CN108881279A - A kind of mobile health medical treatment sensing data method for secret protection based on no certificate double authentication protection aggregate signature - Google Patents

A kind of mobile health medical treatment sensing data method for secret protection based on no certificate double authentication protection aggregate signature Download PDF

Info

Publication number
CN108881279A
CN108881279A CN201810757163.2A CN201810757163A CN108881279A CN 108881279 A CN108881279 A CN 108881279A CN 201810757163 A CN201810757163 A CN 201810757163A CN 108881279 A CN108881279 A CN 108881279A
Authority
CN
China
Prior art keywords
signature
data center
cloud data
participant
index
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810757163.2A
Other languages
Chinese (zh)
Other versions
CN108881279B (en
Inventor
刘金会
禹勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shaanxi Normal University
Original Assignee
Shaanxi Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shaanxi Normal University filed Critical Shaanxi Normal University
Priority to CN201810757163.2A priority Critical patent/CN108881279B/en
Publication of CN108881279A publication Critical patent/CN108881279A/en
Application granted granted Critical
Publication of CN108881279B publication Critical patent/CN108881279B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0414Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network-specific arrangements or communication protocols supporting networked applications
    • H04L67/10Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network

Abstract

The present invention relates to it is a kind of based on no certificate double authentication protection aggregate signature mobile health medical treatment data-privacy guard method, including initial phase, registration phase, the information signature stage, Qualify Phase, polymerization stage, the batch validation stage and again signature extract the signature key stage.The present invention is based on the excellent performances of no certificate double authentication protection aggregate signature; the problem of method proposed by the invention not only avoids certificate management, key escrow and signs again; also improve computational efficiency of the mobile health medical treatment data in aggregate signature verifying; mobile health medical treatment data-privacy protection is realized, safe can be used in open mobile health medical treatment.

Description

A kind of mobile health medical treatment sensing based on no certificate double authentication protection aggregate signature Device data-privacy guard method
Technical field
The invention belongs to field of information security technology, and in particular to a kind of to protect aggregate signature based on no certificate double authentication Mobile health medical treatment sensing data method for secret protection.
Background technique
In order to solve the key escrow in identity-based public-key cryptosystem, in 2005, the Yihe River Huang Xin etc. is open to be mentioned A kind of no certificate signature scheme (CLS) out.Compared with id-based signatures, CLS does not need certificate management, and required load is more It is small, therefore it is more suitable for the mobile security application environment of bottom wideband requirements and low-energy-consumption.Therefore, IBS can solve public key With the binding issue of entity, the problem of management of certificate can simplify.So from the birth of certificateless digital signature scheme, just always It is research hotspot very active in cryptography.
In 2014, Poettering and Stebila were put forward for the first time the concept that double authentication protection is signed.In car networking In, the basic thought of double authentication protection signature is:Signer first signs to collision message, generates two signatures, so Send it to verifier respectively afterwards;Signature verifier verifies the signature received respectively.If signature has passed through verifying, So verifier can believe that this vehicle user carried out signature to two collision message really, and verifier can be from Signature key is extracted in the two signatures.
Internet of Things health medical treatment based on cloud is one using medical Internet of Things as core, and information is highly mobile and shared resources The health medical treatment informationization ecosystem.Under cloud service and the support of Internet of Things, so that medical archive is collected throughout one's life, own point It enjoys and being possibly realized.The health account in personal all one's life, all full and accurate is stored in a cloud network, under authorization, doctor, when Thing people can be consulted in time by computer, mobile phone.Although in addition, the existing health medical treatment data-privacy protection side based on CLS Method can effectively improve the computational efficiency of information signature verifying, but these are existing based on batch health medical treatment data of verifying But there is signature emphatically in method for secret protection itself, thus cannot be advantageously applied to the protection of health medical treatment data-privacy In.Therefore, how effectively aggregate signature will be protected to be effectively combined with health medical treatment data without certificate double authentication, from And frighten and illegally distort medical data, guarantee that the authenticity of data, credibility have long-range research significance.
Summary of the invention
In order to solve the above-mentioned problems in the prior art, the present invention provides one kind+subject names.The present invention will solve Certainly the technical issues of, is achieved through the following technical solutions:A kind of mobile health based on no certificate double authentication protection aggregate signature Medical treatment transducer data-privacy guard method, includes the following steps:
Step 1, system initialization, management server MS establish Accreditation System;Parameter is as follows in the Accreditation System:(1) Select sMS∈Zq *And generate public key PMSpub=sMSP;
(2) open system parameter (P, q, G, PMSpub,h1,h2);
(3) cloud data center randomly selects sCDC∈Zq *And generate QCDC=sCDCP, the main private key of cloud data center are (QCDC, sCDC);
Wherein, sMSIndicate main system private key, the hash function h of two safety1:{0,1}*×G→G;h2:{0,1}*×G →Zq *;P indicates the generation member of multiplicative group G;Zq *Indicate multiplication of integers group;
Step 2, participant CiGenerating portion key and management server MS access cloud data center;
Step 3, the participant CiReceive message Mi=(a, pi) after, randomly choose ri∈Zq *With timestamp tiTo sensing Device data are signed, wherein tiIt is to maintain message Mi=(a, pi) freshness system time;
Step 4, the cloud data center is to the participant CiSensing data validity after signature is verified;
Step 5, the cloud data center is to the participant C by verifyingiThe signature of sensing data is gathered Close signature;
Step 6, the cloud data center carries out batch validation to the aggregate signature;
Step 7, participant CiSignature key of being signed again extracts.
Further, step 2.1, participant CiSelect random number si1∈Zq *And generating portion key Qi1=si1P;
Step 2.2, management server MS generating portion private key pski1=sMSh1(Idi,Qi1);IdiIndicate participant Ci's Identity;
Step 2.3, management server MS selects random number wi∈Zq *And it generates
Qi2=h1(Idi,Qi1),pski2=sMSh1(Idi,Qi1),indexis=wiQi2,indexiv=wipski2
Step 2.4, management server MS stores sequence code sni=(Idi,Qi1,Qi2,indexis,indexiv) after pass through peace All channel is by SNi=indexivAnd indexisBeing sent to identity is IdiParticipant Ci
Further, step 3.1, the participant CiReceive message Mi=(a, pi) after, randomly choose ri∈Zq *And it is raw At Ri=riP;
Step 3.2, the participant CiRandomly choose timestamp tiAnd generate ki=h2(Idi||pi,Ri) and
Step 3.3, cloud data center passes through Encryption AlgorithmTo SNi||ki||tiIt carries out Encryption;
Step 3.4, the participant CiExport message Mi=(a, pi) signature (Ri,Si,Mi, SN '), and by the message label Name is uploaded to cloud data center, and cloud data center issues sensing task.
Further, step 4.1, the cloud data center receives signature (Ri,Si,Mi, SN ') after pass through decipherment algorithmIt is decrypted;
Step 4.2, the cloud data center verifies equation ki=h2(pi||ti,Ri) and SiP=indexivPMSpub+akiRi It is whether true;If two equatioies are set up simultaneously, signature effectively, otherwise refuses the signature.
Further, for n participant C1,…,CnAnd its part signature set (Ri,Si,Mi), when time T reaches, Cloud data center generatesWithIt polymerize all receive Signature, export aggregate signature σ=(R, S, indexv)。
Further, the cloud data center verifies equation SP=indexvPMSpubWhether+R is true, and establishment then receives institute Aggregate signature is stated, the aggregate signature is otherwise refused.
Further, the step 7 the specific steps are:Collision message M is given respectivelyi1=(a, pi1) and Mi2=(a, pi2) signature sigmai1=(Ri,Si1,ki1,Mi1,SN′i1),σi2=(Ri,Si2,ki2,Mi2,SN′i2), then calculated respectively by decryption Method is decryptedWith
Last calculate the signature key
Wherein, Ri=riP,ki1=h2(pi1||ti,Ri),ki2=h2(pi2||ti,Ri),
Compared with prior art, beneficial effects of the present invention:The present invention and the common difference without certificate aggregate signature exist In after the same signer is signed twice, signature private key can be obtained using extraction algorithm, benefit from and recognize based on no certificate is dual The excellent performance of card protection aggregate signature, method proposed by the invention not only avoid certificate management, key escrow and sign again The problem of name, also improves computational efficiency of the mobile health medical treatment data in aggregate signature verifying, realizes mobile health doctor Data-privacy protection is treated, safe can be used in open mobile health medical treatment, be a kind of effective self-enhancement mechanism, protect It demonstrate,proved the safety of communication, greatly improved the efficiency of system
Detailed description of the invention
Fig. 1 is to protect aggregate signature flow chart without certificate double authentication for realizing of the invention one.
Fig. 2 is the mobile health medical treatment sensing data secret protection structure based on no certificate double authentication protection aggregate signature Make the flow chart of method.
Specific embodiment
Further detailed description is done to the present invention combined with specific embodiments below, but embodiments of the present invention are not limited to This.
In the description of the invention, it is to be understood that term " center ", " longitudinal direction ", " transverse direction ", "upper", "lower", The orientation or positional relationship of the instructions such as "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outside" is It is based on the orientation or positional relationship shown in the drawings, is merely for convenience of description the invention and simplifies description, rather than indicate Or imply that signified device or element must have a particular orientation, be constructed and operated in a specific orientation, therefore cannot understand For the limitation to the invention.
In addition, term " first ", " second ", " third " etc. are used for description purposes only, it is not understood to indicate or imply Relative importance or the quantity for implicitly indicating indicated technical characteristic.The feature of " first ", " second " etc. is defined as a result, It can explicitly or implicitly include one or more of the features.In the description of the invention, unless otherwise indicated, The meaning of " plurality " is two or more.
Term " installation ", " connected ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, be also possible to removable Connection is unloaded, or is integrally connected;It can be mechanical connection, be also possible to be electrically connected;It can be directly connected, it can also be in Between medium be indirectly connected, can be the connection inside two elements.For the ordinary skill in the art, can pass through Concrete condition understands concrete meaning of the above-mentioned term in the invention.
As shown in Figure 1, the present invention is according to one of the building method construction based on no certificate double authentication protection aggregate signature A building method based on no certificate double authentication protection aggregate signature for being suitable for mobile health medical treatment sensor, nothing Specific step is as follows for the building method of certificate double authentication protection aggregate signature:
1, parameter generation algorithm:Given security parameter k, key generate center (KGC) and select two Big prime p, and q and one Elliptic curve E:y2=x3+ ax+bmodp, wherein a, b ∈ Fp,FpIt is finite field.
KGC randomly chooses number α ∈ Zq *, P ∈ G and calculate Your Majesty's key Ppub=α P, wherein α is the master only known by KGC Private key.P indicates the generation member of multiplicative group G.
KGC selects the hash function h of two safety1:{0,1}*×G→G;h2:{0,1}*×G→Zq *, Zq *Indicate that integer multiplies Method group.System public key:(P,p,q,E,G,Ppub,h1,h2)。
2, private key analytical algorithm:
Signer CiRandomly choose si1, calculating section Your Majesty's key Qi1=si1P。CiInquiry is about personal identification IdiPart Private key.
KGC is calculatedAnd pass through exit passageway distributing portion private keyGive signer Ci, and And open part Your Majesty key Qi1
3, signature algorithm:Signer CiReceive message Mi=(a, pi) after, utilize signature section private keyIt is signed Name is as follows:
(1) signer CiRandomly choose ri∈Zq *, calculate Ri=riP。
(2) signer CiCalculate ki=h2(Idi||pi,Ri) and
(3) signer CiExport message MiSignature sigmai=(ki,Ri,Si)。
4, verification algorithm:Verify equation ki=h2(Idi||pi,Ri) and SiP=Ppubh1(Idi,Qi1)+akiRiIt is whether true, It signs effectively if setting up simultaneously, otherwise refuses the signature.
5, aggregating algorithm:To obtain about all message MiSignature sigmai, polymerizer calculates as follows:
σ=(R, S) is final aggregate signature.
6, batch validation algorithm:It enablesIt gives by n signer C1,...,CnThe group ranking of generation σ1=(R1,S1) ..., σi=(Rn,Sn), examine following equation whether true:SP=PpubH+R receives signature if setting up, Otherwise signature is broken off relations.
7, again sign signature key extraction algorithm:Collision message M is given respectivelyi1=(a, pi1) and Mi2=(a, pi2) label Name σi1=(Ki1,Ri,Si1), σi2=(Ki2,Ri,Si2),
Calculate the signature private key
Wherein, Ri=riP,Ki1=h2(Idi||pi1,Ri),Ki2=h2(Idi||pi1,Ri),According to the above-mentioned building method based on no certificate double authentication protection aggregate signature, originally Invention construction one is protected aggregate signature based on no certificate double authentication suitable for mobile health medical treatment sensor Building method, the agreement can be divided into initial phase, registration phase, information signature stage, Qualify Phase, polymerization stage, batch Qualify Phase and again signature extraction signature key stage.
As shown in Fig. 2, the present embodiment provides a kind of mobile health doctors based on no certificate double authentication protection aggregate signature Sensing data method for secret protection is treated, is included the following steps:
Step 1, system initialization, management server MS establish Accreditation System;Parameter is as follows in Accreditation System:(1) it selects sMS∈Zq *And generate public key PMSpub=sMSP;
(2) open system parameter (P, q, G, PMSpub,h1,h2);
(3) cloud data center randomly selects sCDC∈Zq *And generate QCDC=sCDCP, the main private key of cloud data center are (QCDC, sCDC);
Wherein, sMSIndicate main system private key, the hash function h of two safety1:{0,1}*×G→G;h2:{0,1}*×G →Zq *;P indicates the generation member of multiplicative group G;Zq *Indicate multiplication of integers group;
Step 2, registration phase, participant CiGenerating portion key and management server MS access cloud data center;
Step 2.1, participant CiSelect random number si1∈Zq *And generating portion key Qi1=si1P;
Step 2.2, management server MS generating portion private key pski1=sMSh1(Idi,Qi1);IdiIndicate participant Ci's Identity;
Step 2.3, management server MS selects random number wi∈Zq *And it generates
Qi2=h1(Idi,Qi1),pski2=sMSh1(Idi,Qi1),indexis=wiQi2,indexiv=wipski2
Step 2.4, management server MS stores sequence code sni=(Idi,Qi1,Qi2,indexis,indexiv) after pass through peace All channel is by SNi=indexivAnd indexisBeing sent to identity is IdiParticipant Ci
Step 3, information signature stage, participant CiReceive message Mi=(a, pi) after, randomly choose ri∈Zq *And timestamp tiIt signs to sensing data, wherein tiIt is to maintain message Mi=(a, pi) freshness system time;
Step 3.1, participant CiReceive message Mi=(a, pi) after, randomly choose ri∈Zq *And generate Ri=riP;
Step 3.2, participant CiRandomly choose timestamp tiAnd generate ki=h2(Idi||pi,Ri) and
Step 3.3, cloud data center passes through Encryption AlgorithmTo SNi||ki||tiIt carries out Encryption;
Step 3.4, participant CiExport message Mi=(a, pi) signature (Ri,Si,Mi, SN '), and will be on the information signature Cloud data center is reached, cloud data center issues sensing task.
Step 4, Qualify Phase, cloud data center is to participant CiSensing data validity after signature is verified;
Step 4.1, cloud data center receives signature (Ri,Si,Mi, SN ') after pass through decipherment algorithmIt is decrypted;
Step 4.2, cloud data center verifies equation ki=h2(pi||ti,Ri) and SiP=indexivPMSpub+akiRiWhether It sets up;If two equatioies are set up simultaneously, signature effectively, otherwise refuses the signature.
Step 5, polymerization stage, cloud data center is to the participant C by verifyingiThe signature of sensing data is gathered Close signature;
Step 5 the specific steps are:For n participant C1,…,CnAnd its part signature set (Ri,Si,Mi), when Time, T reached, and cloud data center generatesWithPolymerization All signatures received export aggregate signature σ=(R, S, indexv)。
Step 6, batch validation stage, cloud data center carry out batch validation to aggregate signature;Cloud data center verifying etc. Formula SP=indexvPMSpubWhether+R is true, and establishment then receives aggregate signature, otherwise refuses aggregate signature.
Step 7, signature extracts signature key stage, participant C againiSignature key of being signed again extracts.
Collision message M is given respectivelyi1=(a, pi1) and Mi2=(a, pi2) signature sigmai1=(Ri,Si1,ki1,Mi1,SN ′i1),σi2=(Ri,Si2,ki2,Mi2,SN′i2), then it is decrypted respectively by decipherment algorithmWith
Last calculate the signature key
Wherein, Ri=riP,ki1=h2(pi1||ti,Ri),ki2=h2(pi2||ti,Ri),
The above content is a further detailed description of the present invention in conjunction with specific preferred embodiments, and it cannot be said that Specific implementation of the invention is only limited to these instructions.For those of ordinary skill in the art to which the present invention belongs, exist Under the premise of not departing from present inventive concept, a number of simple deductions or replacements can also be made, all shall be regarded as belonging to of the invention Protection scope.

Claims (7)

1. a kind of mobile health medical treatment sensing data method for secret protection based on no certificate double authentication protection aggregate signature, It is characterized in that:Include the following steps:
Step 1, system initialization, management server MS establish Accreditation System;Parameter is as follows in the Accreditation System:(1) it selects sMS∈Zq *And generate public key PMSpub=sMSP;
(2) open system parameter (P, q, G, PMSpub,h1,h2);
(3) cloud data center randomly selects sCDC∈Zq *And generate QCDC=sCDCP, the main private key of cloud data center are (QCDC, sCDC);
Wherein, sMSIndicate main system private key, the hash function h of two safety1:{0,1}*×G→G;h2:{0,1}*×G→Zq *;P Indicate the generation member of multiplicative group G;Zq *Indicate multiplication of integers group;
Step 2, participant CiGenerating portion key and management server MS access cloud data center;
Step 3, the participant CiReceive message Mi=(a, pi) after, randomly choose ri∈Zq *With timestamp tiTo sensing data It signs, wherein tiIt is to maintain message Mi=(a, pi) freshness system time;
Step 4, the cloud data center is to the participant CiSensing data validity after signature is verified;
Step 5, the cloud data center is to the participant C by verifyingiPolymerization label are carried out to the signature of sensing data Name;
Step 6, the cloud data center carries out batch validation to the aggregate signature;
Step 7, participant CiSignature key of being signed again extracts.
2. according to the method described in claim 1, it is characterized in that:The step 2 the specific steps are:Step 2.1, participant CiSelect random number si1∈Zq *And generating portion key Qi1=si1P;
Step 2.2, management server MS generating portion private key pski1=sMSh1(Idi,Qi1);IdiIndicate participant CiIdentity;
Step 2.3, management server MS selects random number wi∈Zq *And it generates
Qi2=h1(Idi,Qi1),pski2=sMSh1(Idi,Qi1),indexis=wiQi2,indexiv=wipski2
Step 2.4, management server MS stores sequence code sni=(Idi,Qi1,Qi2,indexis,indexiv) pass through safety letter afterwards Road is by SNi=indexivAnd indexisBeing sent to identity is IdiParticipant Ci
3. according to the method described in claim 2, it is characterized in that:The step 3 the specific steps are:Step 3.1, the ginseng With person CiReceive message Mi=(a, pi) after, randomly choose ri∈Zq *And generate Ri=riP;
Step 3.2, the participant CiRandomly choose timestamp tiAnd generate ki=h2(Idi||pi,Ri) and
Step 3.3, cloud data center passes through Encryption AlgorithmTo SNi||ki||tiIt is encrypted;
Step 3.4, the participant CiExport message Mi=(a, pi) signature (Ri,Si,Mi, SN '), and will be on the information signature Cloud data center is reached, cloud data center issues sensing task.
4. according to the method described in claim 3, it is characterized in that:The step 4 the specific steps are:Step 4.1, the cloud Data center receives signature (Ri,Si,Mi, SN ') after pass through decipherment algorithmIt is decrypted;
Step 4.2, the cloud data center verifies equation ki=h2(pi||ti,Ri) and SiP=indexivPMSpub+akiRiWhether It sets up;If two equatioies are set up simultaneously, signature effectively, otherwise refuses the signature.
5. according to the method described in claim 4, it is characterized in that:The step 5 the specific steps are:For n participant C1,…,CnAnd its part signature set (Ri,Si,Mi), when time T reaches, cloud data center is generatedWithIt polymerize all signatures received, output polymerization Signature sigma=(R, S, indexv)。
6. according to the method described in claim 5, it is characterized in that:The step 6 the specific steps are:The cloud data center Verify equation SP=indexvPMSpubWhether+R is true, and establishment then receives the aggregate signature, otherwise refuses the aggregate signature.
7. according to the method described in claim 6, it is characterized in that:The step 7 the specific steps are:It gives and touches respectively first Hit message Mi1=(a, pi1) and Mi2=(a, pi2) signature sigmai1=(Ri,Si1,ki1,Mi1,SN′i1),σi2=(Ri,Si2,ki2, Mi2,SN′i2), then it is decrypted respectively by decipherment algorithmWith
Last calculate the signature key
Wherein, Ri=riP,ki1=h2(pi1||ti,Ri),ki2=h2(pi2||ti,Ri),
CN201810757163.2A 2018-07-11 2018-07-11 Mobile health medical sensor data privacy protection method Active CN108881279B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810757163.2A CN108881279B (en) 2018-07-11 2018-07-11 Mobile health medical sensor data privacy protection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810757163.2A CN108881279B (en) 2018-07-11 2018-07-11 Mobile health medical sensor data privacy protection method

Publications (2)

Publication Number Publication Date
CN108881279A true CN108881279A (en) 2018-11-23
CN108881279B CN108881279B (en) 2020-11-10

Family

ID=64300870

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810757163.2A Active CN108881279B (en) 2018-07-11 2018-07-11 Mobile health medical sensor data privacy protection method

Country Status (1)

Country Link
CN (1) CN108881279B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109510712A (en) * 2019-01-10 2019-03-22 济南大学 A kind of tele-medicine data-privacy guard method, system and terminal
CN109743706A (en) * 2019-02-21 2019-05-10 暨南大学 With the data aggregation method of validation verification function under environment of internet of things
CN110149214A (en) * 2019-06-06 2019-08-20 西南交通大学 LTE-R network group authentication key agreement method without certificate aggregate signature
CN110995443A (en) * 2019-12-02 2020-04-10 联想(北京)有限公司 Data processing method and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106131059A (en) * 2016-08-23 2016-11-16 河海大学 A kind of network condition method for secret protection and system based on the car without certificate aggregate signature
US20180034641A1 (en) * 2016-08-01 2018-02-01 Institute For Development And Research In Banking Technology (Idrbt) SYSTEM AND METHOD FOR PROVIDING SECURE COLLABORATIVE SOFTWARE AS A SERVICE (SaaS) ATTESTATION SERVICE FOR AUTHENTICATION IN CLOUD COMPUTING

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180034641A1 (en) * 2016-08-01 2018-02-01 Institute For Development And Research In Banking Technology (Idrbt) SYSTEM AND METHOD FOR PROVIDING SECURE COLLABORATIVE SOFTWARE AS A SERVICE (SaaS) ATTESTATION SERVICE FOR AUTHENTICATION IN CLOUD COMPUTING
CN106131059A (en) * 2016-08-23 2016-11-16 河海大学 A kind of network condition method for secret protection and system based on the car without certificate aggregate signature

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
BELLARE.MIHIR: "Deterring Certificate Subversion: Efficient Double-Authentication-Preventing Signatures", 《IACR INTERNATIONAL WORKSHOP ON PUBLIC KEY CRYPTOGRAPHY 2017》 *
BERTRAM POETTERING: "Double-authentication-preventing signatures", 《SPRINGER》 *
刘贺: "移动网络接入认证的隐私保护研究", 《中国博士学位论文全文数据库》 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109510712A (en) * 2019-01-10 2019-03-22 济南大学 A kind of tele-medicine data-privacy guard method, system and terminal
CN109510712B (en) * 2019-01-10 2021-10-15 济南大学 Remote medical data privacy protection method, system and terminal
CN109743706A (en) * 2019-02-21 2019-05-10 暨南大学 With the data aggregation method of validation verification function under environment of internet of things
CN109743706B (en) * 2019-02-21 2021-10-08 暨南大学 Data aggregation method with validity verification function in Internet of things environment
CN110149214A (en) * 2019-06-06 2019-08-20 西南交通大学 LTE-R network group authentication key agreement method without certificate aggregate signature
CN110149214B (en) * 2019-06-06 2021-09-14 中国铁道科学研究院集团有限公司 LTE-R network group authentication key negotiation method without certificate aggregation signature
CN110995443A (en) * 2019-12-02 2020-04-10 联想(北京)有限公司 Data processing method and device

Also Published As

Publication number Publication date
CN108881279B (en) 2020-11-10

Similar Documents

Publication Publication Date Title
CN108881279A (en) A kind of mobile health medical treatment sensing data method for secret protection based on no certificate double authentication protection aggregate signature
KR100581440B1 (en) Apparatus and method for generating and verifying id-based proxy signature by using bilinear parings
JP5201136B2 (en) Anonymous authentication system and anonymous authentication method
US6292897B1 (en) Undeniable certificates for digital signature verification
KR101425552B1 (en) Group signature system and schemes with controllable linkability
CN101951388B (en) Remote attestation method in credible computing environment
CN108683493B (en) Data aggregation method for providing privacy protection in smart power grid
CN107124268A (en) A kind of privacy set common factor computational methods for resisting malicious attack
CN108881225B (en) Vehicle networking condition privacy protection method for verifying signatures in batches
CN104639315A (en) Dual-authentication method and device based on identity passwords and fingerprint identification
CN108989050B (en) Certificateless digital signature method
JP2002534701A (en) Auto-recoverable, auto-encryptable cryptosystem using escrowed signature-only keys
CN104158661A (en) Disposable public key encryption structuring method based on fuzzy identity
JP6043804B2 (en) Combined digital certificate
EP2595340A2 (en) Cryptographic document processing in a network
CN105978695A (en) Batch self-auditing method for cloud storage data
CN101931536A (en) Method for encrypting and authenticating efficient data without authentication center
WO2013087629A1 (en) Group encryption methods and devices
CN108964919A (en) The lightweight anonymous authentication method with secret protection based on car networking
CN110545279A (en) block chain transaction method, device and system with privacy and supervision functions
CN106789019B (en) Certificate-free partial blind signature method and device
Win et al. A privacy preserving content distribution mechanism for DRM without trusted third parties
CN108989054B (en) Cipher system and digital signature method
Jia et al. A remote user authentication scheme using bilinear pairings and ECC
Shao et al. New threshold anonymous authentication for VANETs

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant