CN110535655B - Novel RSA blind signature method - Google Patents
Novel RSA blind signature method Download PDFInfo
- Publication number
- CN110535655B CN110535655B CN201910669086.XA CN201910669086A CN110535655B CN 110535655 B CN110535655 B CN 110535655B CN 201910669086 A CN201910669086 A CN 201910669086A CN 110535655 B CN110535655 B CN 110535655B
- Authority
- CN
- China
- Prior art keywords
- signature
- bob
- message
- blind
- alice
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3249—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3257—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures
Abstract
The invention discloses a novel RSA blind signature method, which aims to protect sensitive private data in electronic contract signing in network transaction. The method is characterized in that an information owner Alice blindly signs the information needing to be signed, a signer Bob blindly signs the blinded information, Alice blindly signs the information blindly signed by Bob, and finally a random third-party verifier Minter completes final signature verification. The method has correctness and safety, realizes non-forgeability and blindness, and is suitable for privacy sensitive information protection in the electronic contract signing process.
Description
Technical Field
The invention belongs to the technical field of information security, and relates to a blind signature method based on an RSA algorithm.
Background
The digital signature can guarantee the integrity of data and is widely applied to the fields of military affairs, commerce, finance and the like. In some scenarios, signed messages need to satisfy both authenticity and anonymity. In the traditional digital signature, a signer can check the details of a message, and the traditional digital signature is not suitable for the fields of fair signing of electronic contracts and the like. The blind signature means that a signer cannot view details of a file needing to be signed and only performs a specific operation of signing so as to achieve the aim of signature validation.
Blind signatures need to retain not only the various features of digital signatures, but also to be blind and untraceable. Blindness means that the signer cannot see the content of the signed message; untraceable means that the signer cannot associate his own signature with the signed message and therefore cannot track the owner of the message. In order to make the existing signature protocols have the special properties of blind signatures, related scholars have designed some blind signature schemes. The blind signature protocol is advantageous, but at the same time there are some problems, such as: how to combine the blind signature and other signature modes tightly to improve the efficiency and the safety of the signature. The text combines the traditional RSA algorithm and the blind signature, and designs a new RSA blind signature method.
Disclosure of Invention
The invention aims to provide a novel RSA blind signature method, which comprises the steps of signature message blinding, blind signature, blinding removal, signature authentication and the like, and the specific process is as follows:
1) the signature party Bob participating in the blind signature selects the security parameters p and q according to the RSA algorithm, and calculates its public key (e, n), where n is p q and phi (n) is (p-1)(q-1) randomly choosing a large integer e such that (e, phi (n)) > 1. The private key d is calculated to satisfy ed 1mod (phi (n)). Simultaneously publishing a secure singles hash algorithm
2) Message to be signed by AliceSelecting two random numbersAndblinding to obtain a blinded message m1=r1 aeh, (m) and1=r1 aeh (m) is sent to Bob, and the hash value H (H) (m) modn of the message is calculated and disclosed, so that the public verification is facilitated;
3) bob receives message m1=r1 aeh (m), blindly signing the message to obtain t1=m1 dmod n, and d is1=m1 dmodn is sent to Alice;
4) alice receives the blind signature t of Bob1=m1 dmod n, then blind-removing and calculatingObtaining signatures after blindness removal
5) The random verifier Minter takes the triplet (S, H, e) as input to verify whether the following equation holds
Se=H
If yes, the signature verification is successful; otherwise the signature verification fails. Where e, H (m) modn are disclosed parameters,is a generic signature.
The invention has correctness and safety, realizes the unforgeability and the blindness, and achieves the following effects: after the blinding, the message to be signed is transparent to the signer, and the signer cannot know the specific content in the message and other users cannot know the details of the contract. Can be used for signing privacy preserving fair contracts.
Drawings
Fig. 1 details the blind signature flow of the new RSA blind signature algorithm.
Detailed Description
(1) The signature party Bob participating in the blind signature selects security parameters according to the RSA algorithm, calculates the public key (e, n) and the private key d of the signature party Bob, and simultaneously publishes a secure single hash algorithm
(1.1) Bob randomly selects two large prime numbers p and q, calculates n to p to q, and calculates Euler function value phi (n) to (p-1) to (q-1) of n;
(1.2) Bob randomly chooses a large integer e, so that (e, phi (n)) ═ 1;
(1.3) calculating the private key d according to the extended euclidean algorithm so that ed is equal to 1mod (phi (n)).
(2) Alice selects information to be signed to sign:
(2.2) Alice calculates m1=r1 aeh (m), blinding the information m and combining m1Sending the data to Bob;
(2.3) Alice calculates H ═ H (m) modn. Disclosure H, facilitating disclosure verification;
(3) bob blindly signs the information sent from Alice:
bob receives m1Then, t is calculated1=m1 dmodn,δpves=t1Is a blind signature;
(4) and (3) performing blind removal processing on the blind signature information by Alice:
alice receives delta from BobpvesPerforming blind-removing and calculatingObtaining a common signature S of Bob to the message m;
(5) and (3) carrying out signature authentication by the random verifier mint, and judging whether the signature is correct:
the random verifier Minter takes the triplet (S, H, e) as input to verify whether the following equation holds
Se=H
If yes, the signature verification is successful; otherwise the signature verification fails. Where e, H is a public parameter and S is a generic signature.
Claims (1)
1. A new RSA blind signature method comprises the following specific processes:
the first step is as follows: the signature party Bob participating in the blind signature selects security parameters p and q according to an RSA algorithm, calculates a public key (e, n) of the signature party, wherein n is p q, phi (n) is (p-1) q-1, and randomly selects a large integer e to enable (e, phi (n))) to be 1; calculating a private key d so that ed ═ lmod (phi (n)); simultaneously publishing a secure singles hash algorithm
The second step is that: message to be signed by AliceSelecting two random numbersAndblinding to obtain a blinded message m1=r1 aeh, (m) and1=r1 aeh (m) is sent to Bob, and the hash value H (H) (m) modn of the message is calculated and disclosed, so that the public verification is facilitated;
the third step: bob receives message m1=r1 aeh (m) after, calculate t for the message1=m1 dmod n, get the blind signature δpves=t1And will bepves=t1Sending the data to Alice;
the fourth step: alice receives Bob's blind signature deltapves=t1Then, blind removal and calculation are carried outObtaining signatures after blindness removal
The fifth step: the random verifier Minter takes the triplet (S, H, e) as input and verifies whether the following equation holds:
Se=H
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910669086.XA CN110535655B (en) | 2019-07-24 | 2019-07-24 | Novel RSA blind signature method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910669086.XA CN110535655B (en) | 2019-07-24 | 2019-07-24 | Novel RSA blind signature method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110535655A CN110535655A (en) | 2019-12-03 |
CN110535655B true CN110535655B (en) | 2022-04-22 |
Family
ID=68661901
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910669086.XA Active CN110535655B (en) | 2019-07-24 | 2019-07-24 | Novel RSA blind signature method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110535655B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112202566B (en) * | 2020-09-24 | 2023-07-25 | 杭州天谷信息科技有限公司 | Method for guaranteeing privacy of blockchain electronic signature |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101378316A (en) * | 2007-08-29 | 2009-03-04 | 索尼(中国)有限公司 | Proxy blind signing system and method based on identification |
-
2019
- 2019-07-24 CN CN201910669086.XA patent/CN110535655B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101378316A (en) * | 2007-08-29 | 2009-03-04 | 索尼(中国)有限公司 | Proxy blind signing system and method based on identification |
Non-Patent Citations (2)
Title |
---|
《一种基于RSA密码体制的盲签名方案》;李萍等;《信息安全与通信保密》;20060910;正文第121-122页 * |
《基于 RSA 密码体制的不可跟踪盲签名方案》;连铁艳等;《河南师范大学学报(自然科学版)》;20091115;正文第40-41页 * |
Also Published As
Publication number | Publication date |
---|---|
CN110535655A (en) | 2019-12-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107040383B (en) | A kind of blind Verifiable Encryptosystem endorsement method based on block chain | |
US8180049B2 (en) | Signature schemes using bilinear mappings | |
CN107911217B (en) | Method and device for cooperatively generating signature based on ECDSA algorithm and data processing system | |
US20160352525A1 (en) | Signature protocol | |
CN112532394B (en) | Block chain anti-signature traceable certificateless blind signature generation method | |
CN112118111B (en) | SM2 digital signature method suitable for threshold calculation | |
US20160149708A1 (en) | Electronic signature system | |
CA2669472C (en) | Compressed ecdsa signatures | |
CN112446052A (en) | Aggregated signature method and system suitable for secret-related information system | |
CN113032844B (en) | Signature method, signature verification method and signature verification device for elliptic curve | |
CN116346328A (en) | Digital signature method, system, equipment and computer readable storage medium | |
CN110535655B (en) | Novel RSA blind signature method | |
Tsai | An improved cross-layer privacy-preserving authentication in WAVE-enabled VANETs | |
Chande et al. | Cryptanalysis and improvement of a ECDLP based proxy blind signature scheme | |
Stallings | Digital signature algorithms | |
CN112511314A (en) | Recoverable message blind signature generation method based on identity | |
CN116566626A (en) | Ring signature method and apparatus | |
Alam et al. | A comparison between RSA and ElGamal based untraceable blind signature schemes | |
CN115174102A (en) | Efficient batch verification method and system based on SM2 signature | |
TWI555370B (en) | Digital signature method | |
CN115174056A (en) | Chameleon signature generation method and device based on SM9 signature | |
CA2306468A1 (en) | Signature verification for elgamal schemes | |
Zhang et al. | An improved signature scheme without using one-way hash functions | |
Yang et al. | Security analysis of a proxy blind signature scheme based on ECDLP | |
CN115174053B (en) | Signature generation method and device for repudiation ring authentication based on SM9 algorithm |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20221124 Address after: 311100 Room 1005-32, 10th Floor, Building H, Haichuang Park, CEC Haikang Group Co., Ltd., No. 198, Aicheng Street, Wuchang Street, Yuhang District, Hangzhou City, Zhejiang Province Patentee after: Hangzhou Houquantum Cryptography Technology Co.,Ltd. Address before: 273165 Jingxuan West Road, Qufu City, Jining, Shandong Province, No. 57 Patentee before: QUFU NORMAL University |
|
TR01 | Transfer of patent right |