CN111355584B - Method and apparatus for generating blockchain multi-signatures - Google Patents

Method and apparatus for generating blockchain multi-signatures Download PDF

Info

Publication number
CN111355584B
CN111355584B CN201811572473.3A CN201811572473A CN111355584B CN 111355584 B CN111355584 B CN 111355584B CN 201811572473 A CN201811572473 A CN 201811572473A CN 111355584 B CN111355584 B CN 111355584B
Authority
CN
China
Prior art keywords
password information
generate
signature
signer
blinded
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811572473.3A
Other languages
Chinese (zh)
Other versions
CN111355584A (en
Inventor
魏倩文
张�林
黄海泉
刘春伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Original Assignee
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jingdong Century Trading Co Ltd, Beijing Jingdong Shangke Information Technology Co Ltd filed Critical Beijing Jingdong Century Trading Co Ltd
Priority to CN201811572473.3A priority Critical patent/CN111355584B/en
Publication of CN111355584A publication Critical patent/CN111355584A/en
Application granted granted Critical
Publication of CN111355584B publication Critical patent/CN111355584B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3257Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures

Abstract

The embodiment of the application discloses a method and a device for generating a block chain multiple signature. One embodiment of the method comprises: in response to receiving a message to be signed sent by a client, acquiring pre-stored encryption private keys of at least two signers; for each of at least two signing parties, responding to the received password information of the signing party, signing the message to be signed by using the encrypted private key of the signing party to generate a blinded signature result of the signing party; sending the generated blinded signature result to the signing party so that the signing party carries out de-blinding processing on the blinded signature result based on the password information to generate the signature result of the signing party; and aggregating the signature results of at least two signature parties to generate a multiple signature result. This embodiment improves the efficiency of blockchain multi-signatures.

Description

Method and apparatus for generating blockchain multi-signatures
Technical Field
The embodiment of the application relates to the technical field of computers, in particular to a method and a device for generating a block chain multiple signature.
Background
In the existing blockchain system, multiple signatures can be generally adopted to protect assets, information and the like. The use of multiple signatures into blockchains may result in an extension of the application, but when applying the algorithm of multiple signatures into blockchains, each signing party of multiple signatures usually needs to perform a large amount of computations to realize the final multiple signatures.
Disclosure of Invention
The embodiment of the application provides a method and a device for generating a block chain multiple signature.
In a first aspect, an embodiment of the present application provides a method for generating a block chain multiple signature, where the method includes: in response to receiving a message to be signed sent by a client, acquiring pre-stored encryption private keys of at least two signers; for each of at least two signing parties, in response to receiving the password information of the signing party, signing the message to be signed by using the encryption private key of the signing party to generate a blinded signature result of the signing party; sending the generated blinded signature result to the signing party so that the signing party carries out de-blinding processing on the blinded signature result based on the password information to generate the signature result of the signing party; and aggregating the signature results of at least two signature parties to generate a multiple signature result.
In some embodiments, after aggregating the signature results of the at least two signers to generate a multiple signature result, the method further comprises: and sending the generated multiple signature results to the client so that the client verifies the multiple signature results based on the public keys of at least two signatories.
In some embodiments, the method further comprises: and generating public parameters so that at least two signers generate public keys and private keys of the at least two signers by adopting a key generation algorithm and the public parameters.
In some embodiments, the encryption private key is derived by: acquiring password information processed by a blinding factor from a first signing party, wherein the first signing party is any one of at least two signing parties; salt adding treatment is carried out on the password information after the blinding treatment by adopting a preset salt value, and blinding password information with salt is generated; obtaining an encryption private key of a first signer based on the generated blinded password information added with salt, wherein the encryption private key of the first signer is obtained by the first signer through the following steps: acquiring the generated blinded password information added with salt; carrying out de-blinding processing on the blinded password information added with salt based on the blinding factor to generate a password information protection value; encrypting the private key of the first signer by using the generated password information protection value to generate an encrypted private key of the first signer; and sending the generated encrypted private key of the first signer.
In some embodiments, sending the generated multiple signature results to the client to cause the client to verify the multiple signature results based on public keys of at least two signers comprises: acquiring public keys of at least two signers to generate a combined public key; and sending the combined public key and the generated multiple signature result to the client so that the client verifies the multiple signature result based on the combined public key.
In a second aspect, an embodiment of the present application provides an apparatus for generating a blockchain multiple signature, where the apparatus includes: the system comprises an acquisition unit, a storage unit and a processing unit, wherein the acquisition unit is configured to respond to the reception of a message to be signed sent by a client and acquire the pre-stored encrypted private keys of at least two signers; the signature result generation unit is configured to respond to the received password information of the signing party and sign the message to be signed by the encryption private key of the signing party to generate a blinded signature result of the signing party for each of at least two signing parties; sending the generated blinded signature result to the signing party so that the signing party carries out de-blinding processing on the blinded signature result based on the password information to generate the signature result of the signing party; and the aggregation unit is configured to aggregate the signature results of at least two signers to generate a multiple signature result.
In some embodiments, the parsing unit comprises: the device still includes: a sending unit configured to send the generated multiple signature result to the client to cause the client to verify the multiple signature result based on the public keys of the at least two signers.
In some embodiments, the apparatus further comprises: a public parameter generating unit configured to generate a public parameter so that the at least two signers generate a public key and a private key of the at least two signers using a key generation algorithm and the public parameter.
In some embodiments, the encryption private key is obtained by: acquiring password information processed by a blinding factor from a first signing party, wherein the first signing party is any one of at least two signing parties; salt adding treatment is carried out on the password information after the blinding treatment by adopting a preset salt value, and blinding password information with salt is generated; obtaining an encryption private key of a first signer based on the generated blinded password information added with salt, wherein the encryption private key of the first signer is obtained by the first signer through the following steps: acquiring the generated blinded password information added with salt; de-blinding the blinded password information added with salt based on the blinding factor to generate a password information protection value; encrypting the private key of the first signer by using the generated password information protection value to generate an encrypted private key of the first signer; and sending the generated encrypted private key of the first signer.
In some embodiments, the sending unit is further configured to: acquiring public keys of at least two signers to generate a combined public key; and sending the combined public key and the generated multiple signature results to the client so that the client verifies the multiple signature results based on the combined public key.
The method and the device for generating the block chain multiple signatures provided by the embodiment of the application are used for obtaining the pre-stored encryption private keys of at least two signing parties in response to receiving the message to be signed sent by the client, then signing the message to be signed by using the encryption private key of the signing party to generate the blinded signature result of the signing party in response to receiving the password information of the signing party for each signing party in the at least two signing parties, and then sending the generated blinded signature to the signing party, so that the signing party can perform de-blinding processing on the blinded signature result based on the password information to generate the signature result of the signing party, and finally, aggregating the signature results of the at least two signing parties to generate the multiple signature result. Therefore, the calculation amount of each signing party is reduced, and the efficiency of multiple signatures is improved.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 is an exemplary system architecture diagram in which one embodiment of the present application may be applied;
FIG. 2 is a flow diagram of one embodiment of a method for generating a blockchain multiple signature according to the present application;
FIG. 3 is a flow chart of one implementation of a method for generating an encrypted private key in the present embodiment;
FIG. 4 is a flow diagram of another embodiment of a method for generating a blockchain multiple signature according to the present application;
FIG. 5 is a block diagram illustrating an embodiment of an apparatus for generating a blockchain multiple signature according to the present disclosure;
FIG. 6 is a schematic block diagram of a computer system suitable for use to implement the electronic device of an embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.
It should be noted that, in the present application, the embodiments and features of the embodiments may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
Fig. 1 illustrates an exemplary system architecture 100 to which embodiments of the method for generating a blockchain multi-signature or the apparatus for generating a blockchain multi-signature of the present application may be applied.
As shown in fig. 1, system architecture 100 may include a client 101, multiple signed signers 102, a network 103, and a server 104. Network 103 is the medium used to provide communications links between clients 101 and server 104, and between various signers 102 and server 104. Network 103 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
A user may use client 101 to interact with server 104 over network 103 to receive or send messages to be signed, and the like. Various messaging client applications, such as a web browser application, a shopping-like application, a search-like application, an instant messaging tool, a mailbox client, social platform software, etc., may be installed on the client 101. The signatory parties 102 of the multiple signatures may be terminal devices where the signatory parties of the multiple signatures reside, and each signatory party 102 may interact with the server 104 via the network 103 to receive or send messages or the like. The multiple signatures may include n signers, as shown in fig. 1, where n is a positive integer greater than or equal to 2.
The client 101 and the signer 102 may be hardware or software. When the terminal devices 101, 102, and 103 are hardware, they may be various electronic devices that support functions of sending a message to be signed and signing, including but not limited to smart phones, tablet computers, e-book readers, MP3 players (Moving Picture Experts Group Audio Layer III, motion Picture Experts compression standard Audio Layer 3), MP4 players (Moving Picture Experts Group Audio Layer IV, motion Picture Experts compression standard Audio Layer 4), laptop portable computers, desktop computers, and the like. When the client 101 and the signer 102 are software, they may be installed in the electronic devices listed above. It may be implemented as multiple pieces of software or software modules (e.g., to provide distributed services) or as a single piece of software or software module. And is not particularly limited herein.
The server 104 may be a server providing various services, such as a background server providing a signature service for a message to be signed sent by the client 101. The background server may perform processing such as signing and aggregating on data such as a received message to be signed, and feed back a processing result (e.g., a multiple signature result) to the client.
It should be noted that the method for generating the blockchain multiple signature provided by the embodiment of the present application is generally performed by the server 104, and accordingly, the apparatus for generating the blockchain multiple signature is generally disposed in the server 104.
The server may be hardware or software. When the server is hardware, it may be implemented as a distributed server cluster formed by multiple servers, or may be implemented as a single server. When the server is software, it may be implemented as multiple pieces of software or software modules (e.g., to provide distributed services), or as a single piece of software or software module. And is not particularly limited herein.
It should be understood that the number of clients, signers, networks, and servers in fig. 1 are merely illustrative. There may be any number of clients, signers, networks, and servers, as desired for an implementation.
With continuing reference to fig. 2, a flow 200 of one embodiment of a method for generating a blockchain multiple signature in accordance with the present application is shown. The method for generating the block chain multiple signature comprises the following steps:
step 201, in response to receiving a message to be signed sent by a client, obtaining pre-stored encryption private keys of at least two signers.
Multiple signatures are generally understood to be techniques in which multiple signatories sign and authenticate the same information. In the block chain field, multiple signatures can be simply understood as multiple signatures of, for example, a digital asset, where a signature specifies the rights to which the digital asset belongs, and multiple signatures indicate that the digital asset can be managed by multiple parties. Thus, multiple signatures can typically exist for at least two signers.
In the present embodiment, an execution subject (e.g., a server shown in fig. 1) of the method for generating a block chain multiple signature may store in advance an encryption private key of each signer of the multiple signature. If the executing agent receives the message to be signed from the client side, which is used by the user to generate or send the message, through a wired connection mode or a wireless connection mode, the executing agent can obtain the pre-stored encryption private keys of the signing parties, so that the signing parties can sign by using the corresponding encryption private keys. It should be noted that the above-mentioned encrypted private key of the signer may be obtained in various ways, for example, the encrypted private key obtained by cutting the private key of the signer into two parts for encryption. It is noted that the wireless connection means may include, but is not limited to, a 3G/4G connection, a WiFi connection, a bluetooth connection, a WiMAX connection, a Zigbee connection, a UWB (ultra wideband) connection, and other wireless connection means now known or developed in the future.
It can be understood that, the execution subject stores the private key of the signing party in an encrypted form in advance, instead of directly storing the private keys of the signing parties, so that the problem that the private key of the signing party is leaked by a third party where the execution subject is located can be avoided. Meanwhile, the execution main body stores the private key of the signing party in an encrypted form, and each signing party does not need to locally store the respective private key, so that the local loss or leakage of the private key is avoided. Therefore, the execution main body can directly utilize the pre-stored encrypted private key when multiple signatures are carried out, and the security performance of private key storage is improved.
In some optional implementations of this embodiment, the encrypted private key of each of the at least two signers may be generated separately, which is a flow 300 of an implementation of the method for generating an encrypted private key in this embodiment with reference to fig. 3. The encryption private key of each signer can be obtained through the following steps:
and 301, obtaining the password information processed by the blinding factor from the first signing party.
In this implementation, the first signer may be any one of the at least two signers. The executing entity may obtain the blinded factor processed password information from the first signing party. It will be appreciated that the first signer may perform the blinding of the password information by interacting with the execution agent. Specifically, the first signer may select a password from a password dictionary space, map the over-coding into password information, randomly select a blinding factor to blindly process the password information to obtain blinded password information, and finally send the blinded password information to the executing main body.
And step 302, performing salting processing on the blinded password information by using a preset salt value to generate the blinded password information with salted.
In this implementation manner, after receiving the blinded password information, the execution main body may select a salt value (salt) so as to perform a salt adding process on the blinded password information by using the salt value to obtain the blinded password information after salt adding.
And 303, obtaining an encrypted private key of the first signer based on the generated blinded password information added with salt.
In this implementation manner, the executing entity may perform password protection on the private key of the first signer based on the generated blinded password information with salt, so as to obtain the encrypted private key of the first signer. Specifically, the encrypted private key of the first signer is obtained by the first signer through the following steps: the first signing party acquires the blinded password information of the salting sent by the execution main body; then, the first signature party performs de-blinding processing on the generated blinded password information added with salt by using the blinding factor to generate a password information protection value; then, the first signer can encrypt the private key of the first signer by using the generated password information protection value to generate an encrypted private key of the first signer; finally, the first signer sends the generated encrypted private key to the executing agent. Optionally, after receiving the encrypted private key of the first signer, the executing entity may set an identity for identifying the first signer for the encrypted private key.
Optionally, before encrypting the private key of each signer, system initialization may be performed to obtain public parameters for generating the public and private key pair (including the public key and the private key) of the signer and subsequent signatures. Specifically, each signer may generate a public key and a private key corresponding to each signer by using, for example, a schnorr key generation algorithm.
It will be appreciated that each of the at least two signers may generate the cryptographic private key using the methods provided in the present implementation. And the executing agent in this implementation may be the server shown in fig. 1, and at this time, each signing party may interact with the executing agent, as shown in fig. 1, the executing agent may directly save after obtaining the encryption private key of each signing party, so as to facilitate use of subsequent signing. Alternatively, the execution subject in this implementation may be another server different from the server shown in fig. 1, and in this case, the execution subject may obtain the encrypted private key of each signing party and then send the encrypted private key to the server for multiple signatures shown in fig. 1.
In step 202, for each of at least two signers, executing step 2021 and step 2022 may generate a signature result for the signer. Therefore, the executing entity can obtain the signature results of all the signers by executing the step.
Step 2021, in response to receiving the password information of the signer, signing the message to be signed with the encrypted private key of the signer, and generating a blinded signature result of the signer.
In this embodiment, for any signer of multiple signatures, the executing entity (for example, the server in fig. 1) may, upon receiving the password information of the signer, sign the signature message with the acquired encryption private key of the signer, so as to generate a blinded signature result of the signer. The execution subject is used as a place for generating the signature result by each signing party, and each signing party can interact with the execution subject, so that each signing party can generate the signature result in the execution subject.
Step 2022, sending the generated blinded signature result to the signing party, so that the signing party performs de-blinding processing on the blinded signature result based on the password information to generate the signature result of the signing party.
In this embodiment, based on the blinded signature result generated in step 2021, the execution subject may send the generated blinded signature result to the corresponding signer. And finally, the signature party receiving the blind signature result can use the blind factor and the password information to calculate to obtain a password protection value, and finally, the obtained blind signature result is subjected to de-blinding processing by using the password protection value to obtain the de-blinded signature result of the signature party.
Here, explanation of the signing operation can be made taking any one of the above-described at least two signers a as an example. For the signer a, after acquiring the encryption private key of the signer a, if the executing entity receives the password information sent by the signer a, the executing entity may sign the message to be signed by using the encryption private key of the signer a, so as to generate a blinded signature result of the signer a. And finally, carrying out de-blinding processing on the blinded signature result of the signer A by utilizing the password protection value to obtain the signature result of the signer A.
And step 203, aggregating the signature results of at least two signers to generate a multiple signature result.
In this embodiment, the executing entity may obtain corresponding signature results from each signing party, and then may perform an aggregation operation on the obtained signature results of each signing party, thereby generating a final multiple signature result.
In summary, in the process of block-by-block multiple signatures, each signing party only needs to use password information as input, and the signing calculation of the signing party can be completed by two rounds of interaction with the execution main body, so as to obtain the signature result of the signing party. Therefore, a large amount of signature calculation can be completed in the execution main body, the situation that the signature calculation of each signature party needs to be completed locally is avoided, the calculation amount of each signature party is reduced, and the efficiency of multiple signatures is improved. Meanwhile, the scheme does not need additional hardware equipment in the process of carrying out multiple signatures, and the signature calculation cost cannot be increased.
The method for generating a block chain multiple signature provided by the above embodiment of the present application, in response to receiving a message to be signed sent by a client, obtains encryption private keys of at least two pre-stored signing parties, then, for any one of the at least two signing parties, in response to receiving password information of the signing party, signs the message to be signed with the encryption private key of the signing party to generate a blinded signature result of the signing party, and then sends the generated blinded signature to the signing party, so that the signing party can perform de-blinding processing on the blinded signature result based on the password information to generate a signature result of the signing party, and finally, aggregate the signature results of the at least two signing parties to generate a multiple signature result. Therefore, the calculation amount of each signing party is reduced, and the efficiency of multiple signatures is improved.
With further reference to fig. 4, a flow 400 of another embodiment of a method for generating a blockchain multiple signature is shown. The process 400 of the method for generating a blockchain multiple signature includes the following steps:
step 401, in response to receiving a message to be signed sent by a client, obtaining pre-stored encryption private keys of at least two signers
Step 402, for each of at least two signers, executing step 4021 and step 4022 to generate a signature result for the signer. Therefore, the executing entity can obtain the signature results of all the signers by executing the step.
Step 4021, in response to receiving the password information of the signer, signing the message to be signed with the encrypted private key of the signer, and generating a blinded signature result of the signer
Step 4022, sending the generated blinded signature result to the signing party, so that the signing party performs de-blinding processing on the blinded signature result based on the password information to generate the signature result of the signing party.
And 403, aggregating the signature results of at least two signers to generate a multiple signature result.
In this embodiment, the specific implementation of the above steps 401 to 403 may refer to the specific implementation of steps 201 to 203 in the embodiment corresponding to fig. 2.
Step 404, sending the generated multiple signature results to the client, so that the client verifies the multiple signature results based on the public keys of at least two signers.
In this embodiment, based on the multiple signature result generated in step 403, the execution agent may send the generated multiple signature result to the client. After receiving the signature result, the client can verify the result of the multiple signatures in different ways by using the public keys of the at least two signers. If the verification passes, it may be determined that the generated multi-signature result is legitimate, and if the verification does not pass, it may be determined that the generated multi-signature result is illegitimate. As an example, the client may verify the signatures of the signers in the multiple signatures separately using the public key of each signer.
In some optional implementations of this embodiment, the executing entity may obtain the public keys of the at least two signers, so as to generate a combined public key, and then send the generated combined public key and the multiple signature result to the client. Finally, the client may verify the multiple signature result using the combined public key, for example, the client may substitute the multiple signature result and the combined public key into a preset equation, and determine that the multiple signature is verified if the equation is satisfied.
As can be seen from fig. 4, compared with the embodiment corresponding to fig. 2, the flow 400 of the method for generating a blockchain multiple signature in the present embodiment highlights the step of verifying the multiple signature result. Therefore, the scheme described in the embodiment can determine the correctness of the multiple signature result only when the multiple signature result is judged to pass the verification, and the safety of the multiple signature is improved.
With further reference to fig. 5, as an implementation of the method shown in the above figures, the present application provides an embodiment of an apparatus for generating a block chain multiple signature, where the embodiment of the apparatus corresponds to the embodiment of the method shown in fig. 2, and the apparatus may be applied to various electronic devices.
As shown in fig. 5, the apparatus 500 for generating a block chain multiple signature of the present embodiment includes: an acquisition unit 501, a signature result generation unit 502, and an aggregation unit 503. The obtaining unit 501 is configured to obtain, in response to receiving a message to be signed sent by a client, encryption private keys of at least two signers stored in advance; the signature result generating unit 502 is configured to, for each of at least two signers, in response to receiving password information of the signer, sign a message to be signed with an encryption private key of the signer, generating a blinded signature result of the signer; sending the generated blinded signature result to the signing party so that the signing party carries out de-blinding processing on the blinded signature result based on the password information to generate the signature result of the signing party; the aggregation unit 503 is configured to aggregate the signature results of at least two signers, generating a multiple signature result.
In some optional implementations of this embodiment, the apparatus 500 further includes: a transmitting unit configured to transmit the generated multiple signature result to the client so that the client verifies the multiple signature result based on public keys of at least two signers.
In some optional implementations of this embodiment, the apparatus 500 further includes: a public parameter generating unit configured to generate a public parameter so that the at least two signers generate a public key and a private key of the at least two signers using a key generation algorithm and the public parameter.
In some optional implementations of this embodiment, the encryption private key is obtained by: acquiring password information processed by a blinding factor from a first signing party, wherein the first signing party is any one of at least two signing parties; salt adding treatment is carried out on the blinded password information by adopting a preset salt value to generate the blinded password information added with salt; obtaining an encryption private key of a first signer based on the generated blinded password information added with salt, wherein the encryption private key of the first signer is obtained by the first signer through the following steps: acquiring the generated blinded password information added with salt; de-blinding the blinded password information added with salt based on the blinding factor to generate a password information protection value; encrypting the private key of the first signer by using the generated password information protection value to generate an encrypted private key of the first signer; and sending the generated encrypted private key of the first signer.
In some optional implementations of this embodiment, the sending unit is further configured to: acquiring public keys of at least two signers to generate a combined public key; and sending the combined public key and the generated multiple signature results to the client so that the client verifies the multiple signature results based on the combined public key.
The units recited in the apparatus 500 correspond to the various steps in the method described with reference to fig. 2 and 4. Thus, the operations and features described above for the method are equally applicable to the apparatus 500 and the units included therein, and are not described in detail here.
Referring now to FIG. 6, shown is a block diagram of a computer system 600 suitable for use in implementing the electronic device of an embodiment of the present application. The electronic device shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 6, the computer system 600 includes a Central Processing Unit (CPU) 601 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 602 or a program loaded from a storage section 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data necessary for the operation of the system 600 are also stored. The CPU 601, ROM 602, and RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
The following components are connected to the I/O interface 605: an input portion 606 including a keyboard, a mouse, and the like; an output portion 607 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 608 including a hard disk and the like; and a communication section 609 including a network interface card such as a LAN card, a modem, or the like. The communication section 609 performs communication processing via a network such as the internet. A driver 610 is also connected to the I/O interface 605 as needed. A removable medium 611 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 610 as necessary, so that a computer program read out therefrom is mounted in the storage section 608 as necessary.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 609, and/or installed from the removable medium 611. The computer program performs the above-described functions defined in the method of the present application when executed by a Central Processing Unit (CPU) 601. It should be noted that the computer readable medium described herein can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present application may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor includes an acquisition unit, a signature result generation unit, and an aggregation unit. The names of the units do not form a limitation to the units themselves in some cases, for example, the obtaining unit may also be described as a unit that obtains pre-stored encryption private keys of at least two signers in response to receiving a message to be signed sent by a client.
As another aspect, the present application also provides a computer-readable medium, which may be contained in the apparatus described in the above embodiments; or may be present separately and not assembled into the device. The computer readable medium carries one or more programs which, when executed by the apparatus, cause the apparatus to: responding to a received message to be signed sent by a client, and acquiring pre-stored encrypted private keys of at least two signers; for each of at least two signing parties, in response to receiving the password information of the signing party, signing the message to be signed by using the encryption private key of the signing party to generate a blinded signature result of the signing party; the signature party sends the generated blind signature result to the signature party so that the signature party carries out de-blind processing on the blind signature result based on the password information to generate the signature result of the signature party; and aggregating the signature results of at least two signature parties to generate a multiple signature result.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements in which any combination of the features described above or their equivalents does not depart from the spirit of the invention disclosed above. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.

Claims (12)

1. A method for generating a blockchain multiple signature, comprising:
in response to receiving a message to be signed sent by a client, acquiring pre-stored encryption private keys of at least two signers;
for each of the at least two signatory parties, in response to receiving the password information of the signatory party, signing the message to be signed by using the encryption private key of the signatory party to generate a blinded signature result of the signatory party; sending the generated blinded signature result to the signing party so that the signing party carries out de-blinding processing on the blinded signature result based on password information to generate the signature result of the signing party;
and acquiring corresponding signature results from the at least two signature parties, and aggregating the signature results of the at least two signature parties to generate a multiple signature result.
2. The method of claim 1, wherein after aggregating the signature results of the at least two signers to generate a multiple signature result, the method further comprising:
sending the generated multiple signature result to the client to enable the client to verify the multiple signature result based on the public keys of the at least two signers.
3. The method of claim 1, wherein the method further comprises:
and generating public parameters so that the at least two signers generate public keys and private keys of the at least two signers by adopting a key generation algorithm and the public parameters.
4. The method of claim 1, wherein the encryption private key is obtained by:
obtaining password information processed by a blinding factor from a first signing party, wherein the first signing party is any one of the at least two signing parties;
salt adding treatment is carried out on the blinded password information by adopting a preset salt value to generate the blinded password information added with salt;
obtaining an encryption private key of the first signer based on the generated salted blinded password information, wherein the encryption private key of the first signer is obtained by the first signer through the following steps: acquiring the generated blinded password information added with salt; de-blinding the salted blinded password information based on the blinding factor to generate a password information protection value; encrypting the private key of the first signer by using the generated password information protection value to generate an encrypted private key of the first signer; and sending the generated encrypted private key of the first signer.
5. The method of claim 2, wherein the sending the generated multiple signature results to the client to cause the client to verify the multiple signature results based on public keys of the at least two signers comprises:
acquiring public keys of the at least two signers to generate a combined public key;
sending the combined public key and the generated multiple signature results to the client so that the client verifies the multiple signature results based on the combined public key.
6. An apparatus for generating a blockchain multiple signature, comprising:
the system comprises an acquisition unit, a storage unit and a processing unit, wherein the acquisition unit is configured to respond to the reception of a message to be signed sent by a client and acquire the pre-stored encrypted private keys of at least two signers;
a signature result generating unit configured to, for each of the at least two signers, in response to receiving the password information of the signer, sign the message to be signed with an encryption private key of the signer, and generate a blinded signature result of the signer; sending the generated blinded signature result to the signing party so that the signing party carries out de-blinding processing on the blinded signature result based on password information to generate the signature result of the signing party;
and the aggregation unit is configured to acquire corresponding signature results from the at least two signers, and aggregate the signature results of the at least two signers to generate a multiple signature result.
7. The apparatus of claim 6, wherein the apparatus further comprises:
a sending unit configured to send the generated multiple signature result to the client to cause the client to verify the multiple signature result based on public keys of the at least two signers.
8. The apparatus of claim 6, wherein the apparatus further comprises:
a public parameter generating unit configured to generate public parameters to cause the at least two signers to generate public and private keys of the at least two signers using a key generation algorithm and the public parameters.
9. The apparatus of claim 6, wherein the encryption private key is obtained by:
obtaining password information processed by a blinding factor from a first signing party, wherein the first signing party is any one of the at least two signing parties;
salt adding treatment is carried out on the blinded password information by adopting a preset salt value to generate the blinded password information added with salt;
obtaining an encrypted private key of the first signer based on the generated blinded password information added with salt, wherein the encrypted private key of the first signer is obtained by the first signer through the following steps: acquiring the generated blinded password information added with salt; de-blinding the salted blinded password information based on the blinding factor to generate a password information protection value; encrypting the private key of the first signer by using the generated password information protection value to generate an encrypted private key of the first signer; and sending the generated encrypted private key of the first signer.
10. The apparatus of claim 7, wherein the transmitting unit is further configured to:
acquiring public keys of the at least two signers to generate a combined public key;
sending the combined public key and the generated multiple signature result to the client so that the client verifies the multiple signature result based on the combined public key.
11. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-5.
12. A computer-readable medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-5.
CN201811572473.3A 2018-12-21 2018-12-21 Method and apparatus for generating blockchain multi-signatures Active CN111355584B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811572473.3A CN111355584B (en) 2018-12-21 2018-12-21 Method and apparatus for generating blockchain multi-signatures

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811572473.3A CN111355584B (en) 2018-12-21 2018-12-21 Method and apparatus for generating blockchain multi-signatures

Publications (2)

Publication Number Publication Date
CN111355584A CN111355584A (en) 2020-06-30
CN111355584B true CN111355584B (en) 2023-04-07

Family

ID=71195357

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811572473.3A Active CN111355584B (en) 2018-12-21 2018-12-21 Method and apparatus for generating blockchain multi-signatures

Country Status (1)

Country Link
CN (1) CN111355584B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113556237B (en) * 2021-09-17 2021-12-17 杭州链网科技有限公司 Threshold signature method, system, device and storage medium based on aggregation of multiple signatures

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5966445A (en) * 1995-05-26 1999-10-12 Korea Telecommunication Authority Identification scheme single or multi-digital signature scheme giving message recovery single or multi-digital signature scheme with appendix key exchange scheme and blind digital signature scheme
CN107294707A (en) * 2017-06-22 2017-10-24 四川思安特科技有限公司 A kind of cellphone shield signature key guard method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2524578A (en) * 2014-03-28 2015-09-30 Ibm Production of cryptographic signatures

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5966445A (en) * 1995-05-26 1999-10-12 Korea Telecommunication Authority Identification scheme single or multi-digital signature scheme giving message recovery single or multi-digital signature scheme with appendix key exchange scheme and blind digital signature scheme
CN107294707A (en) * 2017-06-22 2017-10-24 四川思安特科技有限公司 A kind of cellphone shield signature key guard method

Also Published As

Publication number Publication date
CN111355584A (en) 2020-06-30

Similar Documents

Publication Publication Date Title
US11799668B2 (en) Electronic identification verification methods and systems with storage of certification records to a side chain
US10951595B2 (en) Method, system and apparatus for storing website private key plaintext
EP2737656B1 (en) Credential validation
CN108566381A (en) A kind of security upgrading method, device, server, equipment and medium
CN107248984B (en) Data exchange system, method and device
US11716206B2 (en) Certificate based security using post quantum cryptography
CN111199037B (en) Login method, system and device
CN109660534B (en) Multi-merchant-based security authentication method and device, electronic equipment and storage medium
CN108923925B (en) Data storage method and device applied to block chain
CN114358782A (en) Block chain transaction auditing method, device, equipment and storage medium
CN111161075B (en) Blockchain transaction data proving and supervising method, system and related equipment
CN109272314A (en) A kind of safety communicating method and system cooperateing with signature calculation based on two sides
CN114785524A (en) Electronic seal generation method, device, equipment and medium
CN111355584B (en) Method and apparatus for generating blockchain multi-signatures
CN111865761B (en) Social chat information evidence storing method based on block chain intelligent contracts
CN115879074B (en) Identity authentication method, device and system based on blockchain
KR101593675B1 (en) User data integrity verification method and apparatus
CN115883212A (en) Information processing method, device, electronic equipment and storage medium
CN112966286B (en) Method, system, device and computer readable medium for user login
CN110166226B (en) Method and device for generating secret key
CN112887097A (en) Signature method based on SM2 elliptic curve, related device and storage medium
KR20190041203A (en) Efficient signature verification method for digital signatures using implicit certificates
CN112926076B (en) Data processing method, device and system
CN113381982B (en) Registration method, registration device, electronic equipment and storage medium
US11683182B2 (en) Message embedment in random values

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant