CN115001698B - Aggregate signature method, apparatus, device and storage medium - Google Patents
Aggregate signature method, apparatus, device and storage medium Download PDFInfo
- Publication number
- CN115001698B CN115001698B CN202210459494.4A CN202210459494A CN115001698B CN 115001698 B CN115001698 B CN 115001698B CN 202210459494 A CN202210459494 A CN 202210459494A CN 115001698 B CN115001698 B CN 115001698B
- Authority
- CN
- China
- Prior art keywords
- variable
- signature
- verified
- key
- public key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention provides an aggregate signature method, an aggregate signature device and a storage medium, wherein the method comprises the following steps: receiving a plurality of messages to be verified and digital signatures corresponding to the messages to be verified, wherein the digital signatures comprise a first variable, a second variable and a third variable, the first variable is related to the messages to be verified and the third variable, the second variable is related to a signature private key corresponding to the messages to be verified and the first variable, and the third variable is related to a main public key generated by a key generation center. And based on the first variable, the second variable and the third variable in the digital signature, aggregating the digital signatures corresponding to all the messages to be verified to obtain a target signature, wherein the target signature is used for simultaneously verifying a plurality of messages to be verified. In the scheme, the digital signatures corresponding to all the messages to be verified are aggregated, so that the simultaneous verification of a plurality of messages to be verified is realized based on the aggregated target signature, and the efficiency of batch verification can be improved.
Description
Technical Field
The present invention relates to the field of information security data processing technologies, and in particular, to an aggregate signature method, an apparatus, a device, and a storage medium.
Background
With the continuous development of internet technology, the information security industry is paid attention to and paid attention to, and at present, digital identity authentication is required in many application scenes, such as application scenes of the internet of vehicles and the like.
Taking the internet of vehicles as an example, in practical application, since the vehicle moving speed in the internet of vehicles is high, the efficiency of message authentication must be ensured, otherwise, the security message cannot be authenticated in time, and the packet loss rate will rise, thereby causing low communication efficiency. Thus, reducing the delay in message authentication is a key requirement for the internet of vehicles to increase the efficiency of authentication protocols.
However, in the conventional scheme, when digital signature verification is performed based on the SM9 signature algorithm, a certain amount of computing resources are generally consumed, and when multiple messages are required to be verified, more computing resources are consumed for one-by-one verification, and meanwhile, the problem of low authentication efficiency is caused.
Disclosure of Invention
The embodiment of the invention provides an aggregate signature method, an aggregate signature device, aggregate signature equipment and a storage medium, which are used for verifying messages in batches and improving the efficiency of batch authentication.
In a first aspect, an embodiment of the present invention provides an aggregate signature method, applied to an authentication device, including:
Receiving a plurality of messages to be verified and digital signatures corresponding to the messages to be verified, wherein the digital signatures comprise a first variable, a second variable and a third variable, the first variable is related to the messages to be verified and the third variable, the second variable is related to a signature private key corresponding to the messages to be verified and the first variable, and the third variable is related to a main public key generated by a key generation center;
and based on the first variable, the second variable and the third variable in the digital signature, aggregating the digital signatures corresponding to all the messages to be verified to obtain a target signature, wherein the target signature is used for realizing simultaneous verification of the plurality of messages to be verified.
Optionally, the aggregating the digital signatures corresponding to all the messages to be verified based on the first variable, the second variable and the third variable in the digital signature to obtain a target signature includes:
accumulating the first variables in the plurality of digital signatures to obtain a target first variable;
accumulating the second variables in the plurality of digital signatures to obtain a target second variable;
accumulating the third variables in the plurality of digital signatures to obtain a target third variable;
And determining a target signature based on the target first variable, the target second variable and the target third variable.
Optionally, the determining the target signature based on the target first variable, the target second variable, and the target third variable includes:
and combining the target first variable, the target second variable and the target third variable to obtain a target signature.
Optionally, the method further comprises:
acquiring signature public keys corresponding to the messages to be verified, wherein the signature public keys are used for signing the messages to be verified;
and aggregating the signature public keys corresponding to the plurality of messages to be verified respectively to obtain a target public key.
Optionally, the aggregating the signature public keys corresponding to the plurality of messages to be verified to obtain the target public key includes:
and accumulating the signature public keys corresponding to the plurality of messages to be verified respectively to obtain a target public key.
Optionally, after the obtaining the target public key, the method further includes:
acquiring a main public key generated by a key generation center;
and verifying the target signature according to the main public key and the target public key.
In a second aspect, an embodiment of the present invention provides an aggregate signature apparatus located in an authentication device, the apparatus including:
A receiving module, configured to receive a plurality of messages to be verified and digital signatures corresponding to the messages to be verified, where the digital signatures include a first variable, a second variable, and a third variable, where the first variable is related to the messages to be verified and the third variable, the second variable is related to a private signature key corresponding to the messages to be verified and the first variable, and the third variable is related to a master public key generated by a key generation center;
the aggregation module is used for aggregating the digital signatures corresponding to all the messages to be verified based on the first variable, the second variable and the third variable in the digital signatures to obtain target signatures, and the target signatures are used for realizing simultaneous verification of the plurality of messages to be verified.
Optionally, the aggregation module may specifically be configured to:
accumulating the first variables in the plurality of digital signatures to obtain a target first variable;
accumulating the second variables in the plurality of digital signatures to obtain a target second variable;
accumulating the third variables in the plurality of digital signatures to obtain a target third variable;
and determining a target signature based on the target first variable, the target second variable and the target third variable.
Optionally, the aggregation module may be further specifically configured to:
and combining the target first variable, the target second variable and the target third variable to obtain a target signature.
Optionally, the apparatus may further include an acquisition module, specifically may be configured to:
acquiring signature public keys corresponding to the messages to be verified, wherein the signature public keys are used for signing the messages to be verified;
and aggregating the signature public keys corresponding to the plurality of messages to be verified respectively to obtain a target public key.
Optionally, the acquiring module may be specifically further configured to:
and accumulating the signature public keys corresponding to the plurality of messages to be verified respectively to obtain a target public key.
Optionally, the acquiring module may further include a signature verification module, which may specifically be configured to:
acquiring a main public key generated by a key generation center;
and verifying the target signature according to the main public key and the target public key.
In a third aspect, an embodiment of the present invention provides an electronic device, including: a memory, a processor, a communication interface; wherein the memory has executable code stored thereon which, when executed by the processor, causes the processor to at least implement the aggregate signature method as described in the first aspect.
In a fourth aspect, embodiments of the present invention provide a non-transitory machine-readable storage medium having executable code stored thereon, which when executed by a processor of a management device, causes the processor to at least implement an aggregate signature method as described in the first aspect.
In a fifth aspect, an embodiment of the present invention provides an aggregate signature method, applied to a terminal device, where the method includes:
acquiring a main public key, information to be verified and a signature private key corresponding to the information to be verified, which are generated by a key generation center;
signing the information to be verified based on the main public key and the signature private key to obtain a digital signature, wherein the digital signature comprises a first variable, a second variable and a third variable, the first variable is related to the information to be verified and the third variable, the second variable is related to the signature private key corresponding to the information to be verified and the first variable, and the third variable is related to the main public key generated by a key generation center;
and sending the information to be verified and the digital signature to authentication equipment so that the authentication equipment aggregates the digital signature corresponding to the information to be verified.
Optionally, the obtaining the signature private key corresponding to the message to be verified includes:
the identification information corresponding to the message to be verified is sent to a key generation center, so that the key generation center generates a part of private key and a part of public key based on the identification information;
receiving a part of private key and a part of public key sent by the key generation center;
generating a secret value, the secret value being a random number;
and obtaining a signature private key corresponding to the message to be verified according to the secret value and the partial private key.
In a sixth aspect, an embodiment of the present invention provides an aggregate signature apparatus, located in a terminal device, where the apparatus includes:
the acquisition module is used for acquiring the main public key, the information to be verified and the signature private key corresponding to the information to be verified, which are generated by the key generation center;
the signature module is used for signing the information to be verified based on the main public key and the signature private key to obtain a digital signature, wherein the digital signature comprises a first variable, a second variable and a third variable, the first variable is related to the information to be verified and the third variable, the second variable is related to the signature private key corresponding to the information to be verified and the first variable, and the third variable is related to the main public key generated by the key generation center;
And the sending module is used for sending the information to be verified and the digital signature to the authentication equipment so as to enable the authentication equipment to aggregate the digital signature corresponding to the information to be verified.
Optionally, the acquiring module may be specifically further configured to:
the identification information corresponding to the message to be verified is sent to a key generation center, so that the key generation center generates a part of private key and a part of public key based on the identification information;
receiving a part of private key and a part of public key sent by the key generation center;
generating a secret value, the secret value being a random number;
and obtaining a signature private key corresponding to the message to be verified according to the secret value and the partial private key.
In a seventh aspect, an embodiment of the present invention provides a terminal device, including: a memory, a processor, a communication interface; wherein the memory has executable code stored thereon which, when executed by the processor, causes the processor to at least implement the aggregate signature method as described in the fifth aspect.
In an eighth aspect, embodiments of the present invention provide a non-transitory machine-readable storage medium having executable code stored thereon, which when executed by a processor of a computing device, causes the processor to at least implement an aggregate signature method as described in the fifth aspect.
The aggregated signature scheme provided by the embodiment of the invention can be applied to authentication equipment and terminal equipment, and for any authentication equipment, a plurality of messages to be verified and digital signatures corresponding to the messages to be verified are required to be received, wherein the digital signatures comprise a first variable, a second variable and a third variable, the first variable is related to the messages to be verified and the third variable, the second variable is related to a signature private key corresponding to the messages to be verified and the first variable, and the third variable is related to a main public key generated by a key generation center. And then, based on the first variable, the second variable and the third variable in the digital signature, aggregating the digital signatures corresponding to all the messages to be verified to obtain a target signature, wherein the target signature is used for simultaneously verifying a plurality of messages to be verified.
In the scheme, the digital signatures corresponding to all the messages to be verified are aggregated to obtain one aggregated target signature, so that the aggregation of a plurality of digital signatures into one digital signature is realized, and the batch aggregation signature is completed. And the simultaneous verification of a plurality of messages to be verified can be realized based on the aggregated target signature, so that the efficiency of batch verification is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of an aggregate signature method according to an embodiment of the present invention;
fig. 2 is an application schematic diagram of an aggregate signature method according to an embodiment of the present invention;
FIG. 3 is a flow chart of another aggregate signature method in accordance with an exemplary embodiment of the present invention;
FIG. 4 is a flow chart of an aggregate signature method according to an exemplary embodiment of the present invention;
fig. 5 is a schematic diagram of an application scenario of an aggregate signature method according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an aggregate signature device according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device corresponding to the aggregate signature apparatus provided in the embodiment shown in fig. 6;
fig. 8 is a schematic structural diagram of an aggregate signature apparatus according to an embodiment of the present invention;
Fig. 9 is a schematic structural diagram of an electronic device corresponding to the aggregate signature apparatus provided in the embodiment shown in fig. 8.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this application and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise, the "plurality" generally includes at least two, but does not exclude the case of at least one. It should be understood that the term "and/or" as used herein is merely one relationship describing the association of the associated objects, meaning that there may be three relationships, e.g., a and/or B, may represent: a exists alone, A and B exist together, and B exists alone. In addition, the character "/" herein generally indicates that the front and rear associated objects are an "or" relationship. The words "if", as used herein, may be interpreted as "at … …" or "when … …", depending on the context.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a product or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such product or system. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a commodity or system comprising such elements.
In addition, the sequence of steps in the method embodiments described below is only an example and is not strictly limited.
With the rapid development of network technologies, more and more application fields begin to perform data communication on a network, so it is very important how to ensure the security of data transmitted in the network. The digital signature is an effective method for protecting the data security, adopts the technical means to achieve the same functions as the traditional handwriting signature and the like, and is used for identifying the validity of the signature value and the signature information. In general, the digital signature mode can enable a verifier to verify whether a signature message is tampered in the transmission process, and meanwhile, the authenticity of the identity of the signer can be guaranteed.
However, verification of digital signature validity generally requires a large amount of computing resources, and when digital signatures of a plurality of messages require verification, employing a one-by-one verification method not only consumes a large amount of computing resources, but also affects message verification efficiency, thereby affecting communication efficiency. Obviously, when multiple messages need to be verified, the method of verification one by one is no longer applicable. Based on the above, the embodiment of the invention provides a solution, by aggregating the digital signatures corresponding to all the received messages to be verified to obtain one aggregated target signature, and then verifying the aggregated target signature, the simultaneous verification of all the messages to be verified is realized, so that the messages to be verified are not required to be verified one by one, a large amount of computing resources are saved, and the efficiency of batch verification is improved.
The aggregate signature method of the present solution is described in detail by the following examples.
The aggregate signature method provided by the embodiment of the invention can be executed by an electronic device, and the electronic device can be a terminal device such as a PC (personal computer), a notebook computer, a smart phone and the like. The aggregate signature process performed by the authentication device is exemplarily described below, respectively.
Fig. 1 is a flowchart of an aggregate signature method according to an embodiment of the present invention. Fig. 2 is an application scenario schematic diagram of an aggregate signature method according to an exemplary embodiment of the present application; referring to fig. 1 and fig. 2, the present embodiment provides an aggregate signature method, where an execution body of the method may be an authentication device, and it may be understood that the authentication device may be implemented as software, or a combination of software and hardware, and specifically, as shown in fig. 1, the aggregate signature method may include the following steps:
101. and receiving a plurality of messages to be verified and digital signatures corresponding to the messages to be verified, wherein the digital signatures comprise a first variable, a second variable and a third variable.
102. And based on the first variable, the second variable and the third variable in the digital signature, aggregating the digital signatures corresponding to all the messages to be verified to obtain a target signature, wherein the target signature is used for simultaneously verifying a plurality of messages to be verified.
In the embodiment of the invention, the message to be verified refers to that the digital identity and the integrity of the message need to be verified, and the message to be verified can comprise a digital signature corresponding to the message to be verified, namely a signature value, wherein the signature value comprises a first variable, a second variable and a third variable. The first variable is related to the message to be verified, the second variable is related to the private signature key corresponding to the message to be verified and the first variable, and the third variable is related to the main public key generated by the key generation center.
In practical applications, in the same time period, there may be multiple terminal devices sending the message to be verified to the authentication device at the same time, that is, there are multiple messages that need to be authenticated for security information. At this time, the authentication device needs to receive a plurality of messages to be authenticated and digital signatures corresponding to the messages to be authenticated, and perform authentication on the messages to be authenticated.
In the embodiment of the invention, the digital signatures corresponding to the received messages to be verified can be aggregated, so that the messages to be verified can be verified simultaneously according to the aggregated target signature. Specifically, based on a first variable, a second variable and a third variable in the digital signature, digital signatures corresponding to all the messages to be verified are aggregated to obtain a target signature, wherein the target signature is used for simultaneously verifying a plurality of messages to be verified.
Because the authentication device needs to verify the received plurality of messages to be verified, if a mode of verifying one by one is adopted, the authentication efficiency is affected. Because the aggregated target signature contains a plurality of digital signatures, verifying the aggregated target signature is equivalent to converting verification of a plurality of messages to be verified into verification of one target signature. Therefore, based on the aggregated target signature, simultaneous verification of a plurality of messages to be verified can be realized, so that not only can the computing resources be saved, but also the efficiency of batch verification can be improved.
The existing foreign signature schemes supporting batch verification of message signatures have great limitations, and digital signature algorithms of many algorithms cannot be used for directly carrying out batch verification on a plurality of messages. For example, the existing national standard SM9 digital signature algorithm has strong security and high efficiency, and is commonly used for protecting the integrity of data. However, the existing SM9 digital signature algorithm cannot realize simultaneous verification of multiple message signatures.
Based on this, in the embodiment of the present invention, by aggregating a plurality of message signatures into a single signature according to the characteristics of the SM9 digital signature algorithm, verifying the validity of the aggregated signature is equivalent to verifying the validity of a plurality of signatures. Specifically, based on the first variable, the second variable and the third variable in the digital signature, the digital signatures corresponding to all the messages to be verified are aggregated, and the implementation process of obtaining the target signature may be: accumulating the first variables in the plurality of digital signatures to obtain a target first variable, and accumulating the second variables in the plurality of digital signatures to obtain a target second variable; and accumulating the third variables in the plurality of digital signatures to obtain a target third variable. Finally, a target signature is determined based on the target first variable, the target second variable, and the target third variable.
Specifically, it is assumed that 5 messages to be verified are received in the same time, and that a first variable of a digital signature corresponding to a 1 st message to be verified is h1, a second variable is S1, and a third variable is w1 respectively; the first variable of the digital signature corresponding to the 2 nd message to be verified is h2, the second variable is S2, and the third variable is w2 respectively; the first variable of the digital signature corresponding to the 3 rd message to be verified is h3, the second variable is S3, and the third variable is w3 respectively; the first variable of the digital signature corresponding to the 4 th message to be verified is h4, the second variable is S4, and the third variable is w4 respectively; the first variable of the digital signature corresponding to the 5 th message to be verified is h5, the second variable is S5, and the third variable is w5 respectively. Then, after these values are obtained, then the target first variable may be determined as:
the target second variable is: />
The target third variable is: />
And finally, obtaining a target signature based on the determined target first variable, target second variable and target third variable.
In the embodiment of the present invention, the specific determining process of the target signature is not limited, and those skilled in the art may set the specific determining process according to specific application requirements and design requirements, for example: and combining the target first variable, the target second variable and the target third variable to determine the target signature. Or determining the target signature by splicing the target first variable, the target second variable and the target third variable. Or determining the target signature by accumulating the target first variable, the target second variable and the target third variable.
Specifically, assume that the target first variable is:
the target second variable is:
the target third variable is: />
Obtaining the destination tag name according to the obtained first variable, second variable, third variable and the identity information corresponding to all the information to be verified, wherein the destination tag name is as follows: sigma= (S, W, PID) i ,H)i=1....n。
And finally, the authentication equipment verifies the target signature according to the message to be verified and signature public keys corresponding to the plurality of messages to be verified. In an alternative embodiment, the specific verification process may be: when the authentication device performs signature verification on the target signature, the signature verification can be performed on the message to be signed by using the signature public key according to the SM9 digital signature algorithm. When signing and verifying the target signature, the signing and verifying process can be smoothly compatible with the existing standard interface, the practicability of the method is further improved, and the method is favorable for popularization and application in the market.
According to the aggregated signature method provided by the embodiment of the invention, the plurality of digital signatures corresponding to the plurality of messages to be verified are aggregated into one target signature, and then the aggregated target signature is subjected to signature verification, so that the simultaneous verification of the plurality of messages to be verified is realized, the calculation resources can be saved, and the efficiency of batch verification can be improved. According to the method, batch aggregation signature and batch verification can be completed.
In an alternative embodiment, the first variable, the second variable and the third variable in the plurality of digital signatures can be aggregated, and the signature public keys corresponding to the plurality of messages to be verified can be aggregated, so that the aggregated signature method has higher practicability, and the aggregated signature verification process can be directly and completely converted into a single signature verification process.
FIG. 3 is a flow chart of another aggregate signature method in accordance with an exemplary embodiment of the present invention; with continued reference to fig. 3, in order to improve the practicality of the method, the method in this embodiment may further include:
301. and acquiring signature public keys corresponding to the messages to be verified, wherein the signature public keys are used for signing the messages to be verified.
302. And aggregating the signature public keys corresponding to the plurality of messages to be verified to obtain the target public key.
In the process of verifying the target signature, signature verification is required according to the signature public keys corresponding to the messages to be verified, and then after the target signature is obtained, the signature public keys corresponding to the messages to be verified are also required to be aggregated. The determining process of the target public key can be specifically implemented as follows: firstly, signature public keys corresponding to a plurality of messages to be verified are obtained, and then the signature public keys corresponding to the messages to be verified are aggregated to obtain a target public key.
In the embodiment of the invention, the determination mode of the target public key is not limited, and corresponding aggregation can be performed according to the characteristics of the digital signature algorithm, so that the target public key is determined. For example, aggregating signature public keys corresponding to each of the plurality of messages to be verified, and determining the target public key may be performed in the following manner: and accumulating the signature public keys corresponding to the messages to be verified respectively to obtain the target public key.
Specifically, it is assumed that 5 messages to be verified are received at the same time, and that the signature public key corresponding to the 1 st message to be verified is
The signature public key corresponding to the 2 nd message to be verified is +.>
The signature public key corresponding to the 3 rd message to be verified is +.>
The 4 th message to be verified has a public signature key of +>
The 5 th message to be verified has a public signature key of +>
And determining a target public key according to the obtained signature public key, wherein the target public key is:
in one embodiment, after obtaining the target public keys corresponding to each of the plurality of messages to be verified, the method in this embodiment may further include:
303. the master public key generated by the key generation center is acquired.
304. And verifying the target signature according to the main public key and the target public key.
In the embodiment of the invention, the sender can sign the information data to be verified by using the generated signature public key to obtain the signature value, wherein the signature value comprises a first variable, a second variable and a third variable. The first variable is related to the message to be verified, the second variable is related to the private signature key corresponding to the message to be verified and the first variable, and the third variable is related to the main public key generated by the key generation center. And then the message to be verified and the digital signature corresponding to the message to be verified are sent to the authentication equipment. The authentication device may complete the signing process based on the obtained target public key and the master public key generated by the key generation center. I.e. the process when signing by using the target public key is kept in conformity with the standards of existing digital signature algorithms.
After the aggregated target signature is obtained, verifying the digital signatures carried by the plurality of messages to be verified according to the target public key and the main public key generated by the key generation center. In an alternative embodiment, the process of verifying the digital signatures carried by the plurality of messages to be verified according to the target public key and the master public key generated by the key generating center may be:
Step 1, obtaining a main public key P generated by a key generation center Pubs And calculates the multiplication loop group G T The target element g in (i.e. g=e (P) 1 ,P Pubs ) Wherein e represents a group selected from G 1 ×G 2 To the multiplication loop group G T Is a bilinear pair function of e (P) 1 ,P Pubs ) Representing the first generator P 1 And a master public key P Pubs Substituting the bilinear pair function e to solve.
Step 2, calculating multiplication cycle group G T Element T in (i.e. t=g) H Where H represents the target first variable.
Step 3, calculating multiplication cycle group G T Element U of (B), i.e
Wherein e represents a slave G 1 ×G 2 To the multiplication loop group G T E (S, PK) represents substituting the target second variable and the target public key into the bilinear pair function e for solution.
Step 4, calculating multiplication cycle group G T V, i.e., v=u·t.
And 5, verifying whether v=w is met, if yes, verifying to pass, otherwise, verifying to fail.
The method can realize verification of the target signatures after aggregation of the plurality of messages to be verified, so that the plurality of messages to be verified do not need to be verified one by one, batch verification of the messages can be realized only by verifying the aggregated target signatures, and verification of the plurality of messages to be verified can be realized at the same time, thereby greatly improving the efficiency of batch verification.
In practical application, most of verification can pass, and only a small part of verification does not pass, so that most of messages to be verified can be filtered, and only a small part of verification does not pass. If the verification fails, grouping and re-aggregating the failed messages to be verified again, and re-verifying the aggregated target signature. Therefore, by adopting the method to verify the plurality of messages to be verified, the verification time can be saved, the information which can not pass the verification can be rapidly determined, and the efficiency of batch verification is accelerated.
In summary, in the embodiment of the invention, batch aggregation of digital signatures is realized by aggregating digital signatures corresponding to a plurality of messages to be verified into one target signature. And then, the signature public keys corresponding to the plurality of messages to be verified are aggregated into a target public key, and then, based on a digital signature algorithm, the target signature is checked according to the master public key and the target public key generated by the obtained key generation center. By verifying the aggregated target signature, a plurality of messages to be verified are verified simultaneously, namely, batch verification of the messages to be verified can be completed through one-time verification, so that the efficiency of batch verification is improved.
FIG. 4 is a flow chart of an aggregate signature method according to an exemplary embodiment of the present invention; referring to fig. 4, the present embodiment provides an aggregate signature method, where the execution body of the method may be a terminal device, and it is understood that the terminal device may be implemented as software, or a combination of software and hardware. Specifically, the aggregate signature method may include:
401. and acquiring the main public key, the information to be verified and the signature private key corresponding to the information to be verified, which are generated by the key generation center.
402. The method comprises the steps of signing information to be verified based on a main public key and a signature private key to obtain a digital signature, wherein the digital signature comprises a first variable, a second variable and a third variable, the first variable is related to the information to be verified and the third variable, the second variable is related to the signature private key corresponding to the information to be verified and the first variable, and the third variable is related to the main public key generated by a key generation center.
403. And sending the information to be verified and the digital signature to the authentication equipment so that the authentication equipment aggregates the digital signature corresponding to the information to be verified.
In the embodiment of the invention, the main public key generated by the key generation center is used for verifying the digital signature of the message to be verified, and the signature private key corresponding to the message to be verified is used for signing the message to be verified so as to determine the corresponding digital signature. After receiving the message to be verified, the terminal device obtains the signature private key corresponding to the message to be verified, and can directly obtain the main public key from the key generation center.
In an alternative embodiment, the specific obtaining manner of the signature private key corresponding to the message to be verified may be: and sending the identification information corresponding to the message to be verified to the key generation center, so that the key generation center generates a part of private key and a part of public key based on the identification information. The method comprises the steps of receiving a part of private key and a part of public key sent by a key generation center and generating a secret value, wherein the secret value is a random number. And finally, obtaining a signature private key corresponding to the message to be verified according to the secret value and the partial private key.
As can be seen from the above description, the signature private key is generated by the combined action of the terminal device and the key generation center, so that the security of the signature private key of the user who sends the message to be verified can be effectively protected, and the problem that the user key is completely hosted by the key generation center can be effectively solved.
After the main public key, the information to be verified and the signature private key corresponding to the information to be verified, which are generated by the key generation center, are obtained, the information to be verified needs to be signed based on the main public key and the signature private key, and a digital signature is obtained. The specific process of generating the digital signature can generate a single signature according to an SM9 digital signature algorithm. It should be noted that: according to the conventional digital signature method, the output digital signature generally includes only two variables, whereas in the embodiment of the present invention, the output digital signature includes three variables, and the first variable is related to a message to be verified and the third variable, the second variable is related to a signature private key corresponding to the message to be verified and the first variable, and the third variable is related to a master public key generated by the key generation center.
And finally, the information to be verified and the digital signature are sent to the authentication equipment, so that the authentication equipment aggregates the digital signature corresponding to the information to be verified.
The specific implementation process of some steps of the scheme provided in the embodiment of the present invention may refer to the related descriptions in the other embodiments, which are not described herein.
For easy understanding, the aggregate signature method provided in the embodiment of the present invention is illustrated with reference to the application scenario of the vehicle network in fig. 5. In specific applications, the aggregate signature method may include the steps of:
step 501, the terminal device sends the identity of the vehicle a, b..i. to the key generation center, and applies for a certificate to the key generation center, wherein the certificate mode corresponding to the vehicle is a no-certificate mode.
Step 502, a key generation center distributes a pseudonym PID for a vehicle i And generating a corresponding partial private key and a partial public key, and transmitting the generated keys to the terminal equipment.
The specific implementation process of generating the partial private key and the partial public key can be as follows:
step 1, a key generation center uses a random integer ks between (0, n) generated by a random generator as a main private key and generates a main public key P based on the main private key Pubs I.e. P Pubs =[ks]P 2 Wherein [ ks ]]P 2 Representing the second generator P 2 Is a multiple of ks.
And 2, the terminal equipment sends the identity of the vehicle A and B..i to a key generation center, and applies for a part of private keys and a part of public keys corresponding to the vehicle A and B..i to the key generation center.
Step 3, the key generation center generates a pseudonymous PID corresponding to the vehicle based on the identity mark corresponding to the vehicle i I.e. PID i =H 1 (ID A ||hide, N), and calculates a first temporary variable t i And a second temporary variable t 2 Wherein t is i =PID i +ks mod N,
Step 4, the key generation center determines a part of private key and a part of public key based on the first temporary variable and the second temporary variable, wherein the part of private key is d As =[t 2 ]P 1 Part of the public key is P As =[t i ]P 2 And transmitting the determined partial private key and the public key to the terminal device.
Step 503, the terminal device determines the signature private key and the signature public key based on the secret value, the partial private key and the partial public key.
In an alternative embodiment, the private signature key and the public signature key may be determined by: the terminal device can randomly generate a secret value x based on a random generator As And secret value x As E (0, n). Then, the terminal device uses the partial private key d As Secret value x As Determining a signature private key s As Wherein s is As =[x As ]d As =[x As t 2 ]P 1 . Finally, the terminal device is based on the partial public key P As Secret value x As Determining a signature public key Pk As Wherein
And 504, the terminal equipment signs the message to be verified based on the main public key and a signature private key corresponding to the vehicle, wherein the obtained digital signature comprises a first variable, a second variable and a third variable.
The specific process of signature generation may be:
step 1, calculating a multiplication loop group G T Wherein g=e (P 1 ,P Pubs )。
Step 2, randomly generating a random number r based on a random generator i And r is i ∈(0,n)。
Step 3, calculating multiplication cycle group G T Element w of (a) i I.e. a third variable, wherein
Step 4, calculating an integer first variable h i Wherein h is i =H 2 (m i ||w i ,N)。
Step 5, calculating an integer l i Wherein l i =(r i -h i ) mod N, if l i And returns to step 2 if 0.
Step 6, calculating multiplication loop group G 1 Element S of (3) i I.e. a second variable, wherein S i =[l i ]s As 。
Step 7, outputting message m i Is signed as (h) i ,S i ,w i )。
Step 505, the terminal device sends the information to be verified of each vehicle and the digital signature corresponding to each message to be verified to the authentication device.
Step 506, the authentication device receives the plurality of messages to be verified and digital signatures corresponding to the plurality of messages to be verified, where the digital signatures include a first variable, a second variable, and a third variable.
Step 507, the authentication device aggregates digital signatures corresponding to all the messages to be verified based on the first variable, the second variable and the third variable in the digital signatures to obtain target signatures, wherein the target signatures are used for simultaneously verifying a plurality of messages to be verified.
The specific implementation process of aggregating the digital signatures corresponding to all the messages to be verified can be as follows: calculating a target first variable based on the first variable
Then based on the second variable, calculate a target second variable
Then, based on the third variable, calculate the target third variable +.>
Finally, for the first variable of the target,Combining the target second variable and the target third variable to obtain a target signature sigma= (S, W, PID) i ,H)i=1…n。
Step 508, the authentication device verifies the digital signatures carried by the plurality of messages to be verified according to the target public key and the master public key generated by the key generation center.
In an alternative embodiment, the process of verifying the digital signatures carried by the plurality of messages to be verified according to the target public key and the master public key generated by the key generating center may be:
step 1, obtaining a main public key P generated by a key generation center Pubs And calculates the multiplication loop group G T The target element g in (i.e. g=e (P) 1 ,P Pubs ) Wherein e represents a group selected from G 1 ×G 2 To the multiplication loop group G T Is a bilinear pair function of e (P) 1 ,P Pubs ) Representing the first generator P 1 And a master public key P Pubs Substituting the bilinear pair function e to solve.
Step 2, calculating multiplication cycle group G T Element T in (i.e. t=g) H Where H represents the target first variable.
Step 3, calculating multiplication cycle group G T Element U of (B), i.e
Wherein e represents a slave G 1 ×G 2 To the multiplication loop group G T E (S, PK) represents substituting the target second variable and the target public key into the bilinear pair function e for solution. />
Step 4, calculating multiplication cycle group G T V, i.e., v=u·t.
And 5, verifying whether v=w is met, if yes, verifying to pass, otherwise, verifying to fail.
In summary, in the embodiment of the invention, the signature private key and the signature public key corresponding to the vehicle are generated by the combined action of the terminal equipment and the key generation center, so that the problem of key escrow of the SM9 encryption algorithm is solved, and meanwhile, the information security of the vehicle owner is effectively protected. Meanwhile, in the embodiment of the invention, the digital signatures corresponding to the messages to be verified are aggregated, and the aggregated target signatures are verified, namely, the aggregated target signatures are verified, so that the messages to be verified are verified at the same time, and the efficiency of batch verification can be greatly improved.
The relevant content of the embodiment, which is not described in the present embodiment, may refer to the relevant description in the foregoing embodiment, which is not repeated here.
An aggregate signature apparatus of one or more embodiments of the present invention will be described in detail below. Those skilled in the art will appreciate that these means may be configured by the steps taught by the present solution using commercially available hardware components.
Fig. 6 is a schematic structural diagram of an aggregate signature apparatus according to an embodiment of the present invention, where the apparatus is located in an authentication device, as shown in fig. 6, and the apparatus includes: a receiving module 11 and an aggregation module 12.
The receiving module 11 is configured to receive a plurality of messages to be verified, and digital signatures corresponding to the messages to be verified, where the digital signatures include a first variable, a second variable, and a third variable, where the first variable is related to the messages to be verified and the third variable, the second variable is related to a private signature key corresponding to the messages to be verified and the first variable, and the third variable is related to a primary public key generated by a key generating center.
And the aggregation module 12 is configured to aggregate digital signatures corresponding to all the messages to be verified based on the first variable, the second variable and the third variable in the digital signatures, so as to obtain a target signature, where the target signature is used to implement simultaneous verification on the multiple messages to be verified.
Alternatively, the aggregation module 12 may be specifically configured to: accumulating the first variables in the plurality of digital signatures to obtain a target first variable; accumulating the second variables in the plurality of digital signatures to obtain a target second variable; accumulating the third variables in the plurality of digital signatures to obtain a target third variable; and determining a target signature based on the target first variable, the target second variable and the target third variable.
Optionally, the aggregation module 12 may be further specifically configured to: and combining the target first variable, the target second variable and the target third variable to obtain a target signature.
Optionally, the apparatus may further include an acquisition module, specifically may be configured to: acquiring signature public keys corresponding to the messages to be verified, wherein the signature public keys are used for signing the messages to be verified; and aggregating the signature public keys corresponding to the plurality of messages to be verified respectively to obtain a target public key.
Optionally, the acquiring module may be specifically further configured to: and accumulating the signature public keys corresponding to the plurality of messages to be verified respectively to obtain a target public key.
Optionally, the acquiring module may further include a signature verification module, which may specifically be configured to: acquiring a main public key generated by a key generation center; and verifying the target signature according to the main public key and the target public key.
The apparatus shown in fig. 6 may perform the steps performed by the authentication device in the foregoing embodiments, and detailed performing procedures and technical effects are referred to the descriptions in the foregoing embodiments, which are not repeated herein.
In one possible design, the structure of the aggregate signature apparatus shown in fig. 6 may be implemented as an electronic device, as shown in fig. 7, where the electronic device may include: a first processor 21, a first memory 22, a first communication interface 23. Wherein the first memory 22 has stored thereon executable code which, when executed by the first processor 21, causes the first processor 21 to at least perform the steps performed by the authentication device in the previous embodiments.
Additionally, embodiments of the present invention provide a non-transitory machine-readable storage medium having executable code stored thereon, which when executed by a processor of an electronic device, causes the processor to at least implement an aggregate signature method as provided in the previous embodiments.
Fig. 8 is a schematic structural diagram of an aggregate signature apparatus provided in an embodiment of the present invention, where the apparatus is located in a terminal device, as shown in fig. 8, and the apparatus includes: an acquisition module 31, a signature module 32, and a transmission module 33.
The obtaining module 31 is configured to obtain the master public key, the information to be verified, and the signature private key corresponding to the information to be verified, which are generated by the key generation center;
a signature module 32, configured to sign the information to be verified based on the master public key and the signature private key to obtain a digital signature, where the digital signature includes a first variable, a second variable, and a third variable, where the first variable is related to the information to be verified and the third variable, the second variable is related to the signature private key corresponding to the information to be verified and the first variable, and the third variable is related to the master public key generated by the key generation center;
and the sending module 33 is configured to send the information to be verified and the digital signature to an authentication device, so that the authentication device aggregates the digital signature corresponding to the information to be verified.
Optionally, the obtaining module 31 may be further specifically configured to: the identification information corresponding to the message to be verified is sent to a key generation center, so that the key generation center generates a part of private key and a part of public key based on the identification information; receiving a part of private key and a part of public key sent by the key generation center; generating a secret value, the secret value being a random number; and obtaining a signature private key corresponding to the message to be verified according to the secret value and the partial private key.
The apparatus shown in fig. 8 may perform the steps performed by the terminal device in the foregoing embodiments, and detailed performing procedures and technical effects are referred to the descriptions in the foregoing embodiments, which are not repeated herein.
In one possible design, the structure of the aggregate signature apparatus shown in fig. 8 may be implemented as an electronic device, as shown in fig. 9, where the device may include: a processor 41, a memory 42, a communication interface 43. Wherein the memory 42 has stored thereon executable code which, when executed by the processor 41, causes the processor 41 to at least perform the steps performed by the terminal device as in the previous embodiments.
Additionally, embodiments of the present invention provide a non-transitory machine-readable storage medium having stored thereon executable code that, when executed by a processor of a device, causes the processor to at least implement an aggregate signature method as provided in the previous embodiments.
The apparatus embodiments described above are merely illustrative, wherein the units described as separate components may or may not be physically separate. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by adding necessary general purpose hardware platforms, or may be implemented by a combination of hardware and software. Based on such understanding, the foregoing aspects, in essence and portions contributing to the art, may be embodied in the form of a computer program product, which may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims (10)
1. An aggregate signature method, applied to an authentication device, comprising:
receiving a plurality of messages to be verified and digital signatures corresponding to the messages to be verified, wherein the digital signatures comprise a first variable, a second variable and a third variable, the first variable is related to the messages to be verified and the third variable, the second variable is related to a signature private key corresponding to the messages to be verified and the first variable, and the third variable is related to a main public key generated by a key generation center;
based on the first variable, the second variable and the third variable in the digital signature, aggregating the digital signatures corresponding to all the messages to be verified to obtain a target signature, wherein the target signature is used for realizing simultaneous verification of the plurality of messages to be verified;
acquiring signature public keys corresponding to the messages to be verified, wherein the signature public keys are used for signing the messages to be verified;
aggregating signature public keys corresponding to the plurality of messages to be verified respectively to obtain a target public key;
acquiring a main public key generated by a key generation center;
signing the target signature according to the main public key and the target public key;
The step of obtaining signature public keys corresponding to the plurality of messages to be verified respectively comprises the following steps:
the key generation center generates respectively corresponding pseudonym identification information based on the identification information respectively corresponding to the information to be verified
Wherein->
And calculates the first temporary variable +.>
And a second temporary variable->
Wherein->
,/>
;
The key generation center determines a partial private key and a partial public key based on the first temporary variable and the second temporary variable, wherein the partial private key is
Part of the public key is +.>
The partial private key and the partial public key are sent to the corresponding terminal equipment respectively;
the terminal device randomly generates a secret value based on a random generator
And secret value +.>
;
The terminal equipment uses the partial private key
And secret value->
Determining signature private key->
Wherein
The method comprises the steps of carrying out a first treatment on the surface of the Finally, the terminal device is based on the partial public key +.>
And secret value->
Determining signature public key->
Wherein->
=/>
The method comprises the steps of carrying out a first treatment on the surface of the And transmitting the signed public key to an authentication device;
the authentication device receives the signature public key transmitted by each of the plurality of terminal devices.
2. The method according to claim 1, wherein aggregating digital signatures corresponding to all messages to be verified based on the first variable, the second variable and the third variable in the digital signature to obtain a target signature comprises:
Accumulating the first variables in the plurality of digital signatures to obtain a target first variable;
accumulating the second variables in the plurality of digital signatures to obtain a target second variable;
accumulating the third variables in the plurality of digital signatures to obtain a target third variable;
and determining a target signature based on the target first variable, the target second variable and the target third variable.
3. The method of claim 2, wherein the determining a target signature based on the target first variable, target second variable, and target third variable comprises:
and combining the target first variable, the target second variable and the target third variable to obtain a target signature.
4. A method according to claim 3, wherein aggregating the signature public keys corresponding to the plurality of messages to be verified to obtain the target public key comprises:
and accumulating the signature public keys corresponding to the plurality of messages to be verified respectively to obtain a target public key.
5. An aggregate signature method, applied to a terminal device, comprising:
the method comprises the steps of sending identification information corresponding to a message to be verified to a key generation center, enabling the key generation center to generate a part of public key and a part of private key corresponding to terminal equipment based on the identification information, a main private key and a first generation element of a multiplication cyclic group, and sending the part of public key and the part of private key to the corresponding terminal equipment;
Receiving a part of private key and a part of public key sent by the key generation center;
generating a secret value, the secret value being a random number;
obtaining a signature private key corresponding to the message to be verified according to the secret value and the partial private key;
acquiring a main public key and information to be verified generated by a key generation center;
signing the information to be verified based on the main public key and the signature private key to obtain a digital signature, wherein the digital signature comprises a first variable, a second variable and a third variable, the first variable is related to the information to be verified and the third variable, the second variable is related to the signature private key corresponding to the information to be verified and the first variable, and the third variable is related to the main public key generated by a key generation center;
transmitting the information to be verified and the digital signature to an authentication device so that the authentication device eliminates the information to be verified
The digital signatures corresponding to the messages are aggregated, signature public keys corresponding to the messages to be verified are obtained, and the signature public keys are used for signing the messages to be verified; aggregating signature public keys corresponding to the plurality of messages to be verified respectively to obtain a target public key; acquiring a main public key generated by a key generation center; signing the target signature according to the main public key and the target public key;
The method for obtaining signature public keys corresponding to the plurality of messages to be verified respectively comprises the following steps:
the key generation center generates respectively corresponding pseudonym identification information based on the identification information respectively corresponding to the information to be verified
Wherein->
And calculates the first temporary variable +.>
And a second temporary variable->
Wherein->
,/>
;
The key generation center determines a partial private key and a partial public key based on the first temporary variable and the second temporary variable, wherein the partial private key is
Part of the public key is +.>
Transmitting the determined partial private key and partial public key to the corresponding terminal equipment;
the terminal device randomly generates a secret value based on a random generator
And secret value +.>
;
The terminal equipment uses the partial private key
And secret value->
Determining signature private key->
Wherein
The method comprises the steps of carrying out a first treatment on the surface of the Finally, the terminal device is based on the partial public key +.>
And secret value->
Determining signature public key->
Wherein->
=/>
The method comprises the steps of carrying out a first treatment on the surface of the And transmitting the signed public key to an authentication device;
the authentication device receives the signature public key transmitted by each of the plurality of terminal devices.
6. An aggregate signature device, located at an authentication facility, comprising:
a receiving module, configured to receive a plurality of messages to be verified, and digital signatures corresponding to the messages to be verified, where the digital signatures include a first variable, a second variable, and a third variable, where the first variable is related to the messages to be verified and the third variable, the second variable is related to a private signature key corresponding to the messages to be verified and the first variable, and the third variable is related to a master public key generated by a key generation center;
The aggregation module is used for aggregating the digital signatures corresponding to all the messages to be verified based on the first variable, the second variable and the third variable in the digital signatures to obtain target signatures, wherein the target signatures are used for realizing simultaneous verification of the plurality of messages to be verified;
the verification module is used for acquiring signature public keys corresponding to the plurality of messages to be verified, and the signature public keys are used for signing the plurality of messages to be verified; aggregating signature public keys corresponding to the plurality of messages to be verified respectively to obtain a target public key; acquiring a main public key generated by a key generation center; signing the target signature according to the main public key and the target public key;
the step of obtaining signature public keys corresponding to the plurality of messages to be verified respectively comprises the following steps:
the key generation center generates respectively corresponding pseudonym identification information based on the identification information respectively corresponding to the information to be verified
Wherein->
And calculates the first temporary variable +.>
And a second temporary variable->
Wherein->
,/>
;
The key generation center determines a partial private key and a partial public key based on the first temporary variable and the second temporary variable, wherein the partial private key is
Part of the public key is +. >
The partial private key and the partial public key are sent to the corresponding terminal equipment respectively;
the terminal device randomly generates a secret value based on a random generator
And secret value +.>
;
The terminal equipment uses the partial private key
And secret value->
Determining signature private key->
Wherein
The method comprises the steps of carrying out a first treatment on the surface of the Finally, the terminal device is based on the partial public key +.>
And secret value->
Determining signature public key->
Wherein->
=/>
The method comprises the steps of carrying out a first treatment on the surface of the And transmitting the signed public key to an authentication device;
the authentication device receives the signature public key transmitted by each of the plurality of terminal devices.
7. An aggregate signature device, located at a terminal device, comprising:
the acquisition module is used for sending the identification information corresponding to the message to be verified to the key generation center, so that the key generation center generates a part of public key and a part of private key corresponding to the terminal equipment based on the identification information, the main private key and the first generation element of the multiplication cyclic group, and sends the part of public key and the part of private key to the corresponding terminal equipment; receiving a part of private key and a part of public key sent by the key generation center; generating a secret value, the secret value being a random number; obtaining a signature private key corresponding to the message to be verified according to the secret value and the partial private key; acquiring a main public key and information to be verified generated by a key generation center;
The signature module is used for signing the information to be verified based on the main public key and the signature private key to obtain a digital signature, wherein the digital signature comprises a first variable, a second variable and a third variable, the first variable is related to the information to be verified and the third variable, the second variable is related to the signature private key corresponding to the information to be verified and the first variable, and the third variable is related to the main public key generated by the key generation center;
the sending module is used for sending the information to be verified and the digital signature to the authentication equipment so that the authentication equipment aggregates the digital signatures corresponding to the information to be verified and obtains signature public keys corresponding to the information to be verified respectively, and the signature public keys are used for signing the information to be verified; aggregating signature public keys corresponding to the plurality of messages to be verified respectively to obtain a target public key; acquiring a main public key generated by a key generation center; signing the target signature according to the main public key and the target public key;
the method for obtaining signature public keys corresponding to the plurality of messages to be verified respectively comprises the following steps:
The key generation center generates respectively corresponding pseudonym identification information based on the identification information respectively corresponding to the information to be verified
Wherein->
And calculates the first temporary variable +.>
And a second temporary variable->
Wherein->
,/>
;
The key generation center determines a partial private key and a partial public key based on the first temporary variable and the second temporary variable, wherein the partial private key is
Part of the public key is +.>
Transmitting the determined partial private key and partial public key to the corresponding terminal equipment;
terminal equipmentRandom generation of a secret value based on a random generator
And secret value +.>
;
The terminal equipment uses the partial private key
And secret value->
Determining signature private key->
Wherein
The method comprises the steps of carrying out a first treatment on the surface of the Finally, the terminal device is based on the partial public key +.>
And secret value->
Determining signature public key->
Wherein->
=/>
The method comprises the steps of carrying out a first treatment on the surface of the And transmitting the signed public key to an authentication device;
the authentication device receives the signature public key transmitted by each of the plurality of terminal devices.
8. An electronic device, comprising: memory, processor, and communication interface; wherein the memory has stored thereon executable code which, when executed by the processor, causes the processor to perform the aggregate signature method of any of claims 1 to 4.
9. A terminal device, comprising: memory, processor, and communication interface; wherein the memory has stored thereon executable code which, when executed by the processor, causes the processor to perform the aggregate signature method as recited in claim 5.
10. A non-transitory machine-readable storage medium having stored thereon executable code, which when executed by a processor, causes the processor to perform the aggregate signature method of any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210459494.4A CN115001698B (en) | 2022-04-27 | 2022-04-27 | Aggregate signature method, apparatus, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210459494.4A CN115001698B (en) | 2022-04-27 | 2022-04-27 | Aggregate signature method, apparatus, device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115001698A CN115001698A (en) | 2022-09-02 |
| CN115001698B true CN115001698B (en) | 2023-04-28 |
Family
ID=83025912
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210459494.4A Active CN115001698B (en) | 2022-04-27 | 2022-04-27 | Aggregate signature method, apparatus, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115001698B (en) |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112241526B (en) * | 2020-10-26 | 2024-03-19 | 北京华大信安科技有限公司 | Batch verification method and system based on SM9 digital signature |
| CN113014398B (en) * | 2021-03-17 | 2022-09-30 | 福建师范大学 | Aggregate signature generation method based on SM9 digital signature algorithm |
-
2022
- 2022-04-27 CN CN202210459494.4A patent/CN115001698B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN115001698A (en) | 2022-09-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10944575B2 (en) | Implicitly certified digital signatures | |
| CN107483212B (en) | Method for generating digital signature by cooperation of two parties | |
| CN110351096B (en) | Multiple signature method, signature center, program medium, and electronic device | |
| US8433897B2 (en) | Group signature system, apparatus and storage medium | |
| WO2019116248A1 (en) | System and method for authenticating off-chain data based on proof verification | |
| JP3522447B2 (en) | Authentication exchange method and additional public electronic signature method | |
| US10148422B2 (en) | Implicitly certified public keys | |
| CN109818730B (en) | Blind signature acquisition method and device and server | |
| CN108551392A (en) | A kind of Proxy Signature generation method and system based on SM9 digital signature | |
| CN110336664B (en) | SM2 cryptographic algorithm-based cross-domain authentication method for information service entity | |
| CN112241526A (en) | Batch verification method and system based on SM9 digital signature | |
| CN115834056A (en) | Certificateless ordered aggregation signature method, certificateless ordered aggregation signature system and related devices | |
| CN110932865B (en) | Linkable ring signature generation method based on SM2 digital signature algorithm | |
| CN115529141A (en) | Traceable ring signature generation method and system for logarithmic signature size | |
| CN113032844B (en) | Signature method, signature verification method and signature verification device for elliptic curve | |
| CN116566626B (en) | Ring signature method and apparatus | |
| CN115001698B (en) | Aggregate signature method, apparatus, device and storage medium | |
| CN114640463B (en) | Digital signature method, computer equipment and medium | |
| CN108667619B (en) | White box implementation method and device for SM9 digital signature | |
| Kojima et al. | A new schnorr multi-signatures to support both multiple messages signing and key aggregation | |
| CN116318688B (en) | Collaborative signature method, device and storage medium | |
| CN117278213B (en) | Polynomial commitment based method, electronic device and readable storage medium | |
| CN115473635B (en) | SM2 two-party adapter signature generation method and device for preventing malicious enemy | |
| CN113055163B (en) | Blind signature generation method based on SM9 digital signature algorithm | |
| CN114257377A (en) | Multivariate aggregation signature method, system, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |