CN110071812A - A kind of editable can link, the ring signatures method of non-repudiation - Google Patents

A kind of editable can link, the ring signatures method of non-repudiation Download PDF

Info

Publication number
CN110071812A
CN110071812A CN201910353137.8A CN201910353137A CN110071812A CN 110071812 A CN110071812 A CN 110071812A CN 201910353137 A CN201910353137 A CN 201910353137A CN 110071812 A CN110071812 A CN 110071812A
Authority
CN
China
Prior art keywords
signature
key
ring
link
public key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910353137.8A
Other languages
Chinese (zh)
Other versions
CN110071812B (en
Inventor
张小松
黄可
牛伟纳
谢鑫
蒋天宇
葛洪麟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
Original Assignee
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China filed Critical University of Electronic Science and Technology of China
Priority to CN201910353137.8A priority Critical patent/CN110071812B/en
Publication of CN110071812A publication Critical patent/CN110071812A/en
Application granted granted Critical
Publication of CN110071812B publication Critical patent/CN110071812B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3255Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

A kind of editable can link, the ring signatures method of non-repudiation; belong to network safety filed, solve the revocable hardly possible of ring signatures in the prior art, is difficult to trace the identity information of malicious user; it still is able to be signed after editor to be authenticated, does not have the problems such as secret protection and flexible authentication mechanism.The present invention for successively carry out system initialization, user key generate, Hash key generate, signature and provide can condition revocation privacy of identities, editable, non-repudiation ring signatures, after signature, whether to editor's signature, judging to sign can link or can deny, then signature is verified respectively, and after being verified, carry out editor's signature, judge signature whether can link or can deny, for provides can condition cancel privacy of identities, editable, non-repudiation ring signatures.

Description

A kind of editable can link, the ring signatures method of non-repudiation
Technical field
A kind of editable can link, the ring signatures method of non-repudiation, belong to network safety filed, can item for providing Part revocation privacy of identities, editable, non-repudiation ring signatures.
Background technique
Ring signatures are evolved by group ranking, from group ranking there are centered on a group administrator and unlike, ring label Name does not depend on such a center.In simple terms, ring signatures are spontaneous, i.e., a certain user in ring arbitrarily selects it The public key of his user is come ring needed for collectively forming a signature, for hiding the public key of the user, and the other users on ring Do not know that they are added into ring, the privacy of identities of signer is realized with this.
It is revocable difficult to there is privacy of identities condition in current ring signatures, and not editable the problem of.It (can for the former Revocation is difficult), due to the privacy problem of ring signatures, it is difficult to trace the identity information of user, thus one, malicious user has can It can be rehearsed using this property, and other users can not be learnt or can not trace the identity information of malicious user.If close Code currency realizes that (this point is a kind of good secret protection for encryption currency to user identity privacy using ring signatures Mechanism), if malicious user by sign it is multiple transaction come realize password currency reuse (commonly referred to as: Double Spending, i.e. honeysuckle), due to the privacy of ring signatures, it can not learn the actual identity of malicious user.With regard to the latter For (not editability), typically, digital signature does not have editability, this gives the digital cash based on block chain And its derivative system brings the standby alert difficulty of disaster tolerance to need to restore it under fire that is, after system is by malicious attack Some preceding normal condition, and this operation once executes, the validity of signature is then affected, and therefore, it is necessary to signature It is updated, can correctly authenticate current message (or coming into force under current point in time), typical technology hand Section be using the signature based on chameleon hash function, such as: Chameleon signature can purify signature and editable signature etc. Deng.Currently, nobody proposes a kind of concept of editable ring signatures.
Traditional Chameleon signature and purgeable signature, can make to sign has editable characteristic, but above-mentioned label Name frame can not support the privacy of user, i.e., the signature and public key of user is open can verify that, therefore not have privacy guarantor Protection mechanism.
Ring signatures are that one kind can be with the signature mechanism of effective protection user identity privacy, but traditional ring signatures can not be real Characteristic is now edited, i.e., dynamic modification is carried out to the message of signature authentication, and modified message still is able to be signed and be recognized Card, therefore lack flexible authentication mechanism.
Summary of the invention
Aiming at the problem that the studies above, the purpose of the present invention is to provide a kind of editable, it can link, the ring of non-repudiation Endorsement method solves the revocable hardly possible of ring signatures in the prior art, is difficult to trace the identity information of malicious user, after editor still It can so be signed and be authenticated, not have the problems such as secret protection and flexible authentication mechanism.
In order to achieve the above object, the present invention adopts the following technical scheme:
A kind of editable can link, the ring signatures method of non-repudiation, include the following steps:
Step a. system initialization:
Security parameter λ is selected, system public parameter P is set;
Step b. user key generates:
According to system public parameter P, the private key sk of user i is calculatediWith the public key pk of user ii
Step c. Hash key generates:
According to system public parameter P, trap door key tk and Hash key hk is calculated;
Step d. signature:
According to Hash key hk, the list L that one is made of n public key, signer private key xπ, calculate the label of message m Name σL(m), wherein L={ pk1..., pkn, i=1 ..., n, xπIt is to be calculated by step b, due to the anonymity of ring signatures Property, signer is referred to π;
After step e. signature, whether to editor's signature, judging to sign can link or can deny, and priori signed certificate name:
The signature sigma of the list L, verifying message m that are made of n public keyL(m), and output 0 or 1,0 indicates that verifying does not pass through, 1 indicates to be verified;
If step f. signature verification passes through, editor's signature:
According to trap door key tk, the list L, the new information m that are made of n public key, to Target Signature σL(m) it is edited, Output abnormality symbol ⊥ or edited signature sigmaL(m);
If step g. signature verification passes through, judge whether signature can link:
The list L that is made of n public key, by public keyMessageWith the array of signature composition djIndicate unknown user, j=0,1, a pair of of array is obtained, judges whether the signature of two arrays can link, and exports ⊥, 0 Or 1;
Step h. judges whether signature can be denied:
List L, dispute message and the signature (m being made of n public key*, σL(m*)), message and signature (m, σL(m)) it carries out Judgement is denied, and exports ⊥, 0 or 1.
Further, in the step a, system public parameter P, specific steps are set are as follows:
Selecting a generation member according to security parameter λ is g, and group's order is the group G of q;
Setting hash function is respectively as follows: H1: { 0,1 }*→ G and H2: { 0,1 }*→Zq, Zq={ 0,1 ..., q-1 } is q rank Group of integers;
Output system discloses parameter P=< G, q, g, H1, H2>。
Further, in the step b, the specific steps of user key generation are as follows:
According to system public parameter P, a random number is selectedAs user's i private key ski, calculate user i public key, export the private key and public key (sk of user ii, pki), whereinIt indicates from ZqA value is randomly selected in group.
Further, in the step c, the specific steps of Hash key generation are as follows:
According to system public parameter P, a random number is selectedAs trap door key tk, Hash key hk=y is calculated =gx, export trap door key and Hash key (tk, from).
Further, in the step d, the signature sigma of message m is calculatedL(m) specific steps are as follows:
According to Hash key hk, a list L={ y being made of n public key1..., yn1≤i≤n, wherein each Public key yiA corresponding private key xi, yi=pki, xi=ski, messageThe private key x of signerπ, 1≤π≤n, calculating H=H1(L) andWherein, h is cryptographic Hash, and all public key information L for including by ring information, the i.e. ring are tied to On ring signatures,The private key information for indicating signer, for the private key of signer to be tied to ring signatures;
Based on h andSelection calculates two random numbers of the value of the last one random number of ringIt calculates cπ+1Indicate the private key information of the ring-containing all public key information L of packet, signerA upper signature The chameleon hash value g of personu, a upper signer and the information-related cryptographic Hash h of current signature personvThe cryptographic Hash of composition is used In joining end to end for realization ring;
It is based onAs i=π+1 ..., n, 1 ..., π -1, selection makes the head and the tail of ring keep one Two random numbers causedIt calculatesWithThen it calculates, riI-th of discoloration random number is indicated, for distinguishing different chameleon hash values Ring signatures to be edited, ci+1Indicate the last one point, i.e. the last one signer on ring, wherein cπ+1And ci+1Meet same Construction, i.e. guIt is correspondinghvIt is corresponding
Calculate απ=u-xπcπMod q, βπ=v-xπcπmod q;
Output signaturec1Indicate the cryptographic Hash of a certain signer on ring.
Further, in the step e, the signature sigma of message m is verifiedL(m) specific steps are as follows:
List L, message m, the signature being made of n public keyCalculate h=H1(L), For i=1 ..., n, calculateFor i ≠ n, calculate
Check whether equation is true:If so, it then returns to 1 representative and is verified;Otherwise, 0 is returned Represent authentication failed.
Further, in the step f, signature sigma is editedL(m) specific steps are as follows:
According to trap door key tk, the list L, the new information m ', Target Signature that are made of n public key
For 1≤i≤n, calculater′iRefer to and uses The new chameleon random number of family i, α 'iExpression is not original random number;
Signature after output token
Further, in the step g, judge signature whether linkable specific steps are as follows:
The list L that is made of n public key, by public keyMessageWith the array of signature composition J=0,1, to j=0 and 1, check whetherIt sets up, if so, then returning to 1 by procuration can link, i.e., this is a pair of Signature is generated by the same user;Otherwise 0 by procuration un-linkable is returned.
Further, in the step h, judge the specific steps whether signature can be denied are as follows:
According to list L, dispute message and the signature being made of n public key Message and signatureTo 1≤i≤n, equation is checked for AndIt sets up, and if it exists, then return to 1 representative and deny successfully;If it does not exist, then it returns It returns 0 and represents to deny and fail.
The present invention compared with the existing technology, its advantages are shown in:
One, the present invention can pass through link algorithm (i.e. judgement judgement signature to same one group of public key information (the same ring) Whether can link) detect one group of signing messages from same signature person, provide condition voidable secret protection with this, Maximum secret protection is provided, while ensuring that the privacy is not abused.
Two, the present invention allows to edit the authentication information of signature, and editing process does not need the help of signer, compiles Signature after volume can authenticate new message, realize extendable signature function with this, the message after signature authentication can be weighed Editor, and edited signature and message are to still being able to pass through verifying.
Three, the present invention allow original signer pass through deny algorithm come deny one edited after signature, with this reality It now signs the non repudiation (Deniability) of editor, that is, the editor to sign (people for holding trap door key tk) can not support Rely his once edited signature, the traceable of signature editting function is realized with this, it is ensured that the function is not abused.
Four, the present invention realize user identity privacy can protect and can flexible authentication signature mechanism.
Detailed description of the invention
Fig. 1 is flow diagram of the invention.
Specific embodiment
Below in conjunction with the drawings and the specific embodiments, the invention will be further described.
A kind of editable can link, the ring signatures method of non-repudiation, include the following steps:
Step a. system initialization:
Security parameter λ is selected, system public parameter P is set;
System public parameter P, specific steps are set are as follows:
Selecting a generation member according to security parameter λ is g, and group's order is the group G of q;
Setting hash function is respectively as follows: H1: { 0,1 }*→ G and H2: { 0,1 }*→Zq, Zq={ 0,1 ..., q-1 } is q rank Group of integers;
Output system discloses parameter P=< G, q, g, H1, H2>。
Step b. user key generates:
According to system public parameter P, the private key sk of user i is calculatediWith the public key pk of user ii
Specific steps are as follows:
According to system public parameter P, a random number is selectedAs user's i private key ski, calculate user i public key, export the private key and public key (sk of user ii, pki), whereinIt indicates from ZqA value is randomly selected in group.
Step c. Hash key generates:
According to system public parameter P, trap door key tk and Hash key hk is calculated;
Specific steps are as follows:
According to system public parameter P, a random number is selectedAs trap door key tk, Hash key hk=y is calculated =gx, export trap door key and Hash key (tk, hk).
Step d. signature:
According to Hash key hk, the list L that one is made of n public key, signer private key xπ, calculate the label of message m Name σL(m), wherein L={ pk1..., pkn, i=1 ..., n, xπIt is to be calculated by step b, due to the anonymity of ring signatures Property, signer is referred to π;
Calculate the signature sigma of message mL(m) specific steps are as follows:
According to Hash key hk, a list L={ y being made of n public key1..., yn}1≤i≤n, wherein each is public Key yiA corresponding private key xi, yi=pki, xi=ski, messageThe private key x of signerπ, 1≤π≤n, calculating h =H1(L) andWherein, h is cryptographic Hash, and all public key information L for including by ring information, the i.e. ring are tied to On ring signatures,Indicate the private key information of signer, it is so, identical for the private key of signer to be tied to ring signatures The ring signatures of signer can be linked, because of their shared parameters
Based on h andSelection calculates two random numbers of the value of the last one random number of ringIt calculates cπ+1Indicate the private key information of the ring-containing all public key information L of packet, signerA upper signature The chameleon hash value g of personu, a upper signer and the information-related cryptographic Hash h of current signature personvThe cryptographic Hash of composition is used In joining end to end for realization ring;
It is based onAs i=π+1 ..., n, 1 ..., π -1, selection makes the head and the tail of ring keep one Two random numbers causedIt calculatesWithThen it calculates, riI-th of discoloration random number is indicated, for distinguishing different chameleon hash values Ring signatures to be edited, chameleon hash valueEnsure ring signatures can key to be edited, chameleon hash value have can The ability recalculated, therefore may be implemented to update, Bian Jishi, chameleon hash valueValue remain unchanged, it is right therewith The r answerediIt changes, for realizing the ring signatures editor's characteristic being worth in an uproar based on chameleon, ci+1Indicate the last one on ring Point, i.e. the last one signer, wherein cπ+1And ci+1Meet same construction, i.e. guIt is correspondinghvIt is corresponding
Calculate απ=u-xπcπMod q, βπ=v-xπcπmod q;
Output signaturec1Indicate the cryptographic Hash of a certain signer on ring.
In conclusion the ring sequence of L list is corresponded to based on signer, according to the sequence successively calculating parameter of ring Finally obtain an end to end ring signatures.
After step e. signature, whether to editor's signature, judging to sign can link or can deny, and priori signed certificate name:
The signature sigma of the list L, verifying message m that are made of n public keyL(m), and output 0 or 1,0 indicates that verifying does not pass through, 1 indicates to be verified;
Verify the signature sigma of message mL(m) specific steps are as follows:
List L, message m, the signature being made of n public keyCalculate h=H1 (L), it for i=1 ..., n, calculatesFor i ≠ n, calculate
Check whether equation is true:If so, it then returns to 1 representative and is verified;Otherwise, 0 is returned Represent authentication failed.
If step f. signature verification passes through, editor's signature:
According to trap door key tk, the list L, the new information m that are made of n public key, to Target Signature σL(m) it is edited, Output abnormality symbol ⊥ or edited signature sigmaL(m′);
Edit signature sigmaL(m) specific steps are as follows:
According to trap door key tk, the list L, the new information m, Target Signature that are made of n public key
For 1≤i≤n, calculater′iRefer to The new chameleon random number of user i, α 'iExpression is not original random number;
Signature after output token
If step g. signature verification passes through, judge whether signature can link:
The list L that is made of n public key, by public keyMessageWith the array of signature composition djIndicate unknown user, j=0,1, a pair of of array is obtained, judges whether the signature of two arrays can link, and is exported, 0 Or 1;
Judge signature whether linkable specific steps are as follows:
The list L that is made of n public key, by public keyMessageWith the array of signature composition J=0,1, to j=0 and 1, check whetherIt sets up, if so, then returning to 1 by procuration can link, i.e., this is a pair of Signature generates 2 by the same user and otherwise returns to 0 by procuration un-linkable.
Step h. judges whether signature can be denied:
List L, dispute message and the signature (m being made of n public key*, σL(m*)), message and signature (m, σL(m)) it carries out Judgement is denied, and is exported, 0 or 1.
Judge the specific steps whether signature can be denied are as follows:
According to list L, dispute message and the signature being made of n public key Message and signatureTo 1≤i≤n, equation is checked for AndIt sets up, and if it exists, then return to 1 representative and deny successfully;If it does not exist, then it returns It returns 0 and represents to deny and fail.
The above is only the representative embodiment in the numerous concrete application ranges of the present invention, to protection scope of the present invention not structure At any restrictions.It is all using transformation or equivalence replacement and the technical solution that is formed, all fall within rights protection scope of the present invention it It is interior.

Claims (9)

1. a kind of editable can link, the ring signatures method of non-repudiation, which comprises the steps of:
Step a. system initialization:
Security parameter λ is selected, system public parameter P is set;
Step b. user key generates:
According to system public parameter P, the private key sk of user i is calculatediWith the public key pk of user ii
Step c. Hash key generates:
According to system public parameter P, trap door key tk and Hash key hk is calculated;
Step d. signature:
According to Hash key hk, the list L that one is made of n public key, signer private key xπ, calculate the signature sigma of message mL (m), wherein L={ pk1..., pkn, i=1 ..., n, xπIt is to be calculated by step b, due to the anonymity of ring signatures, uses π Refer to signer;
After step e. signature, whether to editor's signature, judging to sign can link or can deny, and priori signed certificate name:
The signature sigma of the list L, verifying message m that are made of n public keyL(m), and output 0 or 1,0 indicates that verifying does not pass through, and 1 indicates It is verified;
If step f. signature verification passes through, editor's signature:
According to trap door key tk, the list L, the new information m ' that are made of n public key, to Target Signature σL(m) it is edited, is exported Exception symbol ⊥ or edited signature sigmaL(m′);
If step g. signature verification passes through, judge whether signature can link:
The list L that is made of n public key, by public keyMessageWith the array of signature compositiondj Indicate unknown user, j=0,1, obtain a pair of of array, judge whether the signature of two arrays can link, and export ⊥, 0 or 1;
Step h. judges whether signature can be denied:
List L, dispute message and the signature (m being made of n public key*, σL(m*)), message and signature (m, σL(m)) it is denied Judgement, and ⊥ is exported, 0 or 1.
2. a kind of editable as described in claim 1 can link, the ring signatures method of non-repudiation, which is characterized in that described In step a, system public parameter P, specific steps are set are as follows:
Selecting a generation member according to security parameter λ is g, and group's order is the group G of q;
Setting hash function is respectively as follows: H1: { 0,1 }*→ G and H2: { 0,1 }*→Zq, Zq={ 0,1 ..., q-1 } is q rank integer Group;
Output system discloses parameter P=< G, q, g, H1, H2>。
3. a kind of editable as claimed in claim 2 can link, the ring signatures method of non-repudiation, which is characterized in that described In step b, the specific steps of user key generation are as follows:
According to system public parameter P, a random number is selectedAs user's i private key ski, calculate user i public key , export the private key and public key (sk of user ii, pki), whereinIt indicates from ZqA value is randomly selected in group.
4. a kind of editable as claimed in claim 3 can link, the ring signatures method of non-repudiation, which is characterized in that described In step c, the specific steps of Hash key generation are as follows:
According to system public parameter P, a random number is selectedAs trap door key tk, Hash key hk=y=g is calculatedx, Export trap door key and Hash key (tk, hk).
5. a kind of editable as claimed in claim 4 can link, the ring signatures method of non-repudiation, which is characterized in that described In step d, the signature sigma of message m is calculatedL(m) specific steps are as follows:
According to Hash key hk, a list L={ y being made of n public key1..., yn}1≤i≤n, wherein each public key yi A corresponding private key xi, yi=pki, xi=ski, messageThe private key x of signerπ, 1≤π≤n, calculating h=H1 (L) andWherein, h is cryptographic Hash, and all public key information L for including by ring information, the i.e. ring are tied to ring signatures On,The private key information for indicating signer, for the private key of signer to be tied to ring signatures;
Based on h andSelection calculates two random number u of the value of the last one random number of ring,It calculates cπ+1Indicate the private key information of the ring-containing all public key information L of packet, signerThe chameleon hash of a upper signer Value gu, a upper signer and the information-related cryptographic Hash h of current signature personvThe cryptographic Hash of composition, for realizing the head and the tail phase of ring Even;
It is based onAs i=π+1 ..., n, 1 ..., π -1, selection makes two that the head and the tail of ring are consistent Random number αi,It calculatesWithThen it calculates, riI-th of discoloration random number is indicated, for distinguishing different chameleon hash valuesRing signatures to be edited, ci+1It indicates on ring most The latter point, i.e. the last one signer, wherein cπ+1And ci+1Meet same construction, i.e. guIt is correspondinghvIt is corresponding
Calculate απ=u-xπcπMod q, βπ=v-xπcπmod q;
Output signaturec1Indicate the cryptographic Hash of a certain signer on ring.
6. a kind of editable as claimed in claim 5 can link, the ring signatures method of non-repudiation, which is characterized in that described In step e, the signature sigma of message m is verifiedL(m) specific steps are as follows:
List L, message m, the signature being made of n public keyCalculate h=H1(L), for i =1 ..., n is calculatedFor i ≠ n, calculate
Check whether equation is true:If so, it then returns to 1 representative and is verified;Otherwise, 0 is returned to represent Authentication failed.
7. a kind of editable as claimed in claim 6 can link, the ring signatures method of non-repudiation, which is characterized in that described In step f, signature sigma is editedL(m) specific steps are as follows:
According to trap door key tk, the list L, the new information m ', Target Signature that are made of n public key
For 1≤i≤n, calculater′iRefer to user i New chameleon random number, α 'iExpression is not original random number;
Signature after output token
8. a kind of editable as claimed in claim 6 can link, the ring signatures method of non-repudiation, which is characterized in that described In step g, judge signature whether linkable specific steps are as follows:
The list L that is made of n public key, by public keyMessageWith the array of signature compositionJ= 0,1, to j=0 and 1, check whetherIt sets up, if so, then returning to 1 by procuration can link, i.e. this pair of signature It is generated by the same user;Otherwise 0 by procuration un-linkable is returned.
9. a kind of editable as claimed in claim 6 can link, the ring signatures method of non-repudiation, which is characterized in that described In step h, the specific steps whether signature can be denied are judged are as follows:
According to list L, dispute message and the signature being made of n public key Message and signatureTo 1≤i≤n, equation is checked for AndIt sets up, and if it exists, then return to 1 representative and deny successfully;If it does not exist, then it returns 0 represents denial failure.
CN201910353137.8A 2019-04-29 2019-04-29 Editable, linkable and non-repudiatable ring signature method Active CN110071812B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910353137.8A CN110071812B (en) 2019-04-29 2019-04-29 Editable, linkable and non-repudiatable ring signature method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910353137.8A CN110071812B (en) 2019-04-29 2019-04-29 Editable, linkable and non-repudiatable ring signature method

Publications (2)

Publication Number Publication Date
CN110071812A true CN110071812A (en) 2019-07-30
CN110071812B CN110071812B (en) 2021-06-08

Family

ID=67369489

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910353137.8A Active CN110071812B (en) 2019-04-29 2019-04-29 Editable, linkable and non-repudiatable ring signature method

Country Status (1)

Country Link
CN (1) CN110071812B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110474762A (en) * 2019-08-22 2019-11-19 电子科技大学 The construction method of ring type editable block chain
CN111526009A (en) * 2020-04-09 2020-08-11 西南交通大学 Forward security editable block chain construction method suitable for alliance chain
CN111698090A (en) * 2020-05-22 2020-09-22 哈尔滨工程大学 Ring signature method applied to threat intelligence transaction alliance chain
CN112187455A (en) * 2020-09-24 2021-01-05 西南交通大学 Method for constructing distributed public key infrastructure based on editable block chain
CN113360943A (en) * 2021-06-23 2021-09-07 京东数科海益信息科技有限公司 Block chain private data protection method and device
CN113794556A (en) * 2021-09-10 2021-12-14 福建师范大学 PCH revocable method and system oriented to programmable block chain protocol
CN114417429A (en) * 2022-04-02 2022-04-29 湖南宸瀚信息科技有限责任公司 Editable block chain system based on ring type verification
CN114584280A (en) * 2022-03-04 2022-06-03 浪潮云信息技术股份公司 Key management method and system for AOS (automatic optical signature system) ring signature
CN114726645A (en) * 2022-05-06 2022-07-08 电子科技大学 Linkable ring signature method based on user information security
CN115017170A (en) * 2022-08-04 2022-09-06 北京邮电大学 Traceable block chain transaction credible erasing method and device
CN115473632A (en) * 2022-08-24 2022-12-13 武汉大学 Improved multi-layer linkable ring signature generation method and device
CN116743396A (en) * 2023-08-14 2023-09-12 深圳奥联信息安全技术有限公司 Optimized ring signature method and system
CN115473632B (en) * 2022-08-24 2024-05-31 武汉大学 Improved multi-layer linkable ring signature generation method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102045164A (en) * 2009-10-20 2011-05-04 广州信睿网络科技有限公司 Key exposure free chameleon digital signature method based on ID (Identity)
US20120166808A1 (en) * 2010-12-23 2012-06-28 Electronics And Telecommunications Research Institute Lattice-based ring signature method
CN109257184A (en) * 2018-11-08 2019-01-22 西安电子科技大学 Linkable ring signature method based on anonymous broadcast enciphering

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102045164A (en) * 2009-10-20 2011-05-04 广州信睿网络科技有限公司 Key exposure free chameleon digital signature method based on ID (Identity)
US20120166808A1 (en) * 2010-12-23 2012-06-28 Electronics And Telecommunications Research Institute Lattice-based ring signature method
CN109257184A (en) * 2018-11-08 2019-01-22 西安电子科技大学 Linkable ring signature method based on anonymous broadcast enciphering

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
马晓静: "《数字签名在公平交易协议中的应用研究》", 《中国优秀硕士学位论文全文数据库》 *
高伟: "《可证明安全数字签名的研究》", 《中国博士学位论文全文数据库》 *

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110474762B (en) * 2019-08-22 2021-05-25 电子科技大学 Method for constructing ring-type editable block chain
CN110474762A (en) * 2019-08-22 2019-11-19 电子科技大学 The construction method of ring type editable block chain
CN111526009A (en) * 2020-04-09 2020-08-11 西南交通大学 Forward security editable block chain construction method suitable for alliance chain
CN111526009B (en) * 2020-04-09 2021-06-15 西南交通大学 Forward security editable block chain construction method suitable for alliance chain
CN111698090B (en) * 2020-05-22 2022-09-27 哈尔滨工程大学 Ring signature method applied to threat intelligence transaction alliance chain
CN111698090A (en) * 2020-05-22 2020-09-22 哈尔滨工程大学 Ring signature method applied to threat intelligence transaction alliance chain
CN112187455A (en) * 2020-09-24 2021-01-05 西南交通大学 Method for constructing distributed public key infrastructure based on editable block chain
CN112187455B (en) * 2020-09-24 2023-04-18 西南交通大学 Method for constructing distributed public key infrastructure based on editable block chain
CN113360943A (en) * 2021-06-23 2021-09-07 京东数科海益信息科技有限公司 Block chain private data protection method and device
CN113794556A (en) * 2021-09-10 2021-12-14 福建师范大学 PCH revocable method and system oriented to programmable block chain protocol
CN113794556B (en) * 2021-09-10 2023-05-23 福建师范大学 PCH revocable method and system for collectable blockchain protocol
CN114584280A (en) * 2022-03-04 2022-06-03 浪潮云信息技术股份公司 Key management method and system for AOS (automatic optical signature system) ring signature
CN114417429B (en) * 2022-04-02 2022-06-07 湖南宸瀚科技有限公司 Editable block chain system based on ring type verification
CN114417429A (en) * 2022-04-02 2022-04-29 湖南宸瀚信息科技有限责任公司 Editable block chain system based on ring type verification
CN114726645B (en) * 2022-05-06 2023-01-24 电子科技大学 Linkable ring signature method based on user information security
CN114726645A (en) * 2022-05-06 2022-07-08 电子科技大学 Linkable ring signature method based on user information security
CN115017170A (en) * 2022-08-04 2022-09-06 北京邮电大学 Traceable block chain transaction credible erasing method and device
CN115017170B (en) * 2022-08-04 2022-10-11 北京邮电大学 Traceable block chain transaction credible erasing method and device
CN115473632A (en) * 2022-08-24 2022-12-13 武汉大学 Improved multi-layer linkable ring signature generation method and device
CN115473632B (en) * 2022-08-24 2024-05-31 武汉大学 Improved multi-layer linkable ring signature generation method and device
CN116743396A (en) * 2023-08-14 2023-09-12 深圳奥联信息安全技术有限公司 Optimized ring signature method and system
CN116743396B (en) * 2023-08-14 2023-11-03 深圳奥联信息安全技术有限公司 Optimized ring signature method and system

Also Published As

Publication number Publication date
CN110071812B (en) 2021-06-08

Similar Documents

Publication Publication Date Title
CN110071812A (en) A kind of editable can link, the ring signatures method of non-repudiation
Ambrosin et al. SANA: Secure and scalable aggregate network attestation
CN106972931B (en) Method for transparentizing certificate in PKI
KR101351012B1 (en) Method and apparatus for authentication user in multiparty quantum communications
US20210134095A1 (en) Cartridge-accepting device with an authentication circuit
CN106416123B (en) Certification based on password
CN110933045A (en) Block chain digital asset privacy protection method based on commitment
CN109257184A (en) Linkable ring signature method based on anonymous broadcast enciphering
CN109672538A (en) A kind of lightweight vehicle bus safety communicating method and safe communication system
CN102036242A (en) Access authentication method and system in mobile communication network
CN110912705B (en) Distributed electronic voting method and system based on block chain
CN106899413B (en) Digital signature verification method and system
CN110599164B (en) Supervision-capable quick payment method for any payee under chain
Accorsi Log data as digital evidence: What secure logging protocols have to offer?
CN116418560A (en) System and method for online quick identity authentication based on blockchain intelligent contract
CN113935065A (en) Ring signature-based federation chain identity privacy protection and supervision method
CN116260587A (en) Quantum-resistant signature authentication method based on hash signature and having small size
Chong et al. On “arbitrated quantum signature of classical messages against collective amplitude damping noise”
Gurkan et al. Community proposal: Semaphore: Zero-knowledge signaling on ethereum
Jiang et al. Report when malicious: Deniable and accountable searchable message-moderation system
WO2022192725A8 (en) Authenticated modification of blockchain-based data
CN113591103A (en) Identity authentication method and system between intelligent terminals of power internet of things
CN103813321B (en) Agreement key based data processing method and mobile phone
Hutto et al. Puf-based two-factor authentication protocol for securing the power grid against insider threat
CN116934239A (en) Flow control data processing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant