CN113919005A - Digital certificate issuing method based on Schnorr polymerization signature - Google Patents

Digital certificate issuing method based on Schnorr polymerization signature Download PDF

Info

Publication number
CN113919005A
CN113919005A CN202111211808.0A CN202111211808A CN113919005A CN 113919005 A CN113919005 A CN 113919005A CN 202111211808 A CN202111211808 A CN 202111211808A CN 113919005 A CN113919005 A CN 113919005A
Authority
CN
China
Prior art keywords
certificate
signature
schnorr
authentication
initial
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111211808.0A
Other languages
Chinese (zh)
Inventor
徐蕾
宋雪
祝烈煌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Technology BIT
Original Assignee
Beijing Institute of Technology BIT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Technology BIT filed Critical Beijing Institute of Technology BIT
Priority to CN202111211808.0A priority Critical patent/CN113919005A/en
Publication of CN113919005A publication Critical patent/CN113919005A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Abstract

The invention provides a digital certificate issuing method based on Schnorr aggregated signature, which solves the technical problem of single-point failure of a CA certification Authority, belongs to the technical field of computer network information encryption protection, and cancels the traditional certification center concept in the network system certification process, but sets a certificate Registration Authority (RA) and a certificate issuing Authority (CA). The certificate authority distinguishes between conventional CA and RA functions without a direct link between the two. By combining the Schnorr aggregation signature algorithm, the CA system can still issue a certificate correctly when a failed authentication node exists in the authentication mechanism, so that the capability of resisting attacks is provided. Compared with the prior art, the invention has stronger trust of the certification authority, can greatly reduce the cost of signature verification and the transaction volume, and obviously reduce the bandwidth consumed by network transmission and the occupation of the node storage space.

Description

Digital certificate issuing method based on Schnorr polymerization signature
Technical Field
The invention relates to a digital certificate issuing method, in particular to a digital certificate issuing method based on Schnorr aggregated signature, and belongs to the technical field of computer network information encryption protection.
Background
The Public Key Infrastructure (PKI) is widely applied as a security Infrastructure, and provides a complete security service function for data exchange in networks such as online finance, online banking, online securities, electronic commerce and electronic government affairs. PKI can provide a variety of security services such as authentication, data integrity, data confidentiality, data fairness, non-repudiation, and time stamping.
Because the network has the characteristics of openness, anonymity and the like, the threshold of the illegal user for counterfeiting the identity of other people to carry out online fraud by some technical means is lower and lower, so that great harm is caused to the legal user and the system. The essence of identity authentication, i.e. the process of verifying whether an authenticated object is authentic and valid, is considered to be the basis of online transactions today.
In the PKI system, a Certificate Authority (CA) issues an online identity certificate, i.e. an identity card, for each legitimate user in the system. The CA is responsible for issuing and managing digital certificates and has an authoritative and equitable third party trust authority that acts like a real life company that issues certificates. The node of the CA receives and verifies the application of the digital certificate of the user (including a lower authentication center and an end user), records the application content, and determines whether to accept the application of the digital certificate according to the application content. If the central authority accepts the digital certificate application, it is further determined what type of certificate is issued to the user. The new certificate is signed by a private key of the authentication center and then is sent to the directory server for downloading and inquiring by the user. To ensure the integrity of the message, all the response messages returned to the user are signed by the certificate authority.
In the authentication process of the certification authority, different certification information is signed, and relevant data (such as an applicant, application information, time, a signer and the like) information is returned. Therefore, verifying the signature requires a large amount of effort, and is a huge burden on data storage, network transmission, signature verification, and the like.
Because of the important role of the CA in the public key infrastructure, for any network system needing identity authentication, once an attacker invaginates the CA, the attacker can forge certificates and use the fake identities to enter the system to carry out illegal criminal activities.
Disclosure of Invention
The invention aims to solve the technical problem of single point failure of a CA certification authority and provides a digital certificate issuing method based on Schnorr aggregated signature.
The method has the innovation points that: in the process of network system authentication, the method cancels the traditional concept of a certificate Authority, and establishes a certificate Registration Authority (RA) which is responsible for identity authentication, receives identity information sent by an applicant, checks whether the identity is real and legal through manual verification or identity system comparison verification) and a Certificate Authority (CA) which is responsible for issuing a certificate to a new identity and updating the certificate. The certificate authority distinguishes between conventional CA and RA functions without a direct link between the two. In combination with the Schnorr aggregate signature algorithm (proposed by german mathematician, cryptologist Claus Schnorr, which operates similarly to elliptic curve digital signatures but has further advantages), the CA system is enabled to issue certificates correctly even when there are failed certification nodes inside the certification authority, thereby having the capability of resisting attacks.
Advantageous effects
Compared with the prior art, the method of the invention has the following advantages:
1. the invention has stronger trust of the certification authority. By aggregating signatures of multiple RA endorsements, the authentication information flow must be participated in by multiple parties, i.e., two or more RA members, preventing the issuance of malicious certificates from the nodes themselves. Separating the CA from the RA function, the CA cannot issue certificates independently.
2. The invention can greatly reduce the cost of signature verification. For a transaction with multiple signatures, multiple times of verification are originally required, and only one time of verification is required by adopting the aggregated signature, so that the verification speed of the node on the transaction is improved.
3. The invention greatly reduces the transaction volume. Because a plurality of signatures are aggregated into one signature, the size of multiple signatures can be greatly reduced, and the bandwidth consumed by network transmission and the occupation of the storage space of the node can be obviously reduced.
Drawings
Fig. 1 is a conceptual diagram of the system of the present invention.
FIG. 2 is a flow chart of the method of the present invention.
Detailed Description
The following describes the embodiments of the present invention in further detail with reference to the accompanying drawings.
As shown in fig. 1 and fig. 2, a method for issuing a digital certificate based on Schnorr aggregated signature includes the following steps:
step 1: let the total number of RA servers in all certificate authorities in the network be N. The WEB server submits an application containing self valid identity information to any RA, and the RA takes the RA as an initial RA after receiving the identity information from the WEB server.
The WEB server refers to a website which obtains a legal certificate from a certification authority to provide services for a common client.
The RA is a certificate Registration Authority (Registration Authority) responsible for identity authentication, receiving identity information sent by an applicant, performing domain name authentication mainly by authenticating a mailbox of an administrator, and checking whether an owner of a website address is an applicant of a certificate.
Step 2: randomly selecting K RA nodes except the initial RA for identity verification, wherein,
Figure BDA0003309207790000031
Figure BDA0003309207790000032
specifically, the initial RA forwards the identity information to the K RAs. And the K RA receives the identity information and then performs identity authentication. If the verification passes, the verified node signs the identity information, and returns the signature S, the random number R and the self public key to the initial RA; if not, the signature is not carried out, and only the self public key P is returned to the initial RA.
And step 3: after the initial RA receives the return messages of K RA, all the returned signatures are integrated into an aggregate signature S 'by using a Schnorr aggregate signature algorithm, and all the random numbers R are combined into an aggregate random number R'. Then, the initial RA returns the aggregated signatures S ', R' and the public key list L to the WEB server.
Specifically, by using a Schnorr aggregation signature algorithm, K nodes are set to pass verification, and K belongs to [1, K ]]The initial RA converts the collected K signatures of the nodes passing the authentication into an aggregate signature S ', converts the K random numbers returned by the nodes passing the authentication into an aggregate random number R', and converts the public keys (P) of the K authentication RAs1,P2,…,PK) Is combined into a public key list L.
Wherein:
S'=s1G+s2G+...+skG=(s1+s2...+sk)G
R'=R1+R2+...+Rk
Figure BDA0003309207790000041
wherein, Pk、PiRespectively representing the public key of the kth RA and the public key of the ith RA, RkRandom number, S, representing the kth RAkRepresenting the signature of the kth RA, G being a random point in the elliptic curve cryptography algorithm.
And 4, step 4: the WEB server integrates the related content returned by the initial RA and the domain name thereof into a certificate application, signs by an MSP (member Service provider) private key thereof and submits the certificate application to the CA.
The CA refers to a certificate authority (certificate authority) responsible for issuing a certificate to a new identity and managing updating of the certificate. The certificate authority distinguishes between conventional CA and RA functions without a direct link between the two.
And 5: the CA receives the application from the server, verifies the aggregated signature S 'with the public key list L and the aggregated random number R'. If the verification is passed, the certificate is issued to the WEB server and returned to the WEB server, otherwise, the result of the verification failure is returned.

Claims (4)

1. A digital certificate issuing method based on Schnorr aggregate signature is characterized in that in the process of network system authentication, a certificate registration approval mechanism RA and a certificate issuing mechanism CA are set, and a Schnorr aggregate signature algorithm is combined, so that the CA system can still correctly issue a certificate when a failed authentication node exists in the authentication mechanism, and the capability of resisting attack is provided;
the RA is a certificate registration and approval mechanism and is responsible for identity authentication, receiving identity information sent by an applicant, and checking whether an owner of a website address is the applicant of the certificate;
the CA is a certificate authority responsible for issuing a certificate to a new identity and managing updating of the certificate.
2. The method for issuing a digital certificate based on Schnorr aggregated signature according to claim 1, wherein in the authentication process of the network system:
step 1: setting the total number of RA servers in all authentication organizations in the network as N; the WEB server submits an application containing self effective identity information to any RA, and the RA takes the RA as an initial RA after receiving the identity information from the WEB server;
the WEB server is a website which obtains a legal certificate from a certification authority to provide services for a common client;
step 2: randomly selecting K RA nodes except the initial RA for identity verification, wherein,
Figure FDA0003309207780000011
Figure FDA0003309207780000012
and step 3: after the initial RA receives the return messages of K RA, integrating all the returned signatures into an aggregated signature S 'by using a Schnorr aggregated signature algorithm, and combining all the random numbers R into an aggregated random number R'; then, the initial RA returns the aggregated signatures S ', R' and the public key list L to the WEB server;
and 4, step 4: the WEB server integrates the related content returned by the initial RA and the domain name thereof into a certificate application, signs with the MSP private key thereof and submits the certificate application to the CA;
and 5: CA receives the application from server, and uses public key list L and aggregation random number R 'to verify aggregation signature S'; if the verification is passed, the certificate is issued to the WEB server and returned to the WEB server, otherwise, the result of the verification failure is returned.
3. The method for issuing the digital certificate based on the Schnorr aggregated signature as claimed in claim 2, wherein in step 2, the initial RA forwards the identity information to K RAs, the K RAs performs identity verification after receiving the identity information, if the identity information passes the verification, the verified node signs the identity information, and returns a signature S, a random number R and its own public key to the initial RA; if not, the signature is not carried out, and only the self public key P is returned to the initial RA.
4. The method for issuing the digital certificate based on the Schnorr aggregated signature as recited in claim 2, wherein in step 3, using the Schnorr aggregated signature algorithm, K nodes are set to pass verification, K e [1, K ], and the initial RA converts K signatures of the nodes passing the collection authentication into an aggregated signature S';
converting K random numbers returned by nodes passing authentication into an aggregated random number R', and converting the public keys (P) of the K authentication RA into public keys1,P2,…,PK) Combining into a public key list L;
wherein:
S'=s1G+s2G+...+skG=(s1+s2...+sk)G
R′=R1+R2+...+Rk
Figure FDA0003309207780000021
wherein, Pk、PiAre respectively provided withDenotes the public key of the kth RA, the public key of the ith RA, RkRandom number, S, representing the kth RAkRepresenting the signature of the kth RA, G being a random point in the elliptic curve cryptography algorithm.
CN202111211808.0A 2021-10-18 2021-10-18 Digital certificate issuing method based on Schnorr polymerization signature Pending CN113919005A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111211808.0A CN113919005A (en) 2021-10-18 2021-10-18 Digital certificate issuing method based on Schnorr polymerization signature

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111211808.0A CN113919005A (en) 2021-10-18 2021-10-18 Digital certificate issuing method based on Schnorr polymerization signature

Publications (1)

Publication Number Publication Date
CN113919005A true CN113919005A (en) 2022-01-11

Family

ID=79241346

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111211808.0A Pending CN113919005A (en) 2021-10-18 2021-10-18 Digital certificate issuing method based on Schnorr polymerization signature

Country Status (1)

Country Link
CN (1) CN113919005A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116318728A (en) * 2023-03-20 2023-06-23 中国科学院软件研究所 Distributed certificate automatic issuing method, device and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004166238A (en) * 2002-08-30 2004-06-10 Toshiba Corp Method and apparatus for secure data communication link
KR20050101501A (en) * 2004-04-19 2005-10-24 한국신용평가정보주식회사 Method for issuing the certificate contained one's credit information and record media recorded the certificate issued by the above method
CN107370600A (en) * 2017-08-14 2017-11-21 华南理工大学 A kind of method for generating core identity digital certificate and identity side digital certificate
CN109992953A (en) * 2019-02-18 2019-07-09 深圳壹账通智能科技有限公司 Digital certificate on block chain signs and issues, verification method, equipment, system and medium
CN111211910A (en) * 2019-12-30 2020-05-29 南京如般量子科技有限公司 Anti-quantum computation CA (certificate Authority) and certificate issuing system based on secret shared public key pool and issuing and verifying method thereof
CN111327424A (en) * 2020-01-20 2020-06-23 南京可信区块链与算法经济研究院有限公司 Method, system and storage medium for issuing CA certificate by multiple nodes

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004166238A (en) * 2002-08-30 2004-06-10 Toshiba Corp Method and apparatus for secure data communication link
KR20050101501A (en) * 2004-04-19 2005-10-24 한국신용평가정보주식회사 Method for issuing the certificate contained one's credit information and record media recorded the certificate issued by the above method
CN107370600A (en) * 2017-08-14 2017-11-21 华南理工大学 A kind of method for generating core identity digital certificate and identity side digital certificate
CN109992953A (en) * 2019-02-18 2019-07-09 深圳壹账通智能科技有限公司 Digital certificate on block chain signs and issues, verification method, equipment, system and medium
CN111211910A (en) * 2019-12-30 2020-05-29 南京如般量子科技有限公司 Anti-quantum computation CA (certificate Authority) and certificate issuing system based on secret shared public key pool and issuing and verifying method thereof
CN111327424A (en) * 2020-01-20 2020-06-23 南京可信区块链与算法经济研究院有限公司 Method, system and storage medium for issuing CA certificate by multiple nodes

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116318728A (en) * 2023-03-20 2023-06-23 中国科学院软件研究所 Distributed certificate automatic issuing method, device and system
CN116318728B (en) * 2023-03-20 2024-03-26 中国科学院软件研究所 Distributed certificate automatic issuing method, device and system

Similar Documents

Publication Publication Date Title
CN109785494B (en) Traceable anonymous electronic voting method based on block chain
US10439826B2 (en) Identity-based certificate management
CN109005036B (en) Block chain member management method and system based on identification cipher algorithm
CN112153608A (en) Vehicle networking cross-domain authentication method based on side chain technology trust model
CN106972931A (en) A kind of method of certificate transparence in PKI
JPH10336169A (en) Authenticating method, authenticating device, storage medium, authenticating server and authenticating terminal
CN101163011A (en) Safety authentication method of internet bank system
Muftic Bix certificates: Cryptographic tokens for anonymous transactions based on certificates public ledger
Bauer et al. Minimal information disclosure with efficiently verifiable credentials
CN115001721A (en) Safety authentication method and system of smart power grid based on block chain
CN111260348A (en) Fair payment system based on intelligent contract in Internet of vehicles and working method thereof
CN114499883A (en) Cross-organization identity authentication method and system based on block chain and SM9 algorithm
CN113919005A (en) Digital certificate issuing method based on Schnorr polymerization signature
Ansper et al. Efficient long-term validation of digital signatures
Boontaetae et al. RDI: Real digital identity based on decentralized PKI
Russell Fast checking of individual certificate revocation on small systems
JPH10285157A (en) Registration key duplex preventing device in authentication system
Helbach et al. Code voting with linkable group signatures
Bruschi et al. A protocol for anonymous and accurate e-polling
Augoye Electronic Voting: An Electronic Voting Scheme using the Secure Payment card System
Russell et al. Virtual certificates and synthetic certificates: new paradigms for improving public key validation
TWI828001B (en) System for using multiple security levels to verify customer identity and transaction services and method thereof
Munjal et al. Secure and cost effective transaction model for financial services
Markelon et al. The DecCert PKI: A Solution to Decentralized Identity Attestation and Zooko’s Triangle
Nimura A Novel Scheme of Schnorr Multi-signatures for Multiple Messages with Key Aggregation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination