CN111262844A - Privacy protection method based on cryptographic technology - Google Patents

Privacy protection method based on cryptographic technology Download PDF

Info

Publication number
CN111262844A
CN111262844A CN202010028464.9A CN202010028464A CN111262844A CN 111262844 A CN111262844 A CN 111262844A CN 202010028464 A CN202010028464 A CN 202010028464A CN 111262844 A CN111262844 A CN 111262844A
Authority
CN
China
Prior art keywords
signature
group
user
identity
privacy protection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202010028464.9A
Other languages
Chinese (zh)
Inventor
罗水芳
邵州华
楼未吉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Sebe Intellectual Property Service Co ltd
Original Assignee
Hangzhou Sebe Intellectual Property Service Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Sebe Intellectual Property Service Co ltd filed Critical Hangzhou Sebe Intellectual Property Service Co ltd
Priority to CN202010028464.9A priority Critical patent/CN111262844A/en
Publication of CN111262844A publication Critical patent/CN111262844A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3255Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a privacy protection method based on a cryptographic technology.A user sends a real identity ID to a registration center through a secret channel, and the registration center authenticates the identity of the user; user receives QIDThen, Q is addedIDSending the information to a key issuing center, and verifying the identity of the user by the key issuing center; the generation of the group signature is completed by the group members and the intermediate mechanism together, and the group members sign the message by using the signature private key and then send the message to the intermediate mechanism for secondary signature, so that the complete group signature is obtained; the signature receiver gets the group signature and can verify the validity of the signature by verifying whether the equation holds. If the equation is established, the signature is proved to be valid; otherwise, the signature is invalid; once disputes occur, the registry and intermediary may collaborate to open the signature and verify the true identity of the signer. The method meets all safety requirements of the group signature scheme and can effectively inherit the originalThe method has the advantages of an identity-based signature scheme, is suitable for large-scale and dynamically-changing groups, can be applied to an anonymous access control scheme, and can solve the privacy protection and performance problems of a block chain to a certain extent.

Description

Privacy protection method based on cryptographic technology
Technical Field
The invention belongs to the technical field of privacy protection passwords of a block chain, and particularly relates to a privacy protection method based on a password technology.
Background
The blockchain is an unprecedented revolution, is called a second generation internet, and can subvert the existing internet ecology. The security and privacy preserving properties of blockchains are important factors driving blockchain development. But the blockchain is not unconditionally secure and privacy issues in the blockchain are not fully protected. In recent years, security problems such as leakage of block chain privacy have been frequent. In 2016, 6 months and 17 days, a hacker steals more than 1.5 hundred million dollars of distributed autonomous organization in The Dao
Figure BDA0002363342010000011
The ethernet currency of (a), resulting in item failure; 7, 19 months and later in 2017, the security holes of the Etheng multiple signature wallet Parity1.5 and above versions appear, and 15 ten thousand Etheng ETH are stolen; 12.18.2017, a Korea hacker attacks the encrypted money exchange in Korea, resulting in the theft of encrypted money worth 76 billion won (about 699 ten thousand dollars) at that time and the leakage of a large amount of user privacy information. Privacy protection and data transparency of blockchains inherently have a certain conflict. All transaction data in a typical public chain is publicly transparent to all access nodes, and the simplest form of privacy protection is pseudo-anonymity, i.e. the account address in the system is not linked to the real address of the user. However, under the simple pseudo-anonymity mechanism, the privacy information of the user can be easily obtained from the public and transparent transaction records through big data analysis, cluster analysis and a certain network attack means.
Privacy protection and security research of blockchains is concerned by organizations and researchers in various countries. On 19/9.2017, the american academy of consultations passed a national defense act of $ 7000 million, requiring "a potential offensive and defensive network application for blockchain technology and other distributed database technologies, and a research report evaluation by foreign forces, extreme organizations, and criminal networks using these technologies", mainly developing research on privacy protection and security of blockchains, which involve various cryptographic technologies.
The big data brings many benefits to our lives, and meanwhile, there are many defects in the development process of the big data. First, the utilization rate of data is low, and a large amount of data is in an idle state, occupying a large amount of storage space. Secondly, the security and privacy protection of big data have many defects, the application of the big data reveals a large amount of personal privacy information and brings other security problems, and the revealed data can be used by illegal persons for illegal acts. Meanwhile, the transmission efficiency and the transmission accuracy of the big data have numerous problems, and the block chain is considered as an ideal scheme for solving the problems faced by the big data.
Disclosure of Invention
The application aims to provide a privacy protection method based on a cryptographic technology, which can solve the privacy protection and performance problems of a block chain to a certain extent.
The embodiment of the application provides a privacy protection method based on a cryptographic technology, which comprises the following steps:
s1: the user sends the real identity ID to a registration center through a secret channel, and the registration center authenticates the identity of the user;
s2: user receives QIDThen, Q is addedIDSending the information to a key issuing center, and verifying the identity of the user by the key issuing center;
s3: the generation of the group signature is completed by the group members and the intermediate mechanism together, and the group members sign the message by using the signature private key and then send the message to the intermediate mechanism for secondary signature, so that the complete group signature is obtained;
s4: the signature receiver gets the group signature and can verify the validity of the signature by verifying whether the equation holds. If the equation is established, the signature is proved to be valid; otherwise, the signature is invalid;
s5: once disputes occur, the registry and intermediary may collaborate to open the signature and verify the true identity of the signer.
Preferably, the registration center is registered in the step S1Randomly selecting an integer r and calculating QID=H1(ID | | r), mixing QIDThe information is sent to the user and the key issuing center, and records (ID, r, QID) are generated for the user and added into the member table, so that the management is convenient. When the user registers as a group member, the registration center selects the random number r to hide the real identity information of the user, and even if the key issuing center of a private key used for generating a signature for the group member does not know the real identity of the user. Moreover, given a valid group signature for a message, it is computationally infeasible for anyone else to determine the identity of the signer, as only the intermediary and the registry are joined to open the signature to obtain the true identity of the signer.
Preferably, after the user identity authentication is passed, the key issuing center randomly selects an integer t epsilon Zn *Calculating ZID=tnQIDmod n2And calculating to obtain (x, y), and generating the key (x, y)1) Sending the private key to the user as a group signature, wherein the user becomes a legal member in the group; and (t, Z)ID) And sending the data to an intermediate agency for storage and use.
Preferably, x, y1The calculation formula of (a) is as follows:
Figure BDA0002363342010000031
Figure BDA0002363342010000032
preferably, given a message m, the system chooses two random numbers a ∈ Z for the group membersn、b∈Zn *Calculating R ═ ga·bnmod n2And C ═ H2(m, R) private key (x, y) using group signature1) Generating(s)1,s2) The following were used: s1=a-cxmodn、
Figure BDA0002363342010000033
Preferably, the group members will QIDAnd a group signature of (R, c, s)1,s2) Send to intermediary and request signature assistance, intermediaryThe organization interacts with the registry to verify whether the member's signing authority has been revoked. Each generated group signature has Z containing user identity IDIDThus the scheme itself does not provide for non-associativity. But if different random numbers r or t are used for each signature, the effect of non-associativity can be achieved.
Preferably, the intermediary will sign the resulting group (R, c, Z)ID,s1,s3) To the signature recipient. The registration center stores the real identity of the user, the private key used in the group signature generation is generated according to the identity information of each member, and the intermediate mechanism also can be used according to QIDA secondary signature is generated for the user requesting the signature, so that the registry and intermediary act in combination to readily identify the identity of the actual signer given a particular group signature.
Preferably, the equation in step S4 is as follows:
Figure BDA0002363342010000041
preferably, the intermediary first verifies s3=s2·t-cWhether mod n is true or not, if true, calculating,
Figure BDA0002363342010000042
and verifies H and Q saved during signatureIDAnd if so, sending the H to the registration center. The registry and the key issuer are independent of each other and the intermediary is trusted, so that the intermediary and the registry cannot obtain the private key of the key generator. However, each user does not know the random value for generating the signature private key, and only knows the value of a part of the private key corresponding to the own identity, so that even if a plurality of users carry out collusion attack, the master secret of the key issuing center cannot be calculated.
Preferably, the trusted authority PKG executes an algorithm, inputs the security parameter k, obtains two large prime numbers p and q, and calculates n ═ pq, λ ═ lcm (p-1, q-1). In addition, parameters are selected
Figure BDA0002363342010000043
And satisfy
Figure BDA0002363342010000044
Selecting a hash function H1
Preferably, the registry looks up in the membership table whether there is a correspondence (ID)1,r1) So that H is1(ID1||r1) H returns the identity ID of the signer, if present. Because each group member only knows the partial private key owned by the group member, does not know the private keys owned by other group members, and does not know the partial private keys owned by the intermediate mechanism, the signature process can not be finished by falsely using the identities of other group members. In addition, because the registration center and the key issuing center are mutually independent in the scheme, and the registration center only knows the real identity ID of the user and the hidden identity identification information Q thereofIDNo key for group signatures is available; although the key issuing center has a signature key capable of forging a signature, the key issuing center does not know the true identity of the user, and a trusted intermediary stores Q when performing secondary signatureIDNeither the registry nor the key issuer is therefore able to forge signatures. In addition, the registry and the intermediary can jointly open the signature and verify the true identity of the signer. In the case where the registry and key issuer do not collude with each other and the intermediary is trusted, the authenticity of the signer's identity can be effectively verified and anyone (including the registry, key issuer, and intermediary) cannot forge the signature.
According to the privacy protection method based on the cryptographic technology, the role of a group administrator is divided into two parts, namely a registration center and a key issuing center according to the principle of authority division, and the registration center and the key issuing center are assumed to be mutually independent and cannot be mutually hooked. The registration center is only responsible for the registration of the user, and the real identity of the user is hidden by selecting the random number. According to the information containing the user identity returned by the registration center, the key issuing center firstly carries out certain processing on the information and then generates a private key of a group signature for the user, and the processing carried out by the key issuing center is to divide the key into two parts and send the two parts to group members and a credible intermediate institution for storage and use in a secret way. Thus, the generation of a complete group signature needs to be done by both the signer and the intermediary, which prevents the key issuer from falsifying the signature with the identity of the group members, and the intermediary can effectively revoke the signing authority of the intended user during the signing process. The method meets all safety requirements of the group signature scheme, can effectively inherit the advantages of the original identity-based signature scheme, is suitable for large-scale and dynamically-changing groups, can be applied to an anonymous access control scheme, and can solve the problems of privacy protection and performance of a block chain to a certain extent.
Drawings
The accompanying drawings are included to provide a further understanding of the embodiments and are incorporated in and constitute a part of this specification. The drawings illustrate embodiments and together with the description serve to explain the principles of the invention. Other embodiments and many of the intended advantages of embodiments will be readily appreciated as they become better understood by reference to the following detailed description. The elements of the drawings are not necessarily to scale relative to each other. Like reference numerals designate corresponding similar parts.
Fig. 1 is a flowchart of a privacy protection method based on a cryptographic technique according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention will be described in detail with reference to fig. 1, and the method for privacy protection based on the cryptographic technology includes system creation, member joining, signature generation, signature verification and opening.
In some embodiments, the user sends the real identity ID to the registry through a secret channel, and the registry authenticates the identity of the user. The registration center randomly selects an integer r and calculates QID=H1(ID | | r), mixing QIDThe information is sent to the user and the key issuing center, and records (ID, r, QID) are generated for the user and added into the member table, so that the management is convenient. When the user registers as a group member, the registration center selects the random number r to hide the real identity information of the user, and even if the key issuing center of a private key used for generating a signature for the group member does not know the real identity of the user. Moreover, given a valid group signature for a message, it is computationally infeasible for anyone else to determine the identity of the signer, as only the intermediary and the registry are joined to open the signature to obtain the true identity of the signer.
In some embodiments, the user receives QIDThen, Q is addedIDAnd sending the information to a key issuing center, and verifying the identity of the user by the key issuing center. After the user identity authentication is passed, the key issuing center randomly selects an integer t epsilon Zn *Calculating ZID=tnQIDmod n2And calculating to obtain (x, y), and generating the key (x, y)1) Sending the private key to the user as a group signature, wherein the user becomes a legal member in the group; and (t, Z)ID) And sending the data to an intermediate agency for storage and use. x, y1The calculation formula of (a) is as follows:
Figure BDA0002363342010000061
Figure BDA0002363342010000062
in some embodiments, the generation of the group signature is performed by the group members and the intermediary, and the group members sign the message with the private signature key and send the message to the intermediary for secondary signature, so that the complete group signature is obtained. Given a message m, the group members select two random numbers a E Zn、b∈Zn *Calculating R ═ ga·bnmod n2And C ═ H2(m, R) private key (x, y) using group signature1) Generating(s)1,s2) The following were used: s1=a-cxmodn、
Figure BDA0002363342010000071
In some embodiments, the group members will QIDAnd a group signature of (R, c, s)1,s2) Sending the information to the intermediary organization and requesting signature help, and the intermediary organization and the registry perform interactive verification to verify whether the signature authority of the member is revoked. I.e. the intermediate mechanism will QIDSending the information to a registration center, wherein if the registration center can not find corresponding information in the stored member table, the verification is not passed, and the intermediary organization can refuse to carry out secondary signature on the information; if the verification passes, the intermediary looks up the corresponding (t, Z) in the tableID) And verifying ZID=tnQIDmodn2If yes, the intermediate agency signs twice by using the secret key t to obtain s3The following were used: s3=s2·t-cmod n. The intermediary will obtain a group signature (R, c, Z)ID,s1,s3) To the signature recipient. Each generated group signature has Z containing user identity IDIDThus the scheme itself does not provide for non-associativity. But if different random numbers r or t are used for each signature, the effect of non-associativity can be achieved.
In some embodiments, the signature recipient obtains a group signature, and the validity of the signature can be verified by verifying whether the equation holds. If the equation is established, the signature is proved to be valid; otherwise, the signature is invalid. The equation is as follows:
Figure BDA0002363342010000072
the registration center stores the real identity of the user, the private key used in the group signature generation is generated according to the identity information of each member, and the intermediate mechanism also can be used according to QIDA secondary signature is generated for the user requesting the signature, and therefore,given a particular group signature, the registry and intermediary act in concert to readily identify the identity of the actual signer.
In some embodiments, the registry and intermediary may collaborate to open the signature and verify the true identity of the signer once the dispute occurs. The intermediate agency verifies s first3=s2·t-cWhether mod n is true or not, if true, calculating,
Figure BDA0002363342010000073
and verifies H and Q saved during signatureIDAnd if so, sending the H to the registration center. The registry looks up in the member table whether there is a corresponding (ID)1,r1) So that H is1(ID1||r1) H returns the identity ID of the signer, if present. Because each group member only knows the partial private key owned by the group member, does not know the private keys owned by other group members, and does not know the partial private keys owned by the intermediate mechanism, the signature process can not be finished by falsely using the identities of other group members. In addition, because the registration center and the key issuing center are mutually independent in the scheme, and the registration center only knows the real identity ID of the user and the hidden identity identification information Q thereofIDNo key for group signatures is available; although the key issuing center has a signature key capable of forging a signature, the key issuing center does not know the true identity of the user, and a trusted intermediary stores Q when performing secondary signatureIDNeither the registry nor the key issuer is therefore able to forge signatures. In addition, the registry and the intermediary can jointly open the signature and verify the true identity of the signer. In the case where the registry and key issuer do not collude with each other and the intermediary is trusted, the authenticity of the signer's identity can be effectively verified and anyone (including the registry, key issuer, and intermediary) cannot forge the signature.
In some embodiments, the trusted authority PKG executes an algorithm, inputs the security parameter k, obtains two large prime numbers p and q, and calculates n ═ pq, λ ═ lcm (p)-1, q-1). In addition, parameters are selected
Figure BDA0002363342010000081
And satisfy
Figure BDA0002363342010000082
Selecting a hash function H1
According to the privacy protection method based on the cryptographic technology, the private key for generating the group signature is divided into two parts, and the two parts are stored and used by a user and a trusted intermediary organization, so that the complete group signature is completed by the group members and the intermediary organization together, and the key issuing center can be effectively prevented from falsifying the signature by using the identities of the group members. In addition, by introducing a trusted intermediary, the signature right of a specified user can be effectively revoked in the signature process. And the original message is processed by the hash function in the user signature stage, and the intermediate mechanism cannot acquire the specific content of the original message in the secondary signature process, so that the confidentiality of the message is ensured. The method meets all safety requirements of the group signature scheme, can effectively inherit the advantages of the original identity-based signature scheme, is suitable for large-scale and dynamically-changing groups, can be applied to an anonymous access control scheme, and can solve the problems of privacy protection and performance of a block chain to a certain extent.
While the principles of the invention have been described in detail in connection with the preferred embodiments thereof, it will be understood by those skilled in the art that the foregoing embodiments are merely illustrative of exemplary implementations of the invention and are not limiting of the scope of the invention. The details of the embodiments are not to be interpreted as limiting the scope of the invention, and any obvious changes, such as equivalent alterations, simple substitutions and the like, based on the technical solution of the invention, can be interpreted without departing from the spirit and scope of the invention.

Claims (10)

1. A privacy protection method based on cryptographic technology, the method comprising:
s1: a user sends a real identity ID to a registration center through a secret channel, and the registration center authenticates the identity of the user;
s2: the user receives the QIDThen, the Q is addedIDSending the information to a key issuing center, wherein the key issuing center verifies the identity of the user before;
s3: the generation of the group signature is completed by the group members and the intermediate mechanism together, and the group members sign the message by using the signature private key and then send the message to the intermediate mechanism for secondary signature, so that the complete group signature is obtained;
s4: the signature receiver obtains the group signature, the validity of the signature can be verified by verifying whether an equation is established, if the equation is established, the signature is proved to be valid, otherwise, the signature is invalid;
s5: once disputes occur, the signature can be opened and the true identity of the signer verified by the registry and the intermediary in cooperation.
2. The privacy protection method based on the cryptographic technique as claimed in claim 1, wherein the registry randomly selects an integer r and calculates Q in step S1ID=H1(ID | | r), converting said QIDTo the user and to the key issuing centre and to generate a record (ID, r, Q) for the userID) Add to the membership table.
3. The privacy protection method based on the cryptographic technology as claimed in claim 1, wherein the key issuing center randomly selects an integer te Z after the user identity authentication is passedn *Calculating ZID=tnQIDmod n2And calculating to obtain (x, y), and generating the key (x, y)1) Sending the group signature to the user as a private key of the group signature, wherein the user becomes a legal member in the group; and (t, Z)ID) And sending the data to the intermediate institution for storage and use.
4. According to the rightThe privacy preserving method based on cryptographic technique as claimed in claim 3, wherein x, y1The calculation formula of (a) is as follows:
Figure FDA0002363337000000011
Figure FDA0002363337000000021
Figure FDA0002363337000000022
5. privacy protection method based on cryptography according to claim 1, characterized in that the system, given a message m, chooses two random numbers a e Z for the group membersn、b∈Zn *Calculating R ═ ga·bnmodn2And C ═ H2(m, R) private key (x, y) signed with said group1) Generating(s)1,s2) Is s is1=a-cxmodn
Figure FDA0002363337000000023
6. The privacy protection method of claim 5, wherein the group member associates the Q with the group memberIDAnd the group signature is (R, c, s)1,s2) Sending the information to the intermediary organization and requesting signature help, and the intermediary organization and the registry interactively verifying whether the signature authority of the member is revoked.
7. Method for privacy protection based on cryptographic techniques, according to claim 5, characterized in that said intermediary organisation signs the obtained group signature (R, c, Z)ID,s1,s3) And sending the signature to the signature receiver.
8. The privacy protection method based on the cryptographic technique as claimed in claim 1, wherein the equation in the step S4 is:
Figure FDA0002363337000000024
9. the privacy protection method based on the cryptographic technique as claimed in claim 5, wherein the intermediary first verifies s3=s2·t-cWhether modn is true or not, if yes, calculating,
Figure FDA0002363337000000025
and verifying said H and said Q saved in the signature processIDIf yes, H is sent to the registry, and the registry searches whether corresponding (ID) exists in the member table1,r1) So that H is1(ID1||r1) H returns the identity ID of the signer, if present.
10. The privacy protection method based on cryptography according to claim 1, wherein the trusted authority PKG executes an algorithm, inputs the security parameter k, obtains two large prime numbers p and q, and calculates n ═ pq, λ ═ lcm (p-1, q-1). In addition, parameters are selected
Figure FDA0002363337000000026
And satisfy
Figure FDA0002363337000000027
Selecting a hash function H1
CN202010028464.9A 2020-01-11 2020-01-11 Privacy protection method based on cryptographic technology Withdrawn CN111262844A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010028464.9A CN111262844A (en) 2020-01-11 2020-01-11 Privacy protection method based on cryptographic technology

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010028464.9A CN111262844A (en) 2020-01-11 2020-01-11 Privacy protection method based on cryptographic technology

Publications (1)

Publication Number Publication Date
CN111262844A true CN111262844A (en) 2020-06-09

Family

ID=70946866

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010028464.9A Withdrawn CN111262844A (en) 2020-01-11 2020-01-11 Privacy protection method based on cryptographic technology

Country Status (1)

Country Link
CN (1) CN111262844A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112118113A (en) * 2020-09-18 2020-12-22 上海市数字证书认证中心有限公司 Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm
CN113395691A (en) * 2021-07-05 2021-09-14 西安工程大学 Contact person tracking privacy protection method based on aggregated signature

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112118113A (en) * 2020-09-18 2020-12-22 上海市数字证书认证中心有限公司 Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm
CN112118113B (en) * 2020-09-18 2022-07-15 上海市数字证书认证中心有限公司 Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm
CN113395691A (en) * 2021-07-05 2021-09-14 西安工程大学 Contact person tracking privacy protection method based on aggregated signature

Similar Documents

Publication Publication Date Title
Xu et al. EVchain: An anonymous blockchain-based system for charging-connected electric vehicles
Brickell et al. Enhanced privacy ID: A direct anonymous attestation scheme with enhanced revocation capabilities
Bangerter et al. A cryptographic framework for the controlled release of certified data
CN111064734B (en) Block chain system user identity anonymity and traceable method, corresponding storage medium and electronic device
EP0786178A1 (en) Secret-key certificates
ShenTu et al. A blind-mixing scheme for bitcoin based on an elliptic curve cryptography blind digital signature algorithm
JP2002534701A (en) Auto-recoverable, auto-encryptable cryptosystem using escrowed signature-only keys
WO2014068427A1 (en) Reissue of cryptographic credentials
CN113761582A (en) Group signature based method and system for protecting privacy of block chain transaction under supervision
Kwon Privacy preservation with X. 509 standard certificates
Qiu et al. A new offiine privacy protecting E-cash system with revokable anonymity
CN111262844A (en) Privacy protection method based on cryptographic technology
Bauer et al. Minimal information disclosure with efficiently verifiable credentials
CN112733192B (en) Judicial electronic evidence system and method based on union chain homomorphic encryption
Ficsór et al. Wabisabi: Centrally coordinated coinjoins with variable amounts
Zhao et al. Efficient multi-authority attribute-based signcryption with constant-size ciphertext
Mu et al. A fair electronic cash scheme
CN110992010B (en) Digital currency issue total amount control method and verification method
Sangeetha et al. Development of novel blockchain technology for certificate management system using cognitive image steganography techniques
Deng et al. Support efficient user revocation and identity privacy in integrity auditing of shared data
Liu et al. Anonymous Transaction of Digital Currency Based on Blockchain.
Bringer et al. Efficient zero-knowledge identification schemes which respect privacy
Goswami et al. Stub Signature-Based Efficient Public Data Auditing System using Dynamic Procedures in Cloud Computing
Zhang et al. Attribute Based Conjunctive Keywords Search with Verifiability and Fair Payment Using Blockchain
Wang et al. Generic Construction of Fair Exchange Scheme with Semi-Trusted Adjudicator.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20200609

WW01 Invention patent application withdrawn after publication