CN114640463A - Digital signature method, computer equipment and medium - Google Patents

Digital signature method, computer equipment and medium Download PDF

Info

Publication number
CN114640463A
CN114640463A CN202210182974.0A CN202210182974A CN114640463A CN 114640463 A CN114640463 A CN 114640463A CN 202210182974 A CN202210182974 A CN 202210182974A CN 114640463 A CN114640463 A CN 114640463A
Authority
CN
China
Prior art keywords
digital signature
conjugate value
subgroup
conjugate
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210182974.0A
Other languages
Chinese (zh)
Other versions
CN114640463B (en
Inventor
林汉玲
李飞鹏
李敏
王晓峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen University
Original Assignee
Shenzhen University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen University filed Critical Shenzhen University
Priority to CN202210182974.0A priority Critical patent/CN114640463B/en
Publication of CN114640463A publication Critical patent/CN114640463A/en
Priority to PCT/CN2022/103270 priority patent/WO2023159849A1/en
Application granted granted Critical
Publication of CN114640463B publication Critical patent/CN114640463B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The embodiment of the application is applicable to the technical field of information security, and provides a digital signature method, computer equipment and a medium, wherein the method comprises the following steps: determining a first subgroup and a second subgroup from established braid groups, wherein the index of the braid group is an integer greater than or equal to 6, and multiplication of elements of the first subgroup and the second subgroup is not exchangeable; selecting a first element from the first subgroup as a private key, and performing conjugate operation on the private key and the braid group to obtain a first conjugate value; generating a public key based on the braid group and the first conjugate value; when a second conjugate value sent by a verifier is received, calculating a digital signature of the information to be signed according to the second conjugate value and the private key, wherein the second conjugate value is calculated by the verifier according to the public key; and sending the digital signature to the verifier. The method for digital signature can resist quantum computing attack and has higher safety.

Description

Digital signature method, computer device and medium
Technical Field
The present application relates to the field of information security technologies, and in particular, to a digital signature method, a computer device, and a medium.
Background
The digital signature can be used for ensuring the integrity of information transmission, carrying out identity verification of a sender and preventing repudiation in transactions, and is widely applied to the field of information security.
The existing digital signature method is based on a classical public key cryptographic algorithm to guarantee the security. The security of the classical public key cryptographic algorithm depends on the high computational difficulty of factorization and discrete logarithm. But quantum computing systems will perform factorization of large integers and discrete logarithm computations in polynomial time, and Google and IBM have stated that quantum computing systems of their designs are implemented or are being implemented, respectively. This means that the public key cryptographic protocol established based on RSA, ECC, E1Gamal will no longer be secure. Therefore, a digital signature algorithm that is resistant to quantum computation is needed.
Disclosure of Invention
In view of this, embodiments of the present application provide a digital signature method, so as to solve the problem that a digital signature based on the existing public key cryptography cannot resist quantum computing attack.
A first aspect of an embodiment of the present application provides a digital signature method, which is applied to a signer, and the method includes:
determining a first subgroup and a second subgroup from established braid groups, wherein the index of the braid group is an integer greater than or equal to 6, and multiplication of elements of the first subgroup and the second subgroup is not exchangeable;
selecting any element from the first subgroup as a private key, and performing conjugate operation on the private key and the braid group to obtain a first conjugate value;
generating a public key based on the braid group and the first conjugate value;
when a second conjugate value sent by a verifier is received, calculating a digital signature of the information to be signed according to the second conjugate value and the private key, wherein the second conjugate value is calculated by the verifier according to the public key;
and sending the digital signature to the verifier.
A second aspect of the embodiments of the present application provides a digital signature method, which is applied to a verifier, and the method includes:
calculating a second conjugate value according to a public key of the signer, wherein the public key comprises a first conjugate value;
sending the second conjugate value to the signer, wherein the second conjugate value is used for the signer to calculate a digital signature of the information to be signed;
upon receiving the digital signature from the signer, verifying the digital signature according to the second conjugate value and the first conjugate value.
A third aspect of the embodiments of the present application provides a digital signature apparatus, applied to a signer, the apparatus including:
a subgroup determining module, configured to determine a first subgroup and a second subgroup from an established braid group, where an index of the braid group is an integer greater than or equal to 6, and multiplications of elements of the first subgroup and the second subgroup are not exchangeable;
the conjugate operation module is used for selecting any element from the first subgroup as a private key and performing conjugate operation on the private key and the braid group to obtain a first conjugate value;
a public key generation module, configured to generate a public key based on the braid group and the first conjugate value;
the digital signature module is used for calculating a digital signature of the information to be signed according to a second conjugate value and the private key when the second conjugate value sent by the verifier is received, wherein the second conjugate value is calculated by the verifier according to the public key;
and the sending module is used for sending the digital signature to the verifier.
A fourth aspect of the embodiments of the present application provides a digital signature method, which is applied to a verifier, where the apparatus includes:
the calculation module is used for calculating a second conjugate value according to a public key of the signer, wherein the public key comprises a first conjugate value;
the sending module is used for sending the second conjugate value to the signing party, and the second conjugate value is used for the signing party to calculate a digital signature of the information to be signed;
and the verification module is used for verifying the digital signature according to the second conjugate value and the first conjugate value when the digital signature from the signer is received.
A fifth aspect of embodiments of the present application provides a computer device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, the processor implementing the method according to the first or second aspect when executing the computer program.
A sixth aspect of embodiments of the present application provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method of the first or second aspect.
A seventh aspect of embodiments of the present application provides a computer program product, which, when run on a computer device, causes the computer device to perform the method of the first or second aspect.
Compared with the prior art, the embodiment of the application has the following advantages:
in the embodiment of the application, a signing party determines a first subgroup and a second subgroup from an established braid group; then, selecting an element from the first subgroup as a private key of a signer, and performing conjugate operation on the private key and the braid group to obtain a first conjugate value; generating a public key based on the braid group and the first conjugate value; the verifying party can obtain the public key of the signing party, so that a second conjugate value is obtained through calculation based on the public key, and the second conjugate value is sent to the signing party; when the signer receives the second conjugate value sent by the verifier, the signer can calculate the digital signature with the signature information according to the second conjugate value and the private key; the digital signature is then sent to a verifier, who can verify the digital signature. In the scheme in this embodiment, the first subgroup and the second subgroup are two Mihailova subgroups of the braid group, multiplication of elements of the two subgroups is not exchangeable, and since the member problem of the Mihailova subgroups is not solved, the private key of the signer is attacked by an algorithm, so that the digital signature method in the present application can resist quantum computation attack.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the embodiments or the description of the prior art will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the application, and that for a person skilled in the art, other drawings can be derived from them without inventive effort.
Fig. 1 is a schematic flowchart illustrating steps of a digital signature method according to an embodiment of the present application;
FIG. 2 is a flow chart illustrating steps of another digital signature method provided by an embodiment of the present application;
fig. 3 is a schematic diagram of a digital signature apparatus provided in an embodiment of the present application;
FIG. 4 is a schematic diagram of another digital signature device provided in the embodiments of the present application;
fig. 5 is a schematic diagram of a computer device according to an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to" determining "or" in response to detecting ". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
Furthermore, in the description of the present application and the appended claims, the terms "first," "second," "third," and the like are used for distinguishing between descriptions and not necessarily for describing or implying relative importance.
Reference throughout this specification to "one embodiment" or "some embodiments," or the like, means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," or the like, in various places throughout this specification are not necessarily all referring to the same embodiment, but rather "one or more but not all embodiments" unless specifically stated otherwise. The terms "comprising," "including," "having," and variations thereof mean "including, but not limited to," unless expressly specified otherwise.
The technical solution of the present application will be described below by way of specific examples.
Referring to fig. 1, a schematic diagram illustrating a flow of steps of a digital signature method provided in an embodiment of the present application, applied to a signer, may specifically include the following steps:
s101, determining a first subgroup and a second subgroup from established braid groups, wherein the index of the braid group is an integer greater than or equal to 6, and multiplication of elements of the first subgroup and the second subgroup is not exchangeable.
Specifically, braid group B may be established firstnBraid group BnThe defined group is presented by:
Bn=<σ1,σ2,…,σn-1iσj=σjσi,|i-j|≥2,σiσi+1σi=σi+1σiσi+1,1≤i≤n-2>
the elements of the braid group are all in a set { sigma1,σ2,…,σn-1A word representation in a formal form representing uniqueness of the element is provided. Braid group BnHas the following properties: in BnRepresentative B on the generated element setnThe words of the elements of (a) have a calculable unique regular form; the product and inversion operations based on the regular form of the group are computationally feasible.
Braid group BnContaining a compound of formula II and F2×F2Isomorphic subgroups LiI.e. from σi 2,σi+1 2,σi+3 2,σi+4 2Two direct product isomorphic subgroups of free groups of rank 2 are generated:
Li=<σi 2,σi+1 2,σi+3 2,σi+4 2>,i=1,2,..,n-5
then, a finite presentation group H whose word problem is not solved is generated by two elements, and L is constructediA Mihaivova subgroup Mi(see reference [3 ]]). The lower part is Mi56 generators:
σi 2σi+3 2,σi+1 2σi+4 2,Sij,Tij,j=1,2,…,27
and 27S1jIs (hold all sigma)1Is changed to sigmai,σ2Is changed to sigmai+1To obtain allSij(ii) a All sigma1Is changed to sigmai+3,σ2Is changed to sigmai+4To obtain all Tij):
Figure BDA0003521571900000051
Figure BDA0003521571900000061
Figure BDA0003521571900000071
All mihaivova subgroups MiThe problem of membership of (i ═ 1, 2., n-5) is not solvable.
The first subgroup and the second subgroup are two Mihailova subgroups P and Q of the braid group, and multiplication of elements in the first subgroup and the second subgroup is not exchangeable.
S102, selecting any element from the first subgroup as a private key, and performing conjugate operation on the private key and the braid group to obtain a first conjugate value.
Specifically, the signer may select an element from the first subgroup as the private key x, and then perform a conjugate operation on the private key and the braid group to obtain a first conjugate value.
Specifically, the calculation formula of the first conjugate value is: a is1=xσ1x-1,a2=xσ2x-1,…,an-1=xσn-1x-1,(a1,a2,…,an-1) Wherein 1, 2, … and n1 are a plurality of generating elements of the braid group; x is a private key; a1, a2, …, an-1 is the first conjugate value, and n is the index.
S103, generating a public key based on the braid group and the first conjugate value.
To make the braids group BnAn index n, a second subgroup Q and a first conjugate value a1,a2,…,an-1AsThe public key of the signer, which can be obtained by the verifier.
In a possible implementation manner, the public key further includes a collision resistant hash function.
And S104, when a second conjugate value sent by a verifier is received, calculating a digital signature of the information to be signed according to the second conjugate value and the private key, wherein the second conjugate value is calculated by the verifier according to the public key.
The verifying party can obtain the public key of the signing party and then calculate to obtain a second conjugate value according to the public key of the signing party; the verifier may then send the second conjugate value to the signer.
And when the signer receives the second conjugate value sent by the verifier, the digital signature with the signature information can be calculated according to the second conjugate value and the private key.
Specifically, the signer may replace the occurrence decibels of all the generator elements in the private key with the first public responsibility, and then calculate the product of the private key and the first conjugate value; calculating an intermediate value using the private key and the reciprocal; and encrypting the information to be signed based on the intermediate value. The anti-collision hash function can be used for encryption, has irreversibility, and can ensure the safety of the digital signature in the data communication process.
Specifically, the calculation formula of the digital signature may be:
K=x(b1,b2,…,bn-1);
e=x-1K;
S=H(m||e);
wherein, b1,b2,…,bn-1Is the second conjugate value; s is a digital signature, H is a collision-resistant hash function, m is information to be signed, n is an index, | | represents that characters m and e are connected together.
S105, sending the digital signature to the verifier.
The signer sends the digital signature obtained by calculation to the verifier, and the verifier can confirm the identity of the signer according to the digital signature.
In the embodiment of the application, a signing party adopts one element in a Mihailova subgroup as a private key, while the problem of members in the Mihailova subgroup is not solvable, and the security guarantee of the digital signature algorithm depends on the insolubility of the corresponding judgment problem, so that the digital signature algorithm in the embodiment is resistant to all known attacks including quantum quantity calculation attacks.
Referring to fig. 2, a schematic flow chart illustrating steps of another digital signature method provided in the embodiment of the present application is shown, and the method is applied to a verifier, and specifically may include the following steps:
s201, calculating a second conjugate value according to a public key of the signer, wherein the public key comprises the first conjugate value.
Specifically, the verifier may obtain a public key of the signer, where the public key may include a first conjugate value, and the first conjugate value is calculated by the signer according to the step in S102.
The public key further includes an braid group and a subgroup, where an index of the braid group is an integer greater than or equal to 6, and the subgroup is a Mihailova subgroup of the braid group, that is, the Mihailova subgroup Q in step S101.
The verifying party can select an element from the subgroup, and then the element and the braid group are adopted to carry out conjugate operation to obtain a second conjugate value. The second conjugate value may be calculated by:
b1=yσ1y-1,b2=yσ2y-1,…,bn-1=yσn-1y-1
wherein, b1,b2,…,bn-1Is the second conjugate value; sigma1,σ2,…,σn-1A plurality of generators for braid groups; y is an element and n is an index.
S202, the second conjugate value is sent to the signing party, and the second conjugate value is used for the signing party to calculate the digital signature of the information to be signed.
Specifically, when the signer needs to be verified, the verifier may send the second conjugate value to the signer, and after receiving the second conjugate value, the signer may calculate the digital signature of the information to be signed by using the above step in S104.
S203, when the digital signature from the signer is received, verifying the digital signature according to the second conjugate value and the first conjugate value.
When the verifier receives the digital signature of the signer, the verifier can calculate a verification value corresponding to the digital signature according to the second conjugate value and the first conjugate value; if the verification value is equal to the digital signature, the digital signature verification is passed. If the verification value is not equal to the digital signature, the verification fails.
Specifically, the public key may further include a hash function, and the calculation formula of the verification value may be:
K’=y(a1,a2,…,an-1);
e’=(y-1K’)-1
S’=H(m||e’);
wherein y is an element, S 'is a verification value, H is a hash function, m is information to be signed, n is an index, | | represents that characters m and e' are connected together.
The verification principle is as follows:
e=x-1K
=x-1x(b1,b2,…,bn-1)
=x-1x(y-1σ1y,y-1σ2y,…,y-1σn-1y)
=x-1y-1x(σ1,σ2,…,σn-1)y
=x-1y-1xy
e’=(y-1K’)-1
=(y-1y(a1,a2,…,an-1))-1
=(y-1y(x-1σ1x,x-1σ2x,…,x-1σn-1x))-1
=(y-1x-1y(σ1,σ2,…,σn-1)x)-1
=(y-1x-1yx)-1=x-1y-1xy
so S '═ H (m | | e') ═ H (m | | | e) ═ S
In the embodiment of the application, a signer determines an element from one Mihailova subgroup of an braid group as a private key, and a verifier determines an element from another Mihailova subgroup of the braid group to perform conjugate operation. The private key can be verified only by being held in the hand of the signing party without being sent to the verifying party, so that the private key is prevented from being stolen in the data communication process; the security of the digital signature in the embodiment depends on the member problem in the Mihailova subgroup, which is not understood, so that the digital signature method in the embodiment can resist quantum computing attack and has higher security.
It should be noted that, the sequence numbers of the steps in the foregoing embodiments do not mean the execution sequence, and the execution sequence of each process should be determined by the function and the inherent logic of the process, and should not constitute any limitation on the implementation process of the embodiments of the present application.
For ease of understanding, the digital signature provided in the present application is presented below in a complete example.
In this embodiment, the signer and the verifier may agree in advance, so as to perform identity verification and information integrity verification by using the digital signature method in this embodiment. The digital signature method in the present embodiment may include three processes of key generation, signature and verification.
The key generation process may include:
the signature party selects a braid group B with index n being more than or equal to 6nAs a public key, its generator is σ1,σ2,…,σn-1Simultaneously selecting an anti-collision Hash function H: B with an input byte of any length and an output byte of a fixed length of k bytesn→{0,1}kWhere k is a fixed natural number large enough.
Signer selection BnAnd multiplication of elements satisfying P and Q is not exchangeable, with Q as the public key.
The signer selects an element x from the Mihailova subgroup P as its private key, which is denoted as x ═ x (σ)1,σ2,…,σn-1) And calculate a1=xσ1x-1,a2=xσ2x-1,…,an-1=xσn-1x-1,(a1,a2,…,an-1) As its public key; the public key of the signer is (n, B)n,Q,H,a1,a2,…,an-1) The private key is x.
The signing process may include:
the verifier selects a public key Q published by the signer to select an element y, and the element y is marked as y (sigma)1,σ2,…,σn-1) And calculate b1=yσ1y-1,b2=yσ2y-1,…,bn-1=yσn-1y-1And will be (b)1,b2,…,bn-1) And sending the information to the signer.
Receiving (b) of the authenticating party1,b2,…,bn-1) The signer compares all sigma in the private key xiRespectively replaced by bi(i-1, 2, …, n-1), and calculating x (b)1,b2,…,bn-1) And is denoted as K. Further calculating e ═ x using the private key-1K, and then S ═ H (m | | | e) is further calculated (where | | denotes that the characters m and e are connected together). m is the information to be signed, and the signature of the signer to m is S.
The verification process may include:
the verifier acquires the public key (a) published by the signer1,a2,…,an-1) Then all σ in y selected beforeiIs replaced by aiI is 1, …, n-1, and y (a) is calculated1,a2,…,an-1) And is denoted as K ', and e' ═ y is further calculated-1K’)-1Then, S ' is further calculated as H (m | | | e ') (where | | denotes that the characters m and e ' are connected together). And verifying whether S' is S, accepting the signature if the equation is true, and rejecting the signature otherwise.
The verifier acquires the public key (a) published by the signer1,a2,…,an-1) Then all sigma in y in step (4)iIs replaced by aiI is 1, …, n-1, and y (a) is calculated1,a2,…,an-1) And is denoted as K ', and e' ═ y is further calculated- 1K’)-1Then, S ' is further calculated as H (m | | | e ') (where | | denotes that the characters m and e ' are connected together). And verifying whether S' is S, accepting the signature if the equation is true, and rejecting the signature otherwise.
In the embodiment of the application, the platform for establishing the digital signature protocol is a braid group B with the index n being more than or equal to 6nAnd BnTwo Mihailova subgroups P and Q that have multiplication of elements that are not commutative, while making the subgroup membership problem of P and Q unknowable.
The subgroup member problem (membership problem or generated word problem) refers to a subgroup H of a given group G, the generated element set of which is X, and whether any element G in the group G can be represented by a word on X is judged, namely whether the G is an element in the H is judged.
If a third party tries to attack the protocol, she can only pass the public information of both parties of the protocol { sigma1,σ2,…,σn-1},{n,Bn,Q,H,a1,a2,…,an-1}(ai=x-1σix, i-1, …, n-1) and { b obtained through a channel1,b2,…,bn-1}(bi=y-1σiy, i ═ 1, …, n-1) to carry out the attack. If she can get BnS and t are such that
s-1σis=y-1σiy,t-1σit=x-1σix,i=1,2,…,n-1,
Let sCy, t ═ dx (where c and d are B)nAn element of) then have
s-1σis=(cy)-1σicy=y-1c-1σicy=y-1σiy,i=1,2,…,n-1
Thereby having
c-1σic=σi,i=1,2,…,n-1
I.e. c and each sigmaiThe multiplication is exchangeable. Due to BnBy σ1,σ2,…,σn-1Is generated that c is BnThe central element. And BnIs centered on2Generated infinite loop subgroup<Δ2>In which
Δ=σ1σ2…σn-1σ1σ2…σn-2…σ1σ2σ3σ1σ2σ1
Whereby c is<Δ2>Of (2) is used. In the same way, d is<Δ2>Of (2) is used. Due to the fact that<Δ2>Is BnCenter of (a) and ai 22>,σi+1 22>,σi+3 22>And σi+4 22>Generated business group Bn/<Δ2>A subgroup ofi 2,σi+1 2,σi+3 2And σi+4 2Generation of BnAre isomorphic and thus also free groups of rank 2. Shop for old children (M)i2>)/<Δ2>Is also the business group Bn/<Δ2>A subgroup of Mihailova. Therefore (M)i2>)/<Δ2>The subgroup membership problem of (a) is also not solvable. So that an attacker can obtain B ifnS and t are such that
s-1σis=y-1σiy,t-1σit=x-1σit,i=1,2,…,n-1,
Then s is cy, t is dx, c, d ∈<Δ2>Therefore in the business group Bn/<Δ2>Chinese character of S<Δ2>=y<Δ2>And t<Δ2>=x<Δ2>. I.e. the attacker is in the business group Bn/<Δ2>Has to find the Mihaivova subgroup (M)i2>)/<Δ2>Middle element y<Δ2>And x<Δ2>. Due to (M)i2>)/<Δ2>The problem of subgroup membership is not solvable, so there is no algorithm to allow an attacker to successfully obtain y<Δ2>And x<Δ2>Thus, there is also no algorithm for an attacker to successfully obtain the required s and t.
The braid group B is selected by a signature partynThe elements of the Mihailova subgroup as key components of its private key and prove that all possible attacks are computationally infeasible, i.e. the digital signature method of the present invention is resistant to all known attacks including quantum computation attacks.
Compared with the prior art, the method has the following advantages: the safety guarantee of the established digital signature algorithm depends on the insolubility of the corresponding judgment problem, but not the calculation difficulty of the corresponding judgment problem; classical public key cryptographic algorithms are based on computational difficulties, so that the digital signature algorithm of the present invention is resistant to all known attacks including quantum computational attacks.
The digital signature method can be used for identity verification, and the digital signature method in the application is described as an example in an identity verification scene in the following:
alice sends information to Bob, and in order to prevent Oscar from pretending to be Alice sending information to Bob, the identity of Alice may be verified by Bob through the digital signature method in this embodiment.
First, Alice and Bob may achieve a digital signature protocol according to the method in this embodiment, where Alice is a signing party and Bob is a verifying party.
Alice can select a braid group B with the index n being more than or equal to 6nAs a public key, braid group BnHas a generator of1,σ2,…,σn-1Simultaneously selecting an anti-collision Hash function H: B with an input byte of any length and an output byte of a fixed length of k bytesn→{0,1}kWhere k is a fixed natural number large enough.
Alice selects BnAnd the multiplication of elements satisfying P and Q is not exchangeable.
Alice selects an element x from the Mihailova subgroup P as its private key, which is denoted as x ═ x (σ)1,σ2,…,σn-1) And calculate a1=xσ1x-1,a2=xσ2x-1,…,an-1=xσn-1x-1,(a1,a2,…,an-1)。
Alice's public key is (n, B)n,Q,H,a1,a2,…,an-1) The private key is x. Bob can publicly obtain Alice's public key.
When authentication is to be performed, Alice and Bob may agree to perform authentication using one unique identification information m of Alice.
Bob selects an element y from the public key Q published by Alice, and the element y is recorded as y (σ)1,σ2,…,σn-1) And calculate b1=yσ1y-1,b2=yσ2y-1,…,bn-1=yσn-1y-1And will be (b)1,b2,…,bn-1) And sending the data to Alice.
Receiving Bob's (b)1,b2,…,bn-1) Then, Alice compares all σ in the private key xiRespectively replaced by bi(i-1, 2, …, n-1), and calculates x (b)1,b2,…,bn-1) And is denoted as K. Further using private key to calculate e ═ x-1K, and then further calculates S ═ H (m | | | e) (where| represents the concatenation of the characters m and e). The signature of Alice on m is S.
Alice may then send the digital signature to Bob when sending information to Bob. Bob determines whether the information originates from Alice through the digital signature, avoiding Oscar from masquerading as Alice.
After receiving the information of Alice, Bob can acquire the carried digital signature. Then all sigma in y selected beforeiIs replaced by aiI is 1, …, n-1, and y (a) is calculated1,a2,…,an-1) And is denoted as K ', and e' ═ y is further calculated-1K’)-1Then, S ' is further calculated as H (m | | | e ') (where | | denotes that the characters m and e ' are connected together). Bob verifies if S' is S, if the equation holds, indicating that the information is indeed from Alice, otherwise the information is not sent by Alice.
The digital signature method may also be used to ensure the integrity of information transmission, and the following example of the digital signature method in the present application in an identity verification scenario is described as follows:
in order to prevent Oscar from tampering with the information sent by Alice to Bob, the information integrity verification may be implemented by the digital signature method in this embodiment.
First, Alice and Bob may achieve a digital signature protocol according to the method in this embodiment, where Alice is a signer in this application, and Bob is a verifier in this application.
Alice can select a braid group B with the index n being more than or equal to 6nAs a public key, braid group BnHas a generator of1,σ2,…,σn-1Simultaneously selecting an anti-collision Hash function H: B with an input byte of any length and an output byte of a fixed length of k bytesn→{0,1}kWhere k is a fixed natural number large enough.
Alice selects BnAnd the multiplication of elements satisfying P and Q is not exchangeable.
Alice from Mihaivova subgroupOne element x is selected from P as its private key, which is denoted as x ═ x (σ)1,σ2,…,σn-1) And calculate a1=xσ1x-1,a2=xσ2x-1,…,an-1=xσn-1x-1,(a1,a2,…,an-1)。
Alice's public key is (n, B)n,Q,H,a1,a2,…,an-1) The private key is x. Bob can publicly obtain Alice's public key.
When Alice sends a message to Bob, it may generate an abstract m of the message by using a hash function.
Bob selects an element y from the public key Q published by Alice, and the element y is marked as y (sigma)1,σ2,…,σn-1) And calculate b1=yσ1y-1,b2=yσ2y-1,…,bn-1=yσn-1y-1And will be (b)1,b2,…,bn-1) And sending the data to Alice.
Receiving Bob's (b)1,b2,…,bn-1) Then, Alice compares all σ in the private key xiRespectively replaced by bi(i-1, 2, …, n-1), and calculates x (b)1,b2,…,bn-1) And is denoted as K. Further calculating e ═ x using the private key-1K, and then S ═ H (m | | | e) is further calculated (where | | denotes that the characters m and e are connected together). The signature of Alice on m is S.
Alice may then send the digital signature to Bob along with the message when sending the message to Bob. Bob determines whether the message is tampered by the digital signature.
After receiving the information of Alice, Bob can acquire the carried digital signature. And then, generating the abstract m' of the message by adopting the hash function same as that of Alice. Then all sigma in y selected beforeiIs replaced by aiI is 1, …, n-1, and y (a) is calculated1,a2,…,an-1) Further calculate e ═ K', and(y-1K’)-1then, S ' is further calculated as H (m ' | | e ') (where | | denotes that the characters m ' and e ' are connected together). Bob verifies whether S' is S, if the equation is established, the message is not tampered, otherwise, the message is tampered.
Referring to fig. 3, a schematic diagram of a digital signature apparatus provided in the embodiment of the present application is shown, and is applied to a signer, and specifically, the digital signature apparatus may include a subgroup determining module 31, a conjugate operation module 32, a public key generating module 33, a digital signature module 34, and a sending module 35, where:
a subgroup determining module 31, configured to determine a first subgroup and a second subgroup from an established braid group, where an index of the braid group is an integer greater than or equal to 6, and multiplication of elements of the first subgroup and the second subgroup is not exchangeable;
a conjugate operation module 32, configured to select any element from the first sub-group as a private key, and perform a conjugate operation on the private key and the braid group to obtain a first conjugate value;
a public key generating module 33, configured to generate a public key based on the braid group and the first conjugate value;
the digital signature module 34 is configured to, when receiving a second conjugate value sent by a verifier, calculate a digital signature of information to be signed according to the second conjugate value and the private key, where the second conjugate value is calculated by the verifier according to the public key;
a sending module 35, configured to send the digital signature to the verifier.
In a possible implementation manner, the conjugate operation module 32 performs a conjugate operation on the private key and the braid group by using the following formula to obtain a first conjugate value:
a1=xσ1x-1,a2=xσ2x-1,…,an-1=xσn-1x-1
wherein σ1,σ2,…,σn-1A plurality of generators for the braid population; x is the private key; a is1,a2,…,an-1Is the first conjugate value, n is the exponent.
In one possible implementation, the public key includes a hash function, and the digital signature module 34 calculates a digital signature of the information to be signed by using the following formula:
K=x(b1,b2,…,bn-1);
e=x-1K;
S=H(m||e);
wherein, b1,b2,…,bn-1Is the second conjugate value; s is the digital signature, H is the hash function, m is the information to be signed, n is the index, | | represents that the characters m and e are connected together.
Referring to fig. 4, a schematic diagram of another digital signature apparatus provided in the embodiment of the present application is shown, and is applied to a verifier, and specifically, the digital signature apparatus may include a calculating module 41, a sending module 42, and a verifying module 43, where:
a calculating module 41, configured to calculate a second conjugate value according to a public key of the signer, where the public key includes the first conjugate value;
a sending module 42, configured to send the second conjugate value to the signer, where the second conjugate value is used for the signer to calculate a digital signature of the information to be signed;
a verification module 43, configured to verify the digital signature according to the second conjugate value and the first conjugate value when the digital signature from the signer is received.
In a possible implementation manner, the calculating module 41 includes:
the obtaining submodule is used for obtaining a public key of a signer, the public key further comprises a braid group and a subgroup, and the index of the braid group is an integer greater than or equal to 6;
a selection submodule for selecting any element from the subgroups;
and the calculation sub-module is used for performing conjugate operation on the element and the braid group to obtain the second conjugate value.
In a possible implementation manner, the calculating submodule performs a conjugate operation on the element and the braid group by using the following formula to obtain a second conjugate value:
b1=yσ1y-1,b2=yσ2y-1,…,bn-1=yσn-1y-1
wherein, b1,b2,…,bn-1Is the second conjugate value; sigma1,σ2,…,σn-1A plurality of generators for the braid population; y is the element and n is the index.
In one possible implementation, the verification module 43 includes:
a verification value operator module, configured to calculate a verification value corresponding to the digital signature according to the second conjugate value and the first conjugate value;
and the judgment submodule is used for passing the verification of the digital signature if the verification value is equal to the digital signature.
In a possible implementation manner, the public key further includes a hash function, and the verification value operator module calculates the verification value corresponding to the digital signature by using the following formula:
K’=y(a1,a2,…,an-1);
e’=(y-1K’)-1
S’=H(m||e’);
wherein y is the element, S 'is the verification value, H is the hash function, m is the information to be signed, n is the index, and | represents that the characters m and e' are connected together.
For the apparatus embodiment, since it is substantially similar to the method embodiment, it is described relatively simply, and reference may be made to the description of the method embodiment section for relevant points.
Fig. 5 is a schematic structural diagram of a computer device according to an embodiment of the present application. As shown in fig. 5, the computer device 5 of this embodiment includes: at least one processor 50 (only one shown in fig. 5), a memory 51, and a computer program 52 stored in the memory 51 and executable on the at least one processor 50, the processor 50 implementing the steps in any of the various method embodiments described above when executing the computer program 52.
The computer device 5 may be a desktop computer, a notebook, a palm computer, a cloud server, or other computing devices. The computer device may include, but is not limited to, a processor 50, a memory 51. Those skilled in the art will appreciate that fig. 5 is merely an example of the computer device 5, and does not constitute a limitation of the computer device 5, and may include more or less components than those shown, or may combine some components, or different components, and may further include input and output devices, network access devices, and the like, for example.
The Processor 50 may be a Central Processing Unit (CPU), and the Processor 50 may be other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field-Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware components, and the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 51 may in some embodiments be an internal storage unit of the computer device 5, such as a hard disk or a memory of the computer device 5. The memory 51 may also be an external storage device of the computer device 5 in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the computer device 5. Further, the memory 51 may also include both an internal storage unit and an external storage device of the computer device 5. The memory 51 is used for storing an operating system, an application program, a BootLoader (BootLoader), data, and other programs, such as program codes of the computer program. The memory 51 may also be used to temporarily store data that has been output or is to be output.
The embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps in the above-mentioned method embodiments.
The embodiments of the present application provide a computer program product, which when executed on a computer device, enables the computer device to implement the steps in the above method embodiments.
The functions implemented by the computer device may be stored in a computer-readable storage medium if implemented in the form of software functional units and sold or used as a stand-alone product. Based on such understanding, all or part of the processes in the methods of the embodiments described above may be implemented by instructing relevant hardware by a computer program, which may be stored in a computer-readable storage medium, and when the computer program is executed by a processor, the steps of the embodiments of the methods described above may be implemented. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to an apparatus/computer device, recording medium, computer Memory, Read-Only Memory (ROM), Random-Access Memory (RAM), electrical carrier wave signals, telecommunications signals, and software distribution medium. Such as a usb-disk, a removable hard disk, a magnetic or optical disk, etc. In certain jurisdictions, computer-readable media may not be an electrical carrier signal or a telecommunications signal in accordance with legislative and patent practice.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative method steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/computer device and method may be implemented in other ways. For example, the above-described apparatus/computer device embodiments are merely illustrative, and for example, the division of the modules is only one logical division, and there may be other divisions when actually implemented, for example, multiple sub-modules may be combined or integrated into another module, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same. Although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.

Claims (10)

1. A digital signature method, applied to a signer, the method comprising:
determining a first subgroup and a second subgroup from established braid groups, wherein the index of the braid group is an integer greater than or equal to 6, and multiplication of elements of the first subgroup and the second subgroup is not exchangeable;
selecting any element from the first subgroup as a private key, and performing conjugate operation on the private key and the braid group to obtain a first conjugate value;
generating a public key based on the braid group and the first conjugate value;
when a second conjugate value sent by a verifier is received, calculating a digital signature of the information to be signed according to the second conjugate value and the private key, wherein the second conjugate value is calculated by the verifier according to the public key;
and sending the digital signature to the verifier.
2. The method of claim 1, wherein the private key and the braid group are conjugated using the following equation to obtain a first conjugate value:
a1=xσ1x-1,a2=xσ2x-1,…,an-1=xσn-1x-1
wherein σ1,σ2,…,σn-1A plurality of generators for the braid population; x is the private key; a is1,a2,…,an-1Is the first conjugate value, n is the exponent.
3. The method according to claim 1 or 2, wherein the public key comprises a hash function, and the digital signature of the information to be signed is calculated from the second conjugate value and the private key using the following formula:
K=x(b1,b2,…,bn-1);
e=x-1K;
S=H(m||e);
wherein, b1,b2,…,bn-1Is the second conjugate value; s is the digital signature, H is the hash function, m is the information to be signed, n is the index, | | represents that the characters m and e are connected together.
4. A digital signature method, applied to a verifier, the method comprising:
calculating a second conjugate value according to a public key of the signer, wherein the public key comprises a first conjugate value;
sending the second conjugate value to the signer, wherein the second conjugate value is used for the signer to calculate a digital signature of the information to be signed;
upon receiving the digital signature from the signer, verifying the digital signature according to the second conjugate value and the first conjugate value.
5. The method of claim 4, wherein said calculating the second conjugate value from the public key of the signer comprises:
obtaining a public key of a signer, wherein the public key further comprises a braid group and a subgroup, and the index of the braid group is an integer greater than or equal to 6;
selecting any element from the subgroup;
and performing conjugate operation on the element and the braid group to obtain the second conjugate value.
6. A method according to claim 5, wherein the element and the group of braids are conjugated to obtain a second conjugate value using the formula:
b1=yσ1y-1,b2=yσ2y-1,…,bn-1=yσn-1y-1
wherein, b1,b2,…,bn-1Is the second conjugate value; sigma1,σ2,…,σn-1A plurality of generators for the braid population; y is the element and n is the index.
7. The method of any of claims 5 or 6, wherein the verifying the digital signature based on the second conjugate value and the first conjugate value comprises:
calculating a verification value corresponding to the digital signature according to the second conjugate value and the first conjugate value;
and if the verification value is equal to the digital signature, the digital signature passes the verification.
8. The method of claim 7, wherein the public key further comprises a hash function, and wherein the verification value corresponding to the digital signature is calculated according to the second conjugate value and the first conjugate value by using the following formula:
K’=y(a1,a2,…,an-1);
e’=(y-1K’)-1
S’=H(m||e’);
wherein y is the element, S 'is the verification value, H is the hash function, m is the information to be signed, n is the index, and | represents that the characters m and e' are connected together.
9. A computer device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the digital signature method as recited in any one of claims 1-4 or 5-8 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, implements the digital signature method according to any one of claims 1 to 4 or 5 to 8.
CN202210182974.0A 2022-02-25 2022-02-25 Digital signature method, computer equipment and medium Active CN114640463B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202210182974.0A CN114640463B (en) 2022-02-25 2022-02-25 Digital signature method, computer equipment and medium
PCT/CN2022/103270 WO2023159849A1 (en) 2022-02-25 2022-07-01 Digital signature methods, computer device and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210182974.0A CN114640463B (en) 2022-02-25 2022-02-25 Digital signature method, computer equipment and medium

Publications (2)

Publication Number Publication Date
CN114640463A true CN114640463A (en) 2022-06-17
CN114640463B CN114640463B (en) 2023-05-12

Family

ID=81948498

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210182974.0A Active CN114640463B (en) 2022-02-25 2022-02-25 Digital signature method, computer equipment and medium

Country Status (2)

Country Link
CN (1) CN114640463B (en)
WO (1) WO2023159849A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023159849A1 (en) * 2022-02-25 2023-08-31 深圳大学 Digital signature methods, computer device and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103200000A (en) * 2013-03-27 2013-07-10 武汉大学 Shared secret key establishment method under quantum computing environment
CN105393488A (en) * 2013-12-04 2016-03-09 王威鉴 Method for establishing public key cryptogram against quantum computing attack
US20170085387A1 (en) * 2015-09-22 2017-03-23 Securerf Corporation Signature generation and verification system
CN106664199A (en) * 2015-10-12 2017-05-10 王晓峰 Method of establishing anti-attack security public key password

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107911209B (en) * 2017-12-28 2020-10-16 深圳大学 Method for establishing security public key password for resisting quantum computing attack
US20190215148A1 (en) * 2018-01-11 2019-07-11 Shenzhen University Method of establishing anti-attack public key cryptogram
WO2021223090A1 (en) * 2020-05-06 2021-11-11 深圳大学 Method and apparatus for establishing shared key
CN111740821B (en) * 2020-05-06 2023-06-27 深圳大学 Method and device for establishing shared secret key
CN114640463B (en) * 2022-02-25 2023-05-12 深圳大学 Digital signature method, computer equipment and medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103200000A (en) * 2013-03-27 2013-07-10 武汉大学 Shared secret key establishment method under quantum computing environment
CN105393488A (en) * 2013-12-04 2016-03-09 王威鉴 Method for establishing public key cryptogram against quantum computing attack
US20170085387A1 (en) * 2015-09-22 2017-03-23 Securerf Corporation Signature generation and verification system
CN106664199A (en) * 2015-10-12 2017-05-10 王晓峰 Method of establishing anti-attack security public key password

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023159849A1 (en) * 2022-02-25 2023-08-31 深圳大学 Digital signature methods, computer device and medium

Also Published As

Publication number Publication date
WO2023159849A1 (en) 2023-08-31
CN114640463B (en) 2023-05-12

Similar Documents

Publication Publication Date Title
JP5790319B2 (en) Signature verification apparatus, signature verification method, program, and recording medium
CN110768799B (en) Digital signature method, device, equipment, medium and system
CN110505067B (en) Block chain processing method, device, equipment and readable storage medium
TW201320701A (en) Information processing device, information processing method, and program
CN111783136A (en) Data protection method, device, equipment and storage medium
CN112187469A (en) SM2 multi-party collaborative digital signature method and system based on key factor
US7191333B1 (en) Method and apparatus for calculating a multiplicative inverse of an element of a prime field
CN110602190B (en) Block chain consensus method, block chain node and storage device
US20080320557A1 (en) Batch verification device, program and batch verification method
CN115529141A (en) Traceable ring signature generation method and system for logarithmic signature size
CN114640463B (en) Digital signature method, computer equipment and medium
CN111740821B (en) Method and device for establishing shared secret key
CN116566626B (en) Ring signature method and apparatus
CN111147249B (en) Data processing method, device, equipment and medium
CN108900310A (en) Block chain signature processing method and block chain signature processing unit
CN114221753B (en) Key data processing method and electronic equipment
KR20240045231A (en) Creation of digitally signed shares
JP2005513564A (en) Cryptography to distribute the load across multiple entities and their devices
CN112541759A (en) Hidden transaction method and device based on UTXO model in block chain system and related products
CN112054894B (en) Batch verification method and system based on SM2
CN115840953A (en) Identity authentication method, device, terminal and readable storage medium
CN114710293B (en) Digital signature method, device, electronic equipment and storage medium
CN115001698B (en) Aggregate signature method, apparatus, device and storage medium
CN115134093B (en) Digital signature method and computing device
CN117278213B (en) Polynomial commitment based method, electronic device and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant