CN114520718A - Certificate-based signature method for resisting leakage attack - Google Patents

Certificate-based signature method for resisting leakage attack Download PDF

Info

Publication number
CN114520718A
CN114520718A CN202210059943.6A CN202210059943A CN114520718A CN 114520718 A CN114520718 A CN 114520718A CN 202210059943 A CN202210059943 A CN 202210059943A CN 114520718 A CN114520718 A CN 114520718A
Authority
CN
China
Prior art keywords
certificate
leakage
signature
key
generating
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210059943.6A
Other languages
Chinese (zh)
Other versions
CN114520718B (en
Inventor
梁旭东
周彦伟
杨波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu University of Information Technology
Shaanxi Normal University
Original Assignee
Chengdu University of Information Technology
Shaanxi Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu University of Information Technology, Shaanxi Normal University filed Critical Chengdu University of Information Technology
Priority to CN202210059943.6A priority Critical patent/CN114520718B/en
Publication of CN114520718A publication Critical patent/CN114520718A/en
Application granted granted Critical
Publication of CN114520718B publication Critical patent/CN114520718B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3033Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a certificate-based signature method for resisting leakage attack, which comprises the following steps: step 1, initializing; step 2, generating a key; step 3, generating a certificate; step 4, signature; step 5, verifying the validity; the certificate-based signature method for resisting leakage attack does not use complex bilinear mapping with large calculated amount in the construction process, thereby improving the operation efficiency and the practicability; the anti-leakage performance is introduced into a certificate signature method, so that high safety is still kept in a real environment with leakage; the method solves the problem of key escrow in the identity-based password, avoids the problem of certificate management in the traditional public key, and the signature method constructed by the method not only has the capability of resisting leakage attack, but also improves the corresponding calculation efficiency.

Description

Certificate-based signature method for resisting leakage attack
Technical Field
The invention belongs to the technical field of signature mechanisms, and particularly relates to a certificate-based signature method for resisting leakage attack.
Background
In 1984, to solve the problem of complex management of certificates in the traditional public key infrastructure, Shamir proposed the concept of Identity-based Cryptography (IBC). In the IBC, the unique identity information such as a telephone number, a mailbox address, a certificate number, etc. of a user is directly used as a public Key of the user, and a corresponding private Key is generated by a trusted third party-Key Generation Center (KGC), and because the identity information and the user have a natural binding relationship, an additional certificate is not needed to complete the association between the identity information and the user, so that the certificate management problem of the conventional public Key cryptosystem is simplified; however, in the IBC, since the KGC completely grasps the private key of an arbitrary user and can complete operations such as decryption and signature verification instead of the user, there is a problem of key escrow in the IBC. To further address the key escrow problem of IBC, Gentry et al propose a concept based on Certificate-based Cryptography (CBC). In the CBC, a user autonomously completes the generation of a public and private key, the KGC is responsible for generating a secret certificate for the user, the certificate is matched with the private key of the user to complete corresponding calculation, and the KGC cannot replace any user to execute related operations such as decryption, signature verification and the like because the KGC cannot master the specific private key of the user.
Since signature is one of the basic techniques of blockchain, more and more researchers are dedicated to the research of the basic primitive of the password along with the development of blockchain technique in recent years. In addition, as an important basic tool for guaranteeing message integrity, the signature mechanism also needs to have the capability of resisting leakage attack.
Disclosure of Invention
The invention aims to solve the technical problems of realizing the leakage resistance of the signature method and improving the safety of message transmission on the premise of avoiding key escrow. In order to meet the anti-leakage requirement of the certificate-based signature method, a specific structure of the anti-leakage certificate-based signature method is provided.
A certificate-based signature method for resisting leakage attack comprises the following steps:
step 1, initializing;
step 2, generating a key;
step 3, generating a certificate;
step 4, signature;
and 5, verifying the legality.
Further, the step 1, initializing, includes the following steps:
step 201, selecting a prime number P, and setting G as an addition cycle group with the order of P, wherein P is a generating element of the group G; selecting a cryptographic hash function H1:
Figure BDA0003477822910000021
And H2:
Figure BDA0003477822910000022
Step 202, let 2-Ext:
Figure BDA0003477822910000023
is (l)n,lm2) Is a two-source extractor, epsilon2Is a negligible value on κ; fun:
Figure BDA0003477822910000024
is a leakage-resistant one-way function with a leakage parameter of lambda, wherein lambda is less than or equal to logp-lb-ω(logκ);
Step 203, selecting randomly
Figure BDA0003477822910000025
And
Figure BDA0003477822910000026
and calculating the parameter α ═ 2-Ext (m)1,m2) And parameter Ppub=αP;
Step 204, secretly storing the system master key msk ═ α, and disclosing the system parameters:
Params={p,G,P,Ppub,H1,H2,Fun,2-Ext}。
further, the specific process of generating the key in step 2 is as follows: user Uid(ID is id) generates corresponding private key and public key (sk)id,pkid) And is and
skid=s
pkid=sP
wherein
Figure BDA0003477822910000031
Further, the step 3 of generating the certificate includes the following steps:
step 401, KGC is based on user UidId and public key pkidGenerate a corresponding certificate for it:
Certid=(Xid,yid)
wherein
Figure BDA0003477822910000032
Xid=xidP and yid=xid+αH1(id,Xid,pkid) Wherein X isidIs auxiliary public information for certificate validity verification, UidMixing XidTogether with the public key pkidAre published together;
step 402, the user receives certificate CertidThereafter, Cert can be verified by the following equationidThe legitimacy of (c):
yidP=Xid+PpubH1(id,Xid,pkid)。
further, the step 4, signing, includes the following steps:
step 501, selecting randomly
Figure BDA0003477822910000033
And
Figure BDA0003477822910000034
and calculating:
t=2-Ext(n1,n2)
T=tP
step 502, calculating:
z=t+yid+skidH2(id,pkid,Xid,T,m)
step 503 outputs the signature δ of the message { T, z }.
Further, the step 5 of verifying the validity comprises the following steps:
after receiving the signature δ ═ T, z, step 601, the receiver calculates:
V=T+PpubH1(id,Xid,pkid)+pkidH2(id,pkid,Xid,T,m)
step 602, verifying an equation:
Fun(zP)=Fun(V)
if the equation is true, outputting 1; otherwise 0 is output.
The invention has the advantages that: the invention provides the certificate-based signature method for resisting the leakage attack, which does not use complex bilinear mapping with large calculated amount in the construction process, thereby improving the operation efficiency and the practicability; the anti-leakage performance is introduced into the certificate signature method, and high safety is still kept in a real environment with leakage. The method solves the problem of key escrow in the identity-based password, avoids the problem of certificate management in the traditional public key, and the signature method constructed by the method not only has the capability of resisting leakage attack, but also improves the corresponding calculation efficiency.
Drawings
FIG. 1 is a flowchart of example 1 of the present invention.
Detailed Description
To further illustrate the technical means and effects of the present invention adopted to achieve the predetermined purpose, the following detailed description is given to the effects of the specific implementation modes and the structural features of the present invention with reference to the embodiments.
The technical solutions in the embodiments of the present invention will be clearly and completely described below, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
The method aims to solve the technical problems that on the premise of avoiding key escrow, the anti-leakage performance of the signature method is realized, and the safety of message transmission is improved. In order to meet the anti-leakage requirement of the certificate-based signature method, a specific structure of the anti-leakage certificate-based signature method is provided.
Description of specific parameters:
the security parameters are denoted by κ; a ← aeRA represents a uniformly random selected element a from the set A; negl (κ) indicates a computationally negligible over the security parameter κ; x ← a (y) shows that algorithm a outputs a corresponding calculation result x under the action of input y.
The certificate-based signature method for resisting the leakage attack comprises the following steps:
step 1, initializing;
step 2, generating a key;
step 3, generating a certificate;
step 4, signature;
and 5, verifying the legality.
Further, the step 1, initialization is performed at the third party authority KGC, and includes the following steps:
step 201, selecting a prime number P, and setting G as an addition cycle group with the order of P, wherein P is a generating element of the group G; selecting a cryptographic hash function H1:
Figure BDA0003477822910000051
And H2:
Figure BDA0003477822910000052
Step 202, let 2-Ext:
Figure BDA0003477822910000053
is (l)n,lm2) Is a two-source extractor, epsilon2Is a negligible value on κ; fun:
Figure BDA0003477822910000054
is a leakage-resistant one-way function with a leakage parameter of lambda, wherein lambda is less than or equal to logp-lb-ω(logκ);
Step 203, random selection
Figure BDA0003477822910000055
And
Figure BDA0003477822910000056
and calculating the parameter α ═ 2-Ext (m)1,m2) And a parameter Ppub=αP;
Step 204, secretly storing the system master key msk ═ α, and disclosing system parameters:
Params={p,G,P,Ppub,H1,H2,Fun,2-Ext}。
note that the master key α is extracted by the two-source extractor 2-Ext based on two random strings m1And m2And (4) generating. For any adversary, the security of 2-Ext can know that when the leakage information of the master key alpha is not more than lm+lnα is still sufficiently random when it is-logq- ω (log κ).
Further, the step 2, the specific process of generating the key is as follows: user Uid(ID is id) generates corresponding private key and public key (sk)id,pkid) And is and
skid=s
pkid=sP
wherein
Figure BDA0003477822910000061
Further, the step 3 of generating the certificate by the third party authority KGC includes the following steps:
step 401, KGC sets α to msk by system master key based on user UidId and public key pkidGenerate a corresponding certificate for it:
Certid=(Xid,yid)
wherein
Figure BDA0003477822910000062
Xid=xidP and yid=xid+αH1(id,Xid,pkid) Wherein X isidIs auxiliary public information for certificate validity verification, UidX is to beidTogether with the public key pkidAre published together;
step 402, the user receives the certificate Cert sent by KGCidThereafter, Cert can be verified by the following equationidThe legitimacy of (c):
yidP=Xid+PpubH1(id,Xid,pkid)。
further, step 4, the user's own id, private key skidAnd certificate CertidSigning a message m needing to be delivered, comprising the following steps:
step 501, selecting randomly
Figure BDA0003477822910000063
And
Figure BDA0003477822910000064
and calculates:
t=2-Ext(n1,n2)
T=tP
step 502, calculating:
z=t+yid+skidH2(id,pkid,Xid,T,m)
step 503, the signature δ of the user to the message is { T, z }, and the identity id and the public key pk of the user are usedidThe message m is sent to the message recipient together with the corresponding signature value delta.
It should be noted that the leakage-resistant processing of the signature random number t is realized in the signature algorithm based on the two-source extractor 2-Ext. For any adversary, the leakage information of the current t is not more than l according to the safety of 2-Extm+lnT is still sufficiently random when the value is-logq- ω (log κ).
Further, in the step 5, the receiver verifies the validity of the signature, and the specific process is as follows:
601, the receiver receives the identity information id and the public key pk of the useridAfter the message m and the corresponding signature value δ, the following is calculated:
V=T+PpubH1(id,Xid,pkid)+pkidH2(id,pkid,Xid,T,m)
step 602, verifying an equation:
Fun(zP)=Fun(V)
if the formula is established, the message m can be proved to be really sent by the user; otherwise it cannot be proven that the message m was sent by the user.
Example 2
Suppose that there are two users, Alice and Bob, that Alice needs to transmit some valuable information to Bob via the internet, that Bob needs to judge that the information is actually sent by Alice after receiving the message, so as to perform a next action, and that there is a third-party authority, KGC, whose authority is trusted here. According to a certificate-based signature method for resisting leakage attack, information transmission is carried out:
the KGC completes initialization to generate and disclose each parameter, specifically as follows:
step 201, selecting a prime number P, and setting G as an addition cycle group with the order of P, wherein P is a generating element of the group G; selecting a cryptographic hash function H1:
Figure BDA0003477822910000071
And H2:
Figure BDA0003477822910000072
Step 202, let 2-Ext:
Figure BDA0003477822910000073
is (l)n,lm2) Is a two-source extractor, ε2Is a negligible value on κ; fun:
Figure BDA0003477822910000074
is a leakage-resistant one-way function with a leakage parameter of lambda, wherein lambda is less than or equal to logp-lb-ω(logκ);
Step 203, random selection
Figure BDA0003477822910000075
And
Figure BDA0003477822910000076
and calculating the parameter α ═ 2-Ext (m)1,m2) And a parameter Ppub=αP;
Step 204, secretly storing the system master key msk ═ α, and disclosing system parameters:
Params={p,G,P,Ppub,H1,H2,Fun,2-Ext}。
note that the master key α is extracted by the two-source extractor 2-Ext based on two random strings m1And m2And (4) generating. For any adversary, the security of 2-Ext can know that when the leakage information of the master key alpha is not more than lm+lnα is still sufficiently random when it is-logq- ω (log κ).
Further, the specific process of generating the key is as follows: the user Alice (identity id) generates a corresponding private key and a corresponding public key (sk)id,pkid) And is and
skid=s
pkid=sP
wherein
Figure BDA0003477822910000081
Further, the authority KGC generates a certificate for Alice who needs to send a message, including the following steps:
step 401, KGC determines that α is the system master key msk, and based on the identity id and public key pk of user AliceidGenerate a corresponding certificate for it:
Certid=(Xid,yid)
wherein
Figure BDA0003477822910000082
Xid=xidP and yid=xid+αH1(id,Xid,pkid) Wherein X isidIs auxiliary public information for certificate validity verification, and Alice sends XidTogether with the public key pkidAre published together;
step 402, user Alice receives certificate Cert sent by KGCidThereafter, Cert can be verified by the following equationidThe legitimacy of (c):
yidP=Xid+PpubH1(id,Xid,pkid)。
further, the user Alice passes through the id and the private key sk of the user AliceidAnd KGC issued certificate CertidSigning a message m needing to be delivered, comprising the following steps:
step 501, selecting randomly
Figure BDA0003477822910000091
And
Figure BDA0003477822910000092
and calculates:
t=2-Ext(n1,n2)
T=tP
step 502, calculating:
z=t+yid+skidH2(id,pkid,Xid,T,m)
step 503, Alice obtains the signature δ ═ T, z } for the message, and uses its own identity id and public key pkidThe message m is sent to Bob along with the corresponding signature value δ.
It should be noted that the leakage-resistant processing of the signature random number t is realized in the signature algorithm based on the two-source extractor 2-Ext. For any adversary, the leaked information of current t is not more than l as can be known from the safety of 2-Extm+lnT is still sufficiently random when the value is-logq- ω (log κ).
Further, the user Bob verifies the validity of the signature, and the specific process is as follows:
601, Bob receives Alice identity information id and public key pkidAfter the message m and the corresponding signature value δ, the following is calculated:
V=T+PpubH1(id,Xid,pkid)+pkidH2(id,pkid,Xid,T,m)
step 602, verifying an equation:
Fun(zP)=Fun(V)
if the formula is true, the message m is proved to be really sent by Alice; otherwise it cannot be proven that the message m was sent by Alice.
In summary, the certificate-based signature method for resisting the leakage attack, which is applied in the example, does not use complex bilinear mapping with large calculation amount in the construction process, so that the operation efficiency and the practicability are improved; the anti-leakage performance is introduced into a certificate-based signature method, namely, a two-source extractor 2-Ext is introduced in the signature step to realize the anti-leakage performance processing of the signature random number t, and the high safety is still kept in the actual environment with leakage. And the cipher system based on the certificate solves the problem of key escrow in the identity-based cipher, and avoids the problem of certificate management in the traditional public key. The signature method constructed by the method not only has the capability of resisting leakage attack, but also improves the corresponding calculation efficiency.
The foregoing is a more detailed description of the invention in connection with specific preferred embodiments and it is not intended that the invention be limited to these specific details. For those skilled in the art to which the invention pertains, several simple deductions or substitutions can be made without departing from the spirit of the invention, and all shall be considered as belonging to the protection scope of the invention.

Claims (6)

1. A certificate-based signature method for resisting leakage attack is characterized by comprising the following steps:
step 1, initializing;
step 2, generating a key;
step 3, generating a certificate;
step 4, signature;
and 5, verifying the legality.
2. A certificate-based signing method against a leakage attack according to claim 1, characterized in that: the step 1, initialization comprises the following steps:
step 201, selecting a prime number P, and setting G as an addition cycle group with the order of P, wherein P is a generating element of the group G; selecting a cryptographic hash function H1:
Figure FDA0003477822900000011
And H2:
Figure FDA0003477822900000012
Step 202, let 2-Ext:
Figure FDA0003477822900000013
is (l)n,lm2) Is a two-source extractor, epsilon2Is a negligible value on κ; fun:
Figure DEST_PATH_BDA0003477822910000054
is a leakage-resistant one-way function with a leakage parameter of lambda, wherein lambda is less than or equal to logp-lb-ω(logκ);
Step 203, random selection
Figure FDA0003477822900000015
And
Figure FDA0003477822900000016
and calculating the parameter α ═ 2-Ext (m)1,m2) And parameter Ppub=αP;
Step 204, secretly storing the system master key msk ═ α, and disclosing system parameters:
Params={p,G,P,Ppub,H1,H2,Fun,2-Ext}。
3. a certificate-based signing method against a compromise attack according to claim 1, characterized in that: the specific process of generating the key in the step 2 is as follows: user Uid(ID is id) generates corresponding private key and public key (sk)id,pkid) And is and
skid=s
pkid=sP
wherein
Figure FDA0003477822900000021
4. A certificate-based signing method against a leakage attack according to claim 1, characterized in that: the step 3 of generating the certificate comprises the following steps:
step 401, KGC is based on user UidId and public key pkidGenerate a corresponding certificate for it:
Certid=(Xid,yid)
wherein
Figure FDA0003477822900000022
Xid=xidP and yid=xid+αH1(id,Xid,pkid) Wherein X isidIs auxiliary public information for certificate validity verification, UidMixing XidTogether with the public key pkidAre published together;
step 402, the user receives certificate CertidThereafter, Cert can be verified by the following equationidThe legitimacy of (c):
yidP=Xid+PpubH1(id,Xid,pkid)。
5. a certificate-based signing method against a leakage attack according to claim 1, characterized in that: the step 4, signature comprises the following steps:
step 501, selecting randomly
Figure FDA0003477822900000023
And
Figure FDA0003477822900000024
and calculating:
t=2-Ext(n1,n2)
T=tP
step 502, calculating:
z=t+yid+skidH2(id,pkid,Xid,T,m)
step 503 outputs the signature δ of the message { T, z }.
6. A certificate-based signing method against a leakage attack according to claim 1, characterized in that: the step 5 of verifying the validity comprises the following steps:
after receiving the signature δ ═ T, z, step 601, the receiver calculates:
V=T+PpubH1(id,Xid,pkid)+pkidH2(id,pkid,Xid,T,m)
step 602, verifying an equation:
Fun(zP)=Fun(V)
if yes, outputting 1 if the equation is true; otherwise 0 is output.
CN202210059943.6A 2022-01-19 2022-01-19 Certificate-based signature method for resisting revealing attack Active CN114520718B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210059943.6A CN114520718B (en) 2022-01-19 2022-01-19 Certificate-based signature method for resisting revealing attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210059943.6A CN114520718B (en) 2022-01-19 2022-01-19 Certificate-based signature method for resisting revealing attack

Publications (2)

Publication Number Publication Date
CN114520718A true CN114520718A (en) 2022-05-20
CN114520718B CN114520718B (en) 2024-04-02

Family

ID=81596941

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210059943.6A Active CN114520718B (en) 2022-01-19 2022-01-19 Certificate-based signature method for resisting revealing attack

Country Status (1)

Country Link
CN (1) CN114520718B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060067118A (en) * 2004-12-14 2006-06-19 한국전자통신연구원 Id based proxy signature apparatus with restriction on signing capability by bilinear map and method thereof
CN111262710A (en) * 2020-01-20 2020-06-09 陕西师范大学 Certificateless aggregation digital signature method for resisting secret information leakage
CN111555882A (en) * 2020-04-07 2020-08-18 陕西师范大学 Certificateless secret key packaging method for resisting bounded sensitive information leakage
CN111800269A (en) * 2020-06-08 2020-10-20 陕西师范大学 Anti-leakage certificate-based broadcast key packaging method
US20210314142A1 (en) * 2020-03-31 2021-10-07 Friedrich-Alexander-Universität Erlangen-Nürnberg Methods for threshold password-hardened encryption and decryption

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060067118A (en) * 2004-12-14 2006-06-19 한국전자통신연구원 Id based proxy signature apparatus with restriction on signing capability by bilinear map and method thereof
CN111262710A (en) * 2020-01-20 2020-06-09 陕西师范大学 Certificateless aggregation digital signature method for resisting secret information leakage
US20210314142A1 (en) * 2020-03-31 2021-10-07 Friedrich-Alexander-Universität Erlangen-Nürnberg Methods for threshold password-hardened encryption and decryption
CN111555882A (en) * 2020-04-07 2020-08-18 陕西师范大学 Certificateless secret key packaging method for resisting bounded sensitive information leakage
CN111800269A (en) * 2020-06-08 2020-10-20 陕西师范大学 Anti-leakage certificate-based broadcast key packaging method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
周彦伟;杨波;夏?;来齐齐;张明武;穆怡;: "抵抗泄露攻击的可撤销IBE机制", 计算机学报, no. 08 *

Also Published As

Publication number Publication date
CN114520718B (en) 2024-04-02

Similar Documents

Publication Publication Date Title
Huang et al. Certificateless signature revisited
Barreto et al. Efficient and provably-secure identity-based signatures and signcryption from bilinear maps
CN107659395B (en) Identity-based distributed authentication method and system in multi-server environment
CN102387019B (en) Certificateless partially blind signature method
TWI326182B (en) Asymmetric cryptography with discretionary private key
CN106936584B (en) Method for constructing certificateless public key cryptosystem
Selvi et al. ID based signcryption scheme in standard model
CN113162773B (en) Heterogeneous blind signcryption method capable of guaranteeing safety
Sun et al. Short-ciphertext and BDH-based CCA2 secure certificateless encryption
Yuen et al. Constant-size hierarchical identity-based signature/signcryption without random oracles
CN110943845A (en) Method and medium for cooperatively generating SM9 signature by two light-weight parties
Zhou et al. Three-round secret handshakes based on ElGamal and DSA
Chen et al. Identity-based key-insulated signcryption
Oh et al. How to solve key escrow and identity revocation in identity-based encryption schemes
CN115580408A (en) SM 9-based certificateless signature generation method and system
CN114520718B (en) Certificate-based signature method for resisting revealing attack
CN109412815B (en) Method and system for realizing cross-domain secure communication
CN112383403A (en) Heterogeneous ring signature method
Wen et al. New concurrent digital signature scheme based on the computational Diffie-Hellman problem
CN111464292A (en) Method and system for searchable encryption of certificateless public key
Cui et al. A new certificateless signcryption scheme without bilinear pairing
Huang et al. Perfect concurrent signature protocol
CN113347009B (en) Certificateless threshold signcryption method based on elliptic curve cryptosystem
CN114024683B (en) Online offline signcryption method from CLC environment to PKI environment
CN111447064B (en) Password reverse firewall method suitable for certificateless encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant