CN113849861A - Proxy digital signature method based on elliptic curve - Google Patents
Proxy digital signature method based on elliptic curve Download PDFInfo
- Publication number
- CN113849861A CN113849861A CN202111108592.5A CN202111108592A CN113849861A CN 113849861 A CN113849861 A CN 113849861A CN 202111108592 A CN202111108592 A CN 202111108592A CN 113849861 A CN113849861 A CN 113849861A
- Authority
- CN
- China
- Prior art keywords
- proxy
- signature
- mod
- elliptic curve
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 238000012795 verification Methods 0.000 claims abstract description 14
- 238000013475 authorization Methods 0.000 claims abstract description 12
- XOOUIPVCVHRTMJ-UHFFFAOYSA-L zinc stearate Chemical compound [Zn+2].CCCCCCCCCCCCCCCCCC([O-])=O.CCCCCCCCCCCCCCCCCC([O-])=O XOOUIPVCVHRTMJ-UHFFFAOYSA-L 0.000 claims description 4
- 238000010200 validation analysis Methods 0.000 claims description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000000739 chaotic effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/60—Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
- G06F7/72—Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
- G06F7/722—Modular multiplication
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Optimization (AREA)
- Mathematical Analysis (AREA)
- Computational Mathematics (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an elliptic curve-based proxy digital signature method, which comprises the following specific steps: s1: initializing the process; s2: a delegation process; s3: a generation process of the proxy key; s4: a verification process of the proxy key; in the proxy signature scheme of the present invention, proxy signaturesPrivate key k containing BBAnyone else does not know the private key kBSo neither can masquerade as B, nor can B repudiate his signature; authorization parameter sA≡e1kA+k1(modn) includes the original signer's private key kAOnly B authorized by a can generate a valid proxy signature. The method is suitable for temporary and short-term proxy authorization(ii) a The method is suitable for different conditions of the verifiers each time; the verification procedure is simple; other people in the method cannot impersonate, and different roles in the scheme cannot impersonate mutually.
Description
Technical Field
The invention relates to the field of proxy signatures, in particular to a proxy digital signature method based on an elliptic curve.
Background
Under the era background of the rapid development of the internet, the social informatization degree is increasingly high. The communication among people is more and more internationalized, and the human really enters the 'information age'. Information on the internet is chaotic and complicated, potential risk factors such as counterfeiting or tampering exist, and the electronic signature system is paid more attention to and perfected, so that the information security on the internet is maintained. The proxy signature is a special digital signature, and in the special digital signature system, two main bodies are required: original signers and proxy signers. The original signer passes the information to a third party (proxy signer) which creates a proxy signature based on various public parameters including its private key, the original signer's public key and randomly selected parameters.
Proxy signatures require three parties to participate; the private key of the original signer A is kAThe public key is PA=kAP; the proxy signer is B, the private key is kBThe public key is PB=kBP; c denotes a proxy signature verifier. The overall process of the document "elliptic curve-based proxy signature scheme" is summarized below:
1. initializing the process;
(1) let E be set up in a finite field FqThe above elliptic curve, P belongs to E and the order of the point P is n;
(2) a randomly selects a positive integer kA,0<kAN as private key; public key is PA=kAP;
(3) Disclosing coefficient parameters { E, n, PA}。
2. A delegation process; a, carrying out the following operations:
(1) randomly selecting a positive integer k0,0<k0< n, calculate Q0=k0P=(x0,y0),x0,y0∈Fq;
(2) Calculating r0≡x0 mod n,σ≡kA+r0k0 mod n;
(3) A will be σ and Q0Respectively communicated to B privately and publicly.
B is receiving sigma and Q0Thereafter, the validity of the delegation information is verified. Verifying sigma P ═ PA+r0Q0Wherein Q is0=(x0,y0),r0≡x0mod n. If the equation holds, then σ and Q0May act as a proxy signing key pair.
3. A generation process of the proxy signature; b, carrying out the following steps:
(1) randomly selecting a positive integer k, wherein k is more than 0 and less than n, and calculating kP (x, y) and r ≡ x mod n;
(2) calculating s ≡ k-1(m+rσ)mod n;
(3) Will { m, r, s, Q0It is sent to C.
4. A verification process of the proxy signature; c, verification:
(1) calculating c ≡ s-1 mod n,u1≡mc mod n,u2≡rc mod n;
(2) Calculating u1P+u2(PA+r0Q0)=P′=(x′,y′);
(3) This proxy signature is valid if x' ≡ rc mod n.
In the scheme, anyone can not obtain the private key of the original signer A, and the private key can be ensured according to the elliptic curve discrete logarithm problem; in this scenario original signer a can revoke the signature authority of proxy signer B by declaring Q0 invalid; but s ≡ k generated during generation of the proxy signature-1The private key of the proxy signer B is not contained in the (m + r sigma) mod n, and the signature can be denied by the B, so that the signature cannot be denied; therefore, the elliptic curve based proxy digital signature method is provided.
Disclosure of Invention
The present invention is directed to provide a proxy digital signature method based on elliptic curve to solve the problems of the background art mentioned above.
In order to achieve the purpose, the invention provides the following technical scheme: a proxy digital signature method based on elliptic curve includes the following steps:
s1: initializing the process;
s11: let E be set up in a finite field FqThe above elliptic curve, P belongs to E and the order of the point P is n;
s12: a randomly selects a positive integer kA,0<kAN as private key; public key is PA=kAP;
S13: b randomly selecting positive integer kB,0<kBN as private key; public key is PB=kBP;
S14: disclosing coefficient parameters { E, n, PA,PB};
S2: a delegation process; a pair of request information mAThe following operations were carried out:
s21: a randomly selects k1,0<k1< n, calculate YA=k1P=(xA,yA);
S22: calculating rA≡xAmod n、e1=h(mA,rA)、sA≡e1kA+k1(mod n);
S23: will (m)A,YA,sA) To B, (Y)A,sA) Is to A to mAA signature of the authorization information of (2); b accept (m)A,YA,sA) Then, first calculate rA≡xA mod n、e1=h(mA,rA) (ii) a Then verifying sAP=PAe1+YAIf yes, the authorization is established;
s3: a generation process of the proxy signature; b pair of signature information mBThe following operations were carried out:
S32: randomly selecting a positive integer k2,0<k2< n, calculate YB=k2PB=(xB,yB);
S33: calculating rB=xB mod n、e2=h(mB,rB)、s≡xe2+k2(mod n);
S34: will (m)A,mB,YA,YBS) to C;
s4: a verification process of the proxy signature; c, verification:
s41: calculating rA≡xA mod n,rB≡xB mod n,e1=h(mA,rA),e2=h(mB,rB);
S42: verification of xPB=YB+e2(YA+e1PA) (ii) a If the equation is true, then the proxy signature generated by B is valid, and if the equation is false, then it is invalid.
As a preferred embodiment of the present invention, a represents an original signer; the B represents a proxy signer; the C represents a proxy signature verifier.
The invention has the beneficial effects that:
1. suitable for temporary, short-term proxy authorization;
2. the method is suitable for different conditions of the verifiers each time;
3. the verification procedure is simple;
4. other people in the method cannot impersonate, and different roles in the scheme cannot impersonate mutually.
Drawings
FIG. 1 is a flow chart of the present invention.
Detailed Description
The following detailed description of the preferred embodiments of the present invention, taken in conjunction with the accompanying drawings, will make the advantages and features of the invention more readily understood by those skilled in the art, and thus will more clearly and distinctly define the scope of the invention.
Example (b): referring to fig. 1, the present invention provides a technical solution: a proxy digital signature method based on elliptic curve includes the following steps:
s1: initializing the process; a represents the original signer; b represents a proxy signer; c represents a proxy signature verifier;
s11: let E be set up in a finite field FqThe above elliptic curve, P belongs to E and the order of the point P is n;
s12: a randomly selects a positive integer kA,0<kAN as private key; public key is PA=kAP;
S13: b randomly selecting positive integer kB,0<kBN as private key; public key is PB=kBP;
S14: disclosing coefficient parameters { E, n, PA,PB};
S2: a delegation process; a pair of request information mAThe following operations were carried out:
s21: a randomly selects k1,0<k1< n, calculate YA=k1P=(xA,yA);
S22: calculating rA≡xA mod n、e1=h(mA,rA)、sA≡e1kA+k1(mod n);
S23: will (m)A,YA,sA) To B, (Y)A,sA) Is to A to mAA signature of the authorization information of (2); b accept (m)A,YA,sA) Then, first calculate rA≡xA mod n、e1=h(mA,rA) (ii) a Then verifying sAP=PAe1+YAIf yes, the authorization is established;
s3: a generation process of the proxy signature; b pair of signature information mBThe following operations were carried out:
S32: randomly selecting a positive integer k2,0<k2< n, calculate YB=k2PB=(xB,yB);
S33: calculating rB≡xBmod n、e2=h(mB,rB)、s≡xe2+k2(mod n);
S34: will (m)A,mB,YA,YBS) to C;
s4: a verification process of the proxy signature; c, verification:
s41: calculating rA≡xA mod n,rB≡xB mod n,e1=h(mA,rA),e2=h(mB,rB);
S42: validation of sPB=YB+e2(YA+e1PA) (ii) a If the equation is true, then the proxy signature generated by B is valid, and if the equation is false, then it is invalid.
The verification method comprises the following steps: a digital signature method based on elliptic curve proxy can prove the correctness thereof, and comprises the following steps:
The above process logically demonstrates the feasibility of the signature scheme, as well as non-repudiation, etc.
Unforgeability of the original signature. In the above proxy authorization process, (m)A,mB,YA,YBS) is actually the original signerAnd proxy signatureA,mBAnd is not forgeable. From sPB=YB+e2(YA+e1PA) It can be shown that this signature is a valid proxy signature for B that has seen a grant. From the proxy signature, C utilizes the public keys of A and B and the authentication equation sPB=YB+e2(YA+e1PA) To determine if the signature is a proxy signature generated by B-proxy a; on the other hand, in the document mACan specify the authorization range, the expiration date, etc., and is based on (m)A,YA,sA) The private key of A cannot be calculated, so secret transmission is not needed, and the use cost is reduced.
The impossibility of a proxy signature; in the proxy signature scheme of the invention, the proxy signature private keyPrivate key k containing BBAnyone else does not know the private key kBSo neither can masquerade as B, nor can B repudiate his signature; authorization parameter sA≡e1kA+k1(mod n) includes the original signer's private key kAOnly B authorized by a can generate a valid proxy signature.
In the method described in the background art, the generation process and the verification process of the proxy signature have an inversion operation once respectively, and are respectively s ≡ k-1(m + r σ) mod n and c ≡ s-1modn, the inverse operation in the improved signature method only occurs once in the generation process of the proxy signatureThe inversion operation is the most complex operation in cryptography, and the operation process is very inefficient. The improved scheme reduces one inversion operation and improves the operation efficiency of the method; in the original method such as Q0=k0P has 7 times of power operation, such as Y in the improved methodA=k1The power of P is calculated 8 times. In the original method such as r0≡x0modulo multiplication of modn 9 times, improved methods such as rA≡xAmod n has 6 modular multiplication operations; in general, the improved scheme has greatly improved operation efficiency. The specific cases are as follows:
TABLE 1 comparison of original and modified protocols
The above examples only show some embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention.
Claims (2)
1. A proxy digital signature method based on elliptic curve is characterized in that: the method comprises the following specific steps:
s1: initializing the process;
s11: let E be set up in a finite field FqThe above elliptic curve, P belongs to E and the order of the point P is n;
s12: a randomly selects a positive integer kA,0<kAN as private key; public key is PA=kAP;
S13: b randomly selecting positive integer kB,0<kBN as private key; public key is PB=kBP;
S14: disclosing coefficient parameters { E, n, PA,PB};
S2: a delegation process; a pair of request information mAThe following operations were carried out:
s21: a randomly selects k1,0<k1< n, calculate YA=k1P=(xA,yA);
S22: calculating rA≡xAmod n、e1=h(mA,rA)、sA≡e1kA+k1(mod n);
S23: will (m)A,YA,sA) To B, (Y)A,sA) Is A pair of authorization information mAThe signature of (2); b accept (m)A,YA,sA) Then, first calculate rA≡xA mod n、e1=h(mA,rA) (ii) a Then verifying sAP=PAe1+YAIf yes, the authorization is established;
s3: a generation process of the proxy signature; b pair of signature information mBThe following operations were carried out:
S32: randomly selecting a positive integer k2,0<k2< n, calculate YB=k2PB=(xB,yB);
S33: calculating rB≡xB mod n、e2=h(mB,rB)、s≡xe2+k2(mod n);
S34: will (m)A,mB,YA,YBS) to C;
s4: a verification process of the proxy signature; c, verification:
s41: calculating rA≡xA mod n,rB≡xB mod n,e1=h(mA,rA),e2=h(mB,rB);
S42: validation of sPB=YB+e2(YA+e1PA) (ii) a If the equation is true, then the proxy signature generated by B is valid, and if the equation is false, then it is invalid.
2. The elliptic curve-based proxy digital signature method as claimed in claim 1, wherein: the A represents an original signer; the B represents a proxy signer; the C represents a proxy signature verifier.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111108592.5A CN113849861A (en) | 2021-09-22 | 2021-09-22 | Proxy digital signature method based on elliptic curve |
ZA2022/07567A ZA202207567B (en) | 2021-09-22 | 2022-07-08 | Proxy digital signature method based on elliptic curve |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111108592.5A CN113849861A (en) | 2021-09-22 | 2021-09-22 | Proxy digital signature method based on elliptic curve |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113849861A true CN113849861A (en) | 2021-12-28 |
Family
ID=78974876
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111108592.5A Pending CN113849861A (en) | 2021-09-22 | 2021-09-22 | Proxy digital signature method based on elliptic curve |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN113849861A (en) |
ZA (1) | ZA202207567B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114726552A (en) * | 2022-06-07 | 2022-07-08 | 杭州天谷信息科技有限公司 | Digital signature right transfer method and system |
-
2021
- 2021-09-22 CN CN202111108592.5A patent/CN113849861A/en active Pending
-
2022
- 2022-07-08 ZA ZA2022/07567A patent/ZA202207567B/en unknown
Non-Patent Citations (4)
Title |
---|
王玉奇;李浪;邹;: "一种椭圆曲线的代理签名方案的分析与改进", 计算机安全, no. 07 * |
田珂;王洪林;: "基于椭圆曲线的保护签名者隐私的代理签名方案", 河南工程学院学报(自然科学版), no. 01 * |
胡兰兰等: "一种改进的椭圆曲线安全代理签名方案", 计算机应用研究 * |
黄月英;禹勇;姜建国;: "可快速撤销的基于椭圆曲线的代理签名", 湖北大学学报(自然科学版), no. 04, pages 1 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114726552A (en) * | 2022-06-07 | 2022-07-08 | 杭州天谷信息科技有限公司 | Digital signature right transfer method and system |
CN114726552B (en) * | 2022-06-07 | 2022-10-11 | 杭州天谷信息科技有限公司 | Digital signature right transfer method and system |
Also Published As
Publication number | Publication date |
---|---|
ZA202207567B (en) | 2022-10-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7533270B2 (en) | Signature schemes using bilinear mappings | |
JP3522447B2 (en) | Authentication exchange method and additional public electronic signature method | |
CN102387019B (en) | Certificateless partially blind signature method | |
US9882890B2 (en) | Reissue of cryptographic credentials | |
CN107911217B (en) | Method and device for cooperatively generating signature based on ECDSA algorithm and data processing system | |
CN112532394B (en) | Block chain anti-signature traceable certificateless blind signature generation method | |
JP2002534701A (en) | Auto-recoverable, auto-encryptable cryptosystem using escrowed signature-only keys | |
Verma et al. | Efficient identity‐based blind message recovery signature scheme from pairings | |
CN111294202A (en) | Identity authentication method facing alliance chain | |
Pooja et al. | Digital signature | |
CN115529134A (en) | Identity-based proxy blind signature method on lattice | |
Zhou et al. | Provably secure proxy-protected signature schemes based on factoring | |
Ansper et al. | Efficient long-term validation of digital signatures | |
CN112989436B (en) | Multi-signature method based on block chain platform | |
CN113849861A (en) | Proxy digital signature method based on elliptic curve | |
JP4772965B2 (en) | Method for proving entity authenticity and / or message integrity | |
Seo et al. | A mediated proxy signature scheme with fast revocation for electronic transactions | |
CN110932866B (en) | Ring signature generation method based on SM2 digital signature algorithm | |
Lin et al. | F2P‐ABS: A fast and secure attribute‐based signature for mobile platforms | |
Hwang et al. | New efficient batch verification for an identity‐based signature scheme | |
JP3540477B2 (en) | Signature scheme | |
Toapanta et al. | Ensuring the blind signature for the electoral system in a distributed environment | |
Jain | Digital signature algorithm | |
Zhang et al. | New ID-based proxy blind multi-signature scheme without trusted PKG | |
EP1921790A1 (en) | Signature schemes using bilinear mappings |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20211228 |