CN109600233A - Group ranking mark based on SM2 Digital Signature Algorithm signs and issues method - Google Patents

Group ranking mark based on SM2 Digital Signature Algorithm signs and issues method Download PDF

Info

Publication number
CN109600233A
CN109600233A CN201910036016.0A CN201910036016A CN109600233A CN 109600233 A CN109600233 A CN 109600233A CN 201910036016 A CN201910036016 A CN 201910036016A CN 109600233 A CN109600233 A CN 109600233A
Authority
CN
China
Prior art keywords
group
group members
key
public key
members
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910036016.0A
Other languages
Chinese (zh)
Other versions
CN109600233B (en
Inventor
马文平
刘威
刘小雪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201910036016.0A priority Critical patent/CN109600233B/en
Publication of CN109600233A publication Critical patent/CN109600233A/en
Application granted granted Critical
Publication of CN109600233B publication Critical patent/CN109600233B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3033Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3255Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Abstract

The group ranking mark that the invention proposes a kind of based on SM2 digital signature signs and issues method, mainly solve the prior art sign and issue with sign test low efficiency, the problem of Membership Revocation difficulty, implementation is: system initialization parameter;Key generation centre generates group's public key PKGMWith group's private key SKGM;Group members application enters group, and generates public private key pair (SKA, PKA), signature intermediate quantity EASymmetrical code key θ is shared with group;Group members use the private key SK of oneselfAWith signature intermediate quantity EAGroup ranking is carried out to message M;It is legal that verifier's verifying group ranking identifies whether, if legal, terminates group ranking, and otherwise, group administrator utilizes group's private key SKGMMark is opened, the identity ID of signer is trackedA;Group administrator selects new group to share symmetrical code key, and revocation identity is IDAGroup members.Code key length of the present invention is short, have a safety feature, sign and issue it is high-efficient with sign test, can be used for realizing information service entities under Alliance Network system group ranking mark sign and issue and authenticate.

Description

Group ranking mark based on SM2 Digital Signature Algorithm signs and issues method
Technical field
The invention belongs to network communication technology field, further relates to a kind of group ranking mark and sign and issue method, can apply It is identified in the group ranking for realizing information service entities under Alliance Network system and signs and issues and authenticate.
Background technique
Group's digital signature is to be proposed by D.Chaum and E.van Heyst in 1991.J.Camenish, M.Stadler, J.Camenish, M.Michels, G.Ateniese and G.Tsudik et al. are modified it and perfect. In a group signature scheme, any one member in a group can represent entire group to message in a manner of anonymous It signs.As other digital signature, group ranking can be disclosed and be verified, and can only be tested with single group's public key Card.Since group ranking has secret protection and traceable double grading, hyundai electronics commercial affairs, electronic money, trust computing, Many fields such as network forensics, hiding interior tissue framework, Electronic Voting Protocol all play indispensable role.
For the application demand for meeting digital certificate service system, national Password Management office issued on December 17th, 2010 SM2 ellipse curve public key cipher algorithm, in November, 2018, SM2 signature algorithm was with script form with ISO/IEC14888-3:2018 " digital signature third portion of the information security technology with annex: the mechanism based on discrete logarithm " newest publication.In details On, SM2 algorithm defines the details such as signature, verifying, key exchange.
One good group ranking mark, which signs and issues scheme not only, can safely and efficiently generate group ranking mark, but also can pacify Complete effective abolishment group members, group ranking mark can be efficiently opened when disputing on, determines the true identity of signer. Since the public key of group members and its true identity have one-to-one relationship, if group members are every time using identical public key to message It signs, identifies whether to be signed by same people then attacker can deduce this group ranking using signature mark, in this way The Unlinkability of group ranking mark is not can guarantee, it is therefore desirable to public key will be updated in each period to ensure Unlinkability. But update code key will lead to member and require to be registered in each signature to obtain member certifications at regular intervals, this is just So that the efficiency of group ranking process substantially reduces.For example, communication journal the 5th phase hair of volume 37 of Liang Yan, Zhang Xiao in May, 2016 In the article of entitled " electronic cash system based on no certificate group signature scheme " of table, one kind is proposed efficiently without certificate Group signature scheme, when step 3.3 member is added, member needs that newly-generated code key is sent to crowd administrator every time, in this way Each signature process requires duplicate this process of progress, greatly increases calculation amount, reduces signature efficiency.
BJ University of Aeronautics & Astronautics is in a kind of patent document " Verifiable Encryptosystem group ranking side with anonymity of its application Openly realized in method " (application number CN201810198425.6, publication number CN108551435A) it is a kind of with anonymity can Verifying encryption group signature method.In the method, it when user's determination will carry out file signing, first has to be infused in systems Volume obtains signature key, then generates Verifiable Encryptosystem group ranking using signature key and arbitrator's public key.Verifier is not understanding Signature validity can be verified in the case where close.Group administrator recycles tracking key recovery to go out signer identity, arbitrates Person recovers former signature from Verifiable Encryptosystem group ranking again, and the deficiency of the program is: the revocation of member cannot be efficiently carried out, When dispute occurs for group ranking or group members have deceptive practices in signature process, group administrator cannot immediately be removed the user This group, this will lead to the member can during this period in continue to represent entire group and generate illegal group ranking.
Summary of the invention
It is an object of the invention in view of the above shortcomings of the prior art, provide a kind of group's label based on SM2 digital signature Name mark signs and issues method, signs and issues efficiency to improve under the premise of guaranteeing signer anonymity, and will dispute on when signing and issuing Or the member that there is deception quickly cancels, and prevents illegal group ranking mark.
To achieve the above object, the present invention program includes the following:
(1) parameter initialization:
If FqIt is the finite field that rank is q;Selection elliptic curve equation E is y2=x3+ ax+b, wherein a, b ∈ Fq;Equipped with limit Domain FqThe collection of all rational point compositions of upper elliptic curve equation E is combined into E (Fq);If the basic point G=(x that the rank on E is nG, yG), wherein xG,yGFor the coordinate of basic point;Choose the cryptographic Hash algorithm H that message-length is v bitv();Choose secure hash letter Number H:{ 0,1 } → ZG, wherein ZGFor the integer value of basic point G, choose symmetric encipherment algorithm E ();
(2) key generation centre KGC is randomly selectedAs group's private key, whereinIt is the string integer that rank is q, And by group's private key SKGMProduct with basic point G is as group's public key: PKGM=SKGMG;
(3) group is added in group members A:
(3.1) key generation centre KGC is that group members A generates public private key pair (SKA, PKA), group members A is by identity information (IDA,PKA) crowd administrator GM is sent to by safe lane, wherein IDAFor group members A true identity, PKAFor group members A's Public key, SKAFor the private key of group members A;Group administrator GM is by the identity information (ID of group members AA,PKA) store and arrive group members information In list, and calculate group ranking intermediate quantity EA, then pass through safe lane for EAIt is sent to group members A;
(3.2) group administrator GM first selects multinomial Wherein, t is the sum of group members, xiIt is the assumed name of i-th of group members, θ is that group shares symmetrical code key, (C0, C1,…,Ct-1) be;The assumed name x of ω times of point the W=ω G and group members A of basic point G on elliptic curve are calculated againA, and by the W point and The polynomial parameters disclose in group, and wherein t is the quantity of group members;
(3.3) group members A parameter (C based on the received0,C1,…,Ct-1), it calculates group and shares symmetrical code key θ;
(4) group members A signs to message M:
(4.1) group members A sends symmetrical ciphertext Eθ(IDA,PKA,T, T) and give group administrator GM, wherein PKA,TFor group members A's Temporary public key, T are the timestamp of current time, Eθ() is symmetric encipherment algorithm;
(4.2) group administrator GM receives ciphertext Eθ(IDA,PKA,T, T) decrypted afterwards using code key θ, if successful decryption and when Between stamp T it is effective, then identity information (the ID of member A can be obtainedA,PKA,T, T), it executes step (4.3) and otherwise terminates this label Name;
(4.3) group members A generates random number k ∈ [1, n-1], and wherein n is the order of basic point G, and calculates on elliptic curve Point K=(x1,y1)=[k] G, wherein x1,y1For the transverse and longitudinal coordinate of required point;
(4.4) group members A chooses three random numbersAnd utilize message M to be signed, group's public key PKGMAnd The temporary private SK of group members AA,T, group ranking is exported by probabilistic algorithm and is identified as (c, s1,s2,s3,TA,T, r, s), wherein c It is that hash function acts on temporary public key PKA,TWith group's public key PKGMHash Value, s1It is the first random number r1Blind value, s2It is Second random number r2Blind value, s3It is third random number r3With temporary private SKA,TBlind value, TA,TFor member's private key SKA,T To signature intermediate quantity EASecret value, r be by elliptic curve point abscissa x1The remainder values found out, s are group's public key PKGMTo with Machine number r1,r2,r3Blind value;
(5) (c, s are identified to group ranking1,s2,s3,TA,T,PKA,T, r, s) and it is verified:
(5.1) verifier B is first examined r ∈ [1, n-1], and whether s ∈ [1, n-1] is true, if so, it then executes (5.2), it is no Then, group ranking mark is illegal, executes step (6);
(5.2) verifier B successively calculates the Hash Value e ' and sign test intermediate quantity t ' of message M to be signed again, and calculates ellipse Curve point (x '1,y′1)=(s1+s3)-1(s-t ') and sign test value R=(e '+x '1) mod n, wherein x '1,y′1For required ellipse The transverse and longitudinal coordinate of curve point, mod n indicate an integer division with the complementation operation of n;
(5.3) whether verifier B verifying R=r is true, if so, then group ranking mark is legal, terminates group ranking process, Otherwise, group ranking mark is illegal, executes (6);
(6) group administrator GM extracts member's private key SK from group ranking markA,TTo signature intermediate quantity EASecret value TA,T, use group's private key SKGMWith the temporary public key PK of group members AA,TCalculate the public key PK of signerA, then by being stored in into Group members identity information (ID in member's information listA,PKA) track the group members true identity ID of signatureA, execute (7);
(7) group administrator GM selects a new group to share symmetrical code keyAnd generate new polynomial f (x) ', It calculates except the group members true identity ID for tracking signatureAThe assumed name x of remaining t-1 group members in additioni, and will be new multinomial Formula parameter (C0′,C1′,…Ct-1') open, so that being tracked to identity is IDAGroup members will be unable to calculate by the parameter New group shares symmetrical code key, thus can not sign, and the group members are revoked at this time.
Compared with the prior art, the present invention has the following advantages:
First, SM2 number label are applied during signature information M signs since the present invention is treated in group members A Name algorithm increases other people and passes through the person's of forging a signature identity so that can carry the identity information by signer in group ranking mark The difficulty for generating illegal group ranking mark, guarantees that signature process is safer, simultaneously because group ranking algorithm is established oval bent On line model, the code key length generated in code key generating process is shortened, and the length of key is not influenced by group members quantity, Signing and issuing of realizing that under the premise of guaranteeing higher-security group ranking identifies is more efficient with verification process.
Second, since group members A of the present invention is signed in signature process using temporary key, so that removing group administrator Group members outside GM can not go to judge whether two different signatures are signed by same people by temporary public key, improve group ranking The Unlinkability and forward security of mark;Simultaneously in order to realize traceability, group ranking intermediate quantity E is introducedA, so that group manages Member GM can be according to the identity information (ID of group members AA,PKA) generate the group ranking intermediate quantity E not changed overA, avoid group The formality that member will be registered before each group ranking improves the efficiency of signature.
Third, since the present invention is when group members are registered, it is shared symmetrical that group members obtain group by way of privacy sharing Code key, so that group administrator GM need to only reselect group and share symmetrical code key θ ', and broadcast newly more when cancelling to group members Item formula parameter (C0′,…,C1′,Ct-1'), other group members can continue parameter based on the received and calculate shared pair of new group Claim code key, and represent entire group and sign, overcomes the prior art when cancelling member, need replacing group public key, group members The trouble for needing to re-register improves the efficiency of revocation group members.
Detailed description of the invention
Fig. 1 is implementation flow chart of the invention.
Specific embodiment
1 couple of present invention is described further with reference to the accompanying drawing.
Referring to figure, steps are as follows for the realization of this example:
Step 1, parameter initialization.
(1.1) F is setqIt is the finite field that rank is q, wherein q is the square power of odd prime either 2, when q is odd prime When, it is desirable that q > 2191;When q is 2 square power 2mWhen, it is desirable that m > 192 and be prime number, when q is odd prime, element in prime field is used Integer 0,1,2 ..., q-1 are indicated;When q is 2 square power 2mWhen, binary expands domainThe F that rank is 22On m dimensional vector space, yuan The Bit String that plain length available is m indicates;
(1.2) finite field F is chosenqElliptic curve equation E are as follows:
y2=x3+ ax+b,<1>
Wherein elliptic curve parameter a, b ∈ Fq, and (4a3+27b2) q ≠ 0 mod, wherein mod q indicates integer division with q's Complementation operation;
(1.3) it is equipped with confinement FqThe collection of all rational point compositions of upper elliptic curve equation E is combined into E (Fq), wherein E (Fq)={ (x, y) | x, y ∈ Fq, and meet equation<1>} ∪ { O }, wherein O is infinite point;
(1.4) it is equipped with confinement FqElliptic curve equation E on rank be n basic point G=(xG,yG), wherein xG,yGFor basic point Transverse and longitudinal coordinate;
(1.5) the cryptographic Hash algorithm H that message-length is v bit is chosenv(Z), wherein v indicates the length of eap-message digest, Cryptographic Hash algorithm, Z indicate eap-message digest;
(1.6) symmetric encipherment algorithm E () is chosen.
Step 2, key generation centre generates group's public key and group's private key.
Key generation centre KGC is randomly selectedAs group's private key, whereinIt is the string integer that rank is q, and will Group's private key SKGMProduct with basic point G is as group's public key: PKGM=SKGMG;
Step 3, group is added in group members application.
(3.1) when group members A application enters group, group administrator GM first chooses random numberAs group members A's Private key, and calculate the public key PK of group members AA=SKAG, wherein G is the basic point of elliptic curve, and group members A passes through safety letter later Road is by public private key pair (SKA, PKA) it is sent to group members A, after group members A receives the public private key pair of oneself, by the identity of oneself With public key information (IDA,PKA) crowd administrator GM is sent to by safe lane, wherein IDAFor the true identity of group members A, group Administrator is stored in group members information list after receiving identity public key information;
(3.2) group administrator GM chooses group ranking intermediate quantity random numberAnd it is calculated in group ranking using following formula Area of a room EA:
EA=(SKGM+PKA)·γ-1 <2>
Wherein, SKGMFor group's public key, PKAFor the public key of group members A, group administrator GM passes through safe lane for E laterAHair Give group members A;
(3.3) group administrator GM selects multinomial:
Wherein, t is the sum of group members, xiIt is the assumed name of i-th of group members, θ is that group shares symmetrical code key;
(3.4) group administrator GM calculates the ω times of point W=ω G of basic point G on elliptic curve, and the W point is disclosed in group, And the assumed name x of group members A is calculated using following formulaA:
xA=H (IDA||ωPKA) <4>
Wherein, H () is hash function, IDAFor the true identity of group members A, PKAFor the public key of group members A;
(3.5) group administrator GM is by the assumed name x of calculated group members AAIt is brought into the polynomial f (x) of selection, obtains Following formula:
Wherein, (C0,C1,…,Ct-1) it is polynomial parameter;Group administrator GM is by polynomial parameters (C later0,C1,…, Ct-1) disclosed in group;
(3.6) group members A parameter (C based on the received0,C1,…,Ct-1) and disclosed elliptic curve on ω times of basic point G Point W calculates group and shares symmetrical code key θ, is accomplished by
The private key of ω times of the point W and oneself of basic point G on the first elliptic curve according to disclosed in group administrator of (3.6a) group members A SKA, calculate the assumed name x of oneselfA'=H (IDA||WSKA);
(3.6b) group members A calculates group by following formula and shares symmetrical code key θ:
Wherein, t is the membership in group, xiIt is the assumed name of i-th of group members, (C0,…,C1,Ct-1) it is polynomial Parameter.
Step 4, group members carry out group ranking.
(4.1) group members A is recording current time stamp T ∈ { 0,1 }*Afterwards, the temporary private of group members A is first calculated SKA,T=H (SKA| | T), then calculate group members A temporary public key PKA,T=SKA,TG, wherein SKAFor the private key of group members A, H () For secure hash function, wherein G is the basic point of elliptic curve;
(4.2) group members A sends symmetrical ciphertext Eθ(IDA,PKA,T, T) and give group administrator GM, wherein Eθ() is symmetric cryptography Algorithm;
(4.3) group administrator GM receives ciphertext Eθ(IDA,PKA,T, T) and it is decrypted afterwards using code key θ, if successful decryption, and when Between stamp T it is effective, then identity information (the ID of member A can be obtainedA,PKA,T, T), it executes step (4.4) and otherwise terminates this label Name;
(4.4) group members A generates random number k ∈ [1, n-1], and wherein n is the order of basic point G, and calculates on elliptic curve Point β=(x1,y1)=[k] G, wherein x1,y1For the transverse and longitudinal coordinate of required point;
(4.5) group members A calculates group ranking mark by probabilistic algorithm, is accomplished by
(4.5a) group members A utilizes following formula, calculates hash function and acts on temporary public key PKA,TWith group's public key PKGM's Hash Value c:
C=H (PKA,T||PKGM||EA) <7>
Wherein, H () is secure hash function, PKA,TFor the temporary public key of group members A, PKGMFor group's public key, EAFor in signature The area of a room;
(4.5b) group members A first sits the transverse and longitudinal of basic point G on two parameters a and b of elliptic curve equation, elliptic curve Mark xG、yGAnd the A public key PK of group membersATransverse and longitudinal coordinate xA、yAData type conversion is Bit String, and following formula is recycled to calculate Hash function acts on the Hash Value Z of group members A identity informationA:
ZA=H256(ENTLA||IDA||a||b||xG||yG||xA||yA) <8>
Wherein, IDAFor the true identity of group members A, ENTLAIt is IDALength value;
(4.5c) group members A calculates the Hash Value of message M to be signed: e=Hv(ZA| | M), wherein Hv() is cryptographic Hash letter Number, v is eap-message digest length;
(4.5d) group members A calculates the abscissa x by elliptic curve point1The remainder values found out: r=(e+x1) mod n, Middle x1For elliptic curve point (x1,y1) abscissa, mod n indicate an integer division with the complementation operation of n;
(4.5e) group members A chooses three random numbersAnd first is successively calculated at random by following formula Number r1Blind value s1, the second random number r2Blind value s2, third random number r3With temporary private SKA,TBlind value s3:
s1=r1- ce,
s2=r2- ce,<9>
s3=r3-cSKA,Tk-1,
Wherein, k is that group members A is calculating the point (x on elliptic curve1,y1) when the random number that selects, SKA,TFor group members A Temporary private;
(4.5f) group members A calculates member's temporary private SK using following formulaA,TTo signature intermediate quantity EASecret value TA,T:
TA,T=EA+SKA,TPKGM <10>
Integral point β on elliptic curve is calculated group's public key PK by (4.5g) group members AGMTo three random number r1,r2,r3It is blind Change value s=r1TA,T-r2GPKGM+r1β-r2G+r3β;
(4.6) output group ranking is identified as (c, s1,s2,s3,TA,T,PKA,T,r,s)。
Step 5, verifying group ranking mark.
(5.1) verifier D is first examined r ∈ [1, n-1], and whether s ∈ [1, n-1] is true, if so, it then executes (5.2), it is no Then, group ranking mark is illegal, executes step 6;
(5.2) verifier D successively calculates the Hash Value e ' and sign test intermediate quantity t ' of message M to be signed, as follows into Row:
T '=c (PKGM+GPKA,T)+s1TA,T-s2GPKGM-s2G+cPKA,T <11>
E '=Hv(ZA||M) <12>
Wherein, c is that hash function acts on temporary public key PKA,TWith group's public key PKGMHash Value, PKGMFor group's public key, G For the basic point of elliptic curve, PKA,TFor the temporary private of group members A, s1For the first random number r1Blind value, s2It is random for second Number r2Blind value, PKGMFor group's public key, Hv() is cryptographic Hash function, and v is eap-message digest length, ZAFor the hash of group members A Value.
(5.3) elliptic curve point (x ' is calculated1,y′1)=(s1+s3)-1(s-t ') and sign test value R=(e '+x '1) mod n, Wherein x '1,y′1For the transverse and longitudinal coordinate of required elliptic curve point, mod n indicates an integer division with the complementation operation of n;
(5.4) whether verifier D verifying R=r is true, if so, then group ranking mark is legal, terminates group ranking process, Otherwise, group ranking mark is illegal, executes step 6.
Step 6, group ranking mark is opened.
(6.1) group administrator GM uses group's private key SKGMWith the temporary public key PK of group members AA,TCalculate the public key of signer PKA, it is accomplished by
(6.1a) group administrator GM calculates the group ranking intermediate quantity E of tracing process by following formulaA′:
EA'=TA,T-PKA,TSKGM,<13>
Wherein, TA,TFor member's private key SKA,TTo signature intermediate quantity EASecret value, PKA,TFor the temporary public key of signer, SKGMFor group's private key;
The public key PK of (6.1b) group administrator GM calculating group members AA=γ EA′-SKGM, wherein γ is group administrator GM choosing Take the intermediate quantity random number of group ranking;
(6.2) the group administrator GM group members identity information (ID by being stored in information about firms list againA,PKA) tracking To the group members true identity ID of signatureA, execute (7);
Step 7, group members are cancelled.
(7.1) group administrator GM selects a new group to share symmetrical code keyGenerate new polynomial f (x) ', table Show as follows:
Wherein, t is the membership in group, xiIt is the assumed name of i-th of group members, θ ' is that newly-generated group is shared symmetrical secret Key, (C0′,C1′,…Ct-1') it is newly-generated polynomial parameter.
(7.2) group administrator GM is calculated except the group members true identity ID for tracking signatureARemaining t-1 group in addition at The assumed name x of memberi, and by new polynomial parameters (C0′,C1′,…Ct-1') open, so that being tracked to identity is IDAGroup at Member, which will be unable to calculate new group by the parameter, shares symmetrical code key, thus can not sign, and the group members are removed at this time Pin.
Above description is only example of the present invention, does not constitute any limitation of the invention, it is clear that for It, all may be without departing substantially from the principle of the present invention, knot after having understood the content of present invention and principle for one of skill in the art In the case where structure, various modifications and change in form and details are carried out, but these amendments based on inventive concept and change Become still within the scope of the claims of the present invention.

Claims (10)

1. a kind of group ranking mark based on SM2 Digital Signature Algorithm signs and issues method, which is characterized in that include the following:
(1) parameter initialization:
If FqIt is the finite field that rank is q;Selection elliptic curve equation E is y2=x3+ ax+b, wherein a, b ∈ Fq;Equipped with confinement FqOn The collection of all rational point compositions of elliptic curve equation E is combined into E (Fq);If the basic point G=(x that the rank on E is nG, yG), wherein xG, yGFor the coordinate of basic point;Choose the cryptographic Hash algorithm H that message-length is v bitv();Secure hash function H:{ 0 is chosen, 1}→ZG, wherein ZGFor the integer value of basic point G, choose symmetric encipherment algorithm E ();
(2) key generation centre KGC is randomly selectedAs group's private key, whereinIt is the string integer that rank is q, and will Group's private key SKGMProduct with basic point G is as group's public key: PKGM=SKGMG;
(3) group is added in group members A:
(3.1) group administrator GM is that group members A generates public private key pair (SKA, PKA), and group members A is sent to by safe lane, Group members A is by identity and public key information (IDA, PKA) crowd administrator GM is sent to by safe lane, wherein IDAFor group members A True identity, PKAFor the public key of group members A, SKAFor the private key of group members A;Group administrator GM is by the identity information of group members A (IDA, PKA) store into group members information list, and calculate group ranking intermediate quantity EA, then pass through safe lane for EAIt is sent to Group members A;
(3.2) group administrator GM first selects multinomial Wherein, t is the sum of group members, xiIt is the assumed name of i-th of group members, θ is that group shares symmetrical code key, (C0, C1..., Ct-1) For polynomial parameter;The assumed name x of ω times of point the W=ω G and group members A of basic point G on elliptic curve are calculated againA, and by the W Point and the polynomial parameters disclose in group;
(3.3) group members A parameter (C based on the received0, C1..., Ct-1), it calculates group and shares symmetrical code key θ;
(4) group members A signs to message M:
(4.1) group members A sends symmetrical ciphertext Eθ(IDA, PKA, T, T) and give group administrator GM, wherein PKA, TFor the interim of group members A Public key, T are the timestamp of current time, Eθ() is symmetric encipherment algorithm;
(4.2) group administrator GM receives ciphertext Eθ(IDA, PKA, T, T) and it is decrypted afterwards using code key θ, if successful decryption and time stamp T Effectively, then identity information (the ID of member A can be obtainedA, PKA, T, T), it executes step (4.3) and otherwise terminates this signature;
(4.3) group members A generates random number k ∈ [1, n-1], and wherein n is the order of basic point G, and calculates the point β on elliptic curve =(x1, y1)=[k] G, wherein x1, y1For the transverse and longitudinal coordinate of required point;
(4.4) group members A chooses three random numbersAnd utilize message M to be signed, group's public key PKGMAnd group at The temporary private SK of member AA, T, group ranking is exported by probabilistic algorithm and is identified as (c, s1, s2, s3, TA, T, PKA, T, r, s), wherein c It is that hash function acts on temporary public key PKA, TWith group's public key PKGMHash Value, s1It is the first random number r1Blind value, s2It is Second random number r2Blind value, s3It is third random number r3With temporary private SKA, TBlind value, TA, TFor member's private key SKA, T To signature intermediate quantity EASecret value, r be by elliptic curve point abscissa x1The remainder values found out, s are group's public key PKGMTo with Machine number r1, r2, r3Blind value;
(5) (c, s are identified to group ranking1, s2, s3, TA, T, PKA, T, r, s) and it is verified:
(5.1) verifier D is first examined r ∈ [1, n-1], and whether s ∈ [1, n-1] is true, if so, (5.2) are then executed, otherwise, Group ranking is illegal, executes step (6);
(5.2) verifier D successively calculates the Hash Value e ' and sign test intermediate quantity t ' of message M to be signed again, and calculates elliptic curve Point (x '1, y '1)=(s1+s3)-1(s-t ') and sign test value R=(e '+x '1) mod n, wherein x '1, y '1For required elliptic curve The transverse and longitudinal coordinate of point, mod n indicate an integer division with the complementation operation of n;
(5.3) whether verifier D verifying R=r is true, if so, then group ranking is legal, terminates group ranking process, otherwise, group's label Name is illegal, executes (6);
(6) group administrator GM extracts member's private key SK from group rankingA, TTo signature intermediate quantity EASecret value TA, T, use group Private key SKGMWith the temporary public key PK of group members AA, TCalculate the public key PK of signerA, then by being stored in information about firms list In group members identity information (IDA, PKA) track the group members true identity ID of signatureA, execute (7);
(7) group administrator GM selects a new group to share symmetrical code keyAnd generate new polynomial f (x) ', calculating removes Track the group members true identity ID of signatureAThe assumed name x of remaining t-1 group members in additioni, and by new polynomial parameters (C0', C1' ... Ct-1') open, so that being tracked to identity is IDAGroup members will be unable to calculate new group by the parameter Symmetrical code key is shared, thus can not be signed, the group members are revoked at this time.
2. the method according to claim 1, wherein key generation centre KGC is group members A in (3.1) Generate public private key pair (SKA, PKA), it is that random number is chosen by group administrator GMAs the private key of group members A, and calculate The public key PK of group members AA=SKAG, wherein G is the basic point of elliptic curve.
3. the method according to claim 1, wherein group administrator GM is calculated among group ranking in (3.1) Measure EA, it is that group ranking intermediate quantity random number is chosen by group administrator GMGroup ranking intermediate quantity is calculated using following formula EA:
EA=(SKGM+PKA)·γ-1
Wherein, SKGMFor group's public key, PKAFor the public key of group members A.
4. the method according to claim 1, wherein group administrator GM first selects random number in (3.2)Following formula is recycled to calculate the assumed name x of group members AA:
xA=H (IDA||ωPKA)
Wherein, H () is hash function, IDAFor the true identity of group members A, PKAFor the public key of group members A.
5. the method according to claim 1, wherein to calculate group shared symmetrical secret by group members A in (3.3) Key θ, is accomplished by
The ω times of point W and the private key SK of oneself of basic point G on the first elliptic curve according to disclosed in group administrator of (3.3a) group members AA, Calculate the assumed name x of oneselfA'=H (IDA||WSKA);
(3.3b) group members A calculates group by following formula and shares symmetrical code key θ:
Wherein, t is the membership in group, xiIt is the assumed name of i-th of group members, (C0..., C1, Ct-1) it is polynomial parameter.
6. the method according to claim 1, wherein the temporary public key PK in (4.1)A, T, it is by group members A is recording current time stamp T ∈ { 0,1 }*Afterwards, the temporary private SK of group members A is first calculatedA, T=H (SKA| | T), then calculate Group members A temporary public key PKA, T=SKA, TG, wherein SKAFor the private key of group members A, H () is secure hash function, wherein G is The basic point of elliptic curve.
7. the method according to claim 1, wherein being by probabilistic algorithm output group ranking in (4.4) (c, s1, s2, s3, TA, T, PKA, T, r, s), it is accomplished by
(4.4a) utilizes following formula, calculates hash function and acts on temporary public key PKA, TWith group's public key PKGMHash Value c:
C=H (PKA, T||PKGM||EA)
Wherein, H () is secure hash function, PKA, TFor the temporary public key of group members A, PKGMFor group's public key, EAIt is intermediate for signature Amount;
(4.4b) group members A is first by the transverse and longitudinal coordinate x of basic point G on two parameters a and b of elliptic curve equation, elliptic curveG、 yGAnd group members A public key PKATransverse and longitudinal coordinate xA、yAData type conversion is Bit String, and following formula is recycled to calculate hash letter Number acts on the Hash Value Z of group members A identity informationA:
ZA=H256(ENTLA||IDA||a||b||xG||yG||xA||yA),
Wherein, IDAFor the true identity of group members A, ENTLAIt is IDALength value;
(4.4c) group members A calculates the Hash Value e=H of message M to be signedv(ZA| | M), wherein Hv() is cryptographic Hash function, v It is eap-message digest length;
(4.4d) group members A calculates the abscissa x by elliptic curve point1Remainder values r:r=(the e+x found out1) mod n, wherein x1 For elliptic curve point (x1, y1) abscissa, mod n indicate an integer division with the complementation operation of n;
(4.4e) group members A calculates the first random number r1Blind value s1: s1=r1-ce;
(4.4f) group members A calculates the second random number r2Blind value s2: s2=r2-ce;
(4.4g) group members A calculates third random number r3With temporary private SKA, TBlind value s3: s3=r3-cSKA, Tk-1, wherein K is that group members A is calculating the point (x on elliptic curve1, y1) when the random number that selects;
(4.4h) group members A calculates member's temporary private SK using following formulaA, TTo signature intermediate quantity EASecret value TA, T:
TA, T=EA+SKA, TPKGM
(4.4i) group members A is by the point (x on elliptic curve1, y1) integral point β is converted to, calculate group's public key PKGMTo random number r1, r2, r3Blind value s=r1TA, T-r2GPKGM+r1β-r2G+r3β。
8. the method according to claim 1, wherein verifier B successively calculates message to be signed in (5.2) The Hash Value e ' and sign test intermediate quantity t ' of M is carried out as follows:
T '=c (PKGM+GPKA, T)+s1TA, T-s2GPKGM-s2G+cPKA, T,
E '=Hv(ZA| | M),
Wherein, c is that hash function acts on temporary public key PKA, TWith group's public key PKGMHash Value, PKGMFor group's public key, G is ellipse The basic point of curve, PKA, TFor the temporary private of group members A, s1For the first random number r1Blind value, s2For the second random number r2's Blind value, PKGMFor group's public key, Hv() is cryptographic Hash function, and v is eap-message digest length, ZAFor the Hash Value of group members A.
9. the method according to claim 1, wherein using group's private key SK in (6)GMWith facing for group members A When public key PKA, TCalculate the public key PK of signerA, it is accomplished by
(6a) group administrator GM calculates the group ranking intermediate quantity E of tracing process by following formulaA':
EA'=TA, T-PKA, TSKGM,
Wherein, TA, TFor member's private key SKA, TTo signature intermediate quantity EASecret value, PKA, TFor the temporary public key of signer, SKGMFor Group's private key;
(6b) group administrator GM calculates PKA=γ EA′-SKGM, wherein γ is that the intermediate quantity of group administrator GM selection group ranking is random Number.
10. the method according to claim 1, wherein (7) the group administrator GM selects a new group shared The new polynomial f (x) of symmetrical code key θ ' generation ', it is expressed as follows:
Wherein, t is the membership in group, xiIt is the assumed name of i-th of group members, θ ' is that newly-generated group shares symmetrical code key, (C0', C1' ... Ct-1') it is newly-generated polynomial parameter.
CN201910036016.0A 2019-01-15 2019-01-15 Group signature label issuing method based on SM2 digital signature algorithm Active CN109600233B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910036016.0A CN109600233B (en) 2019-01-15 2019-01-15 Group signature label issuing method based on SM2 digital signature algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910036016.0A CN109600233B (en) 2019-01-15 2019-01-15 Group signature label issuing method based on SM2 digital signature algorithm

Publications (2)

Publication Number Publication Date
CN109600233A true CN109600233A (en) 2019-04-09
CN109600233B CN109600233B (en) 2021-06-08

Family

ID=65966157

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910036016.0A Active CN109600233B (en) 2019-01-15 2019-01-15 Group signature label issuing method based on SM2 digital signature algorithm

Country Status (1)

Country Link
CN (1) CN109600233B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111064581A (en) * 2019-12-28 2020-04-24 西安工业大学 Privacy protection method and system with connection capability
CN111147240A (en) * 2019-12-28 2020-05-12 西安工业大学 Privacy protection method and system with traceability
CN112118113A (en) * 2020-09-18 2020-12-22 上海市数字证书认证中心有限公司 Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm
CN112367175A (en) * 2020-11-12 2021-02-12 西安电子科技大学 Implicit certificate key generation method based on SM2 digital signature
CN112468304A (en) * 2020-11-27 2021-03-09 湖南赛吉智慧城市建设管理有限公司 Data encryption method and device, computer equipment and storage medium
CN113158176A (en) * 2021-06-02 2021-07-23 工业信息安全(四川)创新中心有限公司 Public key analysis method, device, equipment and storage medium based on SM2 signature
CN113221193A (en) * 2021-06-02 2021-08-06 上海交通大学 SM2 digital signature and signature verification quick implementation method and system based on GPU
CN113301520A (en) * 2021-05-21 2021-08-24 国网四川省电力公司电力科学研究院 Method for secure communication of wireless sensor network
CN113972987A (en) * 2021-10-28 2022-01-25 南京邮电大学 Identity-based multiple signature method based on sub-grouping
CN114661934A (en) * 2022-03-21 2022-06-24 重庆市规划和自然资源信息中心 Method for multidimensional monitoring of government affair new media public opinion early warning based on data mining analysis technology
CN116743382A (en) * 2023-08-14 2023-09-12 鼎铉商用密码测评技术(深圳)有限公司 Electronic voting method, trust center terminal, voting terminal and readable storage medium
CN116980228A (en) * 2023-09-01 2023-10-31 河南省信息化集团有限公司 Method and system for realizing anonymous identity login in Internet environment
CN112468304B (en) * 2020-11-27 2024-05-03 湖南赛吉智慧城市建设管理有限公司 Data encryption method, device, computer equipment and storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1710954A1 (en) * 2004-01-23 2006-10-11 Ueki, Makoto c/o Nec Corporation Group signature system, method, device, and program
US20100169656A1 (en) * 2007-07-11 2010-07-01 Takuya Yoshida Group signature system, device, and program
CN104780050A (en) * 2015-04-23 2015-07-15 北京航空航天大学 Elliptic curve-based forward security member-revocable certificateless group signature scheme
CN104836670A (en) * 2015-05-12 2015-08-12 中国科学院软件研究所 SM2 signature algorithm security verification method based on random number unknown
WO2017049111A1 (en) * 2015-09-18 2017-03-23 Jung-Min Park Group signatures with probabilistic revocation
CN106549767A (en) * 2016-11-04 2017-03-29 上海电力学院 A kind of data authentication with secret protection and tracing system
CN108289028A (en) * 2018-01-15 2018-07-17 深圳市金立通信设备有限公司 A kind of signature authentication method, relevant device and computer readable storage medium
CN108809658A (en) * 2018-07-20 2018-11-13 武汉大学 A kind of digital signature method and system of the identity base based on SM2
CN108880807A (en) * 2018-08-02 2018-11-23 中钞信用卡产业发展有限公司杭州区块链技术研究院 Private key signature process method, apparatus, equipment and medium
CN109067525A (en) * 2018-08-01 2018-12-21 安徽大学 Message authentication method based on half credible administrative center in car networking

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1710954A1 (en) * 2004-01-23 2006-10-11 Ueki, Makoto c/o Nec Corporation Group signature system, method, device, and program
US20100169656A1 (en) * 2007-07-11 2010-07-01 Takuya Yoshida Group signature system, device, and program
CN104780050A (en) * 2015-04-23 2015-07-15 北京航空航天大学 Elliptic curve-based forward security member-revocable certificateless group signature scheme
CN104836670A (en) * 2015-05-12 2015-08-12 中国科学院软件研究所 SM2 signature algorithm security verification method based on random number unknown
WO2017049111A1 (en) * 2015-09-18 2017-03-23 Jung-Min Park Group signatures with probabilistic revocation
CN106549767A (en) * 2016-11-04 2017-03-29 上海电力学院 A kind of data authentication with secret protection and tracing system
CN108289028A (en) * 2018-01-15 2018-07-17 深圳市金立通信设备有限公司 A kind of signature authentication method, relevant device and computer readable storage medium
CN108809658A (en) * 2018-07-20 2018-11-13 武汉大学 A kind of digital signature method and system of the identity base based on SM2
CN109067525A (en) * 2018-08-01 2018-12-21 安徽大学 Message authentication method based on half credible administrative center in car networking
CN108880807A (en) * 2018-08-02 2018-11-23 中钞信用卡产业发展有限公司杭州区块链技术研究院 Private key signature process method, apparatus, equipment and medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
乔汇东: "群签名的研究与应用", 《中国优秀硕士学位论文全文数据库信息科技辑》 *

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111147240A (en) * 2019-12-28 2020-05-12 西安工业大学 Privacy protection method and system with traceability
CN111147240B (en) * 2019-12-28 2023-02-03 西安工业大学 Privacy protection method and system with traceability
CN111064581B (en) * 2019-12-28 2022-11-08 西安工业大学 Privacy protection method and system with connection capability
CN111064581A (en) * 2019-12-28 2020-04-24 西安工业大学 Privacy protection method and system with connection capability
CN112118113B (en) * 2020-09-18 2022-07-15 上海市数字证书认证中心有限公司 Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm
CN112118113A (en) * 2020-09-18 2020-12-22 上海市数字证书认证中心有限公司 Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm
CN112367175B (en) * 2020-11-12 2021-07-06 西安电子科技大学 Implicit certificate key generation method based on SM2 digital signature
CN112367175A (en) * 2020-11-12 2021-02-12 西安电子科技大学 Implicit certificate key generation method based on SM2 digital signature
CN112468304A (en) * 2020-11-27 2021-03-09 湖南赛吉智慧城市建设管理有限公司 Data encryption method and device, computer equipment and storage medium
CN112468304B (en) * 2020-11-27 2024-05-03 湖南赛吉智慧城市建设管理有限公司 Data encryption method, device, computer equipment and storage medium
CN113301520A (en) * 2021-05-21 2021-08-24 国网四川省电力公司电力科学研究院 Method for secure communication of wireless sensor network
CN113158176A (en) * 2021-06-02 2021-07-23 工业信息安全(四川)创新中心有限公司 Public key analysis method, device, equipment and storage medium based on SM2 signature
CN113221193B (en) * 2021-06-02 2022-07-29 上海交通大学 SM2 digital signature and signature verification quick implementation method and system based on GPU
CN113158176B (en) * 2021-06-02 2022-08-02 工业信息安全(四川)创新中心有限公司 Public key analysis method, device, equipment and storage medium based on SM2 signature
CN113221193A (en) * 2021-06-02 2021-08-06 上海交通大学 SM2 digital signature and signature verification quick implementation method and system based on GPU
CN113972987B (en) * 2021-10-28 2023-07-18 南京邮电大学 Identity-based multi-signature method based on sub-packets
CN113972987A (en) * 2021-10-28 2022-01-25 南京邮电大学 Identity-based multiple signature method based on sub-grouping
CN114661934A (en) * 2022-03-21 2022-06-24 重庆市规划和自然资源信息中心 Method for multidimensional monitoring of government affair new media public opinion early warning based on data mining analysis technology
CN114661934B (en) * 2022-03-21 2024-03-01 重庆市规划和自然资源信息中心 Method for multidimensional monitoring of government new media public opinion early warning based on data mining analysis technology
CN116743382A (en) * 2023-08-14 2023-09-12 鼎铉商用密码测评技术(深圳)有限公司 Electronic voting method, trust center terminal, voting terminal and readable storage medium
CN116743382B (en) * 2023-08-14 2023-11-21 鼎铉商用密码测评技术(深圳)有限公司 Electronic voting method, trust center terminal, voting terminal and readable storage medium
CN116980228A (en) * 2023-09-01 2023-10-31 河南省信息化集团有限公司 Method and system for realizing anonymous identity login in Internet environment
CN116980228B (en) * 2023-09-01 2024-03-08 河南省信息化集团有限公司 Method and system for realizing anonymous identity login in Internet environment

Also Published As

Publication number Publication date
CN109600233B (en) 2021-06-08

Similar Documents

Publication Publication Date Title
CN109600233A (en) Group ranking mark based on SM2 Digital Signature Algorithm signs and issues method
WO2021042685A1 (en) Transaction method, device, and system employing blockchain
US6298153B1 (en) Digital signature method and information communication system and apparatus using such method
CN107342859B (en) A kind of anonymous authentication method and its application
CN104052608B (en) Certificate-free remote anonymous authentication method based on third party in cloud application
EP2285040A1 (en) Two-factor combined public key generation and authentication method
Peng et al. Efficient and provably secure multireceiver signcryption scheme for multicast communication in edge computing
CN111385306B (en) Anonymous authentication method and system based on anti-tampering device in smart power grid
CN103414569A (en) Method for establishing anti-attack public key cryptogram
CN106130716A (en) Cipher key exchange system based on authentication information and method
EP2792098B1 (en) Group encryption methods and devices
CN101977112A (en) Public key cipher encrypting and decrypting method based on neural network chaotic attractor
CN106059775B (en) CFL manages mode implementation method concentratedly
CN113158143B (en) Key management method and device based on block chain digital copyright protection system
CN108551435A (en) A kind of Verifiable Encryptosystem group signature method with anonymity
Sudarsono et al. A secure data sharing using identity-based encryption scheme for e-healthcare system
CN102340483A (en) Methods for generation, verification and tracking of democratic group signature and democratic group signature system
Gokhale et al. Distributed authentication for peer-to-peer networks
CN107294696A (en) For the full homomorphism method for distributing key of Leveled
Fatahi et al. High-efficient arbitrated quantum signature scheme based on cluster states
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN106357397A (en) Sender-authenticated asymmetric group key negotiation method
Tian A new strong multiple designated verifiers signature
Cao et al. Decentralized group signature scheme based on blockchain
Hyla et al. Implicit and explicit certificates-based encryption scheme

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant