CN117254919A - Public and private key pair encryption and decryption method based on Ed25519 algorithm of blockchain - Google Patents
Public and private key pair encryption and decryption method based on Ed25519 algorithm of blockchain Download PDFInfo
- Publication number
- CN117254919A CN117254919A CN202210648280.1A CN202210648280A CN117254919A CN 117254919 A CN117254919 A CN 117254919A CN 202210648280 A CN202210648280 A CN 202210648280A CN 117254919 A CN117254919 A CN 117254919A
- Authority
- CN
- China
- Prior art keywords
- private key
- algorithm
- public
- random number
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 16
- 241000607473 Edwardsiella <enterobacteria> Species 0.000 claims description 6
- 238000013507 mapping Methods 0.000 claims description 6
- 238000004364 calculation method Methods 0.000 claims description 3
- 230000000739 chaotic effect Effects 0.000 claims description 3
- 239000000758 substrate Substances 0.000 claims 1
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- RTZKZFJDLAIYFH-UHFFFAOYSA-N Diethyl ether Chemical compound CCOCC RTZKZFJDLAIYFH-UHFFFAOYSA-N 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000003139 buffering effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/001—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using chaotic signals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a public-private key pair encryption and decryption method based on an Ed25519 algorithm of a blockchain, which comprises data encryption and data decryption, wherein the data encryption comprises the steps of randomly selecting a random number to generate a random seed, generating a private key by carrying out the Ed25519 algorithm on the random seed, selecting any random number to encrypt a message, and sending the encrypted ciphertext to a receiver; the data decryption includes receiving ciphertext and decrypting the ciphertext with a private key. After the ed25519 algorithm is improved, the encryption and decryption algorithm can be realized, and only the public key of a receiver is needed to be encrypted when a message is sent to any user, and only a pair of public and private key pairs are needed to be maintained, so that the difficulty of key management is greatly reduced; meanwhile, the security of the whole algorithm depends on the private key, so that the plaintext information of the private key is not generated in the decryption process, and the security of the private key and the information is improved.
Description
Technical Field
The invention relates to the technical field of data encryption, in particular to a public-private key pair encryption and decryption method based on an Ed25519 algorithm of a blockchain.
Background
A blockchain is a distributed database in which some information is stored in each block and the blocks are linked by hash pointers. The characteristics of blockchain, such as security, non-tamperability, traceability, etc., bring advantages to enterprises. The main type of blockchain in China is currently a alliance chain. The federated chain is well suited for use in business applications, i.e., controlled by a pre-selected community (e.g., an enterprise community), where everyone may read the blockchain and submit transactions to the blockchain, or may be limited to participants.
Signature algorithms are one of the indispensable branches in the blockchain. While submitting each transaction, the sender needs to sign the transaction, the consensus node will continue to verify whether the transaction can be legal, and after verifying the validity of the transaction, it will decide to submit the block to the chain. However, in the blockchain, transaction content data is often not encrypted, so that each user can know the data content in each block, and although the transparency of the data is guaranteed, the privacy of the user, such as medical data, is exposed in some specific occasions. In order to achieve confidentiality of transaction data, the Ed25519 signature algorithm and the corresponding encryption algorithm are simultaneously applied to the blockchain, so that the problem of data confidentiality can be solved while the integrity of the transaction data is guaranteed.
Ed25519 is an elliptic signature algorithm independently designed by a famous cryptologist Daniel j. Bernstein in 2006, and has extremely high signature and verification performance and extremely high security. An elliptic curve encryption algorithm is not necessarily safe in practice, but has a high probability of destroying the safety by buffering, time and malicious input, and 25519 series elliptic curves are specially designed to minimize the probability of error as much as possible, so to speak, the encryption algorithm is the safest in practice.
In practical work, the encryption algorithm uses Curve25519 to perform key exchange and is matched with a safe symmetric encryption algorithm such as AES to encrypt data, so that in order to directly encrypt the data by using the ed25519 signature algorithm, an elliptic Curve encryption algorithm similar to secp256k1 needs to be used to enable the ed25519 to realize encryption and decryption functions.
Disclosure of Invention
The invention aims to provide a public-private key pair encryption and decryption method based on an Ed25519 algorithm of a blockchain, which solves the encryption and decryption requirements in the blockchain and only needs to maintain a pair of public-private key pairs.
In order to solve the technical problems, the embodiment of the invention provides a public-private key pair encryption and decryption method based on an Ed25519 algorithm of a blockchain, which comprises the following steps:
s1, twisting an Edwarder curve on Ed25519, initializing parameters and a base point G, and generating a public-private key pair (K, K), wherein K is a private key, and K is a public key;
s2, data encryption
S2.1, randomly selecting a first random number x, and generating a random number seed through a random number generator;
s2.2, encrypting the random number seed in the step S2.1 by using an SHA 512-halof algorithm to generate a private key K encrypted by Ed25519, and calculating by the private key K to generate a public key K;
s2.3, the sender selects a random number and generates an arbitrary random number r through a random generator to determine a message M to be sent;
s2.4, performing an Ed25519 encryption algorithm through any random number r generated in the step S2.3 to generate a first ciphertext c 1 ;
S2.5, encrypting any random number r and information M to be sent by a sender through the public key K in the step S2.2 to generate a second ciphertext c 2 ;
S2.6, step S2 of transmittingCiphertext (c) in step S2.5 and 4 1 ,c 2 ) To the recipient;
s3, data decryption
S3.1, the receiver receives the ciphertext (c 1 ,c 2 )=>(r*G,M+r*K);
S3.2, recovering the message M through inputting the private key k.
Wherein, in the step S2.2, the public key K is calculated from the private key K to generate a formula: k=k×g; wherein G is the base point of Ed25519 distorted Edwardsiella curve algorithm.
Wherein, the random number r in the step S2.4 is subjected to the Ed25519 encryption algorithm to generate a first ciphertext c 1 The formula is: c 1 =r×g; wherein G is the base point of Ed25519 distorted Edwardsiella curve algorithm.
Wherein, the public key K in the step S2.5 encrypts the second random number and the information M to be sent by the sender to generate a second ciphertext c 2 The formula of (2) is: c 2 =M+r*K。
The formula for recovering the message M by inputting the private key k in the step S3.2 is as follows:
c 2 -k*c 1 =M+r*K-k*r*G=M+r*k*G-k*r*G=M。
preferably, in the step S2.3, a random number generator using logistic chaotic mapping is selected, and the formula is as follows:
y=μx(1-x);
wherein x is a value initialized randomly, and y is a calculation result of the random number x under the logistic mapping.
The technical scheme of the invention has the following beneficial effects:
after the ed25519 algorithm is improved, the encryption and decryption algorithm can be realized, and only the public key of a receiver is needed to be encrypted when a message is sent to any user, so that each user only needs to maintain a pair of public and private key pairs, and the difficulty of key management is greatly reduced;
since the security of the whole algorithm depends on the private key k, if k cannot be acquired, the message M cannot be recovered, so that the plaintext information of the private key is not generated in the decryption process, and the security of the private key and the message is improved.
Drawings
FIG. 1 is a flow chart of the present invention.
Detailed Description
In order to make the technical problems, technical solutions and advantages to be solved more apparent, the following detailed description will be given with reference to the accompanying drawings and specific embodiments.
As shown in fig. 1, an embodiment of the present invention provides a public-private key pair encryption and decryption method based on an Ed25519 algorithm of a blockchain, including the following steps:
s1, twisting an Edwarder curve on Ed25519, initializing parameters and a base point G, and generating a public-private key pair (K, K), wherein K is a private key, and K is a public key;
s2, data encryption
S2.1, randomly selecting a first random number x, and generating a random number seed through a random number generator;
s2.2, encrypting the random number seed in the step S2.1 by using an SHA 512-halof algorithm to generate a private key K encrypted by Ed25519, and calculating by the private key K to generate a public key K;
s2.3, the sender selects a random number and generates an arbitrary random number r through a random generator to determine a message M to be sent;
s2.4, performing an Ed25519 encryption algorithm through any random number r generated in the step S2.3 to generate a first ciphertext c 1 ;
S2.5, encrypting any random number r and information M to be sent by a sender through the public key K in the step S2.2 to generate a second ciphertext c 2 ;
S2.6, ciphertext (c) in transmitting step S2.4 and step S2.5 1 ,c 2 ) To the recipient;
s3, data decryption
S3.1, the receiver receives the ciphertext (c 1 ,c 2 )=>(r*G,M+r*K);
S3.2, recovering the message M through inputting the private key k.
In the step S2.2, the formula generated by calculating the public key K from the private key K: k=k×g; wherein G is the base point of Ed25519 distorted Edwardsiella curve algorithm.
The random number r in the step S2.4 is subjected to an Ed25519 encryption algorithm to generate a first ciphertext c 1 The formula is: c 1 =r×g; wherein G is the base point of Ed25519 distorted Edwardsiella curve algorithm.
The public key K in the step S2.5 encrypts the second random number and the information M to be sent by the sender to generate a second ciphertext c 2 The formula of (2) is: c 2 =M+r*K。
The formula for recovering the message M by inputting the private key k in the step S3.2 is as follows:
c 2 -k*c 1 =M+r*K-k*r*G=M+r*k*G-k*r*G=M。
in this embodiment, in the step S2.3, a random number generator using logistic chaotic mapping is selected, and the formula is as follows:
y=μx(1-x);
wherein x is a value initialized randomly, and y is a calculation result of the random number x under the logistic mapping.
The invention solves the encryption and decryption requirements in the block chain, and only needs to maintain a pair of public and private key pairs. Many of the current blockchains use ed25519 for signature verification, such as rilple, etherum, etc., but these public chains tend not to encrypt messages; in specific scenes such as private chains and alliance chains, the message is encrypted and decrypted, so that the ed25519 is improved, encryption and decryption algorithms can be realized, and only public key encryption of a receiver is needed when the message is sent to any user, so that each user only needs to maintain a pair of public and private key pairs, and the difficulty of key management is greatly reduced. Meanwhile, since the security of the whole algorithm depends on the private key k, if k cannot be acquired, the message M cannot be recovered, so that the plaintext information of the private key is not generated in the decryption process, and the security of the private key and the message is improved.
While the foregoing is directed to the preferred embodiments of the present invention, it will be appreciated by those skilled in the art that modifications and variations may be made without departing from the principles of the invention, and such modifications and variations are to be regarded as being within the scope of the invention.
Claims (6)
1. The public and private key pair encryption and decryption method based on the Ed25519 algorithm of the blockchain is characterized by comprising the following steps of:
s1, twisting an Edwarder curve on Ed25519, initializing parameters and a base point G, and generating a public-private key pair (K, K), wherein K is a private key, and K is a public key;
s2, data encryption
S2.1, randomly selecting a first random number x, and generating a random number seed through a random number generator;
s2.2, encrypting the random number seed in the step S2.1 by using an SHA 512-halof algorithm to generate a private key K encrypted by Ed25519, and calculating by the private key K to generate a public key K;
s2.3, the sender selects a random number and generates an arbitrary random number r through a random generator to determine a message M to be sent;
s2.4, performing an Ed25519 encryption algorithm through any random number r generated in the step S2.3 to generate a first ciphertext c 1 ;
S2.5, encrypting any random number r and information M to be sent by a sender through the public key K in the step S2.2 to generate a second ciphertext c 2 ;
S2.6, ciphertext (c) in transmitting step S2.4 and step S2.5 1 ,c 2 ) To the recipient;
s3, data decryption
S3.1, the receiver receives the ciphertext (c 1 ,c 2 )=>(r*G,M+r*K);
S3.2, recovering the message M through inputting the private key k.
2. The public-private key pair encryption and decryption method based on the Ed25519 algorithm of claim 1, wherein the public key K in step S2.2 is calculated from the private key K to generate a formula: k=k×g; wherein G is the base point of Ed25519 distorted Edwardsiella curve algorithm.
3. The substrate according to claim 1A public-private key pair encryption and decryption method of an Ed25519 algorithm of a block chain is characterized in that any random number r in the step S2.4 is subjected to the Ed25519 encryption algorithm to generate a first ciphertext c 1 The formula is: c 1 =r×g; wherein G is the base point of Ed25519 distorted Edwardsiella curve algorithm.
4. The public-private key pair encryption and decryption method based on the Ed25519 algorithm of block chain as set forth in claim 1, wherein the public key K in step S2.5 encrypts the second random number and the information M to be sent by the sender to generate a second ciphertext c 2 The formula of (2) is: c 2 =M+r*K。
5. The public-private key pair encryption and decryption method of Ed25519 based on blockchain as set forth in claim 1, wherein the formula of recovering the message M by inputting the private key k in step S3.2 is:
c 2 -k*c 1 =M+r*K-k*r*G=M+r*k*G-k*r*G=M。
6. the public-private key pair encryption and decryption method based on the Ed25519 algorithm of claim 1 or 2, wherein in step S2.3, a random number generator using logistic chaotic mapping is selected, and the formula is as follows:
y=μx(1-x);
wherein x is a value initialized randomly, and y is a calculation result of the random number x under the logistic mapping.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210648280.1A CN117254919A (en) | 2022-06-09 | 2022-06-09 | Public and private key pair encryption and decryption method based on Ed25519 algorithm of blockchain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210648280.1A CN117254919A (en) | 2022-06-09 | 2022-06-09 | Public and private key pair encryption and decryption method based on Ed25519 algorithm of blockchain |
Publications (1)
Publication Number | Publication Date |
---|---|
CN117254919A true CN117254919A (en) | 2023-12-19 |
Family
ID=89135560
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210648280.1A Pending CN117254919A (en) | 2022-06-09 | 2022-06-09 | Public and private key pair encryption and decryption method based on Ed25519 algorithm of blockchain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117254919A (en) |
-
2022
- 2022-06-09 CN CN202210648280.1A patent/CN117254919A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
TWI725124B (en) | Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys | |
US20060129811A1 (en) | Cryptography related to keys | |
AU2010266760B2 (en) | Method for generating an encryption/decryption key | |
US20100046755A1 (en) | Cryptography related to keys with signature | |
CN113364576A (en) | Data encryption evidence storing and sharing method based on block chain | |
US8180048B2 (en) | Method and system for computational transformation | |
CN113779645B (en) | Quantum digital signature and quantum digital signature encryption method | |
CN112738051B (en) | Data information encryption method, system and computer readable storage medium | |
US6640303B1 (en) | System and method for encryption using transparent keys | |
CN113711564A (en) | Computer-implemented method and system for encrypting data | |
US20110200186A1 (en) | Method of cipher block chaining using elliptic curve cryptography | |
US20100005307A1 (en) | Secure approach to send data from one system to another | |
Saikumar | DES-Data Encryption Standard | |
MAQABLEH | Analysis and design security primitives based on chaotic systems for ecommerce | |
Chaudhari et al. | A research paper on new hybrid cryptography algorithm | |
US20060104447A1 (en) | Discrete logarithm-based cryptography using the Shafarevich-Tate group | |
Rajasekar et al. | Introduction to classical cryptography | |
CN111488618B (en) | Block chain-based one-time pad encryption method, device and storage medium | |
KR20090000587A (en) | Encoding/decoding method for restriction of receiver | |
CN117254919A (en) | Public and private key pair encryption and decryption method based on Ed25519 algorithm of blockchain | |
CN115134120B (en) | Encryption method combining ECC with OPT | |
CN114039720B (en) | Unconditional security authentication encryption method based on LFSR hash | |
CN111835506B (en) | Information security digital encryption method based on one-time use codebook | |
Uzunov et al. | ANALYSIS AND RESEARCH OF CRYPTOGRAPHIC MODELS TO ENSURE INFORMATION SECURITY IN ENGINEERING EDUCATION | |
Ibrahem | Integrated Security Service Suit (IS 3) |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |