CN117544312A - Cross-domain digital signature method based on attribute encryption and related equipment thereof - Google Patents
Cross-domain digital signature method based on attribute encryption and related equipment thereof Download PDFInfo
- Publication number
- CN117544312A CN117544312A CN202311408845.XA CN202311408845A CN117544312A CN 117544312 A CN117544312 A CN 117544312A CN 202311408845 A CN202311408845 A CN 202311408845A CN 117544312 A CN117544312 A CN 117544312A
- Authority
- CN
- China
- Prior art keywords
- attribute
- domain
- key
- signed
- party
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 73
- 238000013500 data storage Methods 0.000 claims abstract description 21
- 238000012795 verification Methods 0.000 claims description 91
- 239000003999 initiator Substances 0.000 claims description 77
- 239000003795 chemical substances by application Substances 0.000 claims description 37
- 230000007246 mechanism Effects 0.000 claims description 28
- 230000002776 aggregation Effects 0.000 claims description 19
- 238000004220 aggregation Methods 0.000 claims description 19
- 230000004931 aggregating effect Effects 0.000 claims description 6
- 230000009466 transformation Effects 0.000 claims description 5
- 238000005516 engineering process Methods 0.000 abstract description 15
- 230000005540 biological transmission Effects 0.000 abstract description 11
- 230000008569 process Effects 0.000 description 9
- 238000004891 communication Methods 0.000 description 7
- 238000004364 calculation method Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 238000013475 authorization Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 230000003993 interaction Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 230000006835 compression Effects 0.000 description 2
- 238000007906 compression Methods 0.000 description 2
- 239000012634 fragment Substances 0.000 description 2
- 239000011159 matrix material Substances 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 241001134453 Lista Species 0.000 description 1
- 239000008186 active pharmaceutical agent Substances 0.000 description 1
- 230000002411 adverse Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 235000019800 disodium phosphate Nutrition 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000005111 flow chemistry technique Methods 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 230000001788 irregular Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Abstract
The application discloses a cross-domain digital signature method based on attribute encryption and related equipment thereof, belonging to the field of digital signature of blockchain technology. The method comprises the steps that a cross-domain digital signature method is applied to an inner cross-domain and outer cross-domain combined signature system, the inner cross-domain and outer cross-domain combined signature system is built on a blockchain network, the inner cross-domain and outer cross-domain combined signature system comprises an identity chain, a combined chain, a data storage and an attribute authorization center cluster, the combined chain comprises proxy nodes and an aggregate signature node, the inner cross-domain and outer cross-domain combined signature system further comprises a plurality of domain spaces, a document combined signature request is subjected to cross-domain broadcasting through the proxy nodes on the combined chain, an attribute key is generated based on the attribute authorization center cluster, the attribute key is used for encrypting and decrypting a symmetric key, the symmetric key is used for encrypting and decrypting to-be-combined signature data so as to ensure key safe transmission, and finally the combined signature is aggregated. The method and the device realize internal and external cross-domain joint signature by using the blockchain technology, and can ensure the safety, the reliability and the non-tamper property of data.
Description
Technical Field
The application belongs to the field of digital signature of a blockchain technology, and particularly relates to a cross-domain digital signature method based on attribute encryption and related equipment thereof.
Background
The intelligent sharing financial platform has realized a series of operations such as the issuing and receiving of the electronic certificate of the outside legal, paperless circulation of the internal document, paperless filing of the accounting file, and the like, but has not realized unification in the aspects such as the united signing business specification of the internal and external collaborative document, the flow processing channel, and the like. When signing an electronic document, a general account-reporting strip line service is required to be uploaded, part of internal and external documents are involved in the account-reporting service, the signing of the documents/certificates between an enterprise and an external main body is required to be manually filled in and manually checked by a plurality of parties at present, the documents/certificates are mailed off line to the enterprise as the certificates of reimbursement of a business department, and business personnel process the service as reimbursement accessories through a manual file scanning mode.
The internal and external collaborative bill combination signing mode is characterized in that the bill/receipt is manually filled after each service system is queried by manpower, the service operation efficiency is low, the data is easy to make mistakes, a plurality of cross-department main bodies are involved, the risks of sensitive information leakage and stealing exist, the problems of illegal access and illegal tampering of users are easy to occur, and adverse effects are caused on the service data security and the subsequent related expense settlement links. Meanwhile, the traditional paper signing mode is mainly adopted, and illegal phenomena such as signing, mislabeling, random modification of signed contents and the like are easy to occur in the signing process, so that economic loss is caused due to the fact that the signed contents are inconsistent with the actual contents, a responsibility main body cannot be realized, and the follow-up is difficult to follow up in the later period.
Disclosure of Invention
The embodiment of the application aims to provide a cross-domain digital signature method, device, computer equipment and storage medium based on attribute encryption, so as to solve the problems of easy data leakage, easy document interaction and falsification, nonstandard signing flow and difficult traceability of the existing internal and external collaborative single document combined signature mode.
In order to solve the above technical problems, the embodiments of the present application provide a cross-domain digital signature method based on attribute encryption, which adopts the following technical scheme:
the cross-domain digital signature method based on attribute encryption is applied to an internal and external cross-domain signature system, the internal and external cross-domain signature system is built on a blockchain network, the internal and external cross-domain signature system comprises an identity chain, a alliance chain, a data memory and an attribute authorization center cluster, the alliance chain comprises a service node, an agent node and an aggregate signature node, the internal and external cross-domain signature system further comprises a plurality of domain spaces, each domain space is provided with a matched agent node in the alliance chain, and the cross-domain digital signature method comprises the following steps:
registering all the co-signing participants into an internal and external cross-domain co-signing system, and determining the domain space of each co-signing participant, wherein the co-signing participants comprise a co-signing initiator and a to-be-signed party;
Acquiring a bill combined sign request initiated by a combined sign initiator, determining a to-be-signed party, carrying out cross-domain broadcasting on the bill combined sign request through an agent node of a domain space to which the combined sign initiator belongs, and sending the bill combined sign request to the to-be-signed party;
after receiving a bill signing request, the party to be signed performs authority verification, wherein the authority verification comprises cross-domain authority verification and access authority authentication;
after passing the authority verification, the party to be signed sends the bill ciphertext pre-stored in the data storage to the party to be signed, wherein the bill ciphertext is ciphertext data generated by encrypting the bill to be signed by using a symmetric key;
the metadata of the to-be-signed bill, which is broadcast in advance on the blockchain network, is sent to a to-be-signed party, wherein the metadata of the to-be-signed bill comprises attribute ciphertext data generated after attribute encryption of a symmetric key;
acquiring an attribute key corresponding to a party to be signed from an attribute authorization center cluster, and decrypting attribute ciphertext data by using the attribute key to obtain a plaintext of a symmetric key;
decrypting the bill ciphertext by using the symmetric key to obtain the plaintext of the to-be-signed bill, and indicating the to-be-signed party to sign the to-be-signed bill to obtain the co-signed signature;
Uploading the combined signature through a proxy node of a domain space to which a party to be signed belongs, and aggregating the combined signature through an aggregation signature node to obtain a combined signature result of the single to be combined signature.
In order to solve the above technical problems, the embodiments of the present application further provide a cross-domain digital signature device based on attribute encryption, which adopts the following technical scheme:
the utility model provides a cross-domain digital signature device based on attribute encryption, cross-domain digital signature device is used for running inside and outside cross-domain alliance system, inside and outside cross-domain alliance system builds on the blockchain network, inside and outside cross-domain alliance system includes identity chain, alliance chain, data storage and attribute authority center cluster, the alliance chain includes service node, agent node and aggregate signature node, inside and outside cross-domain alliance system still includes a plurality of domain space, every domain space is provided with the agent node of matching in the alliance chain, cross-domain digital signature device includes:
the system comprises a joint signature registration module, a joint signature registration module and a signature registration module, wherein the joint signature registration module is used for registering all joint signature participants into an internal-external cross-domain joint signature system and determining the domain space of each joint signature participant, and the joint signature participants comprise joint signature sponsors and to-be-signed parties;
the cross-domain broadcasting module is used for acquiring a bill joint signing request initiated by the joint signing initiator, determining a to-be-signed party, carrying out cross-domain broadcasting on the bill joint signing request through an agent node of a domain space to which the joint signing initiator belongs, and sending the bill joint signing request to the to-be-signed party;
The authority verification module is used for carrying out authority verification on the party to be signed after the party to be signed receives the bill signing request, wherein the authority verification comprises cross-domain authority verification and access authority authentication;
the cryptograph sending module is used for sending the bill cryptograph pre-stored in the data storage to the party to be signed after the party to be signed passes the authority verification, wherein the bill cryptograph is cryptograph data generated after encrypting the bill to be signed by using the symmetric key;
the metadata sending module is used for sending metadata of the to-be-signed bill broadcasted in advance on the blockchain network to a party to be signed, wherein the metadata of the to-be-signed bill comprises attribute ciphertext data generated after attribute encryption of the symmetric key;
the attribute decryption module is used for acquiring an attribute key corresponding to the party to be signed from the attribute authorization center cluster, and decrypting the attribute ciphertext data by using the attribute key to obtain a plaintext of the symmetric key;
the receipt decryption module is used for decrypting the receipt ciphertext by using the symmetric key to obtain the plaintext of the to-be-signed receipt, and indicating the to-be-signed party to sign the to-be-signed receipt to obtain the co-signed signature;
and the combined signature module is used for uploading the combined signature through the proxy node of the domain space of the party to be signed, and aggregating the combined signature through the aggregation signature node to obtain the combined signature result of the single to be signed.
In order to solve the above technical problems, the embodiments of the present application further provide a computer device, which adopts the following technical schemes:
a computer device comprising a memory having stored therein computer readable instructions which when executed by a processor implement the steps of the attribute-based encrypted cross-domain digital signature method as claimed in any one of the preceding claims.
In order to solve the above technical problems, embodiments of the present application further provide a computer readable storage medium, which adopts the following technical solutions:
a computer readable storage medium having stored thereon computer readable instructions which when executed by a processor implement the steps of a cross-domain digital signature method based on attribute encryption as claimed in any one of the preceding claims.
Compared with the prior art, the embodiment of the application has the following main beneficial effects:
the application discloses a cross-domain digital signature method based on attribute encryption and related equipment thereof, belonging to the field of digital signature of blockchain technology. The cross-domain digital signature method is applied to an internal and external cross-domain signature system, the internal and external cross-domain signature system is built on a blockchain network, the internal and external cross-domain signature system comprises an identity chain, a alliance chain, a data storage and an attribute authorization center cluster, the alliance chain comprises a service node, an agent node and an aggregate signature node, the internal and external cross-domain signature system further comprises a plurality of domain spaces, each domain space is provided with a matched agent node in the alliance chain, the application carries out cross-domain broadcasting on a bill signature request through the agent node on the alliance chain, an attribute key is generated based on the attribute authorization center cluster, the attribute key is used for encrypting and decrypting a symmetric key, the symmetric key is used for encrypting and decrypting the to-be-signed data so as to ensure key safe transmission, and finally the aggregate signature is aggregated by combining the aggregate signature. The method and the device realize internal and external cross-domain joint signature by using the blockchain technology, and can ensure the safety, the reliability and the non-tamper property of data.
Drawings
For a clearer description of the solution in the present application, a brief description will be given below of the drawings that are needed in the description of the embodiments of the present application, it being obvious that the drawings in the following description are some embodiments of the present application, and that other drawings may be obtained from these drawings without inventive effort for a person of ordinary skill in the art.
FIG. 1 illustrates an exemplary system architecture diagram in which the present application may be applied;
FIG. 2 shows a schematic diagram of the architecture of the blockchain-based inside-outside cross-domain co-signing system of the present application;
FIG. 3 illustrates a flow chart of one embodiment of a cross-domain digital signature method based on attribute-based encryption in accordance with the present application;
FIG. 4 illustrates a flow chart of another embodiment of a cross-domain digital signature method based on attribute-based encryption in accordance with the present application
FIG. 5 illustrates a schematic diagram of one embodiment of a cross-domain digital signature apparatus based on attribute-based encryption in accordance with the present application;
fig. 6 shows a schematic structural diagram of one embodiment of a computer device according to the present application.
Detailed Description
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs; the terminology used in the description of the applications herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application; the terms "comprising" and "having" and any variations thereof in the description and claims of the present application and in the description of the figures above are intended to cover non-exclusive inclusions. The terms first, second and the like in the description and in the claims or in the above-described figures, are used for distinguishing between different objects and not necessarily for describing a sequential or chronological order.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment may be included in at least one embodiment of the present application. The appearances of such phrases in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Those of skill in the art will explicitly and implicitly appreciate that the embodiments described herein may be combined with other embodiments.
In order to better understand the technical solutions of the present application, the following description will clearly and completely describe the technical solutions in the embodiments of the present application with reference to the accompanying drawings.
As shown in fig. 1, a system architecture 100 may include terminal devices 101, 102, 103, a network 104, and a server 105. The network 104 is used as a medium to provide communication links between the terminal devices 101, 102, 103 and the server 105. The network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
The user may interact with the server 105 via the network 104 using the terminal devices 101, 102, 103 to receive or send messages or the like. Various communication client applications, such as a web browser application, a shopping class application, a search class application, an instant messaging tool, a mailbox client, social platform software, etc., may be installed on the terminal devices 101, 102, 103.
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablet computers, electronic book readers, MP3 players (Moving Picture Experts Group Audio Layer III, dynamic video expert compression standard audio plane 3), MP4 (Moving Picture Experts Group Audio Layer IV, dynamic video expert compression standard audio plane 4) players, laptop and desktop computers, and the like.
The server 105 may be a server that provides various services, such as a background server that provides support for pages displayed on the terminal devices 101, 102, 103, and may be a stand-alone server, or may be a cloud server that provides cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communications, middleware services, domain name services, security services, content delivery networks (Content Delivery Network, CDN), and basic cloud computing services such as big data and artificial intelligence platforms.
It should be noted that, the cross-domain digital signature method based on attribute encryption provided in the embodiments of the present application is generally executed by a server, and accordingly, the cross-domain digital signature device based on attribute encryption is generally disposed in the server.
It should be understood that the number of terminal devices, networks and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
The method aims at solving the problems of easy data leakage, easy document interaction and falsification, irregular signing flow and difficult tracing existing in the existing internal and external collaborative single document signing mode. The application discloses a cross-domain digital signature method based on attribute encryption and related equipment thereof, belonging to the field of digital signature of blockchain technology, wherein the cross-domain digital signature method is applied to an internal and external cross-domain signature system, the structural schematic diagram of the internal and external cross-domain signature system is shown in figure 2, the internal and external cross-domain signature system comprises an identity chain, a alliance chain, a data memory and an attribute authorization center cluster, the alliance chain comprises a service node, an agent node and an aggregate signature node, the internal and external cross-domain signature system further comprises a plurality of domain spaces, and each domain space is configured with a matched agent node in the alliance chain, wherein:
identity chain (blockchain X as shown in fig. 2): the identity chain is a blockchain distributed ledger composed and maintained together by certificate authorities CA of each domain, the chain being responsible for managing the behaviour of the certificate authorities CA and storing all registration information (e.g. temporary certificates) for cross-domain authentication, which is embedded as transactions in the blockchain so that any blockchain node can access, the main function of the chain being to provide user identity registration and inquiry services.
Federated chain (blockchain Y as shown in fig. 2): a distributed ledger maintained by users and proxy nodes allows the nodes to invoke and instantiate intelligent contracts. Because the embodiment is mainly applied to the intra-enterprise and inter-enterprise cross-domain alliance scheme, the blockchain is more precisely an alliance chain, and the application is not limited to the alliance chain and can be extended to a private chain.
A data storage: may be a centralized Cloud Service Provider (CSP) that provides common centralized cloud storage services (e.g., amazon cloud, ali cloud, etc.), or may be a distributed file storage system (e.g., IPFS). In the specific embodiment of the present application, IPFS is used as an embodiment, but is not limited to IPFS, and may be other data storage systems.
Attribute authority clusters: the method is responsible for managing the attribute set and issuing an attribute private key to users meeting access policies, wherein the private key is sent to related nodes (such as users, proxy nodes, service nodes and the like) through a secure channel. Attribute authority clusters are typically made up of multiple attribute authorities, which may be independent entities or organizations. Each attribute authority in the cluster is responsible for managing a specific set of attributes and corresponding authorization policies, the attribute authorities validating the user's attribute declarations and generating corresponding attribute authorization information, such as an attribute private key, based on the access policies.
Certificate Authority (CA): also called key generation centers, the certificate authority CA of each domain is a member responsible for managing the whole domain, including registration of membership (e.g. issuing and distributing public and private key pairs, identity digital certificates, etc.) and malicious member tracking, and one certificate authority CA is configured in each domain on an identity chain, and the certificate authority CA of each domain is equivalent to a group administrator of the whole domain.
Agent node: the proxy node may be an edge node or a fog node, acting as a communication bridge between the different participants, which mainly provides some APIs for verifying signatures, forwarding messages, retrieving transactions and invoking smart contracts.
Joint label aggregation node: the node is one of the organization nodes in the federation chain and is responsible for collecting the signatures of the users from the proxy nodes of the domains, generating an aggregate signature, and sending it to the data owner or (electronic document) service node.
In a specific embodiment of the present application, before the internal and external cross-domain co-signing is performed, the internal and external cross-domain co-signing system needs to be initialized and registered by an attribute mechanism. When the internal and external cross-domain co-signing system is initialized, the certificate authority CA of each domain performs system initialization on the domain to which the system belongs, and generates the public parameter lambda and the domain master private key (such as the private key of the enterprise domain M in FIG. 2) of the system And private key of enterprise domain N +.>) And domain master public key (e.g., public key of Intranet M in FIG. 2)And the public key of the enterprise domain N +.>) The domain master private key is used for encryption and signing operations, while the domain master public key is used for decryption of domain master and authentication operations to ensure secure intra/inter domain communication and authentication.
When registering attribute mechanisms, in the attribute authority cluster, each attribute mechanism selects two random numbers alpha and beta and serves as a private key of the attribute mechanismGenerating e (g, g) α And g β The public key of the attribute mechanism is generated as a calculation, namely the public key of the attribute mechanism is +.>Wherein e is a bilinear map, which is a very important cryptographic primitive widely used in many cryptosystems, such as identity encryption, attribute encryption, etc., and can correlate two different groups of operations so as to enable design and verification, G is a generator of the cyclic group G, and the role of the generator G is mainly reflected in performing various exponent operations, and is a basis for constructing public key ciphers based on discrete logarithm problems.
With continued reference to fig. 3, a flow chart of one embodiment of a cross-domain digital signature method based on attribute-based encryption is shown in accordance with the present application.
The embodiment of the application discloses a cross-domain digital signature method based on attribute encryption, the cross-domain digital signature method is applied to an inner cross-domain and outer cross-domain combined signature system, the inner cross-domain and outer cross-domain combined signature system is built on a blockchain network, the inner cross-domain and outer cross-domain combined signature system comprises an identity chain, a alliance chain, a data memory and an attribute authorization center cluster, the alliance chain comprises a service node, an agent node and an aggregate signature node, the inner cross-domain and outer cross-domain combined signature system further comprises a plurality of domain spaces, each domain space is provided with a matched agent node in the alliance chain, and the cross-domain digital signature method comprises:
s201, registering all the co-signing participants into an internal and external cross-domain co-signing system, and determining the domain space of each co-signing participant, wherein the co-signing participants comprise co-signing sponsors and to-be-signed parties.
In this embodiment, the user (i.e. each co-signing participant) first applies for public-private key registration to the certificate authority CA of the domain to which it belongs, and the certificate authority CA generates the private key usk and the public key upk of each co-signing participant. Since the identity chain is a distributed ledger, in order not to expose the user's information, zero knowledge identities need to be used to generate zero knowledge identities for the user.
Meanwhile, the CA center of the domain to which the user belongs generates an identity tag for the user i =Hash(ID i GID. The identity information (tag) of the user is then added to the user i ,ID i ) Domain member list added to the domainInside. If the user is also one of the signers of the collaborative co-signing of the electronic document, adding the user to a co-signing group member list +.>Inside. It should be noted that if the user is not one of the members of the present tag, the user only needs to add to the domain member list.
After the user's identity registration is completed, the identity chain (e.g., blockchain X in fig. 2) establishes a credit list library for each domain, storing the credit identity and credit score of the legitimate user after each identity registration. If the user credit mark is '1', the user credit mark is positioned in a credit white list; if the user credit mark is '0', the user credit mark is positioned in a credit blacklist, and the credit score is adjusted according to the behavior of each co-sign.
Further, with continued reference to fig. 4, fig. 4 shows a flowchart of another embodiment of a cross-domain digital signature method based on attribute encryption according to the present application, before the step of obtaining a document co-signing request initiated by a co-signing initiator and performing cross-domain broadcasting on the document co-signing request through a proxy node of a domain space to which the co-signing initiator belongs, the method further includes:
s211, a symmetric key and a key pair of a co-signing initiator are obtained;
S212, acquiring the to-be-combined signature data uploaded by the combined signature initiator, encrypting the to-be-combined signature data by using a symmetric key, generating a document ciphertext, and storing the document ciphertext into a data memory;
s213, transmitting the public key of the key pair to the attribute authority cluster;
s214, acquiring an attribute set of the to-be-signed party through the attribute authorization center cluster, and generating an attribute key based on the attribute set of the to-be-signed party and a public key of the key pair;
s215, carrying out attribute encryption on the symmetric key by using the attribute key to obtain attribute ciphertext data;
s216, carrying out hash operation on the to-be-combined label data to obtain a hash value of the to-be-combined label data;
s217, acquiring a position index address of a bill ciphertext on a data storage, and generating metadata of the to-be-combined label data based on attribute ciphertext data, a hash value of the to-be-combined label data and the position index address, wherein the metadata of the to-be-combined label data further comprise a hash value of a user identity of a combined label initiator, a digital signature of the combined label initiator, a credit grading identifier of the combined label initiator and a time stamp;
and S218, broadcasting the metadata of the document to be signed on a block chain network.
In this embodiment, before the co-signing, the encryption uploading operation of the to-be-co-signed document is also required. In particular, the identity chain needs to generate symmetric keys and key pairs for the co-signing initiator for subsequent data encryption and digital signature operations. After the to-be-combined signature uploaded by the combined signature initiator, the system encrypts the to-be-combined signature data by using the acquired symmetric key to generate a document ciphertext, and stores the document ciphertext into a data memory. Meanwhile, the co-signing initiator needs to transmit the public key of the key pair to the attribute authority center cluster for generating the attribute key subsequently, the system acquires the attribute set of the party to be signed through the attribute authority center cluster, the attributes are used for generating the attribute key, the system generates the attribute key by using the attribute set of the party to be signed and the public key of the key pair, and the generated attribute key is used for carrying out attribute encryption on the symmetric key to obtain the attribute ciphertext data. The system carries out hash operation on the to-be-combined signature data to obtain a hash value of the to-be-combined signature data, obtains a position index address of a bill ciphertext on a data storage, and generates metadata of the to-be-combined signature data by using attribute ciphertext data, the hash value of the to-be-combined signature data, the position index address and other related information, wherein the metadata also comprises the hash value of a user identity of a combined signature initiator, a digital signature of the combined signature initiator, a credit score identifier of the combined signature initiator, a time stamp and the like.
In a specific embodiment of the present application, with continued reference to fig. 2, if user a is the creator of the (electronic document) data, a symmetric key is generated, the symmetric key is used to encrypt the (electronic document) data symmetrically to generate ciphertext, and the ciphertext is uploaded to the IPFS system, which returns the stored location index address Hash ipfs And the user A acquires the attribute public key sent by the attribute authorization center cluster, and uses the attribute public key symmetric key to encrypt the attribute. At the same time, user A can obtain metadata of (electronic document file) data<CT k ,Hash m ,Hash ipfs ,Hash(tag i //ID i ),σ,R i ,T i >Wherein CT is k Is the key ciphertext encrypted by the attribute and is Hash m Is the Hash value obtained by the Hash function (such as SHA-256) operation of the file data, and is Hash ipfs Representing (electronic document file) the location index address of data stored on IPFS, hash (tag) i //ID i ) Is the hash value of the user identity, sigma is the digital signature of the user, R i Is the credit identity and credit score of the user, T i Is a time stamp.
User a records the metadata onto the blockchain, where each block on the chain contains the hash value of the previous block, which can be used to retrieve the block. In addition, the time stamps generated on the chain ensure that the blocks are time efficient and the newly generated blocks will be broadcast on the chain. The receiving node verifies the correctness according to the consensus algorithm, and if the correctness is met, the receiving node transmits the information to other nodes. After most nodes verify correctness, blocks are added to the blockchain to realize the functions of permanently storing and sharing data.
Further, after the steps of registering all the tag participants in the internal and external cross-domain tag system and determining the domain space to which each tag participant belongs, the method further comprises:
applying for and registering the key pair to the certificate authority of each co-signing party in the identity chain to obtain the key pair of each co-signing party;
carrying out identity verification on each co-signing party by using a first key pair of the key pair of each co-signing party and a preset zero-knowledge identity verification algorithm to obtain a zero-knowledge identity verification result of each co-signing party;
and uploading the zero-knowledge identity verification result of each co-signing party to an identity chain.
Zero-Knowledge Proof of identity (ZKP) is a cryptographic protocol used to prove the authenticity of a statement without revealing any information about the statement to the verifier, i.e. revealing no Knowledge. In zero-knowledge identity verification, a prover can prove the correctness of a statement to a verifier, and the verifier can only draw out whether the conclusion is correct or not, but cannot know the concrete content of the statement.
In this embodiment, in the co-signing system, it is necessary to register information of all the parties in the system and determine a domain space to which each party belongs, so as to facilitate subsequent identity verification and authority verification, and each party needs to apply and register a key pair to the certificate authority for subsequent identity verification and digital signature operations. The system uses the first key pair of the key pair of each participant and a preset zero knowledge identity verification algorithm to carry out identity verification on each participant, and the system can obtain a zero knowledge identity verification result of each participant through carrying out identity verification, namely verifying whether the identity of the participant is valid or not. And finally uploading the zero-knowledge identity verification result of each participant to an identity chain so that other participants can verify the identity of the participant and perform subsequent authority verification and interaction operation.
The steps are key steps of identity verification and registration processes in the co-signing system, the identity validity of each participant can be ensured through the steps, and necessary identity credentials and authority verification basis are provided for subsequent co-signing operation.
Further, the step of obtaining the second key pair by performing key transformation on the first key pair includes:
generating a second random number after the joint signature participant passes the zero knowledge identity verification;
a second public key is generated from the first public key and the second random number calculation.
In this embodiment, after the identity chain receives the zero knowledge identity ψ of the user, the identity chain selects a random number γ, and generates the second public key of the user by calculation according to the following formula:
upk ′ =(g usk ) γ
after generating the second public key of the user, the second public key is then submitted to the up-link certificate in the form of a transaction. When generating an attribute key for the user, the identity chain links two public keys (upk, upk ′ ) The attribute authority cluster is given as part of the input to the key generation algorithm to generate the attribute key.
Further, the key pair includes a first key pair and a second key pair, where the second key pair is obtained by performing key transformation on the first key pair, the first key pair includes a first public key and a first private key, the second key pair includes a second public key and a second private key, and the step of transmitting the public key of the key pair to the attribute authority cluster includes:
The first public key and the second public key are transmitted to the attribute authority cluster.
In this embodiment, the key pair is composed of a public key and a private key, wherein the first key pair includes a first public key and a first private key, and the second key pair includes a second public key and a second private key. In the step of transmitting the public key of the key pair to the attribute authority cluster, a first public key is requiredupk and second public key upk ′ And the public key information of the co-signing party can be obtained by the attribute authorization center cluster and used for subsequent identity verification, authority verification and attribute key generation.
Through the steps, the attribute authorization center cluster can be ensured to obtain the public key information of the co-signing party so as to carry out subsequent authentication, authority control and attribute key generation operation.
Further, the step of obtaining the attribute set of the party to be signed through the attribute authority center cluster and generating the attribute key based on the attribute set of the party to be signed and the public key of the key pair includes:
determining attribute mechanisms corresponding to each attribute in an attribute set of a party to be signed, wherein an attribute authorization center cluster comprises a plurality of attribute mechanisms;
generating a first random number for an attribute mechanism corresponding to each attribute;
Calculating a first attribute key from the first public key and the first random number, and calculating a second attribute key from the second public key and the first random number;
and combining the first attribute key and the second attribute key to obtain the attribute key.
In this embodiment, in the attribute authority cluster, an attribute mechanism corresponding to each attribute in the attribute set of the party to be signed needs to be determined, and the attribute mechanism may be understood as a mechanism or organization responsible for managing and maintaining a certain attribute. To generate the attribute key, a random number t needs to be generated for each attribute mechanism corresponding to each attribute i Random number t i Is a randomly generated value for subsequent attribute key calculations.
In a specific embodiment of the present application, when user B wants to access user a's (electronic document) data across domains, the attribute authorization cluster receives two public keys (upk ) of the user sent by the identity chain ′ ) The attribute authorization cluster obtains a personal attribute set of the user B, each attribute mechanism in the cluster selects a random number δ, and then calculates an attribute key according to the following formula:
ASK 2 =upk ′δ
in ASK 1 ASK is the first attribute key 2 For the second attribute key, n is the number of personal attributes in the personal attribute set for user B. Combining the first attribute key and the second attribute key to obtain an attribute key Ask= (ASK) 1 ,ASK 2 ) The attribute key ASK is fed back to the user B together with the first public key upk.
In a specific embodiment of the present application, the CA node of each domain is the attribute space of the domainEvery attribute in->Selecting a random number t i ,t i Is part of generating the attribute private key.
Further, the attribute key includes an attribute public key and an attribute private key, and after the step of combining the first attribute key and the second attribute key to obtain the attribute key, the method further includes:
transmitting the attribute public key to a co-signing initiator;
and carrying out attribute encryption on the symmetric key by using the attribute public key to obtain attribute ciphertext data.
In this embodiment, the attribute authority cluster needs to send the attribute public key to the co-signing initiator, so that the co-signing initiator can obtain the attribute public key for subsequent attribute data encryption operation. And the attribute public key is used for carrying out attribute encryption operation on the symmetric key, the attribute ciphertext data can be obtained by encrypting the symmetric key by using the attribute public key, and only the mechanism with the corresponding attribute private key can decrypt and obtain the original symmetric key, so that the security of the symmetric key is ensured.
S202, acquiring a bill combined sign request initiated by a combined sign initiator, determining a to-be-signed party, carrying out cross-domain broadcasting on the bill combined sign request through an agent node of a domain space to which the combined sign initiator belongs, and sending the bill combined sign request to the to-be-signed party.
In this embodiment, user A writes a tag request message Msg 1 ,Msg 1 The message content is approximately "on-chain XXX metadata associated electronic document needsAll members in the group member list are signed together, and then user A signs the message Msg 1 Digitally signing with its own private key and performing a whole network broadcast on the blockchain.
If all members in the group member list are members in the domain, only using the domain to carry out whole network broadcasting; if the group member list includes members of other domains (such as user B and user D of domain N), the message is sent to the proxy node of the associated domain (such as proxy node Alpha of domain M), and the proxy node Alpha broadcasts the tag request message Msg 1 To the domain N, the proxy node Beta of the domain N receives the co-signing request message Msg 1 And broadcast within domain N.
It should be noted that, after receiving the broadcast message, if the data user (e.g., user C) and the data owner (e.g., user a) all belong to the same domain, the data user may verify the digital signature of the information using the locally stored public key of user a. Otherwise, the data user (e.g., user B) verifies the message by the CA node of the domain (e.g., CA node of domain N) using the attribute private key and the temporary certificate stored on the identity chain.
Further, the steps of acquiring a bill combined sign request initiated by a combined sign initiator, determining a to-be-signed party, performing cross-domain broadcasting on the bill combined sign request through an agent node of a domain space to which the combined sign initiator belongs, and sending the bill combined sign request to the to-be-signed party include:
analyzing the document joint signing request and determining a to-be-signed party corresponding to the to-be-joint signing document;
judging whether the party to be signed and the co-signing initiator are in the same domain space;
when the party to be signed and the co-signing initiator are in the same domain space, the document co-signing request is broadcasted in the domain space of the co-signing initiator;
when the party to be signed and the co-signing initiator are not in the same domain space, the proxy node of the domain space to which the co-signing initiator belongs is used for carrying out cross-domain broadcasting on the document co-signing request, and the document co-signing request is sent to the party to be signed.
In this embodiment, after the co-signing initiator initiates the document co-signing request, the request needs to be parsed to determine the to-be-signed party corresponding to the to-be-signed document, which may be accomplished by parsing the relevant information in the request, such as the identifier or other identification information of the to-be-signed party. After determining the party to be signed, it needs to determine whether the party to be signed and the co-signing initiator are in the same domain space, where the domain space refers to a set of entities with the same authority and access rule, and if the party to be signed and the co-signing initiator are in the same domain space, intra-domain broadcasting can be performed. If the party to be signed and the co-signing initiator are in the same domain space, the co-signing initiator can directly broadcast the document co-signing request to other nodes in the domain space so as to be received and processed by the party to be signed. If the party to be signed and the co-signing initiator are not in the same domain space, the co-signing initiator needs to perform cross-domain broadcasting through a proxy node of the domain space, and the proxy node can forward the document co-signing request to the domain space where the party to be signed is located so as to be received and processed by the party to be signed.
Through the steps, the co-signing initiator can send the bill co-signing request to the party to be signed, and can select to carry out intra-domain broadcasting or cross-domain broadcasting according to whether the party to be signed and the co-signing initiator are in the same domain space, so that the party to be signed can be ensured to receive the bill co-signing request in time, and subsequent processing can be carried out.
S203, after receiving the bill signing request, the party to be signed performs authority verification on the party to be signed, wherein the authority verification comprises cross-domain authority verification and access authority authentication.
In this embodiment, the party to be signed needs to satisfy the verification of two contracts, namely, verifying the intelligent contract by cross-domain authority, wherein the purpose of the contract is to authenticate the legitimacy of the cross-domain authority of the party to be signed, namely, to verify whether the identity of the party to be signed can be accessed in a cross-domain manner. And secondly, the access authority authenticates the intelligent contract, namely, whether the attribute owned by the party to be signed meets the access policy formulated by the co-signing initiator is checked.
Further, after the signing party receives the bill signing request, the step of verifying the authority of the signing party comprises the following steps:
acquiring intelligent contracts of a blockchain network, wherein the intelligent contracts comprise cross-domain authority verification intelligent contracts and access authority authentication intelligent contracts;
Performing cross-domain authority verification on a party to be signed based on a cross-domain authority verification intelligent contract and a preset Proof verification mechanism;
and verifying the access right of the party to be signed based on the access right authentication intelligent contract and a preset linear secret sharing algorithm.
In this embodiment, the system needs to acquire smart contracts in the blockchain network, including cross-domain rights verification smart contracts and access rights authentication smart contracts. The cross-domain authority verification is carried out on the party to be signed based on the cross-domain authority verification intelligent contract and a preset Proof verification mechanism, wherein the Proof verification mechanism is an algorithm for verifying evidence, and can ensure that the cross-domain authority of the party to be signed is legal and effective. Based on the access right authentication intelligent contract and a preset linear secret sharing algorithm, the access right authentication is carried out on the party to be signed, the linear secret sharing algorithm is an algorithm for protecting access control information, the party to be signed can be ensured to have the access right, and in the access right authentication process, the party to be signed needs to provide a corresponding secret key to prove that the party to be signed has the access right.
Through the steps, the party to be signed can conduct authority verification on the bill combined signature request so as to ensure the validity of the request. This prevents unauthorized access and tampering, protecting the security and integrity of the data.
In a specific embodiment of the present application, the cross-domain authority verification smart contract verification process of user B is as follows:
user B calculates an access authentication keyAnd a valid attribute user key AUK 1 =AK 1 ,AUK 2 =(AK 2 ) 1/usk ,AUK=(AUK 1 ,AUK 2 ). The user saves the (usk, upk, ATK, AUK) local secret and sends the ATK to the federation chain.
User B selects two random numbers r 1 And r 2 And calculates the following parameters:
h=Hash(CT k ,r 2 ,T)
y=r 1 +c·usk(modp)
in the formula, h is the current time stamp T and the random number r 2 And key ciphertext CT k The hash value obtained by performing the hash operation,carrying out exponential operation on h and a private key usk of the user B to obtain a result, p 1 Is to carry out random number r on h 1 Results of the exponential operation of (c), p 2 The authentication token ATK is subjected to random number r 1 C is the result of the exponential operation on the access authentication key ATK, the private key usk of user B,/h>p 1 、p 2 The result obtained by this is that y is obtained by multiplying c by the private key usk and then by multiplying the result of modulo the large prime number p by the random number r 1 Results were obtained.
User B will then proveAnd msg=<CT k ,r 2 ,T,ATK>Together to the federation chain.
The intelligent contracts of the federation chain verify the Proof. First, the validity of the timestamp, i.e. whether the federation chain received the Proof within a set maximum delay time (Δt), is checked, and if the Proof is received within the maximum delay time Δt, it is calculated from the contents of Proof and Msg:
h=Hash(CT k ,r 2 ,T)
meanwhile, it is checked whether the following two formulas are established:
ATK y =p 2 ·upk c
if the two formulas are true, this indicates that the access rights are valid.
In a specific embodiment of the present application, the access right verification smart contract verification process of the user B is as follows:
the tree access strategy is converted into an LSSS matrix W by using a linear secret sharing algorithm (LSSS), and the number of rows of the matrix is the number of leaf nodes of the access control tree, namely the number of attributes in the access strategy.
If the nature of the user binding can satisfy the access policy, a vector can be found(or there is a vector +)>) Can let->If so, the verification result satisfying the intelligent contract is True.
And S204, after the party to be signed passes the authority verification, the document ciphertext stored in the data storage in advance is sent to the party to be signed, wherein the document ciphertext is ciphertext data generated after encrypting the document to be signed by using the symmetric key.
In this embodiment, if the cross-domain authority verification intelligent contract and the access authority verification intelligent contract are both True, the party to be signed is proved to be a legal visitor, and the IPFS feeds back the file data ciphertext to the party to be signed. Meanwhile, the IPFS feeds back the re-encryption key generated according to the true verification result and the public key of the party to be signed to the attribute authorization center cluster through the secure channel, so that the attribute private key can be re-encrypted by the subsequent attribute authorization center cluster through the re-encryption key.
S205, the metadata of the to-be-signed bill, which is broadcast in advance on the blockchain network, is sent to the to-be-signed party, wherein the metadata of the to-be-signed bill comprises attribute ciphertext data generated after the symmetric key is subjected to attribute encryption.
In this embodiment, after the signing party obtains the plaintext of the attribute private key, the metadata of the to-be-combined signing bill is searched on the blockchain network, and the symmetric key ciphertext CT is extracted from the metadata storage k And decrypting by using the attribute private key to obtain the symmetric key k. And then decrypting the document ciphertext obtained from the IPFS by adopting the symmetric key k, thereby obtaining the plaintext of the document to be signed.
S206, obtaining the attribute key corresponding to the party to be signed from the attribute authority center cluster, and decrypting the attribute ciphertext data by using the attribute key to obtain the plaintext of the symmetric key.
In this embodiment, after the attribute authorization center cluster uses the re-encryption key to re-encrypt the attribute private key, the re-encrypted data is sent to the party to be signed, and the party to be signed uses the private key to decrypt the re-encrypted data, so as to obtain the plaintext of the attribute private key.
Further, the step of obtaining the attribute key corresponding to the party to be signed from the attribute authority center cluster, and decrypting the attribute ciphertext data by using the attribute key to obtain the plaintext of the symmetric key comprises the following steps:
acquiring a first public key of a to-be-signed party, and re-encrypting the attribute private key by using the first public key of the to-be-signed party to obtain re-encrypted data;
the re-encrypted data is sent to a party to be signed, and the re-encrypted data is decrypted by using a first private key of the party to be signed, so that a plaintext of the attribute private key is obtained;
downloading metadata of the to-be-combined signing bill from the blockchain network, and identifying attribute ciphertext data in the metadata of the to-be-combined signing bill;
and decrypting the attribute ciphertext data by using the attribute private key to obtain a plaintext of the symmetric key.
In this embodiment, first, the attribute authority cluster needs to obtain a first public key of a party to be signed, where the public key is a public key used for re-encrypting an attribute private key, and the attribute authority cluster uses the first public key of the party to be signed to perform a re-encryption operation on the attribute private key to obtain re-encrypted data. And the attribute authorization center cluster sends the re-encrypted data to the party to be signed, and the party to be signed uses the first private key of the party to be signed to decrypt the re-encrypted data, so that the plaintext of the attribute private key is obtained. Then, the party to be signed needs to download the metadata of the to-be-signed bill from the blockchain network, and the metadata of the to-be-signed bill contains attribute ciphertext data, namely attribute data encrypted by using a symmetric key. The attribute private key acquired before the signing party uses the attribute private key to decrypt the attribute ciphertext data, so that the plaintext of the symmetric key is obtained, the security of the symmetric key can be ensured, and meanwhile, the signing party can be ensured to correctly decrypt the attribute ciphertext data, and the original attribute data is acquired.
Through the steps, the co-signing initiator can acquire the attribute key corresponding to the party to be signed, and decrypt the attribute ciphertext data by using the attribute key to obtain the plaintext of the symmetric key, so that the party to be signed can be ensured to correctly decrypt the attribute ciphertext data, and the original attribute data is acquired.
S207, decrypting the document ciphertext by using the symmetric key to obtain the plaintext of the to-be-signed document, and indicating the to-be-signed party to sign the to-be-signed document to obtain the co-signed signature.
In this embodiment, the symmetric key k is used to decrypt the document ciphertext obtained from the IPFS to obtain the plaintext of the document to be signed, and then the signing party uses the signature private key SK i And signing the to-be-signed bill to obtain the combined signature.
When registering the co-signing participants, the CA node of each co-signing participant creates a blockchain wallet for the user through the identity chain, and generates a private key fragment PSK for the user according to the blockchain wallet i And a public key sent to the user over the secure channel. After receiving the private key fragment, the user generates a complete private key, namely a signature private key SK i The signature private key SK i For digital signatures. The public key of the user is published outwards on the identity chain, the private key is stored in a secret mode, the user can traverse the whole identity chain through the identity attribute of the public key to search the public key, and the user identity information (tag i ,ID i ) Binding with the public key to generate an identity certificate and issuing the identity certificate to an identity chain.
In a specific embodiment of the present application, when the group signature listA plurality of parties to be signed (such as a user C in a domain M, a user B in a domain N, a user D and the like) are arranged, each party to be signed reviews the electronic document content to be signed, and after the electronic document content to be signed is reviewed, the document data is respectively digitally signed, for example, when N parties to be signed sign, N digital signatures sigma are generated i {σ 1 ,σ 2 ,...,σ n }。
Each signing party submits the signed file to the proxy node of the domain, such as the proxy node Beta of the domain N submitted by the user B, and the proxy node verifies the signature sigma i If the validity of the command is verified, outputting True and receiving sigma i As legal signature of the document file, and adding 1 to the credit value of the user; otherwise, outputting False, the signature submitted by the user is illegal, and the credit value of the user is subtracted by 1, so that serious malicious persons can directly add the signature to the blacklist library, or selectively and synchronously execute some punishments, such as not allowing the user to participate in the co-signing in a period of time, or requiring to pay more 'cost' to participate in the co-signing, and the like.
And S208, uploading the combined signature through a proxy node of a domain space to which the party to be signed belongs, and aggregating the combined signature through an aggregation signature node to obtain a combined signature result of the single to be combined signature.
In this embodiment, in order to improve the verification efficiency of the signature and reduce the storage space of the signature, the present invention needs to compress a plurality of digital signatures of the combined signature, and the aggregation mode includes two modes:
signature aggregation method one: when the agent node in the blockchain Y (e.g., agent node Beta in domain N) collects all legal digital signatures of the signer in the domain (e.g., user B, etc.), it sends the collected signatures to the combined signature aggregation node, which aggregates the collected signatures to generate the final aggregated signature sigma.
Signature aggregation method II: when the proxy nodes in the blockchain Y collect all legal digital signatures of signers in the affiliated domain, first-stage aggregation is performed, partial aggregation signatures sigma 'are generated, and then the respective partial aggregation signatures sigma' are sent to the combined signature aggregation nodes by the proxy nodes, and secondary aggregation is performed by the combined signature aggregation nodes to generate a final aggregation signature sigma.
After the co-signing result of the to-be-co-signed bill is obtained, the co-signing result also needs to be checked. Specifically, after the aggregate signature is received by the data federation initiator (e.g., user a) or the service node, an aggregate signature check contract is invoked to verify the validity of the aggregate signature. If the aggregate signature is valid, the signature is accepted, and the electronic document is successfully internally and externally signed; if not, the signature is rejected.
And uploading the document file which is signed by the combined signature and confirmed to be error-free to the IPFS after symmetric encryption, obtaining a hash value of the IPFS storage position, and packaging and recording the hash abstract finger, the aggregated signature and the timestamp on the blockchain.
And the document file with successful combined signing is symmetrically encrypted by a key generated by the combined signing aggregation node, and then uploaded to the IPFS, and the corresponding metadata is uplink. If the service node wants to access and acquire the document file with successful tag, the service node needs to send a data acquisition request, and can download the document file after the data acquisition request is verified.
And if the attribute of the service node passes the authority verification, the service node is authorized to access the data if the access strategy is met, and when the service node obtains the authority of the access data, the service node can search and obtain the hash index of the required electronic document on the blockchain and then obtain the original complete ciphertext file data in the IPFS under the chain. After receiving the information that the user attribute meets the access strategy, the attribute authorization mechanism distributes an attribute private key to the user, the user uses the key to decrypt the ciphertext of the symmetric key to obtain the symmetric key, and then uses the symmetric key to decrypt the original complete ciphertext file data downloaded from the IPFS in advance, thereby obtaining the plaintext of the document file and realizing the access sharing of the document file.
In the above embodiment, the application discloses a cross-domain digital signature method based on attribute encryption, which belongs to the field of digital signature of blockchain technology. The cross-domain digital signature method is applied to an internal and external cross-domain signature system, the internal and external cross-domain signature system is built on a blockchain network, the internal and external cross-domain signature system comprises an identity chain, a alliance chain, a data storage and an attribute authorization center cluster, the alliance chain comprises a service node, an agent node and an aggregate signature node, the internal and external cross-domain signature system further comprises a plurality of domain spaces, each domain space is provided with a matched agent node in the alliance chain, the application carries out cross-domain broadcasting on a bill signature request through the agent node on the alliance chain, an attribute key is generated based on the attribute authorization center cluster, the attribute key is used for encrypting and decrypting a symmetric key, the symmetric key is used for encrypting and decrypting the to-be-signed data so as to ensure key safe transmission, and finally the aggregate signature is aggregated by combining the aggregate signature. The method and the device realize internal and external cross-domain joint signature by using the blockchain technology, and can ensure the safety, the reliability and the non-tamper property of data.
In this embodiment, the electronic device (for example, the server shown in fig. 1) on which the cross-domain digital signature method based on attribute encryption operates may receive the instruction or acquire the data through a wired connection manner or a wireless connection manner. It should be noted that the wireless connection may include, but is not limited to, 3G/4G connections, wiFi connections, bluetooth connections, wiMAX connections, zigbee connections, UWB (ultra wideband) connections, and other now known or later developed wireless connection means.
The blockchain referred to in the application is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and the like. The Blockchain (Blockchain), which is essentially a decentralised database, is a string of data blocks that are generated by cryptographic means in association, each data block containing a batch of information of network transactions for verifying the validity of the information (anti-counterfeiting) and generating the next block. The blockchain may include a blockchain underlying platform, a platform product services layer, an application services layer, and the like.
Those skilled in the art will appreciate that implementing all or part of the processes of the methods of the embodiments described above may be accomplished by way of computer readable instructions, stored on a computer readable storage medium, which when executed may comprise processes of embodiments of the methods described above. The storage medium may be a nonvolatile storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a random access Memory (Random Access Memory, RAM).
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited in order and may be performed in other orders, unless explicitly stated herein. Moreover, at least some of the steps in the flowcharts of the figures may include a plurality of sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, the order of their execution not necessarily being sequential, but may be performed in turn or alternately with other steps or at least a portion of the other steps or stages.
With further reference to fig. 5, as an implementation of the method shown in fig. 3, the application provides an embodiment of a cross-domain digital signature apparatus based on attribute encryption, where the embodiment of the apparatus corresponds to the embodiment of the method shown in fig. 3, and the apparatus may be specifically applied to various electronic devices.
As shown in fig. 5, the cross-domain digital signature device 500 based on attribute encryption according to the present embodiment is used for running an internal and external cross-domain signature system, the internal and external cross-domain signature system is built on a blockchain network, the internal and external cross-domain signature system includes an identity chain, a federation chain, a data storage and an attribute authorization center cluster, the federation chain includes a service node, an agent node and an aggregate signature node, the internal and external cross-domain signature system further includes a plurality of domain spaces, each domain space is configured with a matched agent node in the federation chain, and the cross-domain digital signature device 500 includes:
the co-signing registration module 501 is configured to register all co-signing participants in an internal and external cross-domain co-signing system, and determine a domain space to which each co-signing participant belongs, where the co-signing participants include a co-signing initiator and a party to be signed;
the cross-domain broadcasting module 502 is configured to obtain a document combined sign request initiated by a combined sign initiator, determine a party to be signed, and perform cross-domain broadcasting on the document combined sign request through an agent node of a domain space to which the combined sign initiator belongs, and send the document combined sign request to the party to be signed;
The authority verification module 503 is configured to perform authority verification on the party to be signed after the party to be signed receives the document combined signature request, where the authority verification includes cross-domain authority verification and access authority authentication;
the ciphertext sending module 504 is configured to send a document ciphertext stored in the data storage in advance to the party to be signed after the party to be signed passes the authority verification, where the document ciphertext is ciphertext data generated by encrypting the document to be signed using a symmetric key;
the metadata sending module 505 is configured to send metadata of a to-be-signed document pre-broadcast on a blockchain network to a party to be signed, where the metadata of the to-be-signed document includes attribute ciphertext data generated after attribute encryption of a symmetric key;
the attribute decryption module 506 is configured to obtain an attribute key corresponding to the party to be signed from the attribute authority center cluster, and decrypt the attribute ciphertext data by using the attribute key to obtain a plaintext of the symmetric key;
the document decryption module 507 is configured to decrypt the document ciphertext by using the symmetric key to obtain a plaintext of the to-be-signed document, and instruct the to-be-signed party to sign the to-be-signed document to obtain a co-signed signature;
And the combined signature module 508 is used for uploading the combined signature through the proxy node of the domain space of the party to be signed, and aggregating the combined signature through the aggregation signature node to obtain the combined signature result of the single to be combined signature.
Further, the cross-domain digital signature apparatus 500 based on attribute encryption further includes:
the key acquisition module is used for acquiring a symmetric key and a key pair of the co-signing initiator;
the document encryption module is used for acquiring the to-be-combined signature data uploaded by the combined signature initiator, encrypting the to-be-combined signature data by using the symmetric key, generating a document ciphertext, and storing the document ciphertext into the data memory;
the public key transmission module is used for transmitting the public key of the key pair to the attribute authorization center cluster;
the attribute key generation module is used for acquiring an attribute set of the party to be signed through the attribute authorization center cluster and generating an attribute key based on the attribute set of the party to be signed and a public key of the key pair;
the attribute encryption module is used for carrying out attribute encryption on the symmetric key by using the attribute key to obtain attribute ciphertext data;
the hash operation module is used for carrying out hash operation on the to-be-combined label data to obtain a hash value of the to-be-combined label data;
The metadata generation module is used for acquiring a position index address of the bill ciphertext on the data storage, and generating metadata of the to-be-combined signature based on the attribute ciphertext data, the hash value of the to-be-combined signature data and the position index address, wherein the metadata of the to-be-combined signature data further comprises the hash value of the user identity of the combined signature initiator, the digital signature of the combined signature initiator, the credit score identifier of the combined signature initiator and the time stamp;
and the metadata broadcasting module is used for broadcasting the metadata of the bill to be signed on the block chain network.
Further, the key pair includes a first key pair and a second key pair, wherein the second key pair is obtained by performing key transformation on the first key pair, the first key pair includes a first public key and a first private key, the second key pair includes a second public key and a second private key, and the public key transmission module includes:
the public key transmission sub-module is used for transmitting the first public key and the second public key to the attribute authorization center cluster;
further, the attribute key generation module includes:
the attribute mechanism determining submodule is used for determining attribute mechanisms corresponding to each attribute in the attribute set of the party to be signed, wherein the attribute authorization center cluster comprises a plurality of attribute mechanisms;
The first random number generation sub-module is used for generating a first random number for the attribute mechanism corresponding to each attribute;
the attribute key calculation sub-module is used for calculating a first attribute key according to the first public key and the first random number and calculating a second attribute key according to the second public key and the first random number;
the attribute key generation submodule is used for combining the first attribute key and the second attribute key to obtain an attribute key;
further, the attribute key includes an attribute public key and an attribute private key, and the public key transmission module further includes:
the attribute public key sending sub-module is used for sending the attribute public key to the co-signing initiator;
and the attribute encryption sub-module is used for carrying out attribute encryption on the symmetric key by using the attribute public key to obtain attribute ciphertext data.
Further, the cross-domain digital signature apparatus 500 based on attribute encryption further includes:
the key pair acquisition module is used for applying and registering a key pair to a certificate authority of each co-signing participant in the identity chain to obtain the key pair of each co-signing participant;
the zero knowledge verification module is used for carrying out identity verification on each co-signing party by using a first key pair of the key pair of each co-signing party and a preset zero knowledge identity verification algorithm to obtain a zero knowledge identity verification result of each co-signing party;
The verification result uploading module is used for uploading the zero-knowledge identity verification result of each co-signing participant to the identity chain;
further, the cross-domain digital signature apparatus 500 based on attribute encryption further includes:
the second random number generation module is used for generating a second random number after the joint signature participant passes the zero knowledge identity verification;
and the second public key generation module is used for generating a second public key according to the first public key and the second random number.
Further, the cross-domain broadcasting module 502 includes:
the to-be-signed party determining submodule is used for analyzing the bill combined sign request and determining the to-be-signed party corresponding to the to-be-combined sign bill;
the co-domain space judging sub-module is used for judging whether the party to be signed and the co-signing initiator are in the same domain space;
the intra-domain broadcasting sub-module is used for carrying out intra-domain broadcasting on the bill joint signing request in the domain space of the joint signing initiator when the party to be signed and the joint signing initiator are in the same domain space;
and the cross-domain broadcasting sub-module is used for carrying out cross-domain broadcasting on the bill joint signing request through the proxy node of the domain space of the joint signing initiator when the party to be signed and the joint signing initiator are not in the same domain space, and sending the bill joint signing request to the party to be signed.
Further, the authority verification module 503 includes:
the intelligent contract acquisition sub-module is used for acquiring intelligent contracts of the blockchain network, wherein the intelligent contracts comprise cross-domain authority verification intelligent contracts and access authority authentication intelligent contracts;
the cross-domain authority verification sub-module is used for carrying out cross-domain authority verification on the party to be signed based on a cross-domain authority verification intelligent contract and a preset Proof verification mechanism;
and the access right authentication sub-module is used for carrying out access right verification on the party to be signed based on the access right authentication intelligent contract and a preset linear secret sharing algorithm.
Further, the attribute decryption module 506 includes:
the re-encryption sub-module is used for acquiring a first public key of the to-be-signed party, and re-encrypting the attribute private key by using the first public key of the to-be-signed party to obtain re-encrypted data;
the re-decryption sub-module is used for sending the re-encrypted data to the party to be signed, and decrypting the re-encrypted data by using the first private key of the party to be signed to obtain the plaintext of the attribute private key;
the attribute ciphertext data identification sub-module is used for downloading metadata of the to-be-combined sign-in list from the blockchain network and identifying attribute ciphertext data in the metadata of the to-be-combined sign-in list;
And the attribute decryption sub-module is used for decrypting the attribute ciphertext data by using the attribute private key to obtain a plaintext of the symmetric key.
In the above embodiment, the application discloses a cross-domain digital signature device based on attribute encryption, which belongs to the field of digital signature of blockchain technology. The cross-domain digital signature method is applied to an internal and external cross-domain signature system, the internal and external cross-domain signature system is built on a blockchain network, the internal and external cross-domain signature system comprises an identity chain, a alliance chain, a data storage and an attribute authorization center cluster, the alliance chain comprises a service node, an agent node and an aggregate signature node, the internal and external cross-domain signature system further comprises a plurality of domain spaces, each domain space is provided with a matched agent node in the alliance chain, the application carries out cross-domain broadcasting on a bill signature request through the agent node on the alliance chain, an attribute key is generated based on the attribute authorization center cluster, the attribute key is used for encrypting and decrypting a symmetric key, the symmetric key is used for encrypting and decrypting the to-be-signed data so as to ensure key safe transmission, and finally the aggregate signature is aggregated by combining the aggregate signature. The method and the device realize internal and external cross-domain joint signature by using the blockchain technology, and can ensure the safety, the reliability and the non-tamper property of data.
In order to solve the technical problems, the embodiment of the application also provides computer equipment. Referring specifically to fig. 6, fig. 6 is a basic structural block diagram of a computer device according to the present embodiment.
The computer device 6 comprises a memory 61, a processor 62, a network interface 63 communicatively connected to each other via a system bus. It is noted that only computer device 6 having components 61-63 is shown in the figures, but it should be understood that not all of the illustrated components are required to be implemented and that more or fewer components may be implemented instead. It will be appreciated by those skilled in the art that the computer device herein is a device capable of automatically performing numerical calculations and/or information processing in accordance with predetermined or stored instructions, the hardware of which includes, but is not limited to, microprocessors, application specific integrated circuits (Application Specific Integrated Circuit, ASICs), programmable gate arrays (fields-Programmable Gate Array, FPGAs), digital processors (Digital Signal Processor, DSPs), embedded devices, etc.
The computer equipment can be a desktop computer, a notebook computer, a palm computer, a cloud server and other computing equipment. The computer equipment can perform man-machine interaction with a user through a keyboard, a mouse, a remote controller, a touch pad or voice control equipment and the like.
The memory 61 includes at least one type of readable storage media including flash memory, hard disk, multimedia card, card memory (e.g., SD or DX memory, etc.), random Access Memory (RAM), static Random Access Memory (SRAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), programmable Read Only Memory (PROM), magnetic memory, magnetic disk, optical disk, etc. In some embodiments, the storage 61 may be an internal storage unit of the computer device 6, such as a hard disk or a memory of the computer device 6. In other embodiments, the memory 61 may also be an external storage device of the computer device 6, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash Card (Flash Card) or the like, which are provided on the computer device 6. Of course, the memory 61 may also comprise both an internal memory unit of the computer device 6 and an external memory device. In this embodiment, the memory 61 is generally used to store an operating system and various application software installed on the computer device 6, such as computer readable instructions of a cross-domain digital signature method based on attribute encryption. Further, the memory 61 may be used to temporarily store various types of data that have been output or are to be output.
The processor 62 may be a central processing unit (Central Processing Unit, CPU), controller, microcontroller, microprocessor, or other data processing chip in some embodiments. The processor 62 is typically used to control the overall operation of the computer device 6. In this embodiment, the processor 62 is configured to execute computer readable instructions stored in the memory 61 or process data, for example, execute computer readable instructions of the cross-domain digital signature method based on attribute encryption.
The network interface 63 may comprise a wireless network interface or a wired network interface, which network interface 63 is typically used for establishing a communication connection between the computer device 6 and other electronic devices.
The application discloses a computer device, which belongs to the field of digital signature of blockchain technology. The cross-domain digital signature method is applied to an internal and external cross-domain signature system, the internal and external cross-domain signature system is built on a blockchain network, the internal and external cross-domain signature system comprises an identity chain, a alliance chain, a data storage and an attribute authorization center cluster, the alliance chain comprises a service node, an agent node and an aggregate signature node, the internal and external cross-domain signature system further comprises a plurality of domain spaces, each domain space is provided with a matched agent node in the alliance chain, the application carries out cross-domain broadcasting on a bill signature request through the agent node on the alliance chain, an attribute key is generated based on the attribute authorization center cluster, the attribute key is used for encrypting and decrypting a symmetric key, the symmetric key is used for encrypting and decrypting the to-be-signed data so as to ensure key safe transmission, and finally the aggregate signature is aggregated by combining the aggregate signature. The method and the device realize internal and external cross-domain joint signature by using the blockchain technology, and can ensure the safety, the reliability and the non-tamper property of data.
The present application also provides another embodiment, namely, a computer-readable storage medium storing computer-readable instructions executable by at least one processor to cause the at least one processor to perform the steps of a cross-domain digital signature method based on attribute-based encryption as described above.
The application discloses a computer readable storage medium, which belongs to the field of digital signature of blockchain technology. The cross-domain digital signature method is applied to an internal and external cross-domain signature system, the internal and external cross-domain signature system is built on a blockchain network, the internal and external cross-domain signature system comprises an identity chain, a alliance chain, a data storage and an attribute authorization center cluster, the alliance chain comprises a service node, an agent node and an aggregate signature node, the internal and external cross-domain signature system further comprises a plurality of domain spaces, each domain space is provided with a matched agent node in the alliance chain, the application carries out cross-domain broadcasting on a bill signature request through the agent node on the alliance chain, an attribute key is generated based on the attribute authorization center cluster, the attribute key is used for encrypting and decrypting a symmetric key, the symmetric key is used for encrypting and decrypting the to-be-signed data so as to ensure key safe transmission, and finally the aggregate signature is aggregated by combining the aggregate signature. The method and the device realize internal and external cross-domain joint signature by using the blockchain technology, and can ensure the safety, the reliability and the non-tamper property of data.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk), comprising several instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method described in the embodiments of the present application.
It is apparent that the embodiments described above are only some embodiments of the present application, but not all embodiments, the preferred embodiments of the present application are given in the drawings, but not limiting the patent scope of the present application. This application may be embodied in many different forms, but rather, embodiments are provided in order to provide a more thorough understanding of the present disclosure. Although the present application has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments described in the foregoing, or equivalents may be substituted for elements thereof. All equivalent structures made by the specification and the drawings of the application are directly or indirectly applied to other related technical fields, and are also within the protection scope of the application.
Claims (10)
1. The cross-domain digital signature method based on attribute encryption is characterized in that the cross-domain digital signature method is applied to an inner and outer cross-domain signature system, the inner and outer cross-domain signature system is built on a blockchain network, the inner and outer cross-domain signature system comprises an identity chain, a alliance chain, a data storage and an attribute authorization center cluster, the alliance chain comprises a service node, an agent node and an aggregate signature node, the inner and outer cross-domain signature system further comprises a plurality of domain spaces, each domain space is provided with a matched agent node in the alliance chain, and the cross-domain digital signature method comprises the following steps:
registering all the co-signing participants into the internal and external cross-domain co-signing system, and determining the domain space of each co-signing participant, wherein the co-signing participants comprise a co-signing initiator and a to-be-signed party;
acquiring a bill combined sign request initiated by the combined sign initiator, determining a to-be-signed party, carrying out cross-domain broadcasting on the bill combined sign request through an agent node of a domain space to which the combined sign initiator belongs, and sending the bill combined sign request to the to-be-signed party;
after the signing party receives the bill signing request, carrying out authority verification on the signing party, wherein the authority verification comprises cross-domain authority verification and access authority authentication;
After the signing party passes the authority verification, a receipt ciphertext pre-stored in the data memory is sent to the signing party, wherein the receipt ciphertext is ciphertext data generated by encrypting the signing data to be linked by using a symmetric key;
the metadata of the to-be-signed bill broadcasted in advance on the blockchain network is sent to a to-be-signed party, wherein the metadata of the to-be-signed bill comprises attribute ciphertext data generated after the symmetric key is subjected to attribute encryption;
acquiring an attribute key corresponding to the party to be signed from the attribute authorization center cluster, and decrypting the attribute ciphertext data by using the attribute key to obtain a plaintext of the symmetric key;
decrypting the document ciphertext by using the symmetric key to obtain the plaintext of the to-be-signed document, and indicating the to-be-signed party to sign the to-be-signed document to obtain a co-signed signature;
uploading the combined signature through a proxy node of a domain space to which the party to be signed belongs, and aggregating the combined signature through the aggregation signature node to obtain a combined signature result of the single to be combined signature.
2. The attribute encryption-based cross-domain digital signature method according to claim 1, further comprising, before the step of obtaining a document combined signature request initiated by the combined signature initiator and performing cross-domain broadcasting on the document combined signature request through a proxy node of a domain space to which the combined signature initiator belongs:
obtaining a symmetric key and a key pair of the co-signing initiator;
the to-be-combined signing data uploaded by the combined signing initiator is obtained, the symmetrical secret key is used for encrypting the to-be-combined signing data, the bill ciphertext is generated, and the bill ciphertext is stored in the data memory;
transmitting the public key of the key pair to the attribute authority cluster;
acquiring an attribute set of the to-be-signed party through the attribute authorization center cluster, and generating the attribute key based on the attribute set of the to-be-signed party and a public key of the key pair;
performing attribute encryption on the symmetric key by using the attribute key to obtain the attribute ciphertext data;
carrying out hash operation on the to-be-combined signing list to obtain a hash value of the to-be-combined signing list;
acquiring a position index address of the bill ciphertext on the data storage, and generating metadata of the to-be-combined sign-in bill based on the attribute ciphertext data, the hash value of the to-be-combined sign-in bill and the position index address, wherein the metadata of the to-be-combined sign-in bill further comprises a hash value of a user identity of the combined sign initiator, a digital signature of the combined sign initiator, a credit score identifier of the combined sign initiator and a time stamp;
And broadcasting the metadata of the to-be-combined sign-in list on a block chain network.
3. The attribute-based encrypted cross-domain digital signature method according to claim 2, wherein the key pair includes a first key pair and a second key pair, wherein the second key pair is obtained by performing a key transformation on the first key pair, the first key pair includes a first public key and a first private key, the second key pair includes a second public key and a second private key, and the step of transmitting the public key of the key pair to the attribute authority cluster includes:
transmitting the first public key and the second public key to the attribute authority cluster;
the step of obtaining the attribute set of the to-be-signed party through the attribute authorization center cluster and generating the attribute key based on the attribute set of the to-be-signed party and the public key of the key pair comprises the following steps:
determining attribute mechanisms corresponding to each attribute in the attribute set of the to-be-signed party, wherein the attribute authorization center cluster comprises a plurality of attribute mechanisms;
generating a first random number for an attribute mechanism corresponding to each attribute;
calculating a first attribute key from the first public key and the first random number, and calculating a second attribute key from the second public key and the first random number;
Combining the first attribute key and the second attribute key to obtain the attribute key;
the attribute key comprises an attribute public key and an attribute private key, and after the step of combining the first attribute key and the second attribute key to obtain the attribute key, the method further comprises:
transmitting the attribute public key to the co-signing initiator;
and carrying out attribute encryption on the symmetric key by using the attribute public key to obtain the attribute ciphertext data.
4. The attribute-based encrypted cross-domain digital signature method according to claim 3, wherein after the step of registering all co-signing participants in the internal and external cross-domain co-signing system and determining the domain space to which each co-signing participant belongs, further comprising:
applying for and registering a key pair to a certificate authority of each co-signing party in the identity chain to obtain a key pair of each co-signing party;
carrying out identity verification on each co-signing party by using a first key pair of a key pair of each co-signing party and a preset zero knowledge identity verification algorithm to obtain a zero knowledge identity verification result of each co-signing party;
Uploading a zero-knowledge identity verification result of each tag participant to the identity chain;
the step of obtaining the second key pair through key transformation of the first key pair comprises the following steps:
generating a second random number after the joint signature participant passes the zero-knowledge identity verification;
and generating the second public key according to the first public key and the second random number.
5. The method for cross-domain digital signature based on attribute encryption as recited in claim 1, wherein the steps of obtaining a document co-signing request initiated by the co-signing initiator, determining a party to be signed, performing cross-domain broadcasting on the document co-signing request through a proxy node of a domain space to which the co-signing initiator belongs, and sending the document co-signing request to the party to be signed comprise:
analyzing the bill combined sign request and determining a to-be-signed party corresponding to the to-be-combined sign bill;
judging whether the party to be signed and the co-signing initiator are in the same domain space or not;
when the party to be signed and the co-signing initiator are in the same domain space, carrying out intra-domain broadcasting on the document co-signing request in the domain space of the co-signing initiator;
And when the party to be signed and the co-signing initiator are not in the same domain space, carrying out cross-domain broadcasting on the document co-signing request through a proxy node of the domain space to which the co-signing initiator belongs, and sending the document co-signing request to the party to be signed.
6. The attribute-based encrypted cross-domain digital signature method according to claim 1, wherein the step of verifying authority of the party to be signed after the party to be signed receives the document combined signature request comprises:
acquiring intelligent contracts of a blockchain network, wherein the intelligent contracts comprise cross-domain authority verification intelligent contracts and access authority authentication intelligent contracts;
performing cross-domain authority verification on the party to be signed based on the cross-domain authority verification intelligent contract and a preset Proof verification mechanism;
and verifying the access right of the party to be signed based on the access right authentication intelligent contract and a preset linear secret sharing algorithm.
7. The cross-domain digital signature method based on attribute encryption as recited in claim 3, wherein the step of obtaining a corresponding attribute key of the party to be signed from the attribute authority cluster, and decrypting the attribute ciphertext data using the attribute key to obtain plaintext of the symmetric key comprises:
Acquiring a first public key of the to-be-signed party, and re-encrypting the attribute private key by using the first public key of the to-be-signed party to obtain re-encrypted data;
the re-encrypted data is sent to the to-be-signed party, and the re-encrypted data is decrypted by using a first private key of the to-be-signed party to obtain a plaintext of an attribute private key;
downloading metadata of the to-be-combined sign-in list from a blockchain network, and identifying attribute ciphertext data in the metadata of the to-be-combined sign-in list;
and decrypting the attribute ciphertext data by using the attribute private key to obtain a plaintext of the symmetric key.
8. The utility model provides a cross-domain digital signature device based on attribute encryption, its characterized in that, cross-domain digital signature device is used for running inside and outside cross-domain alliance system, inside and outside cross-domain alliance system builds on the blockchain network, inside and outside cross-domain alliance system includes identity chain, alliance chain, data storage and attribute authority center cluster, the alliance chain includes service node, proxy node and aggregate signature node, inside and outside cross-domain alliance system still includes a plurality of domain space, every domain space is in the alliance chain configuration has the proxy node of matching, cross-domain digital signature device includes:
The co-signing registration module is used for registering all co-signing participants in the internal and external cross-domain co-signing system and determining the domain space of each co-signing participant, wherein the co-signing participants comprise a co-signing initiator and a to-be-signed party;
the cross-domain broadcasting module is used for acquiring a bill combined sign request initiated by the combined sign initiator, determining a to-be-signed party, carrying out cross-domain broadcasting on the bill combined sign request through an agent node of a domain space to which the combined sign initiator belongs, and sending the bill combined sign request to the to-be-signed party;
the authority verification module is used for carrying out authority verification on the party to be signed after the party to be signed receives the bill joint signing request, wherein the authority verification comprises cross-domain authority verification and access authority authentication;
the ciphertext sending module is used for sending the bill ciphertext pre-stored in the data memory to the party to be signed after the party to be signed passes the authority verification, wherein the bill ciphertext is ciphertext data generated after encrypting the bill to be signed by using a symmetric key;
the metadata sending module is used for sending metadata of the to-be-signed bill broadcasted in advance on a blockchain network to a party to be signed, wherein the metadata of the to-be-signed bill comprises attribute ciphertext data generated after attribute encryption of the symmetric key;
The attribute decryption module is used for acquiring an attribute key corresponding to the party to be signed from the attribute authorization center cluster, and decrypting the attribute ciphertext data by using the attribute key to obtain a plaintext of the symmetric key;
the bill decryption module is used for decrypting the bill ciphertext by using the symmetric key to obtain the plaintext of the to-be-signed bill, and indicating the to-be-signed party to sign the to-be-signed bill to obtain a co-signed signature;
and the combined signature module is used for uploading the combined signature through the proxy node of the domain space of the party to be signed, and aggregating the combined signature through the aggregation signature node to obtain the combined signature result of the to-be-combined signature list.
9. A computer device comprising a memory and a processor, the memory having stored therein computer readable instructions which when executed by the processor implement the steps of the attribute-based encrypted cross-domain digital signature method of any one of claims 1 to 7.
10. A computer readable storage medium having stored thereon computer readable instructions which when executed by a processor implement the steps of the attribute encryption based cross-domain digital signature method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311408845.XA CN117544312A (en) | 2023-10-26 | 2023-10-26 | Cross-domain digital signature method based on attribute encryption and related equipment thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311408845.XA CN117544312A (en) | 2023-10-26 | 2023-10-26 | Cross-domain digital signature method based on attribute encryption and related equipment thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117544312A true CN117544312A (en) | 2024-02-09 |
Family
ID=89785188
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311408845.XA Pending CN117544312A (en) | 2023-10-26 | 2023-10-26 | Cross-domain digital signature method based on attribute encryption and related equipment thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117544312A (en) |
-
2023
- 2023-10-26 CN CN202311408845.XA patent/CN117544312A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10824701B2 (en) | System and method for mapping decentralized identifiers to real-world entities | |
| US20240007291A1 (en) | System and method for authenticating user identity | |
| US8327147B2 (en) | Non-transferable anonymous digital receipts | |
| US10559049B2 (en) | Digital passport country entry stamp | |
| CN110874464A (en) | Method and equipment for managing user identity authentication data | |
| US20050132201A1 (en) | Server-based digital signature | |
| CN112487778A (en) | Multi-user online signing system and method | |
| CN112215608A (en) | Data processing method and device | |
| CN108769020B (en) | Privacy-protecting identity attribute certification system and method | |
| CN109450843B (en) | SSL certificate management method and system based on block chain | |
| CN113014392A (en) | Block chain-based digital certificate management method, system, equipment and storage medium | |
| CN113162752B (en) | Data processing method and device based on hybrid homomorphic encryption | |
| KR102460299B1 (en) | Anonymous credential authentication system and method thereof | |
| KR101974062B1 (en) | Electronic Signature Method Based on Cloud HSM | |
| CN109687965A (en) | The real name identification method of subscriber identity information in a kind of protection network | |
| Buccafurri et al. | Integrating digital identity and blockchain | |
| CN109981287A (en) | A kind of code signature method and its storage medium | |
| CN110569672A (en) | efficient credible electronic signature system and method based on mobile equipment | |
| CN115203749A (en) | Data transaction method and system based on block chain | |
| CN113014394B (en) | Electronic data certification method and system based on alliance chain | |
| CN111865761B (en) | Social chat information evidence storing method based on block chain intelligent contracts | |
| CN113179169B (en) | Digital certificate management method and device | |
| Payeras-Capellà et al. | Design and performance evaluation of two approaches to obtain anonymity in transferable electronic ticketing schemes | |
| Namazi et al. | zkFaith: Soonami's Zero-Knowledge Identity Protocol | |
| Buccafurri et al. | Implementing advanced electronic signature by public digital identity system (SPID) |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |