CN110868299A - Novel collaborative digital signature method and device - Google Patents
Novel collaborative digital signature method and device Download PDFInfo
- Publication number
- CN110868299A CN110868299A CN201810979991.0A CN201810979991A CN110868299A CN 110868299 A CN110868299 A CN 110868299A CN 201810979991 A CN201810979991 A CN 201810979991A CN 110868299 A CN110868299 A CN 110868299A
- Authority
- CN
- China
- Prior art keywords
- collaborative
- digital signature
- signature
- novel
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
The invention provides a novel collaborative digital signature method and a novel collaborative digital signature device, which divide a terminal certificate private key into three parts according to a specific algorithm, save a private key component at an application or enterprise service side besides a personal intelligent terminal and a third party platform end, and participate in collaborative operation signature, wherein the three parts are all none. Therefore, the requirement that enterprises or applications independently control key operations of the digital signatures is improved, and safety concerns of the enterprises about independent control of the cloud applications of the enterprises in the cloud environment are relieved. The method has very important significance for enterprises to select third-party collaborative signing platform professional services or self-establish uniform collaborative signing private cloud. According to the actual application scene, the method can be expanded to more than three parties.
Description
Technical Field
The invention provides a novel collaborative digital signature method and a novel collaborative digital signature device. The requirement of enterprise users on digital signatures in an internet environment is met in a safer and more convenient mode.
Background
In recent years, by introducing an intelligent mobile phone and a private key division algorithm, the security problem of a terminal digital certificate private key is better solved on the premise of not depending on a security terminal medium of a USBKEY class. The core of the idea is to introduce the server operation as an indispensable part into the private key operation of the terminal user, that is, on the key function of the private key operation, the security level of the common user terminal is raised to the security level of the server, and the available protection means for the server is much richer and more effective than that of the common terminal user, and particularly when the server is positioned as a third-party internet platform, the matched security system is more perfect and stronger.
In practical applications, a user often becomes a certificate user because of a certain application or a certain unit, and the application or the unit often chooses to purchase the third-party platform collaborative signature service in a unified manner from the viewpoints of security, convenience and professionality, but the private key operation related to key operations needs to be controlled autonomously. This requires that, in addition to the end user and the third party platform, an application or enterprise role be introduced during the private key calculation process.
The invention provides a novel collaborative digital signature method and a device thereof, which divide a terminal certificate private key into three parts according to a specific algorithm, save a private key component at an application or enterprise service end besides two sides of a personal intelligent terminal and a third party platform end, and participate in collaborative operation signature, wherein the three parts are all absent, thus ensuring that the application or unit has completely autonomous controllability on key operation of key interests of the enterprise or application, and having vital significance for the enterprise or application to select the professional service of the third party collaborative signature platform. According to the actual application scene, the method can be expanded to more than three parties.
The invention aims to provide a novel collaborative digital signature method and a novel collaborative digital signature device, which ensure that interested parties such as an application (or a unit) and an individual and the like can all have the capability of ensuring that the interested parties can completely and independently control private key signature operation when selecting professional services of a third-party collaborative signature platform.
Disclosure of Invention
The invention provides a novel collaborative digital signature method and a novel collaborative digital signature device. The key idea is that the terminal certificate private key is divided into three parts according to a specific algorithm, except for a personal intelligent terminal and a third party platform end, a private key component is also stored at an application or enterprise server end and participates in cooperative operation signature, and the three parts are all absent.
1. The invention relates to a novel collaborative digital signature method. Firstly, the three parties collaboratively generate the private key component (or a variant thereof) of the party at the local equipment respectively according to an agreed algorithm, or generate each component in a centralized manner, and then distribute the components to the corresponding party through a secure path (on-line or off-line); then, when the digital signature is needed to be coordinated, relevant parties independently complete corresponding private key signature operation locally according to a convention algorithm, and a final signature result is synthesized at the convention and returned to the signature requesting party, wherein the three are absent; a strong matched security access control design is needed among all parties of the collaborative digital signature, and the situation that one party is maliciously counterfeited to call the collaborative digital signature is prevented.
2. The invention relates to a novel device for cooperating digital signature. The device consists of a user intelligent terminal collaborative signature module, an application side collaborative signature module and a platform side collaborative signature module which are respectively responsible for the local private key collaborative operation and the security access control function of the local private key of the user and cooperatively complete the digital signature of the terminal user, and the three are not all in the same place.
3. The invention relates to a novel collaborative digital signature method and a novel collaborative digital signature device. And the method is irrelevant to specific implementation technologies such as a specific key partitioning algorithm, a security access control means and the like.
4. The invention relates to a novel collaborative digital signature method and a novel collaborative digital signature device. The system can be expanded to any multiple parties according to the actual application requirements, and is not limited to three parties.
Finally, the present invention relates to a novel design concept and method that is not limited by the specific implementation technique, device form, and deployment.
Has the advantages that: the invention aims to provide a novel collaborative digital signature method and a novel collaborative digital signature device, which are used for removing the security concern of enterprises about autonomous and controllable enterprise cloud application in a cloud environment by introducing the role of application or unit in the whole collaborative signature process. The method has very important significance for enterprises to select third-party collaborative signing platform professional services or self-establish uniform collaborative signing private cloud.
Drawings
Fig. 1 illustrates a schematic diagram of the system architecture and basic operating principle. The device is not only realized, and as shown in the figure, the device consists of an intelligent terminal collaborative signature module, an enterprise (or application) end collaborative signature module and a platform end collaborative signature module. The basic working principle is described as follows: 1. the method comprises the following steps that three parties collaboratively generate local private key components (or variants thereof) at local equipment respectively according to an agreed algorithm, or generate the components in a centralized manner at one place, and then distribute the components to corresponding parties through a secure path (online or offline); 2. when the digital signature is needed to be coordinated, all parties independently and collaboratively complete corresponding private key signature operation locally according to a convention algorithm, synthesize a final signature result at the convention position and return the final signature result to a signature requesting party, wherein the three are absent; a strong matched security access control design is needed among all parties of the collaborative digital signature, and the situation that one party is maliciously counterfeited to call the collaborative digital signature is prevented. The specific key partitioning algorithm and the security access control technical means are not limited.
Claims (6)
1. The invention provides a novel collaborative digital signature method and a novel collaborative digital signature device, which are characterized in that: according to a specific algorithm, the private key of the terminal certificate is divided into three parts, except for the personal intelligent terminal and the third-party platform end, a private key component is also stored at an application or enterprise server end and participates in collaborative operation signature, and the three parts are all unavailable.
2. The present invention provides a novel method of collaborative digital signature, as recited in claim 1, characterized in that: firstly, the three parties collaboratively generate the private key component (or a variant thereof) of the party at the local equipment respectively according to an agreed algorithm, or generate each component in a centralized manner, and then distribute the components to the corresponding party through a secure path (on-line or off-line); then, when the digital signature is needed to be coordinated, relevant parties independently complete corresponding private key signature operation locally according to a convention algorithm, and a final signature result is synthesized at the convention and returned to the signature requesting party, wherein the three are absent; a strong matched security access control design is needed among all parties of the collaborative digital signature, and the situation that one party is maliciously counterfeited to call the collaborative digital signature is prevented.
3. The present invention provides a novel apparatus for collaborative digital signature, as recited in claim 1, characterized in that: the device consists of a user intelligent terminal collaborative signature module, an application side collaborative signature module and a platform side collaborative signature module which are respectively responsible for the local private key collaborative operation and the security access control function of the local private key of the user and cooperatively complete the digital signature of the terminal user, and the three are not all in the same place.
4. The present invention provides a novel method and apparatus for collaborative digital signature, as recited in claim 1, characterized in that: the present invention is not related to specific implementation techniques such as specific split key algorithm, security access control means, etc., and all that is consistent with the spirit of the present invention is within the scope of the claims.
5. The present invention provides a novel method and apparatus for collaborative digital signature, as recited in claim 1, characterized in that: the method can be extended to any multiple parties according to the practical application requirements, is not limited to three parties, and belongs to the protection scope of the claims as long as the spirit of the invention is met.
6. The present invention provides a novel design concept and method, as recited in claim 1, characterized in that: the invention is not limited by the specific implementation technology, the equipment shape and the arrangement mode, and the protection scope of the claims is only accorded with the spirit of the invention.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810979991.0A CN110868299A (en) | 2018-08-27 | 2018-08-27 | Novel collaborative digital signature method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810979991.0A CN110868299A (en) | 2018-08-27 | 2018-08-27 | Novel collaborative digital signature method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110868299A true CN110868299A (en) | 2020-03-06 |
Family
ID=69650814
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810979991.0A Withdrawn CN110868299A (en) | 2018-08-27 | 2018-08-27 | Novel collaborative digital signature method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110868299A (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106961336A (en) * | 2017-04-18 | 2017-07-18 | 北京百旺信安科技有限公司 | A kind of key components trustship method and system based on SM2 algorithms |
| CN107248909A (en) * | 2017-03-16 | 2017-10-13 | 北京百旺信安科技有限公司 | It is a kind of based on SM2 algorithms without Credential-Security endorsement method |
-
2018
- 2018-08-27 CN CN201810979991.0A patent/CN110868299A/en not_active Withdrawn
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107248909A (en) * | 2017-03-16 | 2017-10-13 | 北京百旺信安科技有限公司 | It is a kind of based on SM2 algorithms without Credential-Security endorsement method |
| CN106961336A (en) * | 2017-04-18 | 2017-07-18 | 北京百旺信安科技有限公司 | A kind of key components trustship method and system based on SM2 algorithms |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10778656B2 (en) | Sharing resources across multiple devices in online meetings | |
| Singer et al. | Design and comparison of command shaping methods for controlling residual vibration | |
| EP2382746B1 (en) | Conversation rights management | |
| Nicanfar et al. | Multilayer consensus ECC-based password authenticated key-exchange (MCEPAK) protocol for smart grid system | |
| CN106993151A (en) | A kind of Videoconference Management System and method | |
| CN108346110B (en) | Information interaction system based on manufacturing block chain | |
| US20080104708A1 (en) | Comprehensive security architecture for dynamic, web service based virtual organizations | |
| CN104901815B (en) | A kind of group technology of user terminal, Conference server, conference system | |
| CN113014847B (en) | Method and system for realizing audio and video communication based on hybrid cloud architecture | |
| CN114154194A (en) | Information sharing method, device and system | |
| Gorog et al. | Solving global cybersecurity problems by connecting trust using blockchain | |
| CN115577376A (en) | Secure sharing utilization method of multi-party combined data | |
| CN112100145B (en) | Digital model sharing learning system and method | |
| CN110868299A (en) | Novel collaborative digital signature method and device | |
| Chain et al. | Enhancement authentication protocol using zero‐knowledge proofs and chaotic maps | |
| CN115913656A (en) | Bank cross-border data platform, task processing method and deployment method | |
| CN111614456B (en) | Multi-party collaborative encryption method for SM4 algorithm | |
| CN115086352A (en) | Block chain event processing method and related device, platform and storage medium | |
| CN103841221A (en) | Strategy execution method, system and equipment, and control equipment | |
| CN107409127A (en) | For the License Management of the contact person with multiple identity | |
| Wu et al. | Trusted fog computing for privacy smart contract blockchain | |
| CN103929347B (en) | A kind of method for realizing instant message agent service, apparatus and system | |
| CN101646132A (en) | Method for actively delaying joining group calling of terminal group by terminal group | |
| CN109918938A (en) | A kind of storage, querying method and the device of cloud computing platform user data | |
| CN117195310B (en) | Heterogeneous platform, method, equipment and storage medium based on privacy calculation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20200306 |