CN114257374A - Verifiable security outsourcing calculation method and system for identification cryptosystem - Google Patents

Verifiable security outsourcing calculation method and system for identification cryptosystem Download PDF

Info

Publication number
CN114257374A
CN114257374A CN202111564370.4A CN202111564370A CN114257374A CN 114257374 A CN114257374 A CN 114257374A CN 202111564370 A CN202111564370 A CN 202111564370A CN 114257374 A CN114257374 A CN 114257374A
Authority
CN
China
Prior art keywords
parameters
server
calculation
results
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111564370.4A
Other languages
Chinese (zh)
Other versions
CN114257374B (en
Inventor
孔凡玉
李洪军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong University
Original Assignee
Shandong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong University filed Critical Shandong University
Priority to CN202111564370.4A priority Critical patent/CN114257374B/en
Publication of CN114257374A publication Critical patent/CN114257374A/en
Application granted granted Critical
Publication of CN114257374B publication Critical patent/CN114257374B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/72Signcrypting, i.e. digital signing and encrypting simultaneously
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Abstract

The invention provides a verifiable security outsourcing calculation method and a verifiable security outsourcing calculation system for an identification cryptosystem. After the two servers finish corresponding calculation, the calculation result is returned to the Internet of things terminal equipment, and the correctness of the returned result is verified by the Internet of things terminal equipment by using verification information generated in the splitting process. And if the verification is passed, calculating by the terminal equipment of the Internet of things to obtain a real calculation result. The method can be used for outsourcing calculation of algorithms such as data encryption, digital signature and signcryption based on identification, and can save the operation time of the terminal equipment of the Internet of things.

Description

Verifiable security outsourcing calculation method and system for identification cryptosystem
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a verifiable security outsourcing calculation method and system for an identification cryptosystem.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
With the cross fusion and mutual promotion of big data and the technology of the internet of things, mass terminal equipment in the internet of things is used as an important means for data acquisition, a large amount of data is continuously generated and uploaded to a data center, and a network infrastructure for interconnection of everything and data circulation is formed. Among them, security problems such as device identity authentication of massive internet of things terminals, and transmission encryption of confidential and sensitive data are becoming more and more important.
The identification cryptosystem takes the equipment identity information as a public key, does not need to issue a digital certificate, and is very suitable for an application scene of the Internet of things with massive terminals.
The type of the identification cryptosystem mainly comprises a data encryption algorithm, a digital signature algorithm, a key agreement protocol and the like, wherein the identification-based signcryption algorithm is an algorithm integrating data encryption and digital signature, can protect the confidentiality of data content and verify the legality of a data source, and is an important research subject in the field of information security. However, the identification cryptosystem includes a large number of complex mathematical operations, such as bilinear pairing operations, scalar multiplication operations on elliptic curves, modular exponentiation operations, and the like. For the terminal equipment of the internet of things with very limited computing resources, a long time is required to complete the operations.
Disclosure of Invention
The invention provides a verifiable security outsourcing calculation method and system for an identification cryptosystem, aiming at solving the problems.
According to some embodiments, the invention adopts the following technical scheme:
a verifiable security outsourcing calculation method for an identification cryptosystem is executed at terminal equipment of the Internet of things and comprises the following steps:
splitting the secret parameters in the identification cryptosystem for a plurality of times, respectively sending a part of system parameters or/and private key information and a part of secret parameters to a first server, and sending a part of system parameters or/and private key information and another part of secret parameters to a second server;
sequentially receiving results of calculation feedback of the two servers;
verifying the correctness of the calculation results of the two servers by using corresponding verification information related to the two locally stored secret parameters or related to the private key information, and calculating the calculation results returned by the two servers after the verification is successful to synthesize a complete calculation result;
and determining a message encryption result and a signature result according to the calculation results returned for a plurality of times, and outputting an encrypted message ciphertext and a signature result.
As an alternative embodiment, the identification cryptosystem includes a BLMQ signcryption algorithm.
As an alternative embodiment, the data of the first server and the second server do not interact and collude with each other.
As an alternative embodiment, the first outsourcing calculation process specifically includes: splitting secret parameters in an identification cryptosystem, sending a part of system parameters and a part of secret parameters to a first server as first encryption parameters, and sending the system parameters and the other part of secret parameters to a second server as second encryption parameters;
and receiving the calculation feedback results of the two servers, verifying by using the locally stored first verification information related to the two parts of confidential parameters, and multiplying the calculation results returned by the two servers after the verification is successful to obtain a complete calculation result.
By way of further limitation, the secret parameter is a random number x randomly selected, and the x is decomposed into two numbers t1And t2Sum, t1And t2Satisfy t1-t2=k1,k1Is an integer, and is taken as the first authentication information.
As an alternative embodiment, the second outsourcing calculation process specifically includes: calculating a bilinear pairing of the related system parameters and a hash value of the message;
randomly selecting two points from a bilinear mapping group, respectively calculating with the points by using private key information and a hash value to obtain encryption information, selecting a local random number, calculating a third encryption parameter according to the local random number, an original result and the hash value, sending the two encryption information and the third encryption parameter to a first server, sending the two points and the third encryption parameter to a second server, and calculating second verification information by using the local random number and the private key information;
and receiving the results of the calculation feedback of the two servers, verifying the results, and if the results pass the verification, decrypting the results by using the second verification information stored locally.
By way of further limitation, group G is randomly mapped from bilinear with order p1Two points A are selected1And A2And locally calculate
Figure BDA0003421688540000041
And
Figure BDA0003421688540000042
is private key information, and the local random number is a random number k2Calculating y as x + h + k2X is the original result, and h is the hash value of the message and the bilinear pairing of the relevant system parameters.
As an alternative embodiment, the third outsourcing calculation process specifically includes: decomposing information related to the message receiver identification, sending a part of decomposed information, a part of decomposed system parameters and a part of decomposed secret parameters to a first server, and sending another part of decomposed information, the decomposed system parameters and another part of decomposed secret parameters to a second server;
and receiving the calculation feedback results of the two servers, verifying the utilization of the calculation feedback results by using locally stored third verification information related to the two parts of decomposition information, and adding the returned results if the verification is passed to calculate a complete result.
As a further limitation, the original result x is decomposed into t1And t2Sum of x H1(IDB) Decomposed into two numbers t3And t4Sum, and t3And t4Satisfy t3-t4=k3Wherein k is3Is an integer, IDBIs the identity of the message recipient, k1And k3Saved locally, calculating k locally3P and
Figure BDA0003421688540000043
p and QpubIs a system parameter, will t1,t3P and
Figure BDA0003421688540000044
sending t to the first server2,t4P and
Figure BDA0003421688540000045
and sending the data to a second server.
A verifiable security outsourcing computing system for identifying a cryptosystem, comprising:
the terminal equipment of the Internet of things is configured to split confidential parameters in an identification cryptosystem, a part of system parameters and a part of confidential parameters are used as first encryption parameters to be sent to a first server, and the system parameters and the other part of confidential parameters are used as second encryption parameters to be sent to a second server;
receiving results fed back by the calculation of the two servers, verifying by using first verification information which is locally stored and is related to the two parts of confidential parameters, and multiplying the calculation results fed back by the two servers after the verification is successful to obtain a complete calculation result;
calculating a bilinear pairing of the related system parameters and a hash value of the message;
randomly selecting two points from a bilinear mapping group, respectively calculating with the points by using private key information and a hash value to obtain encryption information, selecting a local random number, calculating a third encryption parameter according to the local random number, an original result and the hash value, sending the two encryption information and the third encryption parameter to a first server, sending the two points and the third encryption parameter to a second server, and calculating second verification information by using the local random number and the private key information;
receiving results of calculation feedback of the two servers, verifying the results, and if the results pass the verification, decrypting the results by using second verification information stored locally;
decomposing information related to the message receiver identification, sending a part of decomposed information, a part of decomposed system parameters and a part of decomposed secret parameters to a first server, and sending another part of decomposed information, the decomposed system parameters and another part of decomposed secret parameters to a second server;
receiving the calculation feedback results of the two servers, verifying the utilization of locally stored third verification information related to the two parts of decomposition information, and if the verification is passed, adding the returned results to calculate a complete result;
determining a signature according to the three returned results, and outputting the encrypted message and the encrypted signature;
the first server is configured to receive corresponding information sent by the terminal equipment of the Internet of things, perform corresponding calculation and feed back a calculation result to the terminal equipment of the Internet of things;
and the second server is configured to receive corresponding information sent by the terminal equipment of the Internet of things, perform corresponding calculation and feed back a calculation result to the terminal equipment of the Internet of things.
An electronic device comprising a memory and a processor and computer instructions stored on the memory and executed on the processor, the computer instructions, when executed by the processor, performing the steps of the above method.
A computer readable storage medium storing computer instructions which, when executed by a processor, perform the steps of the above method.
Compared with the prior art, the invention has the beneficial effects that:
for the part needing outsourcing, the terminal equipment of the Internet of things firstly splits the confidential parameters involved in each step, and then respectively sends the encrypted parameters and some public parameters to the two servers for calculation. After the two servers finish corresponding calculation, the calculation result is returned to the Internet of things terminal equipment, and the correctness of the returned result is verified by the Internet of things terminal equipment by using verification information generated in the splitting process. And if the verification is passed, the terminal equipment of the Internet of things decrypts to recover a real calculation result. The computing resources of the terminal equipment of the Internet of things can be greatly saved, and the execution speed is ensured.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, are included to provide a further understanding of the invention, and are incorporated in and constitute a part of this specification, illustrate exemplary embodiments of the invention and together with the description serve to explain the invention and not to limit the invention.
Fig. 1 is a schematic flow chart of the present embodiment.
The specific implementation mode is as follows:
the invention is further described with reference to the following figures and examples.
It is to be understood that the following detailed description is exemplary and is intended to provide further explanation of the invention as claimed. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the invention. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
As shown in fig. 1, for a part needing outsourcing, the terminal device of the internet of things first splits confidential parameters related to each step, and then sends encrypted parameters and some public parameters to two servers for calculation. After the two servers finish corresponding calculation, the calculation result is returned to the Internet of things terminal equipment, and the correctness of the returned result is verified by the Internet of things terminal equipment by using verification information generated in the splitting process. And if the verification is passed, calculating by the Internet of things terminal equipment to recover a real calculation result.
In order to make the technical solution of the present invention more obvious to those skilled in the art, BLMQ signcryption algorithm (IEEE Std 1363.3 standard) is taken as an example for explanation. But does not represent that the present invention can only be used with BLMQ signcryption algorithms.
The system parameters in the BLMQ signcryption algorithm include:
Figure BDA0003421688540000081
wherein G is1,G2And GTIs a group of 3 bilinear maps of order p, and point Q is a group G2The point P is the group G1And satisfy
Figure BDA0003421688540000082
Figure BDA0003421688540000083
Is a mapping function. G ═ e (P, Q) epsilon GTWhere e represents a bilinear mapping relationship. Random slave of terminal equipment of Internet of things
Figure BDA0003421688540000084
Select a number s and calculate the public key Q of the systempub=sQ∈G2. Internet of things terminal equipment selects three hash functions
Figure BDA0003421688540000085
And H3→{0,1}n
Given a message M e {0,1}*The specific process of generating the signature and the encrypted message in the BLMQ signcryption scheme is as follows:
the first step is as follows: message sender from
Figure BDA0003421688540000086
In the random selection of an integerx and calculating r ═ gx=e(P,Q)xThen calculate
Figure BDA0003421688540000087
The second step is that: the message sender calculates H ═ H2(M,r);
The third step: message sender calculation
Figure BDA0003421688540000088
Wherein
Figure BDA0003421688540000089
Is the sender's private key, IDAIs the identity of the sender of the message.
The fourth step: message sender calculation
Figure BDA00034216885400000810
Wherein the IDBIs an identification of the message recipient;
the fifth step: the message sender outputs the encrypted message and the signature (c, S, T).
By utilizing the technical scheme of the invention, the following steps are specifically executed:
the first step is a first outsourcing process for which r ═ e (P, Q) is calculatedxFirst, a transformation is performed according to the bilinear property, so that r is changed into e (xP, Q), and the calculation process of the bilinear pairing e (P, Q) and r is combined. The point P and the point Q are parameters disclosed by the system, so the point P and the point Q can be directly sent to the two servers without additional operation. For x, the terminal device of the internet of things is selected, and the terminal device of the internet of things cannot be disclosed to the two servers. Thus, x is decomposed into two numbers t1And t2Sum, and to satisfy the verifiability of the results, t1And t2Satisfy t1-t2=k1Wherein k is1Is a slave group of terminal equipment of the Internet of things
Figure BDA0003421688540000094
A randomly selected small integer. After decomposing x, parameters are analyzedt1P, Q and e are sent to the server 1, which sends the parameter t2P, Q and e are sent to the server 2, k1Stored locally. And the two servers respectively carry out calculation and return calculation results. K locally stored by terminal equipment of Internet of things1And (6) carrying out verification. And after the verification is successful, multiplying the calculation results returned by the two servers to obtain a complete calculation result.
Wherein, the server 1 calculates: r1=e(t1P, Q), the server 1 will R1Returning to the terminal equipment end of the Internet of things;
the server 2 calculates: r2=e(t2P, Q), the server 2 will R2And returning the data to the terminal equipment end of the Internet of things.
After receiving the result returned by the server, the terminal equipment of the internet of things verifies whether the following equation is true:
Figure BDA0003421688540000091
where g ═ e (P, Q) is one of the disclosed system parameters. If the above equation is true, the terminal device of the internet of things calculates r ═ e (P, Q)x=R1R2And obtaining the final result.
And in the second step, complex operation is not involved, and the terminal equipment of the Internet of things is completed locally.
The third step is the second outsourcing calculation process
Figure BDA0003421688540000092
Figure BDA0003421688540000093
The method comprises private key information of the terminal equipment of the Internet of things, and the private key information cannot be revealed to two servers, so that the private key information needs to be protected and hidden
Figure BDA0003421688540000101
Random slave group G of terminal equipment of Internet of things1Two points A are selected1And A2And locally calculate
Figure BDA0003421688540000102
In addition, x + h is selected by the terminal equipment of the Internet of things, which cannot be disclosed to the server. Therefore, the terminal equipment of the Internet of things randomly slave group
Figure BDA0003421688540000108
In the random selection of a smaller integer k2And calculating y as x + h + k2. After completion, the terminal equipment of the Internet of things sends y, B1And B2Sending to the server 1, and sending y, A1And A2To the server 2. The terminal equipment of the Internet of things sends k to2Stored locally and calculated
Figure BDA0003421688540000104
And the two servers perform corresponding calculation and return calculation results to the terminal equipment of the Internet of things. The terminal equipment of the Internet of things is verified, and if the verification is passed, the terminal equipment of the Internet of things is locally stored
Figure BDA0003421688540000105
Decryption is performed.
Wherein, the server 1 calculates after receiving the data: yB1And yB2And returning the data to the terminal equipment of the Internet of things;
the server 2, upon receiving the data, performs the calculations: yA1And yA2And returning the data to the terminal equipment of the Internet of things.
The terminal equipment of the Internet of things verifies whether the following equation is established or not:
yB1+yA1=yB2+yA2
if yes, the terminal equipment of the Internet of things decrypts
Figure BDA0003421688540000103
The original result was obtained.
The fourth step is a third outsourcing of the computation process, wherein the computation
Figure BDA0003421688540000106
Like the first step, point P and point QpubIs a parameter disclosed by the system, thus point P and point
Figure BDA0003421688540000107
Can be directly sent to the two servers without additional operation. For x, decomposition to t is carried out as in the first step1And t2And (4) summing. For xH1(IDB) Will be xH1(IDB) Decomposed into two numbers t3And t4Sum, and to satisfy the verifiability of the results, t3And t4Satisfy t3-t4=k3Wherein k is3Is controlled by the terminal equipment of the internet of things
Figure BDA0003421688540000119
A small integer randomly selected. After completion, k1And k3Stored locally, and the terminal equipment of the Internet of things calculates k locally3P and
Figure BDA0003421688540000111
will t1,t3P and
Figure BDA0003421688540000112
sends t to the server 12,t4P and
Figure BDA0003421688540000113
to the server 2. The server performs calculation and returns a calculation result. Terminal equipment utilization k of Internet of things3P and
Figure BDA0003421688540000114
and verifying the returned result. And if the verification is passed, adding the returned results to obtain a complete calculation result.
The server 1, upon receiving the data, performs the calculations:
Figure BDA0003421688540000115
and use itReturning to the terminal equipment of the Internet of things;
the server 2, upon receiving the data, performs the calculations:
Figure BDA0003421688540000116
and returns the data to the terminal equipment of the Internet of things.
Whether the following equation is true for the terminal equipment of the internet of things is determined:
Figure BDA0003421688540000117
if true, then the calculation is performed
Figure BDA0003421688540000118
The results were obtained.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Although the embodiments of the present invention have been described with reference to the accompanying drawings, it is not intended to limit the scope of the present invention, and it should be understood by those skilled in the art that various modifications and variations can be made without inventive efforts by those skilled in the art based on the technical solution of the present invention.

Claims (10)

1. A verifiable security outsourcing calculation method for an identification cryptosystem is characterized by comprising the following steps: the method is executed at the terminal equipment of the Internet of things and comprises the following steps:
splitting the secret parameters in the identification cryptosystem for a plurality of times, respectively sending a part of system parameters or/and private key information and a part of secret parameters to a first server, and sending a part of system parameters or/and private key information and another part of secret parameters to a second server;
sequentially receiving results of calculation feedback of the two servers;
verifying by using corresponding verification information related to the two locally stored confidential parameters or the private key information respectively, and calculating the calculation results returned by the two servers after the verification results are correct to obtain a complete result;
and determining the signature according to the calculation results returned for a plurality of times, and outputting the encrypted message and the signature.
2. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: the identification cryptosystem comprises a BLMQ signcryption algorithm.
3. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: the data of the first server and the second server do not produce interaction and collude with each other.
4. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: in the first outsourcing calculation process, the method specifically comprises the following steps: splitting secret parameters in an identification cryptosystem, sending the split secret parameters to a first server by using a part of system parameters and a part of secret parameters as first encryption parameters, and sending the system parameters and the other part of secret parameters to a second server by using the system parameters and the other part of secret parameters as second encryption parameters;
and receiving the calculation feedback results of the two servers, verifying by using the locally stored first verification information related to the two parts of confidential parameters, and multiplying the calculation results returned by the two servers after the verification is successful to obtain a complete result.
5. The verifiable security outsourcing method for identity cryptosystems of claim 4, wherein: the secret parameter is a random number x randomly selected and divided into two numbers t1And t2Sum, t1And t2Satisfy t1-t2=k1,k1Is an integer, and is taken as the first authentication information.
6. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: in the second outsourcing calculation process, the method specifically comprises the following steps: calculating a bilinear pairing of the related system parameters and a hash value of the message;
randomly selecting two points from a bilinear mapping group, respectively calculating with the points by using private key information and a hash value to obtain encryption information, selecting a local random number, calculating a third encryption parameter according to the local random number, an original result and the hash value, sending the two encryption information and the third encryption parameter to a first server, sending the two points and the third encryption parameter to a second server, and calculating second verification information by using the local random number and the private key information;
and receiving the results of the calculation feedback of the two servers, verifying the results, and if the results pass the verification, decrypting the results by using the second verification information stored locally.
7. The verifiable security outsourcing method for identity cryptosystems of claim 6, wherein: group G randomly mapped from bilinear with order p1Two points A are selected1And A2And locally calculate
Figure FDA0003421688530000031
And
Figure FDA0003421688530000032
Figure FDA0003421688530000033
is private key information, and the local random number is a random number k2Calculating y as x + h + k2X is the original result, and h is the hash value of the message and the bilinear pairing of the relevant system parameters.
8. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: in the third outsourcing calculation process, the method specifically comprises the following steps: decomposing information related to the message receiver identification, sending a part of decomposed information, a part of decomposed system parameters and a part of decomposed secret parameters to a first server, and sending another part of decomposed information, the decomposed system parameters and another part of decomposed secret parameters to a second server;
and receiving the calculation feedback results of the two servers, verifying the utilization of the calculation feedback results by using locally stored third verification information related to the two parts of decomposition information, and adding the returned results if the verification is passed to obtain a complete result.
9. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: decomposing the original result x into t1And t2Sum of x H1(IDB) Decomposed into two numbers t3And t4Sum, and t3And t4Satisfy t3-t4=k3Wherein k is3Is an integer, IDBIs the identity of the message recipient, k1And k3Saved locally, calculating k locally3P and
Figure FDA0003421688530000034
p and QpubIs a system parameter, will t1,t3P and
Figure FDA0003421688530000035
sending t to the first server2,t4P and
Figure FDA0003421688530000036
and sending the data to a second server.
10. A verifiable security outsourcing computing system for identifying a cryptosystem, characterized by: the method comprises the following steps:
the terminal equipment of the Internet of things is configured to split confidential parameters in an identification cryptosystem, a part of system parameters and a part of confidential parameters are used as first encryption parameters to be sent to a first server, and the system parameters and the other part of confidential parameters are used as second encryption parameters to be sent to a second server;
receiving results fed back by the calculation of the two servers, verifying by using first verification information which is locally stored and is related to the two parts of confidential parameters, and multiplying the calculation results fed back by the two servers after the verification is successful to obtain a complete result;
calculating a bilinear pairing of the related system parameters and a hash value of the message;
randomly selecting two points from a bilinear mapping group, respectively calculating with the points by using private key information and a hash value to obtain encryption information, selecting a local random number, calculating a third encryption parameter according to the local random number, an original result and the hash value, sending the two encryption information and the third encryption parameter to a first server, sending the two points and the third encryption parameter to a second server, and calculating second verification information by using the local random number and the private key information;
receiving results of calculation feedback of the two servers, verifying the results, and if the results pass the verification, decrypting the results by using second verification information stored locally;
decomposing information related to the message receiver identification, sending a part of decomposed information, a part of decomposed system parameters and a part of decomposed secret parameters to a first server, and sending another part of decomposed information, the decomposed system parameters and another part of decomposed secret parameters to a second server;
receiving the results of calculation feedback of the two servers, verifying the utilization of locally stored third verification information related to the two parts of decomposition information, and adding the returned results to obtain a complete result if the verification is passed;
determining a signature according to the three returned results, and outputting the encrypted message and the encrypted signature;
the first server is configured to receive corresponding information sent by the terminal equipment of the Internet of things, perform corresponding calculation and feed back a calculation result to the terminal equipment of the Internet of things;
and the second server is configured to receive corresponding information sent by the terminal equipment of the Internet of things, perform corresponding calculation and feed back a calculation result to the terminal equipment of the Internet of things.
CN202111564370.4A 2021-12-20 2021-12-20 Verifiable secure outsourcing calculation method and system for identifying cryptosystem Active CN114257374B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111564370.4A CN114257374B (en) 2021-12-20 2021-12-20 Verifiable secure outsourcing calculation method and system for identifying cryptosystem

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111564370.4A CN114257374B (en) 2021-12-20 2021-12-20 Verifiable secure outsourcing calculation method and system for identifying cryptosystem

Publications (2)

Publication Number Publication Date
CN114257374A true CN114257374A (en) 2022-03-29
CN114257374B CN114257374B (en) 2023-08-15

Family

ID=80793215

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111564370.4A Active CN114257374B (en) 2021-12-20 2021-12-20 Verifiable secure outsourcing calculation method and system for identifying cryptosystem

Country Status (1)

Country Link
CN (1) CN114257374B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116318690A (en) * 2023-05-25 2023-06-23 山东大学 Safe outsourcing calculation method and system based on matrix singular value decomposition

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017006118A1 (en) * 2015-07-06 2017-01-12 Barclays Bank Plc Secure distributed encryption system and method
CN106921491A (en) * 2017-02-17 2017-07-04 中国科学院信息工程研究所 A kind of safely and efficiently outsourcing calculates method and system
CN107395368A (en) * 2017-08-18 2017-11-24 北京无字天书科技有限公司 Without the digital signature method in media environment and solution encapsulating method and decryption method
CN109362062A (en) * 2018-11-21 2019-02-19 东北大学 VANETs anonymous authentication system and method based on ID-based group ranking
CN110650017A (en) * 2019-09-02 2020-01-03 西安电子科技大学 Non-bilinear pairing multi-message multi-receiver signcryption method and Internet of things communication system
CN111062029A (en) * 2019-12-17 2020-04-24 湖南安方信息技术有限公司 Multi-factor authentication protocol based on identification password
CN111740837A (en) * 2020-05-18 2020-10-02 北京三未信安科技发展有限公司 Distributed signature method and system based on SM9
CN111953705A (en) * 2020-08-20 2020-11-17 全球能源互联网研究院有限公司 Internet of things identity authentication method and device and electric power Internet of things identity authentication system
CN112822014A (en) * 2021-04-22 2021-05-18 北京信安世纪科技股份有限公司 Data processing method and device, electronic equipment and storage medium
CN113489585A (en) * 2021-07-02 2021-10-08 北京明朝万达科技股份有限公司 Identity authentication method and system of terminal equipment, storage medium and electronic equipment

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017006118A1 (en) * 2015-07-06 2017-01-12 Barclays Bank Plc Secure distributed encryption system and method
CN106921491A (en) * 2017-02-17 2017-07-04 中国科学院信息工程研究所 A kind of safely and efficiently outsourcing calculates method and system
CN107395368A (en) * 2017-08-18 2017-11-24 北京无字天书科技有限公司 Without the digital signature method in media environment and solution encapsulating method and decryption method
CN109362062A (en) * 2018-11-21 2019-02-19 东北大学 VANETs anonymous authentication system and method based on ID-based group ranking
CN110650017A (en) * 2019-09-02 2020-01-03 西安电子科技大学 Non-bilinear pairing multi-message multi-receiver signcryption method and Internet of things communication system
CN111062029A (en) * 2019-12-17 2020-04-24 湖南安方信息技术有限公司 Multi-factor authentication protocol based on identification password
CN111740837A (en) * 2020-05-18 2020-10-02 北京三未信安科技发展有限公司 Distributed signature method and system based on SM9
CN111953705A (en) * 2020-08-20 2020-11-17 全球能源互联网研究院有限公司 Internet of things identity authentication method and device and electric power Internet of things identity authentication system
CN112822014A (en) * 2021-04-22 2021-05-18 北京信安世纪科技股份有限公司 Data processing method and device, electronic equipment and storage medium
CN113489585A (en) * 2021-07-02 2021-10-08 北京明朝万达科技股份有限公司 Identity authentication method and system of terminal equipment, storage medium and electronic equipment

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116318690A (en) * 2023-05-25 2023-06-23 山东大学 Safe outsourcing calculation method and system based on matrix singular value decomposition
CN116318690B (en) * 2023-05-25 2023-08-15 山东大学 Safe outsourcing calculation method and system based on matrix singular value decomposition

Also Published As

Publication number Publication date
CN114257374B (en) 2023-08-15

Similar Documents

Publication Publication Date Title
CN109309569B (en) SM2 algorithm-based collaborative signature method and device and storage medium
CN111066285A (en) Method for recovering public key based on SM2 signature
CN111130804B (en) SM2 algorithm-based collaborative signature method, device, system and medium
CN109245903B (en) Signature method and device for cooperatively generating SM2 algorithm by two parties and storage medium
US9705683B2 (en) Verifiable implicit certificates
CN110120939B (en) Encryption method and system capable of repudiation authentication based on heterogeneous system
CN110545279A (en) block chain transaction method, device and system with privacy and supervision functions
CN107425971B (en) Certificateless data encryption/decryption method and device and terminal
CN109936455B (en) Digital signature method, device and system
CN109767218B (en) Block chain certificate processing method and system
US10630476B1 (en) Obtaining keys from broadcasters in supersingular isogeny-based cryptosystems
CN112464155B (en) Data processing method, multiparty secure computing system and electronic equipment
CN112564907A (en) Key generation method and device, encryption method and device, and decryption method and device
CN112632630A (en) SM 2-based collaborative signature calculation method and device
CN113225371A (en) Electric power Internet of things terminal control instruction encryption and decryption system and method
CN107104788B (en) Terminal and non-repudiation encryption signature method and device thereof
CN114257374B (en) Verifiable secure outsourcing calculation method and system for identifying cryptosystem
CN108664814B (en) Group data integrity verification method based on agent
CN108055134B (en) Collaborative computing method and system for elliptic curve point multiplication and pairing operation
CN111245594B (en) Homomorphic operation-based collaborative signature method and system
CN109102294B (en) Information transmission method and device
CN108768634B (en) Verifiable cryptographic signature generation method and system
CN115834058A (en) Communication encryption method and device and computer equipment
CN111769945A (en) Auction processing method based on block chain and block chain link point
CN112769539B (en) Method and system for generating RSA key and cooperating with RSA signature and decryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant