CN116232563A - Original image Gaussian sampling method, system, electronic equipment and storage medium - Google Patents
Original image Gaussian sampling method, system, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN116232563A CN116232563A CN202211658716.1A CN202211658716A CN116232563A CN 116232563 A CN116232563 A CN 116232563A CN 202211658716 A CN202211658716 A CN 202211658716A CN 116232563 A CN116232563 A CN 116232563A
- Authority
- CN
- China
- Prior art keywords
- key
- gaussian
- sampling
- verification
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3255—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/125—Parallelization or pipelining, e.g. for accelerating processing of cryptographic operations
Abstract
The invention discloses a primary image Gaussian sampling method, which comprises the following steps: selecting a Gaussian parameter s, and generating a signature key sk and a verification key vk by using a key generation algorithm; specifically comprises determining Gaussian parameters, selecting polynomials constituting trapdoors, and selecting tool vectors g t Constructing a trapdoor matrix R to obtain a check vector a t Let signing key sk=r, verification key vk=a; signing the selected message M with a signing key sk; and carrying out validity verification on the received signature message by using the verification key vk. The invention also discloses a primary image Gaussian sampling system, computer equipment and a storage medium. The invention has fewer elements required for constructing the trapdoor, and the constructed trapdoor is a parallel version, so that the trapdoor can be completely parallelized in the process of disturbing sampling, the ring elements of the collected disturbing vector are reduced, and the efficiency of disturbing sampling is improved.
Description
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a method and a system for original Gaussian sampling, electronic equipment and a storage medium.
Background
Public key cryptography is an important way of guaranteeing information security transmission, traditional public key cryptography is widely constructed based on the problems of large number decomposition and discrete logarithm, and under the environment of a quantum computer, the security of the public key cryptography cannot be guaranteed, so that research on a quantum attack resistant cryptographic algorithm becomes an urgent task. The grid password is used as one of the post quantum algorithm systems resisting quantum computation, has a password structure with potential application value, is simple and efficient based on the grid-constructed password scheme, and is based on the difficult problem on the grid, so that the worst-case security of the grid password scheme can be reduced to average condition security, which is a characteristic not possessed by other post quantum password systems.
The character of the lattice password is good, and thus the lattice password has become a hot point of research in recent years. The original Gaussian sampling is used as one of the lattice cipher core algorithms, and has wide application in a cipher system constructed based on the lattice, wherein the hash-and-sign signature based on the original Gaussian sampling algorithm is one of the applications. Algorithm for trapdoor generation of Short Integer Solution (SIS) problem proposed by Gentry et al in 2008, and performing original gaussian sampling based on the trapdoor, but the sampling efficiency is low. To improve trapdoor generation and sampling efficiency, micciancio and Peikert in 2012 proposed a G-trapdoor, which divides the original gaussian sampling algorithm into a disturbance sample and a G-lattice sample. Compared to the normal lattice, the original gaussian sampling has higher efficiency in algebraic lattice, and in 2014 Ducas et al, ring SIS (RSIS) trapdoors were first proposed on NTRU (Number Theory Research Unit) lattice. The algebraic structure of the NTRU lattice is fully utilized by Ducas and Prest in 2016, and the efficiency of original image Gaussian sampling is improved through fast Fourier transformation. Recently, genise and Li introduce two G-trapdoor-like RSIS trapdoors on NTRU grid, the first trapdoor being a noise version, but the scrambling sampling can be completely parallelized, but the modulus q is larger, and cannot be directly combined with the fast sampling technique, resulting in lower signature efficiency; the second trapdoor has a short public key size and, although combined with the fast sampling technique, cannot be accelerated in parallel.
Disclosure of Invention
The invention mainly aims to provide a method, a system, computer equipment and a storage medium for original image Gaussian sampling, which can realize complete parallelization and can improve the original image Gaussian sampling efficiency by using a rapid sampling technology.
In order to achieve the above purpose, the technical scheme adopted by the invention is as follows:
in a first aspect, the invention discloses a method for sampling an original image by Gaussian, which comprises the following steps:
step 1: selecting a Gaussian parameter s, and generating a signature key sk and a verification key vk by using a key generation algorithm; the method specifically comprises the following steps:
step 1.1: let signed Gaussian parametersWherein α represents a quality parameter, σ represents a gaussian parameter of trapdoor, and n is Fang Mi of 2;
step 1.2: selecting polynomials f, g constituting trapdoors 1 ,g 2 ,…,g k-1 E R, where Representing a ring, ++>b is a small integer, q represents the modulus, and these polynomials are defined at R q Reversible, R q Is the coefficient modulo q of the polynomial on the ring R, and each polynomial obeys a discrete gaussian distribution with parameter σ; the method comprises the steps of carrying out a first treatment on the surface of the
Step 1.2: selecting a tool vectorConstruction of trapdoor matrix r=diag (f, g) 1 ,g 2 ,…,g k-1 )∈R k×k Let check vector->Wherein m=k;
step 1.3: selecting a tool vectorConstruction of trapdoor matrix r=diag (f, g) 1 ,g 2 ,…,g k-1 )∈R k×k Let check vector->Wherein m=k;
step 1.4: let signing key sk=r, verification key vk=a;
step 2: signing the selected message M with a signing key sk;
step 3: and carrying out validity verification on the received signature message by using the verification key vk.
Preferably, the step 2: signing the selected message M with the signing key sk comprises the steps of:
step 2.1: from the signed message space {0,1} * To select the message M to be signed, and to calculate mu=h (M, r), where h (·) is {0,1} * →R q R is a random bit string, which is a hash function for collision resistance;
Step 2.3: calculation target v= (μ -a) t ·p)·f -1 mod q and in the coset of g-latticeUpper according to discrete Gaussian distribution->And sampling to obtain a target vector z.
Step 2.4: let x=p+rz= (x 0 ,x 1 ,…,x k-1 );
Step 2.5: by the first component x in x 0 Discard, and output x' = (x) 1 ,…,x k-1 ) As a signature of the message M.
Preferably, the step 2.2: sampling disturbance vectorWherein-> The method specifically comprises the following steps:
step 2.2.1: to be used forTaking 0 as a center point as Gaussian parameter, sampling on a ring R to obtain q 0 The method comprises the steps of carrying out a first treatment on the surface of the For i=1, …, k-1, in +.>Taking 0 as a center point as Gaussian parameter, sampling on a ring R to obtain q i ;
Step 2.2.2: let p= (q 0 ,q 1 ,…,q k-1 )∈R k 。
Preferably, the step 3: the method for verifying the validity of the received signature message by using the verification key vk comprises the following steps:
step 3.1: calculating x 0 =h(M,r)-a t X mod q, where signature x' = (x) 1 ,…,x k-1 );
Step 3.2: if II (x) 0 ,x 1 ,…,x k-1 )‖ 2 ≤s 2 M.n is true, if the verification passes, otherwise the verification fails.
In a second aspect, the present invention discloses an original gaussian sampling system, comprising:
the generation module is used for selecting the Gaussian parameter s and generating a signature key sk and a verification key vk by adopting a key generation algorithm;
the signature module is used for signing the selected message M by utilizing the signature key sk;
and the verification module is used for verifying the validity of the received signature message by using the verification key vk.
In a third aspect, the present invention discloses a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the steps of the method as described above when executing the program.
In a fourth aspect, the present invention discloses a computer-readable storage medium having stored thereon a computer program for execution by a processor for performing the method as described above.
Compared with the prior art, the original image Gaussian sampling method, the original image Gaussian sampling system, the electronic equipment and the storage medium have at least the following beneficial effects:
(1) The invention has less elements required for constructing the trapdoor, reduces the time for generating the trapdoor and reduces the storage space of the trapdoor.
(2) The trapdoor constructed by the invention is a parallel version, can be completely parallelized in the process of disturbing sampling, reduces the ring elements of the sampled disturbing vector, and improves the efficiency of disturbing sampling.
(3) The invention reduces the size of the signature by reducing the Gaussian parameter, and improves the security of the digital signature.
Drawings
FIG. 1 is a flow chart of an original Gaussian sampling method of the invention;
FIG. 2 is a schematic diagram of the original Gaussian sampling system according to the present invention;
fig. 3 is a circuit module connection diagram of the computer device of the present invention.
In the figure: 101. a generating module; 102. a signature module; 103 a verification module;
300. a bus; 301. a receiver; 302. a processor; 303. a transmitter; 304. a memory; 306. a bus interface.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
The embodiment is described with reference to the flowchart of fig. 1, which illustrates the use of the original Xiang Gaosi sampling method in practical applications. In the demonstration scene, a signer S signs a message M, and a verifier V verifies the legality of the message M after receiving the signature, wherein the specific flow is as follows:
step 1: the signer S selects a signed Gaussian parameter S, and generates a signing key sk and a verification key vk by using a key generation algorithm; the method specifically comprises the following steps:
step 1.1: let signed Gaussian parametersWherein α represents a quality parameter, σ represents a gaussian parameter of trapdoor, and n is Fang Mi of 2; />
Step 1.2: selecting polynomials f, g constituting trapdoors 1 ,g 2 ,…,g k-1 E R, where Representing a ring, ++>b is a small integer, q represents the modulus, and these polynomials are defined at R q Reversible, R q Is the coefficient modulo q of the polynomial on the ring R, and each polynomial obeys a discrete gaussian distribution with parameter σ; selecting polynomials f and g 1 ,g 2 ,…,g k-1 Is carried out in the specific step oneIn the following, the selection polynomial f is taken as an example:
step 1.2.1: for i=1, …, K, the slave parameter isSelecting a random vector f from a discrete gaussian distribution of (a) 1 ,…,f K Wherein->Represents an integer;
step 1.2.2: for i=1, …, K, j=1, …, K and i+.j, f=f is calculated i +f j . If the maximum singular value s of f 1 (f) S is less than or equal to s, ending the process and returning to the f; if not, repeating the steps 1.1.1 and 1.1.2 until f returns.
Step 1.3: selecting a tool vectorConstruction of trapdoor matrix r=diag (f, g) 1 ,g 2 ,…,g k-1 )∈R k×k Let check vector->Wherein m=k;
step 1.4: let signing key sk=r, verification key vk=a.
Step 2: the signer S signs the selected message M by using the signing key sk; the method specifically comprises the following steps:
step 2.1: from the signed message space {0,1} * To select the message M to be signed, and to calculate mu=h (M, r), where h (·) is {0,1} * →R q R is a random bit string, which is a hash function for collision resistance;
step 2.2.1: to be used forTaking 0 as a center point as Gaussian parameter, sampling on a ring R to obtain q 0 The method comprises the steps of carrying out a first treatment on the surface of the For o=1, …, k-1, in +.>Taking 0 as a center point as Gaussian parameter, sampling on a ring R to obtain q i ;
Step 2.2.2: let p= (q 0 ,q 1 ,…,q k-1 )∈R k 。
In particular, in step 2.2.1Is Gaussian parameter, toThe specific process of obtaining y e R for the center point sample is as follows:
1) Let F (X) =s 2 -f 2 =f 0 +f 1 ·X+…+f n-1 ·X n-1 ,C(X)=c 0 +c 1 ·X+…+c n-1 ·X n-1 。
2) Let F 0 (X 2 )=f 0 +f 2 ·X 2 +…+f n-2 ·X n-2 Wherein f 0 ,f 2 ,…,f n-2 Representing even term coefficients in F (X); let C 0 (X 2 )=c 0 +c 2 ·X 2 +…+c n-2 ·X n-2 Wherein c 0 ,c 2 ,…,c n-2 Representing even term coefficients in C (X).
3) Let F 1 (X 2 )=f 1 +f 3 ·X 2 +…+f n-1 ·X n-2 Wherein f 1 ,f 3 ,…,f n-1 Representing odd term coefficients in F (X), i.e. F (X) =f 0 (X 2 )+X·F 1 (X 2 ). Let C 1 (X 2 )=c 1 +c 3 ·X 2 +…+c n-1 ·X n-2 Wherein c 1 ,c 3 ,…,c n-1 Representing odd term coefficients in C (X), i.e. C (X) =c 0 (X 2 )+X·C 1 (X 2 )。
4) To be used forIs Gaussian parameter, with C 1 Taking the ring R as a center point, sampling to obtain y 1 。
5) To be used forIs Gaussian parameter, in->Taking the sample as a central point and sampling on R to obtain y 0 ;
Since the tasks of step 4) and step 5) and the original task are all sampling on the ring R to get y 1 Y 0 The same is true for the two steps, but they are all half the original task, by continuing to scale down until a 1-dimensional sampling structure is obtained, so that the steps 4) and 5) can be repeated to invoke steps 1) through 5) until a 1-dimensional sampling is achieved.
6) Return y=y 0 (X 2 )+X·y 1 (X 2 )∈R。
Step 2.3: calculation target v= (μ -a) t ·p)·f -1 mod q and in the coset of g-latticeUpper according to discrete Gaussian distribution->And sampling to obtain a target vector z.
Step 2.4: let x=p+rz= (x 0 ,x 1 ,…,x k-1 );
Step 2.5: by the first component x in x 0 Discard, and output x' = (x) 1 ,…,x k-1 ) As a signature of the message M.
Step 3: the verifier V performs validity verification on the received signature message by using a verification key vk; the method comprises the following steps:
step 3.1: calculating x 0 =h(M,r)-a t X mod q, where signature x' = (x) 1 ,…,x k-1 );
Step 3.2: if II (x) 0 ,x 1 ,…,x k-1 )‖ 2 ≤s 2 M.n is true, if the verification passes, otherwise the verification fails.
The existing similar signature method cannot achieve both high parallelism and low storage space. The original Gaussian sampling algorithm provided by the invention can simultaneously improve the space efficiency and the time efficiency, and the reason is as follows:
(1) As can be seen from step 1.1 of the first embodiment, the magnitude of the Gaussian parameter s in the present invention is defined by f, g 1 ,…,g k-1 The maximum singular value of the matrix corresponding to the equal ring element is determined and is obviously smaller than Gaussian parameters in other existing methods of the same type, so that the safety can be improved;
(2) Smaller Gaussian parameters correspond to smaller modulus q, while the number of ring elements in the public key, private key, and signature are allDetermining, therefore, when b is determined, reducing the size of q can directly reduce the storage space and can reduce the computational scale;
(3) As can be seen from step 2.2 in example one, the disturbance vector samples q are sampled k times 0 ,…,q k-1 The two are completely independent, so that the two can be completely executed in parallel, and the operation efficiency is improved.
Example two
Referring to fig. 2, corresponding to the first embodiment, this embodiment correspondingly discloses a primitive gaussian sampling system, which includes:
the generation module 101, the generation module 101 is used for selecting the gaussian parameter s and adopting a key generation algorithm to generate a signature key sk and a verification key vk; the generating module 101 is specifically configured to perform the following steps:
step 1.1: let signed Gaussian parametersWherein α represents a quality parameter, σ represents a gaussian parameter of trapdoor, and n is Fang Mi of 2;
step 1.2: selecting polynomials f, g constituting trapdoors 1 ,g 2 ,…,g k-1 E R, where r=Representing a ring, ++>b is a small integer, q represents the modulus, and these polynomials are defined at R q Reversible, R q Is the coefficient modulo q of the polynomial on the ring R, and each polynomial obeys a discrete gaussian distribution with parameter σ;
step 1.3: selecting a tool vectorConstruction of trapdoor matrix r=diag (f, g) 1 ,g 2 ,…,g k-1 )∈R k×k Let check vector->Wherein m=k;
step 1.4: let signing key sk=r, verification key vk=a.
The signature module 102, the signature module 102 is used for signing the selected message M by utilizing the signature key sk;
the verification module 103, the verification module 103 is configured to perform validity verification on the received signature message by using the verification key vk.
The original gaussian sampling system of the present embodiment is used for executing and implementing the original gaussian sampling method of the first embodiment, so this embodiment will not be described in detail.
Example III
Referring to fig. 3, the present embodiment discloses a computer device comprising a memory 304, a processor 302 and a computer program stored on the memory and executable on the processor, wherein the processor 302 implements the steps of the method according to the first embodiment when executing the program.
Further, in FIG. 3, the present embodiment also includes a bus architecture (represented by bus 300), where bus 300 may include any number of interconnected buses and bridges, with bus 300 linking together various circuits, including one or more processors, represented by processor 302, and memory, represented by memory 304. Bus 300 may also link together various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., as are well known in the art and, therefore, will not be described further herein. Bus interface 306 provides an interface between bus 300 and receiver 301 and transmitter 303. The receiver 301 and the transmitter 303 may be the same element, i.e. a transceiver, providing a means for communicating with various other apparatus over a transmission medium. The processor 302 is responsible for managing the bus 300 and general processing, while the memory 304 may be used to store data used by the processor 302 in performing operations.
Example IV
The present embodiment provides a computer-readable storage medium having stored thereon a computer program for execution by a processor for performing the method of embodiment one.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (7)
1. The original Gaussian sampling method is characterized by comprising the following steps:
step 1: selecting a Gaussian parameter s, and generating a signature key sk and a verification key vk by using a key generation algorithm; the method specifically comprises the following steps:
step 1.1: let signed Gaussian parametersWherein α represents a quality parameter, σ represents a gaussian parameter of trapdoor, and n is Fang Mi of 2;
step 1.2: selecting polynomials f, g constituting trapdoors 1 ,g 2 ,…,g k-1 E R, where Representing a ring, ++>b is a small integer, q represents the modulus, and these polynomials are defined at R q Reversible, R q Is the coefficient modulo q of the polynomial on the ring R, and each polynomial obeys a discrete gaussian distribution with parameter σ;
step 1.3: selecting a tool vectorConstruction of trapdoor matrix r=diag (f, g) 1 ,g 2 ,…,g k-1 )∈R k×k Let check vector->Wherein m=k;
step 1.4: let signing key sk=r, verification key vk=a;
step 2: signing the selected message M with a signing key sk;
step 3: and carrying out validity verification on the received signature message by using the verification key vk.
2. The original gaussian sampling method according to claim 1, wherein said step 2: signing the selected message M with the signing key sk comprises the steps of:
step 2.1: from the signed message space {0,1} * To select the message M to be signed, and to calculate mu=h (M, r), where h (·) is {0,1} * →R q R is a random bit string, which is a hash function for collision resistance;
Step 2.3: calculation target v= (μ -a) t ·p)·f -1 Modq, and coset at g-latticeUpper according to discrete Gaussian distribution->And sampling to obtain a target vector z.
Step 2.4: let x=p+rz= (x 0 ,x 1 ,…,x k-1 );
Step (a)2.5: by the first component x in x 0 Discard, and output x' = (x) 1 ,…,x k-1 ) As a signature of the message M.
3. The original gaussian sampling method according to claim 2, wherein said step 2.2: sampling disturbance vectorWherein->The method specifically comprises the following steps:
step 2.2.1: to be used forTaking 0 as a center point as Gaussian parameter, sampling on a ring R to obtain q 0 The method comprises the steps of carrying out a first treatment on the surface of the For i=1, …, k-1, in +.>Taking 0 as a center point as Gaussian parameter, sampling on a ring R to obtain q i ;/>
Step 2.2.2: let p= (q 0 ,q 1 ,…,q k-1 )∈R k 。
4. The original gaussian sampling method according to claim 1, wherein said step 3: the method for verifying the validity of the received signature message by using the verification key vk comprises the following steps:
step 3.1: calculating x 0 =h(M,r)-a t Xmodq, where signature x' = (x) 1 ,…,x k-1 );
Step 3.2: if II (x) 0 ,x 1 ,…,x k-1 )‖ 2 ≤s 2 M.n is true, if the verification passes, otherwise the verification fails.
5. An original gaussian sampling system, comprising:
the generation module is used for selecting the Gaussian parameter s and generating a signature key sk and a verification key vk by adopting a key generation algorithm;
the signature module is used for signing the selected message M by utilizing the signature key sk;
and the verification module is used for verifying the validity of the received signature message by using the verification key vk.
6. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the steps of the method according to any of claims 1-4 when the program is executed by the processor.
7. A computer readable storage medium, having stored thereon a computer program for execution by a processor for implementing the method of any of claims 1-4.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211658716.1A CN116232563A (en) | 2022-12-22 | 2022-12-22 | Original image Gaussian sampling method, system, electronic equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211658716.1A CN116232563A (en) | 2022-12-22 | 2022-12-22 | Original image Gaussian sampling method, system, electronic equipment and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116232563A true CN116232563A (en) | 2023-06-06 |
Family
ID=86590104
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211658716.1A Pending CN116232563A (en) | 2022-12-22 | 2022-12-22 | Original image Gaussian sampling method, system, electronic equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116232563A (en) |
-
2022
- 2022-12-22 CN CN202211658716.1A patent/CN116232563A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111885079B (en) | Multi-party combined data processing method and device for protecting data privacy | |
US9948462B2 (en) | Hypersphere-based multivariable public key signature/verification system and method | |
WO2013031414A1 (en) | Signature verification device, signature verification method, program, and recording medium | |
CN112446052B (en) | Aggregated signature method and system suitable for secret-related information system | |
CN105515778B (en) | Cloud storage data integrity services signatures method | |
CN115529141A (en) | Traceable ring signature generation method and system for logarithmic signature size | |
JP2022095852A (en) | Digital signature method, signature information verification method, related device, and electronic device | |
Tian et al. | DIVRS: Data integrity verification based on ring signature in cloud storage | |
CN111740821B (en) | Method and device for establishing shared secret key | |
CN117527223A (en) | Distributed decryption method and system for quantum-password-resistant grid | |
CN110247761B (en) | Ciphertext strategy attribute encryption method supporting attribute revocation in lattice manner | |
CN112800482A (en) | Identity-based online/offline security cloud storage auditing method | |
CN116743395A (en) | Grid password-based threshold ring signature method | |
JP5427117B2 (en) | Message authenticator generation device, message authenticator verification device, message authenticator generation method, message authenticator verification method, and program | |
CN107947944B (en) | Incremental signature method based on lattice | |
CN116232563A (en) | Original image Gaussian sampling method, system, electronic equipment and storage medium | |
CN115865302A (en) | Multi-party matrix multiplication method with privacy protection attribute | |
CN112491560A (en) | SM2 digital signature method and medium supporting batch verification | |
CN111711524A (en) | Certificate-based lightweight outsourcing data auditing method | |
CN112217629A (en) | Cloud storage public auditing method | |
CN116232596A (en) | Digital signature method, system, computer device and storage medium for improving efficiency | |
JP5227816B2 (en) | Anonymous signature generation device, anonymous signature verification device, anonymous signature tracking determination device, anonymous signature system with tracking function, method and program thereof | |
Zhang et al. | An image encryption algorithm based on an epidemic spreading model | |
Farooq et al. | QuantIoT Novel Quantum Resistant Cryptographic Algorithm for Securing IoT Devices: Challenges and Solution | |
CN112822026B (en) | Digital signature method, device and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |