CN117439737B - Collaborative signature method and collaborative signature system - Google Patents
Collaborative signature method and collaborative signature system Download PDFInfo
- Publication number
- CN117439737B CN117439737B CN202311745141.1A CN202311745141A CN117439737B CN 117439737 B CN117439737 B CN 117439737B CN 202311745141 A CN202311745141 A CN 202311745141A CN 117439737 B CN117439737 B CN 117439737B
- Authority
- CN
- China
- Prior art keywords
- type
- target
- user equipment
- parameters
- parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 67
- 238000012795 verification Methods 0.000 claims description 16
- 238000004422 calculation algorithm Methods 0.000 claims description 14
- 230000006854 communication Effects 0.000 description 5
- 230000004044 response Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention provides a collaborative signature method and a collaborative signature system, wherein the method comprises the following steps: randomly generating a key parameter and a target parameter of a first type; determining a second type of target parameter based on the key parameter and a preset base point coordinate of an elliptic curve; determining a third type of target parameter based on the first type of target parameter and the second type of target parameter, and broadcasting the third type of target parameter to other user equipment; if the third type of parameters broadcast by all other devices are received, the first type of target parameters and the second type of target parameters are broadcast to other user devices; if the first type of parameters and the second type of parameters broadcast by all other devices are received, verifying the third type of parameters corresponding to all other devices; if any device is not verified, reporting error information and stopping the signing process. The security of the private key is ensured.
Description
Technical Field
The invention relates to the technical field of encryption communication, in particular to a collaborative signature method and a collaborative signature system.
Background
In the related art, in order to protect security of a private key, the private key may be split into a plurality of private key components, and then each private key component is distributed to different user equipments. When a private key signature is required, a plurality of user devices holding the private key component cooperate to complete the signature process. Briefly, the process of collaborative signing includes: any user equipment i calculates a first parameter and broadcasts the first parameter, the center equipment calculates a shared parameter based on the first parameter broadcast by all user equipment and a message to be signed and shares the shared parameter in all user equipment participating in the signing process, the user equipment i calculates a second parameter based on the shared parameter and a private key component held by the user equipment i and sends the second parameter to the center equipment, and finally the center equipment determines a signing result based on the second parameter sent by all user equipment.
In the above process, if there is a malicious user equipment in the user equipment participating in the signature process, the malicious user equipment calculates its own first parameter R according to the first parameters of all other user equipment after receiving the first parameters broadcast by all other user equipment x And uses the first parameter R x In the process of calculating the sharing parameters by the central equipment, the malicious user equipment can reversely push out the whole private key based on the signature result after receiving the signature result, so that the security of encrypted communication is threatened.
Disclosure of Invention
The embodiment of the invention provides a collaborative signature method and a collaborative signature system, which are used for ensuring the security of a private key and ensuring the security of encrypted communication.
In a first aspect, an embodiment of the present invention provides a collaborative signature method, which is applied to a collaborative signature system, where the collaborative signature system includes a target user equipment and other user equipments that participate in a signature process, and the method includes:
the target user equipment randomly generates key parameters and target parameters of a first type;
the target user equipment determines a second type of target parameter based on the key parameter and a preset base point coordinate of an elliptic curve;
the target user equipment determines a third type of target parameter based on the first type of target parameter and the second type of target parameter, and broadcasts the third type of target parameter to the other user equipment;
if the target user equipment receives the third type of parameters broadcast by all the devices in the other user equipment, broadcasting the first type of target parameters and the second type of target parameters to the other user equipment;
if the target user equipment receives the first type of parameters and the second type of parameters broadcasted by all the devices in the other user equipment, verifying the third type of parameters corresponding to the user equipment based on the first type of parameters and the second type of parameters corresponding to the user equipment in the other user equipment;
if any one of the other user equipment fails to pass the verification, the target user equipment reports error information and stops the signature process.
Optionally, the collaborative signature system further includes a central device, and the target user device broadcasts the target parameter of the second type to the other user devices, including:
the target user equipment broadcasts the target parameters of the second type to the other user equipment and the center equipment;
the method further comprises the steps of:
the center device receives the second type of target parameters broadcast by the target user device and the second type of parameters broadcast by all devices in the other user devices;
if all the devices in the target user equipment and the other user equipment pass verification, the center equipment determines sharing parameters based on the second type of target parameters, the second type of parameters and the message to be signed;
the center device shares the sharing parameters to the target user device and the other user devices;
the target user equipment determines a fourth type of target parameter based on the sharing parameter and a private key component corresponding to the target user equipment, and sends the fourth type of target parameter to the center equipment;
and the center equipment determines a signature result based on the fourth type of target parameters sent by the target user equipment and fourth type of parameters sent by all the other user equipment.
Optionally, the target user equipment determines a fourth type of target parameter based on the sharing parameter and a private key component corresponding to the target user equipment, including:
and the target user equipment determines a fourth type of target parameter based on the key parameter, the sharing parameter and a private key component corresponding to the target user equipment.
Optionally, the target user equipment determines a third type of target parameter based on the first type of target parameter and the second type of target parameter, including:
the target user equipment determines a third type of target parameter based on the first type of target parameter, the second type of target parameter and a hash algorithm.
Optionally, the verifying the parameter of the third type corresponding to each user equipment based on the parameter of the first type and the parameter of the second type corresponding to each user equipment in the other user equipment includes:
and verifying the parameters of the third type corresponding to the user equipment based on the parameters of the first type and the parameters of the second type corresponding to the user equipment in the other user equipment through a hash algorithm.
In a second aspect, an embodiment of the present invention provides a collaborative signature system, where the collaborative signature system includes a target user equipment participating in a signature process and other user equipment, where the target user equipment is configured to:
randomly generating a key parameter and a target parameter of a first type;
determining a second type of target parameter based on the key parameter and a preset base point coordinate of an elliptic curve;
determining a third type of target parameter based on the first type of target parameter and the second type of target parameter, and broadcasting the third type of target parameter to the other user equipment;
if the third type of parameters broadcast by all the other user equipment are received, broadcasting the first type of target parameters and the second type of target parameters to the other user equipment;
if the target user equipment receives the first type of parameters and the second type of parameters broadcasted by all the devices in the other user equipment, verifying the third type of parameters corresponding to the user equipment based on the first type of parameters and the second type of parameters corresponding to the user equipment in the other user equipment;
if any one of the other user equipment fails to pass the verification, the target user equipment reports error information and stops the signature process.
Optionally, the collaborative signature system further comprises a central device;
the target user equipment is used for broadcasting the second type of target parameters to the other user equipment and the central equipment;
the central device is configured to receive the second type of target parameters broadcast by the target user device and the second type of parameters broadcast by all devices in the other user devices; if all the devices in the target user equipment and the other user equipment pass verification, determining a sharing parameter based on the second type of target parameter, the second type of parameter and the message to be signed; sharing the sharing parameter to the target user equipment and the other user equipment;
the target user equipment is used for determining a fourth type of target parameter based on the sharing parameter and a private key component corresponding to the target user equipment, and sending the fourth type of target parameter to the center equipment;
the central device is configured to determine a signature result based on the fourth type of target parameter sent by the target user device and fourth type of parameters sent by all devices in the other user devices.
Optionally, the target user equipment is configured to:
and determining a fourth type of target parameter based on the key parameter, the sharing parameter and a private key component corresponding to the target user equipment.
Optionally, the target user equipment is configured to:
a third type of target parameter is determined based on the first type of target parameter, the second type of target parameter, and a hash algorithm.
Optionally, the target user equipment is configured to:
and verifying the parameters of the third type corresponding to the user equipment based on the parameters of the first type and the parameters of the second type corresponding to the user equipment in the other user equipment through a hash algorithm.
In the embodiment of the invention, even if the user equipment is malicious, the malicious user equipmentFirst receive +.>At the same time, it is also necessary to broadcast the own +.>If the own +.>It is necessary to calculate +.>. Wherein (1)>And->Is a third type of parameter. If malicious user equipment->Not broadcast->Then for other user equipments the reception of +_ of all the other user equipments is not possible>And further, the subsequent broadcasting is not performedAnd further, the subsequent operations cannot be performed. Wherein (1)>And->The parameters of the first type and the parameters of the second type are sequentially determined. It can be seen from this that malicious user equipment +.>Must broadcast its own->. In the broadcast +.>After that, in case the condition is fulfilled, malicious user equipment +.>Broadcast +.>And cannot tamper with the pre-calculatedBecause the other user equipments will be based on the previously received +.>Go to verify->. Wherein (1)>And->Sequentially is a first type of parameter,A second type of parameter. Even if malicious user equipment->Waiting for other user devices to broadcast themselves firstLet us use->Calculate new +.>Nor can it be achieved because of the pre-calculated +.>Matched +.>Has been broadcast, if malicious user equipment +.>Calculated before subsequent tampering ++>New->And->And the verification cannot pass due to mismatch. Based on the above, by adopting the method provided by the embodiment of the invention, the security of the private key can be ensured, and the security of the communication process is further ensured not to be threatened.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic flow chart of a collaborative signature method according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a collaborative signature system according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this application and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise, the "plurality" generally includes at least two.
The words "if", as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to a detection", depending on the context. Similarly, the phrase "if determined" or "if detected (stated condition or event)" may be interpreted as "when determined" or "in response to determination" or "when detected (stated condition or event)" or "in response to detection (stated condition or event), depending on the context.
In addition, the sequence of steps in the method embodiments described below is only an example and is not strictly limited.
The embodiment of the invention provides a collaborative signature method, which can be applied to a collaborative signature system. The collaborative signature system may include, among other things, target user devices and other user devices that participate in the signature process. It should be noted that, the private key may be split into N private key components, and when signing is actually performed, M user devices that hold the private key components may participate in the signing process, where M is less than or equal to N.
It should be noted that, the computing process of each user device participating in the signature process is similar, and in the embodiment of the present invention, the computing process in a single user device is described by taking the target user device as an example, and the computing process in other user devices may be implemented with reference to the computing process in the target user device, which will not be repeated.
The method of generating the private key component is described first.
Assume that isPrivate key(s)>For the corresponding public key +.>. Wherein G may be the base point coordinates of an elliptic curve,/->Is the order of the base point. Wherein the public-private key pair may be generated using a schnorr algorithm.
The threshold is set to t and it is assumed that the private key needs to be split into n shares.
Can randomly selectAnd->Satisfy->. A polynomial can be constructed +.>,/>. Can randomly select +.>And->Satisfy the following requirementsThen +.>,/>I.e. user equipmentA held private key component.
Wherein, it should be noted that the polynomialMay be a Lagrange interpolation polynomial,>is a single dot by n dots->And the degree is not greater than the polynomial of (n-1). The general formula for the lagrangian interpolation polynomial may be: />. Wherein (1)>。
Assume that the target user equipment isThe target user device can use the corresponding private key component +.>Co-operation with other user equipment or the likeThe signing process is completed. Fig. 1 is a flowchart of a collaborative signature method according to an embodiment of the present invention, as shown in fig. 1, the method includes the following steps:
101. the target user device randomly generates key parameters and target parameters of a first type.
102. The target user equipment determines a second type of target parameter based on the key parameter and the base point coordinates of a preset elliptic curve.
103. The target user equipment determines a third type of target parameter based on the first type of target parameter and the second type of target parameter, and broadcasts the third type of target parameter to other user equipment.
104. And if the target user equipment receives the third type of parameters broadcast by all the other user equipment, broadcasting the first type of target parameters and the second type of target parameters to the other user equipment.
105. And if the target user equipment receives the first type of parameters and the second type of parameters broadcast by all the devices in the other user equipment, verifying the third type of parameters corresponding to the user equipment based on the first type of parameters and the second type of parameters corresponding to the user equipment in the other user equipment.
106. If any one of the other user equipment is not verified, the target user equipment reports error information and stops the signature process.
In practical application, the target user equipment can randomly generate key parametersTarget parameters of a first typeWherein->。
The target user device may be based on key parametersAnd the base point coordinates G of the preset elliptic curve, determining the target parameter +.>. Wherein the computational expression of the second type of target parameter may be: />。
After determining the second type of target parameter and the third type of target parameter, the target user equipment may be based on the first type of target parameterAnd a target parameter of the second type +.>Determining a third type of target parameter +.>And broadcasting the third type of target parameter +.>。
In some alternative embodiments, the above-described process of determining the third type of target parameter may be implemented as: the target user device determines a third type of target parameter based on the first type of target parameter, the second type of target parameter, and the hash algorithm. Based on this, the expression for calculating the target parameter of the third type may be:. Where H () represents a hash algorithm.
For the target user equipment, the target user equipment externally broadcasts the target parameters of the third type. For other user equipments, the other user equipments can also calculate the target parameters of the third type with reference to the description aboveIn this way, the respective parameters of the third type are calculated individually +.>. After each of the other ue calculates the third type of parameter, it is also necessary to broadcast its own third type of parameter to the outside. In this way, the other user devices will broadcast the parameters of the third type calculated by themselves one by one, and the target user device will receive the parameters of the third type broadcast by the other user devices one by one.
The target user equipment may collect the third type of parameters broadcast by all other user equipment, and after detecting that the third type of parameters broadcast by all user equipment in other user equipment has been received, may broadcast the first type of target parameters and the second type of target parameters。
As with the target ue, all of the other ues also need to broadcast the respective first type of parameters and second type of parameters after receiving all of the third type of parameters. The target ue may receive the first type of parameter and the second type of parameter broadcast by each other ue one by one, and after receiving the first type of parameter and the second type of parameter broadcast by all the ues in the other ue, further, the target ue may verify the third type of parameter corresponding to each ue based on the first type of parameter and the second type of parameter corresponding to each ue in the other ue one by one.
In some alternative embodiments, the verification process described above may be implemented as: and verifying the parameters of the third type corresponding to the user equipment based on the parameters of the first type and the parameters of the second type corresponding to the user equipment in other user equipment through a hash algorithm. Based on this, the verification process can be expressed as:。
the subsequent steps may be performed only after the target user device has passed the third type of parameter verification for all of the other user devices, or else an error may be reported and the subsequent steps of the signing process stopped as long as any of the other user devices has not passed the verification.
The following describes a signature process after verification of all parameters of the third type of user equipment among other user equipment.
Optionally, a central device is also included in the collaborative signature system. The target user equipment broadcasts a second type of target parameters to other user equipment and the center equipment; the center device receives the second type of target parameters broadcast by the target user device and the second type of parameters broadcast by all devices in other user devices; if all the equipment in the target user equipment and other user equipment pass verification, the center equipment determines sharing parameters based on the second type of target parameters, the second type of parameters and the message to be signed; the center device shares the sharing parameters to the target user device and other user devices; the target user equipment determines a fourth type of target parameter based on the sharing parameter and a private key component corresponding to the target user equipment, and sends the fourth type of target parameter to the center equipment; the center device determines a signature result based on the fourth type of target parameter transmitted by the target user device and the fourth type of parameter transmitted by all of the other user devices.
In practical applications, the target ue may broadcast the second type of target parameter to the outside, where the second type of target parameter also includes the central device. Based on this, the central device may also receive a second type of target parameter broadcast by the target user device. At the same time, other user equipments also need to broadcast respective parameters of the second type externally, so that the central equipment can finally collect the target parameters of the second type broadcast by the target user equipment, and the parameters of the second type broadcast by all the other user equipments. The central device may then determine the shared parameter based on the received parameter in conjunction with the target parameter of the second type, the parameter of the second type, and the message to be signed.
In some alternative embodiments, the above-described process of determining the sharing parameters may be implemented as: the central device calculates R, wherein,. I.e. the central device calculates R based on the second type of target parameters broadcast by the target user device and the second type of parameters broadcast by all other user devices. The central device can then be based on R, the message to be signed, and the public key +.>The sharing parameters are calculated. Wherein, the process of calculating the sharing parameter can be expressed as:。
after the central device calculates the sharing parameters, the sharing parameters may be shared internally, i.e. the sharing parameters are shared to the target user device and to other user devices. In this way, the target user equipment may acquire the sharing parameters.
After the target ue acquires the sharing parameter, the fourth type of target parameter may be determined based on the key parameter, the sharing parameter, and the private key component corresponding to the target ue, where the process may be specifically implemented as: calculation of. Wherein (1)>For the fourth type of target parameter +.>For the key parameter, e is the shared parameter, +.>Private key component held for target user device, < ->Is->Is provided with (1) a variant of。
After the target user equipment calculates the fourth type of target parameters, the fourth type of target parameters may be broadcast to the outside. Similarly, other user equipments may calculate respective parameters of the fourth type by referring to the manner of calculating the target parameters of the fourth type, and broadcast the parameters of the fourth type to the outside. In this way, the center device may receive the fourth type of target parameters broadcast by the target user device and the fourth type of parameters broadcast by all of the other user devices. The central device may then calculate a signature result based on the received parameters. Wherein, the process of calculating the signature result can be expressed as:. Wherein (1)>A target parameter of the fourth type broadcast for the target user equipment and any of the parameters of the fourth type broadcast for all of the other user equipments. Finally, go up>The signature result is obtained.
In the above procedure, it is assumed that a malicious user equipment existsThe malicious user equipment->In the process of collaborative computing R, all other user equipment counts are receivedCalculated->Afterwards, select->And calculateUse +.>Participate in the process of collaborative computing R. In such a case, it would result in a collaborative calculation of +.>. After the central device generates the signature result, malicious user device +.>The signature result is obtained, and +.>The whole private key can be reversely deduced>. It follows that if any user equipment is allowed to receive the calculated +.>Then go to calculate the own +.>A threat to the security of the private key is posed.
In order to avoid the above problems, in the embodiment of the present invention, even if it is malicious user equipmentFirst receive +.>At the same time, it is also necessary to broadcast the own +.>If the own +.>It is necessary to calculate +.>. If malicious user equipment->Not broadcast->Then for other user equipments the reception of +_ of all the other user equipments is not possible>Further, the subsequent broadcasting +_ is not performed>And further, the subsequent operations cannot be performed. It can be seen from this that malicious user equipment +.>Must broadcast its own->. At the time of broadcastingAfter that, in case the condition is fulfilled, malicious user equipment +.>Broadcast +.>And cannot tamper with the already pre-calculated +.>Because the other user equipments will be based on the previously received +.>Go to verify->. Even if malicious user equipment->Waiting for other user equipments to broadcast their own +.>Let us use->Calculate new +.>Nor can it be achieved because of the pre-calculated +.>Matched +.>Has been broadcast, if malicious user equipment +.>Calculated before subsequent tampering ++>New->And->And the verification cannot pass due to mismatch. Based on the above, by adopting the method provided by the embodiment of the invention, the security of the private key can be ensured, and the security of the communication process is further ensured not to be threatened.
Fig. 2 is a schematic structural diagram of a collaborative signature system according to an embodiment of the present invention, as shown in fig. 2, where the collaborative signature system includes a target ue 21 and other ues 22 participating in a signature process, where the target ue 21 is configured to:
randomly generating a key parameter and a target parameter of a first type;
determining a second type of target parameter based on the key parameter and a preset base point coordinate of an elliptic curve;
determining a third type of target parameter based on the first type of target parameter and the second type of target parameter, and broadcasting the third type of target parameter to the other user equipment 22;
broadcasting the first type of target parameter and the second type of target parameter to the other user equipment 22 if a third type of parameter broadcast by all of the other user equipment 22 is received;
if the first type of parameters and the second type of parameters broadcasted by all the devices in the other user devices 22 are received, verifying the third type of parameters corresponding to each user device based on the first type of parameters and the second type of parameters corresponding to each user device in the other user devices 22;
if any one of the other user devices 22 fails to verify, reporting error information and stopping the signing process.
Optionally, the collaborative signature system further comprises a central device 23;
the target user device 21 is configured to broadcast the second type of target parameter to the other user devices 22 and the central device 23;
the central device 23 is configured to receive the second type of target parameters broadcast by the target user device 21 and the second type of parameters broadcast by all devices in the other user devices 22; if all devices in the target ue 21 and the other ue 22 pass verification, determining a sharing parameter based on the second type of target parameter, the second type of parameter and the message to be signed; sharing the sharing parameters to the target user equipment 21 and the other user equipments 22;
the target ue 21 is configured to determine a fourth type of target parameter based on the shared parameter and a private key component corresponding to the target ue 21, and send the fourth type of target parameter to the central device 23;
the central device 23 is configured to determine a signature result based on the fourth type of target parameter sent by the target user device 21 and fourth type of parameters sent by all devices in the other user devices 22.
Optionally, the target user equipment 21 is configured to:
a fourth type of target parameter is determined based on the key parameter, the sharing parameter and the private key component corresponding to the target user device 21.
Optionally, the target user equipment 21 is configured to:
a third type of target parameter is determined based on the first type of target parameter, the second type of target parameter, and a hash algorithm.
Optionally, the target user equipment 21 is configured to:
and verifying the parameters of the third type corresponding to each user equipment based on the parameters of the first type and the parameters of the second type corresponding to each user equipment in the other user equipment 22 through a hash algorithm.
The system shown in fig. 2 may perform the collaborative signature method provided in the foregoing embodiment shown in fig. 1, and detailed execution and technical effects are referred to the description in the foregoing embodiment, which is not repeated herein.
From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by adding necessary general purpose hardware platforms, or may be implemented by a combination of hardware and software. Based on such understanding, the foregoing aspects, in essence and portions contributing to the art, may be embodied in the form of a computer program product, which may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The collaborative signature method provided by the embodiment of the present invention may be executed by a certain program/software, the program/software may be provided by a network side, the electronic device mentioned in the foregoing embodiment may download the program/software into a local non-volatile storage medium, and when it needs to execute the foregoing collaborative signature method, the program/software is read into a memory by a CPU, and then the CPU executes the program/software to implement the collaborative signature method provided in the foregoing embodiment, and the execution process may refer to the schematic diagram in fig. 1.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims (10)
1. A collaborative signature method, applied to a collaborative signature system, the collaborative signature system including a target user device and other user devices participating in a signature process, the method comprising:
the target user equipment randomly generates key parameters and target parameters of a first type;
the target user equipment determines a second type of target parameter based on the key parameter and a preset base point coordinate of an elliptic curve;
the target user equipment determines a third type of target parameter based on the first type of target parameter and the second type of target parameter, and broadcasts the third type of target parameter to the other user equipment;
if the target user equipment receives the third type of parameters broadcast by all the devices in the other user equipment, broadcasting the first type of target parameters and the second type of target parameters to the other user equipment;
if the target user equipment receives the first type of parameters and the second type of parameters broadcasted by all the devices in the other user equipment, verifying the third type of parameters corresponding to the user equipment based on the first type of parameters and the second type of parameters corresponding to the user equipment in the other user equipment;
if any one of the other user equipment fails to pass the verification, the target user equipment reports error information and stops the signature process.
2. The method according to claim 1, further comprising a central device in the collaborative signature system, wherein the target user device broadcasts the second type of target parameters to the other user devices, comprising:
the target user equipment broadcasts the target parameters of the second type to the other user equipment and the center equipment;
the method further comprises the steps of:
the center device receives the second type of target parameters broadcast by the target user device and the second type of parameters broadcast by all devices in the other user devices;
if all the devices in the target user equipment and the other user equipment pass verification, the center equipment determines sharing parameters based on the second type of target parameters, the second type of parameters and the message to be signed;
the center device shares the sharing parameters to the target user device and the other user devices;
the target user equipment determines a fourth type of target parameter based on the sharing parameter and a private key component corresponding to the target user equipment, and sends the fourth type of target parameter to the center equipment;
and the center equipment determines a signature result based on the fourth type of target parameters sent by the target user equipment and fourth type of parameters sent by all the other user equipment.
3. The method of claim 2, wherein the target user device determining a fourth type of target parameter based on the shared parameter and a private key component corresponding to the target user device comprises:
and the target user equipment determines a fourth type of target parameter based on the key parameter, the sharing parameter and a private key component corresponding to the target user equipment.
4. The method of claim 1, wherein the target user device determining a third type of target parameter based on the first type of target parameter and the second type of target parameter comprises:
the target user equipment determines a third type of target parameter based on the first type of target parameter, the second type of target parameter and a hash algorithm.
5. The method according to claim 1, wherein verifying the parameter of the third type corresponding to each user equipment based on the parameter of the first type and the parameter of the second type corresponding to each user equipment in the other user equipments comprises:
and verifying the parameters of the third type corresponding to the user equipment based on the parameters of the first type and the parameters of the second type corresponding to the user equipment in the other user equipment through a hash algorithm.
6. A collaborative signature system, comprising a target user equipment participating in a signature process and other user equipment, wherein the target user equipment is used for:
randomly generating a key parameter and a target parameter of a first type;
determining a second type of target parameter based on the key parameter and a preset base point coordinate of an elliptic curve;
determining a third type of target parameter based on the first type of target parameter and the second type of target parameter, and broadcasting the third type of target parameter to the other user equipment;
if the third type of parameters broadcast by all the other user equipment are received, broadcasting the first type of target parameters and the second type of target parameters to the other user equipment;
if the first type of parameters and the second type of parameters broadcast by all the devices in the other user devices are received, verifying the third type of parameters corresponding to the user devices based on the first type of parameters and the second type of parameters corresponding to the user devices in the other user devices;
if any one of the other user equipment fails to verify, reporting error information and stopping the signature process.
7. The system of claim 6, wherein the collaborative signature system further comprises a central device;
the target user equipment is used for broadcasting the second type of target parameters to the other user equipment and the central equipment;
the central device is configured to receive the second type of target parameters broadcast by the target user device and the second type of parameters broadcast by all devices in the other user devices; if all the devices in the target user equipment and the other user equipment pass verification, determining a sharing parameter based on the second type of target parameter, the second type of parameter and the message to be signed; sharing the sharing parameter to the target user equipment and the other user equipment;
the target user equipment is used for determining a fourth type of target parameter based on the sharing parameter and a private key component corresponding to the target user equipment, and sending the fourth type of target parameter to the center equipment;
the central device is configured to determine a signature result based on the fourth type of target parameter sent by the target user device and fourth type of parameters sent by all devices in the other user devices.
8. The system of claim 7, wherein the target user device is configured to:
and determining a fourth type of target parameter based on the key parameter, the sharing parameter and a private key component corresponding to the target user equipment.
9. The system of claim 6, wherein the target user device is configured to:
a third type of target parameter is determined based on the first type of target parameter, the second type of target parameter, and a hash algorithm.
10. The system of claim 6, wherein the target user device is configured to:
and verifying the parameters of the third type corresponding to the user equipment based on the parameters of the first type and the parameters of the second type corresponding to the user equipment in the other user equipment through a hash algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311745141.1A CN117439737B (en) | 2023-12-18 | 2023-12-18 | Collaborative signature method and collaborative signature system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311745141.1A CN117439737B (en) | 2023-12-18 | 2023-12-18 | Collaborative signature method and collaborative signature system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117439737A CN117439737A (en) | 2024-01-23 |
| CN117439737B true CN117439737B (en) | 2024-02-27 |
Family
ID=89546514
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311745141.1A Active CN117439737B (en) | 2023-12-18 | 2023-12-18 | Collaborative signature method and collaborative signature system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117439737B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019034951A1 (en) * | 2017-08-15 | 2019-02-21 | nChain Holdings Limited | Threshold digital signature method and system |
| CN109474422A (en) * | 2018-11-19 | 2019-03-15 | 武汉大学 | A kind of method that multi-party collaboration generates SM2 digital signature |
| CN110971405A (en) * | 2019-12-06 | 2020-04-07 | 支付宝(杭州)信息技术有限公司 | SM2 signing and decrypting method and system with cooperation of multiple parties |
| WO2022116175A1 (en) * | 2020-12-04 | 2022-06-09 | 上海阵方科技有限公司 | Method and apparatus for generating digital signature and server |
| CN115473633A (en) * | 2022-08-24 | 2022-12-13 | 武汉大学 | Method and device for cooperatively generating SM2 digital signature by multiple parties |
| CN116865970A (en) * | 2023-05-30 | 2023-10-10 | 北京数字认证股份有限公司 | Multiparty cooperative key generation and digital signature method and system based on national cryptographic algorithm |
| CN117240467A (en) * | 2023-08-31 | 2023-12-15 | 蚂蚁区块链科技(上海)有限公司 | Method, system and node for realizing threshold signature |
-
2023
- 2023-12-18 CN CN202311745141.1A patent/CN117439737B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019034951A1 (en) * | 2017-08-15 | 2019-02-21 | nChain Holdings Limited | Threshold digital signature method and system |
| CN109474422A (en) * | 2018-11-19 | 2019-03-15 | 武汉大学 | A kind of method that multi-party collaboration generates SM2 digital signature |
| CN110971405A (en) * | 2019-12-06 | 2020-04-07 | 支付宝(杭州)信息技术有限公司 | SM2 signing and decrypting method and system with cooperation of multiple parties |
| WO2022116175A1 (en) * | 2020-12-04 | 2022-06-09 | 上海阵方科技有限公司 | Method and apparatus for generating digital signature and server |
| CN115473633A (en) * | 2022-08-24 | 2022-12-13 | 武汉大学 | Method and device for cooperatively generating SM2 digital signature by multiple parties |
| CN116865970A (en) * | 2023-05-30 | 2023-10-10 | 北京数字认证股份有限公司 | Multiparty cooperative key generation and digital signature method and system based on national cryptographic algorithm |
| CN117240467A (en) * | 2023-08-31 | 2023-12-15 | 蚂蚁区块链科技(上海)有限公司 | Method, system and node for realizing threshold signature |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117439737A (en) | 2024-01-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Kaur et al. | Blockchain-based lightweight authentication mechanism for vehicular fog infrastructure | |
| Lyu et al. | PBA: Prediction-based authentication for vehicle-to-vehicle communications | |
| CA3017401C (en) | Methods and systems for managing network activity using biometrics | |
| CN112970236B (en) | Collaborative risk awareness authentication | |
| CN109688107B (en) | Cloud data safety positioning method based on integrity audit and communication time delay | |
| JP6538644B2 (en) | Secure routing based on physical location of router | |
| KR20140054151A (en) | Credential validation | |
| KR20080065992A (en) | Digital signatures for network coding | |
| WO2019093478A1 (en) | Key exchange device, key exchange system, key exchange method, and key exchange program | |
| CN112436938B (en) | Digital signature generation method and device and server | |
| US20230052608A1 (en) | Remote attestation | |
| CN112417489B (en) | Digital signature generation method and device and server | |
| Karimi et al. | Enhancing security and confidentiality in location-based data encryption algorithms | |
| EP3105881B1 (en) | Quantum position based authentication | |
| US20240064027A1 (en) | Identity authentication method and apparatus, and storage medium, program and program product | |
| Larson et al. | Secure auctions without an auctioneer via verifiable secret sharing | |
| Lyu et al. | CLIP: Continuous location integrity and provenance for mobile phones | |
| JPWO2018179293A1 (en) | Verification information providing device, verification device, information management system, method, and program | |
| Li et al. | IPOR: An efficient IDA-based proof of retrievability scheme for cloud storage systems | |
| CN117439737B (en) | Collaborative signature method and collaborative signature system | |
| Ding et al. | An efficient and secure scheme of verifiable computation for intel SGX | |
| CN112132578A (en) | Efficient transaction processing method, tracking method and device based on block chain | |
| CN111245611A (en) | Anti-quantum computing identity authentication method and system based on secret sharing and wearable equipment | |
| CN115866189A (en) | Video data secure transmission method for cloud conference | |
| US20240064006A1 (en) | Identity authentication method and apparatus, storage medium, program, and program product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |