kind of methods, devices and systems of digital signature
CN109936455B (en) * 2017-12-19 2022-06-07 航天信息股份有限公司 Digital signature method, device and system
CN110690969B (en) * 2018-07-06 2023-06-16 武汉信安珞珈科技有限公司 Method and system for achieving bidirectional SSL/TLS authentication through multiparty cooperation
CN110690969A (en) * 2018-07-06 2020-01-14 武汉信安珞珈科技有限公司 Method and system for completing bidirectional SSL/TLS authentication in cooperation of multiple parties
CN108964906A (en) * 2018-07-19 2018-12-07 数安时代科技股份有限公司 The digital signature method of co-EC C
CN109088726B (en) * 2018-07-19 2021-01-26 郑州信大捷安信息技术股份有限公司 SM2 algorithm-based collaborative signing and decrypting method and system for two communication parties
CN108964906B (en) * 2018-07-19 2021-05-28 数安时代科技股份有限公司 Digital signature method for cooperation with ECC
CN109088726A (en) * 2018-07-19 2018-12-25 郑州信大捷安信息技术股份有限公司 Communicating pair collaboration signature and decryption method and system based on SM2 algorithm
CN109245903B (en) * 2018-09-29 2021-10-01 北京信安世纪科技股份有限公司 Signature method and device for cooperatively generating SM2 algorithm by two parties and storage medium
CN109245903A (en) * 2018-09-29 2019-01-18 北京信安世纪科技股份有限公司 Both sides cooperate with endorsement method, device and the storage medium for generating SM2 algorithm
CN109672539A (en) * 2019-03-01 2019-04-23 深圳市电子商务安全证书管理有限公司 SM2 algorithm collaboration signature and decryption method, apparatus and system
CN109672539B (en) * 2019-03-01 2021-11-05 深圳市电子商务安全证书管理有限公司 SM2 algorithm collaborative signature and decryption method, device and system
CN111756536A (en) * 2020-07-03 2020-10-09 北京无字天书科技有限公司 Signature private key generation and digital signature method
WO2023174350A1 (en) * 2022-03-17 2023-09-21 中国移动通信集团有限公司 Identity authentication method, apparatus and device, and storage medium

Similar Documents

Publication Publication Date Title
CN106685651A (en) Method for creating digital signatures by cooperation of client and server
CN107483212B (en) Method for generating digital signature by cooperation of two parties
CN107948143B (en) Identity-based privacy protection integrity detection method and system in cloud storage
Hsiang et al. Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment
Chen et al. Mobile device integration of a fingerprint biometric remote authentication scheme
CN107360002B (en) Application method of digital certificate
US9166957B2 (en) Digital file authentication using biometrics
CN107483191B (en) SM2 algorithm key segmentation signature system and method
CN109818730B (en) Blind signature acquisition method and device and server
CN101129018A (en) Small public-key based digital signatures for authentication
US20160352525A1 (en) Signature protocol
CN110138567A (en) A kind of collaboration endorsement method based on ECDSA
CN110969431A (en) Safe trusteeship method, equipment and system of block chain digital currency private key
CN109728896A (en) A kind of incoming call certification and source tracing method and process based on block chain
Feng et al. Anonymous authentication on trust in pervasive social networking based on group signature
Giri et al. A novel and efficient session spanning biometric and password based three-factor authentication protocol for consumer USB mass storage devices
CN106851635A (en) A kind of distributed signature method and system of identity-based
CN109951292A (en) The SM9 digital signature simplified separates interaction generation method and system
US7424114B2 (en) Method for enhancing security of public key encryption schemas
US20150006900A1 (en) Signature protocol
CN107947939A (en) Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms
CN107682156A (en) A kind of encryption communication method and device based on SM9 algorithms
WO2016187689A1 (en) Signature protocol
NL1043779B1 (en) Method for electronic signing and authenticaton strongly linked to the authenticator factors possession and knowledge
Chen et al. Threshold identity authentication signature: Impersonation prevention in social network services

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170517

RJ01 Rejection of invention patent application after publication