CN115314192A - Public key encryption method and system with two independent monitoring parties, and public key decryption method and system - Google Patents

Public key encryption method and system with two independent monitoring parties, and public key decryption method and system Download PDF

Info

Publication number
CN115314192A
CN115314192A CN202210908536.8A CN202210908536A CN115314192A CN 115314192 A CN115314192 A CN 115314192A CN 202210908536 A CN202210908536 A CN 202210908536A CN 115314192 A CN115314192 A CN 115314192A
Authority
CN
China
Prior art keywords
supervisor
public key
ciphertext
public
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210908536.8A
Other languages
Chinese (zh)
Inventor
赵琉涛
钟林
李自钦
贾冬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Beike Rongzhi Cloud Computing Technology Co ltd
Original Assignee
Beijing Beike Rongzhi Cloud Computing Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Beike Rongzhi Cloud Computing Technology Co ltd filed Critical Beijing Beike Rongzhi Cloud Computing Technology Co ltd
Priority to CN202210908536.8A priority Critical patent/CN115314192A/en
Publication of CN115314192A publication Critical patent/CN115314192A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Abstract

The invention discloses a public key encryption method, a public key decryption method and a public key encryption system with two independent monitoring parties, wherein the method comprises the following steps: the method comprises the steps that a sender adopts an encryption algorithm, and data to be sent are encrypted by using a private key of the sender, a public key of a receiver, a public key of a first supervisor and a public key of a second supervisor to generate a ciphertext; the sender sends the ciphertext to a public system; the receiving party obtains the ciphertext from the public system, and decrypts the received ciphertext by adopting a decryption algorithm according to a private key of the receiving party, a public key of the sending party, a public key of a first supervisor and a public key of a second supervisor to generate decrypted data; the first supervisor obtains the ciphertext from the public system, and decrypts the received ciphertext according to the first supervisor private key and the second supervisor public key by adopting a supervision algorithm to generate decrypted data; and the second supervisor acquires the ciphertext from the public system, decrypts the received ciphertext according to the second supervisor private key and the first supervisor public key by adopting a supervision algorithm, and generates decrypted data.

Description

Public key encryption method, decryption method and system with two independent monitoring parties
Technical Field
The invention relates to the technical field of public key encryption, in particular to a public key encryption method, a public key decryption method and a public key encryption system with two independent monitoring parties.
Background
To ensure data confidentiality, data is usually encrypted and then transmitted. However, only the receiving party is able to decrypt the ciphertext, while the supervisor is not able to decrypt the ciphertext. In an application scenario requiring supervision, a supervisor needs to decrypt a ciphertext. Therefore, in order to solve the problem that only the receiving party can decrypt and the monitoring party cannot decrypt in the current public key encryption scheme, a technology that not only the receiving party can decrypt but also the monitoring party can decrypt and monitor the data content is needed.
Disclosure of Invention
Therefore, it is necessary to provide a public key encryption method, a public key decryption method and a public key encryption system with two independent supervisors for solving the problem of the existing encryption method mentioned in the conventional technology that has a large limitation.
In a first aspect, an embodiment of the present invention provides a public key encryption method with two independent supervisors, including:
acquiring a public key of a receiver, a public key of a first supervisor and a public key of a second supervisor;
encrypting data to be transmitted by using a private key of a sender, the public key of the receiver, the public key of the first supervisor and the public key of the second supervisor by adopting an encryption algorithm to generate a ciphertext;
and sending the ciphertext to a public system, so that the receiving party, the first supervisor and the second supervisor can obtain the ciphertext by accessing the public system.
Preferably, the obtaining the receiver public key, the first supervisor public key and the second supervisor public key comprises:
setting up symmetric bilinear mappings
Figure BDA0003773269290000011
Wherein G is a group
Figure BDA0003773269290000012
The generation element(s) of (a),
Figure BDA0003773269290000013
as bilinear groups
Figure BDA0003773269290000014
A generator of (2); group of
Figure BDA0003773269290000015
The order of (a) is a prime number n;
hash using two hash functions 1 ,hash 2 Mapping any length data {0,1, n-1} into integer and length n data respectively, i.e. mapping
Figure BDA0003773269290000021
hash 2 :{0,1} * →{0,1} n
Wherein the hash function hash 1 The input of (1) is 0 or 1 of any length, and the output range is a natural number between 0 and n-1; hash function hash 2 The input of (1) is 0 or 1 with any length, and the output length is 0 or 1 random character string with n bits; * The number represents 0/1bit of arbitrary length; {0,1} * Represents 0/1bit data of any length; {0,1} n Represents 0/1bit data of fixed length;
Figure BDA0003773269290000022
is a natural number between 0 and n-1;
the random number with fixed length n is mapped into random number KDF with arbitrary length output by using key derivation function KDF: {0,1} n →{0,1} *
Private key of sender
Figure BDA0003773269290000023
And public key
Figure BDA0003773269290000024
The expression is as follows:
Figure BDA0003773269290000025
private key of receiver
Figure BDA0003773269290000026
And public key
Figure BDA0003773269290000027
The expression is as follows:
Figure BDA0003773269290000028
private key of first supervisor
Figure BDA0003773269290000029
And public key
Figure BDA00037732692900000210
The expression is as follows:
Figure BDA00037732692900000211
private key of second supervisor
Figure BDA00037732692900000212
And public key
Figure BDA00037732692900000213
The expression is as follows:
Figure BDA00037732692900000214
Figure BDA00037732692900000215
2 random numbers a ranging from 0 to n-1 are selected on behalf of the sender 1 ,a 2 And a private key
Figure BDA00037732692900000216
Splitting into 2 parts;
Figure BDA00037732692900000217
2 random numbers b are selected in the range of 0 to n-1 on behalf of the receiver 1 ,b 2 (ii) a And to use the private key
Figure BDA00037732692900000218
Splitting into 2 parts;
Figure BDA00037732692900000219
selecting 2 random numbers c in the range of 0 to n-1 on behalf of the first supervisor 1 ,c 2 (ii) a And to use the private key
Figure BDA00037732692900000220
Splitting into 2 parts;
Figure BDA00037732692900000221
selecting 2 random numbers d in the range of 0 to n-1 on behalf of the second supervisor 1 ,d 2 (ii) a And to use the private key
Figure BDA00037732692900000222
Splitting into 2 parts;
g is a base point G on the elliptic curve and is a public system parameter;
Figure BDA00037732692900000223
the representative sender is based on the base point G and the random number a 1 ,a 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the sender, and the public key is used
Figure BDA00037732692900000224
Splitting into 2 parts;
Figure BDA0003773269290000031
the representative receiver is based on the base point G and the random number b 1 ,b 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the receiving party, and the public key is used
Figure BDA0003773269290000032
Splitting into 2 parts;
Figure BDA0003773269290000033
representing a first supervisor based on a base point G and a random number c 1 ,c 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the first supervisor, and the public key is used
Figure BDA0003773269290000034
Splitting into 2 parts;
Figure BDA0003773269290000035
representing the second supervisor based on the base point G and the random number d 1 ,d 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the second supervisor, and the public key is used
Figure BDA0003773269290000036
Split into 2 parts.
Preferably, the encrypting, by using an encryption algorithm, data to be transmitted by using a private key of a sender, the public key of a receiver, the public key of the first supervisor, and the public key of the second supervisor includes:
using sender private key
Figure BDA0003773269290000037
Data to be transmitted
Figure BDA0003773269290000038
Is arbitrarily long, m is e {0,1} * An optional element
Figure BDA0003773269290000039
And the receiver public key, the first supervisor public key and the second supervisor public key
Figure BDA00037732692900000310
The following calculations were performed:
Figure BDA00037732692900000311
C 1 :=γ,C 2 :=r·G,
Figure BDA00037732692900000312
generate ciphertext C = (C) 1 ,C 2 ,C 3 ) The method comprises the following steps of I, splicing two data into a whole as the input of a hash function;
hash function hash 1 A natural number between 0 and n-1 of the output;
Figure BDA00037732692900000313
is a bitwise exclusive-or operation in a computer;
alternatively, the sender private key is utilized
Figure BDA00037732692900000314
Data to be transmitted
Figure BDA00037732692900000315
Any long message m e {0,1} in (1) } * An optional element
Figure BDA00037732692900000316
And the receiver public key, the first supervisor public key and the second supervisor public key
Figure BDA00037732692900000317
The following calculations were performed:
Figure BDA0003773269290000041
Figure BDA0003773269290000042
Figure BDA0003773269290000043
Figure BDA0003773269290000044
generate ciphertext C = (C) 1 ,C 2 ,C 3 ,C 4 ,C 5), wherein ,
Figure BDA0003773269290000045
the method comprises the steps that a private key is used as a random number to carry out point doubling operation on elliptic curve points, wherein the elliptic curve points are public keys of a receiving party;
= denotes assignment, assigning the value of the parameter on the right of the symbol to the parameter on the left of the symbol;
Figure BDA0003773269290000046
the corner mark r in the upper right corner refers to bilinear mapping
Figure BDA0003773269290000047
And after the calculation is finished, calculating the power of r.
In another aspect, the present invention further provides a decryption method with two independent supervisors, including: the ciphertext in the public system is encrypted by the method;
the receiving party obtains the ciphertext from the public system, and decrypts the received ciphertext by adopting a decryption algorithm according to a private key of the receiving party, a public key of the sending party, a public key of a first supervisor and a public key of a second supervisor to generate decrypted data;
the first supervisor obtains the ciphertext from the public system, and decrypts the received ciphertext according to the first supervisor private key and the second supervisor public key by adopting a supervision algorithm to generate decrypted data;
and the second supervisor acquires the ciphertext from the public system, decrypts the received ciphertext according to the second supervisor private key and the first supervisor public key by adopting a supervision algorithm, and generates decrypted data.
Preferably, the method further comprises:
and the receiving party, the first supervisor and the second supervisor respectively carry out decryption consistency verification on the obtained decrypted data.
Preferably, the receiving party adopts a decryption algorithm, and decrypting the received ciphertext according to the receiving party private key, the sending party public key, the first supervisor public key and the second supervisor public key comprises:
the receiving party obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ) Carrying out analysis; using the private key of the receiving party
Figure BDA0003773269290000048
Local ciphertext C 1 ,C 3 The sender public key, the first supervisor public key and the second supervisor public key
Figure BDA0003773269290000049
The following calculations were performed:
Figure BDA00037732692900000410
Figure BDA00037732692900000411
where r' is the hash function hash 1 A natural number between 0 and n-1 of the output;
alternatively, the receiving party is public to the publicObtaining ciphertext C = (C) in co-system 1 ,C 2 ,C 3 ,C 4 ,C 5 ) Carrying out analysis; using the private key of the receiving party
Figure BDA0003773269290000051
Local ciphertext C 1 ,C 3 ,C 4 ,C 5 The sender public key, the first supervisor public key and the second supervisor public key
Figure BDA0003773269290000052
The following calculations were performed:
Figure BDA0003773269290000053
Figure BDA0003773269290000054
Figure BDA0003773269290000055
Figure BDA0003773269290000056
preferably, the first supervisor adopts a supervision algorithm, and decrypting the received ciphertext according to the first supervisor private key and the second supervisor public key includes:
the first supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ) Carrying out analysis; using a first supervisor private key
Figure BDA0003773269290000057
And a second supervisor public key
Figure BDA0003773269290000058
The following calculations were performed:
Figure BDA0003773269290000059
or, the first supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ,C 4 ,C 5 ) Carrying out analysis; using a first supervisor private key
Figure BDA00037732692900000510
Local ciphertext C 2 ,C 3 ,C 4 ,C 5 And a second supervisor public key
Figure BDA00037732692900000511
The following calculations were performed:
Figure BDA00037732692900000512
Figure BDA00037732692900000513
Figure BDA00037732692900000514
preferably, the second supervisor adopts a supervision algorithm, and decrypting the received ciphertext according to the second supervisor private key and the first supervisor public key includes:
the second supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ) Carrying out analysis; using a second supervisor private key
Figure BDA00037732692900000515
And a first supervisor public key
Figure BDA00037732692900000516
The following calculations were performed:
Figure BDA00037732692900000517
or, the second supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ,C 4 ,C 5 ) Carrying out analysis; using a second supervisor private key
Figure BDA00037732692900000518
Local ciphertext C 2 ,C 3 ,C 4 ,C 5 And a first supervisor public key
Figure BDA00037732692900000519
The following calculations were performed:
Figure BDA0003773269290000061
Figure BDA0003773269290000062
Figure BDA0003773269290000063
preferably, the receiving party, the first supervisor and the second supervisor respectively perform decryption consistency verification on the obtained decrypted data, including:
the decryption consistency verification process of the receiving party is as follows:
Figure BDA0003773269290000064
Figure BDA0003773269290000065
or ,
Figure BDA0003773269290000071
Figure BDA0003773269290000072
Figure BDA0003773269290000073
Figure BDA0003773269290000074
the first supervisor decryption consistency verification process comprises the following steps:
Figure BDA0003773269290000075
or ,
Figure BDA0003773269290000081
Figure BDA0003773269290000082
Figure BDA0003773269290000083
the second supervisor decryption consistency verification process comprises the following steps:
Figure BDA0003773269290000084
or ,
Figure BDA0003773269290000091
Figure BDA0003773269290000092
Figure BDA0003773269290000093
in another aspect, the present invention further provides a public key encryption and decryption system with two independent supervisors, including: the system comprises a sender, a receiver, a first supervisor and a second supervisor;
a sender acquires a receiver public key, a first supervisor public key and a second supervisor public key;
the sender adopts an encryption algorithm, and encrypts data to be sent by using a private key of the sender, the public key of the receiver, the public key of the first supervisor and the public key of the second supervisor to generate a ciphertext;
the sender sends the ciphertext to a public system, so that the receiver, the first supervisor and the second supervisor acquire the ciphertext by accessing the public system;
the receiving party obtains the ciphertext from the public system, and decrypts the received ciphertext by adopting a decryption algorithm according to a private key of the receiving party, a public key of the sending party, a public key of a first supervisor and a public key of a second supervisor to generate decrypted data;
the first supervisor obtains the ciphertext from the public system, and decrypts the received ciphertext according to the first supervisor private key and the second supervisor public key by adopting a supervisory algorithm to generate decrypted data;
and the second supervisor acquires the ciphertext from the public system, decrypts the received ciphertext according to the second supervisor private key and the first supervisor public key by adopting a supervision algorithm, and generates decrypted data.
The invention provides a public key encryption method, a public key decryption method and a public key encryption system with two independent supervisors. The scheme has greater requirements in the block chain and military application scenes of the supervisors.
Drawings
FIG. 1 is a flow chart illustrating a public key encryption method with two independent supervisors according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating a public key decryption method with two independent supervisors according to an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative and intended to be illustrative of the invention and are not to be construed as limiting the invention.
Fig. 1 is a flowchart illustrating a public key encryption method with two independent supervisors in one embodiment. The method specifically comprises the following steps:
step S101, acquiring a receiver public key, a first supervisor public key and a second supervisor public key;
step S102, encrypting data to be transmitted by using a private key of a sender, the public key of the receiver, the public key of the first supervisor and the public key of the second supervisor by adopting an encryption algorithm to generate a ciphertext;
and step S103, sending the ciphertext to a public system, so that the receiving party, the first monitoring party and the second monitoring party acquire the ciphertext by accessing the public system.
In the embodiment of the present invention, in step S101, the obtaining of the public key of the receiver, the public key of the first supervisor, and the public key of the second supervisor includes:
setting up symmetric bilinear mappings
Figure BDA0003773269290000101
Wherein, the first and the second end of the pipe are connected with each other,g is a group
Figure BDA0003773269290000102
The generation element of (a) is generated,
Figure BDA0003773269290000103
as bilinear groups
Figure BDA0003773269290000104
The generator of (2); group(s)
Figure BDA0003773269290000105
The order of (a) is a prime number n;
hash using two hash functions 1 ,hash 2 Mapping any length data {0, n-1} into integer and data with length n, respectively, i.e. mapping data with length n
Figure BDA0003773269290000106
hash 2 :{0,1} * →{0,1} n
Wherein the hash function hash 1 The input of (1) is 0 or 1 with any length, and the output range is a natural number between 0 and n-1; hash function hash 2 The input of (1) is 0 or 1 with any length, and the output length is 0 or 1 random character string with n bits; * The number represents 0/1bit of arbitrary length; {0,1} * Represents 0/1bit data of any length; {0,1} n Represents 0/1bit data of fixed length;
Figure BDA0003773269290000111
is a natural number between 0 and n-1;
the random number with fixed length n is mapped into random number KDF with arbitrary length output by using key derivation function KDF: {0,1} n →{0,1} *
Private key of sender
Figure BDA0003773269290000112
And public key
Figure BDA0003773269290000113
The expression is as follows:
Figure BDA0003773269290000114
private key of receiver
Figure BDA0003773269290000115
And a public key
Figure BDA0003773269290000116
The expression is as follows:
Figure BDA0003773269290000117
private key of first supervisor
Figure BDA0003773269290000118
And public key
Figure BDA0003773269290000119
The expression is as follows:
Figure BDA00037732692900001110
private key of second supervisor
Figure BDA00037732692900001111
And public key
Figure BDA00037732692900001112
The expression is as follows:
Figure BDA00037732692900001113
Figure BDA00037732692900001114
2 random numbers a ranging from 0 to n-1 are selected on behalf of the sender 1 ,a 2 And a private key
Figure BDA00037732692900001115
Splitting into 2 parts;
Figure BDA00037732692900001116
2 random numbers b are selected in the range of 0 to n-1 on behalf of the receiver 1 ,b 2 (ii) a And to use the private key
Figure BDA00037732692900001117
Splitting into 2 parts;
Figure BDA00037732692900001118
selecting 2 random numbers c in the range of 0 to n-1 on behalf of the first supervisor 1 ,c 2 (ii) a And to use the private key
Figure BDA00037732692900001119
Splitting into 2 parts;
Figure BDA00037732692900001120
selecting 2 random numbers d in the range of 0 to n-1 on behalf of the second supervisor 1 ,d 2 (ii) a And to use the private key
Figure BDA00037732692900001121
Splitting into 2 parts;
g is a base point G on the elliptic curve and is a public system parameter;
Figure BDA00037732692900001122
the representative sender is based on the base point G and the random number a 1 ,a 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the sender, and the public key is used
Figure BDA00037732692900001123
Splitting into 2 parts;
Figure BDA00037732692900001124
the representative receiver is based on the base point G and the random number b 1 ,b 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the receiving party, and the public key is used
Figure BDA00037732692900001125
Splitting into 2 parts;
Figure BDA0003773269290000121
representing a first supervisor based on a base point G and a random number c 1 ,c 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the first supervisor, and the public key is used
Figure BDA0003773269290000122
Splitting into 2 parts;
Figure BDA0003773269290000123
representing the second supervisor based on the base point G and the random number d 1 ,d 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the second supervisor, and the public key is used
Figure BDA0003773269290000124
Split into 2 parts.
In the embodiment of the present invention, in step S102, an encryption algorithm is adopted, and encrypting data to be transmitted by using a private key of a sender, the public key of a receiver, the public key of a first supervisor, and the public key of a second supervisor includes:
using sender private key
Figure BDA0003773269290000125
Data to be transmitted
Figure BDA0003773269290000126
Message m of arbitrary length∈{0,1} * An optional element
Figure BDA0003773269290000127
And the receiver public key, the first supervisor public key and the second supervisor public key
Figure BDA0003773269290000128
The following calculations were performed:
Figure BDA0003773269290000129
C 1 :=γ,C 2 :=r·G,
Figure BDA00037732692900001210
generate ciphertext C = (C) 1 ,C 2 ,C 3 ) The method comprises the following steps of I, splicing two data into a whole as the input of a hash function;
hash function hash 1 A natural number between 0 and n-1 of the output;
Figure BDA00037732692900001211
is a bitwise exclusive-or operation in a computer;
alternatively, the sender private key is utilized
Figure BDA00037732692900001212
Data to be transmitted
Figure BDA00037732692900001213
Is arbitrarily long, m is e {0,1} * An optional element
Figure BDA00037732692900001214
And the receiver public key, the first supervisor public key and the second supervisor public key
Figure BDA00037732692900001215
The following calculations were performed:
Figure BDA00037732692900001216
Figure BDA00037732692900001217
Figure BDA00037732692900001218
Figure BDA00037732692900001219
generate ciphertext C = (C) 1 ,C 2 ,C 3 ,C 4 ,C 5), wherein ,
Figure BDA0003773269290000131
the method comprises the steps that a private key is used as a random number to carry out point doubling operation on an elliptic curve point, wherein the elliptic curve point is a public key of a receiving party;
= denotes assignment, assigning the value of the parameter on the right of the symbol to the parameter on the left of the symbol;
Figure BDA0003773269290000132
the corner mark r in the upper right corner refers to bilinear mapping
Figure BDA0003773269290000133
And after the calculation is finished, calculating the power of r.
As shown in fig. 2, an embodiment of the present invention further provides a decryption method with two independent monitoring parties, where a ciphertext in a public system is encrypted by the above method;
step S201, the receiver obtains the ciphertext from the public system, and decrypts the received ciphertext by adopting a decryption algorithm according to a private key of the receiver, a public key of the sender, a public key of a first supervisor and a public key of a second supervisor to generate decrypted data;
step S202, the first supervisor obtains a ciphertext from the public system, and decrypts the received ciphertext according to the first supervisor private key and the second supervisor public key by adopting a supervision algorithm to generate decrypted data;
and S203, the second supervisor obtains the ciphertext from the public system, decrypts the received ciphertext according to the second supervisor private key and the first supervisor public key by adopting a supervision algorithm, and generates decrypted data.
In the embodiment of the present invention, the method further includes:
step S204, the receiving party, the first supervisor and the second supervisor respectively carry out decryption consistency verification on the obtained decrypted data.
Step S201 of the embodiment of the present invention is that the receiving party decrypts, by using a decryption algorithm, the received ciphertext according to the private key of the receiving party, the public key of the sending party, the public key of the first supervisor, and the public key of the second supervisor, and includes:
the receiving party obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ) Carrying out analysis; using the private key of the receiving party
Figure BDA0003773269290000134
Local ciphertext C 1 ,C 3 The sender public key, the first supervisor public key and the second supervisor public key
Figure BDA0003773269290000135
The following calculations were performed:
Figure BDA0003773269290000136
Figure BDA0003773269290000137
wherein r' is a hash function hash 1 A natural number between 0 and n-1 of the output;
alternatively, the receiving party pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ,C 4 ,C 5 ) Carrying out analysis; using the private key of the receiving party
Figure BDA0003773269290000138
Local ciphertext C 1 ,C 3 ,C 4 ,C 5 Said sender public key, said first supervisor public key and said second supervisor public key
Figure BDA0003773269290000139
The following calculations were performed:
Figure BDA0003773269290000141
Figure BDA0003773269290000142
Figure BDA0003773269290000143
Figure BDA0003773269290000144
in step S202 of the embodiment of the present invention, the decrypting, by the first supervisor using the supervision algorithm, the received ciphertext according to the first supervisor private key and the second supervisor public key includes:
the first supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ) Carrying out analysis; using a first supervisor private key
Figure BDA0003773269290000145
And a second supervisor public key
Figure BDA0003773269290000146
The following calculations were performed:
Figure BDA0003773269290000147
or, the first supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ,C 4 ,C 5 ) Carrying out analysis; using a first supervisor private key
Figure BDA0003773269290000148
Local ciphertext C 2 ,C 3 ,C 4 ,C 5 And a second supervisor public key
Figure BDA0003773269290000149
The following calculations were performed:
Figure BDA00037732692900001410
Figure BDA00037732692900001411
Figure BDA00037732692900001412
in step S203 of the embodiment of the present invention, the decrypting, by the second monitor according to the second monitor private key and the first monitor public key, the received ciphertext by using the monitoring algorithm includes:
the second supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ) Carrying out analysis; using a second supervisor private key
Figure BDA00037732692900001413
And a first supervisor public key
Figure BDA00037732692900001414
The following calculations were performed:
Figure BDA00037732692900001415
or, the second supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ,C 4 ,C 5 ) Carrying out analysis; using a second supervisor private key
Figure BDA00037732692900001416
Local ciphertext C 2 ,C 3 ,C 4 ,C 5 And a first supervisor public key
Figure BDA00037732692900001417
The following calculations were performed:
Figure BDA0003773269290000151
Figure BDA0003773269290000152
Figure BDA0003773269290000153
in step S204 of the embodiment of the present invention, the verifying the decryption consistency of the obtained decrypted data by the receiving party, the first supervising party, and the second supervising party respectively includes:
the decryption consistency verification process of the receiving party is as follows:
Figure BDA0003773269290000154
Figure BDA0003773269290000155
or ,
Figure BDA0003773269290000161
Figure BDA0003773269290000162
Figure BDA0003773269290000163
Figure BDA0003773269290000164
the first supervisor decryption consistency verification process comprises the following steps:
Figure BDA0003773269290000165
or ,
Figure BDA0003773269290000171
Figure BDA0003773269290000172
Figure BDA0003773269290000173
the second supervisor decryption consistency verification process comprises the following steps:
Figure BDA0003773269290000174
or ,
Figure BDA0003773269290000181
Figure BDA0003773269290000182
Figure BDA0003773269290000183
the embodiment of the invention provides a public key encryption and decryption system with two independent monitoring parties, which comprises: the system comprises a sender, a receiver, a first supervisor and a second supervisor;
a sender acquires a receiver public key, a first supervisor public key and a second supervisor public key;
the sender adopts an encryption algorithm, and encrypts data to be sent by using a private key of the sender, the public key of the receiver, the public key of the first supervisor and the public key of the second supervisor to generate a ciphertext;
the sender sends the ciphertext to a public system, so that the receiver, the first supervisor and the second supervisor acquire the ciphertext by accessing the public system;
the receiving party obtains the ciphertext from the public system, and decrypts the received ciphertext by adopting a decryption algorithm according to a private key of the receiving party, a public key of the sending party, a public key of a first supervisor and a public key of a second supervisor to generate decrypted data;
the first supervisor obtains the ciphertext from the public system, and decrypts the received ciphertext according to the first supervisor private key and the second supervisor public key by adopting a supervision algorithm to generate decrypted data;
and the second supervisor acquires the ciphertext from the public system, decrypts the received ciphertext according to the second supervisor private key and the first supervisor public key by adopting a supervision algorithm, and generates decrypted data.
In the embodiment of the invention, let
Figure BDA0003773269290000191
As a symmetric bilinear map
Figure BDA0003773269290000192
G is a group
Figure BDA0003773269290000193
The generation element of (a) is generated,
Figure BDA0003773269290000194
as bilinear groups
Figure BDA0003773269290000195
The generator of (2); group of
Figure BDA0003773269290000196
The order of (a) is a prime number n; two hash functions hash 1 ,hash 2 Mapping any length data (0, 0.. Multidata, n-1) into integer and data with length n respectively,
Figure BDA0003773269290000197
hash 2 :{0,1} * →{0,1} n . Inputting random number with fixed length n by Key Derivation Function (KDF), outputting random number KDF with arbitrary length: {0,1} n →{0,1} *
The private keys and the public keys of the sender, the receiver, the first supervisor and the second supervisor in the embodiment of the invention are expressed as follows:
Figure BDA0003773269290000198
Figure BDA0003773269290000199
Figure BDA00037732692900001910
Figure BDA00037732692900001911
the sender inputs its private key during encryption
Figure BDA00037732692900001912
Message space
Figure BDA00037732692900001913
Is arbitrarily long, m is e {0,1} * An optional element
Figure BDA00037732692900001914
And public keys of the receiving party, the first supervisor and the second supervisor
Figure BDA00037732692900001915
The calculation is as follows:
Figure BDA00037732692900001916
C 1 :=γ,C 2 :=r·G,
Figure BDA00037732692900001917
ciphertext is C = (C) 1 ,C 2 ,C 3 ). And the sender sends the ciphertext to the receiver, the first supervisor and the second supervisor. The receiver, the first and second supervisors, and the sender can use their private keys to decrypt independently without any interaction protocol.
When the receiving side decrypts the encrypted text C = (C) 1 ,C 2 ,C 3 ) Analyzing and inputting its private key
Figure BDA00037732692900001918
Local ciphertext C 1 ,C 3 Public key of sender, first supervisor and second supervisor
Figure BDA00037732692900001919
The following calculations were made:
Figure BDA00037732692900001920
Figure BDA00037732692900001921
the decryption consistency process is as follows:
Figure BDA0003773269290000201
Figure BDA0003773269290000202
decryption calculated r 'and m' are equal to r and m used for encryption, respectively, indicating that the decryption algorithm is correct. The encryption is to encrypt the data m and decrypt the data m 'to obtain the data m'; and m = m', the data decryption is successful, and correct data is obtained. Otherwise, the encryption algorithm is wrong and cannot decrypt to obtain correct data.
When the first supervisor decrypts, the ciphertext C = (C) 1 ,C 2 ,C 3 ) Analyze it and input its private key c 1 ,c 2 And a second supervisor public key
Figure BDA0003773269290000203
The calculation is as follows:
Figure BDA0003773269290000204
the decryption consistency process is as follows:
Figure BDA0003773269290000205
when the second supervisor decrypts, the ciphertext C = (C) 1 ,C 2 ,C 3 ) Analyze it and input its private key d 1 ,d 2 And a first supervisor public key
Figure BDA0003773269290000206
The calculation is as follows:
Figure BDA0003773269290000211
the decryption consistency process is as follows:
Figure BDA0003773269290000212
in the embodiment of the invention, the security of public key encryption is higher by adding the Hash check code.
The initialization process is the same as above, and only the differences are described below:
the sender inputs its private key during encryption
Figure BDA0003773269290000213
Message space
Figure BDA0003773269290000214
Is arbitrarily long, m is e {0,1} * An optional element
Figure BDA0003773269290000215
And public keys of the receiving party, the first supervisor and the second supervisor
Figure BDA0003773269290000216
The following calculations were made:
Figure BDA0003773269290000217
Figure BDA0003773269290000218
Figure BDA0003773269290000219
Figure BDA00037732692900002110
ciphertext is C = (C) 1 ,C 2 ,C 3 ,C 4 ,C 5), wherein ,C5 For consistency checking. The sender sends the ciphertext to a public system (such as a block chain system cloud service system), and both the receiver and 2 supervisors can access the ciphertext in the system.
When the receiving side decrypts the encrypted text C = (C) 1 ,C 2 ,C 3 ,C 4 ,C 5 ) Analyzing and inputting its private key
Figure BDA00037732692900002111
Local ciphertext C 1 ,C 3 ,C 4 ,C 5 And the public keys of the sender, the first supervisor and the second supervisor
Figure BDA00037732692900002112
Is calculated as follows
Figure BDA0003773269290000221
Figure BDA0003773269290000222
Figure BDA0003773269290000223
Figure BDA0003773269290000224
Such as C 5 =C 5 ', the message m' is accepted, otherwise rejected.
The decryption consistency process is as follows:
Figure BDA0003773269290000225
Figure BDA0003773269290000226
Figure BDA0003773269290000227
Figure BDA0003773269290000228
when the first supervisor decrypts, ciphertext C = (C) 1 ,C 2 ,C 3 ,C 4 ,C 5 Analyzing and inputting its private key
Figure BDA0003773269290000229
Local ciphertext C 2 ,C 3 ,C 4 ,C 5 And a second supervisor public key
Figure BDA00037732692900002210
Is calculated as follows
Figure BDA0003773269290000231
Figure BDA0003773269290000232
Figure BDA0003773269290000233
Such as C 5 =C 5 ', the message m' is accepted, otherwise rejected.
The decryption consistency process is as follows:
Figure BDA0003773269290000234
Figure BDA0003773269290000235
Figure BDA0003773269290000236
when the second supervisor decrypts, the ciphertext C = (C) 1 ,C 2 ,C 3 ,C 4 ,C 5 Analyzing and inputting its private key
Figure BDA0003773269290000237
Local ciphertext C 2 ,C 3 ,C 4 ,C 5 And a first supervisor public key
Figure BDA0003773269290000238
The following calculations were made:
Figure BDA0003773269290000239
Figure BDA00037732692900002310
Figure BDA00037732692900002311
such as C 5 =C 5 ', the message m' is accepted, otherwise rejected.
The decryption consistency process is as follows:
Figure BDA0003773269290000241
Figure BDA0003773269290000242
Figure BDA0003773269290000243
all possible combinations of the technical features of the above embodiments may not be described for the sake of brevity, but should be considered as within the scope of the present disclosure as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (10)

1. A public key encryption method with two independent supervisors comprises the following steps:
acquiring a public key of a receiver, a public key of a first supervisor and a public key of a second supervisor;
encrypting data to be transmitted by using a private key of a sender, the public key of the receiver, the public key of the first supervisor and the public key of the second supervisor by adopting an encryption algorithm to generate a ciphertext;
and sending the ciphertext to a public system, so that the receiving party, the first supervisor and the second supervisor acquire the ciphertext by accessing the public system.
2. The method of claim 1, obtaining a receiver public key, a first supervisor public key, and a second supervisor public key comprising:
setting up symmetric bilinear mappings
Figure FDA0003773269280000011
Wherein G is a group
Figure FDA0003773269280000012
The generation element(s) of (a),
Figure FDA0003773269280000013
as bilinear groups
Figure FDA0003773269280000014
The generator of (2); group(s)
Figure FDA0003773269280000015
The order of (a) is a prime number n;
hash using two hash functions 1 ,hash 2 Mapping any length data {0,1, n-1} into integer and length n data respectively, i.e. mapping
Figure FDA0003773269280000016
hash 2 :{0,1} * →{0,1} n
Wherein the hash function hash 1 The input of (1) is 0 or 1 with any length, and the output range is a natural number between 0 and n-1; hash function hash 2 The input of (1) is 0 or 1 with any length, and the output length is 0 or 1 random character string with n bits; * The number represents 0/1bit of arbitrary length; {0,1} * Represents 0/1bit data of any length; {0,1} n Represents the number of 0/1bit of fixed lengthAccordingly;
Figure FDA0003773269280000017
is a natural number between 0 and n-1;
the random number with fixed length n is mapped into random number KDF with arbitrary length output by using key derivation function KDF: {0,1} n →{0,1} *
Private key of sender
Figure FDA0003773269280000018
And public key
Figure FDA0003773269280000019
The expression is as follows:
Figure FDA00037732692800000110
private key of receiver
Figure FDA00037732692800000111
And public key
Figure FDA00037732692800000112
The expression is as follows:
Figure FDA00037732692800000113
private key of first supervisor
Figure FDA00037732692800000114
And a public key
Figure FDA00037732692800000115
The expression is as follows:
Figure FDA00037732692800000116
private key of second supervisor
Figure FDA00037732692800000117
And public key
Figure FDA00037732692800000118
The expression is as follows:
Figure FDA0003773269280000021
Figure FDA0003773269280000022
2 random numbers a are selected in the range of 0 to n-1 on behalf of the sender 1 ,a 2 And a private key is combined
Figure FDA0003773269280000023
Splitting into 2 parts;
Figure FDA0003773269280000024
2 random numbers b are selected in the range of 0 to n-1 on behalf of the receiver 1 ,b 2 (ii) a And to use the private key
Figure FDA0003773269280000025
Splitting into 2 parts;
Figure FDA0003773269280000026
selecting 2 random numbers c in the range of 0 to n-1 on behalf of the first supervisor 1 ,c 2 (ii) a And to use the private key
Figure FDA0003773269280000027
Splitting into 2 parts;
Figure FDA0003773269280000028
selecting 2 random numbers d in the range of 0 to n-1 on behalf of the second supervisor 1 ,d 2 (ii) a And to use the private key
Figure FDA0003773269280000029
Splitting into 2 parts;
g is a base point G on the elliptic curve and is a public system parameter;
Figure FDA00037732692800000210
the representative sender is based on the base point G and the random number a 1 ,a 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the sender, and the public key is used
Figure FDA00037732692800000211
Splitting into 2 parts;
Figure FDA00037732692800000212
the representative receiver is based on the base point G and the random number b 1 ,b 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the receiving party, and the public key is used
Figure FDA00037732692800000213
Splitting into 2 parts;
Figure FDA00037732692800000214
representing a first supervisor based on a base point G and a random number c 1 ,c 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the first supervisor, and the public key is used
Figure FDA00037732692800000215
Splitting into 2 parts;
Figure FDA00037732692800000216
representing the second supervisor based on the base point G and the random number d 1 ,d 2 2 elliptic curve points are calculated, the 2 elliptic curve points are the public key of the second supervisor, and the public key is used
Figure FDA00037732692800000217
Split into 2 parts.
3. The method of claim 2, wherein the employing an encryption algorithm to encrypt data to be transmitted using a sender's private key, the receiver's public key, the first supervisor public key, and the second supervisor public key comprises:
using sender private key
Figure FDA00037732692800000218
Data to be transmitted
Figure FDA00037732692800000219
Is arbitrarily long, m is e {0,1} * An optional element
Figure FDA00037732692800000220
And the receiver public key, the first supervisor public key and the second supervisor public key
Figure FDA0003773269280000031
The following calculations were performed:
Figure FDA0003773269280000032
C 1 :=γ,C 2 :=r·G,
Figure FDA0003773269280000033
generate ciphertext C = (C) 1 ,C 2 ,C 3 ) Wherein, | | represents that two data are spliced together to form a whole as the input of a hash function;
hash function hash 1 A natural number between 0 and n-1 of the output;
Figure FDA0003773269280000034
is a bitwise exclusive-or operation in a computer;
alternatively, the sender private key is utilized
Figure FDA0003773269280000035
Data to be transmitted
Figure FDA0003773269280000036
Is arbitrarily long, m is e {0,1} * An optional element
Figure FDA0003773269280000037
And the receiver public key, the first supervisor public key and the second supervisor public key
Figure FDA0003773269280000038
The following calculations were performed:
Figure FDA0003773269280000039
Figure FDA00037732692800000310
Figure FDA00037732692800000311
Figure FDA00037732692800000312
generate ciphertext C = (C) 1 ,C 2 ,C 3 ,C 4 ,C 5), wherein ,
Figure FDA00037732692800000313
the method comprises the steps that a private key is used as a random number to carry out point doubling operation on elliptic curve points, wherein the elliptic curve points are public keys of a receiving party;
= denotes assignment, assigning the value of the parameter on the right of the symbol to the parameter on the left of the symbol;
Figure FDA00037732692800000314
the corner mark r in the upper right corner refers to bilinear mapping
Figure FDA00037732692800000315
And after the calculation is finished, calculating the power of r.
4. A decryption method with two independent supervisors comprising: a ciphertext in the public system is encrypted by the method of any one of claims 1 to 3;
the receiving party obtains the ciphertext from the public system, and decrypts the received ciphertext by adopting a decryption algorithm according to a private key of the receiving party, a public key of the sending party, a public key of a first supervisor and a public key of a second supervisor to generate decrypted data;
the first supervisor obtains the ciphertext from the public system, and decrypts the received ciphertext according to the first supervisor private key and the second supervisor public key by adopting a supervision algorithm to generate decrypted data;
and the second supervisor acquires the ciphertext from the public system, decrypts the received ciphertext according to the second supervisor private key and the first supervisor public key by adopting a supervision algorithm, and generates decrypted data.
5. The method of claim 4, further comprising:
and the receiving party, the first supervisor and the second supervisor respectively carry out decryption consistency verification on the obtained decrypted data.
6. The method of claim 4, wherein the receiving party employs a decryption algorithm, and decrypting the received ciphertext according to the receiving party private key, the sending party public key, the first supervisor public key, and the second supervisor public key comprises:
the receiving party obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ) Carrying out analysis; using the private key of the receiving party
Figure FDA0003773269280000041
Local ciphertext C 1 ,C 3 Said sender public key, said first supervisor public key and said second supervisor public key
Figure FDA0003773269280000042
The following calculations were performed:
Figure FDA0003773269280000043
Figure FDA0003773269280000044
where r' is the hash function hash 1 A natural number between 0 and n-1 of the output;
alternatively, the receiving party pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ,C 4 ,C 5 ) Carrying out analysis; using the private key of the receiving party
Figure FDA0003773269280000045
Local ciphertext C 1 ,C 3 ,C 4 ,C 5 The sender public key, the first supervisor public key and the second supervisor public key
Figure FDA0003773269280000046
The following calculations were performed:
Figure FDA0003773269280000047
Figure FDA0003773269280000048
Figure FDA0003773269280000049
Figure FDA00037732692800000410
7. the method of claim 4, the first supervisor employing a supervisory algorithm, the decrypting the received ciphertext according to the first supervisor private key and the second supervisor public key comprising:
the first supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ) Carrying out analysis; using a first supervisor private key
Figure FDA00037732692800000411
And a second supervisor public key
Figure FDA00037732692800000412
The following calculations were performed:
Figure FDA00037732692800000413
or, the first supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ,C 4 ,C 5 ) Carrying out analysis; using a first supervisor private key
Figure FDA0003773269280000051
Local ciphertext C 2 ,C 3 ,C 4 ,C 5 And a second supervisor public key
Figure FDA0003773269280000052
The following calculations were performed:
Figure FDA0003773269280000053
Figure FDA0003773269280000054
Figure FDA0003773269280000055
8. the method of claim 4, the second supervisor employing a supervisory algorithm, the decrypting the received ciphertext according to the second supervisor private key and the first supervisor public key comprising:
the second supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ) Carrying out analysis; using a second supervisor private key
Figure FDA0003773269280000056
And a first supervisor public key
Figure FDA0003773269280000057
The following calculations were performed:
Figure FDA0003773269280000058
or, the second supervisor pair obtains the ciphertext C = (C) from the public system 1 ,C 2 ,C 3 ,C 4 ,C 5 ) Carrying out analysis; using a second supervisor private key
Figure FDA0003773269280000059
Local ciphertext C 2 ,C 3 ,C 4 ,C 5 And a first supervisor public key
Figure FDA00037732692800000510
The following calculations were performed:
Figure FDA00037732692800000511
Figure FDA00037732692800000512
Figure FDA00037732692800000513
9. the method of claim 5, the receiver, the first supervisor and the second supervisor respectively performing decryption consistency verification on the obtained decrypted data comprising:
the decryption consistency verification process of the receiving party is as follows:
Figure FDA0003773269280000061
Figure FDA0003773269280000062
or ,
Figure FDA0003773269280000063
Figure FDA0003773269280000064
Figure FDA0003773269280000065
Figure FDA0003773269280000066
the first supervisor decryption consistency verification process comprises the following steps:
Figure FDA0003773269280000071
or ,
Figure FDA0003773269280000072
Figure FDA0003773269280000073
Figure FDA0003773269280000074
the second supervisor decryption consistency verification process comprises the following steps:
Figure FDA0003773269280000081
or ,
Figure FDA0003773269280000082
Figure FDA0003773269280000083
Figure FDA0003773269280000084
10. a public key encryption and decryption system having two independent supervisors, comprising: the system comprises a sender, a receiver, a first supervisor and a second supervisor;
a sender acquires a public key of a receiver, a public key of a first supervisor and a public key of a second supervisor;
the sender adopts an encryption algorithm, and encrypts data to be sent by using a private key of the sender, the public key of the receiver, the public key of the first supervisor and the public key of the second supervisor to generate a ciphertext;
the sender sends the ciphertext to a public system, so that the receiver, the first supervisor and the second supervisor acquire the ciphertext by accessing the public system;
the receiving party obtains the ciphertext from the public system, and decrypts the received ciphertext by adopting a decryption algorithm according to a private key of the receiving party, a public key of the sending party, a public key of a first supervisor and a public key of a second supervisor to generate decrypted data;
the first supervisor obtains the ciphertext from the public system, and decrypts the received ciphertext according to the first supervisor private key and the second supervisor public key by adopting a supervision algorithm to generate decrypted data;
and the second supervisor acquires the ciphertext from the public system, decrypts the received ciphertext according to the second supervisor private key and the first supervisor public key by adopting a supervision algorithm, and generates decrypted data.
CN202210908536.8A 2022-07-29 2022-07-29 Public key encryption method and system with two independent monitoring parties, and public key decryption method and system Pending CN115314192A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210908536.8A CN115314192A (en) 2022-07-29 2022-07-29 Public key encryption method and system with two independent monitoring parties, and public key decryption method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210908536.8A CN115314192A (en) 2022-07-29 2022-07-29 Public key encryption method and system with two independent monitoring parties, and public key decryption method and system

Publications (1)

Publication Number Publication Date
CN115314192A true CN115314192A (en) 2022-11-08

Family

ID=83858981

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210908536.8A Pending CN115314192A (en) 2022-07-29 2022-07-29 Public key encryption method and system with two independent monitoring parties, and public key decryption method and system

Country Status (1)

Country Link
CN (1) CN115314192A (en)

Similar Documents

Publication Publication Date Title
CN111740828B (en) Key generation method, device and equipment and encryption and decryption method
CN111079128B (en) Data processing method and device, electronic equipment and storage medium
CN101340279B (en) Method, system and apparatus for data ciphering and deciphering
CN107135080B (en) SM9 decryption method and device
EP3020158B1 (en) Key agreement device and method
CN106712946B (en) Data safety transmission method
CN110138739B (en) Data information encryption method and device, computer equipment and storage medium
CN108632296B (en) Dynamic encryption and decryption method for network communication
US11616641B2 (en) Computer implemented system and method for sharing a common secret
CN113711564A (en) Computer-implemented method and system for encrypting data
CN104158880A (en) User-end cloud data sharing solution
CN112564906A (en) Block chain-based data security interaction method and system
CN105100085A (en) Information encryption and decryption methods and devices
CN114448641A (en) Privacy encryption method, electronic equipment, storage medium and chip
CN107249002B (en) Method, system and device for improving safety of intelligent electric energy meter
Reshma et al. Pairing-free CP-ABE based cryptography combined with steganography for multimedia applications
KR101899130B1 (en) Methods for encrypting data, decrypting data and apparatus using the same
CN107104788A (en) The ciphering signature method and apparatus of terminal and its non-repudiation
BAYKARA et al. A novel symmetric encryption algorithm and its implementation
CN115883212A (en) Information processing method, device, electronic equipment and storage medium
KR101793528B1 (en) Certificateless public key encryption system and receiving terminal
KR102304831B1 (en) Encryption systems and method using permutaion group based cryptographic techniques
JPH08204701A (en) Electronic mail cipher communication system and cipher communication method
CN115314192A (en) Public key encryption method and system with two independent monitoring parties, and public key decryption method and system
CN112954388A (en) Data file acquisition method and device, terminal equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination