CN111342955A - Communication method and device thereof, and computer storage medium - Google Patents

Communication method and device thereof, and computer storage medium Download PDF

Info

Publication number
CN111342955A
CN111342955A CN201811558876.2A CN201811558876A CN111342955A CN 111342955 A CN111342955 A CN 111342955A CN 201811558876 A CN201811558876 A CN 201811558876A CN 111342955 A CN111342955 A CN 111342955A
Authority
CN
China
Prior art keywords
key
signature
message
signature result
result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811558876.2A
Other languages
Chinese (zh)
Other versions
CN111342955B (en
Inventor
张�林
黄海泉
孙海波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Wodong Tianjun Information Technology Co Ltd
Original Assignee
Beijing Wodong Tianjun Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Wodong Tianjun Information Technology Co Ltd filed Critical Beijing Wodong Tianjun Information Technology Co Ltd
Priority to CN201811558876.2A priority Critical patent/CN111342955B/en
Publication of CN111342955A publication Critical patent/CN111342955A/en
Application granted granted Critical
Publication of CN111342955B publication Critical patent/CN111342955B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the application provides a communication method, equipment and a computer storage medium thereof, wherein the method comprises the steps of receiving a first temporary public key and a first signature result which are sent by first equipment after receiving a first message; if the first signature result passes the verification, generating a hidden key, a session key and a message verification code key according to the first temporary public key and a second temporary private key of the first temporary public key; generating a third signature result according to the second signature private key, the first message, the hidden key and the user identity information of the third signature result; sending a second temporary public key and a third signature result corresponding to the second temporary private key to the first device; and if a notification message that the third signature result passes the verification is received, communicating with the first equipment based on the session key and the message verification code key.

Description

Communication method and device thereof, and computer storage medium
Technical Field
The present application relates to the field of communications technologies, and in particular, but not limited to, a communication method, a device thereof, and a computer storage medium.
Background
A digital signature, which is a digital string that can only be generated by the sender of the message and cannot be forged by others, can be used to verify whether the message sent between the sender and the receiver has been tampered with. In the transaction service, the transaction parties often rely on an external system network for communication, such as e-mail, instant chat tools, and the like. These approaches do not guarantee that the participant is indeed the party involved in the blockchain transaction, nor can the confidentiality and integrity of the private information be guaranteed if encryption means are lacking. In addition, if a communication channel is established by using a traditional key exchange method, an adversary can determine the identity of a communicator by eavesdropping and observing a signature public key, namely, the identity privacy guarantee of a transaction party cannot be provided, so that the identity information of two communication parties is leaked, and further great potential safety hazards are brought to the information safety and property safety of a user.
Disclosure of Invention
In view of the above, embodiments of the present application are intended to provide a communication method, a device thereof, and a computer storage medium.
The technical scheme of the embodiment of the application is realized as follows:
the embodiment of the application provides a communication method, which comprises the following steps:
receiving a first temporary public key and a first signature result which are sent by first equipment after receiving a first message;
if the first signature result passes the verification, generating a hidden key, a session key and a message verification code key according to the first temporary public key and a second temporary private key of the first temporary public key;
generating a third signature result according to the second signature private key, the first message, the hidden key and the user identity information of the third signature result;
sending a second temporary public key and a third signature result corresponding to the second temporary private key to the first device;
and if a notification message that the third signature result passes the verification is received, communicating with the first equipment based on the session key and the message verification code key.
The embodiment of the application provides a communication method, which comprises the following steps:
after receiving a first message sent by second equipment, signing the first temporary public key according to a preset signature algorithm according to a first signature private key of the first temporary public key to obtain a first signature result;
sending the first signature result and the first temporary public key to a second device;
verifying the third signature result according to the received third signature result, the first message and the second temporary public key to obtain a verification result;
and if the third signature result passes the verification, sending a notification message that the verification passes to the second equipment.
This embodiment provides a communication device, which at least includes: a memory and a processor, wherein:
the memory configured to store a communication program;
the processor is configured to execute the communication program stored in the memory to implement the steps of the communication method provided in other embodiments of the present application.
The embodiment of the present application provides a computer storage medium, on which a communication program is stored, and the communication program, when executed by a processor, implements the steps of the communication method described in the other embodiments of the present application.
The embodiment of the application provides a communication method, equipment and a computer storage medium thereof, wherein, firstly, a first temporary public key and a first signature result which are sent by first equipment after receiving a first message are received; if the first signature result passes the verification, generating a hidden key, a session key and a message verification code key according to the first temporary public key and a second temporary private key of the first temporary public key; generating a third signature result according to the second signature private key, the first message, the hidden key and the user identity information of the third signature result; sending a second temporary public key and a third signature result corresponding to the second temporary private key to the first device; if a notification message that the third signature result is verified is received, communicating with the first device based on the session key and the message verification code key; therefore, whether the identity of the first device is tampered or not can be confirmed by firstly verifying the first signature result sent by the first device, and the third signature result is obtained based on the hidden key, the second signature result and the user identity information, so that anonymous signature can be realized, the user identity is prevented from being leaked, and finally after the third signature result is confirmed to be verified, the identities of both communication parties are reliable, safe communication can be carried out accordingly, and the information safety of the user can be guaranteed.
Drawings
Fig. 1 is a schematic view of an application scenario according to an embodiment of the present application;
fig. 2 is a schematic flow chart illustrating an implementation of a communication method according to an embodiment of the present application;
fig. 3 is a schematic flowchart of another implementation of the communication method according to the embodiment of the present application;
fig. 4 is a schematic flowchart of another implementation of the communication method according to the embodiment of the present application;
fig. 5 is a schematic structural diagram of a communication device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, specific technical solutions of the present invention will be described in further detail below with reference to the accompanying drawings in the embodiments of the present application. The following examples are intended to illustrate the present application but are not intended to limit the scope of the present application.
Fig. 1 is a schematic view of an application scenario in an embodiment of the present application, and as shown in fig. 1, the application scenario includes: in the application scenario, when the second device 101 wants to request the first device 102 to provide a service, the second device corresponds to a service requester, and the first device corresponds to a service provider, in order to ensure the identities of the two parties to be authentic, the first device 102 may sign a message containing service content after receiving the message, and then send the signature result to the second device 101, and the second device 101 verifies the first signature result, and if the verification is successful, the identity of the first device 102 is authentic; the second device 101 then signs the first message and the user identity information again. And obtaining a third signature result, sending the third signature result to the first device 102, verifying the third signature result by the first device 102, and if the third signature result passes the verification, indicating that the identity of the second device is true, then performing secure communication.
It should be noted that, in an actual implementation process, the first device 101 and the second device 102 may also be two node devices in a blockchain network, where the first device 102 may be a receiver device of a transaction in the blockchain network, and the second device 102 may be an initiator device of the transaction in the blockchain network. Of course, the first device 101 may be one server, a server cluster formed by a plurality of servers, a cloud computing center, and the like, and is not limited herein.
An embodiment of the present application provides a communication method, and fig. 2 is a schematic diagram illustrating an implementation flow of the communication method according to the embodiment of the present application, and as shown in fig. 2, the method includes the following steps:
step S201, receiving a first temporary public key and a first signature result sent by the first device after receiving the first message.
Here, step S201 may be implemented by a second device, further, the second device may be a mobile terminal with wireless communication capability, such as a mobile phone (mobile phone), a tablet computer, a notebook computer, etc., and may also be a desktop computer with computing function, a desktop computer, etc., which are not mobile. In other embodiments, the second device may also be an initiator device accessing transactions in a blockchain network.
In other embodiments, before the step S201, the method further includes: and sending a first message to the first device, wherein the message content of the first message comprises the service content required by the second device.
The first signature result is obtained by the first device signing the first temporary public key of the first device according to a preset signature algorithm according to the first signature private key of the first device.
It should be noted that, the first device generates, in advance, a first signed public-private key pair according to a preset key generation algorithm, where the first signed public-private key pair includes a first signed public key and a first signed private key, and the first signed public key and the second signed private key may be considered as a public-private key pair used for signature and verification for a long time; after the first device receives the first message, a pair of temporary public and private keys, that is, a first temporary public key and a first temporary private key, are generated, that is, the first temporary public key and the first temporary private key are generated temporarily after receiving the first message, and are not used for a long time.
The first device may provide the required service to the second device, and in other embodiments, the first device may also be a recipient device for a transaction in a blockchain network.
Step S202, if the first signature result passes the verification, generating a hidden key, a session key and a message verification code key according to the first temporary public key and a second temporary private key of the first temporary public key.
Here, step S202 may be implemented by the second device. In this embodiment, the second device also generates a pair of public and private signature keys, i.e., a second public signature key and a second private signature key, in advance, and the second public signature key and the second private signature key are used for signature and verification. The second device also generates a pair of temporary public and private keys, namely a second temporary public key and a second temporary private key, according to the key generation algorithm, and the second temporary private key is randomly selected by the second device. The second temporary private key and the second temporary public key are not used for a long time, like the first temporary public key and the first temporary private key, and a private key different from the second temporary private key may be used when the hidden key is generated next time.
In other embodiments, before the step S202, the method further includes: and the second equipment verifies the first signature result to obtain a verification result. In implementation, the first temporary public key, the first signature public key and the first signature result may be input into a preset verification function to obtain a verification result. It should be noted that the verification function corresponds to a preset signature algorithm used when signing the first temporary public key.
If the first signature result passes the verification, which indicates that the first device sending the first signature result is not counterfeit, then the second device, according to the first temporary public key and the second temporary private key of itself, first generates a symmetric key with high entropy through Diffie-Hellman protocol, and then generates a hidden key, a session key and a message authentication code key based on the symmetric key, wherein the hidden key, the session key and the message authentication code key can be regarded as three sub-keys of the symmetric key, and respectively complete different functions, the hidden key is used for hiding user identity information, so as to achieve the effect of anonymous signature, the session key is used for encrypting the message to be sent, and the message authentication code key can protect the integrity of the message to be sent.
Step S203, generating a third signature result according to the second signature private key, the first message, the hidden key and the user identity information.
Here, step S203 may be implemented by the second device.
In an actual implementation process, the second device signs the first message according to a preset signature algorithm according to a second signature private key of the second device to obtain a second signature result, and then synthesizes the second signature result and the user identity information to obtain synthesized information.
Therefore, the second signature result and the user identity information are covered in the third signature result, so that the effect of anonymous signature is achieved, and the user identity information of a signer is prevented from being leaked.
Step S204, sending the second temporary public key and the third signature result corresponding to the second temporary private key to the first device.
Here, step S204 may be implemented by the second device. Because the second signature result and the user identity information are hidden in the third signature result, the identity information of the user cannot be obtained even if the third signature result is intercepted and monitored by an enemy during sending, and then the signature public key corresponding to the user identity information cannot be obtained, so that the information safety and the property safety of a signer can be protected.
And step S205, if a notification message that the third signature result is verified is received, communicating with the first device based on the session key and the message verification code key.
Here, step S205 may be implemented by the second device. In practical application, the second device encrypts and integrity-protects the second message to be sent based on the session key and the message authentication code key, and then sends the processed second message to the first device for secure communication.
In the communication method provided by the embodiment of the application, first, a first temporary public key and a first signature result which are sent by a first device after a first message is received are received; if the first signature result passes the verification, generating a hidden key, a session key and a message verification code key according to the first temporary public key and a second temporary private key of the first temporary public key; generating a third signature result according to the second signature private key, the first message, the hidden key and the user identity information of the third signature result; sending a second temporary public key and a third signature result corresponding to the second temporary private key to the first device; if a notification message that the third signature result is verified is received, communicating with the first device based on the session key and the message verification code key; therefore, whether the identity of the first device is tampered or not can be confirmed by firstly verifying the first signature result sent by the first device, and the third signature result is obtained based on the hidden key, the second signature result and the user identity information, so that anonymous signature can be realized, the user identity is prevented from being leaked, and finally after the third signature result is confirmed to be verified, the identities of both communication parties are reliable, safe communication can be carried out accordingly, and the information safety of the user can be guaranteed.
Based on the foregoing embodiments, a communication method is further provided in the embodiments of the present application, and fig. 3 is a schematic flowchart of another implementation flow of the communication method in the embodiments of the present application, as shown in fig. 3, the method includes the following steps:
step S301, the second device sends a first message to the first device.
Here, the second device sends a first message to the first device for requesting the first device to obtain a service, the first message including content of the requested service, and the first message being publicly visible.
Step S302, after receiving the first message, the first device generates a first temporary public-private key pair according to a preset key generation algorithm.
Here, the first temporal public-private key pair includes a first temporal public key and a first temporal private key, where the first temporal private key may be randomly chosen by the first device.
Step S303, the first device signs the first temporary public key according to its own first private signature key, so as to obtain a first signature result.
Here, step S303 may be implemented by taking the first private signature key y and the first temporary public key B as input to obtain the first signature result (S)1,e1) Wherein:
e1=H(r1||B) (2-1);
s1=k1-e1y (2-2);
wherein, in the formula (2-1),
Figure BDA0001912737210000071
k1is a random value selected by the first device, g is a generator of the group, H () is a hash function, | | is an information join function.
In the present embodiment, s1As part of the proof of the first signature result, e1Is the challenge part of the first signature result.
Step S304, the first device sends the first signature result and the first temporary public key to the second device.
Step S305, the second device verifies the first signature result to obtain a verification result.
Here, after receiving the first signature result and the first temporary public key, the second device first obtains the first signature public key Y of the first device based on the identification information of the first device, and then obtains the first temporary public key B and the first signature result(s)1,e1) And the first signature public key Y of the first device is used as the input of a preset verification function, and the first signature result is verified to obtain a verification result.
In practical implementation, it may be verified whether the formula (2-3) holds:
Figure BDA0001912737210000081
here, if the formula (2-3) is satisfied, it indicates that the first signature result is verified, and if the formula (2-3) is not satisfied, it indicates that the first signature result is not verified.
Step S306, if the first signature result passes the verification, the second device generates a hidden key, a session key and a message verification code key according to the first temporary public key and a second temporary private key of the second device.
Here, in practical applications, the step S306 may be implemented by:
step S3061, obtain the second temporary private key a randomly selected by itself.
Step S3062, a symmetric key is generated according to the first temporary public key B and the second temporary private key a.
Here, the symmetric key K may be generated by equation (2-4):
K=H'(Ba) (2-4);
in equations (2-4), H' () is another hash function.
Step S3063, generating a hidden key, a session key, and a message authentication code key according to the symmetric key and a preset hash function.
Here, the hidden key, the session key, and the message authentication code key may be generated by equations (2-5), (2-6), and (2-7), respectively:
K0=H”(K,0) (2-5);
K1=H”(K,1) (2-6);
K2=H”(K,2) (2-7);
in equations (2-5), (2-6) and (2-7), H "() is a predetermined further hash function.
Step S307, the second device signs the first message according to a preset signature algorithm according to a second signature private key of the second device, so as to obtain a second signature result.
Here, step S307, when implemented, may be to take the second signature private key x and the first message m as input, and obtain the second signature result (S)2,e2) Wherein:
e2=H(r2||m) (2-8);
s2=k2-e2x (2-9);
in the formula (2-8),
Figure BDA0001912737210000091
k2 is a random value selected by the second device, g is a generator of the group, and H () is a hash function.
Step S308, the second device generates a third signature result according to the second signature result, the hidden key and the user identity information.
Here, in practical applications, the step S308 can be implemented by the following steps:
and S3081, synthesizing the second signature result and the user identity information to obtain synthesized information.
Here, when step S3081 is implemented, the synthesis information n can be obtained according to the formula (2-10):
n=s2||e2||ID (2-10);
that is, the certification part, the challenge part and the user identity information of the second signature result are connected to obtain the composite information.
And S3082, performing XOR operation on the synthetic information and the hidden key to obtain a third signature result.
Here, the third signature result may be determined by equation (2-9):
Figure BDA0001912737210000092
step S309, the second device sends the third signature result and the second temporary public key to the first device.
Here, the second signature result and the user identity information are masked in the third signature result, so that an anonymous signature effect is achieved, and the user identity information of the signer is prevented from being leaked.
Here, the second device sends the third signature result Z and the second temporary public key a to the first device, and in other embodiments, the second device may also send the first message to the first device at the same time when sending the third signature result and the second temporary public key.
Step S310, the first device verifies the third signature result according to the received third signature result, the first message and the second temporary public key to obtain a verification result.
Here, the step S310 may be implemented by:
in step S3101, the first device generates a symmetric key from its own first temporary private key b and second temporary public key a.
Here, the symmetric key may be generated by equation (2-12):
K=H'(Ab) (2-12)。
step S3102, determining user identity information according to the symmetric key and the third signature result.
Here, step S3102, when implemented, first generates a hidden key according to equation (2-13) from the symmetric key:
K0=H”(K,0) (2-13);
then carrying out XOR operation on the hidden secret key and the third signature result to obtain synthetic information n; since the synthesized information is the concatenation of the proof part, the challenge part and the user identity information of the second signature result, after the synthesized information is obtained, if the digit of the user identity information is known, the user identity information can be separated from the synthesized information.
In step S3103, the first device determines a second public signature key corresponding to the user identity information.
Here, after the first device acquires the user identity information, the second public signature key corresponding to the user identity information may be determined.
Step S3104, the first device verifies the third signature result according to the second public signature key and the first message, and obtains a verification result.
Here, when implemented, step S3104 may first acquire a second signature result included in the composition information; and then, the second signature result, the second signature public key and the first message are used as the input of a preset verification function, and the second signature result is verified to obtain a verification result.
Since the synthesized information is the concatenation of the proof part, the challenge part and the user identity information of the second signature result, after the synthesized information is obtained, if the number of bits of the proof part and the challenge part is determined, the proof part s of the second signature result can be separated out as well2And a challenge section e2Thereby obtaining a second signature result (e)2,s2) Then, it is verified whether the formula (2-14) holds:
Figure BDA0001912737210000101
here, if the formula (2-14) is satisfied, it indicates that the second signature result is verified, that is, the third signature result is verified, and if the formula (2-14) is not satisfied, it indicates that the second signature result is not verified, that is, the third signature result is not verified.
Step S311, if the third signature result is verified, sending a notification message that the verification is passed to the second device.
In step S312, the second device and the first device perform secure communication based on the session key and the message authentication code key.
Here, after step S3102, the first device may also generate the session key and the message authentication code key according to equations (2-6) and (2-7), and if the third signature result is verified, perform secure communication based on the session key and the message authentication code key.
When the step S312 is implemented, after the second device obtains the second message to be sent, the second device first encrypts the second message based on the session key to obtain an encrypted second message; then, integrity protection is carried out on the encrypted second message based on the message verification code key to obtain a processed second message; and sending the processed second message to the first equipment. And after receiving the processed second message, the first device firstly verifies the integrity of the processed second message according to the message verification code key, and if the integrity of the processed second message is not damaged, the first device decrypts the message based on the session key to obtain the plaintext of the second message.
Similarly, when the first device sends the third message to the second device, the first device may encrypt the third message based on the session key to obtain an encrypted third message; based on the message verification code key, performing integrity protection on the encrypted third message to obtain a processed third message; and sending the processed third message to the second device.
In the communication method provided by this embodiment, first, the second device sends a first message to the first device, and after receiving the first message, the first device signs the first temporary public key according to its own first signature private key to obtain a first signature result, and sends the first signature result to the second device; the second equipment verifies the first signature result to obtain a verification result; if the first signature result passes the verification, the identity of the first device is true, and at the moment, the second device signs the first message according to a preset signature algorithm according to a second signature private key of the second device to obtain a second signature result and generates a third signature result according to the second signature result, the hidden key and the user identity information; therefore, the second signature result and the user identity information are covered in the third signature result, so that the effect of anonymous signature is achieved, and the user identity information of a signer is prevented from being leaked.
Then the second device sends the third signature result and the second temporary public key to the first device; if the third signature result passes the verification, the first equipment sends a notification message that the verification passes to the second equipment; the second equipment and the first equipment perform safe communication based on the session key and the message verification code key, so that not only can the message for communication not be leaked, but also the integrity of the message can be ensured through the message verification key, and the message can be found in time when being tampered, thereby avoiding property loss.
The embodiments of the present application further provide a communication method, which is an anonymous signature algorithm based on the Schnorr (Schnorr) signature algorithm, and in order to better understand the embodiments, the Schnorr signature algorithm is first described.
The Schnorr signature is a simple and efficient signature algorithm, and the security is based on the discrete logarithm difficulty problem. The implementation flow of the Schnorr signature algorithm is as follows:
the first step, key generation phase.
The signer uses a key generation algorithm to generate a public and private key pair (X, X ═ g)x) Where x is randomly generated and g is the generator of the cluster.
The second step, signature phase.
The signer takes the private key x and the message m to be signed as input, and generates a signature result (s, e), where e ═ H (r | | m), s ═ k-ex, and r ═ gkK is a random value chosen by the signer and H is a hash function.
And the third step, the signature checking stage.
The verifier takes the message m to be signed, the signature result (s, e) and the public key X of the signer as input, and the verification result (e) is H (g)sXeIf | m) is true, to determine if the signature is valid.
Based on the Schnorr signature algorithm, the present embodiment provides an anonymous signature algorithm, where the anonymous signature is a special signature algorithm that can avoid revealing the identity of the signer while providing substantial non-repudiation. The implementation flow of the anonymous signature algorithm provided by the embodiment includes the following three stages:
first, key generation phase.
According to the key generation phase of the Schnorr signature algorithm, the signer can obtain a long-term used signature key pair (X, X ═ g)x) At the same time, the verifier can similarly obtain the temporary key pair (B, B ═ g)b)。
And the second, signature stage.
Here, the following flow is mainly completed in the signature phase:
step 421, the signer randomly selects a as the temporary private key and generates a temporary public key a ═ ga
Step 422, according to the private key x, signing the message m to be signed to generate a second signature result (s, e);
here, e ═ H (r | | m), s ═ k-ex, r ═ gkK is a random value chosen by the signer, H is a hash function, and | represents concatenation of the message.
Step 423, calculating to obtain a symmetric key K ═ H' (B) using the temporary public key B in the temporary key pair of the signer and the temporary private key a of the signera);
Here, H' is a hash function, and satisfies that the length of K is equal to the sum of s, e and the length of the signer identity ID.
And 424, obtaining a third signature result finally output according to the symmetric key and the signature result (s, e).
Here, the third signature result
Figure BDA0001912737210000131
Wherein
Figure BDA0001912737210000132
Is a bitwise xor operation.
In other embodiments, (Z, a) may also be sent to the signer as the final signature result, along with the message m.
And the third step, the signature verification stage.
Here, the following flow is mainly completed in the signature verification stage:
in step 431, the verifier first uses its temporary private key b and the temporary public key a of the signer to calculate the symmetric key K ═ H' (a)b)。
Step 432, calculating
Figure BDA0001912737210000133
And s | | e | | | ID is obtained.
Step 433, the identity ID of the signer is analyzed from the result s | | e | | ID, and the public key X corresponding to the signer is searched according to the identity ID of the signature.
Step 434, verifying whether e ═ H (g) is satisfiedsXe| m) to determine whether the signature result is correct.
In the signing process, a symmetric key with high entropy is generated through a Diffie-Hellman protocol to cover a signing result and the identity of a signer, so that the aim of protecting the identity privacy of the signer is fulfilled.
In the blockchain system, each participant has a pair of public and private signature keys, and according to the anonymous signature algorithm, the embodiment provides a communication method, which can generate a session key between two participants, and the participants can establish a secure communication channel according to the session key to ensure privacy and integrity of transmission data and ensure anonymity of an initiator (usually an initiator of a transaction), for example, a payer purchases goods from a certain merchant in the blockchain system, but the payer does not want to reveal own identity information to other entities except the merchant, and wants to perform private information interaction with the merchant through the communication channel. In the communication method provided in this embodiment, the user U and the service provider S are involved, and the public and private key pairs of the block chain signatures of both are (X, X ═ g), respectivelyx) And (Y, Y ═ g)y) Fig. 4 is a schematic flow chart of another implementation of the communication method of this embodiment, as shown in fig. 4, the method includes:
in step S401, the user initiates a session.
And the user U sends a publicly visible message m to the specified service provider S under the condition of not revealing the identity of the user U, wherein the message content comprises the required service content and the like.
Step S402, the service provider responds to the session.
After receiving the message m, the service provider S generates a temporary public and private key pair, and records the key pair as (B, B ═ g)b) The temporary public key B is signed with a public-private key pair (Y, Y ═ g)y) Signing the temporary public key and then signing the result Sigy(B) And sending the temporary public key B to the user U (or submitting the temporary public key B to a public ledger in the form of blockchain transaction content), wherein Sigy(. h) denotes the use of private key y to sign a message, the signature algorithm being the Schnorr signature algorithm described above.
In step S403, a user key is generated.
User U receives signature result Sigy(B) And the temporary public key B, and then verifying the signature VerifyY(Sigy(B) B), wherein VerifyY(-) represents the verification signature operation of the Schnorr signature algorithm on the signature result and the message using the public key Y.
After the verification is passed, according to the signature stage of the anonymous signature algorithm, the user U can obtain the temporary public key A, the symmetric key K and the Schnorr signature result (s, e), and further obtain three keys according to the symmetric key and hide the key K0H "(K, 0), session key K1H "(K, 1), and a message authentication code key K2H "(K, 2), where H" () is a hash function, and K is assumed0Is equal to s, e and the user identity IDUThe sum of the lengths of (a) and (b).
Finally, the signature result is output by using the XOR (s, e) of the hidden key and the user identity
Figure BDA0001912737210000151
Step S404, the final signature result (Z, a) is sent to the service provider S.
Step S405, service provider key generation.
According to the anonymous signature verification stage, the service provider S receives (Z, A)Using its temporary private key b, the symmetric key K ═ H' (a) is obtainedb) And a hidden key K0H "(K, 0), session key K1H "(K, 1), and a message authentication code key K2=H”(K,2)。
Step S406, calculating
Figure BDA0001912737210000152
To obtain the identity information ID of the userUAnd according to the identity IDUThe user public key X is determined.
Step S407, the service provider verifies the signature according to the user public key X, and stores the session key and the message verification code key if the signature verification is passed, and prepares to perform secure communication with the user.
In this embodiment, an anonymous signature algorithm based on the Schnorr signature algorithm is constructed, and then a communication method with a user anonymous function in a blockchain system can be constructed according to the anonymous signature algorithm, so that it is ensured that identity information of a user is not obtained by other entities except a service provider, and thus, the safety of user information is ensured, the user information is not leaked, and the safety of communication is improved.
An embodiment of the present application provides a communication device, fig. 5 is a schematic structural diagram of a communication device in an embodiment of the present application, and as shown in fig. 5, the communication device 500 at least includes: a memory 501 and a processor 502, wherein:
the memory 501 configured to store a communication program;
the processor 502 is configured to execute the communication program stored in the memory to implement the steps of:
receiving a first temporary public key and a first signature result which are sent by first equipment after receiving a first message;
if the first signature result passes the verification, generating a hidden key, a session key and a message verification code key according to the first temporary public key and a second temporary private key of the first temporary public key;
generating a third signature result according to the second signature private key, the first message, the hidden key and the user identity information of the third signature result;
sending a second temporary public key and a third signature result corresponding to the second temporary private key to the first device;
and if a notification message that the third signature result passes the verification is received, communicating with the first equipment based on the session key and the message verification code key.
In other embodiments, before generating the second signature result and the hidden key according to the first temporary public key, the first message and the second temporary private key of the processor if the first signature result is verified, the processor 502 is configured to execute the communication program stored in the memory to implement the following steps:
acquiring a first signature public key of first equipment;
and taking the first signature public key, the first temporary public key and the first signature result as the input of a preset verification function, and verifying the first signature result to obtain a verification result.
In other embodiments, the generating a hidden key, a session key, and a message authentication code key according to the first temporary public key and a second temporary private key of the mobile terminal includes:
acquiring a second temporary private key generated by the user in advance;
generating a symmetric key according to the first temporary public key and the second temporary private key;
and respectively generating a hidden key, a session key and a message verification code key according to the symmetric key and a preset hash function.
In other embodiments, the generating a third signature result according to the second signature private key of the third signature result, the first message, the hidden key, and the user identity information includes:
signing the first message according to a preset signature algorithm according to a second signature private key of the first message to obtain a second signature result;
synthesizing the second signature result and the user identity information to obtain synthetic information;
and carrying out XOR operation on the synthetic information and the hidden key to obtain a third signature result. Synthesizing the second signature result and the user identity information to obtain synthetic information;
and carrying out XOR operation on the synthetic information and the hidden key to obtain a third signature result.
In other embodiments, communicating with a first device based on the session key and the message authentication code key comprises:
acquiring a second message to be sent;
encrypting the second message based on the session key to obtain an encrypted second message;
based on the message verification code key, performing integrity protection on the encrypted second message to obtain a processed second message;
and sending the processed second message to the first equipment.
Accordingly, an embodiment of the present application further provides a computer storage medium, on which a communication program is stored, and the communication program, when executed by a processor, implements the steps of the communication method described above.
It should be noted that the communication device provided in the embodiment of the present application may be regarded as a second device in other embodiments. The above description of the communication device and computer storage medium embodiments is similar to the description of the method embodiments above, with similar beneficial effects as the method embodiments. For technical details not disclosed in the embodiments of the communication device and the computer storage medium of the present application, reference is made to the description of the embodiments of the method of the present application for understanding.
An embodiment of the present application provides a communication device, where the communication device at least includes: a memory and a processor, wherein:
the memory configured to store a communication program;
the processor is configured to execute the communication program stored in the memory to implement the steps of:
after receiving a first message sent by second equipment, signing the first temporary public key according to a preset signature algorithm according to a first signature private key of the first temporary public key to obtain a first signature result;
sending the first signature result and the first temporary public key to a second device;
verifying the third signature result according to the received third signature result, the first message and the second temporary public key to obtain a verification result;
and if the third signature result passes the verification, sending a notification message that the verification passes to the second equipment.
In other embodiments, the verifying the third signature result according to the received third signature result, the first message, and the second temporary public key includes:
generating a symmetric key according to a first temporary private key and a second temporary public key of the key;
determining user identity information according to the symmetric key and the third signature result;
determining a second signature public key corresponding to the user identity information;
and verifying the third signature result according to the second signature public key and the first message to obtain a verification result.
In other embodiments, the determining user identity information according to the symmetric key and the third signature result includes:
generating a hidden key according to the symmetric key and a preset hash function;
performing exclusive-or operation on the hidden key and the third signature result to obtain synthetic information;
and acquiring the user identity information from the synthetic information.
In other embodiments, verifying the third signature result according to the second public signature key to obtain a verification result includes:
acquiring a fourth signature result included in the synthesis information;
and taking the fourth signature result, the second signature public key and the first message as the input of a preset verification function, and verifying the fourth signature result to obtain a verification result.
In other embodiments, the processor is further configured to execute a communication program stored in the memory to implement the steps of:
respectively generating a session key and a message authentication code key according to the symmetric key;
and if the third signature result passes the verification, communicating with the second equipment based on the session key and the message verification code key.
Accordingly, an embodiment of the present application further provides a computer storage medium, on which a communication program is stored, and the communication program, when executed by a processor, implements the steps of the communication method described above.
It should be noted that the communication device provided in the embodiment of the present application may be regarded as a second device in other embodiments. The above description of the communication device and computer storage medium embodiments is similar to the description of the method embodiments above, with similar beneficial effects as the method embodiments. For technical details not disclosed in the embodiments of the communication device and the computer storage medium of the present application, reference is made to the description of the embodiments of the method of the present application for understanding.
In the embodiment of the present application, if the method is implemented in the form of a software functional module and sold or used as a standalone product, the method may also be stored in a computer-readable storage medium. Based on such understanding, the technical solutions of the embodiments of the present application may be essentially implemented or portions thereof contributing to the prior art may be embodied in the form of a software product stored in a storage medium, and including several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read Only Memory (ROM), a magnetic disk, or an optical disk. Thus, embodiments of the present application are not limited to any specific combination of hardware and software.
It should be appreciated that reference throughout this specification to "one embodiment" or "an embodiment" means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present application. Thus, the appearances of the phrases "in one embodiment" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. It should be understood that, in the various embodiments of the present application, the sequence numbers of the above-mentioned processes do not mean the execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application. The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described device embodiments are merely illustrative, for example, the division of the unit is only a logical functional division, and there may be other division ways in actual implementation, such as: multiple units or components may be combined, or may be integrated into another system, or some features may be omitted, or not implemented. In addition, the coupling, direct coupling or communication connection between the components shown or discussed may be through some interfaces, and the indirect coupling or communication connection between the devices or units may be electrical, mechanical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units; can be located in one place or distributed on a plurality of network units; some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, all functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may be separately regarded as one unit, or two or more units may be integrated into one unit; the integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
Those of ordinary skill in the art will understand that: all or part of the steps for realizing the method embodiments can be completed by hardware related to program instructions, the program can be stored in a computer readable storage medium, and the program executes the steps comprising the method embodiments when executed; and the aforementioned storage medium includes: various media that can store program codes, such as a removable Memory device, a Read Only Memory (ROM), a magnetic disk, or an optical disk.
Alternatively, the integrated units described above in the present application may be stored in a computer-readable storage medium if they are implemented in the form of software functional modules and sold or used as independent products. Based on such understanding, the technical solutions of the embodiments of the present application may be essentially implemented or portions thereof contributing to the prior art may be embodied in the form of a software product stored in a storage medium, and including several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a removable storage device, a ROM, a magnetic or optical disk, or other various media that can store program code.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (12)

1. A method of communication, the method comprising:
receiving a first temporary public key and a first signature result which are sent by first equipment after receiving a first message;
if the first signature result passes the verification, generating a hidden key, a session key and a message verification code key according to the first temporary public key and a second temporary private key of the first temporary public key;
generating a third signature result according to the second signature private key, the first message, the hidden key and the user identity information of the third signature result;
sending a second temporary public key and a third signature result corresponding to the second temporary private key to the first device;
and if a notification message that the third signature result passes the verification is received, communicating with the first equipment based on the session key and the message verification code key.
2. The method of claim 1, wherein before generating a second signed result and a hidden key from the first ephemeral public key, the first message, and the second ephemeral private key of the message if the first signed result is verified, the method further comprises:
acquiring a first signature public key of first equipment;
and taking the first signature public key, the first temporary public key and the first signature result as the input of a preset verification function, and verifying the first signature result to obtain a verification result.
3. The method of claim 1, wherein generating a hidden key, a session key, and a message authentication code key from the first ephemeral public key and its second ephemeral private key comprises:
acquiring a second temporary private key generated by the user in advance;
generating a symmetric key according to the first temporary public key and the second temporary private key;
and respectively generating a hidden key, a session key and a message verification code key according to the symmetric key and a preset hash function.
4. The method of claim 1, wherein generating the third signature result according to the second private signature key, the first message, the hidden key, and the user identity information comprises:
signing the first message according to a preset signature algorithm according to a second signature private key of the first message to obtain a second signature result;
synthesizing the second signature result and the user identity information to obtain synthetic information;
and carrying out XOR operation on the synthetic information and the hidden key to obtain a third signature result.
5. The method of any of claims 1 to 4, wherein communicating with the first device based on the session key and the message authentication code key comprises:
acquiring a second message to be sent;
encrypting the second message based on the session key to obtain an encrypted second message;
based on the message verification code key, performing integrity protection on the encrypted second message to obtain a processed second message;
and sending the processed second message to the first equipment.
6. A method of communication, the method comprising:
after receiving a first message sent by second equipment, signing the first temporary public key according to a preset signature algorithm according to a first signature private key of the first temporary public key to obtain a first signature result;
sending the first signature result and the first temporary public key to a second device;
verifying the third signature result according to the received third signature result, the first message and the second temporary public key to obtain a verification result;
and if the third signature result passes the verification, sending a notification message that the verification passes to the second equipment.
7. The method of claim 6, wherein verifying the third signature result based on the received third signature result, the first message, and the second temporary public key comprises:
generating a symmetric key according to a first temporary private key and a second temporary public key of the key;
determining user identity information according to the symmetric key and the third signature result;
determining a second signature public key corresponding to the user identity information;
and verifying the third signature result according to the second signature public key and the first message to obtain a verification result.
8. The method of claim 7, wherein determining user identity information based on the symmetric key and the third signature result comprises:
generating a hidden key according to the symmetric key and a preset hash function;
performing exclusive-or operation on the hidden key and the third signature result to obtain synthetic information;
and acquiring the user identity information from the synthetic information.
9. The method of claim 8, wherein verifying the third signature result according to the second public signature key to obtain a verification result comprises:
acquiring a fourth signature result included in the synthesis information;
and taking the fourth signature result, the second signature public key and the first message as the input of a preset verification function, and verifying the fourth signature result to obtain a verification result.
10. The method according to any one of claims 6 to 8, further comprising:
respectively generating a session key and a message authentication code key according to the symmetric key;
and if the third signature result passes the verification, communicating with the second equipment based on the session key and the message verification code key.
11. A communication device, characterized in that it comprises at least: a memory and a processor, wherein:
the memory configured to store a communication program;
the processor is configured to execute a communication program stored in the memory to implement the steps of the communication method of any one of claims 1 to 5 or 6 to 10.
12. A computer storage medium, characterized in that the computer storage medium has stored thereon a communication program that, when executed by a processor, implements the steps of the communication method described in any one of 1 to 5 or 6 to 10.
CN201811558876.2A 2018-12-19 2018-12-19 Communication method and device and computer storage medium Active CN111342955B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811558876.2A CN111342955B (en) 2018-12-19 2018-12-19 Communication method and device and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811558876.2A CN111342955B (en) 2018-12-19 2018-12-19 Communication method and device and computer storage medium

Publications (2)

Publication Number Publication Date
CN111342955A true CN111342955A (en) 2020-06-26
CN111342955B CN111342955B (en) 2023-04-18

Family

ID=71186869

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811558876.2A Active CN111342955B (en) 2018-12-19 2018-12-19 Communication method and device and computer storage medium

Country Status (1)

Country Link
CN (1) CN111342955B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110933672A (en) * 2019-11-29 2020-03-27 华为技术有限公司 Key negotiation method and electronic equipment
CN112613882A (en) * 2020-12-29 2021-04-06 成都知道创宇信息技术有限公司 Distributed signature system and management method
CN113315641A (en) * 2021-08-02 2021-08-27 飞天诚信科技股份有限公司 Seed key backup method, electronic equipment and system
CN114079560A (en) * 2020-07-31 2022-02-22 中移(苏州)软件技术有限公司 Communication encryption method, aircraft and computer readable storage medium
CN114448644A (en) * 2022-03-04 2022-05-06 芜湖雄狮汽车科技有限公司 Method, device, equipment and medium for realizing digital certificate based on symmetric algorithm
CN114448644B (en) * 2022-03-04 2024-06-04 芜湖雄狮汽车科技有限公司 Digital certificate realization method, device, equipment and medium based on symmetric algorithm

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101156349A (en) * 2005-01-21 2008-04-02 日本电气株式会社 Signing device, verifying device, certifying device, encrypting device, and decrypting device
CN101969640A (en) * 2010-11-15 2011-02-09 成都信息工程学院 Computing key generating method for mobile terminal equipment
US20110211700A1 (en) * 2008-11-06 2011-09-01 Samsung Electronics Co., Ltd. Device and method for security key exchange and system pertaining to same
CN104901804A (en) * 2014-08-28 2015-09-09 赵捷 User autonomy-based identity authentication implementation method
CN106453330A (en) * 2016-10-18 2017-02-22 深圳市金立通信设备有限公司 Identity authentication method and system
CN107104888A (en) * 2017-06-09 2017-08-29 成都轻车快马网络科技有限公司 A kind of safe instant communicating method
CN107196922A (en) * 2017-05-03 2017-09-22 国民认证科技(北京)有限公司 Identity identifying method, user equipment and server

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101156349A (en) * 2005-01-21 2008-04-02 日本电气株式会社 Signing device, verifying device, certifying device, encrypting device, and decrypting device
US20110211700A1 (en) * 2008-11-06 2011-09-01 Samsung Electronics Co., Ltd. Device and method for security key exchange and system pertaining to same
CN101969640A (en) * 2010-11-15 2011-02-09 成都信息工程学院 Computing key generating method for mobile terminal equipment
CN104901804A (en) * 2014-08-28 2015-09-09 赵捷 User autonomy-based identity authentication implementation method
CN106453330A (en) * 2016-10-18 2017-02-22 深圳市金立通信设备有限公司 Identity authentication method and system
CN107196922A (en) * 2017-05-03 2017-09-22 国民认证科技(北京)有限公司 Identity identifying method, user equipment and server
CN107104888A (en) * 2017-06-09 2017-08-29 成都轻车快马网络科技有限公司 A kind of safe instant communicating method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
杨景花等: "《签名中嵌入用户身份信息的公平合同签署协议》", 《软件导刊》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110933672A (en) * 2019-11-29 2020-03-27 华为技术有限公司 Key negotiation method and electronic equipment
CN114079560A (en) * 2020-07-31 2022-02-22 中移(苏州)软件技术有限公司 Communication encryption method, aircraft and computer readable storage medium
CN114079560B (en) * 2020-07-31 2024-05-07 中移(苏州)软件技术有限公司 Communication encryption method, aircraft and computer readable storage medium
CN112613882A (en) * 2020-12-29 2021-04-06 成都知道创宇信息技术有限公司 Distributed signature system and management method
CN113315641A (en) * 2021-08-02 2021-08-27 飞天诚信科技股份有限公司 Seed key backup method, electronic equipment and system
CN113315641B (en) * 2021-08-02 2021-10-08 飞天诚信科技股份有限公司 Seed key backup method, electronic equipment and system
CN114448644A (en) * 2022-03-04 2022-05-06 芜湖雄狮汽车科技有限公司 Method, device, equipment and medium for realizing digital certificate based on symmetric algorithm
CN114448644B (en) * 2022-03-04 2024-06-04 芜湖雄狮汽车科技有限公司 Digital certificate realization method, device, equipment and medium based on symmetric algorithm

Also Published As

Publication number Publication date
CN111342955B (en) 2023-04-18

Similar Documents

Publication Publication Date Title
CN107196763B (en) SM2 algorithm collaborative signature and decryption method, device and system
CN107483212B (en) Method for generating digital signature by cooperation of two parties
EP3259724B1 (en) Secure multiparty loss resistant storage and transfer of cryptographic keys for blockchain based systems in conjunction with a wallet management system
CN109309569B (en) SM2 algorithm-based collaborative signature method and device and storage medium
CN111130803B (en) Method, system and device for digital signature
US10122710B2 (en) Binding a data transaction to a person's identity using biometrics
US11880831B2 (en) Encryption system, encryption key wallet and method
CN108199835B (en) Multi-party combined private key decryption method
CN111342955B (en) Communication method and device and computer storage medium
CN107248909B (en) Certificateless secure signature method based on SM2 algorithm
US20110055585A1 (en) Methods and Systems to Create Big Memorizable Secrets and Their Applications in Information Engineering
US20110145576A1 (en) Secure method of data transmission and encryption and decryption system allowing such transmission
CN110545279A (en) block chain transaction method, device and system with privacy and supervision functions
US9438589B2 (en) Binding a digital file to a person's identity using biometrics
WO2019227225A1 (en) Systems and methods for establishing communications via blockchain
CN110545169B (en) Block chain method and system based on asymmetric key pool and implicit certificate
CN111783136A (en) Data protection method, device, equipment and storage medium
CN105812349A (en) Asymmetric secret key distribution and message encryption method based on identity information
CN107612680A (en) A kind of national secret algorithm in mobile network's payment
CN114726546A (en) Digital identity authentication method, device, equipment and storage medium
CN114095181A (en) Threshold ring signature method and system based on state cryptographic algorithm
CN115396115A (en) Block chain data privacy protection method, device, equipment and readable storage medium
CN113365264B (en) Block chain wireless network data transmission method, device and system
CN112350820A (en) Multi-receiver signcryption method, sending end, receiving end, system and storage medium
NL1043779B1 (en) Method for electronic signing and authenticaton strongly linked to the authenticator factors possession and knowledge

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant