CN110535655B - Novel RSA blind signature method - Google Patents

Novel RSA blind signature method Download PDF

Info

Publication number
CN110535655B
CN110535655B CN201910669086.XA CN201910669086A CN110535655B CN 110535655 B CN110535655 B CN 110535655B CN 201910669086 A CN201910669086 A CN 201910669086A CN 110535655 B CN110535655 B CN 110535655B
Authority
CN
China
Prior art keywords
signature
bob
message
blind
alice
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910669086.XA
Other languages
Chinese (zh)
Other versions
CN110535655A (en
Inventor
李凤银
王东风
李清华
王伊蕾
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Houquantum Cryptography Technology Co ltd
Original Assignee
Qufu Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qufu Normal University filed Critical Qufu Normal University
Priority to CN201910669086.XA priority Critical patent/CN110535655B/en
Publication of CN110535655A publication Critical patent/CN110535655A/en
Application granted granted Critical
Publication of CN110535655B publication Critical patent/CN110535655B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3257Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures

Abstract

The invention discloses a novel RSA blind signature method, which aims to protect sensitive private data in electronic contract signing in network transaction. The method is characterized in that an information owner Alice blindly signs the information needing to be signed, a signer Bob blindly signs the blinded information, Alice blindly signs the information blindly signed by Bob, and finally a random third-party verifier Minter completes final signature verification. The method has correctness and safety, realizes non-forgeability and blindness, and is suitable for privacy sensitive information protection in the electronic contract signing process.

Description

Novel RSA blind signature method
Technical Field
The invention belongs to the technical field of information security, and relates to a blind signature method based on an RSA algorithm.
Background
The digital signature can guarantee the integrity of data and is widely applied to the fields of military affairs, commerce, finance and the like. In some scenarios, signed messages need to satisfy both authenticity and anonymity. In the traditional digital signature, a signer can check the details of a message, and the traditional digital signature is not suitable for the fields of fair signing of electronic contracts and the like. The blind signature means that a signer cannot view details of a file needing to be signed and only performs a specific operation of signing so as to achieve the aim of signature validation.
Blind signatures need to retain not only the various features of digital signatures, but also to be blind and untraceable. Blindness means that the signer cannot see the content of the signed message; untraceable means that the signer cannot associate his own signature with the signed message and therefore cannot track the owner of the message. In order to make the existing signature protocols have the special properties of blind signatures, related scholars have designed some blind signature schemes. The blind signature protocol is advantageous, but at the same time there are some problems, such as: how to combine the blind signature and other signature modes tightly to improve the efficiency and the safety of the signature. The text combines the traditional RSA algorithm and the blind signature, and designs a new RSA blind signature method.
Disclosure of Invention
The invention aims to provide a novel RSA blind signature method, which comprises the steps of signature message blinding, blind signature, blinding removal, signature authentication and the like, and the specific process is as follows:
1) the signature party Bob participating in the blind signature selects the security parameters p and q according to the RSA algorithm, and calculates its public key (e, n), where n is p q and phi (n) is (p-1)(q-1) randomly choosing a large integer e such that (e, phi (n)) > 1. The private key d is calculated to satisfy ed 1mod (phi (n)). Simultaneously publishing a secure singles hash algorithm
Figure GDA0003472756690000011
2) Message to be signed by Alice
Figure GDA0003472756690000012
Selecting two random numbers
Figure GDA0003472756690000013
And
Figure GDA0003472756690000014
blinding to obtain a blinded message m1=r1 aeh, (m) and1=r1 aeh (m) is sent to Bob, and the hash value H (H) (m) modn of the message is calculated and disclosed, so that the public verification is facilitated;
3) bob receives message m1=r1 aeh (m), blindly signing the message to obtain t1=m1 dmod n, and d is1=m1 dmodn is sent to Alice;
4) alice receives the blind signature t of Bob1=m1 dmod n, then blind-removing and calculating
Figure GDA0003472756690000015
Obtaining signatures after blindness removal
Figure GDA0003472756690000021
5) The random verifier Minter takes the triplet (S, H, e) as input to verify whether the following equation holds
Se=H
If yes, the signature verification is successful; otherwise the signature verification fails. Where e, H (m) modn are disclosed parameters,
Figure GDA0003472756690000022
is a generic signature.
The invention has correctness and safety, realizes the unforgeability and the blindness, and achieves the following effects: after the blinding, the message to be signed is transparent to the signer, and the signer cannot know the specific content in the message and other users cannot know the details of the contract. Can be used for signing privacy preserving fair contracts.
Drawings
Fig. 1 details the blind signature flow of the new RSA blind signature algorithm.
Detailed Description
(1) The signature party Bob participating in the blind signature selects security parameters according to the RSA algorithm, calculates the public key (e, n) and the private key d of the signature party Bob, and simultaneously publishes a secure single hash algorithm
Figure GDA0003472756690000023
(1.1) Bob randomly selects two large prime numbers p and q, calculates n to p to q, and calculates Euler function value phi (n) to (p-1) to (q-1) of n;
(1.2) Bob randomly chooses a large integer e, so that (e, phi (n)) ═ 1;
(1.3) calculating the private key d according to the extended euclidean algorithm so that ed is equal to 1mod (phi (n)).
(2) Alice selects information to be signed to sign:
(2.1) Alice selects the message to be signed
Figure GDA0003472756690000024
And two different random numbers
Figure GDA0003472756690000025
(2.2) Alice calculates m1=r1 aeh (m), blinding the information m and combining m1Sending the data to Bob;
(2.3) Alice calculates H ═ H (m) modn. Disclosure H, facilitating disclosure verification;
(3) bob blindly signs the information sent from Alice:
bob receives m1Then, t is calculated1=m1 dmodn,δpves=t1Is a blind signature;
(4) and (3) performing blind removal processing on the blind signature information by Alice:
alice receives delta from BobpvesPerforming blind-removing and calculating
Figure GDA0003472756690000026
Obtaining a common signature S of Bob to the message m;
(5) and (3) carrying out signature authentication by the random verifier mint, and judging whether the signature is correct:
the random verifier Minter takes the triplet (S, H, e) as input to verify whether the following equation holds
Se=H
If yes, the signature verification is successful; otherwise the signature verification fails. Where e, H is a public parameter and S is a generic signature.

Claims (1)

1. A new RSA blind signature method comprises the following specific processes:
the first step is as follows: the signature party Bob participating in the blind signature selects security parameters p and q according to an RSA algorithm, calculates a public key (e, n) of the signature party, wherein n is p q, phi (n) is (p-1) q-1, and randomly selects a large integer e to enable (e, phi (n))) to be 1; calculating a private key d so that ed ═ lmod (phi (n)); simultaneously publishing a secure singles hash algorithm
Figure FDA0003537449330000011
The second step is that: message to be signed by Alice
Figure FDA0003537449330000012
Selecting two random numbers
Figure FDA0003537449330000013
And
Figure FDA0003537449330000014
blinding to obtain a blinded message m1=r1 aeh, (m) and1=r1 aeh (m) is sent to Bob, and the hash value H (H) (m) modn of the message is calculated and disclosed, so that the public verification is facilitated;
the third step: bob receives message m1=r1 aeh (m) after, calculate t for the message1=m1 dmod n, get the blind signature δpves=t1And will bepves=t1Sending the data to Alice;
the fourth step: alice receives Bob's blind signature deltapves=t1Then, blind removal and calculation are carried out
Figure FDA0003537449330000015
Obtaining signatures after blindness removal
Figure FDA0003537449330000016
The fifth step: the random verifier Minter takes the triplet (S, H, e) as input and verifies whether the following equation holds:
Se=H
if yes, the signature verification is successful; otherwise, the signature verification fails; where e, H (m) modn are disclosed parameters,
Figure FDA0003537449330000017
is a generic signature.
CN201910669086.XA 2019-07-24 2019-07-24 Novel RSA blind signature method Active CN110535655B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910669086.XA CN110535655B (en) 2019-07-24 2019-07-24 Novel RSA blind signature method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910669086.XA CN110535655B (en) 2019-07-24 2019-07-24 Novel RSA blind signature method

Publications (2)

Publication Number Publication Date
CN110535655A CN110535655A (en) 2019-12-03
CN110535655B true CN110535655B (en) 2022-04-22

Family

ID=68661901

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910669086.XA Active CN110535655B (en) 2019-07-24 2019-07-24 Novel RSA blind signature method

Country Status (1)

Country Link
CN (1) CN110535655B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112202566B (en) * 2020-09-24 2023-07-25 杭州天谷信息科技有限公司 Method for guaranteeing privacy of blockchain electronic signature

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101378316A (en) * 2007-08-29 2009-03-04 索尼(中国)有限公司 Proxy blind signing system and method based on identification

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101378316A (en) * 2007-08-29 2009-03-04 索尼(中国)有限公司 Proxy blind signing system and method based on identification

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
《一种基于RSA密码体制的盲签名方案》;李萍等;《信息安全与通信保密》;20060910;正文第121-122页 *
《基于 RSA 密码体制的不可跟踪盲签名方案》;连铁艳等;《河南师范大学学报(自然科学版)》;20091115;正文第40-41页 *

Also Published As

Publication number Publication date
CN110535655A (en) 2019-12-03

Similar Documents

Publication Publication Date Title
CN107040383B (en) A kind of blind Verifiable Encryptosystem endorsement method based on block chain
US8180049B2 (en) Signature schemes using bilinear mappings
CN107911217B (en) Method and device for cooperatively generating signature based on ECDSA algorithm and data processing system
US20160352525A1 (en) Signature protocol
CN112532394B (en) Block chain anti-signature traceable certificateless blind signature generation method
CN112118111B (en) SM2 digital signature method suitable for threshold calculation
US20160149708A1 (en) Electronic signature system
CA2669472C (en) Compressed ecdsa signatures
CN112446052A (en) Aggregated signature method and system suitable for secret-related information system
CN113032844B (en) Signature method, signature verification method and signature verification device for elliptic curve
CN116346328A (en) Digital signature method, system, equipment and computer readable storage medium
CN110535655B (en) Novel RSA blind signature method
Tsai An improved cross-layer privacy-preserving authentication in WAVE-enabled VANETs
Chande et al. Cryptanalysis and improvement of a ECDLP based proxy blind signature scheme
Stallings Digital signature algorithms
CN112511314A (en) Recoverable message blind signature generation method based on identity
CN116566626A (en) Ring signature method and apparatus
Alam et al. A comparison between RSA and ElGamal based untraceable blind signature schemes
CN115174102A (en) Efficient batch verification method and system based on SM2 signature
TWI555370B (en) Digital signature method
CN115174056A (en) Chameleon signature generation method and device based on SM9 signature
CA2306468A1 (en) Signature verification for elgamal schemes
Zhang et al. An improved signature scheme without using one-way hash functions
Yang et al. Security analysis of a proxy blind signature scheme based on ECDLP
CN115174053B (en) Signature generation method and device for repudiation ring authentication based on SM9 algorithm

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20221124

Address after: 311100 Room 1005-32, 10th Floor, Building H, Haichuang Park, CEC Haikang Group Co., Ltd., No. 198, Aicheng Street, Wuchang Street, Yuhang District, Hangzhou City, Zhejiang Province

Patentee after: Hangzhou Houquantum Cryptography Technology Co.,Ltd.

Address before: 273165 Jingxuan West Road, Qufu City, Jining, Shandong Province, No. 57

Patentee before: QUFU NORMAL University

TR01 Transfer of patent right