CN112287399B - Digital signature method, system and device - Google Patents
Digital signature method, system and device Download PDFInfo
- Publication number
- CN112287399B CN112287399B CN201910661981.7A CN201910661981A CN112287399B CN 112287399 B CN112287399 B CN 112287399B CN 201910661981 A CN201910661981 A CN 201910661981A CN 112287399 B CN112287399 B CN 112287399B
- Authority
- CN
- China
- Prior art keywords
- authentication information
- signature
- data
- key
- digital signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The embodiment of the application discloses a digital signature method, a system and a device, wherein a first terminal sends a signature request corresponding to a first trusted center to the first trusted center, and the first trusted center authenticates first authentication information in the signature request by using a first shared key shared with the first terminal. And when the authentication passes, generating a digital signature by using the local signature key, and sending the signature data, the digital signature and the second authentication information to the second trusted center, wherein the second trusted center authenticates the second authentication information by using a second shared key shared by each first trusted center. And if the authentication is passed, the signature data, each digital signature and the third authentication information are sent to the second terminal. And the second terminal authenticates the third authentication information by using a third shared key shared with the second trusted center, and when the authentication is passed, each digital signature is used as the digital signature of the signature data. Namely, a plurality of trusted centers authenticate information, and the security of the digital signature is improved.
Description
Technical Field
The present application relates to the field of information security technologies, and in particular, to a digital signature method, system, and apparatus.
Background
A digital signature is some data appended to a data unit or a cryptographic transformation performed on a data unit. Such data or transformations allow the recipient of the data unit to verify the source of the data unit and the integrity of the data unit and to protect the data unit from being counterfeited by a person (e.g., the recipient). Which is a method of signing messages in electronic form that can be transmitted in a communication network. The digital signature can ensure the integrity of information transmission, can realize the identity authentication of a sender at the same time, and prevent the repudiation in transaction.
The digital signature used in the current classical network can be divided into two categories of asymmetric key digital signature and symmetric key digital signature. The asymmetric key digital signature is also called as public key digital signature, and is a digital signature method realized by adopting a public key cryptosystem. The sender of the signature data encrypts the digest of the signature data by using the private key of the sender, and the receiver verifies the integrity of the data by using the public key of the sender and simultaneously verifies the identity of the sender. The security of the asymmetric key digital signature method is based on the security of a public key cryptosystem. The security of public key cryptography is based on the difficulty of decomposing large numbers or calculating logarithms modulo large prime numbers. Therefore, the asymmetric key digital signature method is based on the calculation complexity and is unconditionally safe.
The symmetric key digital signature is a signature method based on a trusted center. The trusted center shares symmetric keys with a signature data sender and a signature data receiver respectively, the data sender encrypts and sends signature data to the trusted center through the shared key shared with the trusted center, the trusted center signs the signature data by using the unique signature key of the trusted center, and then the signature data is encrypted through the shared key shared with the signature data receiver and sent to the signature data receiver. The holder of the signature data can verify the integrity of the digital signature and the identity of the sender of the data at any time through the trusted center. However, the security of the digital signature system in this way depends on the absolute credibility of the trusted center, and when the trusted center is attacked, the security of the digital signature system cannot be guaranteed.
Disclosure of Invention
In view of this, embodiments of the present application provide a digital signature method, system and apparatus, so as to solve the technical problem in the prior art that security of a digital signature has dependency on a single trusted center.
In order to solve the above problem, the technical solution provided by the embodiment of the present application is as follows:
a digital signature method, the method comprising:
a first terminal sends a signature request corresponding to a first trusted center to the first trusted center, wherein the signature request comprises first identity information, signature data and first authentication information, and the first authentication information is the first identity information and the signature data generated by using a first shared key shared by the first trusted center; the number of the first trusted centers is at least one;
the first trusted center authenticates the first authentication information by using the first shared key, if the first authentication information passes the authentication, a local signing key is used for generating a digital signature of the signing data, and the signing data, the digital signature and second authentication information are sent to a second trusted center, wherein the second authentication information is the signing data generated by using a second shared key shared with the second trusted center and the authentication information of the digital signature;
the second trusted center respectively uses a second shared key corresponding to each first trusted center to authenticate second authentication information sent by the first trusted center, and if each second authentication information passes authentication, the signature data, each digital signature and third authentication information are sent to a second terminal, wherein the third authentication information is the signature data and the authentication information of each digital signature generated by using a third shared key shared with the second terminal;
and the second terminal authenticates the third authentication information by using the third shared key, reserves the signature data and each digital signature if the third authentication information passes the authentication, and takes each digital signature as the digital signature of the signature data.
In one possible implementation manner, the authenticating, by the first trusted center, the first authentication information using the first shared key includes:
the first trusted center generates fourth authentication information, wherein the fourth authentication information is authentication information of received first identity information and received signature data generated by using the first shared key, and if the fourth authentication information is consistent with the first authentication information, the first authentication information passes authentication;
the second trusted center respectively uses the second shared key corresponding to each first trusted center to authenticate the second authentication information sent by the first trusted center, and the authentication method includes:
the second trusted centers respectively generate fifth authentication information corresponding to each first trusted center, the fifth authentication information is received signature data generated by using a second shared key corresponding to the first trusted center and received authentication information of a digital signature of the first trusted center, and if the fifth authentication information corresponding to each first trusted center is the same as the second authentication information sent by the first trusted center, each second authentication information passes authentication;
the second terminal authenticates the third authentication information by using the third shared key, including:
and the second terminal generates sixth authentication information, wherein the sixth authentication information is the received signature data generated by using the third shared secret key and the received authentication information of each digital signature, and if the sixth authentication information is consistent with the third authentication information, the third authentication information passes the authentication.
In one possible implementation, the method further includes:
the signature key distribution server generates original key data, processes the original key data by adopting an erasure code technology to generate signature key data, and distributes the signature key data to each first trusted center; the local signing key in the first trusted center is obtained from signing key data sent by the signing key distribution server.
In one possible implementation, the method further includes:
and the signing key distribution server recovers the signing key data in the first trusted center.
In one possible implementation, the method further includes:
the third terminal respectively sends the signature data and the digital signatures to a first credible center generating the digital signatures;
the first trusted center which receives the digital signature verifies the digital signature according to the signature data and the received digital signature, and sends a verification result to the third terminal;
and if the third terminal receives a verification result that each digital signature passes the verification, determining that the digital signature of the signature data is correct.
In one possible implementation, the method further includes:
if the third terminal receives a verification result that each digital signature fails to pass the verification, the third terminal sends the signature data and the digital signature failing to pass the verification to a mediation server;
and the arbitration server judges whether a local signature key in the first trusted center corresponding to the digital signature which fails to pass the verification is changed or not, and if not, sends a verification result that the digital signature which fails to pass the verification passes the verification to the third terminal.
A digital signature method, the method being applied to a first trusted center, the method comprising:
receiving a signature request sent by a first terminal, wherein the signature request comprises first identity information, signature data and first authentication information, and the first authentication information is the first identity information and the authentication information of the signature data generated by using a first shared key shared by the first trusted center;
authenticating the first authentication information by using the first shared key, and if the first authentication information passes the authentication, generating a digital signature of the signature data by using a local signature key;
sending the signature data, the digital signature and second authentication information to a second trusted center so that the second trusted center authenticates the second authentication information by using a second shared key corresponding to the first trusted center, and if the second authentication information sent by each first trusted center passes authentication, sending the signature data, each digital signature sent by each first trusted center and third authentication information to a second terminal; the second authentication information is the signature data and the authentication information of the digital signature generated by the first trusted center by using a second shared key shared with the second trusted center; the third authentication information is the signature data generated by the second trusted center by using a third shared key shared with the second terminal and the authentication information of each digital signature; and the second terminal is used for authenticating the third authentication information by using the third shared key, if the third authentication information passes the authentication, the signature data and the digital signatures are reserved, and the digital signatures are used as the digital signatures of the signature data.
In a possible implementation manner, the authenticating the first authentication information by using the first shared key includes:
generating fourth authentication information, wherein the fourth authentication information is authentication information of the received first identity information and the received signature data generated by using the first shared key, and if the fourth authentication information is consistent with the first authentication information, the first authentication information passes authentication.
In a possible implementation manner, the local signing key in the first trusted center is obtained from signing key data sent by a signing key distribution server, and the signing key distribution server is configured to generate original key data, process the original key data by using an erasure code technique, generate signing key data, and distribute the signing key data to each of the first trusted centers.
In a possible implementation manner, the signing key distribution server is further configured to recover signing key data in the first trusted center.
In one possible implementation, the method further includes:
receiving the signature data and the digital signature sent by a third terminal, verifying the digital signature according to the signature data and the digital signature, and sending a verification result to the third terminal, so that if the third terminal receives the verification result that the digital signature corresponding to each first trusted center passes the verification, the third terminal determines that the digital signature of the signature data is correct.
In a possible implementation manner, the third terminal is further configured to send the signature data and the digital signature for which the verification fails to pass to the mediation server if a verification result that each of the digital signatures fails to pass the verification is received;
the arbitration server is configured to determine whether a local signature key in the first trusted center corresponding to the digital signature that fails to pass the verification is changed, and if not, send a verification result that the digital signature that fails to pass the verification passes the verification to the third terminal.
A digital signature method applied to a second trust center, the method comprising:
receiving signature data, digital signatures and second authentication information sent by each first trusted center; the first trusted center is configured to receive a signature request sent by a first terminal, where the signature request includes first identity information, signature data, and first authentication information, and the first authentication information is authentication information of the first identity information and the signature data generated by the first terminal using a first shared key shared with the first trusted center; authenticating the first authentication information by using the first shared key, and if the first authentication information passes the authentication, generating a digital signature of the signature data by using a local signature key; sending the signature data, the digital signature and second authentication information to a second trusted center, wherein the second authentication information is the signature data and the authentication information of the digital signature generated by the first trusted center by using a second shared key shared with the second trusted center;
respectively using a second shared key corresponding to each first trusted center to authenticate second authentication information sent by the first trusted center;
if the second authentication information passes the authentication, the signature data, the digital signatures and the third authentication information are sent to a second terminal so that the second terminal can authenticate the third authentication information by using a third shared key, if the third authentication information passes the authentication, the signature data and the digital signatures are reserved, and the digital signatures are used as the digital signatures of the signature data; the third authentication information is the signature data generated using a third shared key shared with the second terminal and the authentication information of each of the digital signatures.
In a possible implementation manner, the authenticating the second authentication information sent by each first trusted center by using the second shared key corresponding to the first trusted center respectively includes:
and respectively generating fifth authentication information corresponding to each first trusted center, wherein the fifth authentication information is received signature data generated by using a second shared key corresponding to the first trusted center and received authentication information of a digital signature of the first trusted center, and if the fifth authentication information corresponding to each first trusted center is the same as the second authentication information sent by the first trusted center, each second authentication information passes authentication.
In a possible implementation manner, the local signing key in the first trusted center is obtained from signing key data sent by a signing key distribution server, and the signing key distribution server is configured to generate original key data, process the original key data by using an erasure code technique to generate signing key data, and distribute the signing key data to each first trusted center.
In a possible implementation manner, the signing key distribution server is further configured to recover signing key data in the first trusted center.
A digital signature system, the system comprising: the system comprises a first terminal, a first credible center, a second credible center and a second terminal;
the first terminal is used for sending a signature request corresponding to a first trusted center to the first trusted center, wherein the signature request comprises first identity information, signature data and first authentication information, and the first authentication information is the first identity information and the authentication information of the signature data generated by using a first shared key shared by the first trusted center; the number of the first trusted centers is at least one;
the first trusted center is configured to authenticate the first authentication information using the first shared key, generate a digital signature of the signature data using a local signature key if the first authentication information passes authentication, and send the signature data, the digital signature, and second authentication information to a second trusted center, where the second authentication information is the signature data and the authentication information of the digital signature generated using a second shared key shared with the second trusted center;
the second trust center is configured to authenticate second authentication information sent by the first trust center by using a second shared key corresponding to each first trust center, and send the signature data, each digital signature, and third authentication information to a second terminal if each second authentication information passes the authentication, where the third authentication information is the signature data and the authentication information of each digital signature generated by using a third shared key shared with the second terminal;
and the second terminal is used for authenticating the third authentication information by using the third shared key, reserving the signature data and each digital signature if the third authentication information passes the authentication, and taking each digital signature as the digital signature of the signature data.
In a possible implementation manner, the first trust center is specifically configured to: generating fourth authentication information, wherein the fourth authentication information is authentication information of the received first identity information and the received signature data generated by using the first shared key, and if the fourth authentication information is consistent with the first authentication information, the first authentication information passes authentication;
the second trusted centers are specifically configured to generate fifth authentication information corresponding to each first trusted center, where the fifth authentication information is received signature data generated by using a second shared key corresponding to the first trusted center and received authentication information of a digital signature of the first trusted center, and if the fifth authentication information corresponding to each first trusted center is the same as the second authentication information sent by the first trusted center, each second authentication information passes authentication;
the second terminal is specifically configured to generate sixth authentication information, where the sixth authentication information is received signature data generated using the third shared key and received authentication information of each digital signature, and if the sixth authentication information is consistent with the third authentication information, the third authentication information passes authentication.
In one possible implementation, the system further includes:
the signature key distribution server is used for generating original key data, processing the original key data by adopting an erasure code technology, generating signature key data and distributing the signature key data to each first credible center; the local signing key in the first trusted center is obtained from signing key data sent by the signing key distribution server.
In a possible implementation manner, the signing key distribution server is further configured to recover signing key data in the first trusted center.
In one possible implementation, the system further includes:
the third terminal is used for respectively sending the signature data and each digital signature to a first credible center generating the digital signature;
the first credible center which receives the digital signature verifies the digital signature according to the signature data and the received digital signature, and sends a verification result to the third terminal;
and the third terminal is further configured to determine that the digital signature of the signature data is correct if a verification result that each digital signature passes verification is received.
In a possible implementation manner, the third terminal is further configured to send the signature data and the digital signature for which the verification fails to pass to the mediation server if a verification result that each of the digital signatures fails to pass the verification is received;
the arbitration server is configured to determine whether a local signature key in the first trusted center corresponding to the digital signature that fails to pass the verification is changed, and if not, send a verification result that the digital signature that fails to pass the verification passes the verification to the third terminal.
A digital signature apparatus, the apparatus being applied to a first trust center, the apparatus comprising:
a first receiving unit, configured to receive a signature request sent by a first terminal, where the signature request includes first identity information, signature data, and first authentication information, and the first authentication information is authentication information of the first identity information and the signature data that is generated using a first shared key shared by the first trust center;
a first authentication unit configured to authenticate the first authentication information using the first shared key;
a first generation unit configured to generate a digital signature of the signature data using a local signing key if the authentication result of the first authentication unit is authentication pass;
the first sending unit is configured to send the signature data, the digital signature, and the second authentication information to a second trusted center, so that the second trusted center authenticates the second authentication information using a second shared key corresponding to the first trusted center, and if the second authentication information sent by each first trusted center passes authentication, send the signature data, each digital signature sent by each first trusted center, and third authentication information to a second terminal; the second authentication information is the signature data and the authentication information of the digital signature generated by the first trusted center by using a second shared key shared with the second trusted center; the third authentication information is the signature data generated by the second trusted center by using a third shared key shared with the second terminal and the authentication information of each digital signature; and the second terminal is used for authenticating the third authentication information by using the third shared key, if the third authentication information passes the authentication, the signature data and the digital signatures are reserved, and the digital signatures are used as the digital signatures of the signature data.
In a possible implementation manner, the first authentication unit is specifically configured to generate fourth authentication information, where the fourth authentication information is authentication information of the received first identity information and the received signature data generated by using the first shared key, and if the fourth authentication information is consistent with the first authentication information, the first authentication information passes authentication.
In a possible implementation manner, the local signing key in the first trusted center is obtained from signing key data sent by a signing key distribution server, and the signing key distribution server is configured to generate original key data, process the original key data by using an erasure code technique, generate signing key data, and distribute the signing key data to each of the first trusted centers.
In a possible implementation manner, the signing key distribution server is further configured to recover signing key data in the first trusted center.
In one possible implementation, the apparatus further includes:
and the second receiving unit is used for receiving the signature data and the digital signature sent by a third terminal, verifying the digital signature according to the signature data and the digital signature, and sending a verification result to the third terminal, so that if the third terminal receives the verification result that the digital signature corresponding to each first credible center passes the verification, the third terminal determines that the digital signature of the signature data is correct.
In a possible implementation manner, the third terminal is further configured to send the signature data and the digital signature for which the verification fails to pass to the mediation server if a verification result that each of the digital signatures fails to pass the verification is received;
the arbitration server is configured to determine whether a local signature key in the first trusted center corresponding to the digital signature that fails to pass the verification is changed, and if not, send a verification result that the digital signature that fails to pass the verification passes the verification to the third terminal.
A digital signature apparatus, the apparatus being applied to a second trust center, the apparatus comprising:
the third receiving unit is used for receiving the signature data, the digital signature and the second authentication information sent by each first trusted center; the first trusted center is used for receiving a signature request sent by a first terminal, wherein the signature request comprises first identity information, signature data and first authentication information, and the first authentication information is the first identity information and the signature data generated by the first terminal by using a first shared key shared by the first trusted center; authenticating the first authentication information by using the first shared key, and if the first authentication information passes the authentication, generating a digital signature of the signature data by using a local signature key; sending the signature data, the digital signature and second authentication information to a second trusted center, wherein the second authentication information is the signature data and the authentication information of the digital signature generated by the first trusted center by using a second shared key shared with the second trusted center;
the second authentication unit is used for authenticating second authentication information sent by each first trusted center by using a second shared key corresponding to the first trusted center;
a second sending unit, configured to send the signature data, each digital signature, and third authentication information to a second terminal if an authentication result of the second authentication unit is that each piece of second authentication information is authenticated, so that the second terminal authenticates the third authentication information using a third shared key, and if the third authentication information is authenticated, retain the signature data and each digital signature, and use each digital signature as a digital signature of the signature data; the third authentication information is the signature data generated using a third shared key shared with the second terminal and the authentication information of each of the digital signatures.
In a possible implementation manner, the second authentication unit is specifically configured to generate fifth authentication information corresponding to each first trust center, where the fifth authentication information is received signature data generated by using a second shared key corresponding to the first trust center and received authentication information of a digital signature of the first trust center, and if the fifth authentication information corresponding to each first trust center is the same as the second authentication information sent by the first trust center, each second authentication information passes authentication.
In a possible implementation manner, the local signing key in the first trusted center is obtained from signing key data sent by a signing key distribution server, and the signing key distribution server is configured to generate original key data, process the original key data by using an erasure code technique, generate signing key data, and distribute the signing key data to each of the first trusted centers.
In a possible implementation manner, the signing key distribution server is further configured to recover signing key data in the first trusted center.
Therefore, the embodiment of the application has the following beneficial effects:
in the embodiment of the application, a first terminal sends a signature request corresponding to a first trusted center to the first trusted center, the first trusted center authenticates first authentication information in the signature request by using a first shared key shared with the first terminal, when the authentication is passed, a local signature key is used for generating a digital signature of signature data, the digital signature and second authentication information are sent to a second trusted center, the second trusted center authenticates the second authentication information by using a second shared key shared with each first trusted center, if each second authentication information is authenticated, the signature data, each digital signature and third authentication information are sent to a second terminal, the second terminal authenticates the third authentication information by using a third shared key shared with the second trusted center, and if the third authentication information is authenticated, the digital signatures are used as digital signatures of signature data, and therefore the digital signature method provided by the embodiment of the application is based on multiple trusted centers, and multiple trusted centers perform information authentication, so that the dependence of the digital signatures on the security of a single trusted center is reduced, and the security of the digital signatures is improved.
Drawings
Fig. 1 is a block diagram of a system for generating a digital signature according to an embodiment of the present application;
fig. 2 is a signaling interaction diagram of a digital signature method according to an embodiment of the present application;
fig. 3 is a signaling interaction diagram for verifying a digital signature according to an embodiment of the present application;
fig. 4 is a flowchart of generating a signing key according to an embodiment of the present application;
FIG. 5 is a block diagram of an exemplary application scenario provided by an embodiment of the present application;
fig. 6 is a flowchart of a method for implementing digital signature by a first trust center according to an embodiment of the present application;
fig. 7 is a flowchart of a method for implementing digital signature by a second trust center according to an embodiment of the present application;
fig. 8 is a diagram of a digital signature system according to an embodiment of the present application;
fig. 9 is a structural diagram of a digital signature device according to an embodiment of the present application;
fig. 10 is a block diagram of another digital signature apparatus according to an embodiment of the present application.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, embodiments accompanying figures and detailed description thereof are described in further detail below.
To facilitate understanding of the technical solutions provided in the present application, the following first describes the background art of the present application.
The inventor finds in research on a traditional symmetric key digital signature method that the digital signature method is based on a signature method of a trusted center, and the trusted center shares symmetric keys with a signature data sender and a signature data receiver respectively, that is, the trusted center is used for performing digital signature on signature data sent by the signature data sender and verifying the integrity of the digitally signed data according to an authentication request sent by the signature data receiver, and when the trusted center is attacked, the security of a digital signature system cannot be guaranteed.
Based on this, an embodiment of the present application provides a digital signature method, where a sender of signature data, that is, a first terminal and a receiver of the signature data, that is, a second terminal, communicate with different trust centers, respectively, when digital signature needs to be performed on the signature data, the first terminal sends a signature request corresponding to the first trust center to a first trust center corresponding to the first terminal, and then the first trust center authenticates first authentication information using a first shared key shared with the first terminal, when the authentication is passed, a local signature key is used to generate a digital signature of the signature data, and the signature data, the digital signature and second authentication information are sent to a second trust center, and when the authentication is passed, the second trust center authenticates the second authentication information using a second shared key shared with the first trust center, and when the authentication is passed, the signature data, the signature request and the second authentication information are sent to the second trust center, And finally, the second terminal authenticates the third authentication information by using a third secret key shared with the second trusted center, and when the authentication is passed, the digital signature is used as the digital signature of the signature data. In addition, when the first terminal corresponds to a plurality of first trusted centers, the first terminal sends a signature request corresponding to each first trusted center, and meanwhile, the second trusted center needs to authenticate second authentication information sent by each first trusted center. Therefore, the digital signature method provided by the embodiment of the application is based on multiple trusted centers, and multiple trusted centers perform authentication, so that the dependence of the digital signature on the security of a single trusted center is reduced, and the security of the digital signature is improved.
Referring to fig. 1, the digital signature system provided in the embodiment of the present application may include: the system comprises a sender of signature data, a first credible center, a second credible center and a receiver of the signature data; in some possible implementations, the system may further include: the signature key distribution server, the signature verifier and the arbitration server.
The sender of the signature data, the receiver of the signature data, and the signature verifier may be a first terminal, a second terminal, and a third terminal in the embodiment of the present application, respectively.
And the signing key distribution server is used for generating key data and distributing the generated key data to the first trusted center.
And the sender of the signature data performs identity authentication registration to the first trusted center, acquires a shared key for registering the first trusted center, and encrypts the signature request sent to the first trusted center by using the shared key. The sender of the signature data may be a network terminal or a device using the network terminal.
And the first trusted center is used for providing a shared key for a sender of the signature data, authenticating the first authentication information in a signature request sent by the sender of the signature data, generating a digital signature of the signature data when the authentication is passed, and sending the signature data, the digital signature and the second authentication information to the second trusted center.
And the second trusted center is used for providing a shared key for the receiver of the signature data, authenticating the second authentication information, generating third authentication information when the authentication is passed, and sending the signature data, the digital signature and the third authentication information to the receiver of the signature data.
And the receiver of the signature data can be a network terminal or equipment using the network terminal.
And the signature verifier can be a receiver of the signature data and can also be other equipment which has the digital signature and needs to verify the validity of the digital signature, when the third authentication information passes the authentication, the signature data and the digital signature are sent to the first credible centers which generate the digital signature, the validity of the digital signature is judged according to the verification result of each first credible center, and if the verification results of the first credible centers are inconsistent, signature arbitration can be applied to the arbitration server. And the signature verifier sends the signature data and the digital signature which fail to verify to the arbitration server.
The arbitration server is used for calling the signature key related data used by the digital signature which fails to verify, checking whether the signature key used for verifying the digital signature is changed or not, and if the signature key used for verifying the digital signature is changed, judging that the verification result received by the signature verifier is correct; if not, the verification result received by the signature verifier is judged to be erroneous.
Those skilled in the art will appreciate that the block diagram shown in fig. 1 is only one example in which embodiments of the present application may be implemented. The scope of applicability of the embodiments of the present application is not limited in any way by this framework.
It should be noted that the sender of the signature data and the recipient of the signature data in the embodiments of the present application may be any existing, developing or future developed user equipment capable of interacting with the first and second trust centers through any form of wired and/or wireless connection (e.g., Wi-Fi, LAN, cellular, coaxial cable, etc.), including but not limited to: existing, developing, or future developing smartphones, non-smartphones, tablets, laptop personal computers, desktop personal computers, minicomputers, midrange computers, mainframe computers, and the like. It should also be noted that, in the embodiment of the present application, the signing key distribution server may be an example of an existing, developing or future developed device capable of providing key data to the first trusted center and the second trusted center, and the embodiment of the present application is not limited in this respect.
As is apparent from the above description, when implementing a digital signature, processes related to distribution of a signature key, a signature request, and the like are required, and for facilitating understanding of the digital signature generation method provided in the embodiments of the present application, a description will be given of a signature key generation method, a digital signature, and a digital signature authentication process, respectively.
Creation of a signing key
The signature key distribution server generates original key data; then processing the original key data by adopting an erasure code technology to generate signature key data; the signing key data is distributed to each first trust center. The first trusted center divides the received signature key data into signature key sequences and encodes each signature key, so that a plurality of local signature keys can be obtained.
The erasure coding technique is a data protection method, and may divide data into a plurality of segments, and expand and encode redundant data blocks, and a method for generating signature key data using the erasure coding technique will be described in the following embodiments.
In addition, due to the characteristics of erasure coding technology, when some signature key data of the first trusted centers are tampered or lost, the signature key distribution server can recover the signature key data in the first trusted centers, so that the accuracy of the signature key data of the first trusted centers is ensured.
Furthermore, when the signing key data in the signing key database of the first trusted center is insufficient, the first trusted center may send a request to the signing key distribution server, so that the signing key server supplements new signing key data to the first trusted center according to the request sent by the first trusted center.
When the first trust center distributes the signing key data, the signing data can be digitally signed according to the signing request sent by the first terminal, and the digital signing method will be described with reference to the accompanying drawings.
Generation of two, digital signatures
Referring to fig. 2, which is a digital signature signaling interaction diagram provided in an embodiment of the present application, as shown in fig. 2, the method may include:
s201: the first terminal sends a signature request corresponding to the first trusted center.
In this embodiment, when a first terminal needs to acquire a digital signature of signature data, a signature request corresponding to a first trusted center is sent to the first trusted center, where the signature request includes first identity information, the signature data, and first authentication information, and the first authentication information is first identity information and authentication information of the signature data, which are generated by the first terminal using a first shared key shared with the first trusted center, that is, the first identity information and the signature data are encrypted using the first shared key, so as to generate first authentication information. The first identity information may include an identity of the first terminal, an identity of the second terminal, and an identity of the second trust center.
In a specific implementation, the first shared key may be used to calculate a hash of the first identity information and the signature data, and the hash may be used to calculate a message authentication code HMAC, which is used as the first authentication information. For example, the signature data is P, the identity of the first terminal is a, the identity of the second terminal is B, and the identity of the second trust center is ID 2 The first shared secret key is K A Then utilize K A Calculating an identity A of the first terminal, an identity B of the second terminal and a second trusted center ID 2 And hashing the signed data P with a message authentication code HMAC (A, B, ID) 2 、P;K A )。
In practical application, before the first terminal initiates the signing request, the second terminal may send, to the first terminal, an identity of a second trusted center registered by the second terminal, or the first trusted center registered by the first terminal obtains, through query, the identity of the second trusted center registered by the second terminal. When the first terminal acquires the identity of the second trusted center, the signature data in the signature request and the digital signature generated by the first trusted center may be sent to the second trusted center according to the identity of the second trusted center.
In a specific implementation, the first terminal may perform identity authentication registration with the plurality of first trust centers, and further send signature requests corresponding to the first trust centers to the plurality of first trust centers. It will be appreciated that the first authentication information generated is different due to the difference in shared key between each first trust center and the first terminal, and therefore, for each first trust center, the first terminal needs to send a corresponding signing request to the first trust center.
In addition, to implement the one-time pad, the signing request may further include a serial number CTR of the first shared key, and when the first trusted center receives the signing request, it may be verified whether the first shared key used in the signing request is a used key according to the serial number CTR.
S202: the first trusted center authenticates the first authentication information by using the first shared key, if the first authentication information passes the authentication, the digital signature of the signature data is generated by using the local signature key, and the signature data, the digital signature and the second authentication information are sent to the second trusted center.
In this embodiment, when a first trusted center receives a signing request sent by a first terminal, a first shared key is used to authenticate first authentication information in the signing request, if the authentication is passed, a local signing key is obtained from a signing key library, a digital signature of signing data is generated by using the local signing key, the signing data and the digital signature are encrypted by using a second shared key shared by the first trusted center and a second trusted center to generate second authentication information, and then the signing data, the digital signature and the second authentication information are sent to the second trusted center; if the authentication is not passed, the signature process is terminated.
In practical application, when the serial number CTR1 of the first shared key is included in the signing request, the first trust center first verifies whether the shared key with serial number CTR1 among the keys shared with the first terminal is used, and if the first shared key is used, the signing process is terminated; and authenticating the first authentication information if the first shared key is not used.
In a possible implementation manner of the embodiment of the present application, an implementation manner of authenticating first authentication information is provided, and specifically, fourth authentication information is generated by a first trusted center, where the fourth authentication information is authentication information of received first identity information and received signature data generated by the first trusted center using a first shared key; if the fourth authentication information is consistent with the first authentication information, the first authentication information passes the authentication; and if the first authentication information is not consistent, the first authentication information fails to be authenticated.
During specific implementation, the first trusted center calculates first identity authentication information and a hash operation message authentication code (HMAC ') of signature data by using a first shared key, namely fourth authentication information, then compares the HMAC ' with the HMAC generated by the first terminal, and if the HMAC ' is consistent with the HMAC generated by the first terminal, the first authentication information passes authentication; if the two are not consistent, the first authentication information fails to pass authentication.
When the first authentication information passes the authentication, the first trusted center calculates a Hash operation message authentication code of the first terminal identity and the signature data by using an unused local signature key in the signature key library, then performs connection operation on the identity of the first trusted center, the sequence number of the local signature key and the Hash operation message authentication code, and takes the connected value as a digital signature DS of the signature data; the first trusted center then uses a second shared key K shared with the second trusted center 2 Calculating a hash operation message authentication code HMAC (A, B, P, DS; K) for the first terminal identity A, the second terminal identity B, the signature data P and the digital signature DS 2 ) Then, willK 2 Serial number of (CTR) 2 A, B, P, DS and HMAC (A, B, P, DS; K) 2 ) And sending the information to the second trusted center.
S203: and the second trusted center respectively authenticates the second authentication information sent by the first trusted center by using the second shared key corresponding to each first trusted center, and if the second authentication information passes authentication, the signature data, each digital signature and the third authentication information are sent to the second terminal.
In this embodiment, when the second trusted center receives information sent by a plurality of first trusted centers, the second authentication information sent by each first trusted center is authenticated, specifically, the second trusted center authenticates the second authentication information sent by the first trusted center using a second shared key corresponding to each first trusted center, and if the authentication is passed, the second trusted center encrypts signature data and a digital signature using a third shared key shared with the second terminal. Generating third authentication information, and then sending the signature data, the digital signature and the third authentication information to the second terminal; if the authentication is not passed, the signature process is terminated.
In practical application, when the information sent by the first trusted center includes the serial number CTR of the second shared key 2 Then, the second trusted center may verify that the serial number in the key shared with the first trusted center is CTR 2 Is shared with the key K 2 Whether it has been used, if the second shared key has been used, the signing process is terminated; and if the second shared secret key is not used, authenticating the second authentication information.
In a possible implementation manner of the embodiment of the present application, an implementation manner of authenticating second authentication information is provided, and specifically, the second trusted center generates fifth authentication information corresponding to each first trusted center, where the fifth authentication information is received signature data generated by the second trusted center using a second shared key corresponding to the first trusted center and received authentication information of a digital signature of the first trusted center, and if the fifth authentication information corresponding to each first trusted center is the same as the second authentication information sent by the first trusted center, each second authentication information passes through; and if the second authentication information of any one first trusted center is not authenticated, terminating the signature process.
In particular implementation, the second trusted center utilizes a second shared secret key K 2 Calculating the Hash operation message authentication code HMAC' (A, B, P, DS; K) of the first terminal identity A, the second terminal identity B, the signature data P and the digital signature DS 2 ) I.e., fifth authentication information, and then transmits the HMAC' (A, B, P, DS; k 2 ) And HMAC (A, B, P, DS; k 2 ) Comparing, and if the two are consistent, the second authentication information passes; if the two are not consistent, the second authentication information fails to pass authentication.
When the second authentication information passes the authentication, the second trusted center uses a third shared secret key K shared with the second terminal 3 Calculating a hash operation message authentication code HMAC (A, P, DS; K) of the first terminal identity A, the signature data P and the digital signature DS 3 ) Then, K is added 3 Serial numbers CTR3, A, P, DS and HMAC (A, P, DS; K) 3 ) And sending the information to the second terminal.
S204: and the second terminal authenticates the third authentication information by using the third shared secret key, if the third authentication information passes the authentication, the signature data and each digital signature are reserved, and each digital signature is used as the digital signature of the signature data.
In this embodiment, when receiving information sent by a second trusted center, a second terminal authenticates third authentication information in the information, specifically, the second terminal authenticates the third authentication information using a third shared key, if the authentication passes, the signature data and each digital signature are retained, and each digital signature is used as a digital signature of the signature data; if the authentication is not passed, the signature process is terminated.
In practical application, when the information sent by the second trusted center includes the serial number CTR of the third shared key 3 Then, the second terminal may verify that the serial number in the key shared with the second trusted center is CTR 3 Is shared with the public keyIf the third shared key is used, judging that the received digital signature is invalid, and terminating the signature process; and authenticating the third authentication information if the third shared key is not used.
In a possible implementation manner of the embodiment of the present application, an implementation manner of authenticating third authentication information is provided, and specifically, the second terminal generates sixth authentication information, where the sixth authentication information is received signature data generated by using a third shared key and authentication information of each received digital signature, and if the sixth authentication information is consistent with the third authentication information, the third authentication information passes authentication; and if the sixth authentication information is inconsistent with the third authentication information, the third authentication information fails to be authenticated.
In particular implementation, the second terminal utilizes a third shared secret key K 3 Calculating the Hash operation message authentication code HMAC' (A, P, DS; K) of the first terminal identity A, the signature data P and the digital signature DS 3 ) I.e., sixth authentication information, and then transmits the HMAC' (A, P, DS; k is 3 ) And HMAC (A, P, DS; k 3 ) Comparing, and if the two are consistent, the third authentication information passes; and if the two are not consistent, the third authentication information fails to pass authentication.
In this embodiment, after the third authentication information passes the authentication, the second terminal reserves the received signature data and the digital signature, and uses all the digital signatures as the digital signature of the signature data, thereby implementing generation of the digital signature of the signature data.
With the present embodiment, for a sender of signature data, that is, a first terminal and a receiver of the signature data, that is, a second terminal, respectively communicating with different trust centers, when digital signature of the signature data is required, the first terminal sends a signature request corresponding to the first trust center to a first trust center corresponding to the first terminal, and then the first trust center authenticates first authentication information using a first shared key shared with the first terminal, when the authentication is passed, a digital signature of the signature data is generated using a local signature key, and the signature data, the digital signature and second authentication information are sent to a second trust center, and when the authentication is passed, the second trust center authenticates second authentication information using a second shared key shared with the first trust center, and when the authentication is passed, the signature data, the digital signature and third authentication information are sent to the second terminal, and finally, the second terminal authenticates the third authentication information by using a third secret key shared with the second trusted center, and when the authentication is passed, the digital signature is used as the digital signature of the signature data. In addition, when the first terminal corresponds to a plurality of first trusted centers, the first terminal sends a signature request corresponding to each first trusted center, and meanwhile, the second trusted center needs to authenticate second authentication information sent by each first trusted center.
Third, digital signature verification
In practical application, in order to prevent the digital signature from being maliciously tampered in the information transmission process, the digital signature can be verified, and the anti-repudiation performance of the digital signature and the identification of counterfeit digital signatures are realized. Based on this, the embodiments of the present application provide a method for verifying a digital signature, which will be described below with reference to the accompanying drawings.
Referring to fig. 3, which is a signaling interaction diagram of a method for verifying a digital signature provided in an embodiment of the present application, as shown in fig. 3, the method may include:
s301: and the third terminal respectively sends the signature data and each digital signature to the first credible center generating the digital signature.
In this embodiment, when the second terminal determines the digital signature of the signature data, the signature data and each digital signature may be sent to the third terminal, the third terminal sends the signature data and each digital signature to the first trusted center that generates the digital signature, or the second terminal directly sends the signature data and each digital signature to the first trusted center that generates the digital signature. That is, the third terminal may be the second terminal or another terminal.
In practical application, when the first terminal corresponds to a plurality of first trust centers, each first trust center signs the signature data to generate a digital signature of the signature data, and the generated digital signatures are different because local signature keys used by each first trust center in generating the digital signatures are different, so that when the digital signatures are verified, the third terminal sends the digital signatures to the first trust center generating the digital signatures, and the first trust center verifies the digital signatures.
S302: and the first credible center which receives the digital signature verifies the digital signature according to the signature data and the received digital signature, and sends a verification result to the third terminal.
In this embodiment, the first trusted center verifies the digital signature according to the received signature data and the digital signature, and sends a verification result to the third terminal.
In specific implementation, the first trusted center may verify the digital signature in two ways, one is that the first trusted center searches for a digital signature corresponding to the signature data from a database according to the received signature data, and then compares whether the searched digital signature is consistent with the digital signature sent by the third terminal, and if so, the verification is passed; if the two are not consistent, the verification fails. The first trusted center searches a local signature key used when the digital signature is generated according to the signature data, then generates a new digital signature by using the local signature key, then compares whether the new digital signature is consistent with the digital signature sent by the third terminal, and if so, the verification is passed; if the two are not consistent, the verification fails.
And after the first trusted center verifies the digital signature in any one of the modes, sending a verification result to the third terminal.
S303: and if the third terminal receives the verification result that each digital signature passes the verification, the third terminal determines that the digital signature of the signature data is correct.
In this embodiment, when the verification result of each digital signature is that the digital signature passes verification, it indicates that the digital signature is not tampered, and the third terminal determines that the digital signature of the signature data is correct; and if the verification result of the digital signature is that the verification is not passed, determining that the digital signature of the signature data is invalid.
In practical application, the verification of the digital signature can be divided into two different verification modes, one is real-time verification, and the other is non-real-time verification, wherein the real-time verification means that when the second terminal receives signature data and the digital signature, a verification request is immediately initiated for the digital signature, and if the second terminal finally determines that the digital signature is invalid, the second terminal can request the first terminal to send the signature again; the non-real-time verification means that other terminals initiate digital signature verification requests, or the second terminal does not initiate the verification requests on the digital signatures in time. If the verification result is inconsistent during non-real-time verification, the third terminal disagrees the signature verification result, arbitration can be applied to the arbitration server, and the arbitration server determines the correctness of the digital signature. Specifically, the third terminal is further configured to send the signature data and the digital signature that fails to pass the verification to the mediation server if a verification result that each of the digital signatures fails to pass the verification is received; and the arbitration server is used for judging whether the local signature key in the first credible center corresponding to the digital signature which fails to pass the verification is changed or not, and if not, sending a verification result that the digital signature which fails to pass the verification passes the verification to the third terminal.
In a specific implementation, the arbitration server may perform verification in a manner that, when a third terminal disagrees with a signature verification result, the third terminal sends the signature data, the digital signature thereof, and an identifier of a first trusted center for which the digital signature verification fails to be performed to the arbitration server; and the arbitration server requests the signing key distribution server to judge whether the signing key used for the digital signature of the trusted center is changed or not according to the identification of the first trusted center. And the signature key distribution server sends the judgment result to the arbitration server. If the signature key is not changed, the arbitration server reuses the signature key to verify the digital signature, and sends the information whether the digital signature verification result is correct or not to the third terminal according to the verification result; otherwise, the third terminal is informed that the verification result of the original first credible center is correct.
If the third terminal disagrees with the signature verification result, the third terminal sends the signature data, the digital signature of the signature data and the identifier of a first trusted center with failed digital signature verification to the mediation server, the mediation server extracts and generates a signature key used by the first trusted center for the digital signature, then the signature key distribution server is requested to verify whether the signature key is tampered, and the signature key distribution server returns the verification result to the mediation server. If the signature key is not tampered, the arbitration server re-verifies the digital signature, and sends a confirmation message of whether the digital signature verification is correct or not to the third terminal according to a verification result; otherwise, the third terminal is informed that the verification result of the original first credible center is correct.
The arbitration server requests the signature key distribution server to call key data which is used for the current signature and corresponds to the local signature key of the first trusted center and corresponds to the digital signature which fails to be verified, the signature key distribution server recovers the key data by using erasure code technology to obtain metadata corresponding to the key data, then whether the hash code of the metadata is consistent with the hash code stored by the signature key distribution server is verified, if so, the metadata is used for generating the key data, and whether the local signature key used for verifying the digital signature is changed by using the key data, so that the signature key can be prevented from being leaked, and fake signatures can be prevented from being generated due to leakage.
It can be seen that, by means of the arbitration server, the result of the digital signature verification can be arbitrated by using the erasure code technology, so that the attack of repudiation of the signature by an attacker through the first trusted center of which the control part participates in the signature is prevented to a certain extent, and the attack of counterfeiting the signature by the signature verifier through stealing the signature key of the first trusted center of which the control part participates in the signature is also prevented.
As can be seen from the foregoing embodiments, the signing key distribution server may generate the signing key data by using an erasure code technique, and may verify the signing key data by using the erasure code technique. In order to understand the application of erasure coding technique in the present invention, the following will describe in detail how to generate signature key data using erasure coding technique and verify whether the signature key data is altered.
In the above embodiment, it is proposed that the signing key distribution server uses erasure coding technology when generating signing key data, and this embodiment will be described with reference to a specific application scenario.
Reed-Solomon codes (RS), also called RS codes, are multi-system codes with strong forward error correction capability, and can correct not only burst errors but also random errors. An (m, n) erasure code can be expressed as: y-x G, where x-x (x1, x2, …, xm) is a metadata packet vector, y-y (y1, y2, …, ym) is an encoded packet, and G m*n A generator matrix for the linear erasure code.
Van der mon codes are a class of RS-type erasure codes, whose corresponding van der mon matrix is:
the sub-square matrix G' formed by any k columns of G is non-singular, so that the obtained matrix meets the characteristics of an erasure code generating matrix.
Because the requirements on the erasure code dimension and the operation speed are not high in the embodiment, the van der waals code with high decoding reliability can be selected for signature key data processing and data erasure code recovery.
In this embodiment, assuming that the number of first trust centers for digital signature service is N, the dimension of the encoded data is selected to be N, N < N is satisfied, and the dimension m of the metadata satisfies: n > m ≧ N/2], such as N ═ 7, N ═ 5, and m ≧ 3 can be selected.
The signing key distribution server uses an erasure code technology to carry out a key distribution process, as shown in fig. 4, the signing key distribution server firstly uses a true random number generator to generate m component data, the data quantity of each group is equal, hash codes of the m component data are calculated, then N dimensional coding data are generated by using van der waals matrix coding of m rows and N columns, a unique coding number is given to the coding data generated this time, N first credible centers with less signing key data in N first credible centers are selected, the generated N dimensional coding data are distributed to the N first credible centers as the signing key data, each dimension coding data is sent to one of the first credible centers, each first credible center records the coding number to which the signing key data distributed this time belongs, the distributed coding data are deleted after the signing key distribution server finishes the distribution, and recording the coding number of the signature key data distributed this time, the mark number of the first trust center for obtaining the signature key data and the hash code of the m-group metadata.
Fourth, scene embodiment
In order to facilitate understanding of specific implementation of the embodiment of the present application, two first trust centers are taken as an example for description, in this embodiment, the first terminal is Alice, the second terminal is Bob, Alice registers with the two first trust centers CA, Bob registers with one second trust center, when the following embodiments are performed, Alice and Bob have both registered with the corresponding CA and obtain shared key data of the corresponding CA, the shared key data is divided and numbered according to a key length required by predetermined one-time encryption, and signature-related data is encrypted in a one-time pad manner in a digital signature process.
In addition, it should be noted that, in this embodiment, the HMAC-MD5 algorithm is used as a digital signature algorithm to calculate a hash operation message authentication code related to a key of signature data, a hash value output by the HMAC-MD5 algorithm is 128 bits, and a key length smaller than 128 bits reduces the security strength of the algorithm, and a value larger than this value does not have a great effect on improvement of the security strength.
It is understood that other algorithms may be used as the digital signature algorithm in practical applications, and the embodiment is not limited herein.
Referring to fig. 5, which is a signaling interaction diagram of a digital signature method provided in an embodiment of the present application, as shown in fig. 5, the CA registered by Alice is CA1 and CA2, and the CA registered by Bob is CA3, which may include:
s501: alice uses an unused shared secret K in shared secret data with CA1 A1 Calculating the ID of ID B, CA3 of Alice's ID A, Bob CA3 And a key dependent hash of the signature data P message authentication code HMAC (A, B, ID) CA3 、P;K A1 ) Then share the secret key K A1 Serial number of (CTR) A1 、A、B、ID CA3 P and HMAC (A, B, ID) CA3 、P;K A1 ) To CA 1.
S502: alice uses an unused shared secret K in shared secret data with CA2 A2 Calculating the ID of the ID B, CA3 of Alice's ID A, Bob CA3 And a key dependent hash of the signature data P message authentication code HMAC (A, B, ID) CA3 、P;K A2 ) Then share the secret key K A2 Sequence number CTR of A2 、A、B、ID CA3 P and HMAC (A, B, ID) CA3 、P;K A2 ) To CA 2.
S503: reception of CTR by CA1 A1 、A、B、ID CA3 P and HMAC (A, B, ID) CA3 、P;K A1 ) Firstly, verifying that the serial number of the shared secret key data of Alice is CTR A1 If the shared secret key is used, the signature process is terminated; otherwise, CA1 reads sequence number CTR A1 Corresponding shared secret key K A1 Using K A1 Verify HMAC (A, B, ID) CA3 、P;K A1 ) If not, terminating the authentication process; otherwise, the serial number is CTR A1 Is shared secret key K A1 Marking as used and using unused signing key K in signing keystore CA1 Computing a Hash operation message authentication code HMAC (A, P; K) for A and P CA1 ) Then of CA1Identity ID CA1 、K CA1 Serial number of (CTR) CA1 And HMAC (A, P; K) CA1 ) Performing connection operation to obtain connection value ID CA1 ||CTR CA1 ||HMAC(A、P;K CA1 ) The concatenated value is used as the digital signature DS1 of the signature data P, i.e., DS1 ═ ID CA1 ||CTR CA1 ||HMAC(A、P;K CA1 ) (ii) a CA1 uses an unused shared key K in shared key data with CA3 1 Computing A, B, P a hash operation message authentication code HMAC (A, B, DS1, P; K) associated with a key of DS1 1 ) (ii) a Will K 1 Sequence number CTR of 1 A, B, P, DS1 and HMAC (A, B, DS1, P; K) 1 ) To CA 3.
S504: reception of CTR by CA2 A2 、A、B、ID CA3 P and HMAC (A, B, ID) CA3 、P;K A2 ) Firstly, verifying that the serial number of the shared secret key data of Alice is CTR A2 If the shared secret key is used, the signature process is terminated; otherwise, CA2 reads sequence number CTR A2 Corresponding shared secret key K A2 Using K A2 Verifying HMAC (A, B, ID) CA3 、P;K A2 ) If not, terminating the authentication process; otherwise, the serial number is CTR A2 Is shared with the key K A2 Marking as used and using unused signing key K in signing keystore CA2 Computing a Hash operation message authentication code HMAC (A, P; K) for A and P CA2 ) Then identify ID of CA2 CA2 、K CA2 Serial number of (CTR) CA2 And HMAC (A, P; K) CA2 ) Performing connection operation to obtain connection value ID CA2 ||CTR CA2 ||HMAC(A、P;K CA2 ) The concatenated value is used as the digital signature DS2 of the signature data P, i.e., DS2 ═ ID CA2 ||CTR CA2 ||HMAC(A、P;K CA2 ) (ii) a CA2 uses an unused shared key K in shared key data with CA3 2 Computing A, B, P a hash operation message authentication code HMAC (A, B, DS2, P; K) associated with a key of DS2 2 ) (ii) a Will K 2 Serial number of (CTR) 2 A, B, P, DS2 and HMAC (A, B, DS2, P; K) 2 ) To CA 3.
S505: CA3 receives CTR transmitted by CA1 1 A, B, P, DS1 and HMAC (A, B, DS1, P; K) 1 ) CTR transmitted by CA2 2 A, B, P, DS2 and HMAC (A, B, DS2, P; K) 2 ) CA3 uses K respectively 1 And K 2 Verifying the validity of the data, and if any group of data fails to be verified, terminating the signature process and failing to sign; if both sets of data are legal, then CA3 uses the unused K with Bob B Key-dependent hash operation message authentication code HMAC (A, P, DS1| | | DS 2; K) to compute A, P, DS1| | DS2 B ) Then share the secret key K B Serial number of (CTR) B A, P, DS1 DS2 and HMAC (A, P, DS1 DS 2; K) B ) Sent to Bob.
S506: reception of CTR by Bob B A, P, DS1 DS2 and HMAC (A, P, DS1 DS 2; K) B ) First, it is judged that the serial number of the key data shared with CA3 is CTR B If the shared key is used, the received digital signature is invalid; otherwise, the serial number of use is CTR B Is shared with the key K B Verification of HMAC (A, P, DS1| | | DS 2; K B ) If correct, then the received digital signature DS1| | | DS2 is determined to be valid, and the secret key K will be shared B Marking as used; otherwise the received digital signature DS1| | | DS2 is invalid.
It should be noted that this embodiment is described only as an exemplary embodiment, and in practical applications, more first trust centers may be used to perform signature simultaneously to improve the security of the signature.
For further explanation of the implementation of the embodiment of the present application, the operations performed by the first trusted center and the second trusted center are separately described below with reference to the drawings.
Referring to fig. 6, which is a flowchart of a method for implementing digital signature by a first trust center according to an embodiment of the present application, as shown in fig. 6, the method may include:
s601: and receiving a signature request sent by the first terminal.
In this embodiment, the signature request includes first identity information, signature data, and first authentication information, where the first authentication information is authentication information of the first identity information and the signature data generated using a first shared key shared with the first trusted center.
S602: and authenticating the first authentication information by using the first shared key, and if the first authentication information passes the authentication, generating a digital signature of the signature data by using the local signature key.
In this embodiment, authenticating the first authentication information using the first shared key includes: and generating fourth authentication information, wherein the fourth authentication information is the authentication information of the received first identity information and the received signature data generated by using the first shared key, and if the fourth authentication information is consistent with the first authentication information, the first authentication information passes authentication.
In addition, the local signing key in the first trusted center is obtained from signing key data sent by a signing key distribution server, and the signing key distribution server is used for generating original key data, processing the original key data by adopting an erasure code technology, generating signing key data, and distributing the signing key data to each first trusted center. In a specific implementation, the signing key distribution server is further configured to recover the signing key data in the first trusted center.
S603: and sending the signature data, the digital signature and the second authentication information to a second trusted center.
In this embodiment, the first trust center sends the signature data, the digital signature and the second authentication information to the second trust center, so that the second trust center authenticates the second authentication information by using a second shared key corresponding to the first trust center, and if the second authentication information sent by each first trust center passes the authentication, the signature data, each digital signature sent by each first trust center, and the third authentication information are sent to the second terminal; the second authentication information is signature data and digital signature authentication information generated by the first trusted center by using a second shared key shared with the second trusted center; the third authentication information is signature data generated by the second trusted center by using a third shared key shared with the second terminal and authentication information of each digital signature; and the second terminal is used for authenticating the third authentication information by using the third shared secret key, if the third authentication information passes the authentication, the signature data and each digital signature are reserved, and each digital signature is used as the digital signature of the signature data.
The second trusted center authenticates the second authentication information by using the second shared key corresponding to the first trusted center, and the method includes: and the second trusted center respectively generates fifth authentication information corresponding to each first trusted center, the fifth authentication information is received signature data generated by using a second shared key corresponding to the first trusted center and received authentication information digitally signed by the first trusted center, and if the fifth authentication information corresponding to each first trusted center is the same as the second authentication information sent by the first trusted center, each second authentication information passes authentication.
The second terminal authenticates the third authentication information by using the third shared key, and the authentication method comprises the following steps: and the second terminal generates sixth authentication information, wherein the sixth authentication information is the received signature data generated by using the third shared key and the authentication information of each received digital signature, and if the sixth authentication information is consistent with the third authentication information, the third authentication information passes authentication.
In a possible implementation manner of the present application, the first trust center may further receive signature data and a digital signature sent by the third terminal, verify the digital signature according to the signature data and the digital signature, and send a verification result to the third terminal, so that if the third terminal receives a verification result that the digital signatures corresponding to the first trust centers all pass the verification, it is determined that the digital signature of the signature data is correct.
In a possible implementation manner of the present application, the third terminal is further configured to send the signature data and the digital signature that fails to pass the verification to the mediation server if a verification result that each digital signature fails to pass the verification is received.
And the arbitration server is used for judging whether the local signature key in the first credible center corresponding to the digital signature which fails to pass the verification is changed or not, and if not, sending a verification result that the digital signature which fails to pass the verification to the third terminal.
With the present embodiment, for a sender of signature data, that is, a first terminal and a receiver of the signature data, that is, a second terminal, respectively communicating with different trust centers, when digital signature of the signature data is required, the first terminal sends a signature request corresponding to the first trust center to a first trust center corresponding to the first terminal, and then the first trust center authenticates first authentication information using a first shared key shared with the first terminal, when the authentication is passed, a digital signature of the signature data is generated using a local signature key, and the signature data, the digital signature and second authentication information are sent to a second trust center, and when the authentication is passed, the second trust center authenticates second authentication information using a second shared key shared with the first trust center, and when the authentication is passed, the signature data, the digital signature and third authentication information are sent to the second terminal, and finally, the second terminal authenticates the third authentication information by using a third secret key shared with the second trusted center, and when the authentication is passed, the digital signature is used as the digital signature of the signature data. In addition, when the first terminal corresponds to a plurality of first trusted centers, the first terminal sends a signature request corresponding to each first trusted center, and meanwhile, the second trusted center needs to authenticate second authentication information sent by each first trusted center.
Referring to fig. 7, the steps executed by the second trust center to perform digital signature provided in the embodiment of the present application may specifically include:
s701: and receiving the signature data, the digital signature and the second authentication information sent by each first trusted center.
In this embodiment, the first trusted center is configured to receive a signature request sent by a first terminal, where the signature request includes first identity information, signature data, and first authentication information, and the first authentication information is authentication information of the signature data and first identity information generated by the first terminal using a first shared key shared by the first trusted center; authenticating the first authentication information by using the first shared key, and if the first authentication information passes the authentication, generating a digital signature of the signature data by using the local signature key; and sending the signature data, the digital signature and second authentication information to a second trusted center, wherein the second authentication information is the signature data generated by the first trusted center by using a second shared key shared with the second trusted center and the authentication information of the digital signature.
The local signing key in the first trusted center is obtained from signing key data sent by a signing key distribution server, the signing key distribution server is used for generating original key data, the original key data are processed by adopting an erasure code technology to generate signing key data, and the signing key data are distributed to each first trusted center.
In particular implementations, the signing key distribution server is further configured to recover signing key data in the first trusted center.
S702: and respectively using the second shared key corresponding to each first trusted center to authenticate the second authentication information sent by the first trusted center.
In this embodiment, the authenticating, by the second trusted center, the second authentication information sent by the first trusted center by using the second shared key corresponding to each first trusted center respectively includes: and respectively generating fifth authentication information corresponding to each first trusted center, wherein the fifth authentication information is received signature data generated by using a second shared key corresponding to the first trusted center and received authentication information of a digital signature of the first trusted center, and if the fifth authentication information corresponding to each first trusted center is the same as the second authentication information sent by the first trusted center, each second authentication information passes authentication.
S703: and if the second authentication information passes the authentication, the signature data, the digital signatures and the third authentication information are sent to the second terminal.
In this embodiment, the second trusted center sends the signature data, each digital signature, and the third authentication information to the second terminal, so that the second terminal authenticates the third authentication information using the third shared key, if the third authentication information passes the authentication, the signature data and each digital signature are retained, and each digital signature is used as the digital signature of the signature data; the third authentication information is signature data generated using a third shared key shared with the second terminal and authentication information of each digital signature.
By the embodiment, for a sender of the signature data, namely a first terminal and a receiver of the signature data, namely a second terminal, respectively communicating with different trust centers, when the signature data needs to be digitally signed, the first terminal sends a signature request corresponding to the first trust center to a first trust center corresponding to the first terminal, the first trust center authenticates first authentication information by using a first shared key shared with the first terminal, when the authentication passes, a digital signature of the signature data is generated by using a local signature key, the signature data, the digital signature and second authentication information are sent to a second trust center, the second trust center authenticates second authentication information by using a second shared key shared with the first trust center, and when the authentication passes, the signature data, the digital signature and third authentication information are sent to the second terminal, and finally, the second terminal authenticates the third authentication information by using a third secret key shared with the second trusted center, and when the authentication is passed, the digital signature is used as the digital signature of the signature data. In addition, when the first terminal corresponds to a plurality of first trusted centers, the first terminal sends a signature request corresponding to each first trusted center, and meanwhile, the second trusted center needs to authenticate second authentication information sent by each first trusted center.
Based on the above method embodiments, the present application provides a system for digital signature, which will be described below with reference to the accompanying drawings.
Referring to fig. 8, which is a block diagram of a digital signature system according to an embodiment of the present application, as shown in fig. 8, the system includes: a first terminal 801, a first trusted center 802, a second trusted center 803, and a second terminal 804;
a first terminal 801, configured to send, to a first trust center 802, a signature request corresponding to the first trust center 802, where the signature request includes first identity information, signature data, and first authentication information, and the first authentication information is authentication information of the first identity information and the signature data generated using a first shared key shared by the first trust center 802; the number of the first trusted centers 802 is at least one;
the first trusted center 802 is configured to authenticate the first authentication information using the first shared key, and if the first authentication information passes authentication, generate a digital signature of the signature data using a local signature key, and send the signature data, the digital signature, and second authentication information to the second trusted center 803, where the second authentication information is the signature data and the authentication information of the digital signature generated using a second shared key shared by the second trusted center 803;
the second trusted centers 803 are configured to authenticate the second authentication information sent by each first trusted center 802 by using a second shared key corresponding to each first trusted center 802, and if each second authentication information passes authentication, send the signature data, each digital signature, and third authentication information to the second terminal 804, where the third authentication information is the signature data and each digital signature authentication information generated by using a third shared key shared with the second terminal 804;
the second terminal 804 is configured to authenticate the third authentication information by using the third shared key, and if the third authentication information passes the authentication, retain the signature data and each digital signature, and use each digital signature as a digital signature of the signature data.
In a possible implementation manner, the first trust center is specifically configured to: generating fourth authentication information, wherein the fourth authentication information is authentication information of the received first identity information and the received signature data generated by using the first shared key, and if the fourth authentication information is consistent with the first authentication information, the first authentication information passes authentication;
the second trusted centers are specifically configured to generate fifth authentication information corresponding to each first trusted center, where the fifth authentication information is received signature data generated by using a second shared key corresponding to the first trusted center and received authentication information of a digital signature of the first trusted center, and if the fifth authentication information corresponding to each first trusted center is the same as the second authentication information sent by the first trusted center, each second authentication information passes authentication;
the second terminal is specifically configured to generate sixth authentication information, where the sixth authentication information is received signature data generated using the third shared key and received authentication information of each digital signature, and if the sixth authentication information is consistent with the third authentication information, the third authentication information passes authentication.
In one possible implementation, the system further includes:
the signature key distribution server is used for generating original key data, processing the original key data by adopting an erasure code technology to generate signature key data, and distributing the signature key data to each first trusted center; the local signing key in the first trusted center is obtained from signing key data sent by the signing key distribution server.
In a possible implementation manner, the signing key distribution server is further configured to recover signing key data in the first trusted center.
In one possible implementation, the system further includes:
the third terminal is used for respectively sending the signature data and each digital signature to a first credible center generating the digital signature;
the first credible center which receives the digital signature verifies the digital signature according to the signature data and the received digital signature, and sends a verification result to the third terminal;
and the third terminal is further configured to determine that the digital signature of the signature data is correct if a verification result that each digital signature passes verification is received.
In a possible implementation manner, the third terminal is further configured to send the signature data and the digital signature for which the verification fails to pass to the mediation server if a verification result that each of the digital signatures fails to pass the verification is received;
the arbitration server is configured to determine whether a local signature key in the first trusted center corresponding to the digital signature that fails to pass the verification is changed, and if not, send a verification result that the digital signature that fails to pass the verification passes the verification to the third terminal.
It should be noted that, for implementation of each device in this embodiment, reference may be made to the foregoing method embodiment, and this embodiment is not described herein again.
Based on the foregoing method embodiment, an embodiment of the present application further provides a digital signature apparatus, see fig. 9, which is a structural diagram of the digital signature apparatus provided in the embodiment of the present application, where the apparatus is applied to a first trust center, and the apparatus includes:
a first receiving unit 901, configured to receive a signature request sent by a first terminal, where the signature request includes first identity information, signature data, and first authentication information, and the first authentication information is authentication information of the first identity information and the signature data generated using a first shared key shared with the first trusted center;
a first authentication unit 902, configured to authenticate the first authentication information using the first shared key;
a first generating unit 903, configured to generate a digital signature of the signature data by using a local signing key if the authentication result of the first authentication unit is authentication pass;
a first sending unit 904, configured to send the signature data, the digital signature, and the second authentication information to a second trusted center, so that the second trusted center authenticates the second authentication information using a second shared key corresponding to the first trusted center, and if the second authentication information sent by each first trusted center passes authentication, send the signature data, each digital signature sent by each first trusted center, and third authentication information to a second terminal; the second authentication information is the signature data and the digitally signed authentication information generated by the first trusted center by using a second shared key shared by the second trusted center; the third authentication information is the signature data generated by the second trusted center by using a third shared key shared with the second terminal and the authentication information of each digital signature; and the second terminal is used for authenticating the third authentication information by using the third shared key, if the third authentication information passes the authentication, the signature data and the digital signatures are reserved, and the digital signatures are used as the digital signatures of the signature data.
In a possible implementation manner, the first authentication unit is specifically configured to generate fourth authentication information, where the fourth authentication information is authentication information of the received first identity information and the received signature data generated by using the first shared key, and if the fourth authentication information is consistent with the first authentication information, the first authentication information passes authentication.
In a possible implementation manner, the local signing key in the first trusted center is obtained from signing key data sent by a signing key distribution server, and the signing key distribution server is configured to generate original key data, process the original key data by using an erasure code technique, generate signing key data, and distribute the signing key data to each of the first trusted centers.
In a possible implementation manner, the signing key distribution server is further configured to recover signing key data in the first trusted center.
In one possible implementation, the apparatus further includes:
and the second receiving unit is used for receiving the signature data and the digital signature sent by a third terminal, verifying the digital signature according to the signature data and the digital signature, and sending a verification result to the third terminal, so that if the third terminal receives the verification result that the digital signature corresponding to each first credible center passes the verification, the third terminal determines that the digital signature of the signature data is correct.
In a possible implementation manner, the third terminal is further configured to send the signature data and the digital signature for which the verification fails to pass to the mediation server if a verification result that each of the digital signatures fails to pass the verification is received;
the arbitration server is configured to determine whether a local signature key in the first trusted center corresponding to the digital signature that fails to pass the verification is changed, and if not, send a verification result that the digital signature that fails to pass the verification passes the verification to the third terminal.
It should be noted that, the implementation of each unit in this embodiment may refer to the above embodiments, and this embodiment is not described herein again.
In addition, another digital signature apparatus is further provided in this embodiment of the present application, referring to fig. 10, which is a structural diagram of another digital signature apparatus provided in this embodiment of the present application, and the apparatus is applied to a second trust center, and the apparatus includes:
a third receiving unit 1001, configured to receive signature data, a digital signature, and second authentication information sent by each first trust center; the first trusted center is configured to receive a signature request sent by a first terminal, where the signature request includes first identity information, signature data, and first authentication information, and the first authentication information is authentication information of the first identity information and the signature data generated by the first terminal using a first shared key shared with the first trusted center; authenticating the first authentication information by using the first shared key, and if the first authentication information passes the authentication, generating a digital signature of the signature data by using a local signature key; sending the signature data, the digital signature and second authentication information to a second trusted center, wherein the second authentication information is the signature data and the authentication information of the digital signature generated by the first trusted center by using a second shared key shared with the second trusted center;
a second authentication unit 1002, configured to authenticate second authentication information sent by each first trusted center by using a second shared key corresponding to the first trusted center;
a second sending unit 1003, configured to send the signature data, each digital signature, and third authentication information to a second terminal if the authentication result of the second authentication unit is that each piece of second authentication information is authenticated, so that the second terminal authenticates the third authentication information using a third shared key, and if the third authentication information is authenticated, retain the signature data and each digital signature, and use each digital signature as a digital signature of the signature data; the third authentication information is the signature data generated using a third shared key shared with the second terminal and the authentication information of each of the digital signatures.
In a possible implementation manner, the second authentication unit is specifically configured to generate fifth authentication information corresponding to each first trust center, where the fifth authentication information is received signature data generated by using a second shared key corresponding to the first trust center and received authentication information of a digital signature of the first trust center, and if the fifth authentication information corresponding to each first trust center is the same as the second authentication information sent by the first trust center, each second authentication information passes authentication.
In a possible implementation manner, the local signing key in the first trusted center is obtained from signing key data sent by a signing key distribution server, and the signing key distribution server is configured to generate original key data, process the original key data by using an erasure code technique, generate signing key data, and distribute the signing key data to each of the first trusted centers.
In a possible implementation manner, the signing key distribution server is further configured to recover signing key data in the first trusted center.
As can be seen from the above embodiments, a first terminal sends a signature request corresponding to a first trusted center to the first trusted center, the first trusted center authenticates first authentication information in the signature request using a first shared key shared with the first terminal, when the authentication is passed, a local signature key is used to generate a digital signature of signature data, and the signature data, the digital signature and second authentication information are sent to a second trusted center, the second trusted center authenticates the second authentication information using a second shared key shared with each first trusted center, if each second authentication information is authenticated, the signature data, each digital signature and third authentication information are sent to a second terminal, and the second terminal authenticates the third authentication information using a third shared key shared with the second trusted center, if the third authentication information is authenticated, the digital signatures are used as digital signatures of signature data, and therefore the digital signature method provided by the embodiment of the application is based on multiple trusted centers, and multiple trusted centers perform information authentication, so that the dependence of the digital signatures on the security of a single trusted center is reduced, and the security of the digital signatures is improved.
It should be noted that, in the present specification, each embodiment is described in a progressive manner, and each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the system or the device disclosed by the embodiment, the description is simple because the system or the device corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description.
It should be understood that in the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" for describing an association relationship of associated objects, indicating that there may be three relationships, e.g., "a and/or B" may indicate: only A, only B and both A and B are present, wherein A and B may be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of single item(s) or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b and c may be single or plural.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (32)
1. A digital signature method, the method comprising:
a first terminal sends a signature request corresponding to a first trusted center to the first trusted center, wherein the signature request comprises first identity information, signature data and first authentication information, and the first authentication information is authentication information of the first identity information and the signature data generated by using a first shared key shared by the first trusted center; the number of the first trusted centers is at least one;
the first trusted center authenticates the first authentication information by using the first shared key, if the first authentication information passes the authentication, a local signing key is used for generating a digital signature of the signing data, and the signing data, the digital signature and second authentication information are sent to a second trusted center, wherein the second authentication information is the signing data generated by using a second shared key shared with the second trusted center and the authentication information of the digital signature;
the second trusted center respectively uses a second shared key corresponding to each first trusted center to authenticate second authentication information sent by the first trusted center, and if each second authentication information passes the authentication, the signature data, each digital signature and third authentication information are sent to a second terminal, wherein the third authentication information is the signature data and the authentication information of each digital signature generated by using a third shared key shared with the second terminal;
and the second terminal authenticates the third authentication information by using the third shared key, if the third authentication information passes the authentication, the signature data and the digital signatures are reserved, and the digital signatures are used as the digital signatures of the signature data.
2. The method of claim 1, wherein the first trusted center authenticates the first authentication information using the first shared key, comprising:
the first trusted center generates fourth authentication information, wherein the fourth authentication information is authentication information of the received first identity information and the received signature data generated by using the first shared key, and if the fourth authentication information is consistent with the first authentication information, the first authentication information passes authentication;
the second trusted center respectively uses the second shared key corresponding to each first trusted center to authenticate the second authentication information sent by the first trusted center, and the authentication method includes:
the second trusted centers respectively generate fifth authentication information corresponding to each first trusted center, the fifth authentication information is received signature data generated by using a second shared key corresponding to the first trusted center and received authentication information of a digital signature of the first trusted center, and if the fifth authentication information corresponding to each first trusted center is the same as the second authentication information sent by the first trusted center, each second authentication information passes authentication;
the second terminal authenticates the third authentication information by using the third shared key, including:
and the second terminal generates sixth authentication information, wherein the sixth authentication information is the received signature data generated by using the third shared secret key and the received authentication information of each digital signature, and if the sixth authentication information is consistent with the third authentication information, the third authentication information passes authentication.
3. The method of claim 1, further comprising:
the signature key distribution server generates original key data, processes the original key data by adopting an erasure code technology to generate signature key data, and distributes the signature key data to each first trusted center; the local signing key in the first trusted center is obtained from signing key data sent by the signing key distribution server.
4. The method of claim 3, further comprising:
and the signing key distribution server recovers the signing key data in the first trusted center.
5. The method of claim 1, further comprising:
the third terminal respectively sends the signature data and each digital signature to a first credible center generating the digital signature;
the first credible center which receives the digital signature verifies the digital signature according to the signature data and the received digital signature, and sends a verification result to the third terminal;
and if the third terminal receives a verification result that each digital signature passes the verification, determining that the digital signature of the signature data is correct.
6. The method of claim 5, further comprising:
if the third terminal receives a verification result that each digital signature fails to pass the verification, the third terminal sends the signature data and the digital signature failing to pass the verification to the arbitration server;
and the arbitration server judges whether a local signature key in the first trusted center corresponding to the digital signature which fails to pass the verification is changed or not, and if not, sends a verification result that the digital signature which fails to pass the verification passes the verification to the third terminal.
7. A digital signature method, applied to a first trust center, the method comprising:
receiving a signature request sent by a first terminal, wherein the signature request comprises first identity information, signature data and first authentication information, and the first authentication information is the first identity information and the signature data generated by using a first shared key shared by the first trusted center;
authenticating the first authentication information by using the first shared key, and if the first authentication information passes the authentication, generating a digital signature of the signature data by using a local signature key;
sending the signature data, the digital signature and second authentication information to a second trusted center so that the second trusted center authenticates the second authentication information by using a second shared key corresponding to the first trusted center, and if the second authentication information sent by each first trusted center passes authentication, sending the signature data, each digital signature sent by each first trusted center and third authentication information to a second terminal; the second authentication information is the signature data and the digitally signed authentication information generated by the first trusted center by using a second shared key shared by the second trusted center; the third authentication information is the signature data generated by the second trusted center by using a third shared key shared with the second terminal and the authentication information of each digital signature; and the second terminal is used for authenticating the third authentication information by using the third shared key, reserving the signature data and each digital signature if the third authentication information passes the authentication, and taking each digital signature as the digital signature of the signature data.
8. The method of claim 7, wherein the authenticating the first authentication information using the first shared key comprises:
and generating fourth authentication information, wherein the fourth authentication information is the authentication information of the received first identity information and the received signature data generated by using the first shared key, and if the fourth authentication information is consistent with the first authentication information, the first authentication information passes authentication.
9. The method according to claim 7, wherein the local signing key in the first trusted center is obtained from signing key data sent from a signing key distribution server, and the signing key distribution server is configured to generate original key data, process the original key data by using erasure coding technology to generate signing key data, and distribute the signing key data to each of the first trusted centers.
10. The method of claim 9, wherein the signing key distribution server is further configured to recover signing key data in the first trusted center.
11. The method of claim 7, further comprising:
receiving the signature data and the digital signature sent by a third terminal, verifying the digital signature according to the signature data and the digital signature, and sending a verification result to the third terminal, so that if the third terminal receives the verification result that the digital signature corresponding to each first trusted center passes the verification, the third terminal determines that the digital signature of the signature data is correct.
12. The method according to claim 11, wherein the third terminal is further configured to send the signature data and the digital signature with failed verification to the mediation server if a verification result that each of the digital signatures fails to be verified is received;
the arbitration server is configured to determine whether a local signature key in the first trusted center corresponding to the digital signature that fails to pass the verification is changed, and if not, send a verification result that the digital signature that fails to pass the verification passes the verification to the third terminal.
13. A digital signature method, applied to a second trust center, the method comprising:
receiving signature data, digital signatures and second authentication information sent by each first trusted center; the first trusted center is used for receiving a signature request sent by a first terminal, wherein the signature request comprises first identity information, signature data and first authentication information, and the first authentication information is the first identity information and the signature data generated by the first terminal by using a first shared key shared by the first trusted center; authenticating the first authentication information by using the first shared key, and if the first authentication information passes the authentication, generating a digital signature of the signature data by using a local signature key; sending the signature data, the digital signature and second authentication information to a second trusted center, wherein the second authentication information is the signature data and the authentication information of the digital signature generated by the first trusted center by using a second shared key shared with the second trusted center;
respectively using a second shared key corresponding to each first trusted center to authenticate second authentication information sent by the first trusted center;
if the second authentication information passes the authentication, the signature data, the digital signatures and the third authentication information are sent to a second terminal, so that the second terminal authenticates the third authentication information by using a third shared key, if the third authentication information passes the authentication, the signature data and the digital signatures are reserved, and the digital signatures are used as the digital signatures of the signature data; the third authentication information is the signature data generated using a third shared key shared with the second terminal and the authentication information of each of the digital signatures.
14. The method according to claim 13, wherein the authenticating the second authentication information sent by each first trust center by using the second shared key corresponding to the first trust center respectively comprises:
and respectively generating fifth authentication information corresponding to each first trusted center, wherein the fifth authentication information is received signature data generated by using a second shared key corresponding to the first trusted center and received authentication information of a digital signature of the first trusted center, and if the fifth authentication information corresponding to each first trusted center is the same as the second authentication information sent by the first trusted center, each second authentication information passes authentication.
15. The method according to claim 13, wherein the local signing key in the first trusted center is obtained from signing key data sent from a signing key distribution server, and the signing key distribution server is configured to generate original key data, process the original key data by using erasure coding technique to generate signing key data, and distribute the signing key data to each of the first trusted centers.
16. The method according to claim 15, wherein the signing key distribution server is further configured to recover signing key data in the first trusted center.
17. A digital signature system, the system comprising: the system comprises a first terminal, a first credible center, a second credible center and a second terminal;
the first terminal is used for sending a signature request corresponding to a first trusted center to the first trusted center, wherein the signature request comprises first identity information, signature data and first authentication information, and the first authentication information is the first identity information and the authentication information of the signature data generated by using a first shared key shared by the first trusted center; the number of the first trusted centers is at least one;
the first trusted center is configured to authenticate the first authentication information using the first shared key, generate a digital signature of the signature data using a local signature key if the first authentication information passes authentication, and send the signature data, the digital signature, and second authentication information to a second trusted center, where the second authentication information is the signature data and the authentication information of the digital signature generated using a second shared key shared with the second trusted center;
the second trust center is configured to authenticate second authentication information sent by the first trust center by using a second shared key corresponding to each first trust center, and send the signature data, each digital signature, and third authentication information to a second terminal if each second authentication information passes the authentication, where the third authentication information is the signature data and the authentication information of each digital signature generated by using a third shared key shared with the second terminal;
and the second terminal is used for authenticating the third authentication information by using the third shared key, reserving the signature data and each digital signature if the third authentication information passes the authentication, and taking each digital signature as the digital signature of the signature data.
18. The system according to claim 17, wherein the first trust center is specifically configured to: generating fourth authentication information, wherein the fourth authentication information is authentication information of the received first identity information and the received signature data generated by using the first shared key, and if the fourth authentication information is consistent with the first authentication information, the first authentication information passes authentication;
the second trusted centers are specifically configured to generate fifth authentication information corresponding to each first trusted center, where the fifth authentication information is received signature data generated by using a second shared key corresponding to the first trusted center and received authentication information of a digital signature of the first trusted center, and if the fifth authentication information corresponding to each first trusted center is the same as the second authentication information sent by the first trusted center, each second authentication information passes authentication;
the second terminal is specifically configured to generate sixth authentication information, where the sixth authentication information is received signature data generated using the third shared key and received authentication information of each digital signature, and if the sixth authentication information is identical to the third authentication information, the third authentication information passes authentication.
19. The system of claim 17, further comprising:
the signature key distribution server is used for generating original key data, processing the original key data by adopting an erasure code technology to generate signature key data, and distributing the signature key data to each first trusted center; the local signing key in the first trusted center is obtained from signing key data sent by the signing key distribution server.
20. The system according to claim 19, wherein the signing key distribution server is further configured to recover signing key data in the first trusted center.
21. The system of claim 17, further comprising:
the third terminal is used for respectively sending the signature data and each digital signature to a first credible center generating the digital signature;
the first credible center which receives the digital signature verifies the digital signature according to the signature data and the received digital signature, and sends a verification result to the third terminal;
and the third terminal is further configured to determine that the digital signature of the signature data is correct if a verification result that each digital signature passes verification is received.
22. The system according to claim 21, wherein the third terminal is further configured to send the signature data and the digital signature that fails to pass the verification to the mediation server if a verification result that each of the digital signatures fails to pass the verification is received;
the arbitration server is configured to determine whether a local signature key in the first trusted center corresponding to the digital signature that fails to pass the verification is changed, and if the local signature key is not changed, send a verification result that the digital signature that fails the verification passes the verification to the third terminal.
23. A digital signature apparatus, wherein the apparatus is applied to a first trust center, the apparatus comprising:
a first receiving unit, configured to receive a signature request sent by a first terminal, where the signature request includes first identity information, signature data, and first authentication information, and the first authentication information is authentication information of the first identity information and the signature data that is generated using a first shared key shared by the first trust center;
a first authentication unit configured to authenticate the first authentication information using the first shared key;
a first generation unit configured to generate a digital signature of the signature data using a local signing key if the authentication result of the first authentication unit is authentication pass;
the first sending unit is configured to send the signature data, the digital signature, and the second authentication information to a second trusted center, so that the second trusted center authenticates the second authentication information using a second shared key corresponding to the first trusted center, and if the second authentication information sent by each first trusted center passes authentication, send the signature data, each digital signature sent by each first trusted center, and third authentication information to a second terminal; the second authentication information is the signature data and the authentication information of the digital signature generated by the first trusted center by using a second shared key shared with the second trusted center; the third authentication information is the signature data generated by the second trusted center by using a third shared key shared with the second terminal and the authentication information of each digital signature; and the second terminal is used for authenticating the third authentication information by using the third shared key, if the third authentication information passes the authentication, the signature data and the digital signatures are reserved, and the digital signatures are used as the digital signatures of the signature data.
24. The apparatus according to claim 23, wherein the first authentication unit is specifically configured to generate fourth authentication information, the fourth authentication information being authentication information of the received first identity information and the received signature data generated using the first shared key, and the first authentication information passing authentication if the fourth authentication information is identical to the first authentication information.
25. The apparatus according to claim 23, wherein the local signing key in the first trusted center is obtained from signing key data sent from a signing key distribution server, and the signing key distribution server is configured to generate original key data, process the original key data by using erasure coding technique to generate signing key data, and distribute the signing key data to each of the first trusted centers.
26. The apparatus of claim 25, wherein the signing key distribution server is further configured to recover signing key data in the first trusted center.
27. The apparatus of claim 23, further comprising:
and the second receiving unit is used for receiving the signature data and the digital signature sent by the third terminal, verifying the digital signature according to the signature data and the digital signature, and sending a verification result to the third terminal, so that if the third terminal receives the verification result that the digital signature corresponding to each first trusted center passes the verification, the digital signature of the signature data is determined to be correct.
28. The apparatus according to claim 27, wherein the third terminal is further configured to send the signature data and the digital signature failing in verification to the mediation server if a verification result that each of the digital signatures fails in verification is received;
the arbitration server is configured to determine whether a local signature key in the first trusted center corresponding to the digital signature that fails to pass the verification is changed, and if the local signature key is not changed, send a verification result that the digital signature that fails the verification passes the verification to the third terminal.
29. A digital signature apparatus, applied to a second trust center, the apparatus comprising:
the third receiving unit is used for receiving the signature data, the digital signature and the second authentication information sent by each first trusted center; the first trusted center is configured to receive a signature request sent by a first terminal, where the signature request includes first identity information, signature data, and first authentication information, and the first authentication information is authentication information of the first identity information and the signature data generated by the first terminal using a first shared key shared with the first trusted center; authenticating the first authentication information by using the first shared key, and if the first authentication information passes the authentication, generating a digital signature of the signature data by using a local signature key; sending the signature data, the digital signature and second authentication information to a second trusted center, wherein the second authentication information is the signature data and the authentication information of the digital signature generated by the first trusted center by using a second shared key shared with the second trusted center;
the second authentication unit is used for authenticating second authentication information sent by each first trusted center by using a second shared key corresponding to the first trusted center;
a second sending unit, configured to send the signature data, each digital signature, and third authentication information to a second terminal if an authentication result of the second authentication unit is that each piece of second authentication information is authenticated, so that the second terminal authenticates the third authentication information using a third shared key, and if the third authentication information is authenticated, retain the signature data and each digital signature, and use each digital signature as a digital signature of the signature data; the third authentication information is the signature data generated using a third shared key shared with the second terminal and the authentication information of each of the digital signatures.
30. The apparatus according to claim 29, wherein the second authentication unit is specifically configured to generate fifth authentication information corresponding to each first trust center, where the fifth authentication information is received signature data generated by using the second shared key corresponding to the first trust center and received digitally signed authentication information of the first trust center, and if the fifth authentication information corresponding to each first trust center is the same as the second authentication information sent by the first trust center, each second authentication information passes authentication.
31. The apparatus according to claim 29, wherein the local signing key in the first trusted center is obtained from signing key data sent from a signing key distribution server, and the signing key distribution server is configured to generate original key data, process the original key data by using erasure coding technique to generate signing key data, and distribute the signing key data to each of the first trusted centers.
32. The apparatus of claim 31, wherein the signing key distribution server is further configured to recover signing key data in the first trusted center.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910661981.7A CN112287399B (en) | 2019-07-22 | 2019-07-22 | Digital signature method, system and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910661981.7A CN112287399B (en) | 2019-07-22 | 2019-07-22 | Digital signature method, system and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112287399A CN112287399A (en) | 2021-01-29 |
| CN112287399B true CN112287399B (en) | 2022-09-27 |
Family
ID=74418650
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910661981.7A Active CN112287399B (en) | 2019-07-22 | 2019-07-22 | Digital signature method, system and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112287399B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104641592A (en) * | 2012-02-10 | 2015-05-20 | 联英私人公司 | Method and system for a certificate-less authentication encryption (CLAE) |
| US10250395B1 (en) * | 2018-08-29 | 2019-04-02 | Accenture Global Solutions Limited | Cryptologic blockchain interoperation |
| CN109586920A (en) * | 2018-12-05 | 2019-04-05 | 大唐高鸿信安(浙江)信息科技有限公司 | A kind of trust authentication method and device |
| CN109842490A (en) * | 2017-11-28 | 2019-06-04 | 广东国盾量子科技有限公司 | Digital signature generation/transmission/verification method, terminal and computer storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7069435B2 (en) * | 2000-12-19 | 2006-06-27 | Tricipher, Inc. | System and method for authentication in a crypto-system utilizing symmetric and asymmetric crypto-keys |
-
2019
- 2019-07-22 CN CN201910661981.7A patent/CN112287399B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104641592A (en) * | 2012-02-10 | 2015-05-20 | 联英私人公司 | Method and system for a certificate-less authentication encryption (CLAE) |
| CN109842490A (en) * | 2017-11-28 | 2019-06-04 | 广东国盾量子科技有限公司 | Digital signature generation/transmission/verification method, terminal and computer storage medium |
| US10250395B1 (en) * | 2018-08-29 | 2019-04-02 | Accenture Global Solutions Limited | Cryptologic blockchain interoperation |
| CN109586920A (en) * | 2018-12-05 | 2019-04-05 | 大唐高鸿信安(浙江)信息科技有限公司 | A kind of trust authentication method and device |
Non-Patent Citations (2)
| Title |
|---|
| 网上数字签名技术安全认证的实现;吴子勤等;《网络与信息》;20090609(第06期);第29-30页 * |
| 量子密钥数字证书系统及其应用;原磊;《信息安全研究》;20170630;第494-500页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112287399A (en) | 2021-01-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111628868B (en) | Digital signature generation method and device, computer equipment and storage medium | |
| CN109559122B (en) | Block chain data transmission method and block chain data transmission system | |
| CN109672539B (en) | SM2 algorithm collaborative signature and decryption method, device and system | |
| CN111740828B (en) | Key generation method, device and equipment and encryption and decryption method | |
| US9800416B2 (en) | Distributed validation of digitally signed electronic documents | |
| CN108768608B (en) | Privacy protection identity authentication method supporting thin client under block chain PKI | |
| US9531540B2 (en) | Secure token-based signature schemes using look-up tables | |
| EP1714420B1 (en) | One way authentication | |
| KR100635280B1 (en) | Security method using electronic signature | |
| WO2019093478A1 (en) | Key exchange device, key exchange system, key exchange method, and key exchange program | |
| CN114726546B (en) | Digital identity authentication method, device, equipment and storage medium | |
| CN106789087B (en) | Method and system for determining data digest of message and multi-party-based digital signature | |
| KR101253683B1 (en) | Digital Signing System and Method Using Chained Hash | |
| CN114697040A (en) | Electronic signature method and system based on symmetric key | |
| US20150006900A1 (en) | Signature protocol | |
| TWI773161B (en) | Digital signature private key verification method | |
| CN111245611B (en) | Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment | |
| CN116566626B (en) | Ring signature method and apparatus | |
| CN112948896A (en) | Signature information verification method and information signature method | |
| CN114697038A (en) | Quantum attack resistant electronic signature method and system | |
| KR101256114B1 (en) | Message authentication code test method and system of many mac testserver | |
| CN112287399B (en) | Digital signature method, system and device | |
| CN113766452B (en) | V2X communication system, communication key distribution method and implicit authentication method | |
| KR100654933B1 (en) | System and its method for authenticating dynamically created certificate by user's password input | |
| CN109104393B (en) | Identity authentication method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |