CN114448623A - Proxy signature and verification method, proxy key generation method, device and system - Google Patents

Proxy signature and verification method, proxy key generation method, device and system Download PDF

Info

Publication number
CN114448623A
CN114448623A CN202210079399.1A CN202210079399A CN114448623A CN 114448623 A CN114448623 A CN 114448623A CN 202210079399 A CN202210079399 A CN 202210079399A CN 114448623 A CN114448623 A CN 114448623A
Authority
CN
China
Prior art keywords
proxy
key
output value
proxy signature
private key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210079399.1A
Other languages
Chinese (zh)
Inventor
沈建祥
韦张勇
廖永光
冯硕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN202210079399.1A priority Critical patent/CN114448623A/en
Publication of CN114448623A publication Critical patent/CN114448623A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3033Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/76Proxy, i.e. using intermediary entity to perform cryptographic operations

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The disclosure provides a proxy signature and verification method, a proxy key generation method, a device and a system, wherein the proxy signature method comprises the following steps: the method comprises the steps of obtaining system parameters, a second private key, a first public key, a proxy secret key, authorization information and a target message, wherein the system parameters comprise a bilinear mapping function, a preset large prime number, an addition cyclic group, a multiplication cyclic group, a generator and a hash function; inputting the proxy key and the generating element into a bilinear mapping function to obtain a first output value, and inputting a result obtained by processing the authorization information by using a hash function and a first public key into the bilinear mapping function to obtain a second output value; and under the condition that the first output value is equal to the second output value, performing power operation on a result obtained by processing the target message by using the hash function by taking the second private key as a power exponent to obtain a third value, and taking the sum of the third value and the proxy key as a proxy signature of the target message. The proxy signature and verification process is short, efficient and high in safety.

Description

Proxy signature and verification method, proxy key generation method, device and system
Technical Field
The disclosure belongs to the field of data security, and particularly relates to a proxy signature and verification method, a proxy key generation method, a proxy signature and verification device, and a proxy key generation system.
Background
This section is intended to provide a background or context to the embodiments of the disclosure. The description herein is not admitted to be prior art by inclusion in this section.
In real society, some users (hereinafter referred to as original users) may not be able to digitally sign themselves for some reasons during business, and therefore need to temporarily delegate their signing authority to a reliable proxy user so that the proxy user can sign themselves digitally instead.
In order to guarantee the rights of the entrusting user and the agent user and improve the safety of the agent signature process, on one hand, the agent user and the original user are ensured to be distinguishable in signature of the same message, and on the other hand, the agent user is ensured not to be capable of deducing the private key of the original user.
Disclosure of Invention
The disclosure provides a proxy signature and verification method, a proxy key generation method, a proxy signature and verification device and a proxy key generation system.
The embodiments of the present disclosure provide the following: a proxy signature method, comprising:
obtaining a system parameter, a second private key, a first public key, a proxy key, authorization information and a target message, wherein the system parameter includes a bilinear mapping function, a preset large prime number, an addition cyclic group, a multiplication cyclic group, a generator and a hash function, the order of the addition cyclic group is the preset large prime number, the order of the multiplication cyclic group is the preset large prime number, the generator belongs to the addition cyclic group, a first input value and a second input value of the bilinear mapping belong to the addition cyclic group, an output value of the bilinear mapping belongs to the multiplication cyclic group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition cyclic group, the proxy key is a calculation result obtained by performing a power operation on an output value obtained by processing the authorization information by the hash function with the first private key as a power exponent, the first public key is a numerical value obtained by performing exponentiation on the generator by taking the first private key as an exponentiation, the first private key is a positive integer less than or equal to the first preset large prime number, the second private key is a positive integer less than or equal to the preset large prime number, and a numerical value obtained by performing exponentiation on the generator by taking the second private key as an exponentiation is taken as a second public key corresponding to the second private key;
inputting the proxy key and the generator into the bilinear mapping function to obtain a first output value, and inputting a result obtained by processing the authorization information by using the hash function and the first public key into the bilinear mapping function to obtain a second output value;
and under the condition that the first output value is equal to the second output value, performing power operation on a result obtained by processing the target message by using the hash function by taking the second private key as a power exponent to obtain a third numerical value, and taking the sum of the third numerical value and the proxy secret key as a proxy signature of the target message.
The embodiments of the present disclosure provide the following: a proxy signature verification method, the proxy signature being generated according to the aforementioned proxy signature method, the proxy signature verification method comprising:
acquiring the system parameter, the first public key, the second public key, a target message, the authorization information and a proxy signature of the target message;
and a signature verification step, wherein the proxy signature and the generator are input into the bilinear mapping function to obtain a third output value, a result obtained by processing the target message by using the hash function and the second public key are input into the bilinear mapping function to obtain a fourth output value, a result obtained by processing the authorization information by using the hash function and the first public key are input into the bilinear mapping function to obtain a fifth output value, and the proxy signature verification is passed under the condition that the product of the fourth output value and the fifth output value is equal to the third output value.
The embodiments of the present disclosure provide the following: a method of generating a proxy key, comprising:
the method comprises the steps of obtaining system public parameters, authorization information and a first private key, wherein the system parameters comprise a bilinear mapping function, a preset large prime number, an addition cycle group, a multiplication cycle group, a generating element and a hash function, the order of the addition cycle group is the preset large prime number, the order of the multiplication cycle group is the preset large prime number, the generating element belongs to the addition cycle group, a first input value and a second input value of the bilinear mapping belong to the addition cycle group, an output value of the bilinear mapping belongs to the multiplication cycle group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition cycle group, and the first private key is a positive integer smaller than or equal to the first preset large prime number;
and performing an exponentiation operation on an output value obtained by processing the authorization information by using the hash function by taking the first private key as an exponentiation to obtain a proxy key corresponding to the authorization information.
The embodiments of the present disclosure provide the following: a proxy signature generating apparatus comprising:
a first obtaining module, configured to obtain a system parameter, a second private key, a first public key, a proxy key, authorization information, and a target message, where the system parameter includes a bilinear mapping function, a preset large prime number, an addition round group, a multiplication round group, a generator, and a hash function, the order of the addition round group is the preset large prime number, the order of the multiplication round group is the preset large prime number, the generator belongs to the addition round group, a first input value and a second input value of the bilinear mapping belong to the addition round group, an output value of the bilinear mapping belongs to the multiplication round group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition round group, and the proxy key is a calculation result obtained by performing a power operation on an output value obtained by processing the authorization information with the hash function using the first private key as a power exponent, the first public key is a numerical value obtained by performing exponentiation on the generator by taking the first private key as an exponentiation, the first private key is a positive integer less than or equal to the first preset large prime number, the second private key is a positive integer less than or equal to the preset large prime number, and a numerical value obtained by performing exponentiation on the generator by taking the second private key as an exponentiation is taken as a second public key corresponding to the second private key;
a first verification module, configured to input the proxy key and the generator to the bilinear mapping function to obtain a first output value, and input a result obtained by processing the authorization information using the hash function and the first public key to the bilinear mapping function to obtain a second output value;
and the proxy signature module is used for performing power operation on a result obtained by processing the target message by using the hash function by taking the second private key as a power exponent under the condition that the first output value is equal to the second output value to obtain a third numerical value, and taking the sum of the third numerical value and the proxy secret key as a proxy signature of the target message.
The embodiments of the present disclosure provide the following: a proxy signature generating apparatus comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform: the aforementioned proxy signature method.
The embodiments of the present disclosure provide the following: a proxy signature verification apparatus, the proxy signature being generated by the aforementioned proxy signature generation apparatus, the proxy signature verification apparatus comprising:
a second obtaining module, configured to obtain the system parameter, the first public key, the second public key, a target message, the authorization information, and an agent signature for the target message;
and a second verification module, configured to perform a signature verification step, where the proxy signature and the generator are input to the bilinear mapping function to obtain a third output value, a result obtained by processing the target message using the hash function and the second public key are input to the bilinear mapping function to obtain a fourth output value, a result obtained by processing the authorization information using the hash function and the first public key are input to the bilinear mapping function to obtain a fifth output value, and the proxy signature passes verification when a product of the fourth output value and the fifth output value is equal to the third output value.
The embodiments of the present disclosure provide the following: a proxy signature verification apparatus comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform: the aforementioned proxy signature verification method.
The embodiments of the present disclosure provide the following: a proxy key generation apparatus comprising:
a third obtaining module, configured to obtain a system public parameter, authorization information, and a first private key, where the system parameter includes a bilinear mapping function, a preset large prime number, an addition cycle group, a multiplication cycle group, a generator, and a hash function, where the order of the addition cycle group is the preset large prime number, the order of the multiplication cycle group is the preset large prime number, the generator belongs to the addition cycle group, a first input value and a second input value of the bilinear mapping belong to the addition cycle group, an output value of the bilinear mapping belongs to the multiplication cycle group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition cycle group, and the first private key is a positive integer smaller than or equal to the first preset large prime number;
and the proxy key generating module is used for performing power operation on an output value obtained by processing the authorization information by using the hash function by taking the first private key as a power exponent to obtain a proxy key corresponding to the authorization information.
The embodiments of the present disclosure provide the following: a proxy key generation apparatus comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform: the proxy key generation method is described above.
The embodiments of the present disclosure provide the following: a proxy signature system comprising: the proxy signature generation device, the proxy signature verification device, the proxy key generation device, the parameter generation device, and the key generation device, the parameter generating device is configured to generate the system parameter, the key pair generating device is configured to generate a first secret key pair and a second secret key pair according to the system parameter, wherein a first private key of the first private key pair is a positive integer less than or equal to the first predetermined large prime number, a first public key of the first private key pair is a numerical value obtained by performing exponentiation on the generator with the first private key as an exponent, the second private key of the second private key pair is a positive integer less than or equal to the predetermined large prime number, and the second public key in the second secret key pair is a numerical value obtained by performing exponentiation on the generator by taking the second private key as an exponentiation.
The proxy signature obtained by the scheme provided by the embodiment of the disclosure is short and efficient. Based on the difficulty of the discrete logarithm problem, which is a mathematical difficulty problem, the proxy signature has high security. Further, the original user signature on the target message and the proxy user signature on the target message are distinguishable. Furthermore, the proxy user can not deduce the private key of the original user according to the proxy key, so that the security of the private key of the original user is guaranteed. Meanwhile, any user (including the original user) except the proxy user cannot generate the proxy signature, and the benefit of the proxy user is protected.
It should be understood that the above description is only an overview of the technical solutions of the present disclosure, so that the technical solutions of the present disclosure can be more clearly understood and implemented according to the contents of the specification. In order to make the aforementioned and other objects, features and advantages of the present disclosure comprehensible, specific embodiments thereof are described below.
Drawings
Fig. 1 is a schematic structural diagram of a proxy signature system according to an embodiment of the present disclosure.
Fig. 2 is a flowchart illustrating a proxy signature method according to an embodiment of the disclosure.
Fig. 3 is a flowchart illustrating a proxy signature verification method according to an embodiment of the disclosure.
Fig. 4 is a flowchart illustrating a method for generating a proxy key according to an embodiment of the disclosure.
Fig. 5a and 5b are schematic structural diagrams of a proxy signature generation apparatus according to an embodiment of the present disclosure.
Fig. 6a and 6b are schematic structural diagrams of a proxy signature verification apparatus according to an embodiment of the present disclosure.
Fig. 7a and 7b are schematic structural diagrams of a proxy key generation apparatus according to an embodiment of the present disclosure.
Detailed Description
It should be noted that, in the present disclosure, the embodiments and features of the embodiments may be combined with each other without conflict. The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Referring to fig. 1, in an embodiment of the present disclosure, a proxy signature system includes: a parameter generation apparatus 1, a key pair generation apparatus 2, a proxy key generation apparatus 3, a proxy signature generation apparatus 4, and a proxy signature verification apparatus 5. The proxy key generation apparatus 3 may be a device held by the authorized user, such as a mobile phone or a computer. The proxy signature generation device 4 is a device held by the proxy user, and is, for example, a mobile phone or a computer. The proxy signature generated by the proxy signature generating means 4 can be verified by the proxy signature verifying means 5. The proxy signature may be directly transmitted to the proxy signature verification apparatus 5 by the proxy signature generation apparatus 4, or may be transmitted to another device by the proxy signature generation apparatus 4 and then transmitted to the proxy signature verification apparatus 5 by another device to verify the proxy signature. The proxy signature generation means 4 and proxy signature verification means may also interact with a trusted timestamp server.
Fig. 2 is a flowchart illustrating a proxy signature method for generating a proxy signature according to an embodiment of the disclosure. In this flow, from the device perspective, the execution subject may be one or more electronic devices; from the program perspective, the execution main body may accordingly be a program loaded on these electronic devices.
In conjunction with the system framework provided in fig. 1, the step of performing proxy signing may include steps 101 through 103 in fig. 2.
Step 101, obtaining a system parameter, a second private key, a first public key, a proxy secret key, authorization information and a target message, wherein the system parameter includes a bilinear mapping function, a preset large prime number, an addition cyclic group, a multiplication cyclic group, a generator and a hash function, the order of the addition cyclic group is the preset large prime number, the order of the multiplication cyclic group is the preset large prime number, the generator belongs to the addition cyclic group, a first input value and a second input value of the bilinear mapping belong to the addition cyclic group, an output value of the bilinear mapping belongs to the multiplication cyclic group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition cyclic group, and the proxy secret key is a calculation result obtained by performing a power operation on an output value obtained by processing the authorization information by the hash function with the first private key as a power exponent, the first public key is a numerical value obtained by performing exponentiation on the generator with the first private key as an exponentiation, the first private key is a positive integer less than or equal to the first preset large prime number, the second private key is a positive integer less than or equal to the preset large prime number, and a numerical value obtained by performing exponentiation on the generator with the second private key as an exponentiation is used as a second public key corresponding to the second private key.
The system parameters may be acquired from the parameter generation apparatus 1. The second private key may be obtained from the key pair generation apparatus 2. The proxy key may be acquired from the proxy key generation apparatus 3. The authorization information is sent from the proxy user to the proxy user, and is sent from the proxy key generation apparatus 3 to the proxy signature generation apparatus 4, for example. The target message is the information that needs to be signed (e.g., an electronic contract).
Specifically, the parameter generation apparatus 1 is used to generate system parameters. The key pair generating device 2 is configured to generate a first key pair and a second key pair according to the system parameter. The key pair generation apparatus 2 sends the first private key of the first private key pair to the proxy key generation apparatus 3, sends the second private key of the second private key pair to the proxy signature generation apparatus 4, and publicly obtains the first public key of the first private key pair and the second public key of the second private key pair. The proxy key generation apparatus 3 transmits the proxy key to the proxy signature generation apparatus 4 through a public channel.
The system parameters may be signedparams, wherein params ═ G1,G2,e,q,P,H1},qTo preset a large prime number, G1For additive cyclic groups of order q, G2For a multiplication loop group of order q, e is a bilinear map e: g1×G1→G2P is from G1One randomly selected element as generator, H1As a hash function H1:{0,1}*→G1
"exponentiation" in the present application refers to repeatedly performing operations in "groups", and if the group is an addition cycle group, repeatedly performing an addition operation on a number is mathematically equivalent to multiplying the number by the exponent.
Referring to fig. 4, the key pair generation apparatus 2 performs the following steps, thereby generating a first key pair and a second key pair.
301, obtaining a system public parameter, authorization information, and a first private key, where the system parameter includes a bilinear mapping function, a preset large prime number, an addition cycle group, a multiplication cycle group, a generator, and a hash function, the order of the addition cycle group is the preset large prime number, the order of the multiplication cycle group is the preset large prime number, the generator belongs to the addition cycle group, a first input value and a second input value of the bilinear mapping belong to the addition cycle group, an output value of the bilinear mapping belongs to the multiplication cycle group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition cycle group, and the first private key is a positive integer less than or equal to the first preset large prime number.
Step 302, taking the first private key as a power exponent to perform a power operation on an output value obtained by processing the authorization information by using the hash function, so as to obtain a proxy key corresponding to the authorization information.
Expressed symbolically, the key pair is generated by a first key pair and a second key pair provided by the generating means 2: random selection
Figure BDA0003485488130000061
As the first private key, the first private key is denoted as SKACalculating PKA=xAP is taken as the first public key; random selection
Figure BDA0003485488130000062
As the second private key, the second private key is denoted as SKBCalculating PKB=xBP as the second public key.
The electronic equipment held by the original user uses the first private key SKASigning authorization information M to obtain proxy key SKABThe process of (2) is as follows: SKAB=SKAH1(M). Secure proxy Key SKABSent to agent B over the open channel. The authorization information includes, for example, an authorizing party, an authorized party, and an authorization validity period. The authorization information includes information of the authorized party and also indicates the second public key obtained by the proxy signature verification apparatus 5 from the key pair generation apparatus 2. Since the third party impersonating the authorized party cannot determine the second private key, verification of the proxy signature made by the third party based on the second public key will fail.
Step 102, inputting the proxy key and the generator into the bilinear mapping function to obtain a first output value, and inputting a result obtained by processing the authorization information by using the hash function and the first public key into the bilinear mapping function to obtain a second output value.
Proxy user held electronic device to proxy key SKABThe following validation was performed: verification equation e (SK)AB,P)=e(H1(M),PKA) Whether or not this is true. If the equation is established, the proxy key is valid, otherwise the proxy key is validAnd (4) invalidation.
Step 103, when the first output value is equal to the second output value, performing a power operation on a result obtained by processing the target message by using the hash function with the second private key as a power exponent to obtain a third value, and taking a sum of the third value and the proxy key as a proxy signature for the target message.
Proxy user held electronic device calculates sigma SKBH1(m)+SKABWherein, σ is the proxy signature made by the proxy user on the target message m.
Referring to fig. 3, the proxy signature verification apparatus 5 performs the following steps, thereby verifying the target message.
Step 201, obtaining the system parameter, the first public key, the second public key, a target message, the authorization information, and a proxy signature for the target message.
Step 203, a signature verification step, in which the proxy signature and the generator are input to the bilinear mapping function to obtain a third output value, a result obtained by processing the target message using the hash function and the second public key are input to the bilinear mapping function to obtain a fourth output value, a result obtained by processing the authorization information using the hash function and the first public key are input to the bilinear mapping function to obtain a fifth output value, and the proxy signature verification is passed when a product of the fourth output value and the fifth output value is equal to the third output value.
Specifically, the equation e (σ, P) is checked as e (H)1(m),PKB)e(H1(M),PKA) Whether or not this is true. If the equation is true, the proxy signature verification passes, otherwise the proxy signature verification fails.
In some embodiments, the proxy signature generating device 4 further performs step 104 of sending the proxy signature to a timestamp server to obtain a digital timestamp of the proxy signature; wherein the authorization information comprises an authorizer, an authorized party and an authorization validity period, and the digital timestamp is attached to the proxy signature.
Correspondingly, the proxy signature verifying device 5 further executes step 202 to determine whether the time identified by the digital timestamp attached to the proxy signature is within the authorized validity period, and if so, executes the signature verifying step, otherwise, determines that the proxy signature is invalid.
The original user signs the authorization information containing the validity period of the proxy key to generate the proxy key, and the timestamp technology is matched, so that the control of the original user on the validity period of the proxy signature right of the proxy user is conveniently and simply realized, and the application cost of the proxy signature system is reduced.
Based on the same technical concept, the embodiment of the present disclosure further provides a proxy signature generating device, configured to execute the proxy signature method provided in any of the embodiments. Fig. 5a is a schematic structural diagram of a proxy signature generating apparatus according to an embodiment of the present disclosure. Specifically, the proxy signature generating apparatus may be implemented in a hardware form such as an Application Specific Integrated Circuit (ASIC), a Micro Control Unit (MCU), or the like.
As shown in fig. 5a, the proxy signature generating apparatus 4 includes:
a first obtaining module 41, configured to obtain a system parameter, a second private key, a first public key, a proxy key, authorization information, and a target message, where the system parameter includes a bilinear mapping function, a preset large prime number, an addition round group, a multiplication round group, a generator, and a hash function, the order of the addition round group is the preset large prime number, the order of the multiplication round group is the preset large prime number, the generator belongs to the addition round group, a first input value and a second input value of the bilinear mapping belong to the addition round group, an output value of the bilinear mapping belongs to the multiplication round group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition round group, and the proxy key is a calculation result obtained by performing a power operation on an output value obtained by processing the authorization information with the hash function by using the first private key as a power exponent, the first public key is a numerical value obtained by performing exponentiation on the generator by taking the first private key as an exponentiation, the first private key is a positive integer less than or equal to the first preset large prime number, the second private key is a positive integer less than or equal to the preset large prime number, and a numerical value obtained by performing exponentiation on the generator by taking the second private key as an exponentiation is taken as a second public key corresponding to the second private key;
a first verification module 42, configured to input the proxy key and the generator to the bilinear mapping function to obtain a first output value, and input a result obtained by processing the authorization information using the hash function and the first public key to the bilinear mapping function to obtain a second output value;
and a proxy signature module 43, configured to, when the first output value is equal to the second output value, perform a power operation on a result obtained by processing the target message by using the hash function with the second private key as a power exponent to obtain a third value, and use a sum of the third value and the proxy key as a proxy signature for the target message.
In some embodiments, the proxy signature generating apparatus 4 further includes a timestamp obtaining module 44, configured to send the proxy signature to a timestamp server to obtain a digital timestamp of the proxy signature; wherein the authorization information comprises an authorizing party, an authorized party and an authorization validity period, and the digital timestamp is attached to the proxy signature.
Fig. 5b is a proxy signature generating apparatus 4 according to an embodiment of the present disclosure, configured to execute the proxy signature method of the foregoing embodiment, where the proxy signature generating apparatus 4 includes: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the aforementioned proxy signing method.
Based on the same technical concept, the embodiment of the present disclosure further provides a proxy signature verification apparatus, configured to execute the proxy signature verification method provided in any of the embodiments. Fig. 6a is a schematic structural diagram of a proxy signature verification apparatus according to an embodiment of the present disclosure. Specifically, the proxy signature verification apparatus may be implemented in a hardware form such as an Application Specific Integrated Circuit (ASIC), a Micro Control Unit (MCU), or the like.
The proxy signature verification apparatus 5 includes:
a second obtaining module 51, configured to obtain the system parameter, the first public key, the second public key, a target message, the authorization information, and a proxy signature for the target message;
a second verification module 52, configured to perform a signature verification step, where the proxy signature and the generator are input to the bilinear mapping function to obtain a third output value, a result obtained by processing the target message using the hash function and the second public key are input to the bilinear mapping function to obtain a fourth output value, a result obtained by processing the authorization information using the hash function and the first public key are input to the bilinear mapping function to obtain a fifth output value, and the proxy signature verification passes when a product of the fourth output value and the fifth output value is equal to the third output value.
Optionally, the authorization information includes an authorizer, an authorizee and an authorization validity period, and the proxy signature is accompanied by a digital timestamp; the device further comprises: a third verifying module 53, configured to determine whether the time identified by the digital timestamp attached to the proxy signature is within the authorized validity period, if so, perform the signature verifying step, and otherwise, determine that the proxy signature is invalid.
Fig. 6b is a diagram of a proxy signature verification apparatus 5 according to an embodiment of the present disclosure, configured to execute the proxy signature verification method of the foregoing embodiment, where the proxy signature verification apparatus 5 includes: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the aforementioned proxy signature verification method.
Based on the same technical concept, an embodiment of the present disclosure further provides a proxy key generation apparatus, configured to execute the proxy key generation method provided in any of the foregoing embodiments. Fig. 7a is a schematic structural diagram of a proxy key generation apparatus according to an embodiment of the present disclosure. Specifically, the proxy key generating apparatus may be implemented in a hardware form such as an Application Specific Integrated Circuit (ASIC), a Micro Control Unit (MCU), or the like.
The proxy key generation apparatus 3 includes:
a third obtaining module 31, configured to obtain a system public parameter, authorization information, and a first private key, where the system parameter includes a bilinear mapping function, a preset large prime number, an addition cycle group, a multiplication cycle group, a generator, and a hash function, where the order of the addition cycle group is the preset large prime number, the order of the multiplication cycle group is the preset large prime number, the generator belongs to the addition cycle group, a first input value and a second input value of the bilinear mapping belong to the addition cycle group, an output value of the bilinear mapping belongs to the multiplication cycle group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition cycle group, and the first private key is a positive integer smaller than or equal to the first preset large prime number;
and the proxy key generating module 32 is configured to perform a power operation on an output value obtained by processing the authorization information using the hash function with the first private key as a power exponent to obtain a proxy key corresponding to the authorization information.
Optionally, the authorization information includes: the authorizing party, the authorized party and the authorization validity period.
Fig. 7b is a proxy key generating apparatus 3 according to an embodiment of the present disclosure, configured to execute the proxy key generating method of the foregoing embodiment, where the proxy key generating apparatus 3 includes: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the aforementioned proxy key generation method.
It should be noted that the apparatus in the embodiment of the present disclosure may implement each process of the foregoing method embodiment, and achieve the same effect and function, which are not described herein again.
An embodiment of the present disclosure further provides a proxy signature system, including: the proxy signature generation device, the proxy signature verification device, the proxy key generation device, the parameter generation device, and the key generation device, the parameter generating device is configured to generate the system parameter, the key pair generating device is configured to generate a first secret key pair and a second secret key pair according to the system parameter, wherein a first private key of the first private key pair is a positive integer less than or equal to the first predetermined large prime number, a first public key of the first secret key pair is a numerical value obtained by performing an exponentiation operation on the generator with the first private key as an exponent, the second private key of the second private key pair is a positive integer less than or equal to the predetermined large prime number, and the second public key in the second secret key pair is a numerical value obtained by performing exponentiation on the generator by taking the second private key as an exponentiation.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus, and/or devices according to embodiments of the disclosure. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. Further, while the operations of the disclosed methods are depicted in the drawings in a particular order, this does not require or imply that these operations must be performed in this particular order, or that all of the illustrated operations must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.
While the spirit and principles of the present disclosure have been described with reference to several particular embodiments, it is to be understood that the present disclosure is not limited to the particular embodiments disclosed, nor is the division of aspects, which is for convenience only as the features in such aspects may not be combined to benefit. The disclosure is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.

Claims (16)

1. A proxy signature method, comprising:
obtaining a system parameter, a second private key, a first public key, a proxy key, authorization information and a target message, wherein the system parameter includes a bilinear mapping function, a preset large prime number, an addition cyclic group, a multiplication cyclic group, a generator and a hash function, the order of the addition cyclic group and the multiplication cyclic group is the preset large prime number, the generator belongs to the addition cyclic group, a first input value and a second input value of the bilinear mapping belong to the addition cyclic group, an output value of the bilinear mapping belongs to the multiplication cyclic group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition cyclic group, the proxy key is a calculation result obtained by performing exponentiation operation on an output value obtained by processing the authorization information by using the hash function with the first private key as an exponentiation, the first public key is a numerical value obtained by performing exponentiation on the generator by taking the first private key as an exponentiation, the first private key is a positive integer less than or equal to the first preset large prime number, the second private key is a positive integer less than or equal to the preset large prime number, and a numerical value obtained by performing exponentiation on the generator by taking the second private key as an exponentiation is taken as a second public key corresponding to the second private key;
inputting the proxy key and the generator into the bilinear mapping function to obtain a first output value, and inputting a result obtained by processing the authorization information by using the hash function and the first public key into the bilinear mapping function to obtain a second output value;
and under the condition that the first output value is equal to the second output value, performing power operation on a result obtained by processing the target message by using the hash function by taking the second private key as a power exponent to obtain a third numerical value, and taking the sum of the third numerical value and the proxy secret key as a proxy signature of the target message.
2. The method of claim 1, further comprising: sending the proxy signature to a timestamp server to obtain a digital timestamp of the proxy signature;
wherein the authorization information comprises an authorizer, an authorized party and an authorization validity period, and the digital timestamp is attached to the proxy signature.
3. A proxy signature verification method, wherein the proxy signature is generated by the proxy signature method according to claim 1 or 2, and wherein the proxy signature verification method comprises:
acquiring the system parameter, the first public key, the second public key, a target message, the authorization information and a proxy signature of the target message;
and a signature verification step, wherein the proxy signature and the generator are input into the bilinear mapping function to obtain a third output value, a result obtained by processing the target message by using the hash function and the second public key are input into the bilinear mapping function to obtain a fourth output value, a result obtained by processing the authorization information by using the hash function and the first public key are input into the bilinear mapping function to obtain a fifth output value, and the proxy signature verification is passed under the condition that the product of the fourth output value and the fifth output value is equal to the third output value.
4. The method of claim 3, wherein the authorization information includes an authorizer, an authorizee, and an authorization validity period, and wherein the proxy signature is accompanied by a digital timestamp;
the method further comprises the following steps: and judging whether the time identified by the digital timestamp attached to the proxy signature is within the authorized validity period, if so, executing the signature verification step, and otherwise, judging that the proxy signature is invalid.
5. A method for generating a proxy key, comprising:
the method comprises the steps of obtaining system public parameters, authorization information and a first private key, wherein the system parameters comprise a bilinear mapping function, a preset large prime number, an addition cycle group, a multiplication cycle group, a generating element and a hash function, the order of the addition cycle group is the preset large prime number, the order of the multiplication cycle group is the preset large prime number, the generating element belongs to the addition cycle group, a first input value and a second input value of the bilinear mapping belong to the addition cycle group, an output value of the bilinear mapping belongs to the multiplication cycle group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition cycle group, and the first private key is a positive integer smaller than or equal to the first preset large prime number;
and performing power operation on an output value obtained by processing the authorization information by using the hash function by taking the first private key as a power exponent to obtain a proxy key corresponding to the authorization information.
6. The method of claim 5, wherein the authorization information comprises: the authorizing party, the authorized party and the authorization validity period.
7. A proxy signature generation apparatus, comprising:
a first obtaining module, configured to obtain a system parameter, a second private key, a first public key, a proxy key, authorization information, and a target message, where the system parameter includes a bilinear mapping function, a preset large prime number, an addition cyclic group, a multiplication cyclic group, a generator, and a hash function, where the order of the addition cyclic group and the order of the multiplication cyclic group are both the preset large prime number, the generator belongs to the addition cyclic group, a first input value and a second input value of the bilinear mapping belong to the addition cyclic group, an output value of the bilinear mapping belongs to the multiplication cyclic group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition cyclic group, and the proxy key is a calculation result obtained by performing a power operation on an output value obtained by processing the authorization information with the hash function using the first private key as a power exponent, the first public key is a numerical value obtained by performing exponentiation on the generator by taking the first private key as an exponentiation, the first private key is a positive integer less than or equal to the first preset large prime number, the second private key is a positive integer less than or equal to the preset large prime number, and a numerical value obtained by performing exponentiation on the generator by taking the second private key as an exponentiation is taken as a second public key corresponding to the second private key;
a first verification module, configured to input the proxy key and the generator to the bilinear mapping function to obtain a first output value, and input a result obtained by processing the authorization information using the hash function and the first public key to the bilinear mapping function to obtain a second output value;
and the proxy signature module is used for performing power operation on a result obtained by processing the target message by using the hash function by taking the second private key as a power exponent under the condition that the first output value is equal to the second output value to obtain a third numerical value, and taking the sum of the third numerical value and the proxy secret key as a proxy signature of the target message.
8. The apparatus of claim 7, further comprising: the timestamp acquisition module is used for sending the proxy signature to a timestamp server so as to obtain a digital timestamp of the proxy signature; wherein the authorization information comprises an authorizer, an authorized party and an authorization validity period, and the digital timestamp is attached to the proxy signature.
9. A proxy signature generation apparatus, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform: the method of claim 1 or 2.
10. A proxy signature verification apparatus, wherein the proxy signature is generated by the proxy signature generation apparatus according to any one of claims 7 to 9, the proxy signature verification apparatus comprising:
a second obtaining module, configured to obtain the system parameter, the first public key, the second public key, a target message, the authorization information, and an agent signature for the target message;
and a second verification module, configured to perform a signature verification step, where the proxy signature and the generator are input to the bilinear mapping function to obtain a third output value, a result obtained by processing the target message using the hash function and the second public key are input to the bilinear mapping function to obtain a fourth output value, a result obtained by processing the authorization information using the hash function and the first public key are input to the bilinear mapping function to obtain a fifth output value, and the proxy signature passes verification when a product of the fourth output value and the fifth output value is equal to the third output value.
11. The apparatus of claim 10, wherein the authorization information comprises an authorizer, an authorizee, and an authorization validity period, and wherein the proxy signature is accompanied by a digital timestamp;
the device further comprises: and the third verification module is used for judging whether the time identified by the digital timestamp attached to the proxy signature is within the authorized validity period, if so, executing the signature verification step, and otherwise, judging that the proxy signature is invalid.
12. A proxy signature verification apparatus, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform: the method of claim 3 or 4.
13. A proxy key generation apparatus, comprising:
a third obtaining module, configured to obtain a system public parameter, authorization information, and a first private key, where the system parameter includes a bilinear mapping function, a preset large prime number, an addition cycle group, a multiplication cycle group, a generator, and a hash function, where the order of the addition cycle group is the preset large prime number, the order of the multiplication cycle group is the preset large prime number, the generator belongs to the addition cycle group, a first input value and a second input value of the bilinear mapping belong to the addition cycle group, an output value of the bilinear mapping belongs to the multiplication cycle group, an input value of the hash function is a binary bit string, an output value of the hash function belongs to the addition cycle group, and the first private key is a positive integer smaller than or equal to the first preset large prime number;
and the proxy key generating module is used for performing power operation on an output value obtained by processing the authorization information by using the hash function by taking the first private key as a power exponent to obtain a proxy key corresponding to the authorization information.
14. The apparatus of claim 13, wherein the authorization information comprises: the authorizing party, the authorized party and the authorization validity period.
15. A proxy key generation apparatus, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform: the method of claim 5 or 6.
16. A proxy signature system, comprising: the proxy signature generation apparatus according to any one of claims 7 to 9, the proxy signature verification apparatus according to any one of claims 10 to 12, the proxy key generation apparatus according to any one of claims 13 to 15, and the parameter generation apparatus and key pair generation apparatus, wherein the parameter generation apparatus is configured to generate the system parameter, and the key pair generation apparatus is configured to generate a first secret key pair and a second secret key pair according to the system parameter, wherein a first private key in the first secret key pair is a positive integer that is less than or equal to the first preset large prime number, a first public key in the first secret key pair is a numerical value obtained by performing an exponentiation on the generator with the first private key as an exponentiation, a second private key in the second secret key pair is a positive integer that is less than or equal to the preset large prime number, and a second public key in the second secret key pair is a numerical value obtained by performing an exponentiation on the generator with the second private key as an exponentiation The obtained value.
CN202210079399.1A 2022-01-24 2022-01-24 Proxy signature and verification method, proxy key generation method, device and system Pending CN114448623A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210079399.1A CN114448623A (en) 2022-01-24 2022-01-24 Proxy signature and verification method, proxy key generation method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210079399.1A CN114448623A (en) 2022-01-24 2022-01-24 Proxy signature and verification method, proxy key generation method, device and system

Publications (1)

Publication Number Publication Date
CN114448623A true CN114448623A (en) 2022-05-06

Family

ID=81369677

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210079399.1A Pending CN114448623A (en) 2022-01-24 2022-01-24 Proxy signature and verification method, proxy key generation method, device and system

Country Status (1)

Country Link
CN (1) CN114448623A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008148033A (en) * 2006-12-11 2008-06-26 Nippon Telegr & Teleph Corp <Ntt> Proxy signature device, signer device, signature verification device, and their programs
US20120159153A1 (en) * 2010-12-13 2012-06-21 Korea Basic Science Institute Efficient Identity-Based Ring Signature Scheme With Anonymity And System Thereof
WO2017071581A1 (en) * 2015-10-30 2017-05-04 中国银联股份有限公司 Electronic signature generation method and system
CN110768799A (en) * 2019-12-30 2020-02-07 中国银联股份有限公司 Digital signature method, device, equipment, medium and system
CN112906059A (en) * 2021-01-19 2021-06-04 中国银联股份有限公司 Proxy signature and verification method, device, system and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008148033A (en) * 2006-12-11 2008-06-26 Nippon Telegr & Teleph Corp <Ntt> Proxy signature device, signer device, signature verification device, and their programs
US20120159153A1 (en) * 2010-12-13 2012-06-21 Korea Basic Science Institute Efficient Identity-Based Ring Signature Scheme With Anonymity And System Thereof
WO2017071581A1 (en) * 2015-10-30 2017-05-04 中国银联股份有限公司 Electronic signature generation method and system
CN110768799A (en) * 2019-12-30 2020-02-07 中国银联股份有限公司 Digital signature method, device, equipment, medium and system
CN112906059A (en) * 2021-01-19 2021-06-04 中国银联股份有限公司 Proxy signature and verification method, device, system and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
陈建辉: "《基于安全协议的云计算平台数据安全及隐私保护研究》", 电子科技大学出版社, pages: 40 - 41 *

Similar Documents

Publication Publication Date Title
EP3779792B1 (en) Two-dimensional code generation method, data processing method, apparatus, and server
CN109818730B (en) Blind signature acquisition method and device and server
CN105721156A (en) General Encoding Functions For Modular Exponentiation Encryption Schemes
CN112887081A (en) SM 2-based signature verification method, device and system
CN114760052A (en) Bank Internet of things platform key generation method and device, electronic equipment and medium
KR101586439B1 (en) User data integrity verification method and apparatus capable of guaranteeing privacy
CN112906059B (en) Proxy signature and verification method, device, system and storage medium
CN111245594B (en) Homomorphic operation-based collaborative signature method and system
US11616994B2 (en) Embedding information in elliptic curve base point
CN114448623A (en) Proxy signature and verification method, proxy key generation method, device and system
CN114257380A (en) Digital signature method, system and equipment
CN113708927A (en) Universal designated verifier signature certification system based on SM2 digital signature
Hajny et al. Privacy-friendly access control based on personal attributes
Liu et al. Video data integrity verification method based on full homomorphic encryption in cloud system
Ahamad et al. Provably secure authentication approach for data security in the cloud using hashing, encryption, and Chebyshev-based authentication
Cucurull et al. Transitioning to a Javascript voting client for remote online voting
CN112887097A (en) Signature method based on SM2 elliptic curve, related device and storage medium
CN112784314B (en) Data integrity detection method and device, electronic equipment and storage medium
CN114866409B (en) Password acceleration method and device based on password acceleration hardware
Fugkeaw et al. Proxy-assisted digital signing scheme for mobile cloud computing
CN116318738B (en) Signature method, signature system, electronic equipment and storage medium
CN116961925B (en) Signature method, signature system, electronic equipment and storage medium
CN113630254B (en) ECDSA-based generalized assignment verifier signature proving method and system
CN114697099B (en) Multiparty authorization authentication method based on elliptic curve encryption algorithm
RU2774807C2 (en) Homomorphous encryption for authentication using password

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination