CN110417703A - It is a kind of to act on behalf of method, server and the terminal device signed again - Google Patents
It is a kind of to act on behalf of method, server and the terminal device signed again Download PDFInfo
- Publication number
- CN110417703A CN110417703A CN201810385018.6A CN201810385018A CN110417703A CN 110417703 A CN110417703 A CN 110417703A CN 201810385018 A CN201810385018 A CN 201810385018A CN 110417703 A CN110417703 A CN 110417703A
- Authority
- CN
- China
- Prior art keywords
- group
- signed
- parameter
- message
- generation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
Abstract
The method signed again and server, terminal device are acted on behalf of the invention discloses a kind of, for improving the safety signed again.Method therein that sign again of acting on behalf of includes: to grow up to be a useful person to generate group using all living creatures, wherein, the group includes at least two groups, inputting the parameter that all living creatures grows up to be a useful person includes security parameter, the first parameter and the second parameter, first parameter is used to indicate the bit length of message to be signed, and second parameter is used to indicate the bit length of subscriber identity information;Selection first generates member from the group, and the first generation member is sent to terminal, wherein, described first, which generates member, indicates the message to be signed and the subscriber identity information, so that the terminal and allograph equipment are based on the first generation member generation and sign again, a group includes that at least one generates member.
Description
Technical field
The present invention relates to field of information security technology, in particular to a kind of to act on behalf of method, server and the terminal signed again
Equipment.
Background technique
The realization that current agency signs again is to input a security parameter, output system by system parameter generating algorithm
Parameter and master key.Master key and a subscriber identity information are inputted by key-extraction algorithm again, obtain the private key of user.Again
The identity and private key of bailee, principal, that is, user identity and private key are inputted by weight signature key generating algorithm, export generation
The heavy signature key of reason person.Then the private key and a message of an identity are given by signature generating algorithm, output disappears at this
Signature on breath.If signature is effectively to sign, principal is exported according to weight signature key by signature generating algorithm again and is existed
Signature again in the message.
And terminal or proxy server, which generate the realization signed again to be based on system parameter, at present is believed according to user identity
The selected element of group generated is ceased, the signature again generated in this way is relatively simple, lower so as to cause safety.
As it can be seen that the safety signed that current agency's weight endorsement method obtains is lower again.
Summary of the invention
The embodiment of the present invention provides a kind of method, server and terminal device acted on behalf of and signed again, signs again for improving
Safety.
In a first aspect, a kind of method acted on behalf of and signed again is provided, this method comprises:
It is grown up to be a useful person using all living creatures and generates group, wherein the group includes at least two groups, inputs the ginseng that all living creatures grows up to be a useful person
Number includes security parameter, the first parameter and the second parameter, and first parameter is used to indicate the bit length of message to be signed, institute
State the bit length that the second parameter is used to indicate subscriber identity information;
Selection first generates member from the group, and the first generation member is sent to terminal, wherein described first
Generate member and indicate the message to be signed and the subscriber identity information so that the terminal and allograph equipment be based on this
One generates member generation signs again, and a group includes that at least one generates member.
It can bit length and use based on message to be signed using agency provided in an embodiment of the present invention weight endorsement method
The bit length and security parameter of family identity information are grown up to be a useful person by all living creatures generates at least two groups, and each group includes at least one
Member is generated, then selection first generates member from this at least two groups generation for being included members, is sent to terminal.Terminal and agency's label
Name equipment is based on the first generation member generation and signs again.Since the first generation member is generated from message to be signed and subscriber identity information
At least two groups in select one, the selection inside a fixed group compared to the prior art, selectable range compared with
Extensively, therefore, the complexity signed again signed in compared to the prior art again generated according to the first generation member is just higher, thus
Improve the safety signed again.
Optionally, after generating member from selection first in the group, further includes:
From the first group of integers choose L to element, and according to the L to element calculate the first group element, wherein the value of L with
The value of first parameter is identical, first group of integers be do not include the group order group of integers;
N is chosen to element from first group of integers, and the second group element is calculated to element according to the N, wherein N's
It is worth identical as the value of second parameter;
Wherein, first group element, second group element and described first generate first for the terminal and described
The generation of allograph equipment is signed again.
This optional mode describes the embodiment of the present invention and has comprehensively considered subscriber identity information and information to be signed, from
And determine the first group element and the second group element respectively, compared to the prior art in one kind for only being determined according to subscriber identity information
For group element, the combination signed again that may be constructed is more, and this improves the safeties signed again.In addition, the present invention is real
The server applied in example calculates the first group element to element according to the multidimensional L randomly selected, according to the multidimensional N randomly selected to member
Element calculates the second group element, therefore calculating process is related to polyteny operation, compared to the prior art in be to be transported by bilinearity
It calculates and obtains group element, the computation rate of server is higher in the embodiment of the present invention, to improve the effect entirely acted on behalf of and signed again
Rate.
Optionally, after generating member from selection first in the group, further includes:
Obtain the function H (I, M) of message and user identity, wherein I is used to indicate the subscriber identity information, and M is for referring to
Show the message to be signed;
The H (I, M) progress Bilinear Pairing is mapped into the group, wherein H (I, M) and institute after the mapping
It is raw for the terminal and the allograph equipment to state the first generation member and first group element and second group element
At signature again:
As i ∈ { 2 ..., n },
As i ∈ { n+1 ..., n+l=k },
Wherein, n indicates the value of first parameter, and l indicates the value of second parameter,For the user identity
Corresponding second group element of n-th of bit of information I, id1For n-th of bit of the subscriber identity information I,For corresponding first group element of first of bit of the message to be signed, mi-nFor the message to be signed
First of bit.
This optional mode describes how to be mapped H (I, M).The embodiment of the present invention is in view of being related to user's body
Therefore part information and two kinds of elements of message to be signed are divided into two when H (I, M) progress Bilinear Pairing is mapped to group
A process respectively corresponds message to be signed and subscriber identity information, and terminal and allograph equipment are according to the H (I, M) after mapping
Generation sign again it is also complex, to further improve the safety signed again.And in the prior art to H (I, M) into
It is a process when row mapping, treats for signature information and subscriber identity information, be all same process, terminal and agency
Signature device is signed by a relatively simple again according to H (I, the M) generation after mapping.
Second aspect provides a kind of method acted on behalf of and signed again, this method comprises:
The system parameter that server is sent is received, the system parameter includes the first generation member, and the first generation member is
It is determined in the group that server is generated according to subscriber identity information and message to be signed, the group includes at least two groups;
The first generation member is encrypted, and generates member and received allograph for encrypted described first and sets
The signature again of the standby message to be signed generated is sent to authentication server, so that the authentication server is based on encrypted
First, which generates member, verifies the heavy signature;
The authentication server is received to the validation value of the heavy signature, and the heavy signature is judged according to the validation value
Whether effectively.
The allograph method mentioned using the embodiment of the present invention, terminal verifying sign again whether it is effective when, Ke Yitong
The operation that authentication server carries out a part is crossed, undertakes whole verifying operation phases with traditional proxy weight signature scheme, that is, terminal
Than the operand of terminal reduces, and reduces to the configuration requirement of terminal, also mitigates the burden of terminal, improve verification efficiency.
Optionally, judge whether the heavy signature is effective according to the validation value, comprising:
It is iterated calculating based on the function H (I, M) for calculating factor pair message to be signed and subscriber identity information, is tied
Fruit value, wherein I is used to indicate the subscriber identity information, and M is used to indicate the message to be signed, the calculating factor be from
It does not include a randomly selected value in the group of integers of the order of the group;
Compare the end value and the validation value, however, it is determined that the end value is identical as the validation value, it is determined that institute
It is effective to state signature again.
Effectively whether how terminal in this optional mode verifies if having been described in detail signs again.
The third aspect provides a kind of server, which includes:
Generation unit generates group for growing up to be a useful person using all living creatures, wherein the group includes at least two groups, inputs institute
Stating the parameter that all living creatures grows up to be a useful person includes security parameter, the first parameter and the second parameter, and first parameter is used to indicate to be signed disappear
The bit length of breath, second parameter are used to indicate the bit length of subscriber identity information;
Selecting unit is sent to terminal for the first generation of selection member from the group, and by the first generation member,
Wherein, described first the member instruction message to be signed and the subscriber identity information are generated, so that the terminal and agency's label
Name equipment is based on the first generation member generation and signs again, and a group includes that at least one generates member.
Optionally, the selecting unit is also used to:
After selection first generates member in the group, L is chosen to element from the first group of integers, and according to the L
First group element is calculated to element, wherein the value of L is identical as the value of first parameter, and first group of integers is not include
The group of integers of the order of the group;
N is chosen to element from first group of integers, and the second group element is calculated to element according to the N, wherein N's
It is worth identical as the value of second parameter;
Wherein, first group element, second group element and described first generate first for the terminal and described
The generation of allograph equipment is signed again.
Optionally, the server further includes map unit, is used for:
After selection first generates member in the group, the function H (I, M) of message and user identity is obtained, wherein
I is used to indicate the subscriber identity information, and M is used to indicate the message to be signed;
The H (I, M) progress Bilinear Pairing is mapped into the group, wherein H (I, M) and institute after the mapping
It is raw for the terminal and the allograph equipment to state the first generation member and first group element and second group element
At signature again:
As i ∈ { 2 ..., n },
As i ∈ { n+1 ..., n+l=k },
Wherein, n indicates the value of first parameter, and l indicates the value of second parameter,For the user identity
Corresponding second group element of n-th of bit of information I, id1For n-th of bit of the subscriber identity information I,For corresponding first group element of first of bit of the message to be signed, mi-nTo be signed disappear to be described
First of bit of breath.
The technical effect of server provided by the present application may refer to the technology of each implementation of above-mentioned first aspect
Effect, details are not described herein again.
Fourth aspect provides a kind of server, which includes:
At least one processor, and
The memory being connect at least one described processor;
Wherein, the memory is stored with the instruction that can be executed by least one described processor, described at least one
It manages device and realizes such as the described in any item methods of first aspect by executing the instruction of the memory storage.
The technical effect of server provided by the present application may refer to the technology of each implementation of above-mentioned first aspect
Effect, details are not described herein again.
5th aspect, provides a kind of terminal device, which includes:
Receiving unit, for receiving the system parameter of server transmission, the system parameter includes the first generation member, described
First generation member is server according to determining in the group of subscriber identity information and message to be signed generation, and the group is at least
Including two groups;
Encryption unit for encrypting to the first generation member, and generates member for encrypted described first and connects
The signature again for the message to be signed that the allograph equipment of receipts generates is sent to authentication server, so that the service for checking credentials
Device is based on encrypted first generation member and verifies to the heavy signature;
Authentication unit, for receiving the authentication server to the validation value of the heavy signature, and according to the validation value
Judge whether the heavy signature is effective.
Optionally, the authentication unit is specifically used for:
It is iterated calculating based on the function H (I, M) for calculating factor pair message to be signed and subscriber identity information, is tied
Fruit value, wherein I is used to indicate the subscriber identity information, and M is used to indicate the message to be signed, the calculating factor be from
It does not include a randomly selected value in the group of integers of the order of the group;
Compare the end value and the validation value, however, it is determined that the end value is identical as the validation value, it is determined that institute
It is effective to state signature again.
The technical effect of terminal device provided by the present application may refer to the skill of each implementation of above-mentioned second aspect
Art effect, details are not described herein again.
6th aspect, provides a kind of terminal device, which includes:
At least one processor, and
The memory being connect at least one described processor;
Wherein, the memory is stored with the instruction that can be executed by least one described processor, described at least one
It manages device and realizes such as the described in any item methods of second aspect by executing the instruction of the memory storage.
The technical effect of terminal device provided by the present application may refer to the skill of each implementation of above-mentioned second aspect
Art effect, details are not described herein again.
7th aspect, provides a kind of computer storage medium, is stored thereon with computer program, the computer program quilt
Such as first aspect or second aspect described in any item methods are realized when processor executes.
Agency's weight endorsement method provided in an embodiment of the present invention can bit length and user's body based on message to be signed
The bit length and security parameter of part information are grown up to be a useful person by all living creatures and generate group, that is, at least two groups.Each group includes extremely
Few generation member, then a generation member is selected from this at least two groups, i.e., first generates member, and generates member for first and send
To terminal, so that terminal and the generation of allograph equipment are signed again.Due to the first generation member be from according to message to be signed and
One selected at least two groups that subscriber identity information generates, the compared to the prior art choosing inside a fixed group
It selects, selectable range is wider, therefore, generates the signing in compared to the prior art again of signing again that member generates according to first
Complexity is just higher, to improve the safety signed again.
Detailed description of the invention
Fig. 1 is the flow diagram provided in an embodiment of the present invention for acting on behalf of weight endorsement method;
Fig. 2 is a kind of structural schematic diagram of server provided in an embodiment of the present invention;
Fig. 3 is a kind of structural schematic diagram of server provided in an embodiment of the present invention;
Fig. 4 is a kind of structural schematic diagram of terminal device provided in an embodiment of the present invention;
Fig. 5 is a kind of structural schematic diagram of terminal device provided in an embodiment of the present invention.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction in the embodiment of the present invention
Attached drawing, technical scheme in the embodiment of the invention is clearly and completely described.
In order to make it easy to understand, the process that agency signs is described below again:
It acts on behalf of in weight signature system, there are one and half reliable succedaneums, will be entrusted using the code key of signature again of oneself
Signature of the person Alice in message m is converted into signature of the bailee Bob on m, and succedaneum not can know that signature in the process
The information of code key can not replace Alice and Bob to sign on any message.Specifically, 6 algorithms are related generally to, respectively
Parameter generation algorithm, key schedule, weight signature key generating algorithm, signature generating algorithm, again sign generating algorithm and
Signature verification algorithm.Wherein, server is used to obtain system parameter according to subscriber identity information by system parameter generating algorithm
And master key, and the private key for exporting user is obtained according to the identity information and master key of user by key schedule.Terminal
Equipment passes through weight signature key generating algorithm according to the private key and identity information of user, and the identity information and private key of principal obtain
Obtain the heavy signature key of succedaneum.Terminal device is by signature generating algorithm according to subscriber identity information and private key and a message
M exports signature sigma of the user in message m.Allograph equipment by again signature generating algorithm according to weight signature key, σ be by
Signature of the support person in message m, export heavy signature sigma of the principal in message m '.Terminal device passes through signature verification algorithm root
According to the signature sigma on subscriber identity information and message m, effectively whether verifying sign again.
It is according to subscriber identity information that terminal or proxy server, which generate the realization signed again and be based on system parameter, at present
The selected generation member of the group generated, the signature again generated in this way is relatively simple, lower so as to cause safety.In view of
This, agency's weight endorsement method, server and terminal device provided in an embodiment of the present invention, it is intended to improve the safety signed again.
Technical solution provided in an embodiment of the present invention is introduced with reference to the accompanying drawings of the specification.
Referring to Figure 1, the embodiment of the invention provides a kind of method acted on behalf of and signed again, the detailed process descriptions of this method
It is as follows.
In step s101, server can be grown up to be a useful person using all living creatures generates group, wherein and group includes at least two groups,
The parameter that input all living creatures grows up to be a useful person includes security parameter, the first parameter and the second parameter, and the first parameter is used to indicate message to be signed
Bit length, the second parameter is used to indicate the bit length of subscriber identity information.
It is the system ginseng generated according to server that terminal and allograph equipment i.e. proxy server, which generate signature again,
What number was realized.System parameter is usually server based on the generations such as user related information such as subscriber identity information, including root
According to the group that subscriber identity information generates, the generation member etc. that group includes.Server is according to system parameter generating algorithm in the prior art
Security parameter λ is inputted, system parameter is generated, only takes into account a group of subscriber identity information generation, and is selected from this group of the insides
A generation member is selected, range of choice is relatively narrow, and therefore, probability a possibility that signing again obtained by the generation member is lower, from
And cause safety lower.Server in the embodiment of the present invention can be grown up to be a useful person using all living creatures generates group, and input all living creatures grows up to be a useful person
Parameter include security parameter, the first parameter and the second parameter, the first parameter is used to indicate the bit length of message to be signed,
Two parameters are used to indicate the bit length of subscriber identity information, wherein group includes at least two groups namely the embodiment of the present invention
In server obtains according to subscriber identity information and message to be signed is at least two groups, and a group includes at least one
Member is generated, then the range of choice for generating member is just wider.
Specifically, the server in the embodiment of the present invention can run all living creatures by system parameter generating algorithm and grow up to be a useful person Γ (1λ, k=l+n), wherein 1λIndicate that security parameter, l indicate that the bit length of message to be signed, n indicate the ratio of subscriber identity information
Bit length, all living creatures, which grows up to be a useful person after Γ is run, can export the group G=(G that order is p1,...,Gk), GkIndicate k-th group.Each
Group includes that at least one generates member, and generate member in the embodiment of the present invention is indicated with g, such as g1,...,gkIt is in group G respectively
Generate member.
After server generates group, in step s 102, a generation member can be selected to generate from group as first
Member, and the first generation member is sent to terminal, so that terminal and allograph equipment are based on the first generation member generation and sign again.By
It is to select from the group that subscriber identity information and message to be signed generate in the first generation member, so the first generation member can
To indicate message to be signed and subscriber identity information, so terminal or equipment to be signed generate the label again that member generates according to first
Name also would indicate that message to be signed and subscriber identity information.
Server selection first can generate member g=g from the generation member that group includes1, first is being selected from group
After generating member, server can also choose respectively L to element and N to element from the first group of integers, and be calculated according to L element
First group element calculates the second group element to element according to N, wherein the first group element and the second group element are used for terminal and generation
Reason signature device generation is signed again, and the value of L is identical as the value of the first parameter, and the value of N is identical as the value of the second parameter.Wherein, it selects
The L taken is the bit length of message to be signed to the quantity of element, therefore the first group element is the bit long with message to be signed
It spends relevant.Wherein, the N of selection is the bit length of subscriber identity information to the quantity of element, thus the second group element be with
The bit length of subscriber identity information is relevant.First group of integers be do not include group order group of integers.If all living creatures at
What device generated is the group that order is P, then the first group of integers is exactly the group of integers for not including P.
Specifically, the server in the embodiment of the present invention can randomly select l to element from the first group of integers, for example,Wherein, (an,0,an,1) it is used to indicate n-th pair of element,Be used to indicate does not include P's
First group of integers.Server calculates group element to element according to the l of selection, obtains the first group element, such asWherein, A is used to indicate first group of member
Element, each first group element includes the element chosen from the first group of integers and first generates the element that member generates, such asMember exactly is generated to element and first by l and calculates acquisition.Similarly, in the embodiment of the present invention
Server n can be randomly selected from the first group of integers to element, for example,Its
In, (bn,0,bn,1) nth elements are used to indicate,Be used to indicate do not include P the first group of integers.Server is according to the n of selection
Group element is calculated to element, obtains the second group element, such as:
And terminal in the embodiment of the present invention or allograph equipment are according to the first group element, the second group element and
One generate member generate signs again, be related to two kinds of group elements, compared to the prior art in only according to subscriber identity information determine
For a kind of group element, the combination signed again that may be constructed is more, and this improves the safeties signed again.In addition, this hair
Server in bright embodiment calculates the first group element to element according to the multidimensional l randomly selected, according to the multidimensional n randomly selected
Second group element is calculated to element, therefore calculating process is related to polyteny operation, compared to the prior art in be to pass through two-wire
Property operation obtain group element, the computation rate of server is higher in the embodiment of the present invention, signs again to improve entire agency
Efficiency.
After selection first generates member in group, server can also obtain to disappear server in the embodiment of the present invention
The function H (I, M) of breath and user identity, and H (I, M) progress Bilinear Pairing is mapped into group.Wherein, I is used to indicate use
Family identity information, M are used to indicate message to be signed, and the H (I, M) after mapping is signed again for terminal and the generation of allograph equipment
Name.
Wherein, the function H (I, M) of message and user identity can be H (I, M): { 0,1 }n×{0,1}l→Gk, that is, incite somebody to action 0,
1}n×{0,1}lMake operation and maps to Gk, wherein GkIndicate that k-th group, l indicate the bit length of message to be signed, n instruction
The bit length of subscriber identity information.In view of the first group element and the second group element indicate respectively different information, the present invention
Server in embodiment is when mapping to group for H (I, M) progress Bilinear Pairing, it is contemplated that the first group element and second group
Element, specific mapping can be realized by following formula:
As i ∈ { 2 ..., n },
As i ∈ { n+1 ..., n+l=k },
Wherein, n indicates the value of the first parameter, and l indicates the value of the second parameter,It is n-th of subscriber identity information I
Corresponding second group element of bit, id1For n-th of bit of subscriber identity information I,For message to be signed
Corresponding first group element of first of bit, mi-nFor first of bit of message to be signed.
It is in the prior art a process when being mapped H (I, M), treats signature information and subscriber identity information
For, it is all that same process, terminal and allograph equipment generate comparatively letter of signing again according to the H (I, M) after mapping
It is single.And the server in the embodiment of the present invention is divided into two processes when H (I, M) progress Bilinear Pairing is mapped to group,
Message to be signed and subscriber identity information are respectively corresponded, terminal and allograph equipment are signed again according to H (I, the M) generation after mapping
Name is also complex, to further improve the safety signed again.
The group of acquisition, generation member, the first group element and the second group element can be packaged into system parameter hair by server
Terminal is given, certain system parameter can also include the bit length of message to be signed, the bit length of subscriber identity information, group
The order etc. of group.Such as system parameter can be { G1,...,Gk,g1,...,gk,k,l,n,p,H,(A1,0,A1,1),(A2,0,
A2,1)...,(Al,0,Al,1),...(B1,0,B1,1),...,(Bn,0,Bn,1)}。
Server, which inputs security parameter by system parameter generating algorithm, can also generate master key, in the embodiment of the present invention
Server can enable master key MSK be { (b1,0,b1,1),...,(bn,0,bn,1), server is by system parameter and master key
MSK is sent to terminal.Terminal can be by key-extraction algorithm to the subscriber identity information and master key MSK for determining user's input
Operation is carried out, private key corresponding to the user is obtained.For example, subscriber identity information I=(id1,...,idn)∈{0,1}n, wherein
id1For n-th of bit of subscriber identity information I, corresponding private key is exportedIts
In, g is the first generation member,For the second group element,For master key.The private key SK of terminal acquisition userILater, it can incite somebody to action
Subscriber identity information and private key are sent to allograph equipment, and allograph equipment can weigh signature key generating algorithm and obtain generation
Manage this section of weight signature key.
For example, terminal is sent to allograph equipment bailee i.e. subscriber identity informationAnd private keyAnd the identity information of principalAnd private keyAllograph equipment passes through weight
The heavy signature key of signature key generating algorithm output agent person
Wherein,Indicating that weight signature key, g are the first generation member, function e is used to indicate bilinear operation,With
In instruction bailee private key,It is used to indicate principal's private key.
For allograph equipment before generating signature again, terminal can generate label based on subscriber identity information on message M
Name: message M=(m for example to be signed1,...,ml)∈{0,1}l, it is the l bit of message M, bailee IAPrivate key
It enablesIt calculatesI ∈ [l] obtains the signature of message M to be signedWherein, Gn-1+iIndicate the (n-1)th+i groups,It indicates i-th of bailee
The corresponding group element of bit, function e are used to indicate bilinear operation.
The signature sigma of message M to be signed is sent to allograph equipment by terminal, allograph equipment be based on by
The signature and weight signature key of support person, generates agency and signs again.Specifically, bailee I is givenAFor wait sign
The signature sigma of name message MA, weight signature keyThe signature again of allograph equipment generation MWherein,
σBIndicate the signature again of M.
After allograph equipment generates signature again, signature again can be sent to terminal, whether terminal authentication signs again
It is legal.Specifically, continuing with referring to Fig. 1, in the embodiment of the present invention, in step s 201, terminal can receive server transmission
System parameter, system parameter includes first generating member, and first to generate member be server according to subscriber identity information and to be signed
It is determined in the group that message generates, group includes at least two groups.In step S202, terminal can to first generate member into
Row encryption, and the signature again that encrypted first generates the message to be signed that member and received allograph equipment generate is sent
To authentication server, so that authentication server is based on the first counterweight signature of encrypted first generation and is verified.Specifically, terminal
Can never including group's order P group of integers in randomly select an elementAnd calculate R=gr, generate character string
VString=(r, R), i.e., encrypted first generates member.
(σ, R) is sent to authentication server by terminal, and authentication server receives (σ, R) and is based on VString, user identity letter
Breath I and the signature of message to be signed verify (m, σ) counterweight signature.Authentication server calculates K1=e (σ, R), wherein letter
Number e indicates to carry out bilinear operation, the validation value that K1 expression counterweight signature is verified.Authentication server is by K1It is sent to
Terminal, so that terminal determines whether effectively to sign again.In step S203, terminal can receive authentication server counterweight signature
Validation value, and judge whether the heavy signature is effective according to validation value.Specifically, terminal calculates the function of message and user identity
H (I, M), specifically, K2=H (I, M)r, wherein r be never including group's order P group of integers in randomly select an elementK2For terminal counterweight signature validation value, if the terminal determine that K1=K2Then determining signature again is effective, otherwise, if
K1≠K2, then can determine that signature is invalid again.
Due to terminal verifying sign again whether it is effective when, can by authentication server carry out a part operation, with
Traditional proxy weight signature scheme, that is, terminal undertakes whole verifying operations and compares, and the operand of terminal reduces, and matches to terminal
Setting requirement reduces, and also mitigates the burden of terminal, improves verification efficiency.
In conclusion agency's weight endorsement method provided in an embodiment of the present invention can be based on the bit length of message to be signed
It is grown up to be a useful person with the bit length and security parameter of subscriber identity information by all living creatures and generates group, that is, at least two groups.Each
Group includes that at least one generates member, then a generation member is selected from this at least two groups, i.e., first generates member, and raw by first
Cheng Yuan is sent to terminal, so that terminal and the generation of allograph equipment are signed again.Since the first generation member is from according to wait sign
One selected at least two groups that name message and subscriber identity information generate, compared to the prior art from a fixed group
The inside selection, selectable range is wider, therefore, generates the weight signed in compared to the prior art again that member generates according to first
The complexity of signature is just higher, to improve the safety signed again.
Equipment provided in an embodiment of the present invention is introduced with reference to the accompanying drawings of the specification.
Fig. 2 is referred to, based on the same inventive concept, one embodiment of the invention provides a kind of server, which can be with
Including generation unit 201 and selecting unit 202.Wherein, generation unit is for supporting server to execute the step S101 in Fig. 1.
Selecting unit is for supporting server to execute the step S102 in Fig. 1.Wherein, the institute for each step that above method embodiment is related to
The function description of corresponding function module can be quoted by having related content, and details are not described herein.
Optionally, selecting unit is also used to:
After selection first generates member in group, L is chosen to element from the first group of integers, and according to L to element meter
Calculate the first group element, wherein the value of L is identical as the value of the first parameter, the first group of integers be do not include group order integer
Group;
N is chosen to element from the first group of integers, and the second group element is calculated to element according to N, wherein the value of N and second
The value of parameter is identical;
Wherein, the first group element, the second group element and first generate member and sign again for terminal and the generation of allograph equipment
Name.
Optionally, server further includes map unit 203, is used for:
After selection first generates member in group, the function H (I, M) of message and user identity is obtained, wherein I is used
In instruction subscriber identity information, M is used to indicate message to be signed;
H (I, M) progress Bilinear Pairing is mapped into group, wherein H (I, M) after mapping generates member and the with first
One group element and the second group element are generated for terminal and allograph equipment signs again:
As i ∈ { 2 ..., n },
As i ∈ { n+1 ..., n+l=k },
Wherein, n indicates the value of the first parameter, and l indicates the value of the second parameter,It is n-th of subscriber identity information I
Corresponding second group element of bit, id1For n-th of bit of subscriber identity information I,For message to be signed
Corresponding first group element of first of bit, mi-nFor first of bit of message to be signed.
Using integrated unit, Fig. 3 is referred to, based on the same inventive concept, one embodiment of the invention provides
A kind of server, the server may include: at least one processor 301, and processor 301 is used to executing to be stored in memory
The step of agency as shown in Figure 1 provided in an embodiment of the present invention weighs endorsement method is realized when computer program.
Optionally, processor 301 specifically can be central processing unit, application-specific integrated circuit (English:
Application Specific Integrated Circuit, referred to as: ASIC), it can be one or more for controlling journey
The integrated circuit that sequence executes.
Optionally, which further includes the memory 302 connecting at least one processor, and memory 302 can wrap
Include read-only memory (English: Read Only Memory, abbreviation: ROM), random access memory (English: Random
Access Memory, referred to as: RAM) and magnetic disk storage.The number required when being run for storage processor 301 of memory 302
According to being stored with the instruction that can be executed by least one processor 301, at least one processor 301 is by executing memory 302
The instruction of storage executes method as shown in Figure 1.Wherein, the quantity of memory 302 is one or more.Wherein, memory
302 show together in Fig. 3, but it is understood that memory 302 is not essential functional module, therefore with void in Fig. 3
Line is shown.
Wherein, entity device corresponding to generation unit 201, selecting unit 202 and map unit 203 may each be aforementioned
Processor 301.The server can be used for executing method provided by embodiment shown in FIG. 1.Therefore about in the equipment
The function that each functional module can be realized can refer to the corresponding description in embodiment shown in FIG. 1, seldom repeat.
Fig. 4 is referred to, based on the same inventive concept, one embodiment of the invention provides a kind of terminal device, the terminal device
It may include receiving unit 401, encryption unit 402 and authentication unit 403.Wherein, receiving unit is for supporting terminal device to hold
Step S201 in row Fig. 1.Encryption unit is for supporting terminal device to execute the step S202 in Fig. 1.Authentication unit is for branch
It holds terminal device and executes step S203 in Fig. 1.Wherein, all related contents for each step that above method embodiment is related to are equal
The function description of corresponding function module can be quoted, details are not described herein.
Using integrated unit, Fig. 5 is referred to, based on the same inventive concept, one embodiment of the invention provides
A kind of terminal device, the terminal device may include: at least one processor 501, and processor 501 is deposited for executing in memory
The step of agency as shown in Figure 1 provided in an embodiment of the present invention weighs endorsement method is realized when the computer program of storage.
Optionally, processor 501 specifically can be central processing unit, application-specific integrated circuit (English:
Application Specific Integrated Circuit, referred to as: ASIC), it can be one or more for controlling journey
The integrated circuit that sequence executes.
Optionally, which further includes the memory 502 connecting at least one processor, and memory 502 can be with
Including read-only memory (English: Read Only Memory, abbreviation: ROM), random access memory (English: Random
Access Memory, referred to as: RAM) and magnetic disk storage.The number required when being run for storage processor 501 of memory 502
According to being stored with the instruction that can be executed by least one processor 501, at least one processor 501 is by executing memory 502
The instruction of storage executes method as shown in Figure 1.Wherein, the quantity of memory 502 is one or more.Wherein, memory
502 show together in Fig. 5, but it is understood that memory 502 is not essential functional module, therefore with void in Fig. 5
Line is shown.
Wherein, entity device corresponding to receiving unit 401, encryption unit 402 and authentication unit 403 may each be aforementioned
Processor 501.The server can be used for executing method provided by embodiment shown in FIG. 1.Therefore about in the equipment
The function that each functional module can be realized can refer to the corresponding description in embodiment shown in FIG. 1, seldom repeat.
The embodiment of the present invention also provides a kind of computer storage medium, wherein computer storage medium is stored with computer
Instruction, when computer instruction is run on computers, so that computer executes as the method for figure 1.
It is apparent to those skilled in the art that for convenience and simplicity of description, only with above-mentioned each function
The division progress of module can according to need and for example, in practical application by above-mentioned function distribution by different function moulds
Block is completed, i.e., the internal structure of device is divided into different functional modules, to complete all or part of function described above
Energy.The specific work process of the system, apparatus, and unit of foregoing description, can be with reference to corresponding in preceding method embodiment
Journey, details are not described herein.
In several embodiments provided by the present invention, it should be understood that disclosed device and method can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the module or unit
It divides, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components
It can be combined or can be integrated into another system, or some features can be ignored or not executed.Another point, it is shown or
The mutual coupling, direct-coupling or communication connection discussed can be through some interfaces, the indirect coupling of device or unit
It closes or communicates to connect, can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, each functional unit in each embodiment of the application can integrate in one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product
When, it can store in a computer readable storage medium.Based on this understanding, the technical solution of the application is substantially
The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words
It embodies, which is stored in a storage medium, including some instructions are used so that a computer
It is each that equipment (can be personal computer, server or the network equipment etc.) or processor (processor) execute the application
The all or part of the steps of embodiment the method.And storage medium above-mentioned includes: general serial bus USB
(Universal Serial Bus flash disk), mobile hard disk, read-only memory (Read-Only Memory, ROM),
Random access memory (Random Access Memory, RAM), magnetic or disk etc. be various to can store program code
Medium.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art
Mind and range.In this way, if these modifications and changes of the present invention belongs to the range of the claims in the present invention and its equivalent technologies
Within, then the present invention is also intended to include these modifications and variations.
Claims (10)
1. a kind of act on behalf of the method signed again characterized by comprising
It is grown up to be a useful person using all living creatures and generates group, wherein the group includes at least two groups, inputs the parameter packet that all living creatures grows up to be a useful person
Including security parameter, the first parameter and the second parameter, first parameter is used to indicate the bit length of message to be signed, and described
Two parameters are used to indicate the bit length of subscriber identity information;
Selection first generates member from the group, and the first generation member is sent to terminal, wherein described first generates
Member indicates the message to be signed and the subscriber identity information, so that the terminal and allograph equipment are based on first life
It signs again at member generation, a group includes that at least one generates member.
2. the method as described in claim 1, which is characterized in that after selection first generates member in the group, also wrap
It includes:
From the first group of integers choose L to element, and according to the L to element calculate the first group element, wherein the value of L with it is described
The value of first parameter is identical, first group of integers be do not include the group order group of integers;
From first group of integers choose N to element, and according to the N to element calculate the second group element, wherein the value of N with
The value of second parameter is identical;
Wherein, first group element, second group element and described first generate member and are used for the terminal and the agency
Signature device generation is signed again.
3. method according to claim 2, which is characterized in that after selection first generates member in the group, also wrap
It includes:
Obtain the function H (I, M) of message and user identity, wherein I is used to indicate the subscriber identity information, and M is used to indicate institute
State message to be signed;
The H (I, M) progress Bilinear Pairing is mapped into the group, wherein H (I, M) after the mapping and described the
One, which generates member and first group element and second group element, generates weight for the terminal and the allograph equipment
Signature:
As i ∈ { 2 ..., n },
As i ∈ { n+1 ..., n+l=k },
Wherein, n indicates the value of first parameter, and l indicates the value of second parameter,For the subscriber identity information I
Corresponding second group element of n-th of bit, id1For n-th of bit of the subscriber identity information I,For corresponding first group element of first of bit of the message to be signed, mi-nFor the message to be signed
First of bit.
4. a kind of act on behalf of the method signed again characterized by comprising
The system parameter that server is sent is received, the system parameter includes the first generation member, and described first generates member to service
It is determined in the group that device is generated according to subscriber identity information and message to be signed, the group includes at least two groups;
The first generation member is encrypted, and generates member and the life of received allograph equipment for encrypted described first
At the signature again of the message to be signed be sent to authentication server so that the authentication server is based on encrypted first
Member is generated to verify the heavy signature;
The authentication server is received to the validation value of the heavy signature, and whether the heavy signature is judged according to the validation value
Effectively.
5. method as claimed in claim 4, which is characterized in that judge whether the heavy signature is effective according to the validation value,
Include:
It is iterated calculating based on the function H (I, M) for calculating factor pair message to be signed and subscriber identity information, obtains result
Value, wherein I is used to indicate the subscriber identity information, and M is used to indicate the message to be signed, and the calculating factor is never
A randomly selected value in the group of integers of order including the group;
Compare the end value and the validation value, however, it is determined that the end value is identical as the validation value, it is determined that described heavy
Signature is effective.
6. a kind of server characterized by comprising
Generation unit generates group for growing up to be a useful person using all living creatures, wherein the group includes at least two groups, inputs the group
The parameter of generator includes security parameter, the first parameter and the second parameter, and first parameter is used to indicate message to be signed
Bit length, second parameter are used to indicate the bit length of subscriber identity information;
Selecting unit is sent to terminal for the first generation of selection member from the group, and by the first generation member,
In, described first, which generates member, indicates the message to be signed and the subscriber identity information, so that the terminal and allograph
Equipment is based on the first generation member generation and signs again, and a group includes that at least one generates member.
7. a kind of server characterized by comprising
At least one processor, and
The memory being connect at least one described processor;
Wherein, the memory is stored with the instruction that can be executed by least one described processor, at least one described processor
The method according to claim 1 is realized in instruction by executing the memory storage.
8. a kind of terminal device characterized by comprising
Receiving unit, for receiving the system parameter of server transmission, the system parameter includes that the first generation is first, and described first
Generating member is server according to determining in the group of subscriber identity information and message to be signed generation, and the group includes at least
Two groups;
Encryption unit, for being encrypted to the first generation member, and encrypted first generation is first and received
The signature again for the message to be signed that allograph equipment generates is sent to authentication server, so that the authentication server base
Member is generated in encrypted first to verify the heavy signature;
Authentication unit judges for receiving the authentication server to the validation value of the heavy signature, and according to the validation value
Whether the heavy signature is effective.
9. a kind of terminal device characterized by comprising
At least one processor, and
The memory being connect at least one described processor;
Wherein, the memory is stored with the instruction that can be executed by least one described processor, at least one described processor
Method as described in claim 4 or 5 is realized in instruction by executing the memory storage.
10. a kind of computer storage medium, is stored thereon with computer program, which is characterized in that the computer program is located
It manages when device executes and realizes such as the described in any item methods of claim 1-8 or 9-10.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810385018.6A CN110417703B (en) | 2018-04-26 | 2018-04-26 | Proxy re-signing method, server and terminal equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810385018.6A CN110417703B (en) | 2018-04-26 | 2018-04-26 | Proxy re-signing method, server and terminal equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110417703A true CN110417703A (en) | 2019-11-05 |
CN110417703B CN110417703B (en) | 2021-11-30 |
Family
ID=68345956
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810385018.6A Active CN110417703B (en) | 2018-04-26 | 2018-04-26 | Proxy re-signing method, server and terminal equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110417703B (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102684885A (en) * | 2012-05-25 | 2012-09-19 | 孙华 | Identity-based threshold ring signature method |
US20150230196A1 (en) * | 2012-04-30 | 2015-08-13 | Apple Inc. | Extension of location status event |
CN105049430A (en) * | 2015-06-30 | 2015-11-11 | 河海大学 | Ciphertext-policy attribute-based encryption method having efficient user revocation capability |
CN105262587A (en) * | 2015-10-30 | 2016-01-20 | 西安电子科技大学 | Group key distribution method for machine-type communication based on proxy re-encryption |
CN106209365A (en) * | 2016-09-18 | 2016-12-07 | 西安电子科技大学 | The method that Backup Data is heavily signed is utilized when user cancels under cloud environment |
-
2018
- 2018-04-26 CN CN201810385018.6A patent/CN110417703B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150230196A1 (en) * | 2012-04-30 | 2015-08-13 | Apple Inc. | Extension of location status event |
CN102684885A (en) * | 2012-05-25 | 2012-09-19 | 孙华 | Identity-based threshold ring signature method |
CN105049430A (en) * | 2015-06-30 | 2015-11-11 | 河海大学 | Ciphertext-policy attribute-based encryption method having efficient user revocation capability |
CN105262587A (en) * | 2015-10-30 | 2016-01-20 | 西安电子科技大学 | Group key distribution method for machine-type communication based on proxy re-encryption |
CN106209365A (en) * | 2016-09-18 | 2016-12-07 | 西安电子科技大学 | The method that Backup Data is heavily signed is utilized when user cancels under cloud environment |
Also Published As
Publication number | Publication date |
---|---|
CN110417703B (en) | 2021-11-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103765809B (en) | The public key of implicit authentication | |
CN103733564B (en) | Utilize the digital signature of implicit certificate chain | |
CN110351096A (en) | Multi-signature method, signature center, medium and electronic equipment | |
US8745376B2 (en) | Verifying implicit certificates and digital signatures | |
CN105162583B (en) | A kind of single, single-stage and multistage key pair dispersing method and its system | |
CN108632248A (en) | Data ciphering method, data query method, apparatus, equipment and storage medium | |
CN110365481A (en) | The optimization of the close SM2 algorithm of state is accelerated to realize system and method | |
CN109272316B (en) | Block implementing method and system based on block chain network | |
CN110069939A (en) | Encryption data consistency desired result method, apparatus, computer equipment and storage medium | |
CN111597590B (en) | Block chain-based data integrity quick inspection method | |
CN111342962B (en) | Method and system for verifying ciphertext message range | |
CN111274594B (en) | Block chain-based secure big data privacy protection sharing method | |
CN103718501B (en) | Information processing device and method | |
CN104780052B (en) | Network equipment group authentication method in a kind of software defined network | |
CN109067526A (en) | Level public private key pair generation method and device | |
CN109167662A (en) | A kind of seed generation method and its equipment | |
CN106790311A (en) | Cloud Server stores integrality detection method and system | |
CN112152813B (en) | Certificateless content extraction signcryption method supporting privacy protection | |
CN109903158A (en) | The method that transaction amount is in some section is proved using zero knowledge probative agreement | |
CN103490897B (en) | A kind of multivariable public key signature/checking system and signature/verification method | |
CN106209365A (en) | The method that Backup Data is heavily signed is utilized when user cancels under cloud environment | |
CN109274504B (en) | Multi-user big data storage sharing method and system based on cloud platform | |
CN101729250B (en) | Verification method, equipment and system of increment provable data integrity (IPDI) | |
CN108494561B (en) | Aggregation electronic signature method with fixed signature length | |
CN112785306B (en) | Homomorphic encryption method and application system based on Paillier |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |