CN116781281A - SM 2-based secure two-party collaborative signature method - Google Patents

SM 2-based secure two-party collaborative signature method Download PDF

Info

Publication number
CN116781281A
CN116781281A CN202310901192.2A CN202310901192A CN116781281A CN 116781281 A CN116781281 A CN 116781281A CN 202310901192 A CN202310901192 A CN 202310901192A CN 116781281 A CN116781281 A CN 116781281A
Authority
CN
China
Prior art keywords
private key
server
signature
communication party
party
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310901192.2A
Other languages
Chinese (zh)
Inventor
詹茂茂
严智慧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Ijiami Technology Co ltd
Original Assignee
Shenzhen Ijiami Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Ijiami Technology Co ltd filed Critical Shenzhen Ijiami Technology Co ltd
Priority to CN202310901192.2A priority Critical patent/CN116781281A/en
Publication of CN116781281A publication Critical patent/CN116781281A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a secure two-party collaborative signature method based on SM2, which comprises the steps that a terminal is initialized, and the terminal is communicated with a server to obtain a private key component and related certificate files; when the data signature is carried out, the terminal submits an intermediate calculation result to the server according to the communication protocol requirement, and the server calculates and issues an intermediate value of the server to the terminal according to the request parameter and the component information of the server; and the terminal receives the intermediate value of the server and then performs local signature synthesis calculation to complete the generation of a final signature. The invention belongs to the technical field of information security, and particularly provides a secure two-party collaborative signature method based on SM2, according to the process of collaborative signature of two parties, an original private key cannot completely appear in a memory at any moment, a terminal cannot recover the complete private key, a server cannot also appear the complete private key, the problem of private key storage is effectively and safely solved, and potential safety hazards caused by private key leakage are avoided.

Description

SM 2-based secure two-party collaborative signature method
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a security two-party collaborative signature method based on SM 2.
Background
In the SM2 algorithm, the user private key is typically generated by a software cryptographic module and the private key is stored on the user's local device.
Whether the private key is stored locally in an encrypted manner or is stored by adopting a hardware security module, the problem of safe storage of the private key cannot be thoroughly solved at the principle level, and the complete private key can be recovered in the memory. Under the background that the terminal and the terminal are easy to be attacked maliciously at present, a set of safe algorithm mechanism is needed to fundamentally solve the problem of safe storage of the private key.
Disclosure of Invention
Aiming at the situation, in order to overcome the defects of the prior art, the invention provides a SM 2-based secure two-party collaborative signature method, which aims at the key problem of how to safely store a private key in terminal data encryption, prevents malicious analysts from obtaining a complete private key in a debugging or dynamic pile inserting mode, and can effectively prevent the security problem caused by the leakage of the private key.
The technical scheme adopted by the invention is as follows: the invention discloses a secure two-party collaborative signature method based on SM2, which comprises the following steps:
s1, a first communication party and a second communication party which participate in collaborative signature are communicated with a server, and private key component information and related certificate files of the first communication party and the second communication party are acquired after communication;
s2, generating a signature by cooperation of the user participating in the cooperative signature and the server;
s3, when the data signature is carried out, the terminal submits an intermediate calculation result to the server according to the communication protocol requirement, and the server calculates according to the request parameter and the component information and issues an intermediate value of the server to the terminal;
s4, the terminal receives the intermediate value of the server, and then performs local signature synthesis calculation to complete the generation of a final signature.
Further, the specific steps of the step S1 include:
step one, initializing system parameters: defining d as a large prime number, fp as a finite field, selecting a, b epsilon Fp as parameters of an elliptic curve E, defining G as a base point on the elliptic curve E, wherein G represents a base point with an upper order of n of the elliptic curve E, n is a finite positive integer, and the values of the parameters are preset according to an SM2 algorithm;
step two, key segmentation: the system administrator submits an original private key file (in a pep format generally) in the system, the system analyzes the private key file to obtain a real private key d, and a segmentation algorithm is adopted to segment the private key.
Further, the specific steps of the second key segmentation are as follows:
step a: randomly generating a private key d1 meeting the algorithm requirement (i.e. randomly generating a random number d1 between [1, n-1];
step b: d2= (d+1) -d1 is calculated while also satisfying the algorithm requirement.
Further, in the step S4, a combined file is generated through signature synthesis calculation, and the generating of the combined file includes the following steps:
the system obtains two private key components through a private key segmentation algorithm; the system generates an SM2 self-signed certificate in a der format according to a private key component, wherein public key information corresponding to a d1 component is pk1, pk1=d1×g is satisfied, public key information corresponding to a d2 component is pk2, pk2=d1×g is satisfied, wherein the x is a point multiplication algorithm on an elliptic curve, and z=h (entl||id A |a|b|g|pk), wherein ID A Is a discernable identity of the user, ENTL is an ID A And H is the SM3 algorithm, the certificate file can be analyzed through an opensl tool, and the certificate mainly contains public key information corresponding to a private key to be disclosed for carrying out cooperative calculation signature on the two parties in the subsequent cooperation.
Further, the collaborative signature process includes the following steps:
step 1: the first communication party and the second communication party acquire own private key component information from the system, and the second communication party acquires d2 and pk1 information on the assumption that the first communication party acquires d1 and pk2 information;
step 2: the first communication party selects a random number k A E Z q, and calculating R A =k A * G and R is to A Transmitting to a second communication party;
step 3: the second communication party receives R A Then verifying whether the data belongs to a point on the elliptic curve, and generating a random number k by passing the point B E Z q, R is calculated B =k B * pk1, and send R B To a first party;
step 4: after the first communication party receives the message, calculating elliptic curve group element R' =r A +R B = (XA, YA), r0 = H (z||m) +x is calculated A modn and s0= (k) A +r0)d A -1 mod n, wherein M is the message that needs to be signed and s0 is sent to the second party;
step 5: after s' is received by the second communication party, t1= (s0+k) B )*d2 -1 mod n and send t1 to the first party;
step 6: after the first communication party receives t, s=t1-r 0 is calculated, and a digital signature (r, s) is output.
By adopting the scheme, the beneficial effects obtained by the invention are as follows: according to the SM 2-based secure two-party collaborative signature method, the problem of secure storage of SM2 signature private keys is thoroughly solved, and malicious analysts are prevented from obtaining complete private keys in a debugging or dynamic pile inserting mode. According to the process of the collaborative signature of the two parties, the original private key cannot completely appear in the memory at any moment, the terminal cannot recover the complete private key, the server cannot appear the complete private key, the problem of private key storage is effectively and safely solved, and potential safety hazards caused by private key leakage are avoided.
Drawings
Fig. 1 is a schematic diagram of the overall structure of a secure two-party collaborative signature method based on SM2 provided by the present solution.
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate the invention and together with the embodiments of the invention, serve to explain the invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all embodiments of the invention; all other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
As shown in fig. 1, the secure two-party collaborative signature method based on SM2 of the present invention includes the following steps:
s1, a first communication party and a second communication party which participate in collaborative signature are communicated with a server, and private key component information and related certificate files of the first communication party and the second communication party are acquired after communication;
wherein, firstly, the system needs to be initialized with parameters: defining d as a large prime number, fp as a finite field, selecting a, b epsilon Fp as parameters of an elliptic curve E, defining G as a base point on the elliptic curve E, wherein G represents a base point with an upper order of n of the elliptic curve E, n is a finite positive integer, and the values of the parameters are preset according to an SM2 algorithm;
when the secret key is segmented, a system administrator submits an original secret key file (in a pep format generally) in the system, the system analyzes the secret key file to obtain a real secret key d, and a segmentation algorithm is adopted to segment the secret key. The key segmentation comprises the following specific steps:
step a: randomly generating a private key d1 meeting the algorithm requirement (i.e. randomly generating a random number d1 between [1, n-1];
step b: d2= (d+1) -d1 is calculated while also satisfying the algorithm requirement.
S2, generating a signature by cooperation of the user participating in the cooperative signature and the server;
s3, when the data signature is carried out, the terminal submits an intermediate calculation result to the server according to the communication protocol requirement, and the server calculates according to the request parameter and the component information and issues an intermediate value of the server to the terminal;
s4, the terminal receives the intermediate value of the server, and then performs local signature synthesis calculation to complete the generation of a final signature.
Wherein, generate the combined file through signature synthesis calculation, generate the combined file including the following steps:
the system obtains two private key components through a private key segmentation algorithm; the system generates an SM2 self-signed certificate in a der format according to the private key component, wherein public key information corresponding to the d1 component is pk1, pk1=d1×g is satisfied, public key information corresponding to the d2 component is pk2, pk2=d1×g is satisfied, and the public key information is pk 1=d1×gPoint multiplication algorithm on elliptic curve, z=h (ENTL ID A |a|b|g|pk), wherein ID A Is a discernable identity of the user, ENTL is an ID A And H is the SM3 algorithm, the certificate file can be analyzed through an opensl tool, and the certificate mainly contains public key information corresponding to a private key to be disclosed for carrying out cooperative calculation signature on the two parties in the subsequent cooperation.
In this scheme, the process of collaborative signature includes the following steps:
step 1: the first communication party and the second communication party acquire own private key component information from the system, and the second communication party acquires d2 and pk1 information on the assumption that the first communication party acquires d1 and pk2 information;
step 2: the first communication party selects a random number k A E Z q, and calculating R A =k A * G and R is to A Transmitting to a second communication party;
step 3: the second communication party receives R A Then verifying whether the data belongs to a point on the elliptic curve, and generating a random number k by passing the point B E Z q, R is calculated B =k B * pk1, and send R B To a first party;
step 4: after the first communication party receives the message, calculating elliptic curve group element R' =r A +R B = (XA, YA), r0 = H (z||m) +x is calculated A modn and s0= (k) A +r0)d A -1 mod n, wherein M is the message that needs to be signed and s0 is sent to the second party;
step 5: after s' is received by the second communication party, t1= (s0+k) B )*d2 -1 mod n and send t1 to the first party;
step 6: after the first communication party receives t, s=t1-r 0 is calculated, and a digital signature (r, s) is output.
In the whole scheme, the server and the terminal cooperatively sign, generate a corresponding original public key pk according to a sm2 contract curve, hold (d 1, pk, pk 2) by the terminal, and hold (d 2, pk, pk 1) by the cooperative terminal.
According to the process of the collaborative signature of the two parties, the original private key cannot completely appear in the memory at any moment, the terminal cannot recover the complete private key, the server cannot appear the complete private key, the problem of private key storage is effectively and safely solved, and potential safety hazards caused by private key leakage are avoided.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Although embodiments of the present invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made therein without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
The invention and its embodiments have been described above with no limitation, and the actual construction is not limited to the embodiments of the invention as shown in the drawings. In summary, if one of ordinary skill in the art is informed by this disclosure, a structural manner and an embodiment similar to the technical solution should not be creatively devised without departing from the gist of the present invention.

Claims (6)

1. The SM 2-based secure two-party collaborative signature method is characterized by comprising the following steps of:
s1, a first communication party and a second communication party which participate in collaborative signature are communicated with a server, and private key component information and related certificate files of the first communication party and the second communication party are acquired after communication;
s2, generating a signature by cooperation of the user participating in the cooperative signature and the server;
s3, when the data signature is carried out, the terminal submits an intermediate calculation result to the server according to the communication protocol requirement, and the server calculates according to the request parameter and the component information and issues an intermediate value of the server to the terminal;
s4, the terminal receives the intermediate value of the server, and then performs local signature synthesis calculation to complete the generation of a final signature.
2. The SM 2-based secure two-party collaborative signature method according to claim 1, wherein the specific steps of step S1 include:
step one, initializing system parameters: defining d as a large prime number, fp as a finite field, selecting a, b epsilon Fp as parameters of an elliptic curve E, defining G as a base point on the elliptic curve E, wherein G represents a base point with an upper order of n of the elliptic curve E, n is a finite positive integer, and the values of the parameters are preset according to an SM2 algorithm;
step two, key segmentation: and submitting an original private key file by a system administrator in the system, analyzing the private key file by the system to obtain a real private key d, and dividing the private key by adopting a division algorithm.
3. The SM 2-based secure two-party collaborative signature method according to claim 2, wherein the specific steps of the step two key splitting are: the system obtains two private key components through a private key segmentation algorithm; the system generates an SM2 self-signed certificate in a der format according to a private key component, wherein public key information corresponding to a d1 component is pk1, pk1=d1×g is satisfied, public key information corresponding to a d2 component is pk2, pk2=d1×g is satisfied, wherein the x is a point multiplication algorithm on an elliptic curve, and z=h (entl||id A |a|b|g|pk), wherein ID A Is a discernable identity of the user, ENTL is an ID A And H is the SM3 algorithm, the certificate file can be analyzed through an opensl tool, and the certificate mainly contains public key information corresponding to a private key to be disclosed for carrying out cooperative calculation signature on the two parties in the subsequent cooperation.
4. The SM 2-based secure two-party collaborative signature method according to claim 3, wherein the specific steps of the step two key splitting are:
step a: randomly generating a private key d1, d 1E [1, n-1] meeting the algorithm requirement;
step b: d2= (d+1) -d1 is calculated while also satisfying the algorithm requirement.
5. The SM 2-based secure two-party collaborative signature method according to claim 4, wherein the collaborative signature flow comprises the steps of:
step 1: the first communication party and the second communication party acquire own private key component information from the system, and the second communication party acquires d2 and pk1 information on the assumption that the first communication party acquires d1 and pk2 information;
step 2: the first communication party selects a random number kA epsilon Z q, calculates RA=kA G and sends RA to the second communication party;
step 3: after receiving RA, the second communication party verifies whether the RA belongs to a point on the elliptic curve, generates a random number kB epsilon Z x q, calculates RB=kB x pk1, and sends RB to the first communication party;
step 4: after receiving the message, the first communication party calculates an elliptic curve group element R' =ra+rb= (XA, YA), calculates r0=h (z||m) +xamod n and s0= (ka+r0) dA-1mod n, wherein M is the message to be signed, and sends s0 to the second communication party;
step 5: after receiving s', the second communication party calculates t1= (s0+kb) ×d2-1mod n, and sends t1 to the first communication party;
step 6: after the first communication party receives t, s=t1-r 0 is calculated, and a digital signature (r, s) is output.
6. The SM 2-based secure two-party collaborative signature method according to claim 5, wherein: the server and the terminal cooperatively sign, generate a corresponding original public key pk according to a sm2 contract curve, hold (d 1, pk, pk 2) by the terminal, and hold (d 2, pk, pk 1) by the cooperative terminal.
CN202310901192.2A 2023-07-21 2023-07-21 SM 2-based secure two-party collaborative signature method Pending CN116781281A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310901192.2A CN116781281A (en) 2023-07-21 2023-07-21 SM 2-based secure two-party collaborative signature method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310901192.2A CN116781281A (en) 2023-07-21 2023-07-21 SM 2-based secure two-party collaborative signature method

Publications (1)

Publication Number Publication Date
CN116781281A true CN116781281A (en) 2023-09-19

Family

ID=87987974

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310901192.2A Pending CN116781281A (en) 2023-07-21 2023-07-21 SM 2-based secure two-party collaborative signature method

Country Status (1)

Country Link
CN (1) CN116781281A (en)

Similar Documents

Publication Publication Date Title
US10211981B2 (en) System and method for generating a server-assisted strong password from a weak secret
CN110011802B (en) Efficient method and system for cooperatively generating digital signature by two parties of SM9
CN110247757B (en) Block chain processing method, device and system based on cryptographic algorithm
CN107483191B (en) SM2 algorithm key segmentation signature system and method
CN112822014A (en) Data processing method and device, electronic equipment and storage medium
CN110120939B (en) Encryption method and system capable of repudiation authentication based on heterogeneous system
CN110138567B (en) ECDSA (electronic signature system) based collaborative signature method
CN109450640B (en) SM 2-based two-party signature method and system
CN112104453B (en) Anti-quantum computation digital signature system and signature method based on digital certificate
CN113067823B (en) Mail user identity authentication and key distribution method, system, device and medium
CN110336664B (en) SM2 cryptographic algorithm-based cross-domain authentication method for information service entity
KR20210063378A (en) Computer-implemented systems and methods that share common secrets
CN107395627B (en) Lightweight authentication protocol based on one-way function
CN112152813A (en) Certificateless content extraction signcryption method supporting privacy protection
CN115208615A (en) Data encryption transmission method for numerical control system
CN111049649A (en) Zero-interaction key negotiation security enhancement protocol based on identification password
CN113098681B (en) Port order enhanced and updatable blinded key management method in cloud storage
Heninger RSA, DH, and DSA in the Wild
CN110943845A (en) Method and medium for cooperatively generating SM9 signature by two light-weight parties
CN108809996B (en) Integrity auditing method for duplicate deletion stored data with different popularity
CN110048852B (en) Quantum communication service station digital signcryption method and system based on asymmetric key pool
KR20110016387A (en) Public key-based authentication apparatus and method for authentication
CN115550007A (en) Signcryption method and system with equivalence test function based on heterogeneous system
CN114978488A (en) SM2 algorithm-based collaborative signature method and system
CN116318636A (en) SM 2-based threshold signature method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination