CN109547212B - Threshold signature method based on SM2 signature algorithm - Google Patents
Threshold signature method based on SM2 signature algorithm Download PDFInfo
- Publication number
- CN109547212B CN109547212B CN201811473852.7A CN201811473852A CN109547212B CN 109547212 B CN109547212 B CN 109547212B CN 201811473852 A CN201811473852 A CN 201811473852A CN 109547212 B CN109547212 B CN 109547212B
- Authority
- CN
- China
- Prior art keywords
- signature
- user
- users
- calculating
- ltoreq
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Complex Calculations (AREA)
Abstract
The invention discloses a threshold signature method based on SM2 signature algorithm, which comprises a system establishing stage, a signature stage and a signature verification stage, wherein: in the system establishment phase, a plurality of participating users jointly generate a DSA key pair (x, y ═ g)x) Where y is a public value and x is shared among users; in the stage of generating the signature, a signature algorithm of DSA is adopted, a random number k in the DSA signature is jointly generated by n users, then an encrypted value of the DSA signature is jointly calculated through the property of homomorphic encryption, and finally the value is decrypted to generate the signature of the message digest. The invention provides a novel threshold signature method based on sm2 algorithm, wherein the total membership n in the method only needs to be more than or equal to t +1, and the intermediate result of each step output by a user can be verified. Therefore, the threshold signature method provided by the invention is more flexible and wider in application range.
Description
Technical Field
The invention relates to a threshold signature method based on an SM2 signature algorithm.
Background
The national crypto-authority issued SM2 elliptic curve public key cryptography on 12 months and 17 days 2010. The SM2 algorithm aims to guarantee the safety of various information systems and has great significance for the construction of commercial cipher products and information safety systems in China. The SM2 elliptic curve public key cryptographic algorithm comprises a digital signature algorithm, a key exchange protocol and a public key encryption algorithm.
In a common signature algorithm, the private key is held by only 1 user. If the user private key is stolen by an attacker, the attacker can forge the signature. To avoid this risk, desmdt et al propose the idea of a threshold signature. In threshold signatures, where the private key is shared by a community of n users, any t or more members collaborate to generate a valid signature on behalf of the community, and less than t members collaborate to generate a valid signature on behalf of the community.
In 2014, Shang Ming et al proposed a threshold signature algorithm based on sm2 algorithm. However, this algorithm has the following limitations: (1) the total number of group members n must be at least 2t +1 or more. Therefore, the method is not suitable for block chain signature scenes such as (2, 3), (2, 2) and the like. (2) The validity of the signature given by each user in the group cannot be verified, and only the final result can be authenticated. If the signature result is incorrect, a non-honest user cannot be determined.
Disclosure of Invention
In order to overcome the above disadvantages of the prior art, the present invention provides a threshold signature method based on SM2 signature algorithm.
The technical scheme adopted by the invention for solving the technical problems is as follows: a threshold signature method based on SM2 signature algorithm comprises a system establishing stage, a signature stage and a signature verification stage, wherein: in the system establishment phase, a plurality of participating users jointly generate a DSA key pair (x, y ═ g)x) Where y is a public value and x is shared among users; in the stage of generating the signature, a signature algorithm of DSA is adopted, a random number k in the DSA signature is jointly generated by n users, then an encrypted value of the DSA signature is jointly calculated through the property of homomorphic encryption, and finally the value is decrypted to generate the signature of the message digest.
Compared with the prior art, the invention has the following positive effects:
the invention provides a novel threshold signature method based on sm2 algorithm, wherein the total membership n in the method only needs to be more than or equal to t +1, and the intermediate result of each step output by a user can be verified.
Therefore, the threshold signature method provided by the invention is more flexible and wider in application range.
The method of the invention can be applied in a block chain system to support various applications, such as:
(1) the user stores the digital assets in the synthetic address, and both parties respectively master a private key and cannot independently control the assets. Both parties need to sign for a transaction when trading assets.
(2) For example, in a transaction, three parties are respectively from a buyer, a seller and an arbitrator, and each transaction requires a signature of the buyer, the seller and the arbitrator to complete the transaction.
Detailed Description
The threshold signature based on the SM2 signature algorithm proposed by the method comprises three stages: a system setup phase, a signature phase, and a verification signature phase.
In this method, the following three documents are cited as techniques for constructing our scheme.
A key generation method of a threshold homomorphic encryption scheme in cited documents of 'C.Hazay, G.L.Mikkelsen, T.Rabin, T.Toft.and A.A.Nicolosi: Efficient RSA key generation and threshold Pattern in the two-party setting' generates a user private key and a scheme public key of the threshold homomorphic encryption scheme, and the threshold encryption and decryption algorithms in the cited documents are cited as encryption algorithms E and D in the scheme; the notation in the cited literature in the method is preparedERepresenting homomorphic multiplication.
The commitment algorithm and commitment verification algorithm described in the documents "r.gennaro.multi-trailer Commitments and heat Applications to pro of sof Knowledge current Man-in-the-Middle attacks.proc.ofcrypto' 04, Springer LNCS 3152, pp.220-236" are cited as the Com algorithm and Ver algorithm in the present solution.
Zero knowledge evidence was generated and validated by the method in the literature "R.Gennaro, S.Goldfeder, Narayanan A.Threshold-Optimal DSA/ECDSA Signatures and an Application to Bitcion Wallet Security [ J ]. 2016".
The method comprises the following specific construction processes:
first, system establishment
In the present process, the main purpose is that multiple participating users jointly generate a DSA key pair (x, y ═ g)x) Where y is a public value and x is shared among users. A public key N for an additive homomorphic encryption scheme E is first generated, along with a secret key d in shared form between users. Secondly, each user selects a respective private key xiGenerating a public key yiAnd calculating a signature public key y; then for xiEncrypted with E, the value α ═ E (x) can be obtained according to the nature of the additive homomorphism. Note that α is an implicit (t, n) secret sharing of x, since the decryption key d for E is shared among users, only ≧ t users can recover key d.
Firstly, each user generates a user private key and a scheme public key of a threshold homomorphic encryption scheme by adopting a key generation method of the threshold homomorphic encryption scheme.
And (3) generating a scheme public key:
n users jointly generate a public key N of RSA; the composition form is Each user generates a pair of Paillier keys N independentlyi=pi.qiThen, p can be obtained by applying the property of Paillier homomorphic encryption between every two users through common calculationiqjThe value of (c).
1) The users each generate an RSA combination pair:
generating an ElGamal public key by the n users; in the group with original g and Q, each party PiSelecting a random number x'i∈ZQBroadcasting, broadcastingThen the public key of ElGamalEach user PiGenerating a Paillier key Ni=pi.qiAnd broadcast. p is a radical ofiAnd q isiIs a private key.
2) Computing a scheme public key N:
the main idea is to do for any two users PiAnd PjParticipating in protocol acquisitionIt can be directly calculated when i ═ j. Thereby obtaining
The method comprises the following specific steps:
For 1. ltoreq. i, j. ltoreq. n, PjWhen the secret key is NiThe Paillier encryption is calculated as follows:
For 1. ltoreq. i, j. ltoreq. n, each user confirms that everyone is actually dedicated to producing pi·qjThe fraction of (c).
Based on qjEncryption of, user PiCompute and broadcast pi·qjThe new encryption of (2); all parties then calculate the ElGamal encryption using homomorphismThe plaintext obtained after decryption by all users is 0.
For 1. ltoreq. i, j. ltoreq. n, all users use homomorphism calculationEncryption of (2). And P isiBroadcasting si。
And (3) generating a user private key:
when the private key of the user is generated, the addition sharing d of d is firstly calculatediCalculated by user togetherAndin this process d is obtainedi. Then, the values of d are calculated together, and a Shamir share of (t, n) is generated for d and is given to the related n users.
The second step is that:
1) each user randomly selects xiCalculating yi=xi*G,αi=E(xi) Calculate [ C ]i,Di]=Com(yi);
2) Per user broadcast Ci。
The third step:
1) calculating zero knowledge evidence pi for each user(0,i)
2) Broadcast per user Di,αi,Π(0,i)。
The fourth step:
1) each user verifying other user commitments yi=Ver(Ci,Di)
2) Each user verifying zero knowledge proof of other users
4) The algorithm public key is y
Second, generate signature
The main approach is to apply the signature algorithm of DSA. The random number k in the DSA signature is jointly generated by n users; namely, each participating user selects a random number and then calculates to obtain k, and the encrypted value of the DSA signature is obtained through the common calculation of the property of homomorphic encryption. Decrypting the value generates a signature of the message digest.
The first step is as follows:
each user Pi
1) Selecting rhoi∈RZq
2) Calculating ui=E(ρi),vi=ρi×Eα=E(ρix)
3) Calculating [ C ]1,i,D1,i]=Com([ui,vi])
4) Calculating zero knowledge evidence Π(1,i),
5) Broadcast C1,i
Second step, each user PiBroadcast D1,iZero knowledge evidence pi (1, i)
The third step:
each user Pi
1) Open other user commitments by calculating [ uj,vj]=Ver(C1,j,D1,j)
2) Verifying zero knowledge evidence II of other users(1,j)
The fourth step:
each user Pi
1) Selection of ki∈R Zqandci∈R[-q6,q6]
2) Calculating ri=ki*G,
3) Calculating wi=(ki×E u)+EE(ciq)=E(kiρ+ciq)
4) Calculating [ C ]2,i,D2,i]=Com(ri,wi)
5) Calculating zero knowledge evidence Π (2, i), (ensure uiAnd viIs correctly set up)
6) Broadcast C2,i(ensure each kiIndependence of (2)
Fifth step, each user PiBroadcast D2,iZero knowledge evidence pi (2, i)
And a sixth step:
each user Pi
1) Open other user commitments by calculating [ rj,wj]=Ver(C2,j,D2,j)
2) Verifying zero knowledge evidence II of other users(2,j)
The seventh step:
each user Pi
1) The threshold decryption v yields d (v) · η ∈ [ -q7, q7]And η mod q and ψ η-1mod q
2) Calculating sigma psi × E [ w + E (r × E u)]=ψ×E[E(kρ+cq)+E E(rρ)]
=(ρ-1x-1)×EE(kρ+cq+rρ)=E(x-1(k+r))
3) Threshold decryption σ, calculating s ═ D (v) -r modq
And eighthly, obtaining a signature (r, s).
Third, verify the signature
The verify signature step is consistent with the verify SM2 signature step.
Claims (6)
1. A threshold signature method based on SM2 signature algorithm is characterized in that: the method comprises a system establishing stage, a signature stage and a signature verification stage, wherein: in the system establishment phase, the participating n users jointly generate a DSA key pair (x, y ═ g)x) Where y is a public value and x is shared among users; in the stage of generating the signature, a signature algorithm of DSA is adopted, a random number k in the DSA signature is jointly generated by n users, then an encrypted value of the DSA signature is jointly calculated through the property of homomorphic encryption, and finally the value is decrypted to generate the signature of the message digest.
2. The threshold signature method based on the SM2 signature algorithm of claim 1, wherein: the method for generating the DSA key pair comprises the following steps: firstly, generating a public key N for an additive homomorphic encryption scheme E and a secret key d existing in a shared form among users; secondly, each user selects a respective private key xiGenerating a public key yiAnd calculating a signature public key y; then for xiE is used for encryption, and a value alpha (E) (x) is obtained through calculation according to the property of addition homomorphism, wherein alpha is implicit (t, n) secret sharing of x, a decryption key d of E is shared among users, and the key d can be recovered only by more than or equal to t users.
3. The threshold signature method based on the SM2 signature algorithm of claim 2, wherein: the specific process of establishing the system comprises the following steps:
firstly, each user generates a user private key and a scheme public key of a threshold homomorphic encryption scheme by adopting a key generation method of the threshold homomorphic encryption scheme;
second, each user randomly selects xiCalculating yi=xi*G,αi=E(xi) Calculate [ C ]i,Di]=Com(yi) (ii) a Per user broadcast Ci;
Thirdly, calculating zero knowledge evidence pi for each user(0,i)Prove thatSo that eta G ═ yi,D(αi) η; broadcast per user Di,αi,Π(0,i);
4. The threshold signature method based on the SM2 signature algorithm of claim 3, wherein: the method for generating the scheme public key comprises the following steps:
1) the users each generate an RSA combination pair:
generating an ElGamal public key by the n users; in generating the group of original g and order Q, each party PiSelecting a random number x'i∈ZQBroadcasting, broadcastingThen the public key of ElGamalEach user PiGenerating a Paillier key Ni=pi.qiAnd broadcast, piAnd q isiIs a private key;
2) computing a scheme public key N:
for 1. ltoreq. i, j. ltoreq. n, PjBroadcast uniform random valuesThe ElGamal encrypted value of (1);
For 1. ltoreq. i, j. ltoreq. n, PjWhen the secret key is NiThe Paillier encryption is calculated as follows:
For 1. ltoreq. i, j. ltoreq. n, each user confirms that everyone is actually dedicated to producing pi·qjBased on the share of qjEncryption of, user PiCompute and broadcast pi·qjThe new encryption of (2); all parties then calculate the ElGamal encryption using homomorphismThe plaintext obtained after all users decrypt is 0;
for 1. ltoreq. i, j. ltoreq. n, all users use homomorphism calculationIs encrypted, and PiBroadcasting si;
5. The threshold signature method based on the SM2 signature algorithm of claim 3, wherein: the method for generating the user private key comprises the following steps: compute d first for the additive share diObtained by common calculation of usersAndand in the process d is obtainedi(ii) a Then, the values of d are calculated together, and a Shamir share of (t, n) is generated for d and is given to the related n users.
6. The threshold signature method based on the SM2 signature algorithm of claim 1, wherein: the specific process of generating the signature includes:
first step, per user PiSelecting rhoi∈RZqCalculating ui=E(ρi),vi=ρi×Eα=E(ρix); calculating [ C ]1,i,D1,i]=Com([ui,vi]) (ii) a Calculating zero knowledge evidence Π(1,i)Prove thatSo that D (u)i)=η,D(vi) Eta D (e (x)), and then broadcast C1,i;
Second step, each user PiBroadcast D1,iZero knowledge evidence Π (1, i);
third step, each user PiOpen other user commitments by calculating [ uj,vj]=Ver(C1,j,D1,j) Verifying zero-knowledge evidence II of other users(1,j)And calculating u ═ E (ρ) and v ═ E (ρ x) after the verification is passed, wherein
Fourth step, each user PiSelection of ki∈R Zqandci∈R[-q6,q6]Calculating ri=kiG; calculating wi=(ki×Eu)+EE(ciq)=E(kiρ+ciq); calculating [ C ]2,i,D2,i]=Com(ri,wi) (ii) a Calculating zero knowledge evidence II (2, i) to proveSo that eta G ri,D(wi) η d (u) mod q, then broadcast C2,i;
Fifth step, each user PiBroadcast D2,iZero knowledge evidence Π (2, i);
sixth step, each user PiOpen other user commitments by calculating [ rj,wj]=Ver(C2,j,D2,j) Verifying zero-knowledge evidence II of other users(2,j)And calculating w ═ E (k ρ + cq) after the verification passes, whereinComputing
Seventh step, each user PiThe threshold decryption v yields d (v) · η ∈ [ -q7, q7]And η mod q and ψ η-1mod q; calculating sigma ═ psi × E [ w + E (r × Eu)]=ψ×E[E(kρ+cq)+EE(rρ)]=(ρ-1x-1)×EE(kρ+cq+rρ)=E(x-1(k + r)); threshold decryption σ, calculating s ═ d (v) -r modq;
and eighthly, obtaining a signature (r, s).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811473852.7A CN109547212B (en) | 2018-12-04 | 2018-12-04 | Threshold signature method based on SM2 signature algorithm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811473852.7A CN109547212B (en) | 2018-12-04 | 2018-12-04 | Threshold signature method based on SM2 signature algorithm |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109547212A CN109547212A (en) | 2019-03-29 |
CN109547212B true CN109547212B (en) | 2021-06-18 |
Family
ID=65852677
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811473852.7A Active CN109547212B (en) | 2018-12-04 | 2018-12-04 | Threshold signature method based on SM2 signature algorithm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109547212B (en) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111130786A (en) * | 2019-10-25 | 2020-05-08 | 武汉大学 | Multi-party cooperative SM2 key generation and ciphertext decryption method and medium |
CN110958114A (en) * | 2019-10-25 | 2020-04-03 | 武汉大学 | Two-party cooperative SM2 key generation and ciphertext decryption method and medium |
CN111064557A (en) * | 2019-12-25 | 2020-04-24 | 杭州安司源科技有限公司 | Distributed trusteeship digital currency threshold signature key distribution method |
CN111756537B (en) * | 2020-07-13 | 2022-11-29 | 广州安研信息科技有限公司 | Two-party cooperative decryption method, system and storage medium based on SM2 standard |
CN114338028A (en) * | 2020-09-28 | 2022-04-12 | 华为技术有限公司 | Threshold signature method and device, electronic equipment and readable storage medium |
CN112417489B (en) * | 2020-12-04 | 2022-09-30 | 矩阵元技术(深圳)有限公司 | Digital signature generation method and device and server |
CN113079020B (en) * | 2021-03-30 | 2022-05-06 | 桂林电子科技大学 | Multi-chain forensics method of alliance chain based on threshold signature decision system |
CN113300841B (en) * | 2021-05-25 | 2022-11-25 | 贵州大学 | Identity-based collaborative signature method and system |
CN113507374B (en) * | 2021-07-02 | 2021-11-30 | 恒生电子股份有限公司 | Threshold signature method, device, equipment and storage medium |
CN114157427B (en) * | 2021-12-02 | 2023-06-20 | 南京邮电大学 | SM2 digital signature-based threshold signature method |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1138927A (en) * | 1994-01-13 | 1996-12-25 | 银行家信托公司 | Cryptographic system and method with key escrow feature |
CN101267308A (en) * | 2008-04-24 | 2008-09-17 | 上海交通大学 | Democratic signature method with threshold tracking |
CN105933116A (en) * | 2016-06-27 | 2016-09-07 | 收付宝科技有限公司 | SM2-based electronic signature generating and verifying methods and devices |
CN108173639A (en) * | 2018-01-22 | 2018-06-15 | 中国科学院数据与通信保护研究教育中心 | A kind of two side's cooperation endorsement methods based on SM9 signature algorithms |
CN108667626A (en) * | 2018-07-20 | 2018-10-16 | 陕西师范大学 | The two sides cooperation SM2 endorsement methods of safety |
CN108667627A (en) * | 2018-07-20 | 2018-10-16 | 武汉大学 | SM2 digital signature methods based on two sides collaboration |
-
2018
- 2018-12-04 CN CN201811473852.7A patent/CN109547212B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1138927A (en) * | 1994-01-13 | 1996-12-25 | 银行家信托公司 | Cryptographic system and method with key escrow feature |
CN101267308A (en) * | 2008-04-24 | 2008-09-17 | 上海交通大学 | Democratic signature method with threshold tracking |
CN105933116A (en) * | 2016-06-27 | 2016-09-07 | 收付宝科技有限公司 | SM2-based electronic signature generating and verifying methods and devices |
CN108173639A (en) * | 2018-01-22 | 2018-06-15 | 中国科学院数据与通信保护研究教育中心 | A kind of two side's cooperation endorsement methods based on SM9 signature algorithms |
CN108667626A (en) * | 2018-07-20 | 2018-10-16 | 陕西师范大学 | The two sides cooperation SM2 endorsement methods of safety |
CN108667627A (en) * | 2018-07-20 | 2018-10-16 | 武汉大学 | SM2 digital signature methods based on two sides collaboration |
Non-Patent Citations (1)
Title |
---|
SM2椭圆曲线门限密码算法;尚铭;《密码学报》;20140415;第1卷(第2期);第155-166页 * |
Also Published As
Publication number | Publication date |
---|---|
CN109547212A (en) | 2019-03-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109547212B (en) | Threshold signature method based on SM2 signature algorithm | |
CN107707358B (en) | EC-KCDSA digital signature generation method and system | |
CN109194478B (en) | Method for generating SM9 digital signature by combining multiple parties under asymmetric environment | |
CN108667625B (en) | Digital signature method of cooperative SM2 | |
CN109660361B (en) | Method for generating SM9 digital signature by combining multiple parties under symmetric environment | |
CN107733648B (en) | Identity-based RSA digital signature generation method and system | |
CN108667627B (en) | SM2 digital signature method based on two-party cooperation | |
CN114157427B (en) | SM2 digital signature-based threshold signature method | |
CN110011803B (en) | Method for cooperatively generating digital signature by two parties of light SM2 | |
CN110120939B (en) | Encryption method and system capable of repudiation authentication based on heterogeneous system | |
CN109547199B (en) | Method for generating SM2 digital signature by combining multiple parties | |
CN103248478A (en) | Multi-party security agreement based sealed electric auction scheme and verification method | |
CN110601859B (en) | Certificateless public key cryptographic signature method based on 25519 elliptic curve | |
CN104767612A (en) | Signcryption method from certificateless environment to public key infrastructure environment | |
CN109639439A (en) | A kind of ECDSA digital signature method based on two sides collaboration | |
CN104767611A (en) | Signcryption method from public key infrastructure environment to certificateless environment | |
CN111355582A (en) | Two-party combined signature and decryption method and system based on SM2 algorithm | |
CN110061828A (en) | Distributed digital endorsement method without trusted party | |
CN111030821B (en) | Encryption method of alliance chain based on bilinear mapping technology | |
CN113132104A (en) | Active and safe ECDSA (electronic signature SA) digital signature two-party generation method | |
Islam et al. | Certificateless strong designated verifier multisignature scheme using bilinear pairings | |
CN115473631A (en) | Block chain certificateless aggregation signcryption key negotiation method based on Chinese remainder theorem | |
EP1571778A1 (en) | Method for generating fair blind signatures | |
CN108055134B (en) | Collaborative computing method and system for elliptic curve point multiplication and pairing operation | |
Kwak et al. | Efficient distributed signcryption scheme as group signcryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |