CN115314205B - Collaborative signature system and method based on key segmentation - Google Patents

Collaborative signature system and method based on key segmentation Download PDF

Info

Publication number
CN115314205B
CN115314205B CN202211243282.9A CN202211243282A CN115314205B CN 115314205 B CN115314205 B CN 115314205B CN 202211243282 A CN202211243282 A CN 202211243282A CN 115314205 B CN115314205 B CN 115314205B
Authority
CN
China
Prior art keywords
terminal
signature
server
key
key component
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211243282.9A
Other languages
Chinese (zh)
Other versions
CN115314205A (en
Inventor
刘歆
王亮
王天顺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sinoinfosec Beijing Technology Co ltd
Original Assignee
Sinoinfosec Beijing Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sinoinfosec Beijing Technology Co ltd filed Critical Sinoinfosec Beijing Technology Co ltd
Priority to CN202211243282.9A priority Critical patent/CN115314205B/en
Publication of CN115314205A publication Critical patent/CN115314205A/en
Application granted granted Critical
Publication of CN115314205B publication Critical patent/CN115314205B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Abstract

The invention discloses a collaborative signature system and a collaborative signature method based on key partitioning. The invention adopts the key segmentation technology to realize the independent generation and independent storage of the key components at the mobile intelligent terminal password module and the server end; in the signature process, a collaborative signature technology is adopted, the mobile intelligent terminal password module and the server end respectively calculate respective signature results by using respective secret key components, the two parties exchange intermediate signature results, and finally the mobile intelligent terminal password module synthesizes a complete digital signature, so that the problem of safe storage of the secret key components in the mobile intelligent terminal is solved.

Description

Collaborative signature system and method based on key segmentation
Technical Field
The invention belongs to the technical field of cryptographic engineering, and particularly relates to a collaborative signature system and a collaborative signature method based on key segmentation.
Background
With the high-speed development of the mobile internet technology, the mobile intelligent terminal can be widely deepened into all aspects of life of people, and wonderful and convenient life experience is brought.
The application communication content of the mobile intelligent terminal is transmitted through a public wireless channel, is easy to attack and poses serious threat to information safety. Meanwhile, the possibility of being attacked is greatly increased due to the complexity of an operating system and the diversification of applications, and a great deal of safety problems are caused. And the mobile intelligent terminal uses traditional hardware password equipment to guarantee the safety, and if the mobile intelligent terminal is not easy to carry, the mobile intelligent terminal is inconvenient to connect and the like.
In the prior art, CN106327184A discloses a mobile intelligent terminal payment system and method based on secure hardware isolation, which includes: the system comprises a payment server, a mobile intelligent terminal and safety hardware; the security hardware is independent of the mobile intelligent terminal, the security of authentication data of a user is protected, random number generation, certificate request and information signature services are provided for the outside, meanwhile, the security hardware has a security storage function, a private key and a password of a payment certificate of the user are stored in the security hardware, the sensitive data are effectively prevented from being acquired by an attacker, and the payment information is confirmed by the user in the security hardware, so that the payment information is prevented from being maliciously tampered. However, the above prior art has the following technical problems: the terminal must support the safety equipment, and the environment dependence is strong; each user needs to purchase safety equipment, so that the cost is high; the user must carry and use each user and need to purchase the safety equipment, and the application is inconvenient. In addition, CN112241527A in the prior art discloses a key generation method, system and electronic device, wherein a private key is not generated by a device such as a terminal device, but both terminals of a terminal and a server cooperate to generate private key components, respectively, and any terminal cannot recover a complete private key alone, so as to protect the security of the private key from being stolen illegally, but the above prior art has the following technical problems: the terminal key protection depends on an encryption key derived from an equipment identification code of the terminal equipment, an application identification of legal application and a user identification of a legal user for protection, and the three are fixed contents and lack of external variable input, so that the security level of the terminal storage protection is low; the secret key component generated by the server side only uses random numbers and does not use a system private key to participate in operation.
Therefore, how to overcome the problem that the traditional hardware password device is not suitable for the mobile intelligent terminal in the prior art, eliminate the hidden danger of safe storage of the secret key, provide a safe software password module and a collaborative signature service, provide the basic commercial password algorithm computing power for the mobile intelligent terminal, and become a technical problem to be solved in the field.
Disclosure of Invention
The invention provides a collaborative signature system and a collaborative signature method based on key segmentation, which are suitable for a mobile intelligent terminal environment, eliminate information safety hidden dangers and provide cryptographic services for applications. The invention specifically adopts the following technical scheme:
a collaborative signature system based on key segmentation comprises a mobile intelligent terminal password module, a collaborative signature server, a key component generation protocol and a collaborative signature protocol;
the mobile intelligent terminal password module is a software password module and is used for providing mobile intelligent terminal password services for the mobile intelligent terminal, and the mobile intelligent terminal password services comprise terminal key component generation service, terminal key component storage service and terminal collaborative signature service;
the collaborative signing server is matched with the mobile intelligent terminal password module to provide server side password service, and comprises server side collaborative signing service, server side key component generation service and server side key component storage service, wherein the collaborative signing server comprises a physical password card, and the physical password card is connected with the server side collaborative signing service through a server side key component management interface and a password calculation interface.
Further, the terminal key component generating service includes generating a terminal key component by an SM2 algorithm built in a cryptographic module of the mobile intelligent terminal, and the specific process is as follows:
1) Generating a terminal private key component d Ad A
Figure 852473DEST_PATH_IMAGE001
[1,n−1];
2) The parameters D1 are calculated as a function of time,D1=[d A ]G;
3) Publishing an ID to a collaborative signing server A 、D1;
Wherein, ID A Is a terminal identity.
Further, the terminal key component storage service uses a mobile intelligent terminal password module login password as a key, and adopts SM4 algorithm encryption to protect the terminal key component, and the specific process is as follows:
1) The derived K1 is used with the login password and salt value salt,K1=PBKDF(password,salt)
2) Protected by K1 encryptiond AENCd A =SM4(K1, dA)
3) StoringENCd A
Further, the terminal collaborative signature service starts to work after the server side key component is generated, the terminal key component is used for calculating the signature intermediate result of the terminal, the intermediate signature result is exchanged with the server side, and finally the mobile intelligent terminal cryptographic module synthesizes a complete digital signature.
Further, the specific process of calculating the intermediate signature result of the terminal by using the terminal key component, exchanging the intermediate signature result with the server side, and finally synthesizing the complete digital signature by the mobile intelligent terminal cryptographic module includes:
1) Generating a random number k A1k A1
Figure 254635DEST_PATH_IMAGE001
[1,n−1]
2) Generating a random number k A2k A2
Figure 346350DEST_PATH_IMAGE001
[1,n−1]
3) Calculating the parameter W AW A =[k A1 ]U B +k A2 G={x,y};
4) A hash value e of the data M is computed,e=HASH(M)
5) The calculation of r is carried out in such a way that,r=(e+x)mod n
6) The calculation of s2 is carried out in such a way that,s2=[d A -1 ][k A1 ]mod n
7) The calculation of s3 is carried out,s3=(k A2 +r)[d A -1 ]mod n
8) Publishing s2, s3 to the co-signing server;
9) After the t value disclosed by the server-side cooperative signature service is obtained, the s value is calculated,s=t-r;
10 ) constitute a complete signature value(r,s)。
Furthermore, the physical password card is provided with a PCI-E interface and is used for realizing the generation, storage and password calculation of the key component at the server side.
Further, the specific process of the service side key component generation service is as follows:
1) Generating a random number d 2d 2
Figure 277397DEST_PATH_IMAGE001
[1,n−1];
2) The parameters D2 are calculated such that,D2=[d 2 ]G;
3) Computing a server-side key component d Bd B =[d 2 +h·s]G;(h=Hash(D1|| D2||ID A ) Wherein, the Hash is SM3 cipher Hash algorithm, s is the private key of the collaborative signature server;
4) The complete public key P is calculated and,P=[d B ]D1−G;
5) Generating a random number k Bk B
Figure 218677DEST_PATH_IMAGE001
[1,n−1]
6) Calculating the parameter U BU B =[k B ]G
Publishing U to terminal B ,P。
Further, the server-side collaborative signing service calculates a signing intermediate result by using a server-side secret key component, exchanges the intermediate signing result in cooperation with the terminal, and finally synthesizes a complete digital signature by the mobile intelligent terminal cryptographic module, wherein the specific process comprises the following steps:
1) The server side calculates the t and the t,t=([d B -1 ][k B ]s2+[d B -1 ]s3)mod n
2) And disclosing t to the terminal.
The invention also relates to a key partitioning based co-signing method for a system as described above, said method comprising the steps of:
(1) Mobile intelligent terminal password moduleThe block sends out a key component generating instruction and informs the server end of the instruction, and the mobile intelligent terminal password module generates a component d of a complete terminal private key A Then calculating and issuing the D1 declaration parameter to the server side;
(2) The server side generates the component d of the complete private key of the terminal after receiving the key component generation instruction of the terminal B Then, calculating and issuing a complete public key P to the terminal, wherein both parties can not calculate the complete private key of the terminal according to the declaration parameters generated and obtained by the parties;
(3) The mobile intelligent terminal password module sends a collaborative signature application to the server side, and the server side generates a random number k B Recalculating and publishing U B Giving a terminal;
(4) U for receiving server end feedback by mobile intelligent terminal cipher module B Then, calculating a signature part result r, and calculating and disclosing signature intermediate results s2 and s3 to a server side;
(5) Server side use key component d B Calculating and disclosing the intermediate signature result t to the terminal according to the intermediate signature results s2 and s3;
(6) And the mobile intelligent terminal password module calculates to obtain a complete digital signature according to the signature part result r and the signature middle result t.
Further, the step (2) specifically includes:
1) Generating a random number d 2d 2
Figure 893372DEST_PATH_IMAGE001
[1,n−1];
2) The parameters D2 are calculated such that,D2=[d 2 ]G;
3) Computing server-side key component d Bd B =[d 2 +h·s]G;(h=Hash(D1|| D2||ID A ) Wherein, the Hash is SM3 cipher Hash algorithm, s is the private key of the collaborative signature server;
4) The complete public key P is calculated and,P=[d B ]D1−G
go to endEnd disclosure U B
The invention solves the problem that the traditional hardware password equipment is not suitable for the mobile intelligent terminal based on the key segmentation technology, eliminates the hidden danger of safe storage of the key, provides a safe software password module and a collaborative signature service, and provides basic commercial password algorithm computing capacity for the mobile intelligent terminal. Compared with the prior art, the invention has the following beneficial effects: (1) The invention adopts a key division mechanism to divide the complete private key of the terminal into a terminal key component and a server-side key component so as to ensure the safe storage of the key at the terminal; (2) The invention provides a collaborative signature mechanism, when a terminal carries out signature, the terminal and a server end respectively calculate respective signature intermediate results, the two parties exchange the signature intermediate results, and finally the terminal synthesizes a complete digital signature; (3) The collaborative signature system does not depend on hardware password equipment, and a complete terminal private key does not appear at any time in a key period, so that the risk of leakage of the complete terminal private key is avoided, and the terminal hardware password equipment performs key protection; (4) The cloud password service system adopts a container-based lightweight security isolation mechanism, and the isolation mechanism combines various measures to guarantee that tenants cannot illegally access; (5) The invention fully supports the domestic cryptographic algorithm and the domestic hardware platform and follows the relevant industrial standard of China.
Drawings
FIG. 1 is a schematic diagram of the system of the present invention.
FIG. 2 is a flow chart of the method of the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings. The following examples are only for illustrating the technical solutions of the present invention more clearly, and the protection scope of the present invention is not limited thereby. It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the present application. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
The invention aims to provide a collaborative signature system based on key segmentation and an implementation method thereof, the invention adopts a key segmentation technology to realize independent generation and independent storage of key components at a mobile intelligent terminal cryptographic module and a server end, and the safe storage of keys is ensured; in the signature process, a collaborative signature technology is adopted, the mobile intelligent terminal password module and the server side respectively calculate respective signature results by using respective secret key components, the two sides exchange intermediate signature results, and finally the mobile intelligent terminal password module synthesizes a complete digital signature.
As shown in fig. 1, a collaborative signature system based on key partitioning according to the present invention includes: the mobile intelligent terminal comprises a mobile intelligent terminal password module and a collaborative signature server.
The mobile intelligent terminal cryptographic module is a pure software cryptographic module and provides cryptographic services such as collaborative signature, terminal key component generation and storage for the terminal, and the cryptographic services comprise a terminal key component generation service, a key component storage service and a terminal collaborative signature service based on key segmentation;
the terminal key component generating service based on key segmentation generates the terminal key component through an SM2 algorithm built in a cryptographic module of a mobile intelligent terminal, and the specific process is as follows:
1) Generating a terminal private key component d Ad A
Figure 102243DEST_PATH_IMAGE001
[1,n−1];
2) The parameters D1 are calculated as a function of time,D1=[d A ]G;
3) Disclosing IDs to a co-signing server A 、D1。(ID A Is terminal identity mark)
The key component storage service uses a mobile intelligent terminal password module login password as a key, and adopts SM4 algorithm encryption to protect the terminal key component, and the specific process is as follows:
1) The derived K1 is used with the login password and salt value salt,K1=PBKDF(password,salt)
2) Protected by K1 encryptiond AENCd A =SM4(K1, dA)
3) StoringENCd A
The terminal collaborative signing service can start working after a server side key component is generated, calculates a signing intermediate result of a terminal by using the terminal key component, exchanges the intermediate signing result with the server side, and finally synthesizes a complete digital signature by a mobile intelligent terminal password module, and the specific process is as follows:
1) Generating a random number k A1k A1
Figure 204192DEST_PATH_IMAGE001
[1,n−1]
2) Generating a random number k A2k A2
Figure 367189DEST_PATH_IMAGE001
[1,n−1]
3) Calculating the parameter W AW A =[k A1 ]U B +k A2 G={x,y};
4) A hash value e of the data M is computed,e=HASH(M)
5) The calculation of r is carried out in such a way that,r=(e+x)mod n
6) The calculation of s2 is carried out in such a way that,s2=[d A -1 ][k A1 ]mod n
7) The calculation of s3 is carried out,s3=(k A2 +r)[d A -1 ]mod n
8) Exposing s2, s3 to the co-signing server;
9) After the t value disclosed by the server-side collaborative signature service is obtained, the s value is calculated,s=t-r;
10 ) constitute a complete signature value(r,s);
The collaborative signature server is matched with a terminal password module to realize cryptographic services such as collaborative signature, server side key component generation and storage and the like, and comprises a physical password card and a server side collaborative signature service.
The physical password card is provided with a PCI-E interface and realizes password equipment for generating, storing and calculating the key component of the server side.
The server side key component generation process is as follows:
1) Generating a random number d 2d 2
Figure 439050DEST_PATH_IMAGE001
[1,n−1];
2) The parameters D2 are calculated such that,D2=[d 2 ]G;
3) Computing a server-side key component d Bd B =[d 2 +h·s]G;(h=Hash(D1|| D2||ID A ) Hash is SM3 cryptographic Hash algorithm, s is private key of the collaborative signature server)
4) The complete public key P is calculated and,P=[d B ]D1−G
5) Generating a random number k Bk B
Figure 754625DEST_PATH_IMAGE001
[1,n−1]
6) Calculating the parameter U BU B =[k B ]G
7) Disclosing U to terminal B ,P;
The server-side collaborative signing service calculates a signing intermediate result by using a server-side secret key component, exchanges the intermediate signing result in cooperation with the terminal, and finally synthesizes a complete digital signature by the mobile intelligent terminal cryptographic module.
1) The server side calculates the t and calculates the t,t=([d B -1 ][k B ]s2+[d B -1 ]s3)mod n
2) Disclosing t to the terminal;
as shown in fig. 2, a collaborative signing method based on key partitioning according to the present invention includes the following steps:
(1) The mobile intelligent terminal password module sends out a secret key component generation instruction and informs the server side of the instruction, and the mobile intelligent terminal password module generates a component d of a complete private key of the terminal A And then calculating and issuing the D1 declaration parameter to the server side.
1) Generating a terminal private key component d Ad A
Figure 778206DEST_PATH_IMAGE001
[1,n−1];
2) The parameters D1 are calculated as a function of time,D1=[d A ]G;
3) Disclosing IDs to a co-signing server A 、D1。(ID A Is terminal identity mark)
(2) The server side generates the component d of the complete private key of the terminal after receiving the key component generation instruction of the terminal B And then, calculating and issuing the complete public key P to the terminal, wherein both parties can not calculate the complete private key of the terminal according to the declaration parameters generated and obtained by the parties.
1) Generating a random number d 2d 2
Figure 913653DEST_PATH_IMAGE001
[1,n−1];
2) The parameters D2 are calculated so that,D2=[d 2 ]G;
3) Computing a server-side key component d Bd B =[d 2 +h·s]G;(h=Hash(D1|| D2||ID A ) Hash is SM3 cryptographic Hash algorithm, s is private key of the collaborative signature server
4) The complete public key P is calculated and,P=[d B ]D1−G
5) Disclosing U to terminal B
(3) The mobile intelligent terminal password module sends a collaborative signature application to the server side, and the server side generates a selected random number k B Recalculating and publishing U B To the terminal.
1) Generating a random number k Bk B
Figure 789205DEST_PATH_IMAGE001
[1,n−1]
2) Calculating the parameter U BU B =[k B ]G
(4) U fed back by server end is received to mobile intelligent terminal cipher module B And then, calculating a signature part result r, and calculating and disclosing signature intermediate results s2 and s3 to the server side.
1) Generating a random number k A1k A1
Figure 208554DEST_PATH_IMAGE001
[1,n−1]
2) Generating a random number k A2k A2
Figure 917884DEST_PATH_IMAGE001
[1,n−1]
3) Calculating the parameter W AW A =[k A1 ]U B +k A2 G={x,y};
4) A hash value e of the data M is computed,e=HASH(M)
5) The calculation of r is carried out in such a way that,r=(e+x)mod n
6) The calculation of s2 is carried out in such a way that,s2=[d A -1 ][k A1 ]mod n
7) The calculation of s3 is carried out,s3=(k A2 +r)[d A -1 ]mod n
8) Exposing s2, s3 to the co-signing server;
(5) Server side using key component d B And calculating and disclosing the intermediate signature result t to the terminal according to the intermediate signature results s2 and s 3.
1) The server side calculates the t and the t,t=([d B -1 ][k B ]s2+[d B -1 ]s3)mod n
2) Disclosing t to the terminal;
(6) And the mobile intelligent terminal password module calculates to obtain a complete digital signature according to the signature part result r and the signature middle result t.
1) After the t value disclosed by the server-side collaborative signature service is obtained, the s value is calculated,s=t-r;
2) Composing a complete signature value(r,s);
As described above, only the preferred embodiments of the present invention are described, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should be considered as the protection scope of the present invention.

Claims (6)

1. A collaborative signature system based on key segmentation is characterized by comprising a mobile intelligent terminal cryptographic module, a collaborative signature server, a key component generation protocol and a collaborative signature protocol;
the mobile intelligent terminal password module is a software password module and is used for providing mobile intelligent terminal password services for the mobile intelligent terminal, and the mobile intelligent terminal password services comprise terminal key component generation service, terminal key component storage service and terminal collaborative signature service;
the collaborative signing server is matched with the mobile intelligent terminal password module to provide server side password service, and comprises server side collaborative signing service, server side key component generation service and server side key component storage service, wherein the collaborative signing server comprises a physical password card, and the physical password card is connected with the server side collaborative signing service through a server side key component management interface and a password calculation interface;
the terminal key component generation service includes generating a terminal key component, and the specific process is as follows:
1) Generating a terminal private key component d Ad A
Figure 116975DEST_PATH_IMAGE001
[1,n−1];
2) The parameters D1 are calculated as a function of time,D1=[d A ]G;
3) Publishing an ID to a collaborative signing server A 、D1;
Wherein, ID A Is a terminal identity;
the specific process of calculating the intermediate signature result of the terminal by using the terminal key component, exchanging the intermediate signature result with the server side and finally synthesizing the complete digital signature by the mobile intelligent terminal cryptographic module comprises the following steps:
1) Generating a random number k A1k A1
Figure 140557DEST_PATH_IMAGE001
[1,n−1]
2) Generating a random number k A2k A2
Figure 72741DEST_PATH_IMAGE001
[1,n−1]
3) Calculating the parameter W AW A =[k A1 ]U B +k A2 G={x,y};
4) A hash value e of the data M is computed,e=HASH(M)
5) The calculation of r is carried out in such a way that,r=(e+x)mod n
6) MeterCalculating the sum of the s2,s2=[d A -1 ][k A1 ]mod n
7) The calculation of s3 is carried out in such a way that,s3=(k A2 +r)[d A -1 ]mod n
8) Publishing s2, s3 to the co-signing server;
9) After the t value disclosed by the server-side collaborative signature service is obtained, the s value is calculated,s=t-r;
10 Constitute a complete signature value(r,s);
The specific process of the server side key component generating service is as follows:
1) Generating a random number d 2d 2
Figure 604085DEST_PATH_IMAGE001
[1,n−1];
2) The parameters D2 are calculated so that,D2=[d 2 ]G;
3) Computing a server-side key component d Bd B =[d 2 +h·f]G;h=Hash(D1|| D2||ID A ) Wherein, the Hash is SM3 cipher Hash algorithm, f is private key of the cooperative signature server;
4) The complete public key P is calculated and,P=[d B ]D1−G;
5) Generating a random number k Bk B
Figure 39746DEST_PATH_IMAGE001
[1,n−1]
6) Calculating the parameter U BU B =[k B ]G
Disclosing U to terminal B ,P;
The server-side collaborative signing service calculates a signing intermediate result by using a server-side secret key component, exchanges the intermediate signing result in cooperation with a terminal, and finally synthesizes a complete digital signature by a mobile intelligent terminal password module, wherein the specific process comprises the following steps:
1) The server side calculates the t and calculates the t,t=([d B -1 ][k B ]s2+[d B -1 ]s3)mod n
2) T is disclosed to the terminal.
2. The collaborative signature system based on key partitioning as claimed in claim 1, wherein the terminal key component storage service uses a mobile smart terminal cryptographic module login password as a key, and uses SM4 algorithm to encrypt and protect the terminal key component, and the specific process is as follows:
1) K1 is derived using the login password and salt,
K1=PBKDF(password,salt)
2) Protected by K1 encryptiond AENCd A =SM4(K1, dA)
3) StoringENCd A
3. The key partitioning-based cooperative signing system according to claim 1, wherein the terminal cooperative signing service starts to work after the server side key component is generated, calculates the intermediate signing result of the terminal by using the terminal key component, exchanges the intermediate signing result with the server side, and finally synthesizes the complete digital signature by the mobile intelligent terminal cryptographic module.
4. The key partitioning-based cooperative signing system of claim 1, wherein said physical cryptographic card has a PCI-E interface for implementing server-side key component generation, storage and cryptographic computation.
5. A key-split based co-signing method for use in a system according to any of claims 1-4, said method comprising the steps of:
(1) Mobile intelligent terminal password moduleThe block sends out a key component generation instruction and informs the server end of the instruction, and the mobile intelligent terminal password module generates a component d of a complete private key of the terminal A Then calculating and issuing the D1 declaration parameter to a server side;
(2) The server side generates the component d of the complete private key of the terminal after receiving the key component generation instruction of the terminal B Then, calculating and issuing a complete public key P to the terminal, wherein both parties can not calculate the complete private key of the terminal according to the declaration parameters generated and obtained by the own party;
(3) The mobile intelligent terminal password module sends a collaborative signature application to the server side, and the server side generates a selected random number k B Recalculating and publishing U B Giving a terminal;
(4) U for receiving server end feedback by mobile intelligent terminal cipher module B Then, calculating a signature part result r, and calculating and disclosing signature intermediate results s2 and s3 to a server side;
(5) Server side use key component d B Calculating and disclosing the intermediate signature result t to the terminal according to the intermediate signature results s2 and s3;
(6) And the mobile intelligent terminal password module calculates to obtain a complete digital signature according to the signature part result r and the signature middle result t.
6. The key partitioning-based co-signing method according to claim 5, wherein the step (2) specifically comprises:
1) Generating a random number d 2d 2
Figure 502738DEST_PATH_IMAGE001
[1,n−1];
2) The parameters D2 are calculated so that,D2=[d 2 ]G;
3) Computing a server-side key component d Bd B =[d 2 +h·f]G;h=Hash(D1|| D2||ID A ) Wherein, the Hash is SM3 cipher Hash algorithm, f is private key of the collaborative signature server;
4) The complete public key P is calculated and,P=[d B ]D1−G
5) Publishing U to terminal B
CN202211243282.9A 2022-10-11 2022-10-11 Collaborative signature system and method based on key segmentation Active CN115314205B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211243282.9A CN115314205B (en) 2022-10-11 2022-10-11 Collaborative signature system and method based on key segmentation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211243282.9A CN115314205B (en) 2022-10-11 2022-10-11 Collaborative signature system and method based on key segmentation

Publications (2)

Publication Number Publication Date
CN115314205A CN115314205A (en) 2022-11-08
CN115314205B true CN115314205B (en) 2023-01-03

Family

ID=83868189

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211243282.9A Active CN115314205B (en) 2022-10-11 2022-10-11 Collaborative signature system and method based on key segmentation

Country Status (1)

Country Link
CN (1) CN115314205B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116827542B (en) * 2023-08-29 2023-11-07 江苏省国信数字科技有限公司 Digital certificate management method and system of intelligent device

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107196763A (en) * 2017-07-06 2017-09-22 数安时代科技股份有限公司 SM2 algorithms collaboration signature and decryption method, device and system
CN109274503A (en) * 2018-11-05 2019-01-25 北京仁信证科技有限公司 Distributed collaboration endorsement method and distributed collaboration signature apparatus, soft shield system
CN110224812A (en) * 2019-06-12 2019-09-10 江苏慧世联网络科技有限公司 A kind of method and equipment that the electronic signature mobile client calculated based on Secure is communicated with Collaboration Server
CN111200502A (en) * 2020-01-03 2020-05-26 信安神州科技(广州)有限公司 Collaborative digital signature method and device
CN112187469A (en) * 2020-09-21 2021-01-05 浙江省数字安全证书管理有限公司 SM2 multi-party collaborative digital signature method and system based on key factor
CN112632630A (en) * 2019-10-08 2021-04-09 航天信息股份有限公司 SM 2-based collaborative signature calculation method and device
CN113468580A (en) * 2021-07-23 2021-10-01 建信金融科技有限责任公司 Multi-party collaborative signature method and system
CN113676333A (en) * 2021-08-23 2021-11-19 西安邮电大学 Method for generating SM2 blind signature through cooperation of two parties
CN113849831A (en) * 2021-08-27 2021-12-28 北京握奇数据股份有限公司 Two-party collaborative signature and decryption method and system based on SM2 algorithm
CN113872767A (en) * 2021-08-19 2021-12-31 北京握奇数据股份有限公司 Two-party collaborative signature method and device based on ECDSA algorithm
CN114567448A (en) * 2022-04-29 2022-05-31 华南师范大学 Collaborative signature method and collaborative signature system
CN115002759A (en) * 2022-06-14 2022-09-02 北京电子科技学院 Cloud collaborative signature system and method based on cryptographic algorithm

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107196763A (en) * 2017-07-06 2017-09-22 数安时代科技股份有限公司 SM2 algorithms collaboration signature and decryption method, device and system
CN109274503A (en) * 2018-11-05 2019-01-25 北京仁信证科技有限公司 Distributed collaboration endorsement method and distributed collaboration signature apparatus, soft shield system
CN110224812A (en) * 2019-06-12 2019-09-10 江苏慧世联网络科技有限公司 A kind of method and equipment that the electronic signature mobile client calculated based on Secure is communicated with Collaboration Server
CN112632630A (en) * 2019-10-08 2021-04-09 航天信息股份有限公司 SM 2-based collaborative signature calculation method and device
CN111200502A (en) * 2020-01-03 2020-05-26 信安神州科技(广州)有限公司 Collaborative digital signature method and device
CN112187469A (en) * 2020-09-21 2021-01-05 浙江省数字安全证书管理有限公司 SM2 multi-party collaborative digital signature method and system based on key factor
CN113468580A (en) * 2021-07-23 2021-10-01 建信金融科技有限责任公司 Multi-party collaborative signature method and system
CN113872767A (en) * 2021-08-19 2021-12-31 北京握奇数据股份有限公司 Two-party collaborative signature method and device based on ECDSA algorithm
CN113676333A (en) * 2021-08-23 2021-11-19 西安邮电大学 Method for generating SM2 blind signature through cooperation of two parties
CN113849831A (en) * 2021-08-27 2021-12-28 北京握奇数据股份有限公司 Two-party collaborative signature and decryption method and system based on SM2 algorithm
CN114567448A (en) * 2022-04-29 2022-05-31 华南师范大学 Collaborative signature method and collaborative signature system
CN115002759A (en) * 2022-06-14 2022-09-02 北京电子科技学院 Cloud collaborative signature system and method based on cryptographic algorithm

Also Published As

Publication number Publication date
CN115314205A (en) 2022-11-08

Similar Documents

Publication Publication Date Title
CN111639361B (en) Block chain key management method, multi-person common signature method and electronic device
CN109088726B (en) SM2 algorithm-based collaborative signing and decrypting method and system for two communication parties
CN108989047B (en) SM2 algorithm-based cooperative signature method and system for two communication parties
CN111314089B (en) SM 2-based two-party collaborative signature method and decryption method
US8422670B2 (en) Password authentication method
CN106936592B (en) Three-party authentication key agreement method based on extended chaos algorithm
CN107425971B (en) Certificateless data encryption/decryption method and device and terminal
CN113301022B (en) Internet of things equipment identity security authentication method based on block chain and fog calculation
CN107483191A (en) A kind of SM2 algorithm secret keys segmentation signature system and method
CN113676333A (en) Method for generating SM2 blind signature through cooperation of two parties
CN112436938B (en) Digital signature generation method and device and server
CN111447065B (en) Active and safe SM2 digital signature two-party generation method
CN109272314B (en) Secure communication method and system based on two-party collaborative signature calculation
CN112118113A (en) Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm
CN115314205B (en) Collaborative signature system and method based on key segmentation
Ali et al. RFID authentication scheme based on hyperelliptic curve signcryption
US9641333B2 (en) Authentication methods, systems, devices, servers and computer program products, using a pairing-based cryptographic approach
CN115174104A (en) Attribute-based online/offline signature method and system based on secret SM9
CN116599659B (en) Certificate-free identity authentication and key negotiation method and system
Truong et al. Improved Chebyshev polynomials-based authentication scheme in client-server environment
CN111756537A (en) Two-party cooperative decryption method, system and storage medium based on SM2 standard
CN114513316B (en) Anonymous authentication method based on identity, server and user terminal equipment
CN110943826A (en) Split key signature method and system based on SM2 algorithm
Liu et al. pKAS: A secure password-based key agreement scheme for the edge cloud
Jiang et al. An anonymous user authentication with key agreement scheme without pairings for multiserver architecture using SCPKs

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant