CN107133526A - Application data guard method and device - Google Patents

Application data guard method and device Download PDF

Info

Publication number
CN107133526A
CN107133526A CN201710221913.XA CN201710221913A CN107133526A CN 107133526 A CN107133526 A CN 107133526A CN 201710221913 A CN201710221913 A CN 201710221913A CN 107133526 A CN107133526 A CN 107133526A
Authority
CN
China
Prior art keywords
data
application data
signature
result data
signature result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710221913.XA
Other languages
Chinese (zh)
Inventor
程朝辉
吴福印
周枭淳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Ao Lian Information Security Technology Co Ltd
Original Assignee
Shenzhen Ao Lian Information Security Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Ao Lian Information Security Technology Co Ltd filed Critical Shenzhen Ao Lian Information Security Technology Co Ltd
Priority to CN201710221913.XA priority Critical patent/CN107133526A/en
Publication of CN107133526A publication Critical patent/CN107133526A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/629Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Abstract

The invention provides a kind of application data guard method and device, using short signature algorithm to needing application data to be protected to sign, generation signature result data, and the public key that open short signature algorithm is signed;By the signature result data and described it is stored in by protection application data in bar code or Quick Response Code;When verifying the bar code or Quick Response Code correctness, the public key signed according to the short signature algorithm is verified to the signature result data by protection application data;The application data guard method provided in the present invention and device; application data in safeguard protection bar code or Quick Response Code; application data is prevented to be tampered or be forged, and the data that produce of protection mechanism of application data are small, it is effectively save to bar code or the space hold of Quick Response Code.

Description

Application data guard method and device
Technical field
The present invention relates to technical field of data security, more particularly to a kind of application data guard method and device.
Background technology
Bar code, Quick Response Code are all the modes that data are expressed using figure combination, and wherein bar code uses width Multiple secret notes and blank arranged according to certain coding rule, to express a group information;Quick Response Code uses specific geometry Figure is the chequered with black and white group information of avatars one being distributed on two-dimensional directional in plane according to certain rules.
The information content that General Two-Dimensional code table reaches is greater than bar code, but two kinds of coded systems have the limit of information capacity System.In actual application, because of the limitation in terms of print area, resolution ratio, reading speed and error correcting capability, bar code Actually active data volume with Quick Response Code is all little.In addition in many application scenarios, data is correct in bar code, Quick Response Code Property and authenticity need to obtain effective guarantee.The issue for for example needing to ensure some product information is real and genuine, Important transaction data in transaction is authentic and valid such as negotiator, the amount of money, time etc..
The content of the invention
The main object of the present invention is a kind of application data guard method of offer and device, safeguard protection bar code or two dimension Application data in code.
The present invention proposes a kind of application data guard method, comprises the following steps:
Using short signature algorithm to needing application data to be protected to sign, generation signature result data, and disclose short The public key that signature algorithm is signed;
By the signature result data and described it is stored in by protection application data in bar code or Quick Response Code;
When verifying the bar code or Quick Response Code correctness, the public key signed according to the short signature algorithm is to described Verified by the signature result data in protection application data.
Further, the use short signature algorithm is to needing application data to be protected to sign, generation signature result Data, and open short signature algorithm signed public key the step of include:
Choosing a class has the Bilinear map e efficiently calculated elliptic curve, and determines two ranks on the elliptic curve For the point group G of prime number q1And G2, and selection point group G respectively1And G2In point P1And P2
By P1With [s] P2With as the public key signed and carry out disclosure;Wherein [s] P2For s P of standard2It is added, s is Random number;
Choose for user function H, is mapped to described on [1, q-1] by protection application data;
Calculate point [s/ (H (X)+s)] P1;Wherein X is described by protection application data;
By point [s/ (H (X)+s)] P on the elliptic curve1It is converted into Px or L | | Px data;Wherein, Px or L | | Px I.e. as to the signature result data Y by protection application data, Px is point [s/ (H (X)+s)] P1X-axis data, L for use The assistance data of one of data Py when it is determined that Px is as x-axis data in two y-axis data of correspondence.
Further, the Choose for user function H, by the step mapped to by protection application data on [1, q-1] Including:
The long Bit String of a bit number than prime number q extended to using extension mechanism by protection application data X to described, And it is converted into big number f;
Fmod (q-2)+1 is calculated, wherein mod is modular arithmetic.
Further, it is described that a bit than prime number q extended to using extension mechanism by protection application data X to described The step of Bit String of number length, includes:
Using SHA2, SHA3 or SM3 hash algorithm as hash function, applied according to cipher key derivation function by described by protection Data X derives the long Bit String of a bit number than prime number q.
Further, the checking bar code or during Quick Response Code correctness, is signed according to the short signature algorithm The step of public key of name is verified to the signature result data by protection application data includes:
Obtain described by protection application data X and the signature result data Y from the bar code or Quick Response Code;
Calculated, and entered according to result of calculation and the short signature algorithm according to the value of the signature result data Y The public key of row signature is verified to the signature result data Y.
Further, the value according to the signature result data Y is calculated, and according to result of calculation and described The step of public key that short signature algorithm is signed is verified to the signature result data Y includes:
If the signature result data Y is L | | Px, Py is determined according to L and Px value;
Point [s/ (H (X)+s)] P is obtained according to Px, Py1
Calculate e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2), and with U=e ([P1, [s] P2) be compared;
If e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) identical, then verify the signature Result data Y is correct;If e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) different, then verify institute State signature result data Y mistakes.
Further, the value according to the signature result data Y is calculated, and according to result of calculation and described The step of public key that short signature algorithm is signed is verified to the signature result data Y includes:
If the signature result data Y is Px, corresponding two y-axis data Py is calculated according to Px;
Randomly choose one of y-axis data Py and obtain a point Z;
Calculate F=e (Z, [H (X)] P2+[s]P2), and with U=e ([P1, [s] P2) compare, if different carried out with 1/U again Compare;
If F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) or 1/U it is identical, then verify it is described signature knot Fruit data Y is correct;If F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) or 1/U it is different, then verify described Signature result data Y mistakes.
Further, the prime number q is more than 2160, the random number s satisfactions 0<s<q.
Further, the elliptic curve has the Bilinear map e efficiently calculated, and it is embedded in number of times and is not less than 12;It is described Elliptic curve includes BN curves, KSS-18 curves, BLS-24 curves, KSS-32 curves and KSS-36 curves.
Present invention also offers a kind of application data protection device, including:
Signature unit, for, to needing application data to be protected to sign, generating signature result using short signature algorithm Data, and the public key that open short signature algorithm is signed;
Generation unit, for by the signature result data and described by protection application data being stored in bar code or two Tie up in code;
Authentication unit, during for verifying the bar code or Quick Response Code correctness, is signed according to the short signature algorithm The public key of name is verified to the signature result data by protection application data.
Further, the signature unit includes:
Subelement is chosen, there is the Bilinear map e efficiently calculated elliptic curve for choosing a class, and determine described ellipse Two ranks are the point group G of prime number q on circular curve1And G2, and selection point group G respectively1And G2In point P1And P2
Open subelement, for by P1With [s] P2With as the public key signed and carry out disclosure;Wherein [s] P2For mark Quasi- s P2It is added, s is random number;
Subelement is mapped, for Choose for user function H, is mapped to described by protection application data on [1, q-1];
Computation subunit, for calculating point [s/ (H (X)+s)] P1;Wherein X is described by protection application data;
Conversion subunit, for by point [s/ (H (X)+s)] P on the elliptic curve1It is converted into Px or L | | Px data; Wherein, Px or L | | Px is that Px is point [s/ (H (X)+s)] P as to the signature result data Y by protection application data1 X-axis data, L be for determine Px as during x-axis data correspondence two y-axis data in one of data Py supplementary number According to.
Further, the mapping subelement includes:
Expansion module, for by protection application data X extending to a bit than prime number q using extension mechanism to described The long Bit String of number, and it is converted into big number f;
Computing module, for calculating fmod (q-2)+1, wherein mod is modular arithmetic.
Further, the expansion module specifically for:
Using SHA2, SHA3 or SM3 algorithm as hash function, according to cipher key derivation function by described by protection application data X derives the long Bit String of a bit number than prime number q, and is converted into big number f.
Further, the authentication unit includes:
Subelement is obtained, it is described by protection application data X and described for being obtained from the bar code or Quick Response Code Sign result data Y;
Subelement is verified, for being calculated according to the value of the signature result data Y, and according to result of calculation and institute The public key that short signature algorithm signed is stated to verify the signature result data Y.
Further, the checking subelement includes:
First determining module, is L for the signature result data Y | | Px, then Py is determined according to L and Px value;
First acquisition module, for obtaining point [s/ (H (X)+s)] P according to Px, Py1
First computing module, for calculating e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2), and with U=e ([P1, [s] P2) be compared;
First authentication module, if for e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) phase Together, then verify that the signature result data Y is correct;If e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2) and U=e ([P1, [s]P2) different, then verify the signature result data Y mistakes.
Further, the checking subelement includes:
Second determining module, if being Px for the signature result data Y, corresponding two y-axis are calculated according to Px Data Py;
Second acquisition module, a point Z is obtained for randomly choosing one of y-axis data Py;
Second computing module, for calculating F=e (Z, [H (X)] P2+[s]P2), and with U=e ([P1, [s] P2) compare, such as Fruit difference is compared with 1/U again;
Second authentication module, if for F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) or 1/U it is identical, Then verify that the signature result data Y is correct;If F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) or 1/U it is equal Difference, then verify the signature result data Y mistakes.
Further, the prime number q is more than 2160, the random number s satisfactions 0<s<q.
Further, the elliptic curve has the Bilinear map e efficiently calculated, and it is embedded in number of times and is not less than 12;It is described Elliptic curve includes BN curves, KSS-18 curves, BLS-24 curves, KSS-32 curves and KSS-36 curves.
The application data guard method provided in the present invention and device, have the advantages that:
The application data guard method provided in the present invention and device, using short signature algorithm to needing application number to be protected According to being signed, signature result data, and the public key that open short signature algorithm is signed are generated;By the signature result data And described be stored in by protection application data in bar code or Quick Response Code;When verifying the bar code or Quick Response Code correctness, The public key signed according to the short signature algorithm is verified to the signature result data by protection application data; Application data in safeguard protection bar code or Quick Response Code of the present invention, prevents application data to be tampered or be forged, and to application The data that the protection mechanisms of data is produced are small, effectively save to bar code or the space hold of Quick Response Code.
Brief description of the drawings
Fig. 1 is the application data guard method step schematic diagram in one embodiment of the invention;
Fig. 2 is the step S1 specific steps schematic diagrames in one embodiment of the invention;
Fig. 3 is the step S3 specific steps schematic diagrames in one embodiment of the invention;
Fig. 4 is the application data protection device structural representation in one embodiment of the invention;
Fig. 5 is the signature unit structural representation in one embodiment of the invention;
Fig. 6 is the mapping sub-unit structure schematic diagram in another embodiment of the present invention;
Fig. 7 is the authentication unit structural representation in one embodiment of the invention;
Fig. 8 is the checking sub-unit structure schematic diagram in one embodiment of the invention;
Fig. 9 is the checking sub-unit structure schematic diagram in another embodiment of the present invention.
The realization, functional characteristics and advantage of the object of the invention will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
Those skilled in the art of the present technique are appreciated that unless expressly stated, singulative " one " used herein, " one It is individual ", " described " " above-mentioned " and "the" may also comprise plural form.It is to be further understood that making in the specification of the present invention Wording " comprising " refers to there is the feature, integer, step, operation, element, unit, module and/or component, but simultaneously Do not preclude the presence or addition of other one or more features, integer, step, operation, element, unit, module, component and/or it Group.It should be understood that when we claim element to be " connected " or during " coupled " to another element, it can be directly connected to or couple To other elements, or there can also be intermediary element.In addition, " connection " used herein or " coupling " can include wirelessly connecting Connect or wirelessly couple.Wording "and/or" used herein includes one or more associated listing the whole or any of item Unit and all combination.
Those skilled in the art of the present technique are appreciated that unless otherwise defined, all terms used herein (including technology art Language and scientific terminology), with the general understanding identical meaning with the those of ordinary skill in art of the present invention.Should also Understand, those terms defined in such as general dictionary, it should be understood that with the context with prior art The consistent meaning of meaning, and unless by specific definitions as here, otherwise will not use idealization or excessively formal implication To explain.
Reference picture 1, is the application data guard method step schematic diagram provided in one embodiment of the invention.
A kind of application data guard method is proposed in one embodiment of the invention, is comprised the following steps:
Step S1, using short signature algorithm to needing application data to be protected to sign, generation signature result data, and The public key that open short signature algorithm is signed;
Step S2, by the signature result data and described by protection application data is stored in bar code or Quick Response Code In;
Step S3, when verifying the bar code or Quick Response Code correctness, the public affairs signed according to the short signature algorithm Key is verified to the signature result data by protection application data.
In the present embodiment, when generation side needs application data to be protected to add (printing) to bar code or two dimension , it is necessary to be protected to the application data (needing application data to be protected, hereafter herewith consistent) when in code, prevent random Distort.First by short signature algorithm to being signed by protection application data, generation signature result data, what it was additionally produced Data are very small, without taking too many space, therefore can be with effectively save to bar code or the space hold of Quick Response Code, in bar shaped , can maximized saving space, the bar code and Quick Response Code made in the case that code and Quick Response Code have information capacity limitation More information can be expressed.In the present embodiment, the public key that also short signature algorithm is signed is disclosed.
Afterwards, then the signature result data and need application data (i.e. above-mentioned needs to be protected produced above-mentioned steps Added in bar code or Quick Response Code by protection application data) be stored in bar code or Quick Response Code, it is to be understood that There are other unprotected or data without protection added in bar code or Quick Response Code.Specifically, can be according to bar The data that the create-rule of shape code or Quick Response Code adds above-mentioned data and other needs using the mode specified or by According to certain format print in bar code strip shape code or Quick Response Code.To the generation of bar code or Quick Response Code in the present embodiment Mode is not especially limited.
Finally, when acquisition side wants to read the data in bar code or Quick Response Code, it is necessary to verify the bar code or Quick Response Code correctness.In the present embodiment, the public key signed according to short signature algorithm is to by the signature in protection application data Result data is verified.Answering in the application data guard method safeguard protection bar code or Quick Response Code in the embodiment of the present invention With data, application data is prevented to be tampered or be forged.
Reference picture 2, in the present embodiment, the use short signature algorithm are signed to need application data to be protected, Generating signature result data, and disclose the step S1 for the public key that short signature algorithm is signed includes:
Step S11, choosing a class has the Bilinear map e efficiently calculated elliptic curve, and determines the elliptic curve Upper two ranks are the point group G of prime number q1And G2, and selection point group G respectively1And G2In point P1And P2;Preferably, elliptic curve With the Bilinear map e efficiently calculated, it is embedded in number of times and is not less than 12;Elliptic curve includes BN curves, KSS-18 curves, BLS- 24 curves, KSS-32 curves and KSS-36 curves.
Step S12, by P1With [s] P2With as the public key signed and carry out disclosure;Wherein [s] P2For s P of standard2 It is added, s is random number;Preferably, prime number q is more than 2160, random number s satisfactions 0<s<q.
Step S13, Choose for user function H, are mapped to described on [1, q-1] by protection application data;
Step S14, calculates point [s/ (H (X)+s)] P1;Wherein X is described by protection application data;
Step S15, by point [s/ (H (X)+s)] P on the elliptic curve1It is converted into Px or L | | Px data;Wherein, Px Or L | | Px is that Px is point [s/ (H (X)+s)] P as to the signature result data Y by protection application data1X-axis number According to L is for determining Px as the assistance data of one of data Py in two y-axis data of correspondence during x-axis data.
Specifically, the Choose for user function H, by the step S13 mapped to by protection application data on [1, q-1] Including:
A, by protection application data X the long bit of a bit number than prime number q is extended to described using extension mechanism String, and it is converted into big number f;
B, calculates fmod (q-2)+1, wherein mod is modular arithmetic.
Preferably, in the present embodiment, it is described to it is described by protection application data X using extension mechanism extend to one ratio The step a of the Bit String of the bit number length of prime number q includes:
Using SHA2, SHA3 or SM3 hash algorithm as hash function, applied according to cipher key derivation function by described by protection Data X derives the long Bit String of a bit number than prime number q.
Reference picture 3, in one embodiment, when the checking bar code or Quick Response Code correctness, according to the short label The step S3 that the public key that name algorithm is signed is verified to the signature result data by protection application data includes:
Step S31, obtains described by protection application data X and the signature result from the bar code or Quick Response Code Data Y;
Step S32, is calculated, and signed by the short signature algorithm according to the value of the signature result data Y The public key of name is verified to the signature result data Y.
In the present embodiment, the application data acquisition side in bar code or Quick Response Code, first from the bar code or two dimension Obtain described by protection application data X and the signature result data Y in code, while can also obtain that generation side announces is short The public key that signature algorithm is signed, the public key signed according to result of calculation and the short signature algorithm is tied to the signature Fruit data Y is verified, is verified, then illustrates that signature result data Y is correct, the bar code or Quick Response Code are authentic and valid 's;If checking does not pass through, illustrate that signature result data Y is incorrect, the bar code or Quick Response Code are untrue, invalid.This Embodiment is conducive to the application data in safeguard protection bar code or Quick Response Code, prevents application data to be tampered or be forged.
In the present embodiment, different calculating are carried out according to the difference of above-mentioned signature result data Y value.
Specifically, in one embodiment, the value according to the signature result data Y is calculated, and according to calculating And the public key signed of the short signature algorithm includes to the signature result data Y step S32 verified as a result:
A1, if the signature result data Y is L | | Px, Py is determined according to L and Px value;
A2, point [s/ (H (X)+s)] P on elliptic curve is obtained according to Px, Py1
A3, calculates e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2), and with U=e ([P1, [s] P2) be compared;
A4, if e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) identical, then verify the label Name result data Y is correct, and the bar code or Quick Response Code are authentic and valid;If e ([s/ (H (X)+s)] P1, [H (X)] P2+[s] P2) and U=e ([P1, [s] P2) it is different, then verify the signature result data Y mistakes, the bar code or Quick Response Code be it is untrue, Invalid.
Further, in another embodiment, the value according to the signature result data Y is calculated, and according to The step S32 that the public key that result of calculation and the short signature algorithm are signed is verified to the signature result data Y Including:
B1, if the signature result data Y is Px, corresponding two y-axis data Py is calculated according to Px;
B2, randomly chooses one of y-axis data Py and obtains a point Z;
B3, calculates F=e (Z, [H (X)] P2+[s]P2), and with U=e ([P1, [s] P2) compare, if it is different again and 1/U It is compared;
B4, if F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) or 1/U it is identical, then verify the signature Result data Y is correct, and the bar code or Quick Response Code are authentic and valid;If F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s]P2) or 1/U it is different, then verify it is described signature result data Y mistakes, the bar code or Quick Response Code are untrue, invalid 's.
Preferably, prime number q in the above-described embodiments is more than 2160, random number s satisfactions 0<s<q.
Preferably, elliptic curve in the above-described embodiments has the Bilinear map e efficiently calculated, and it is not small that it is embedded in number of times In 12;The elliptic curve includes BN curves, KSS-18 curves, BLS-24 curves, KSS-32 curves and KSS-36 curves.
The above-mentioned application data guard method to be provided in the present invention, using short signature algorithm to needing application number to be protected According to being signed, signature result data, and the public key that open short signature algorithm is signed are generated;By the signature result data And described be stored in by protection application data in bar code or Quick Response Code;When verifying the bar code or Quick Response Code correctness, The public key signed according to the short signature algorithm is verified to the signature result data by protection application data; Application data in safeguard protection bar code or Quick Response Code of the present invention, prevents from being protected application data to be tampered or be forged, and The data that the protection mechanism of application data is produced are small, effectively save to bar code or the space hold of Quick Response Code.
In order to be further illustrated to the application data guard method provided in the embodiment of the present invention, the embodiment of the present invention In additionally provide a kind of application data protection device.
A kind of application data protection device is provided in reference picture 4, one embodiment of the invention, including:
Signature unit 10, for, to needing application data to be protected to sign, generation signature to be tied using short signature algorithm Fruit data, and the public key that open short signature algorithm is signed;
Generation unit 20, for above-mentioned signature result data and above-mentioned application data to be stored in into bar code or Quick Response Code In;
Authentication unit 30, during for verifying above-mentioned bar code or Quick Response Code correctness, is carried out according to above-mentioned short signature algorithm The public key of signature is verified to the signature result data in above-mentioned application data.
In the present embodiment, when needing application data to be protected to add (printing) into bar code or Quick Response Code When, it is necessary to protected to the application data, prevent from arbitrarily being distorted.First signature unit 10 using short signature algorithm to being protected Shield application data is signed, and generation signature result data, the data that it is additionally produced are very small, without taking too many space, Therefore there can be information capacity limitation in bar code and Quick Response Code with effectively save to bar code or the space hold of Quick Response Code In the case of, the maximized saving space of energy, the bar code and Quick Response Code allow expresses more information.The present embodiment In, the public key that also short signature algorithm is signed is disclosed.
Afterwards, generation unit 20 then produces above-mentioned steps signature result data and need application data to be protected (i.e. above-mentioned need added in bar code or Quick Response Code by protection application data) is stored in bar code or Quick Response Code.Tool Body, the data that can be added above-mentioned data and other needs according to the create-rule of bar code or Quick Response Code are using referring to Fixed mode or according to certain format print in bar code strip shape code or Quick Response Code.In the present embodiment to bar code or The generating mode of person's Quick Response Code is not especially limited.
Finally, when the data in bar code to be read or Quick Response Code, it is necessary to verify the bar code or Quick Response Code just True property.In the present embodiment, the public key that authentication unit 30 is signed according to short signature algorithm is to by the label in protection application data Name result data is verified.In application data protection device safeguard protection bar code or Quick Response Code in the embodiment of the present invention Application data, prevents application data to be tampered or be forged.
Reference picture 5, specifically, above-mentioned signature unit 10 include:
Subelement 101 is chosen, there is the Bilinear map e efficiently calculated elliptic curve for choosing a class, and determine State the point group G that two ranks on elliptic curve are prime number q1And G2, and selection point group G respectively1And G2In point P1And P2;It is preferred that Ground, elliptic curve has the Bilinear map e efficiently calculated, and it is embedded in number of times and is not less than 12;Elliptic curve includes BN curves, KSS- 18 curves, BLS-24 curves and, KSS-32 curves and KSS-36 curves.
Open subelement 102, for by P1With [s] P2With as the public key signed and carry out disclosure;Wherein [s] P2 For s P of standard2It is added, s is random number;Preferably, prime number q is more than 2160, random number s satisfactions 0<s<q.
Subelement 103 is mapped, for Choose for user function H, above-mentioned application data is mapped on [1, q-1];
Computation subunit 104, for calculating point [s/ (H (X)+s)] P1;Wherein X is above-mentioned by protection application data;
Conversion subunit 105, for by point [s/ (H (X)+s)] P on above-mentioned elliptic curve1It is converted into Px or L | | Px numbers According to;Wherein, Px or L | | Px is that Px is point [s/ (H (X)+s)] as to the above-mentioned signature result data Y by protection application data P1X-axis data, L be for determine Px as during x-axis data correspondence two y-axis data in one of data Py auxiliary Data.
Specifically, reference picture 6, above-mentioned mapping subelement 103 includes:
Expansion module 1031, for by protection application data X extending to one than prime number q using extension mechanism to above-mentioned The Bit String of bit number length, and it is converted into big number f;
Computing module 1032, for calculating fmod (q-2)+1, wherein mod is modular arithmetic.
Preferably, above-mentioned expansion module 1031 specifically for:
Using SHA2, SHA3 or SM3 hash algorithm as hash function, applied according to cipher key derivation function by above-mentioned by protection Data X derives the long Bit String of a bit number than prime number q, and is converted into big number f.
Further, reference picture 7, above-mentioned authentication unit 30 includes:
Obtain subelement 301, for obtained from above-mentioned bar code or Quick Response Code it is above-mentioned by protection application data X and State signature result data Y;
Verify subelement 302, for being calculated according to above-mentioned signature result data Y value, and according to result of calculation with And the public key that above-mentioned short signature algorithm is signed is verified to above-mentioned signature result data Y.
In the present embodiment, the application data acquisition side in bar code or Quick Response Code, first by obtain subelement 301 from Obtain described by protection application data X and the signature result data Y in the bar code or Quick Response Code, while can also obtain The public key that the short signature algorithm for taking generation side to announce is signed, checking subelement 302 is according to result of calculation and the short signature The public key that algorithm is signed is verified to the signature result data Y, is verified, is then illustrated signature result data Y Correctly, the bar code or Quick Response Code are authentic and valid;If checking does not pass through, illustrate that signature result data Y is incorrect, this Shape code or Quick Response Code are untrue, invalid.The present embodiment is conducive to the application data in safeguard protection bar code or Quick Response Code, Application data is prevented to be tampered or be forged.
In the present embodiment, checking subelement 302 carries out different meters according to the difference of above-mentioned signature result data Y value Calculate.
Specifically, reference picture 8, in one embodiment, above-mentioned checking subelement 302 include:
First determining module 3021, is L for above-mentioned signature result data Y | | Px, then Py is determined according to L and Px value;
First acquisition module 3022, for obtaining point [s/ (H (X)+s)] P on elliptic curve according to Px, Py1
First computing module 3023, for calculating e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2), and and U=e ([P1, [s] P2) be compared;
First authentication module 3024, if for e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) identical, then verify that above-mentioned signature result data Y is correct, the bar code or Quick Response Code are authentic and valid;If e ([s/ (H (X) +s)]P1, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) different, then verify above-mentioned signature result data Y mistakes, the bar shaped Code or Quick Response Code be untrue, invalid.
Reference picture 9, in another embodiment, above-mentioned checking subelement 302 include:
Second determining module 3025, if being Px for above-mentioned signature result data Y, corresponding two are calculated according to Px Y-axis data Py;
Second acquisition module 3026, a point Z is obtained for randomly choosing one of y-axis data Py;
Second computing module 3027, for calculating F=e (Z, [H (X)] P2+[s]P2), and with U=e ([P1, [s] P2) ratio Compared with if difference is compared with 1/U again;
Second authentication module 3028, if for F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) or 1/U It is identical, then verify that above-mentioned signature result data Y is correct, the bar code or Quick Response Code are authentic and valid;If F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) or 1/U it is different, then verify above-mentioned signature result data Y mistakes, the bar code or Quick Response Code is untrue, invalid.
Preferably, prime number q in the above-described embodiments is more than 2160, above-mentioned random number s satisfactions 0<s<q.
Preferably, elliptic curve in the above-described embodiments has the Bilinear map e efficiently calculated, and it is not small that it is embedded in number of times In 12;Above-mentioned elliptic curve include BN curves, KSS-18 curves, BLS-24 curves and, KSS-32 curves and KSS-36 it is bent Line.
In summary, it is the application data guard method and the device that provide in the embodiment of the present invention, uses short signature algorithm To needing application data to be protected to sign, generation signature result data, and the public key that open short signature algorithm is signed; Above-mentioned signature result data and above-mentioned application data are stored in bar code or Quick Response Code;Verify above-mentioned bar code or two dimension During code correctness, the public key signed according to above-mentioned short signature algorithm is to the above-mentioned signature number of results by protection application data According to being verified;Application data in safeguard protection bar code or Quick Response Code of the present invention, prevents from being protected application data to be tampered Or be forged, and the data of the protection mechanism generation of application data are small, the effectively save space to bar code or Quick Response Code is accounted for With.
It is apparent to those skilled in the art that, for convenience and simplicity of description, the terminal of foregoing description, The specific work process of device and unit, may be referred to the corresponding process in preceding method embodiment, will not be repeated here.
Those skilled in the art of the present technique be appreciated that can be realized with computer program instructions these structure charts and/or The combination of each frame and these structure charts and/or the frame in block diagram and/or flow graph in block diagram and/or flow graph.This technology is led Field technique personnel be appreciated that these computer program instructions can be supplied to all-purpose computer, special purpose computer or other The processor of programmable data processing method is realized, so as to pass through the processing of computer or other programmable data processing methods The scheme that device is specified in the frame or multiple frames to perform structure chart disclosed by the invention and/or block diagram and/or flow graph.
Those skilled in the art of the present technique are appreciated that in the various operations discussed in the present invention, method, flow Step, measure, scheme can be replaced, changed, combined or deleted.Further, it is each with what is discussed in the present invention Kind operation, method, other steps in flow, measure, scheme can also be replaced, changed, reset, decomposed, combined or deleted. Further, it is of the prior art to have and the step in the various operations disclosed in the present invention, method, flow, measure, scheme It can also be replaced, changed, reset, decomposed, combined or deleted.
The preferred embodiments of the present invention are the foregoing is only, are not intended to limit the scope of the invention, it is every to utilize Equivalent structure or equivalent flow conversion that description of the invention and accompanying drawing content are made, or directly or indirectly it is used in other correlations Technical field, be included within the scope of the present invention.

Claims (18)

1. a kind of application data guard method, it is characterised in that comprise the following steps:
Using short signature algorithm to needing application data to be protected to sign, generation signature result data, and open short signature The public key that algorithm is signed;
By the signature result data and described it is stored in by protection application data in bar code or Quick Response Code;
When verifying the bar code or Quick Response Code correctness, the public key signed according to the short signature algorithm is protected to described Signature result data in shield application data is verified.
2. application data guard method according to claim 1, it is characterised in that the use short signature algorithm is to needing Signed by protection application data, generation signature result data, and open short signature algorithm signed public key the step of Including:
Choosing a class has the Bilinear map e efficiently calculated elliptic curve, and determines that two ranks are element on the elliptic curve Number q point group G1And G2, and selection point group G respectively1And G2In point P1And P2
By P1With [s] P2With as the public key signed and carry out disclosure;Wherein [s] P2For s P of standard2It is added, s is random Number;
Choose for user function H, is mapped to described on [1, q-1] by protection application data;
Calculate point [s/ (H (X)+s)] P1;Wherein X is described by protection application data;
By point [s/ (H (X)+s)] P on the elliptic curve1It is converted into Px or L | | Px data;Wherein, Px or L | | Px is conduct To the signature result data Y by protection application data, Px is point [s/ (H (X)+s)] P1X-axis data, L be for determining Px as during x-axis data correspondence two y-axis data in one of data Py assistance data.
3. application data guard method according to claim 2, it is characterised in that the Choose for user function H, will be described The step mapped to by protection application data on [1, q-1] includes:
The long Bit String of a bit number than prime number q extended to using extension mechanism by protection application data X to described, and will It is converted to big number f;
Fmod (q-2)+1 is calculated, wherein mod is modular arithmetic.
4. application data guard method according to claim 3, it is characterised in that it is described to described by protection application data The step of X extends to a bit number than prime number q long Bit String using extension mechanism includes:
Using SHA2, SHA3 or SM3 hash algorithm as hash function, according to cipher key derivation function by described by protection application data X derives the long Bit String of a bit number than prime number q.
5. application data guard method according to claim 2, it is characterised in that the checking bar code or two dimension During code correctness, the public key signed according to the short signature algorithm is to the signature number of results by protection application data Include according to the step of checking:
Obtain described by protection application data X and the signature result data Y from the bar code or Quick Response Code;
Calculated, and signed according to result of calculation and the short signature algorithm according to the value of the signature result data Y The public key of name is verified to the signature result data Y.
6. application data guard method according to claim 5, it is characterised in that described according to the signature result data Y value is calculated, and the public key signed according to result of calculation and the short signature algorithm is to the signature number of results The step of being verified according to Y includes:
If the signature result data Y is L | | Px, Py is determined according to L and Px value;
Point [s/ (H (X)+s)] P is obtained according to Px, Py1
Calculate e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2), and with U=e ([P1, [s] P2) be compared;
If e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) identical, then verify the signature result Data Y is correct;If e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) different, then verify the label Name result data Y mistakes.
7. application data guard method according to claim 5, it is characterised in that described according to the signature result data Y value is calculated, and the public key signed according to result of calculation and the short signature algorithm is to the signature number of results The step of being verified according to Y includes:
If the signature result data Y is Px, corresponding two y-axis data Py is calculated according to Px;
Randomly choose one of y-axis data Py and obtain a point Z;
Calculate F=e (Z, [H (X)] P2+[s]P2), and with U=e ([P1, [s] P2) compare, if difference is compared with 1/U again;
If F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) or 1/U it is identical, then verify the signature result data Y is correct;If F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) or 1/U it is different, then verify it is described signature knot Fruit data Y mistakes.
8. the application data guard method according to claim any one of 2-7, it is characterised in that the prime number q is more than 2160, the random number s satisfactions 0<s<q.
9. the application data guard method according to claim any one of 2-7, it is characterised in that the elliptic curve has The Bilinear map e efficiently calculated, it is embedded in number of times and is not less than 12;The elliptic curve includes BN curves, KSS-18 curves, BLS- 24 curves, KSS-32 curves and KSS-36 curves.
10. a kind of application data protection device, it is characterised in that including:
Signature unit, for, to needing application data to be protected to sign, generating signature result data using short signature algorithm, And the public key that open short signature algorithm is signed;
Generation unit, for by the signature result data and described by protection application data being stored in bar code or Quick Response Code In;
Authentication unit, during for verifying the bar code or Quick Response Code correctness, is signed according to the short signature algorithm Public key is verified to the signature result data by protection application data.
11. application data protection device according to claim 10, it is characterised in that the signature unit includes:
Subelement is chosen, there is the Bilinear map e efficiently calculated elliptic curve for choosing a class, and is determined described oval bent Two ranks are the point group G of prime number q on line1And G2, and selection point group G respectively1And G2In point P1And P2
Open subelement, for by P1With [s] P2With as the public key signed and carry out disclosure;Wherein [s] P2For standard s Individual P2It is added, s is random number;
Subelement is mapped, for Choose for user function H, is mapped to described by protection application data on [1, q-1];
Computation subunit, for calculating point [s/ (H (X)+s)] P1;Wherein X is described by protection application data;
Conversion subunit, for by point [s/ (H (X)+s)] P on the elliptic curve1It is converted into Px or L | | Px data;Wherein, Px or L | | Px is that Px is point [s/ (H (X)+s)] P as to the signature result data Y by protection application data1X-axis Data, L is for determining Px as the assistance data of one of data Py in two y-axis data of correspondence during x-axis data.
12. application data protection device according to claim 11, it is characterised in that the mapping subelement includes:
Expansion module, for by protection application data X to extend to a bit number than prime number q using extension mechanism long to described Bit String, and be converted into big number f;
Computing module, for calculating fmod (q-2)+1, wherein mod is modular arithmetic.
13. application data protection device according to claim 12, it is characterised in that the expansion module specifically for:
Using SHA2, SHA3 or SM3 hash algorithm as hash function, according to cipher key derivation function by described by protection application data X derives the long Bit String of a bit number than prime number q, and is converted into big number f.
14. application data protection device according to claim 11, it is characterised in that the authentication unit includes:
Subelement is obtained, it is described by protection application data X and the signature for being obtained from the bar code or Quick Response Code Result data Y;
Subelement is verified, for being calculated according to the value of the signature result data Y, and according to result of calculation and described short The public key that signature algorithm is signed is verified to the signature result data Y.
15. application data protection device according to claim 14, it is characterised in that the checking subelement includes:
First determining module, is L for the signature result data Y | | Px, then Py is determined according to L and Px value;
First acquisition module, for obtaining point [s/ (H (X)+s)] P according to Px, Py1
First computing module, for calculating e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2), and with U=e ([P1, [s] P2) enter Row compares;
First authentication module, if for e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) identical, then The checking signature result data Y is correct;If e ([s/ (H (X)+s)] P1, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) no Together, then the signature result data Y mistakes are verified.
16. application data protection device according to claim 14, it is characterised in that the checking subelement includes:
Second determining module, if being Px for the signature result data Y, corresponding two y-axis data are calculated according to Px Py;
Second acquisition module, a point Z is obtained for randomly choosing one of y-axis data Py;
Second computing module, for calculating F=e (Z, [H (X)] P2+[s]P2), and with U=e ([P1, [s] P2) compare, if not It is same to be compared again with 1/U;
Second authentication module, if for F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) or 1/U it is identical, then test The card signature result data Y is correct;If F=e (Z, [H (X)] P2+[s]P2) and U=e ([P1, [s] P2) or 1/U is not Together, then the signature result data Y mistakes are verified.
17. the application data protection device according to claim any one of 11-16, it is characterised in that the prime number q is more than 2160, the random number s satisfactions 0<s<q.
18. the application data protection device according to claim any one of 11-16, it is characterised in that the elliptic curve With the Bilinear map e efficiently calculated, it is embedded in number of times and is not less than 12;The elliptic curve include BN curves, KSS-18 curves, BLS-24 curves, KSS-32 curves and KSS-36 curves.
CN201710221913.XA 2017-04-06 2017-04-06 Application data guard method and device Pending CN107133526A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710221913.XA CN107133526A (en) 2017-04-06 2017-04-06 Application data guard method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710221913.XA CN107133526A (en) 2017-04-06 2017-04-06 Application data guard method and device

Publications (1)

Publication Number Publication Date
CN107133526A true CN107133526A (en) 2017-09-05

Family

ID=59716557

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710221913.XA Pending CN107133526A (en) 2017-04-06 2017-04-06 Application data guard method and device

Country Status (1)

Country Link
CN (1) CN107133526A (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102932148A (en) * 2012-10-25 2013-02-13 成都市易恒信科技有限公司 System and method for preventing safety two-dimensional code counterfeiting on basis of combination of public key (CPK) authentication
CN103269269A (en) * 2013-05-08 2013-08-28 吴伟 File encryption transmission method based on two-dimensional bar code technology
CN103839097A (en) * 2014-03-20 2014-06-04 武汉信安珞珈科技有限公司 Method and device for generating two-dimension code based on digital signature
CN104008322A (en) * 2014-06-14 2014-08-27 河南融信数据有限公司 Two-dimension code publisher identity authentication method based on reliable digital signature
CN104021482A (en) * 2013-03-01 2014-09-03 成都市易恒信科技有限公司 Certificate false-proof verification method base on identification authentication technology
CN104077625A (en) * 2014-06-19 2014-10-01 中国科学院信息工程研究所 Two-dimension code content verifying method based on electronic signature
US20150358164A1 (en) * 2014-06-10 2015-12-10 Unisys Corporation Systems and methods for qr code validation
CN105608583A (en) * 2014-11-21 2016-05-25 许丰 Digital signature electronic label
CN106408065A (en) * 2016-09-05 2017-02-15 成都天钥科技有限公司 Two-dimensional code encoding method and apparatus
CN106452756A (en) * 2016-11-08 2017-02-22 王栋 Construction verification method and device capable of verifying security two-dimensional code offline

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102932148A (en) * 2012-10-25 2013-02-13 成都市易恒信科技有限公司 System and method for preventing safety two-dimensional code counterfeiting on basis of combination of public key (CPK) authentication
CN104021482A (en) * 2013-03-01 2014-09-03 成都市易恒信科技有限公司 Certificate false-proof verification method base on identification authentication technology
CN103269269A (en) * 2013-05-08 2013-08-28 吴伟 File encryption transmission method based on two-dimensional bar code technology
CN103839097A (en) * 2014-03-20 2014-06-04 武汉信安珞珈科技有限公司 Method and device for generating two-dimension code based on digital signature
US20150358164A1 (en) * 2014-06-10 2015-12-10 Unisys Corporation Systems and methods for qr code validation
CN104008322A (en) * 2014-06-14 2014-08-27 河南融信数据有限公司 Two-dimension code publisher identity authentication method based on reliable digital signature
CN104077625A (en) * 2014-06-19 2014-10-01 中国科学院信息工程研究所 Two-dimension code content verifying method based on electronic signature
CN105608583A (en) * 2014-11-21 2016-05-25 许丰 Digital signature electronic label
CN106408065A (en) * 2016-09-05 2017-02-15 成都天钥科技有限公司 Two-dimensional code encoding method and apparatus
CN106452756A (en) * 2016-11-08 2017-02-22 王栋 Construction verification method and device capable of verifying security two-dimensional code offline

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
程相国: "基于双线性对的签名体制的研究", 《中国优秀博士学位论文全文数据库(博士)•信息科技辑》 *

Similar Documents

Publication Publication Date Title
CN109741056B (en) Method and device for uploading electronic certificate
US8751806B1 (en) Method and apparatus to provide public key authentication with low complexity devices
CN110505046B (en) Multi-data provider encrypted data cross-platform zero-knowledge verification method, device and medium
US20200074129A1 (en) Combined two-dimensional code, electronic certificate carrier, and generation and reading apparatus and method
CN108833103B (en) Method and system for secure communication between a radio frequency identification tag and a reading device
TWI335546B (en)
CA2640992A1 (en) Digital signatures on a smartcard
US8452973B2 (en) Digital signature method, program, and apparatus
KR20070034500A (en) Authentication of the subject using a signed signature within multiple data parts
CN104272319A (en) Method for protecting data
CN103999402A (en) Method and system for securely computing a base point in direct anonymous attestation
CN113112252B (en) Resource transfer method and device based on block chain, electronic equipment and storage medium
CN106789091A (en) The implementation method and device of a kind of Open XML documents digital signature and sign test
JP2022535764A (en) certified text document
JPH11328269A (en) Electronic coupon system and method for issuing and verifying electronic coupon
CN106934440A (en) The method and system of embedding information in a kind of coding information
CN104320253A (en) Two-dimension code authentication system and method based on CBS signature mechanism
CN117882334A (en) Efficient hybridization of classical and postquantum signatures
CN101488246A (en) Check verification method, check verification apparatus and check verification system
US20050206158A1 (en) Certificate issuing method and certificate verifying method
CN107133526A (en) Application data guard method and device
GB2407948A (en) Encryption where there exists a computable bilinear map for two elements, using a smartcard
CN114629663B (en) Block chain-based digital commodity transaction method and device
US20200213095A1 (en) Method and device for the computer aided processing of a random bit pattern
EP2119097A2 (en) Fast rsa signature verification

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170905

RJ01 Rejection of invention patent application after publication