CN111934858B - Supervised random public key derivation method - Google Patents

Supervised random public key derivation method Download PDF

Info

Publication number
CN111934858B
CN111934858B CN202010657040.9A CN202010657040A CN111934858B CN 111934858 B CN111934858 B CN 111934858B CN 202010657040 A CN202010657040 A CN 202010657040A CN 111934858 B CN111934858 B CN 111934858B
Authority
CN
China
Prior art keywords
user
public key
pub
outputting
steps
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010657040.9A
Other languages
Chinese (zh)
Other versions
CN111934858A (en
Inventor
范佳
曹云飞
李亚荣
王雪
张皓
赵越
吴开均
郝尧
陈宇翔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CETC 30 Research Institute
Original Assignee
CETC 30 Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CETC 30 Research Institute filed Critical CETC 30 Research Institute
Priority to CN202010657040.9A priority Critical patent/CN111934858B/en
Publication of CN111934858A publication Critical patent/CN111934858A/en
Application granted granted Critical
Publication of CN111934858B publication Critical patent/CN111934858B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3033Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test

Landscapes

  • Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Complex Calculations (AREA)

Abstract

The invention discloses a supervised random public key derivation method, which provides optional supervision functions and comprises the following steps: (1) a system parameter generation algorithm; (2) a user initial key generation algorithm; (3) a user tracking key generation algorithm; (4) a user tracking key verification algorithm; (5) a user derived public key generation algorithm; (6) a user derived private key generation algorithm; (7) a user derived public key tracking algorithm; steps (1) to (7) are executed when the supervision function is selected, and steps (1), (2), (5), (6) are executed when the supervision function is not selected. The method of the invention realizes that only one public key needs to be initially registered by the receiver, and simultaneously provides an optional supervision function.

Description

Supervised random public key derivation method
Technical Field
The invention relates to the technical field of public key derivation, in particular to a supervised random public key derivation method.
Background
In the era of the rapid development of current information technology, the advanced data acquisition and transmission technologies such as 5G, the Internet of things and the like will bring data streams with richer contents, stronger timeliness and larger volume, wherein countless private data are wrapped. In the era of the flood of data, whether the individual user is safe to enjoy the service or the enterprise explores an emerging business model, it is important to implement privacy protection.
At present, most key derivation methods are derivation methods based on symmetric keys, and the derivation method for public keys is only a random public key derivation method based on double public keys proposed by Cryptonote protocol in 2012. The method is mainly used for enhancing the anonymity of the data receiving party. In the Cryptonote protocol, when a and B are transacted, the sending party a (if the initial public key of B is known) can derive a random public key according to the initial public key pair of the receiving party B without interaction, and declare that the formulation is transferred to the user corresponding to the random public key. Since only receiver B can compute the specified private key, only B can own the asset and others cannot deduce the identity of B.
However, this method requires each receiver to initially register two public keys for derivation, and therefore, two public key certificates need to be registered, which not only increases the cost of applying for the initial certificate, but also increases the cost of storing the certificate. And the key derived in the method has no managed function.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: in view of the above existing problems, a policeable random public key derivation method is provided that requires only the initial registration of a public key by the recipient, while also providing optional policing functionality.
The technical scheme adopted by the invention is as follows:
a policeable random public key derivation method, comprising:
when the participating party comprises a user A and a user B, the user A is a sender, and the user B is a receiver, the execution flow of the random public key derivation method is as follows in sequence: the method comprises the following steps of (1), (2), (5) and (6), wherein the step (1) is executed by a third party organization or is executed by a user A and a user B together; step (5) is executed by the user A, and steps (2) and (6) are executed by the user B;
when the participating party comprises a monitoring party, a user A and a user B, the user A is a sending party, and the user B is a receiving party, the execution flow of the random public key derivation method is as follows in sequence: steps (1) to (7); wherein, the steps (1), (4) and (7) are executed by a supervisor, the step (5) is executed by a user A, and the steps (2), (3) and (6) are executed by a user B;
wherein the steps (1) to (7) are as follows:
(1) system parameter generation algorithm Pub ← (1)λ):
Input of safety parameters 1λWherein λ is a positive integer, and outputting and generating a system parameter Pub;
(2) user initial key generation algorithm (PK)0,SK0)←Pub:
Inputting system parameter Pub, outputting user B initial public and private key Pair (PK)0,SK0);
(3) User tracking key generation algorithm TK ← (Pub, SK)0):
Inputting system parameter Pub and user B initial private key SK0Outputting a tracking key TK of the user B;
(4) user tracking key validation algorithm (Y/N) ← (Pub, PK)0,TK):
Inputting system parameter Pub, user B initial public key PK0User B keeps track of the secret TK, if TK is indeed the user B's initial public key PK0If not, outputting Y, otherwise, outputting N;
(5) user-derived public key generation algorithm (PK)R,R)←(Pub,PK0):
Inputting system parameter Pub, user B initial public key PK0Exporting user B derived Public Key (PK)R,R);
(6) User derived private key generation algorithm (SK)R,R)←(Pub,SK0,PKR,R):
Inputting system parameter Pub and user B initial private key SK0User derived Public Key (PK)RR), output user B derived private key SKR
(7) User-derived public key tracking algorithm (Y/N) ← (Pub, PK)0,PKR,R,TK):
Inputting system parameter Pub, user B initial public key PK0User B derived Public Key (PK)RR), user B tracks the key TK if the derived public key is indeed the initial public key PK by user B0Deriving then outputs Y, otherwise outputs N.
Further, the step (1) comprises:
(1.1) input of safety parameters 1λWherein λ is a positive integer;
(1.2) run 1λGenerating prime p, group G1、G2And a computable bilinear pairing operation e;
(1.3) outputting the system parameter Pub, { P ═ P1,P2,G1,G2,GT,ê,Zp,H};
Wherein G is1,G2For an elliptic curve addition cyclic group of order p, GTFor multiplication loop groups of elliptic curves of order p, ZpIs a group of integers of order P, P1Is a group G1Is generated from P2Is a group G2A generator of (2); h is a hash function G of collision resistanceT→Zp(ii) a E is a computable bilinear pairing operation e: g1×G2→GT(ii) a Satisfies the following conditions:
1) bilinear; for arbitrary U1∈G1,U2∈G2Any integer a, b ∈ ZpAll have "A" "U1,b·U2)=ê(ab·U1,U2)=ê(U1,ab·U2)=ê(U1,U2)ab
2) Non-degradability; e (P)1,P2)≠1。
Further, the step (2) comprises the following steps:
(2.1) random selection of SK0∈Zp
(2.2) calculation of PK0←SK0·P1∈G1
Further, the step (3) comprises:
(3.1) calculating TK ← SK0·P2∈G2
Further, the step (4) comprises the following steps:
(4.1) if [ E (P)1,TK)==ê(PK0,P2) Outputting Y;
and (4.2) otherwise, outputting N.
Further, the step (5) comprises:
(5.1) randomly selecting r ∈ Zp
(5.2) calculating R ← R. P1∈G1
(5.3) calculation of RK ← E (PK)0,r·P2)∈GT
(5.4) calculation of PKR←H(RK)·P1+PK0∈G1
Further, the step (6) comprises:
(6.1) calculating RK ← E (R, SK)0·P2)∈GT
(6.2) calculating R ← R. P1∈G1
(6.3)SKR←H(RK)+SK0∈Zp
Further, the step (7) comprises:
(7.1) calculation of RK ← E (R, TK). epsilon.GT
(7.2)PKR′←H(RK)·P1+PK0∈G1
(7.3) if PKR′=PKROtherwise, outputting Y, and otherwise, outputting N.
In summary, due to the adoption of the technical scheme, the invention has the beneficial effects that:
the method of the invention realizes that only one public key needs to be initially registered by the receiver, and simultaneously provides an optional supervision function.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
Fig. 1 is a flow chart diagram of a random public key derivation method of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the detailed description and specific examples, while indicating the preferred embodiment of the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
Aiming at the problem that in the existing method, each receiver needs to initially register two public keys to derive, so that two public key certificates need to be registered, which not only increases the cost of applying for the initial certificate, but also increases the cost of storing the certificate. Also, the key derived in this existing method does not have a managed function. The invention provides a supervised random public key derivation method based on bilinear pairing technology, which only needs a receiver to initially register a public key and simultaneously provides an optional supervision function. Thus, as shown in fig. 1, a policeable random public key derivation method of the present invention includes:
when the participating party comprises a user A and a user B, the user A is a sender, and the user B is a receiver, the execution flow of the random public key derivation method is as follows in sequence: steps (1), (2), (5) and (6), wherein step (1) is executed by a third mechanism or is executed by a user A and a user B together; step (5) is executed by the user A, and steps (2) and (6) are executed by the user B;
when the participating party comprises a monitoring party, a user A and a user B, the user A is a sending party, and the user B is a receiving party, the execution flow of the random public key derivation method is as follows in sequence: steps (1) to (7); wherein, the steps (1), (4) and (7) are executed by a supervisor, the step (5) is executed by a user A, and the steps (2), (3) and (6) are executed by a user B;
wherein the steps (1) to (7) are as follows:
(1) system parameter generation algorithm Pub ← (1)λ):
Input of safety parameters 1λWherein λ is a positive integer, and outputting and generating a system parameter Pub;
(2) user initial key generation algorithm (PK)0,SK0)←Pub:
Inputting system parameter Pub, outputting user B initial public and private key Pair (PK)0,SK0);
(3) User tracking key generation algorithm TK ← (Pub, SK)0):
Inputting system parameter Pub and user B initial private key SK0Outputting a tracking key TK of the user B;
(4) user tracking key validation algorithm (Y/N) ← (Pub, PK)0,TK):
Inputting system parameter Pub, user B initial public key PK0User B keeps track of the secret TK, if TK is indeed the user B's initial public key PK0If not, outputting Y, otherwise, outputting N;
(5) user-derived public key generation algorithm (PK)R,R)←(Pub,PK0):
Inputting system parameter Pub, user B initial public key PK0Exporting user B derived Public Key (PK)R,R);
(6) User derived private key generation algorithm (SK)R,R)←(Pub,SK0,PKR,R):
Inputting system parameter Pub and user B initial private key SK0User B derived Public Key (PK)RR), output user B derived private key SKR
(7) User-derived public key tracking algorithm (Y/N) ← (Pub, PK)0,PKR,R,TK):
Inputting system parameter Pub, user B initial public key PK0User B derived Public Key (PK)RR), user B tracks the key TK if the derived public key is indeed the initial public key PK by user B0Deriving then outputs Y, otherwise outputs N.
The features and properties of the present invention are described in further detail below with reference to examples.
Let G1,G2For an elliptic curve addition cyclic group of order p, GTFor multiplication loop groups of elliptic curves of order p, ZpIs a group of integers of order P, P1Is a group G1Is generated from P2Is a group G2A generator of (2); h is a hash function G of collision resistanceT→Zp(ii) a E is a computable bilinear pairing operation e: g1×G2→GT(ii) a Satisfies the following conditions:
1) bilinear; for arbitrary U1∈G1,U2∈G2Any integer a, b ∈ ZpAll have "A" "U1,b·U2)=ê(ab·U1,U2)=ê(U1,ab·U2)=ê(U1,U2)ab;
2) Non-degradability; e (P)1,P2)≠1。
1. When the supervision function is not needed
Namely: when the participating party comprises a user A and a user B, the user A is a sender, and the user B is a receiver, the execution flow of the random public key derivation method is as follows in sequence: the method comprises the following steps of (1), (2), (5) and (6), wherein the step (1) is executed by a third party organization or is executed by a user A and a user B together; step (5) is executed by the user A, and steps (2) and (6) are executed by the user B;
the execution flow of the random public key derivation method is as follows:
(1) (performed by a third-party authority, or jointly by user a and user B) generates the system parameters algorithm Pub ← (1)λ):
(1.1) input of safety parameters 1λWherein λ is a positive integer;
(1.2) run 1λGenerating prime p, group G1、G2And a computable bilinear pairing operation e;
(1.3) outputting the system parameter Pub, { P ═ P1,P2,G1,G2,GT,ê,Zp,H}。
(2) (user B execution) user initial Key Generation Algorithm (PK)0,SK0)←Pub:
(2.1) random selection of SK0∈Zp
(2.2) calculation of PK0←SK0·P1∈G1(ii) a Then (5) is executed;
(5) (user A execution) user-derived public key generation algorithm (PK)R,R)←(Pub,PK0):
(5.1) randomly selecting r ∈ Zp
(5.2) calculating R ← R. P1∈G1
(5.3) calculation of RK ← E (PK)0,r·P2)∈GT
(5.4) calculation of PKR←H(RK)·P1+PK0∈G1
(6) (performed by user B) user-derived private Key Generation Algorithm (SK)R,R)←(Pub,SK0,PKR,R):
(6.1) calculating RK ← E (R, SK)0·P2)∈GT
(6.2) calculating R ← R. P1∈G1
(6.3)SKR←H(RK)+SK0∈Zp
2. When the supervision function is required to be used
Namely: when the participating party comprises a monitoring party, a user A and a user B, the user A is a sending party, and the user B is a receiving party, the execution flow of the random public key derivation method is as follows in sequence: steps (1) to (7); wherein, the steps (1), (4) and (7) are executed by a supervisor, the step (5) is executed by a user A, and the steps (2), (3) and (6) are executed by a user B;
the execution flow of the random public key derivation method is as follows:
(1) (supervisor execution) generating System parameter Algorithm Pub ← (1)λ):
(1.1) input of safety parameters 1λWhere λ ∈ Z+
(1.2) run 1λGenerating prime p, group G1、G2And a computable bilinear pairing operation e;
(1.3) outputting the system parameter Pub, { P ═ P1,P2,G1,G2,GT,ê,Zp,H}。
(2) (user B execution) user initial Key Generation Algorithm (PK)0,SK0)←Pub:
(2.1) random selection of SK0∈Zp
(2.2) calculation of PK0←SK0·P1∈G1
(3) (user B performs) user tracking key generation algorithm TK ← (Pub, SK)0):
(3.1) calculating TK ← SK0·P2∈G2
(4) (supervisor execution) user tracking Key verification Algorithm (Y/N) ← (Pub, PK)0,TK):
(4.1) if [ E (P)1,TK)==ê(PK0,P2) Outputting Y;
and (4.2) otherwise, outputting N.
(5) (user A execution) user-derived public key generation algorithm (PK)R,R)←(Pub,PK0):
(5.1) randomly selecting r ∈ Zp
(5.2) calculating R ← R. P1∈G1
(5.3) calculation of RK ← E (PK)0,r·P2)∈GT
(5.4) calculation of PKR←H(RK)·P1+PK0∈G1
(6) (performed by user B) user-derived private Key Generation Algorithm (SK)R,R)←(Pub,SK0,PKR,R):
(6.1) calculating RK ← E (R, SK)0·P2)∈GT
(6.2) calculating R ← R. P1∈G1
(6.3)SKR←H(RK)+SK0∈Zp
(7) (supervisor execution) user-derived public key tracking algorithm (Y/N) ← (Pub, PK)0,PKR,R,TK):
(7.1) calculation of RK ← E (R, TK). epsilon.GT
(7.2)PKR′←H(RK)·P1+PK0∈G1
(7.3) if PKR′=PKROtherwise, outputting Y, and otherwise, outputting N.
Through the process, the user B sends the tracking key TK of the user B to the supervisor, and the supervisor can supervise all transactions of the user B, so that single-user tracking can be achieved. If user B does not send his tracking key TK to the supervisor, RK ← E (R, SK) for each specific derivation0·P2)∈GTAnd the transaction is sent to a supervisor, and the supervisor can only supervise the transaction, so that single transaction tracking can be realized.
In the random public key derivation methods, the tracking key is generated by the user according to the private key of the user and is sent to the supervision party, so that the supervision mode belongs to user-selectable supervision. If strong supervision is to be realized, each user is required to send the tracking key of the user to the supervisor by force, and after the supervisor receives the tracking key from the user, the correctness of the tracking key can be verified through the public key of the user, so that the situation that the supervisor cannot perform correct tracking because the user sends a wrong tracking key to escape supervision is avoided.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (5)

1. A policeable random public key derivation method, comprising:
when the participating party comprises a user A and a user B, the user A is a sender, and the user B is a receiver, the execution flow of the random public key derivation method is as follows in sequence: the method comprises the following steps of (1), (2), (5) and (6), wherein the step (1) is executed by a third party organization or is executed by a user A and a user B together; step (5) is executed by the user A, and steps (2) and (6) are executed by the user B;
when the participating party comprises a monitoring party, a user A and a user B, the user A is a sending party, and the user B is a receiving party, the execution flow of the random public key derivation method is as follows in sequence: steps (1) to (7); wherein, the steps (1), (4) and (7) are executed by a supervisor, the step (5) is executed by a user A, and the steps (2), (3) and (6) are executed by a user B;
wherein the steps (1) to (7) are as follows:
(1) system parameter generation algorithm Pub ← (1)λ):
Input of safety parameters 1λWherein λ is a positive integer, and outputting and generating a system parameter Pub;
(2) user initial key generation algorithm (PK)0,SK0)←Pub:
Inputting system parameter Pub, outputting user B initial public and private key Pair (PK)0,SK0);
(3) User tracking key generation algorithm TK ← (Pub, SK)0):
Inputting system parameter Pub and user B initial private key SK0Outputting a user tracking key TK;
(4) user tracking key validation algorithm (Y/N) ← (Pub, PK)0,TK):
Inputting system parameter Pub, user B initial public key PK0The user keeps track of the secret TK, if the TK is indeed the user B initial public key PK0If not, outputting Y, otherwise, outputting N;
(5) user-derived public key generation algorithm (PK)R,R)←(Pub,PK0):
The parameters of the system are input to the Pub,user B initial public key PK0Exporting user B derived Public Key (PK)R,R);
(6) User derived private key generation algorithm (SK)R,R)←(Pub,SK0,PKR,R):
Inputting system parameter Pub and user B initial private key SK0User B derived Public Key (PK)RR), output user B derived private key SKR
(7) User-derived public key tracking algorithm (Y/N) ← (Pub, PK)0,PKR,R,TK):
Inputting system parameter Pub, user B initial public key PK0User B derived Public Key (PK)RR), user B tracks the key TK if the derived public key is indeed the initial public key PK by user B0If the derivation is carried out, Y is output, otherwise, N is output;
the step (1) comprises the following steps:
(1.1) input of safety parameters 1λWherein λ is a positive integer;
(1.2) run 1λGenerating prime p, group G1、G2And a calculable bilinear pairwise operation
Figure FDA0003367020070000021
(1.3) outputting the system parameter Pub,
Figure FDA0003367020070000022
wherein G is1,G2For an elliptic curve addition cyclic group of order p, GTFor multiplication loop groups of elliptic curves of order p, ZpIs a group of integers of order P, P1Is a group G1Is generated from P2Is a group G2A generator of (2); h is a hash function G of collision resistanceT→Zp
Figure FDA0003367020070000023
For computable bilinear pairings
Figure FDA0003367020070000024
G1×G2→GT(ii) a Satisfies the following conditions:
1) bilinear; for arbitrary U1∈G1,U2∈G2Any integer a, b ∈ ZpAll are provided with
Figure FDA0003367020070000025
2) Non-degradability;
Figure FDA0003367020070000026
the step (2) comprises the following steps:
(2.1) random selection of SK0∈Zp
(2.2) calculation of PK0←SK0·P1∈G1
The step (5) comprises the following steps:
(5.1) randomly selecting r ∈ Zp
(5.2) calculating R ← R. P1∈G1
(5.3) calculation of
Figure FDA0003367020070000031
(5.4) calculation of PKR←H(RK)·P1+PK0∈G1
2. A policeable random public key derivation method according to claim 1, wherein step (3) comprises:
(3.1) calculating TK ← SK0·P2∈G2
3. A policeable random public key derivation method according to claim 2, wherein step (4) comprises:
(4.1) if
Figure FDA0003367020070000032
Outputting Y;
and (4.2) otherwise, outputting N.
4. A policeable random public key derivation method according to claim 3, wherein step (6) comprises:
(6.1) calculation of
Figure FDA0003367020070000033
(6.2) calculating R ← R. P1∈G1
(6.3)SKR←H(RK)+SK0∈Zp
5. A policeable random public key derivation method according to claim 4, wherein step (7) comprises:
(7.1) calculation of
Figure FDA0003367020070000034
(7.2)PKR′←H(RK)·P1+PK0∈G1
(7.3) if PKR′=PKROtherwise, outputting Y, and otherwise, outputting N.
CN202010657040.9A 2020-07-09 2020-07-09 Supervised random public key derivation method Active CN111934858B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010657040.9A CN111934858B (en) 2020-07-09 2020-07-09 Supervised random public key derivation method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010657040.9A CN111934858B (en) 2020-07-09 2020-07-09 Supervised random public key derivation method

Publications (2)

Publication Number Publication Date
CN111934858A CN111934858A (en) 2020-11-13
CN111934858B true CN111934858B (en) 2022-03-18

Family

ID=73313980

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010657040.9A Active CN111934858B (en) 2020-07-09 2020-07-09 Supervised random public key derivation method

Country Status (1)

Country Link
CN (1) CN111934858B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101340282A (en) * 2008-05-28 2009-01-07 北京易恒信认证科技有限公司 Generation method of composite public key
EP2506176A1 (en) * 2011-03-30 2012-10-03 Irdeto Corporate B.V. Establishing unique key during chip manufacturing
CN107425971A (en) * 2017-04-25 2017-12-01 深圳奥联信息安全技术有限公司 Terminal and its data method for encryption/decryption and device without certificate
CN108964908A (en) * 2018-08-10 2018-12-07 飞天诚信科技股份有限公司 A kind of method and system of controlled key agreement
WO2019058240A1 (en) * 2017-09-22 2019-03-28 nChain Holdings Limited Smart contract execution using distributed coordination
CN109687959A (en) * 2018-12-29 2019-04-26 上海唯链信息科技有限公司 Key security management system and method, medium and computer program

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101340282A (en) * 2008-05-28 2009-01-07 北京易恒信认证科技有限公司 Generation method of composite public key
EP2506176A1 (en) * 2011-03-30 2012-10-03 Irdeto Corporate B.V. Establishing unique key during chip manufacturing
WO2012130575A1 (en) * 2011-03-30 2012-10-04 Irdeto Corporate B.V. Establishing unique key during chip manufacturing
CN107425971A (en) * 2017-04-25 2017-12-01 深圳奥联信息安全技术有限公司 Terminal and its data method for encryption/decryption and device without certificate
WO2019058240A1 (en) * 2017-09-22 2019-03-28 nChain Holdings Limited Smart contract execution using distributed coordination
CN108964908A (en) * 2018-08-10 2018-12-07 飞天诚信科技股份有限公司 A kind of method and system of controlled key agreement
CN109687959A (en) * 2018-12-29 2019-04-26 上海唯链信息科技有限公司 Key security management system and method, medium and computer program

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Monero Ring Attack: Recreating Zero Mixin Transaction Effect;Dimaz Ankaa Wijaya;《2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering》;20180906;全文 *
基于移动端的轻量级NFC安全认证方案;李艳俊;《计算机工程与应用,2020,56(16)》;20191025;全文 *

Also Published As

Publication number Publication date
CN111934858A (en) 2020-11-13

Similar Documents

Publication Publication Date Title
US6298153B1 (en) Digital signature method and information communication system and apparatus using such method
CN103414569B (en) A kind of method of the public key cryptography setting up attack resistance
CN104270249B (en) It is a kind of from the label decryption method without certificate environment to identity-based environment
CN108667626A (en) The two sides cooperation SM2 endorsement methods of safety
US8959355B2 (en) Authentication device, authentication method, program, and signature generation device
CN104821880B (en) One kind is without certificate broad sense agent signcryption method
CN110120939B (en) Encryption method and system capable of repudiation authentication based on heterogeneous system
CN110113150B (en) Encryption method and system based on non-certificate environment and capable of repudiation authentication
CN104301108B (en) It is a kind of from identity-based environment to the label decryption method without certificate environment
CN113300856B (en) Heterogeneous mixed signcryption method capable of proving safety
CN1937496A (en) Extensible false name certificate system and method
CN106936584B (en) Method for constructing certificateless public key cryptosystem
CN114710275B (en) Cross-domain authentication and key negotiation method based on blockchain in Internet of things environment
CN109698747B (en) Identity-based identity hiding key negotiation method based on bilinear pairings
CN112104453A (en) Anti-quantum computation digital signature system and signature method based on digital certificate
CN111654366A (en) Secure bidirectional heterogeneous strong-designation verifier signature method between PKI and IBC
Rezaeibagha et al. Secure and privacy-preserved data collection for IoT wireless sensors
CN111245615B (en) Digital signature password reverse firewall method based on identity
CN114285580B (en) Online and offline signcryption method from certificate-free to public key infrastructure
CN111934858B (en) Supervised random public key derivation method
CN116015592A (en) Homomorphic encryption system meeting zero knowledge proof
Aditia et al. Certificate-less public key encryption for secure e-healthcare systems
CN109412815B (en) Method and system for realizing cross-domain secure communication
CN112819465A (en) Elgamal-based homomorphic encryption method and application system
CN115665732B (en) Certificate-free signature authentication method for satellite Internet

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant