CN114257374A - Verifiable security outsourcing calculation method and system for identification cryptosystem - Google Patents
Verifiable security outsourcing calculation method and system for identification cryptosystem Download PDFInfo
- Publication number
- CN114257374A CN114257374A CN202111564370.4A CN202111564370A CN114257374A CN 114257374 A CN114257374 A CN 114257374A CN 202111564370 A CN202111564370 A CN 202111564370A CN 114257374 A CN114257374 A CN 114257374A
- Authority
- CN
- China
- Prior art keywords
- parameters
- server
- calculation
- results
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Abstract
The invention provides a verifiable security outsourcing calculation method and a verifiable security outsourcing calculation system for an identification cryptosystem. After the two servers finish corresponding calculation, the calculation result is returned to the Internet of things terminal equipment, and the correctness of the returned result is verified by the Internet of things terminal equipment by using verification information generated in the splitting process. And if the verification is passed, calculating by the terminal equipment of the Internet of things to obtain a real calculation result. The method can be used for outsourcing calculation of algorithms such as data encryption, digital signature and signcryption based on identification, and can save the operation time of the terminal equipment of the Internet of things.
Description
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a verifiable security outsourcing calculation method and system for an identification cryptosystem.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
With the cross fusion and mutual promotion of big data and the technology of the internet of things, mass terminal equipment in the internet of things is used as an important means for data acquisition, a large amount of data is continuously generated and uploaded to a data center, and a network infrastructure for interconnection of everything and data circulation is formed. Among them, security problems such as device identity authentication of massive internet of things terminals, and transmission encryption of confidential and sensitive data are becoming more and more important.
The identification cryptosystem takes the equipment identity information as a public key, does not need to issue a digital certificate, and is very suitable for an application scene of the Internet of things with massive terminals.
The type of the identification cryptosystem mainly comprises a data encryption algorithm, a digital signature algorithm, a key agreement protocol and the like, wherein the identification-based signcryption algorithm is an algorithm integrating data encryption and digital signature, can protect the confidentiality of data content and verify the legality of a data source, and is an important research subject in the field of information security. However, the identification cryptosystem includes a large number of complex mathematical operations, such as bilinear pairing operations, scalar multiplication operations on elliptic curves, modular exponentiation operations, and the like. For the terminal equipment of the internet of things with very limited computing resources, a long time is required to complete the operations.
Disclosure of Invention
The invention provides a verifiable security outsourcing calculation method and system for an identification cryptosystem, aiming at solving the problems.
According to some embodiments, the invention adopts the following technical scheme:
a verifiable security outsourcing calculation method for an identification cryptosystem is executed at terminal equipment of the Internet of things and comprises the following steps:
splitting the secret parameters in the identification cryptosystem for a plurality of times, respectively sending a part of system parameters or/and private key information and a part of secret parameters to a first server, and sending a part of system parameters or/and private key information and another part of secret parameters to a second server;
sequentially receiving results of calculation feedback of the two servers;
verifying the correctness of the calculation results of the two servers by using corresponding verification information related to the two locally stored secret parameters or related to the private key information, and calculating the calculation results returned by the two servers after the verification is successful to synthesize a complete calculation result;
and determining a message encryption result and a signature result according to the calculation results returned for a plurality of times, and outputting an encrypted message ciphertext and a signature result.
As an alternative embodiment, the identification cryptosystem includes a BLMQ signcryption algorithm.
As an alternative embodiment, the data of the first server and the second server do not interact and collude with each other.
As an alternative embodiment, the first outsourcing calculation process specifically includes: splitting secret parameters in an identification cryptosystem, sending a part of system parameters and a part of secret parameters to a first server as first encryption parameters, and sending the system parameters and the other part of secret parameters to a second server as second encryption parameters;
and receiving the calculation feedback results of the two servers, verifying by using the locally stored first verification information related to the two parts of confidential parameters, and multiplying the calculation results returned by the two servers after the verification is successful to obtain a complete calculation result.
By way of further limitation, the secret parameter is a random number x randomly selected, and the x is decomposed into two numbers t1And t2Sum, t1And t2Satisfy t1-t2=k1,k1Is an integer, and is taken as the first authentication information.
As an alternative embodiment, the second outsourcing calculation process specifically includes: calculating a bilinear pairing of the related system parameters and a hash value of the message;
randomly selecting two points from a bilinear mapping group, respectively calculating with the points by using private key information and a hash value to obtain encryption information, selecting a local random number, calculating a third encryption parameter according to the local random number, an original result and the hash value, sending the two encryption information and the third encryption parameter to a first server, sending the two points and the third encryption parameter to a second server, and calculating second verification information by using the local random number and the private key information;
and receiving the results of the calculation feedback of the two servers, verifying the results, and if the results pass the verification, decrypting the results by using the second verification information stored locally.
By way of further limitation, group G is randomly mapped from bilinear with order p1Two points A are selected1And A2And locally calculateAndis private key information, and the local random number is a random number k2Calculating y as x + h + k2X is the original result, and h is the hash value of the message and the bilinear pairing of the relevant system parameters.
As an alternative embodiment, the third outsourcing calculation process specifically includes: decomposing information related to the message receiver identification, sending a part of decomposed information, a part of decomposed system parameters and a part of decomposed secret parameters to a first server, and sending another part of decomposed information, the decomposed system parameters and another part of decomposed secret parameters to a second server;
and receiving the calculation feedback results of the two servers, verifying the utilization of the calculation feedback results by using locally stored third verification information related to the two parts of decomposition information, and adding the returned results if the verification is passed to calculate a complete result.
As a further limitation, the original result x is decomposed into t1And t2Sum of x H1(IDB) Decomposed into two numbers t3And t4Sum, and t3And t4Satisfy t3-t4=k3Wherein k is3Is an integer, IDBIs the identity of the message recipient, k1And k3Saved locally, calculating k locally3P andp and QpubIs a system parameter, will t1,t3P andsending t to the first server2,t4P andand sending the data to a second server.
A verifiable security outsourcing computing system for identifying a cryptosystem, comprising:
the terminal equipment of the Internet of things is configured to split confidential parameters in an identification cryptosystem, a part of system parameters and a part of confidential parameters are used as first encryption parameters to be sent to a first server, and the system parameters and the other part of confidential parameters are used as second encryption parameters to be sent to a second server;
receiving results fed back by the calculation of the two servers, verifying by using first verification information which is locally stored and is related to the two parts of confidential parameters, and multiplying the calculation results fed back by the two servers after the verification is successful to obtain a complete calculation result;
calculating a bilinear pairing of the related system parameters and a hash value of the message;
randomly selecting two points from a bilinear mapping group, respectively calculating with the points by using private key information and a hash value to obtain encryption information, selecting a local random number, calculating a third encryption parameter according to the local random number, an original result and the hash value, sending the two encryption information and the third encryption parameter to a first server, sending the two points and the third encryption parameter to a second server, and calculating second verification information by using the local random number and the private key information;
receiving results of calculation feedback of the two servers, verifying the results, and if the results pass the verification, decrypting the results by using second verification information stored locally;
decomposing information related to the message receiver identification, sending a part of decomposed information, a part of decomposed system parameters and a part of decomposed secret parameters to a first server, and sending another part of decomposed information, the decomposed system parameters and another part of decomposed secret parameters to a second server;
receiving the calculation feedback results of the two servers, verifying the utilization of locally stored third verification information related to the two parts of decomposition information, and if the verification is passed, adding the returned results to calculate a complete result;
determining a signature according to the three returned results, and outputting the encrypted message and the encrypted signature;
the first server is configured to receive corresponding information sent by the terminal equipment of the Internet of things, perform corresponding calculation and feed back a calculation result to the terminal equipment of the Internet of things;
and the second server is configured to receive corresponding information sent by the terminal equipment of the Internet of things, perform corresponding calculation and feed back a calculation result to the terminal equipment of the Internet of things.
An electronic device comprising a memory and a processor and computer instructions stored on the memory and executed on the processor, the computer instructions, when executed by the processor, performing the steps of the above method.
A computer readable storage medium storing computer instructions which, when executed by a processor, perform the steps of the above method.
Compared with the prior art, the invention has the beneficial effects that:
for the part needing outsourcing, the terminal equipment of the Internet of things firstly splits the confidential parameters involved in each step, and then respectively sends the encrypted parameters and some public parameters to the two servers for calculation. After the two servers finish corresponding calculation, the calculation result is returned to the Internet of things terminal equipment, and the correctness of the returned result is verified by the Internet of things terminal equipment by using verification information generated in the splitting process. And if the verification is passed, the terminal equipment of the Internet of things decrypts to recover a real calculation result. The computing resources of the terminal equipment of the Internet of things can be greatly saved, and the execution speed is ensured.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, are included to provide a further understanding of the invention, and are incorporated in and constitute a part of this specification, illustrate exemplary embodiments of the invention and together with the description serve to explain the invention and not to limit the invention.
Fig. 1 is a schematic flow chart of the present embodiment.
The specific implementation mode is as follows:
the invention is further described with reference to the following figures and examples.
It is to be understood that the following detailed description is exemplary and is intended to provide further explanation of the invention as claimed. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the invention. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
As shown in fig. 1, for a part needing outsourcing, the terminal device of the internet of things first splits confidential parameters related to each step, and then sends encrypted parameters and some public parameters to two servers for calculation. After the two servers finish corresponding calculation, the calculation result is returned to the Internet of things terminal equipment, and the correctness of the returned result is verified by the Internet of things terminal equipment by using verification information generated in the splitting process. And if the verification is passed, calculating by the Internet of things terminal equipment to recover a real calculation result.
In order to make the technical solution of the present invention more obvious to those skilled in the art, BLMQ signcryption algorithm (IEEE Std 1363.3 standard) is taken as an example for explanation. But does not represent that the present invention can only be used with BLMQ signcryption algorithms.
The system parameters in the BLMQ signcryption algorithm include:wherein G is1,G2And GTIs a group of 3 bilinear maps of order p, and point Q is a group G2The point P is the group G1And satisfy Is a mapping function. G ═ e (P, Q) epsilon GTWhere e represents a bilinear mapping relationship. Random slave of terminal equipment of Internet of thingsSelect a number s and calculate the public key Q of the systempub=sQ∈G2. Internet of things terminal equipment selects three hash functionsAnd H3→{0,1}n。
Given a message M e {0,1}*The specific process of generating the signature and the encrypted message in the BLMQ signcryption scheme is as follows:
the first step is as follows: message sender fromIn the random selection of an integerx and calculating r ═ gx=e(P,Q)xThen calculate
The second step is that: the message sender calculates H ═ H2(M,r);
The third step: message sender calculationWhereinIs the sender's private key, IDAIs the identity of the sender of the message.
The fourth step: message sender calculationWherein the IDBIs an identification of the message recipient;
the fifth step: the message sender outputs the encrypted message and the signature (c, S, T).
By utilizing the technical scheme of the invention, the following steps are specifically executed:
the first step is a first outsourcing process for which r ═ e (P, Q) is calculatedxFirst, a transformation is performed according to the bilinear property, so that r is changed into e (xP, Q), and the calculation process of the bilinear pairing e (P, Q) and r is combined. The point P and the point Q are parameters disclosed by the system, so the point P and the point Q can be directly sent to the two servers without additional operation. For x, the terminal device of the internet of things is selected, and the terminal device of the internet of things cannot be disclosed to the two servers. Thus, x is decomposed into two numbers t1And t2Sum, and to satisfy the verifiability of the results, t1And t2Satisfy t1-t2=k1Wherein k is1Is a slave group of terminal equipment of the Internet of thingsA randomly selected small integer. After decomposing x, parameters are analyzedt1P, Q and e are sent to the server 1, which sends the parameter t2P, Q and e are sent to the server 2, k1Stored locally. And the two servers respectively carry out calculation and return calculation results. K locally stored by terminal equipment of Internet of things1And (6) carrying out verification. And after the verification is successful, multiplying the calculation results returned by the two servers to obtain a complete calculation result.
Wherein, the server 1 calculates: r1=e(t1P, Q), the server 1 will R1Returning to the terminal equipment end of the Internet of things;
the server 2 calculates: r2=e(t2P, Q), the server 2 will R2And returning the data to the terminal equipment end of the Internet of things.
After receiving the result returned by the server, the terminal equipment of the internet of things verifies whether the following equation is true:
where g ═ e (P, Q) is one of the disclosed system parameters. If the above equation is true, the terminal device of the internet of things calculates r ═ e (P, Q)x=R1R2And obtaining the final result.
And in the second step, complex operation is not involved, and the terminal equipment of the Internet of things is completed locally.
The third step is the second outsourcing calculation process The method comprises private key information of the terminal equipment of the Internet of things, and the private key information cannot be revealed to two servers, so that the private key information needs to be protected and hiddenRandom slave group G of terminal equipment of Internet of things1Two points A are selected1And A2And locally calculateIn addition, x + h is selected by the terminal equipment of the Internet of things, which cannot be disclosed to the server. Therefore, the terminal equipment of the Internet of things randomly slave groupIn the random selection of a smaller integer k2And calculating y as x + h + k2. After completion, the terminal equipment of the Internet of things sends y, B1And B2Sending to the server 1, and sending y, A1And A2To the server 2. The terminal equipment of the Internet of things sends k to2Stored locally and calculatedAnd the two servers perform corresponding calculation and return calculation results to the terminal equipment of the Internet of things. The terminal equipment of the Internet of things is verified, and if the verification is passed, the terminal equipment of the Internet of things is locally storedDecryption is performed.
Wherein, the server 1 calculates after receiving the data: yB1And yB2And returning the data to the terminal equipment of the Internet of things;
the server 2, upon receiving the data, performs the calculations: yA1And yA2And returning the data to the terminal equipment of the Internet of things.
The terminal equipment of the Internet of things verifies whether the following equation is established or not:
yB1+yA1=yB2+yA2
The fourth step is a third outsourcing of the computation process, wherein the computationLike the first step, point P and point QpubIs a parameter disclosed by the system, thus point P and pointCan be directly sent to the two servers without additional operation. For x, decomposition to t is carried out as in the first step1And t2And (4) summing. For xH1(IDB) Will be xH1(IDB) Decomposed into two numbers t3And t4Sum, and to satisfy the verifiability of the results, t3And t4Satisfy t3-t4=k3Wherein k is3Is controlled by the terminal equipment of the internet of thingsA small integer randomly selected. After completion, k1And k3Stored locally, and the terminal equipment of the Internet of things calculates k locally3P andwill t1,t3P andsends t to the server 12,t4P andto the server 2. The server performs calculation and returns a calculation result. Terminal equipment utilization k of Internet of things3P andand verifying the returned result. And if the verification is passed, adding the returned results to obtain a complete calculation result.
The server 1, upon receiving the data, performs the calculations:and use itReturning to the terminal equipment of the Internet of things;
the server 2, upon receiving the data, performs the calculations:and returns the data to the terminal equipment of the Internet of things.
Whether the following equation is true for the terminal equipment of the internet of things is determined:
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Although the embodiments of the present invention have been described with reference to the accompanying drawings, it is not intended to limit the scope of the present invention, and it should be understood by those skilled in the art that various modifications and variations can be made without inventive efforts by those skilled in the art based on the technical solution of the present invention.
Claims (10)
1. A verifiable security outsourcing calculation method for an identification cryptosystem is characterized by comprising the following steps: the method is executed at the terminal equipment of the Internet of things and comprises the following steps:
splitting the secret parameters in the identification cryptosystem for a plurality of times, respectively sending a part of system parameters or/and private key information and a part of secret parameters to a first server, and sending a part of system parameters or/and private key information and another part of secret parameters to a second server;
sequentially receiving results of calculation feedback of the two servers;
verifying by using corresponding verification information related to the two locally stored confidential parameters or the private key information respectively, and calculating the calculation results returned by the two servers after the verification results are correct to obtain a complete result;
and determining the signature according to the calculation results returned for a plurality of times, and outputting the encrypted message and the signature.
2. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: the identification cryptosystem comprises a BLMQ signcryption algorithm.
3. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: the data of the first server and the second server do not produce interaction and collude with each other.
4. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: in the first outsourcing calculation process, the method specifically comprises the following steps: splitting secret parameters in an identification cryptosystem, sending the split secret parameters to a first server by using a part of system parameters and a part of secret parameters as first encryption parameters, and sending the system parameters and the other part of secret parameters to a second server by using the system parameters and the other part of secret parameters as second encryption parameters;
and receiving the calculation feedback results of the two servers, verifying by using the locally stored first verification information related to the two parts of confidential parameters, and multiplying the calculation results returned by the two servers after the verification is successful to obtain a complete result.
5. The verifiable security outsourcing method for identity cryptosystems of claim 4, wherein: the secret parameter is a random number x randomly selected and divided into two numbers t1And t2Sum, t1And t2Satisfy t1-t2=k1,k1Is an integer, and is taken as the first authentication information.
6. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: in the second outsourcing calculation process, the method specifically comprises the following steps: calculating a bilinear pairing of the related system parameters and a hash value of the message;
randomly selecting two points from a bilinear mapping group, respectively calculating with the points by using private key information and a hash value to obtain encryption information, selecting a local random number, calculating a third encryption parameter according to the local random number, an original result and the hash value, sending the two encryption information and the third encryption parameter to a first server, sending the two points and the third encryption parameter to a second server, and calculating second verification information by using the local random number and the private key information;
and receiving the results of the calculation feedback of the two servers, verifying the results, and if the results pass the verification, decrypting the results by using the second verification information stored locally.
7. The verifiable security outsourcing method for identity cryptosystems of claim 6, wherein: group G randomly mapped from bilinear with order p1Two points A are selected1And A2And locally calculateAnd is private key information, and the local random number is a random number k2Calculating y as x + h + k2X is the original result, and h is the hash value of the message and the bilinear pairing of the relevant system parameters.
8. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: in the third outsourcing calculation process, the method specifically comprises the following steps: decomposing information related to the message receiver identification, sending a part of decomposed information, a part of decomposed system parameters and a part of decomposed secret parameters to a first server, and sending another part of decomposed information, the decomposed system parameters and another part of decomposed secret parameters to a second server;
and receiving the calculation feedback results of the two servers, verifying the utilization of the calculation feedback results by using locally stored third verification information related to the two parts of decomposition information, and adding the returned results if the verification is passed to obtain a complete result.
9. The verifiable security outsourcing method for identity cryptosystems of claim 1, wherein: decomposing the original result x into t1And t2Sum of x H1(IDB) Decomposed into two numbers t3And t4Sum, and t3And t4Satisfy t3-t4=k3Wherein k is3Is an integer, IDBIs the identity of the message recipient, k1And k3Saved locally, calculating k locally3P andp and QpubIs a system parameter, will t1,t3P andsending t to the first server2,t4P andand sending the data to a second server.
10. A verifiable security outsourcing computing system for identifying a cryptosystem, characterized by: the method comprises the following steps:
the terminal equipment of the Internet of things is configured to split confidential parameters in an identification cryptosystem, a part of system parameters and a part of confidential parameters are used as first encryption parameters to be sent to a first server, and the system parameters and the other part of confidential parameters are used as second encryption parameters to be sent to a second server;
receiving results fed back by the calculation of the two servers, verifying by using first verification information which is locally stored and is related to the two parts of confidential parameters, and multiplying the calculation results fed back by the two servers after the verification is successful to obtain a complete result;
calculating a bilinear pairing of the related system parameters and a hash value of the message;
randomly selecting two points from a bilinear mapping group, respectively calculating with the points by using private key information and a hash value to obtain encryption information, selecting a local random number, calculating a third encryption parameter according to the local random number, an original result and the hash value, sending the two encryption information and the third encryption parameter to a first server, sending the two points and the third encryption parameter to a second server, and calculating second verification information by using the local random number and the private key information;
receiving results of calculation feedback of the two servers, verifying the results, and if the results pass the verification, decrypting the results by using second verification information stored locally;
decomposing information related to the message receiver identification, sending a part of decomposed information, a part of decomposed system parameters and a part of decomposed secret parameters to a first server, and sending another part of decomposed information, the decomposed system parameters and another part of decomposed secret parameters to a second server;
receiving the results of calculation feedback of the two servers, verifying the utilization of locally stored third verification information related to the two parts of decomposition information, and adding the returned results to obtain a complete result if the verification is passed;
determining a signature according to the three returned results, and outputting the encrypted message and the encrypted signature;
the first server is configured to receive corresponding information sent by the terminal equipment of the Internet of things, perform corresponding calculation and feed back a calculation result to the terminal equipment of the Internet of things;
and the second server is configured to receive corresponding information sent by the terminal equipment of the Internet of things, perform corresponding calculation and feed back a calculation result to the terminal equipment of the Internet of things.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111564370.4A CN114257374B (en) | 2021-12-20 | 2021-12-20 | Verifiable secure outsourcing calculation method and system for identifying cryptosystem |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111564370.4A CN114257374B (en) | 2021-12-20 | 2021-12-20 | Verifiable secure outsourcing calculation method and system for identifying cryptosystem |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114257374A true CN114257374A (en) | 2022-03-29 |
CN114257374B CN114257374B (en) | 2023-08-15 |
Family
ID=80793215
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111564370.4A Active CN114257374B (en) | 2021-12-20 | 2021-12-20 | Verifiable secure outsourcing calculation method and system for identifying cryptosystem |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114257374B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116318690A (en) * | 2023-05-25 | 2023-06-23 | 山东大学 | Safe outsourcing calculation method and system based on matrix singular value decomposition |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017006118A1 (en) * | 2015-07-06 | 2017-01-12 | Barclays Bank Plc | Secure distributed encryption system and method |
CN106921491A (en) * | 2017-02-17 | 2017-07-04 | 中国科学院信息工程研究所 | A kind of safely and efficiently outsourcing calculates method and system |
CN107395368A (en) * | 2017-08-18 | 2017-11-24 | 北京无字天书科技有限公司 | Without the digital signature method in media environment and solution encapsulating method and decryption method |
CN109362062A (en) * | 2018-11-21 | 2019-02-19 | 东北大学 | VANETs anonymous authentication system and method based on ID-based group ranking |
CN110650017A (en) * | 2019-09-02 | 2020-01-03 | 西安电子科技大学 | Non-bilinear pairing multi-message multi-receiver signcryption method and Internet of things communication system |
CN111062029A (en) * | 2019-12-17 | 2020-04-24 | 湖南安方信息技术有限公司 | Multi-factor authentication protocol based on identification password |
CN111740837A (en) * | 2020-05-18 | 2020-10-02 | 北京三未信安科技发展有限公司 | Distributed signature method and system based on SM9 |
CN111953705A (en) * | 2020-08-20 | 2020-11-17 | 全球能源互联网研究院有限公司 | Internet of things identity authentication method and device and electric power Internet of things identity authentication system |
CN112822014A (en) * | 2021-04-22 | 2021-05-18 | 北京信安世纪科技股份有限公司 | Data processing method and device, electronic equipment and storage medium |
CN113489585A (en) * | 2021-07-02 | 2021-10-08 | 北京明朝万达科技股份有限公司 | Identity authentication method and system of terminal equipment, storage medium and electronic equipment |
-
2021
- 2021-12-20 CN CN202111564370.4A patent/CN114257374B/en active Active
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017006118A1 (en) * | 2015-07-06 | 2017-01-12 | Barclays Bank Plc | Secure distributed encryption system and method |
CN106921491A (en) * | 2017-02-17 | 2017-07-04 | 中国科学院信息工程研究所 | A kind of safely and efficiently outsourcing calculates method and system |
CN107395368A (en) * | 2017-08-18 | 2017-11-24 | 北京无字天书科技有限公司 | Without the digital signature method in media environment and solution encapsulating method and decryption method |
CN109362062A (en) * | 2018-11-21 | 2019-02-19 | 东北大学 | VANETs anonymous authentication system and method based on ID-based group ranking |
CN110650017A (en) * | 2019-09-02 | 2020-01-03 | 西安电子科技大学 | Non-bilinear pairing multi-message multi-receiver signcryption method and Internet of things communication system |
CN111062029A (en) * | 2019-12-17 | 2020-04-24 | 湖南安方信息技术有限公司 | Multi-factor authentication protocol based on identification password |
CN111740837A (en) * | 2020-05-18 | 2020-10-02 | 北京三未信安科技发展有限公司 | Distributed signature method and system based on SM9 |
CN111953705A (en) * | 2020-08-20 | 2020-11-17 | 全球能源互联网研究院有限公司 | Internet of things identity authentication method and device and electric power Internet of things identity authentication system |
CN112822014A (en) * | 2021-04-22 | 2021-05-18 | 北京信安世纪科技股份有限公司 | Data processing method and device, electronic equipment and storage medium |
CN113489585A (en) * | 2021-07-02 | 2021-10-08 | 北京明朝万达科技股份有限公司 | Identity authentication method and system of terminal equipment, storage medium and electronic equipment |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116318690A (en) * | 2023-05-25 | 2023-06-23 | 山东大学 | Safe outsourcing calculation method and system based on matrix singular value decomposition |
CN116318690B (en) * | 2023-05-25 | 2023-08-15 | 山东大学 | Safe outsourcing calculation method and system based on matrix singular value decomposition |
Also Published As
Publication number | Publication date |
---|---|
CN114257374B (en) | 2023-08-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109309569B (en) | SM2 algorithm-based collaborative signature method and device and storage medium | |
CN111066285A (en) | Method for recovering public key based on SM2 signature | |
CN111130804B (en) | SM2 algorithm-based collaborative signature method, device, system and medium | |
CN109245903B (en) | Signature method and device for cooperatively generating SM2 algorithm by two parties and storage medium | |
US9705683B2 (en) | Verifiable implicit certificates | |
CN110120939B (en) | Encryption method and system capable of repudiation authentication based on heterogeneous system | |
CN110545279A (en) | block chain transaction method, device and system with privacy and supervision functions | |
CN107425971B (en) | Certificateless data encryption/decryption method and device and terminal | |
CN109936455B (en) | Digital signature method, device and system | |
CN109767218B (en) | Block chain certificate processing method and system | |
US10630476B1 (en) | Obtaining keys from broadcasters in supersingular isogeny-based cryptosystems | |
CN112464155B (en) | Data processing method, multiparty secure computing system and electronic equipment | |
CN112564907A (en) | Key generation method and device, encryption method and device, and decryption method and device | |
CN112632630A (en) | SM 2-based collaborative signature calculation method and device | |
CN113225371A (en) | Electric power Internet of things terminal control instruction encryption and decryption system and method | |
CN107104788B (en) | Terminal and non-repudiation encryption signature method and device thereof | |
CN114257374B (en) | Verifiable secure outsourcing calculation method and system for identifying cryptosystem | |
CN108664814B (en) | Group data integrity verification method based on agent | |
CN108055134B (en) | Collaborative computing method and system for elliptic curve point multiplication and pairing operation | |
CN111245594B (en) | Homomorphic operation-based collaborative signature method and system | |
CN109102294B (en) | Information transmission method and device | |
CN108768634B (en) | Verifiable cryptographic signature generation method and system | |
CN115834058A (en) | Communication encryption method and device and computer equipment | |
CN111769945A (en) | Auction processing method based on block chain and block chain link point | |
CN112769539B (en) | Method and system for generating RSA key and cooperating with RSA signature and decryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |