CN111082944A - Pair-based combined hierarchical password mechanism - Google Patents

Pair-based combined hierarchical password mechanism Download PDF

Info

Publication number
CN111082944A
CN111082944A CN201911297974.XA CN201911297974A CN111082944A CN 111082944 A CN111082944 A CN 111082944A CN 201911297974 A CN201911297974 A CN 201911297974A CN 111082944 A CN111082944 A CN 111082944A
Authority
CN
China
Prior art keywords
pkg
node
private key
layer
level
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911297974.XA
Other languages
Chinese (zh)
Inventor
李彪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan Anfang Information Technology Co Ltd
Original Assignee
Hunan Anfang Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan Anfang Information Technology Co Ltd filed Critical Hunan Anfang Information Technology Co Ltd
Priority to CN201911297974.XA priority Critical patent/CN111082944A/en
Publication of CN111082944A publication Critical patent/CN111082944A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a pair-based combined hierarchical password mechanism, which comprises the following steps: s1: initializing a root PKG; s2: generating a private key; s3: signing; s4: and (6) checking the label. On the basis of an HIBC encryption mechanism, a combined public and private key idea is introduced, a data storage mode is improved, data transmission is reduced, the information transmission efficiency and the signature verification efficiency are improved, and meanwhile the robustness of a system is improved; the combined public key idea is introduced into the generation and verification of the public and private keys of the layer of the PKG, so that only the private key of the i +1 layer of nodes under a certain i layer of the PKG can be forged under the condition that the PKG is broken, the security of the nodes larger than the i +1 layer is not influenced, and the robustness of the system is greatly improved. A flat hierarchical identification password encryption and decryption and signature verification algorithm is designed, the problem that signatures or ciphertexts are too long due to interactive transmission of local public keys of a plurality of PKGs is solved, and support is provided for offline optimization of signature verification and cipher text decryption.

Description

Pair-based combined hierarchical password mechanism
Technical Field
The invention relates to the technical field of cryptography, in particular to a pair-based combined hierarchical cryptographic mechanism.
Technical Field
The identification-Based Cryptography (IBC) technology can directly use the relevant information of the user as a public key, cancel the certificate authentication of the public key and greatly facilitate the management and application of the asymmetric Cryptography. In a hierarchical HIBC (hierarchical IBC) algorithm system, each layer of PKG (private Key Generator) can distribute the tasks of Key generation and distribution to the lower layer of PKG layer by layer, thereby solving the problems of overweight load of the root PKG, limited scale expansion and the like in a private Key generation mechanism in the IBC scheme.
The existing HIBC scheme based on private key superposition has the following problems that (1) the robustness of a hierarchical private key is poor. In the existing HIDC system, each layer of PKG autonomously generates a public key and a private key of the PKG local layer, and the public key information has no third party authentication. Therefore, if an attacker breaks a certain PKG, the attacker can forge the local layer public and private keys of all the PKGs of the lower layer of the PKG, which means that the keys of all the lower layer nodes of the PKG can be forged by the attacker, and the robustness of the key system is poor. (2) The interaction efficiency of the public key of the hierarchical PKG is low. When the layer PKG generates a private key for a lower layer node, the private key of the layer PKG is generated, and the public key of the layer of the PKG is published. In a signature or encryption algorithm, public keys of all stages of PKGs from a user to a root PKG are used as signature or ciphertext information to be sent to an opposite end, so that the length of the signature or the ciphertext is increased, and the difficulty of offline optimization of signature verification and decryption operations is increased.
Disclosure of Invention
In order to solve the above problems, the present invention introduces a concept of combining public and private keys on the basis of an HIBC encryption mechanism, improves a data storage mode, reduces data transmission, improves information transmission and signature verification efficiency, and simultaneously improves system robustness, and specifically comprises the following steps:
s1: setup (System initialization), i.e. root PKG initialization
The system parameters G1, G2, G3,
Figure BDA0002321073980000021
P0,Q0h1, H3, and establishes a PKG private key matrix MpriAnd its corresponding PKG public key matrix MpubStoring a public and private key matrix of the PKG local layer;
s2: extraction (private key generation)
The PKG generates a private key for the lower-layer node ID (ID 1.., IDt); level k-1 PKG obtains combined private key s from root PKGk-1And through sk-1Generating a hierarchical identification key sent to a new Level k layer node by using the own hierarchical private key and the Hash value of the Level k layer node ID;
s3: signature
The signature node sends a plaintext M and a signature Sig obtained by calculation of the plaintext and a key of the node to a receiving node;
s4: verification label
The receiving node receives the received plaintext M and the signature Sig and obtains a public key matrix M of the signature through a Public Key Generator (PKG) from a signature root PKGpubPublic parameters of the signing party are calculated for checking the plaintext so as to confirm the identity of the signing node.
As a further improvement of the above technical solution:
the step S1 of initializing the PKGs includes the following steps:
a1: the root PKG first selects three particular elliptic curves (with the order being prime q) and forms a bilinear group G1, G2, G3 from the points on them, so that
Figure BDA0002321073980000031
G1xG2 → G3; then selecting a random base point P0E G1 and random number s0E.g. Z (where s0As master key for root PKG, while computing Q0=s0P0) Two suitable Hash functions H1, H3, H1: {0,1}*→G1,H3:{0,1}*→G2;
A2: determining the predicted node number t by the root PKG, and establishing a PKG private key matrix MpriTo generate t random numbers stE is Z; establishing corresponding Public Key Group (PKG) public key matrix M at the same timepubTo generate corresponding t Qt=stP0
A3: root PKG publishing system parameters
Figure BDA0002321073980000032
Figure BDA0002321073980000033
Private key s of secret stub PKG0PKG private key matrix Mpri
The step S2 private key generation includes the steps of:
b1: the Level k-1 layer PKG requests a root PKG to acquire a combined privacyKey sk-1E.g. Z, the root PKG generates H (ID1, …, IDt) values through other PKG node IDs (ID1, …, IDt), and selects elements at corresponding positions in the private key matrix by utilizing the Hash value to carry out combination to generate sk-1And sending the data to a Level k-1 layer PKG;
b2: the Level k-1 layer PKG calculates the P of the corresponding node of the Level k layerk=H1(ID1,...,IDk)∈G2;
B3: the Level k-1 PKG generates a Level identification key S which is sent to a new Level k nodek=Sk-1+sk-1Pk(k > 1) (wherein Sk-1Representing the Level k-1 layer corresponding to the hierarchical private key of PKG, sk-1Representing a PKG private key corresponding to a Level k-1 layer; s1=s0P1)。
The plaintext M is signed with an ID (ID 1.., IDt), and the signing node calculates PMH3(ID 1., IDt, M) ∈ G2(M is the signature content) and Sig (ID-tuple, M) ═ St+stPM(ii) a S istRandomly generated by a user node; wherein Sig (ID-tuple, M) is signature information; after signing, the signing node sends Sig (ID-tuple, M) to the receiving node.
The receiving node receives Sig (ID-tuple, M) from the signature node and passes through a public key matrix M of the PKGpubCalculating public parameter Q of signeri=siP0(i ═ 1.. t) to verify the following equation, if it holds, the identity of the signing node is confirmed:
Figure BDA0002321073980000041
otherwise, the identity of the signing node cannot be confirmed.
Compared with the prior art, the invention has the following advantages;
1. on the basis of an HIBC encryption mechanism, a combined public and private key idea is introduced, a data storage mode is improved, data transmission is reduced, the information transmission efficiency and the signature verification efficiency are improved, and meanwhile the robustness of a system is improved.
2. The invention constructs a novel combined hierarchical identification code C-HIDC algorithm (combinatorial hierarchical identity cryptography), which has the characteristics of short secret key, short signature, high signature verification speed of encryption and decryption, and the like, and has better system robustness. The combined public key idea is introduced into the generation and verification of the public and private keys of the layer of the PKG, so that only the private key of the i +1 layer of nodes under a certain i layer of the PKG can be forged under the condition that the PKG is broken, the security of the nodes larger than the i +1 layer is not influenced, and the robustness of the system is greatly improved. A flat hierarchical identification password encryption and decryption and signature verification algorithm is designed, the problem that signatures or ciphertexts are too long due to interactive transmission of local public keys of a plurality of PKGs is solved, and support is provided for offline optimization of signature verification and cipher text decryption.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a diagram of a combined hierarchical cryptographic mechanism of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be described in detail below. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the examples given herein without any inventive step, are within the scope of the present invention.
The following detailed description of the embodiments of the present invention will be made with reference to the accompanying drawings and domain names. As shown in fig. 1, the general flow of the present invention includes the following steps:
s1: and initializing a top-level domain name node.
A1. The top level domain name node (referred to as cn node in the figure) first selects three particular itemsAnd the points thereon form bilinear groups G1, G2, G3, such that
Figure BDA0002321073980000051
G1x G2 → G3. Then selecting a random base point P0E G1 and random number s0E.g. Z (where s0As master key of cn node, while calculating Q0=s0P0) Two suitable Hash functions H1, H3, H1: {0,1}*→G1,H3:{0,1}*→G2。
Determining the expected node number t by the cn node, and establishing a PKG private key matrix MpriTo generate t random numbers stE.g. Z. Establishing corresponding Public Key Group (PKG) public key matrix M at the same timepubTo generate corresponding t Qt=stP0
Cn node publishing system parameters
Figure BDA0002321073980000061
Figure BDA0002321073980000062
Secretly storing its own private key s0PKG private key matrix Mpri
S2: the method mainly comprises the following steps:
level k-1 level domain name node requests to top level domain name node for obtaining sk-1E.g. Z, the top level domain name node obtains s by inquiring a PKG private key matrixk-1And sending the domain name to a Level k-1 Level domain name node.
B2, calculating the Hash value of the domain name node corresponding to the Level k Level by the Level k-1 Level domain name node, for example: pk=H1(cn,…,nudt)∈G2。
Level k-1 Level domain name node generation sending to new Level k Level domain name node its Level key Sk=Sk-1+sk-1Pk(k > 1) (wherein Sk-1Representing the hierarchical private key, s, corresponding to the Level k-1 domain name nodek-1And representing that the Level k-1 Level domain name node corresponds to a private key. S1=s0P1);
S3: signing; the plaintext M is signed with an ID ═ (cn., www), and the signing node computes PMH3 (cn., www, M) ∈ G2(M is the signature content), and Sig (ID-tuple, M) ═ St+stPM(stRandomly generated by the signing node). Wherein Sig (ID-tuple, M) is the signature information. After signing, the signing node sends Sig (ID-tuple, M) to the receiving node.
S4: checking the label; the receiving node receives Sig (ID-tuple, M) from the signature node and passes through a PKG public key matrix M acquired from the top level domain name node of the signature partypubComputing public parameters of signers (if acquired, no repeated acquisitions) Qi=siP0(i ═ 1.. t) to verify the following equation. If the equation is true, the identity of the signing node is confirmed.
Figure BDA0002321073980000071
The encryption and decryption algorithm can be seen in the HIDE basic algorithm.
The foregoing is only a preferred embodiment of the present invention and is not intended to limit the invention in any way. Although the invention has been described with reference to preferred embodiments, it is not intended to be limited thereto. Those skilled in the art can make numerous possible variations and modifications to the present invention, or modify equivalent embodiments to equivalent variations, without departing from the scope of the invention, using the teachings disclosed above. Therefore, any simple modification, equivalent change and modification made to the above embodiments according to the technical spirit of the present invention should fall within the protection scope of the technical scheme of the present invention, unless the technical spirit of the present invention departs from the content of the technical scheme of the present invention.

Claims (5)

1. A pair-based combined hierarchical cryptographic mechanism, characterized by; the method comprises the following steps:
s1: root PKG initialization
Initialization of the system parameters G1, G2, G3, E, P0,Q0H1, H3, and establish PKG privacyKey matrix MpriAnd its corresponding PKG public key matrix MpubStoring a public and private key matrix of the PKG local layer;
s2: private key generation
The PKG generates a private key for the lower-layer node ID (ID 1.., IDt); level k-1 PKG obtains combined private key s from root PKGk-1And through sk-1Generating a hierarchical identification key sent to a new Level k layer node by using the own hierarchical private key and the Hash value of the Level k layer node ID;
s3: signature
The signature node sends a plaintext M and a signature Sig obtained by calculation of the plaintext and a key of the node to a receiving node;
s4: verification label
The receiving node receives the received plaintext M and the signature Sig and obtains a public key matrix M of the signature through a Public Key Generator (PKG) from a signature root PKGpubPublic parameters of the signing party are calculated for checking the plaintext so as to confirm the identity of the signing node.
2. The pair-based combined hierarchical cryptographic mechanism of claim 1, wherein; the step S1 of initializing the PKGs includes the following steps:
a1: the root PKG first selects three specific elliptic curves, the orders of which are all prime q, and from the points thereon constitutes a bilinear group G1, G2, G3, such that e: g1xG2 → G3; then selecting a random base point P0E G1 and random number s0E.g. Z, and two suitable Hash functions H1, H3; s is0As master key for root PKG, while computing Q0=s0P0Wherein H1: {0,1}*→G1,H3:{0,1}*→G2;
A2: determining the predicted node number t by the root PKG, and establishing a PKG private key matrix MpriTo generate t random numbers st ∈ Z; establishing corresponding Public Key Group (PKG) public key matrix M at the same timepubTo generate corresponding t Qt=stP0
A3: root PKG publishing system parameters
Figure FDA0002321073970000021
Figure FDA0002321073970000022
Private key s of secret stub PKG0PKG private key matrix Mpri
3. The pair-based combined hierarchical cryptographic mechanism of claim 1, wherein; the step S2 private key generation includes the steps of:
b1: the Level k-1 PKG requests a root PKG to acquire a combined private key sk-1E.g. Z, the root PKG generates H (ID1, …, IDt) values through other PKG node IDs (ID1, …, IDt), and selects elements at corresponding positions in the private key matrix by utilizing the Hash value to carry out combination to generate sk-1And sending the data to a Level k-1 layer PKG;
b2: the Level k-1 layer PKG calculates the P of the corresponding node of the Level k layerk=H1(ID1,...,IDk)∈G2;
B3: the Level k-1 PKG generates a Level identification key S which is sent to a new Level k nodek=Sk-1+sk-1Pk(k > 1), said Sk-1Representing the Level k-1 layer corresponding to the PKG hierarchical private key, sk-1Representing that Level k-1 layer corresponds to the PKG private key.
4. The pair-based combined hierarchical cryptographic mechanism of claim 1, wherein; the plaintext M is signed with an ID (ID 1.., IDt), and the signing node calculates PMH3(ID 1., IDt, M) ∈ G2 and Sig (ID-tuple, M) — St+stPM(ii) a S ist
Randomly generated by a user node; wherein Sig (ID-tuple, M) is signature information; after signing, the signing node sends Sig (ID-tuple, M) to the receiving node.
5. The pair-based combined hierarchical cryptographic mechanism of claim 4, wherein;
the receivingThe node receives Sig (ID-tuple, M) from the signature node and passes through a public key matrix M of the PKGpubCalculating public parameter Q of signeri=siP0(i ═ 1.. t) to verify the following equation, if it holds, the identity of the signing node is confirmed:
Figure FDA0002321073970000031
otherwise, the identity of the signing node cannot be confirmed.
CN201911297974.XA 2019-12-17 2019-12-17 Pair-based combined hierarchical password mechanism Pending CN111082944A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911297974.XA CN111082944A (en) 2019-12-17 2019-12-17 Pair-based combined hierarchical password mechanism

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911297974.XA CN111082944A (en) 2019-12-17 2019-12-17 Pair-based combined hierarchical password mechanism

Publications (1)

Publication Number Publication Date
CN111082944A true CN111082944A (en) 2020-04-28

Family

ID=70314895

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911297974.XA Pending CN111082944A (en) 2019-12-17 2019-12-17 Pair-based combined hierarchical password mechanism

Country Status (1)

Country Link
CN (1) CN111082944A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112929164A (en) * 2021-01-26 2021-06-08 湖南安方信息技术有限公司 Hierarchical identification cipher key generation method based on global hash

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112929164A (en) * 2021-01-26 2021-06-08 湖南安方信息技术有限公司 Hierarchical identification cipher key generation method based on global hash
CN112929164B (en) * 2021-01-26 2022-06-17 湖南安方信息技术有限公司 Hierarchical identification cipher key generation method based on global hash

Similar Documents

Publication Publication Date Title
CN109377360B (en) Block chain asset transaction transfer method based on weighted threshold signature algorithm
CN106961336B (en) A kind of key components trustship method and system based on SM2 algorithm
CN108989050B (en) Certificateless digital signature method
CN107634836B (en) SM2 digital signature generation method and system
JP6670395B2 (en) System and method for distribution of identity-based key material and certificate
CN104539423B (en) A kind of implementation method without CertPubKey cipher system of no Bilinear map computing
US8930704B2 (en) Digital signature method and system
CN107248909B (en) Certificateless secure signature method based on SM2 algorithm
CN108989053A (en) It is a kind of based on elliptic curve without CertPubKey cipher system implementation method
CN110830236B (en) Identity-based encryption method based on global hash
CN110120939B (en) Encryption method and system capable of repudiation authentication based on heterogeneous system
CN108989054B (en) Cipher system and digital signature method
CN111010272B (en) Identification private key generation and digital signature method, system and device
CN107968710B (en) SM9 digital signature separation interaction generation method and system
CN109951288B (en) Hierarchical signature method and system based on SM9 digital signature algorithm
CN104079412B (en) The threshold proxy signature method without credible PKG based on intelligent grid identity security
CN106936584B (en) Method for constructing certificateless public key cryptosystem
CN112152813B (en) Certificateless content extraction signcryption method supporting privacy protection
EP2792098A1 (en) Group encryption methods and devices
KR20030062401A (en) Apparatus and method for generating and verifying id-based blind signature by using bilinear parings
CN110896351A (en) Identity-based digital signature method based on global hash
CN111030821A (en) Alliance chain encryption method based on bilinear mapping technology
CN117528516A (en) Cross-chain identity management method and system
CN111082944A (en) Pair-based combined hierarchical password mechanism
CN104579661A (en) Identity-based electronic signature implementation method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20200428

WD01 Invention patent application deemed withdrawn after publication