CN109951288B - Hierarchical signature method and system based on SM9 digital signature algorithm - Google Patents
Hierarchical signature method and system based on SM9 digital signature algorithm Download PDFInfo
- Publication number
- CN109951288B CN109951288B CN201910058070.5A CN201910058070A CN109951288B CN 109951288 B CN109951288 B CN 109951288B CN 201910058070 A CN201910058070 A CN 201910058070A CN 109951288 B CN109951288 B CN 109951288B
- Authority
- CN
- China
- Prior art keywords
- signature
- kgc
- level
- equal
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a hierarchical signature method and a hierarchical signature system based on an SM9 digital signature algorithm. The method comprises the following steps: all nodes (including a root KGC, a low-level KGC, a user side and the like) form a lev-level tree structure, wherein the root KGC is positioned at the 0 th level; the i-level KGC is i + 1-level KGC or auxiliary information required by the user side in the process of generating a signature private key and verifying a signature, wherein i is more than or equal to 0 and less than or equal to lev-2; the ith-level user side signs the message M to be signed by using a signature private key, wherein i is more than or equal to 1 and less than or equal to lev-1; and verifying the signature of the ith-level user terminal by any user terminal by using the auxiliary information required in signature verification, wherein i is more than or equal to 1 and less than or equal to lev-1. The length of the user private key is constant and is not increased along with the increase of the user stage number; in the verification process, as with the original SM9 signature algorithm, only 2 bilinear pairings are needed; moreover, the scheme is certified to be safe under a standard model.
Description
Technical Field
The invention belongs to the technical field of information security, relates to a design scheme of a hierarchical signature algorithm based on identity, in particular to a hierarchical signature method and a system based on an SM9 digital signature algorithm, and can improve the expandability of the SM9 digital signature algorithm.
Background
Shamir proposed in 1984 the concept of Identity-Based Cryptography in which a user's private Key was calculated by a Key Generation Center (KGC) from a master Key and a user Identity, and the user's public Key was uniquely determined by the user Identity, so that the user does not need to secure the authenticity of his public Key through a third party. Compared with a public key cryptosystem based on a certificate, the key management link in the identity-based cryptosystem can be properly simplified.
The elliptic curve pair has the property of bilinear, which establishes a link between a cyclic subgroup of the elliptic curve and a multiplicative cyclic subgroup of the spread domain. In 1999, k.ohgishi, r.sakai, and m.kasahara proposed in japan to construct an identity-based key sharing scheme with elliptic curve pairs (pairing); in 2001, d.boneh and m.franklin, and r.sakai, k.ohgishi and m.kasahara et al, independently propose the construction of identity-based public key encryption algorithms using elliptic curve pairs. These work led to new developments in identity-based cryptography, and china released SM9 cryptographic algorithms implemented with elliptic curve pairs in 2016, including digital signature algorithms, key exchange protocols, key encapsulation mechanisms, public key encryption algorithms, and the like. In 11 months 2018, the SM9 digital signature algorithm has been promulgated as the ISO international standard (ISO/IEC14888-3: 2018).
In practical application of the identity-based password system, when a user applies a private key to the KGC, the KGC needs to verify the identity of the user in addition to calculating the corresponding private key according to the user identity, and transmits the private key to the user by establishing a secure channel. As users increase, the workload of KGC increases. In view of the scalability of identity-based cryptosystems, Gentry and Silverberg first proposed the concept of identity-based Hierarchical cryptography in 2002. In the hierarchical password based on identity, a plurality of KGCs distribute according to the tree structure, root node KGC only need generate the private key for the KGCs of next level, and the KGCs of this level generates the private key for the next level user that it is responsible for again to analogize to this. Namely, the root node KGC can distribute the task of calculating the private key and verifying the user identity to the KGCs of the low hierarchy level, thereby realizing work distribution to reduce the burden of itself. Since then, the study of identity-based hierarchical passwords has been a hotspot of the academia.
In the identity-based hierarchical signature algorithm constructed by Chow et al in "Secure hierarchical identity based signature and authentication" and the identity-based hierarchical signature algorithm constructed by Li et al in "Accew hierarchical ID-based cryptography and CCA-Secure PKE", the lengths of both the user private key and the signature increase linearly with the increase of the user rank, and the security model of the algorithm is a random predictor model of the selected identity with lower security. But still does not solve the above problems. Yuen and Wei in the paper "Constant-size hierarchical-based signature/signature with out random clusters" gives a construction scheme with Constant signature length and removes the random prediction machine in the security model, but is not a standard model and relies on a complex security assumption. Subsequently, L.Y.Zhang et al successively proposed safe and efficient construction schemes under two standard models, but still have the problems of too large public parameter length or dependence on strong safety hypothesis and the like. Wu and Zhang in the paper "Hierarchical identification-based signature with short public keys" solve the problem of too long public parameters, but the verification stage needs 4 times of bilinear pairing operation, which is relatively complex and time-consuming.
In addition, in the existing identity-based hierarchical signature scheme, a bilinear pair constructed based on discrete logarithms on a finite field is partially adopted, and is different from a bilinear pair constructed based on an elliptic curve adopted in the SM9 digital signature algorithm; in the rest hierarchical signature scheme using bilinear pairings constructed based on elliptic curves, the two groups involved in the domain of bilinear pairings are the same group as the two groups (G) used in the SM9 digital signature algorithm1And G2) Different.
Disclosure of Invention
In view of the above problems, the present invention aims to provide a safe and efficient hierarchical signature scheme under a standard model based on the special structure of the SM9 digital signature algorithm.
The invention designs a safe and efficient hierarchical signature scheme based on an SM9 digital signature algorithm. In this scheme, all nodes (including root KGC, low-level KGC, user (i.e., user end), etc.) form a lev-level tree structure, where the root KGC is located at level 0. Considering the time and space efficiency, the lev value should not be too large (not more than 10), which is consistent with our real situation. The identity of the mth (m is less than or equal to lev-1) level user is composed of an array (ID)1,ID2,…,IDm) The identity of the user's ancestor node (other than the root KGC) can be represented as (ID)1,ID2,…,IDi),1≤i<m。
Like the SM9 digital signature algorithm, the system parameters in the solution of the present invention include: elliptic curve base field FqThe parameters of (1); elliptic curve equation parameters a and b; prime factor N of curve order and remainder factor cf relative to N; elliptic curve E (F)q) The number of embeddings k relative to N;(d1integer division of k) of the cyclic subgroup G of order N1Generating element P of1;(d2Integer division of k) of the cyclic subgroup G of order N2Generating element P of2(ii) a The value range of the bilinear pair e is N factorial cyclic group GT. WhereinAndrespectively represent FqTwo extension fields.
The invention discloses a hierarchical signature method based on an SM9 digital signature algorithm, which comprises the following steps:
1) forming a lev-level tree structure by all nodes, wherein the nodes comprise a root KGC, a low-level KGC and a user side, and the root KGC is positioned at the 0 th level;
2) the i-level KGC is i + 1-level KGC or auxiliary information required by the user side in the process of generating a signature private key and verifying a signature, wherein i is more than or equal to 0 and less than or equal to lev-2;
3) the ith-level user side signs the message M to be signed by using a signature private key, wherein i is more than or equal to 1 and less than or equal to lev-1;
4) and verifying the signature of the ith-level user terminal by any user terminal by using the auxiliary information required in signature verification, wherein i is more than or equal to 1 and less than or equal to lev-1.
Assuming that the message to be signed is M, the above-mentioned hierarchical signing method based on SM9 digital signature algorithm includes the specific steps:
1. system initialization
1) The root KGC selects system parameters, and selects and discloses a signature private key identified by one byte to generate a function identifier hid;
2) root KGC randomly selects ks0∈[1,N-1]Computing and publishing G as the system master private key (ks is a whole, representing the private key of KGC)2Element Q of (5)0=[ks0]P2As the system master public key;
3) i (i is more than or equal to 1 and less than or equal to lev-2) level KGC random selection ksi∈[1,N-1]As the master private key of that level.
2. In the key generation stage (i is greater than or equal to 0 and less than or equal to lev-2) the i + 1-level KGC or the auxiliary information required by the user end in generating the private signature key and verifying the signature), as shown in fig. 1, the method includes the following steps:
4) computing H for i-th-stage KGC1_i+1=H1(ID1||ID2||…IDi+1| hid, N), in a finite field FNUpper calculation of ti+1=H1_i+1+ksiIf t isi+1If 0, the master private key ks is regeneratediUpdating the signature private key of the existing user; otherwise:
b) when i is more than or equal to 1, calculatingAs the i +1 th KGC or the user's private signature key;
5) and (5) calculating auxiliary information required by signature verification by the ith (i is more than or equal to 1) stage KGC, and sending the auxiliary information to the (i + 1) stage KGC or a user. The auxiliary information is a series of G2Of (1). Firstly, the following components are mixedIs unfolded into 2i+1Adding items, and recording the product of the main private keys (of each level) contained in each item as ks, so that the auxiliary information of the item is [ ks]P2. The multi-element array formed by the auxiliary information of all the items is marked as Q.
3. The signing stage (i (1 ≦ i ≦ lev-1) level users sign the message M), as shown in FIG. 2, includes the following steps:
6) computing group GTWherein the element g ═ e (P)1,Q0);
7) Generating a random number r ∈ [1, N-1 ];
8) computing group GTWherein ω is gr;
9) Calculating the integer H ═ H2(M||ω,N);
10) Calculating an integer l ═ (r-h) modN, and if l ═ 0, returning to 7);
11) computing group G1Wherein the element S ═ l]dsi;
12) The signature of the message M is (h, S, Q).
4. The signature verification stage (verifying the signature of the i (i is more than or equal to 1 and less than or equal to lev-1) level user on the message M) as shown in FIG. 3, comprising the following steps:
13) computing group GTWherein the element g ═ e (P)1,Q0);
14) Computing group GTWherein v is gh;
15) According to the auxiliary information Q and the user identity information H1_j(j is more than or equal to 1 and less than or equal to i) to obtain a group G2Element (1) of
16) Computing group GTThe element in (1) is (e) (S, P);
17) computing group GTThe element ω in (iv) is u · v;
18) calculating the integer h3=H2(M | | ω, N), test h3If h is true, the verification is passed; otherwise, the verification is not passed.
Wherein Hi(Z, N), i-1, 2 is a cryptographic function given in SM9 (GM/T0044.2-2016), with inputs of bit string Z and integer N, and outputs of integer h ∈ [1, N-1]]。
Wherein [ u ]]P means addition group G1、G2U times of element P in the formula.
In the course of the verification phase,
the obtained omega is u.v.gl+h=gr(ii) a Substitution into h3=H2(M | | ω, N), finally h3H holds. It follows that the hierarchical signature scheme of the present invention is correct.
Correspondingly to the above method, the present invention further provides a hierarchical signature system based on the SM9 digital signature algorithm, which includes a root KGC, a low-level KGC, and a user side, where the root KGC, the low-level KGC, and the user side form a lev-level tree structure, where the root KGC is located at level 0; the i-level KGC is i + 1-level KGC or auxiliary information required by the user side in the process of generating a signature private key and verifying a signature, wherein i is more than or equal to 0 and less than or equal to lev-2; the ith-level user side signs the message M to be signed by using a signature private key, wherein i is more than or equal to 1 and less than or equal to lev-1; any user side can verify the signature of the ith-level user side by using the auxiliary information required in signature verification, wherein i is more than or equal to 1 and less than or equal to lev-1. The specific implementation of the system is described above with reference to the method of the present invention.
In the hierarchical signature scheme, the length of a user private key is constant and is not increased along with the increase of the user grade; in the verification process, as with the original SM9 signature algorithm, only 2 bilinear pairings are needed; moreover, the scheme is certified to be safe under a standard model.
Drawings
FIG. 1 is a flow chart of the key generation stage of the present invention, wherein the i (i is greater than or equal to 0 and less than or equal to lev-2) th level KGC is i +1 level KGC or a user generates a private key.
FIG. 2 is a flow chart of the signing phase of the present invention, level i (1 ≦ i ≦ lev-1) user using private key dsiThe message M is signed.
Fig. 3 is a flow chart of the verification phase of the present invention, in which an arbitrary user verifies the signature of the message M by the i-th user.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail below.
In an identity-based cryptosystem, all nodes form a 3-level tree structure, wherein the root KGC is located at level 0, the middle level is KGC, and the common user is located at level 2. When the users in the level 2 communicate with each other (sign messages and check labels), the steps are as follows:
1. system initialization
1) The root KGC selects system parameters, and selects and discloses a signature private key identified by one byte to generate a function identifier hid;
2) root KGC randomly selects ks0∈[1,N-1]Computing and publishing G as the system master private key2Element Q of (5)0=[ks0]P2As the system master public key;
3) level 1 KGC random selection ks1∈[1,N-1]As the master private key of that level;
2. key generation phase
4) Root KGC calculation H1_1=H1(ID1| hid, N), in a finite field FNUpper calculation of t1=H1_1+ks0If t is1If the key value is 0, regenerating the system main private key, calculating and disclosing the system main public key, and updating the signature private key of the existing user; otherwise, calculatingAs the signature private key of the 1 st-level KGC;
5) level 1 KGC calculation H1_2=H1(ID1||ID2| hid, N), in a finite field FNUpper calculation of t2=H1_2+ks1If t is2If the key value is 0, the primary private key of the level is regenerated, and the signature private key of the existing user is updated; otherwise, calculatingAs a private signature key for a level 2 user;
6) the level 1 KGC calculates the side information Q required to verify the signature.
Q=([ks1]P2,[ks0]P2,[ks1ks0]P2)=([ks1]P2,Q0,[ks1]Q0)
3. Signature phase (level 2 user signature message M)
7) Computing group GTWherein the element g ═ e (P)1,Q0);
8) Generating a random number r ∈ [1, N-1 ];
9) computing group GTWherein ω is gr;
10) Calculating the integer H ═ H2(M||ω,N);
11) Calculating an integer l ═ (r-h) modN, and if l ═ 0, returning to 8);
12) computing group G1Wherein the element S ═ l]ds2;
13) The signature of the message M is (h, S, Q).
4. Signature verification stage (verifying signature of 3 rd level user on message M)
14) Computing group GTWherein the element g ═ e (P)1,Q0);
15) Computing group GTWherein v is gh;
16) Calculate H1_1=H1(ID1||hid,N),H1_2=H2(ID1||ID2| hid, N), in combination with the auxiliary information Q, calculate
17) Computing group GTThe element in (1) is (e) (S, P);
18) computing group GTThe element ω in (iv) is u · v;
19) calculating the integer h3=H2(M | | ω, N), test h3If h is true, the verification is passed; otherwise, the verification is not passed.
In the original SM9 digital signature scheme, when a user applies a private key to KGC, KGC needs to verify the identity of the user in addition to calculating the corresponding private key according to the user identity, and transmits the private key to the user by establishing a secure channel. As the number of users increases, the workload of KGC increases, and as the number of users continues to increase, the efficiency of a single KGC becomes a bottleneck that limits the efficiency of the entire system. Therefore, in the application scenario of the original SM9 digital signature scheme, such as the SM9 identity authentication solution, the application system enhanced authentication solution, and the like, the hierarchical signature method of the present invention can be applied to increase a single KGC to a plurality of KGCs authorized layer by layer from top to bottom, and the work of the original single KGC is shunted, thereby improving the efficiency of the whole system.
Another embodiment of the present invention provides a hierarchical signature system based on SM9 digital signature algorithm, which includes a root KGC, a low-level KGC, and a user side, where the root KGC, the low-level KGC, and the user side form a lev-level tree structure, where the root KGC is located at level 0; the i-level KGC is i + 1-level KGC or auxiliary information required by the user side in the process of generating a signature private key and verifying a signature, wherein i is more than or equal to 0 and less than or equal to lev-2; the ith-level user side signs the message M to be signed by using a signature private key, wherein i is more than or equal to 1 and less than or equal to lev-1; any user side can verify the signature of the ith-level user side by using the auxiliary information required in signature verification, wherein i is more than or equal to 1 and less than or equal to lev-1. The specific implementation of the system is described above with reference to the method of the present invention.
The above embodiments are only intended to illustrate the technical solution of the present invention and not to limit the same, and a person skilled in the art can modify the technical solution of the present invention or substitute the same without departing from the spirit and scope of the present invention, and the scope of the present invention should be determined by the claims.
Claims (2)
1. A hierarchical signature method based on SM9 digital signature algorithm is characterized by comprising the following steps:
1) forming a lev-level tree structure by all nodes, wherein the nodes comprise a root KGC, a low-level KGC and a user side, and the root KGC is positioned at the 0 th level;
2) the i-level KGC is i + 1-level KGC or auxiliary information required by the user side in the process of generating a signature private key and verifying a signature, wherein i is more than or equal to 0 and less than or equal to lev-2;
3) the ith-level user side signs the message M to be signed by using a signature private key, wherein i is more than or equal to 1 and less than or equal to lev-1;
4) any user terminal verifies the signature of the ith-level user terminal by using the auxiliary information required in signature verification, wherein i is more than or equal to 1 and less than or equal to lev-1;
performing system initialization prior to step 2), the system initialization comprising:
a) the root KGC selects system parameters, and selects and discloses a signature private key identified by one byte to generate a function identifier hid;
b) root KGC randomly selects ks0∈[1,N-1]Computing and publishing G as the system master private key2Element Q of (5)0=[ks0]P2As the system master public key; wherein N represents a prime factor of the order of the curve, P2Representing elliptic curvesCyclic subgroup G of order N2Is generated from (2) aqIs an elliptic curve base domain;is represented by FqAn extension of d2Dividing k by k, k being an elliptic curve E (F)q) The number of embeddings relative to N;
c) i (i is more than or equal to 1 and less than or equal to lev-2) level KGC random selection ksi∈[1,N-1]As the master private key of that level;
the step 2) comprises the following steps:
2.1) calculation of the ith stage KGC H1_i+1=H1(ID1||ID2||…IDi+1| hid, N), where ID1||ID2||…||IDi+1Indicates the identity of the i +1 st subscriber terminal, H1Representing a cryptographic function in the SM9 algorithm; in a finite field FNUpper calculation of ti+1=H1_i+1+ksiIf t isi+1If 0, the master private key ks is regeneratediUpdating the signature private key of the existing user;
otherwise:
a) when i is 0, calculatingAs the signature private key of the level 1 KGC or the user side; wherein P is1Showing a curveCyclic subgroup G of order N1A generator of (2);is represented by FqAnother extension of d1Dividing k by k, k being an elliptic curve E (F)q) The number of embeddings relative to N;
b) when i is more than or equal to 1, calculatingAs the i +1 th KGC or the user's private signature key;
2.2) calculating auxiliary information required by signature verification by the ith-level KGC, wherein i is more than or equal to 1, and sending the auxiliary information to the (i + 1) th-level KGC or a user; the auxiliary information is a series of G2The elements in (A) first willIs unfolded into 2i+1Adding items, and recording the product of each level of main private keys contained in each item as ks, so that the auxiliary information of the item is [ ks]P2Recording a multivariate array formed by the auxiliary information of all items as Q;
the step 3) comprises the following steps:
3.1) computing the group GTWherein the element g ═ e (P)1,Q0);
3.2) generating a random number r belongs to [1, N-1 ];
3.3) computing the group GTWherein ω is gr;
3.4) calculating the integer H ═ H2(M | | ω, N); wherein H2Representing a cryptographic function in the SM9 algorithm;
3.5) calculating an integer l ═ r (r-h) modN, and if l ═ 0, returning to 3.2);
3.6) computing the group G1Wherein the element S ═ l]dsi;
3.7) the signature of message M is (h, S, Q);
the step 4) comprises the following steps:
4.1) computing the group GTWherein the element g ═ e (P)1,Q0);
4.2) computing the group GTWherein v is gh;
4.3) according to the auxiliary information Q and the user identity information H1_j(j is more than or equal to 1 and less than or equal to i) to obtain a group G2Element (1) of
4.4) computing the group GTThe element in (1) is (e) (S, P);
4.5) computing the group GTThe element ω in (iv) is u · v;
4.6) calculating the integer h3=H2(M | | ω, N), test h3If h is true, the verification is passed; otherwise, the verification is not passed.
2. A hierarchical signature system based on SM9 digital signature algorithm is characterized by comprising a root KGC, a low-level KGC and a user side, wherein the root KGC, the low-level KGC and the user side form a lev-level tree structure, and the root KGC is located at level 0; the i-level KGC is i + 1-level KGC or auxiliary information required by the user side in the process of generating a signature private key and verifying a signature, wherein i is more than or equal to 0 and less than or equal to lev-2; the ith-level user side signs the message M to be signed by using a signature private key, wherein i is more than or equal to 1 and less than or equal to lev-1; any user side can verify the signature of the ith-level user side by using the auxiliary information required in signature verification, wherein i is more than or equal to 1 and less than or equal to lev-1;
performing system initialization prior to generating a private signature key, the system initialization comprising:
a) the root KGC selects system parameters, and selects and discloses a signature private key identified by one byte to generate a function identifier hid;
b) root KGC randomly selects ks0∈[1,N-1]Computing and publishing G as the system master private key2Element Q of (5)0=[ks0]P2As the system master public key; wherein N represents a prime factor of the order of the curve, P2Representing elliptic curvesCyclic subgroup G of order N2Is generated from (2) aqIs an elliptic curve base domain;is represented by FqAn extension of d2Dividing k by k, k being an elliptic curve E (F)q) The number of embeddings relative to N;
c) i (i is more than or equal to 1 and less than or equal to lev-2) level KGC random selection ksi∈[1,N-1]As the master private key of that level;
the i-th-level KGC is auxiliary information required when a signature private key is generated for i + 1-level KGC or a user side and a signature is verified, and the auxiliary information comprises:
(1) computing H for i-th-stage KGC1_i+1=H1(ID1||ID2||…IDi+1| hid, N), where ID1||ID2||…||IDi+1Indicates the identity of the i +1 st subscriber terminal, H1Representing a cryptographic function in the SM9 algorithm; in a finite field FNUpper calculation of ti+1=H1_i+1+ksiIf t isi+1If 0, the master private key ks is regeneratediUpdating the signature private key of the existing user;
otherwise:
a) when i is 0, calculatingAs the signature private key of the level 1 KGC or the user side; wherein P is1Showing a curveCyclic subgroup G of order N1A generator of (2);is represented by FqAnother extension of d1Dividing k by k, k being an elliptic curve E (F)q) The number of embeddings relative to N;
b) when i is more than or equal to 1, calculatingAs the i +1 th KGC or the user's private signature key;
(2) the i-th-level KGC calculates auxiliary information required by signature verification, wherein i is more than or equal to 1, and sends the auxiliary information to the i + 1-th-level KGC or a user; the auxiliary information is a series of G2The elements in (A) first willIs unfolded into 2i+1Adding items, and recording the product of each level of main private keys contained in each item as ks, so that the auxiliary information of the item is [ ks]P2Recording a multivariate array formed by the auxiliary information of all items as Q;
the signing of the message M to be signed by the ith-level user side by using the private signature key comprises the following steps:
1) computing group GTWherein the element g ═ e (P)1,Q0);
2) Generating a random number r ∈ [1, N-1 ];
3) computing group GTWherein ω is gr;
4) Calculating the integer H ═ H2(M | | ω, N); wherein H2Representing a cryptographic function in the SM9 algorithm;
5) calculating an integer l ═ (r-h) modN, and if l ═ 0, returning to 2);
6) computing group G1Wherein the element S ═ l]dsi;
7) The signature of the message M is (h, S, Q);
the verifying the signature of the i-th-level user side includes:
1) computing group GTWherein the element g ═ e (P)1,Q0);
2) Computing group GTWherein v is gh;
3) According to the auxiliary information Q and the user identity information H1_j(j is more than or equal to 1 and less than or equal to i) to obtain a group G2Element (1) of
4) Computing group GTThe element in (1) is (e) (S, P);
5) computing group GTThe element ω in (iv) is u · v;
6) calculating the integer h3=H2(M | | ω, N), test h3If h is true, the verification is passed; otherwise, the verification is not passed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910058070.5A CN109951288B (en) | 2019-01-22 | 2019-01-22 | Hierarchical signature method and system based on SM9 digital signature algorithm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910058070.5A CN109951288B (en) | 2019-01-22 | 2019-01-22 | Hierarchical signature method and system based on SM9 digital signature algorithm |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109951288A CN109951288A (en) | 2019-06-28 |
CN109951288B true CN109951288B (en) | 2020-08-28 |
Family
ID=67007285
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910058070.5A Expired - Fee Related CN109951288B (en) | 2019-01-22 | 2019-01-22 | Hierarchical signature method and system based on SM9 digital signature algorithm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109951288B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110880977B (en) * | 2019-11-26 | 2021-04-27 | 武汉大学 | Safe and efficient SM9 ring signature generation and verification method |
CN112069547B (en) * | 2020-07-29 | 2023-12-08 | 北京农业信息技术研究中心 | Identity authentication method and system for supply chain responsibility main body |
CN112202568B (en) * | 2020-10-09 | 2022-05-20 | 天津大学 | Software and hardware collaborative design SM9 digital signature communication method and system |
CN113572612B (en) * | 2021-06-22 | 2023-01-31 | 南京南瑞信息通信科技有限公司 | Private key distribution method for SM9 cryptographic algorithm, user terminal and key generation center |
CN114499887B (en) * | 2022-02-15 | 2024-04-26 | 北京无字天书科技有限公司 | Signing key generation and related methods, systems, computer devices and storage media |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101083556A (en) * | 2007-07-02 | 2007-12-05 | 蔡水平 | Region based layered wireless information publishing, searching and communicating application system |
CN101192928A (en) * | 2006-12-01 | 2008-06-04 | 华为技术有限公司 | Mobile ad hoc authentication method, network and system |
CN102170357A (en) * | 2011-05-31 | 2011-08-31 | 北京虎符科技有限公司 | Combined secret key dynamic security management system |
CN103220145A (en) * | 2013-04-03 | 2013-07-24 | 天地融科技股份有限公司 | Method and system for electronic signature token to respond to operation request, and electronic signature token |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1349327A (en) * | 2001-12-03 | 2002-05-15 | 上海交通大学 | Hierarchical network information content managing method based on public key basic facilities |
US9166796B2 (en) * | 2013-06-24 | 2015-10-20 | Prince Sattam Bin Abdulaziz University | Secure biometric cloud storage system |
US10498537B2 (en) * | 2016-08-01 | 2019-12-03 | Institute For Development And Research In Banking Technology (Drbt) | System and method for providing secure collaborative software as a service (SaaS) attestation service for authentication in cloud computing |
CN107332858B (en) * | 2017-08-07 | 2020-08-28 | 深圳格隆汇信息科技有限公司 | Cloud data storage method |
CN109166200A (en) * | 2018-07-06 | 2019-01-08 | 捷德(中国)信息科技有限公司 | Authorization method, device, system, electronic lock, digital key and storage medium |
CN108809658B (en) * | 2018-07-20 | 2021-06-01 | 武汉大学 | SM 2-based identity base digital signature method and system |
-
2019
- 2019-01-22 CN CN201910058070.5A patent/CN109951288B/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101192928A (en) * | 2006-12-01 | 2008-06-04 | 华为技术有限公司 | Mobile ad hoc authentication method, network and system |
CN101083556A (en) * | 2007-07-02 | 2007-12-05 | 蔡水平 | Region based layered wireless information publishing, searching and communicating application system |
CN102170357A (en) * | 2011-05-31 | 2011-08-31 | 北京虎符科技有限公司 | Combined secret key dynamic security management system |
CN103220145A (en) * | 2013-04-03 | 2013-07-24 | 天地融科技股份有限公司 | Method and system for electronic signature token to respond to operation request, and electronic signature token |
Also Published As
Publication number | Publication date |
---|---|
CN109951288A (en) | 2019-06-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109951288B (en) | Hierarchical signature method and system based on SM9 digital signature algorithm | |
CN108173639B (en) | Two-party cooperative signature method based on SM9 signature algorithm | |
Chen et al. | Pairings in trusted computing | |
CN102387019B (en) | Certificateless partially blind signature method | |
CN110120939B (en) | Encryption method and system capable of repudiation authentication based on heterogeneous system | |
CN104168114A (en) | Distributed type (k, n) threshold certificate-based encrypting method and system | |
CN110830236A (en) | Identity-based encryption method based on global hash | |
CN104821880A (en) | Certificate-free generalized proxy signcryption method | |
CN104917618B (en) | Authentication key agreement method and system based on level identity base | |
CN110351093B (en) | Linkable network ring signature method based on attributes | |
KR20030062401A (en) | Apparatus and method for generating and verifying id-based blind signature by using bilinear parings | |
CN110896351A (en) | Identity-based digital signature method based on global hash | |
GB2421408A (en) | Generating an Identifier-Based Public / Private Key Pair from a Multi-Component Signature | |
Hwang et al. | Universal forgery of the identity-based sequential aggregate signature scheme | |
CN114499887A (en) | Signature key generation and related methods, systems, computer devices, and storage media | |
CN104579661B (en) | The implementation method and device of the Electronic Signature of identity-based | |
CN116388991A (en) | Notary group cross-chain transaction method and system based on non-threshold structure | |
CN116112244A (en) | Access control method based on blockchain and attribute-based encryption | |
CN115580408A (en) | SM 9-based certificateless signature generation method and system | |
CN101877638B (en) | Cubic residue-based identity signature system | |
Sayid et al. | Certificateless public key cryptography: A research survey | |
CN112733176A (en) | Identification password encryption method based on global hash | |
CN107733649B (en) | Hierarchical public key trust model construction method based on identity | |
CN111082944A (en) | Pair-based combined hierarchical password mechanism | |
CN104168113A (en) | Certificate-based encryption method and system for n layers of CA structures |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20200828 Termination date: 20220122 |