CN118101213A - Signature encryption method, system and equipment - Google Patents

Signature encryption method, system and equipment Download PDF

Info

Publication number
CN118101213A
CN118101213A CN202410227225.4A CN202410227225A CN118101213A CN 118101213 A CN118101213 A CN 118101213A CN 202410227225 A CN202410227225 A CN 202410227225A CN 118101213 A CN118101213 A CN 118101213A
Authority
CN
China
Prior art keywords
signature
quantum
asymmetric encryption
algorithm
algorithm parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202410227225.4A
Other languages
Chinese (zh)
Inventor
汪浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Agricultural Bank of China
Original Assignee
Agricultural Bank of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Agricultural Bank of China filed Critical Agricultural Bank of China
Priority to CN202410227225.4A priority Critical patent/CN118101213A/en
Publication of CN118101213A publication Critical patent/CN118101213A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The application discloses a signature encryption method, a system and equipment, wherein a signature request is obtained, and the signature request comprises a summary algorithm parameter, a program package, a post quantum algorithm parameter and an asymmetric encryption algorithm parameter; acquiring a rear quantum private key corresponding to the rear quantum algorithm parameter according to the rear quantum algorithm parameter in the signature request; processing the program package based on the abstract algorithm parameters to obtain an abstract; signing the abstract by using the post quantum private key to obtain a preliminary signature value; and processing the prepared signature value based on the asymmetric encryption algorithm parameters to obtain an encrypted signature value, and fusing the post quantum cryptography algorithm and the asymmetric encryption algorithm to ensure that the signature value can meet the current security requirement and prevent possible security attack.

Description

Signature encryption method, system and equipment
Technical Field
The present application relates to the field of computer technologies, and in particular, to a signature encryption method, system, device, and storage medium.
Background
The common digital signature algorithm in the existing data signature encryption process is an asymmetric radial cell cipher algorithm. However, the asymmetric radial cell cryptographic algorithm is an algorithm based on a number theory, and the algorithm cannot be proved to be capable of effectively resisting a quantum computer at present. And the quantum computer can reduce the cracking difficulty of complex mathematical problems such as large integer decomposition, discrete logarithm solution and the like from an exponential level to a polynomial level by utilizing a Xuer quantum algorithm, so that the widely used asymmetric radial cell cryptographic algorithm can be rapidly cracked.
Therefore, with the continuous enhancement of quantum computing capability and the continuous emergence of novel attack algorithms in recent years, traditional digital signatures face serious threats of predicted attack.
Disclosure of Invention
Based on the above problems, the present application provides a signature encryption method, system and device, which are used for reducing the possibility of digital signature being broken.
In order to solve the above problems, the technical solution provided by the embodiment of the present application is as follows:
The first aspect of the present application provides a signature encryption method, applied to an application distribution terminal, comprising:
obtaining a signature request, wherein the signature request comprises a digest algorithm parameter, a program package, a post quantum algorithm parameter and an asymmetric encryption algorithm parameter,
Calling a corresponding post quantum public key and a corresponding post quantum private key generated by a post quantum algorithm according to the post quantum algorithm parameters in the signature request;
Signing the abstract by using the quantum private key to obtain a preliminary signature value;
processing the preliminary signature value based on the asymmetric encryption algorithm parameters to obtain an encrypted signature value;
And packaging the encrypted signature value, the post quantum public key and the program package for distribution.
In one possible implementation manner, the processing the preliminary signature value based on the asymmetric encryption algorithm parameter to obtain an encrypted signature value includes:
if the asymmetric encryption algorithm parameter is null, the preliminary signature value is determined to be the encrypted signature value.
In one possible implementation manner, the processing the preliminary signature value based on the asymmetric encryption algorithm parameter to obtain an encrypted signature value includes:
If the asymmetric encryption algorithm parameter is not null, generating an asymmetric encryption algorithm public key and an asymmetric encryption algorithm private key;
an encrypted signature value is generated based on the asymmetric encryption algorithm private key and the preliminary signature value.
In one possible implementation, the method further includes:
unpacking the received application program package to obtain a program package, a summary algorithm parameter, a post quantum algorithm parameter and an asymmetric encryption algorithm parameter;
processing the program package by using a digest algorithm parameter to obtain a digest, wherein the digest is used for checking a signature as a signature value;
and based on whether the asymmetric encryption algorithm parameter is null, performing signature verification on the abstract to obtain a signature verification result.
In one possible implementation manner, the verifying the digest based on whether the asymmetric encryption algorithm parameter is null or not to obtain a verification result includes:
and if the parameters of the asymmetric encryption algorithm are null, the digest is checked by using a public key of the post quantum algorithm, and a check result is obtained.
In one possible implementation manner, the verifying the digest based on whether the asymmetric encryption algorithm parameter is null or not to obtain a verification result includes:
if the asymmetric encryption algorithm parameter is not null, the signature value is checked by using the asymmetric encryption algorithm public key to obtain a preliminary signature checking value;
And (3) using a public key of the post quantum cryptography algorithm to verify the prepared verification value, comparing the prepared verification value with the data abstract, and confirming the verification result.
The second aspect of the present application provides a signature encryption system, applied to an application distribution terminal, comprising:
The first acquisition unit is used for acquiring a signature request, wherein the signature request comprises a summary algorithm parameter, a program package, a post quantum algorithm parameter and an asymmetric encryption algorithm parameter;
the second acquisition unit is used for acquiring a rear quantum public key and a rear quantum private key corresponding to the rear quantum algorithm parameters according to the rear quantum algorithm parameters in the signature request;
the first processing unit is used for processing the program package based on the abstract algorithm parameters to obtain an abstract;
The signature unit is used for signing the abstract by using the post quantum private key to obtain a preliminary signature value;
And the second processing unit is used for processing the preliminary signature value based on the asymmetric encryption algorithm parameters to obtain an encrypted signature value.
A third aspect of the present application provides an electronic device, comprising: the signature encryption method according to the first aspect is realized by a memory, a processor, and a computer program stored in the memory and executable on the processor, when the processor executes the computer program.
A fourth aspect of the application provides a computer readable storage medium having instructions stored therein which, when run on a terminal device, cause the terminal device to perform the signature encryption method as described in the preceding first aspect.
Compared with the prior art, the application has the following beneficial effects:
The method comprises the steps of obtaining a signature request comprising abstract algorithm parameters, program packages, post quantum algorithm parameters and asymmetric encryption algorithm parameters; acquiring a rear quantum private key corresponding to the rear quantum algorithm parameter according to the rear quantum algorithm parameter in the signature request; processing the program package based on the abstract algorithm parameters to obtain an abstract; signing the abstract by using the post quantum private key to obtain a preliminary signature value; and processing the prepared signature value based on the asymmetric encryption algorithm parameters to obtain an encrypted signature value. Therefore, the post quantum cryptography algorithm and the asymmetric cryptography algorithm are combined, the encrypted signature value is obtained through double encryption, the advantages that the attack of a quantum computer and a Xuer quantum algorithm can be resisted by the post quantum cryptography algorithm are utilized, the problem that the current asymmetric radial cell cryptography algorithm cannot resist the attack of the quantum computer is avoided, the security reinforcement of the signature value is realized, the possibility of the signature value being broken is reduced, and the security of the signature is improved.
Drawings
In order to more clearly illustrate this embodiment or the technical solutions of the prior art, the drawings that are required for the description of the embodiment or the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of a signature encryption method according to an embodiment of the present application;
FIG. 2 is a flowchart of a signature encryption method according to an embodiment of the present application;
Fig. 3 is a block diagram of a signature encryption system according to an embodiment of the present application.
Detailed Description
In order to make the present application better understood by those skilled in the art, the following description will clearly and completely describe the technical solutions in the embodiments of the present application with reference to the accompanying drawings, and it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
In order to facilitate understanding of the technical solution provided by the embodiments of the present application, terms related to the embodiments of the present application will be described below.
Post quantum cryptography algorithm: the post quantum cryptography algorithm is a cryptography algorithm designed based on the mathematical problem that the prior quantum algorithm is not attacked, and can realize quantum computation security. Although quantum computation can achieve exponential acceleration on problems such as large number decomposition, there is no evidence at present that quantum computation can solve general decoding problems such as lattice problems, nonlinear equation system solving problems, error correction codes. Thus, researchers have designed cryptographic algorithms based on these difficult problems, in hopes that these cryptographic algorithms are quantum attack resistant, resulting in lattice passwords, passwords based on coding theory, hash-based passwords, multivariate passwords, etc.
Quantum computing: the computational power of quantum computing grows exponentially with the number of qubits that can be manipulated. The quantum computer runs in a parallel computing mode, and when the quantum computer with K quantum bits performs computing, the K quantum bits are operated once, namely 2K computing operations can be processed once, so that when K is quite large, the performance of the quantum computer is quite powerful through 2K computing operations, and the quantum computer can quickly solve the problem of difficulty in exponential level.
Application distribution: application distribution refers to the release of application programs (APP) to different platforms (e.g., iOS, android, windows, etc.) and application stores, allowing users to conveniently download and install the application programs. Application distribution is typically performed by a developer or publisher, including packaging, signing, and uploading of applications to different application stores. Through application distribution, developers and publishers can promote applications to more users and help them manage applications better. Meanwhile, the application distribution is also beneficial to updating and maintaining of the application program, so that a user can always use the application program of the latest version.
RSA (RIVEST SHAMIRADLEMA, asymmetric radial cryptographic algorithm) algorithm: the RSA algorithm is an encryption algorithm and a signature algorithm, is based on the difficulty problem of large prime number decomposition, and adopts a mode of pairing a public key and a private key to realize encryption and decryption. In the digital signature aspect, RSA will use the private key to generate a digital signature, and the public key is used to verify the legitimacy of the signature, thereby ensuring the integrity and authenticity of the data.
Digital signature: the information sender adopts a section of numbers which cannot be forged by others and are generated by an asymmetric cryptosystem (public key cryptosystem), and the section of number strings are also an effective proof for the authenticity of the information sent by the information sender, and have the characteristics of completeness, non-repudiation and non-repudiation.
Keytool: is a command line tool provided by Java for managing keys, certificates and trust libraries. It can generate and manage key pairs (public and private), certificates, signature requests, passwords, and private keys. Keytool uses the key store format of Java (keystore) to store information such as keys, certificates, etc. Under default, the keystore file is located under the home directory of the user.
Keystore document: is an implementation of the Java keystore (JavaKey Store, JKS). It is a file format that JavaKeytool tools use to store keys and digital certificates. This document is typically used to protect private keys and certificates to ensure digital security.
In order to facilitate understanding of the technical solution provided by the embodiments of the present application, the following description will first explain the background technology related to the embodiments of the present application.
In CS architecture, the distribution of the application may be secured by means of digital signatures. A developer can sign an application program by using a digital signature program, so that the authenticity and the integrity of the application program are ensured, and meanwhile, the application program is prevented from being tampered in the distribution process. Applications that use the RSA algorithm for digital signatures are most common. The RSA algorithm is an algorithm based on a number theory, and no evidence exists at present that the RSA algorithm can effectively resist a quantum computer. In contrast, the quantum computer can reduce the cracking difficulty of complex mathematical problems such as large integer decomposition, discrete logarithm solution and the like from an exponential level to a polynomial level by utilizing a Shor quantum algorithm, so that the widely used RSA line can be rapidly cracked. Thus, for important confidential information, a more secure way of encryption should employ algorithms that resist quantum computation. The post quantum cryptography algorithm is a new generation cryptography algorithm capable of resisting the attack of the quantum computer on the existing cryptography algorithm.
In order to solve the problem, the application changes the existing application allocation mechanism, and replaces the traditional signature algorithm with the post quantum encryption algorithm. In a specific scheme, the security of application program distribution is enhanced by adopting a method of combining post quantum encryption and post quantum encryption technology respectively.
The signature encryption method, the signature encryption system and the signature encryption equipment provided by the application can be applied to the technical field of computers. The foregoing is merely an example, and is not intended to limit the application fields of the signature encryption method, system and apparatus provided by the present application. In addition, the embodiment of the application also does not limit the execution subject of the fragmentation, for example, the signature encryption method of the embodiment of the application can be applied to data processing equipment such as terminal equipment or a server. The terminal device may be an electronic device such as a smart phone, a computer, a Personal digital assistant (Personal DIGITALASSISTANT, PDA), a tablet computer, etc. The server may be an independent server, a cloud server, or a cluster server composed of a plurality of servers.
In order to make the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
The secure signature encryption method and system based on the post quantum cryptography algorithm authentication provided by the embodiment of the application can be used in various application distribution scenes. Examples of scenarios: under CS architecture, the client updates dll through Internet, and there is concern that the updated dll is tampered. Under the condition, a secure application distribution mechanism based on the authentication of a post quantum cryptography algorithm can be used, a post quantum signature is carried out on the dll to be distributed at a server side, a signature is carried out on the dll at a client side, and the integrity of the dll received by the client side is ensured.
The signature encryption method provided by the application is described below by means of an embodiment. Referring to fig. 1, fig. 1 is a flowchart of a signature encryption method provided by an embodiment of the present application, applied to an application distribution end, where the method includes:
s101, acquiring a signature request, wherein the signature request comprises a summary algorithm parameter, a program package, a post quantum algorithm parameter and an asymmetric encryption algorithm parameter.
The signature request carries parameters, and specific post quantum cryptography algorithm and asymmetric encryption algorithm can be specified. The post quantum algorithm parameter and the asymmetric encryption algorithm parameter are both used to characterize the type of algorithm, and are used to determine which post quantum algorithm or which asymmetric encryption algorithm the current signature request will employ.
In a practical application scenario, the parameters may be of the following form: program package; summary algorithm name; post quantum algorithm name; and the traditional asymmetric algorithm name is that the program package is processed by the abstract algorithm parameters to obtain an abstract, and the abstract is used for signature verification.
S102, acquiring a rear quantum private key corresponding to the rear quantum algorithm parameter according to the rear quantum algorithm parameter in the signature request; and processing the program package based on the abstract algorithm parameters to obtain an abstract.
And S103, signing the abstract by using the quantum private key to obtain a preliminary signature value.
The quantum algorithm parameters are subjected to primary encryption after application, the signature safety is primarily improved, and a preliminary signature value is obtained.
S104, processing the prepared signature value based on the asymmetric encryption algorithm parameters to obtain an encrypted signature value.
And processing the prepared signature value based on the asymmetric encryption algorithm parameters to obtain an encrypted signature value. And the signature is secondarily encrypted through the asymmetric encryption algorithm parameters, so that the security of the signature is improved.
In one possible implementation, the method further includes:
S105, packaging the encrypted signature value, the post quantum public key and the program package for distribution.
In one possible implementation manner, the processing the preliminary signature value based on the asymmetric encryption algorithm parameter to obtain an encrypted signature value includes:
if the asymmetric encryption algorithm parameter is null, the preliminary signature value is determined to be the encrypted signature value.
In one possible implementation manner, the processing the preliminary signature value based on the asymmetric encryption algorithm parameter to obtain an encrypted signature value includes:
If the asymmetric encryption algorithm parameter is not null, generating an asymmetric encryption algorithm public key and an asymmetric encryption algorithm private key;
an encrypted signature value is generated based on the asymmetric encryption algorithm private key and the preliminary signature value.
According to the algorithm in the request parameters, a corresponding public and private key generated by a specific post quantum algorithm is called; signing the abstract by using the quantum private key to obtain a signature value 1; if the asymmetric encryption algorithm parameter is null, the signature value 1 is an encrypted signature value; if the asymmetric encryption algorithm parameter is not null, continuing to generate an asymmetric encryption algorithm public key and an asymmetric encryption algorithm private key; generating an encrypted signature value for the signature value 1 using an asymmetric encryption algorithm private key; the signature value, public key and application program are packaged for distribution.
A second aspect of the embodiment of the present application provides a signature encryption method, referring to fig. 2, and fig. 2 is a flowchart of the signature encryption method provided by the embodiment of the present application, where the signature encryption method is applied to an application obtaining end, and includes:
s201, unpacking the received application program package to obtain the program package, the abstract algorithm parameter, the post quantum algorithm parameter and the asymmetric encryption algorithm parameter.
At the application acquisition end, unpacking the received application program package, acquiring a signature value, an asymmetric encryption algorithm and a post quantum algorithm name in the unpacked application program package, checking a signature of the signature value, and checking the integrity of the application program.
S202, processing the program package by using the digest algorithm parameters to obtain a digest, wherein the digest is used for signing as a signature value.
Unpacking the received application program package, obtaining the program package, the abstract algorithm name, the post quantum algorithm name and the traditional asymmetric algorithm name, and processing the program package by using abstract algorithm parameters to obtain an abstract, wherein the abstract is used for signature verification.
S203, based on whether the asymmetric encryption algorithm parameter is null, the abstract is checked to obtain a check result.
In one possible implementation manner, the verifying the digest based on whether the asymmetric encryption algorithm parameter is null or not to obtain a verification result includes:
and if the parameters of the asymmetric encryption algorithm are null, the digest is checked by using a public key of the post quantum algorithm, and a check result is obtained.
In one possible implementation manner, the verifying the digest based on whether the asymmetric encryption algorithm parameter is null or not to obtain a verification result includes:
if the asymmetric encryption algorithm parameter is not null, the signature value is checked by using the asymmetric encryption algorithm public key to obtain a preliminary signature checking value;
And (3) using a public key of the post quantum cryptography algorithm to verify the prepared verification value, comparing the prepared verification value with the data abstract, and confirming the verification result.
If the asymmetric encryption algorithm parameter is null, directly using a post quantum algorithm public key to carry out signature verification; if the asymmetric encryption algorithm parameter is not null, the signature value is checked by using the asymmetric encryption algorithm public key to obtain a checked signature value 1. And (3) using a public key of the post quantum cryptography algorithm to verify the signature verification value 1, comparing the signature verification value 1 with the data abstract, and confirming the signature verification result.
In summary, the application provides a secure signature encryption method and system based on post quantum cryptography algorithm authentication. The security of the cryptographic algorithm depends on the high complexity of calculation, a cracker cannot finish key cracking in a limited time, and when the number of quantum bits of an equivalent computer is increased to a certain degree, serious potential safety hazards are brought to the existing computer network constructed on the basis of the classical public key cryptographic algorithm. The post quantum cryptography algorithm is a cryptography algorithm designed based on the mathematical problem that the prior quantum algorithm is not attacked, and can realize quantum computation security. Although quantum computation can achieve exponential acceleration on problems such as large number decomposition, there is no evidence at present that quantum computation can solve general decoding problems such as lattice problems, nonlinear equation system solving problems, error correction codes. Thus, researchers have designed cryptographic algorithms based on these difficult problems to expect these cryptographic algorithms to be quantum attack resistant, thereby forming PQC types such as lattice ciphers, coding theory-based ciphers, hash-based ciphers, multi-variable ciphers, and the like.
In summary, the scheme provided by the application has the following beneficial effects:
first, the mathematical problem characteristic of the post quantum cryptography algorithm is utilized, the application distribution safety is improved, and the capability of resisting quantum computing attack is provided. Secondly, the scheme considers that the existing post quantum cryptography algorithm is not standardized yet, the asymmetric encryption algorithm and the post quantum algorithm are fused, signature verification is carried out twice in a cascading mode, safety reinforcement is achieved, and the signature and authentication can resist quantum attack. Third, the method can be widely applied to application distribution scenes.
The above is some specific implementation manners of the signature encryption method provided by the embodiment of the present application, and based on this, the present application further provides a corresponding system for slicing. The system provided by the embodiment of the application will be described from the aspect of functional modularization. Fig. 3 is a block diagram of a slicing system according to an embodiment of the present application.
The system comprises:
An initiating unit 110 for obtaining a signature request, the signature request comprising a digest algorithm parameter, a package, a post-quantum algorithm parameter and an asymmetric encryption algorithm parameter,
A calling unit 111, configured to call a corresponding post quantum public key and a corresponding post quantum private key generated by a post quantum algorithm according to the post quantum algorithm parameter in the signature request;
a signature unit 112, configured to sign the digest using the post quantum private key, to obtain a preliminary signature value;
an encrypted signature value determining unit 113, configured to process the preliminary signature value based on an asymmetric encryption algorithm parameter, to obtain an encrypted signature value;
And the distributing unit 114 is used for packaging the encrypted signature value, the post quantum public key and the program package for distribution.
The embodiment of the application also provides corresponding equipment and a computer storage medium, which are used for realizing the signature encryption method scheme provided by the embodiment of the application.
The device comprises a memory and a processor, wherein the memory is used for storing instructions or codes, and the processor is used for executing the instructions or codes so as to enable the device to execute the signature encryption method according to any embodiment of the application.
The computer storage medium stores code, and when the code is executed, a device executing the code implements the signature encryption method according to any embodiment of the present application.
It should be noted that, in the present description, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different manner from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other. For the system or device disclosed in the embodiments, since it corresponds to the method disclosed in the embodiments, the description is relatively simple, and the relevant points refer to the description of the method section.
It should be understood that in the present application, "at least one (item)" means one or more, and "a plurality" means two or more. "and/or" for describing the association relationship of the association object, the representation may have three relationships, for example, "a and/or B" may represent: only a, only B and both a and B are present, wherein a, B may be singular or plural. The character "/" generally indicates that the context-dependent object is an "or" relationship. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b or c may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
It is to be understood that the terms "center," "longitudinal," "transverse," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," and the like are directional or positional relationships as indicated based on the drawings, merely to facilitate describing the invention and simplify the description, and do not indicate or imply that the devices or elements referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus are not to be construed as limiting the invention.
It should be noted that, unless explicitly stated or limited otherwise, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be, for example, fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; can be directly connected or indirectly connected through an intermediate medium, and can be communication between two elements. The specific meaning of the above terms in the present invention will be understood in specific cases by those of ordinary skill in the art.
It is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. The software modules may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A signature encryption method, comprising:
acquiring a signature request, wherein the signature request comprises a summary algorithm parameter, a program package, a post quantum algorithm parameter and an asymmetric encryption algorithm parameter;
Acquiring a rear quantum private key corresponding to the rear quantum algorithm parameter according to the rear quantum algorithm parameter in the signature request; processing the program package based on the abstract algorithm parameters to obtain an abstract;
signing the abstract by using the post quantum private key to obtain a preliminary signature value;
And processing the prepared signature value based on the asymmetric encryption algorithm parameters to obtain an encrypted signature value.
2. The method of claim 1, wherein the processing the preliminary signature value based on the asymmetric encryption algorithm parameter to obtain a cryptographic signature value comprises:
And if the asymmetric encryption algorithm parameter is null, determining the preparation signature value as an encryption signature value.
3. The method of claim 1, wherein the processing the preliminary signature value based on the asymmetric encryption algorithm parameter to obtain a cryptographic signature value comprises:
if the asymmetric encryption algorithm parameter is not null, generating an asymmetric encryption algorithm public key and an asymmetric encryption algorithm private key based on the asymmetric encryption algorithm parameter;
an encrypted signature value is generated based on the asymmetric encryption algorithm private key and the preliminary signature value.
4. The method according to claim 1, wherein the method further comprises:
and packaging the encrypted signature value, the post quantum public key and the program package and distributing the packaged encrypted signature value, the post quantum public key and the program package to a target position.
5. The method according to claim 4, wherein the method further comprises:
Unpacking the received application program package to obtain a program package, a summary algorithm parameter, a post quantum algorithm parameter and an asymmetric encryption algorithm parameter;
processing the program package by using a digest algorithm parameter to obtain a digest, wherein the digest is used for checking a signature as a signature value;
and based on whether the asymmetric encryption algorithm parameter is null, performing signature verification on the abstract to obtain a signature verification result.
6. The method of claim 5, wherein the signing the digest based on whether the asymmetric encryption algorithm parameter is null, comprises:
and if the parameters of the asymmetric encryption algorithm are null, the digest is checked by using a public key of the post quantum algorithm, and a check result is obtained.
7. The method of claim 5, wherein the signing the digest based on whether the asymmetric encryption algorithm parameter is null, comprises:
if the asymmetric encryption algorithm parameter is not null, the signature value is checked by using the asymmetric encryption algorithm public key to obtain a preliminary signature checking value;
And (3) using a public key of the post quantum cryptography algorithm to verify the prepared verification value, comparing the prepared verification value with the data abstract, and confirming the verification result.
8. A signature encryption system, comprising:
The first acquisition unit is used for acquiring a signature request, wherein the signature request comprises a summary algorithm parameter, a program package, a post quantum algorithm parameter and an asymmetric encryption algorithm parameter;
The first processing unit is used for acquiring a rear quantum public key and a rear quantum private key corresponding to the rear quantum algorithm parameters according to the rear quantum algorithm parameters in the signature request; the program package is used for processing the program package based on the abstract algorithm parameters to obtain an abstract;
The signature unit is used for signing the abstract by using the post quantum private key to obtain a preliminary signature value;
And the second processing unit is used for processing the preliminary signature value based on the asymmetric encryption algorithm parameters to obtain an encrypted signature value.
9. An electronic device, comprising: a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the signature encryption method of any one of claims 1-7 when the computer program is executed.
10. A computer readable storage medium having instructions stored therein which, when executed on a terminal device, cause the terminal device to perform the signature encryption method of any one of claims 1-7.
CN202410227225.4A 2024-02-29 2024-02-29 Signature encryption method, system and equipment Pending CN118101213A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410227225.4A CN118101213A (en) 2024-02-29 2024-02-29 Signature encryption method, system and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410227225.4A CN118101213A (en) 2024-02-29 2024-02-29 Signature encryption method, system and equipment

Publications (1)

Publication Number Publication Date
CN118101213A true CN118101213A (en) 2024-05-28

Family

ID=91158425

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410227225.4A Pending CN118101213A (en) 2024-02-29 2024-02-29 Signature encryption method, system and equipment

Country Status (1)

Country Link
CN (1) CN118101213A (en)

Similar Documents

Publication Publication Date Title
US11842317B2 (en) Blockchain-based authentication and authorization
US20230120742A1 (en) Quantumproof blockchain
US11184157B1 (en) Cryptographic key generation and deployment
US20190205540A1 (en) Host attestation
CN111262889B (en) Authority authentication method, device, equipment and medium for cloud service
CN110505067B (en) Block chain processing method, device, equipment and readable storage medium
EP1717724B1 (en) Methods for generation and validation of isogeny-based signatures
Chen et al. Data dynamics for remote data possession checking in cloud storage
WO2020020127A1 (en) Private key storage and reading method and apparatus, and hardware device
JP7209431B2 (en) Digital signature method, signature information verification method, related device and electronic device
CN110719172B (en) Signature method, signature system and related equipment in block chain system
KR101253683B1 (en) Digital Signing System and Method Using Chained Hash
Gan et al. Efficient and secure auditing scheme for outsourced big data with dynamicity in cloud
CN115134090A (en) Identity authentication method and device based on privacy protection, computer equipment and medium
CN113939821A (en) System and method for non-parallel mining on a workload justification blockchain network
Mishra et al. BB-tree based secure and dynamic public auditing convergence for cloud storage
US20080229111A1 (en) Prevention of unauthorized forwarding and authentication of signatures
US20240187256A1 (en) Systems and methods for enforcing cryptographically secure actions in public, non-permissioned blockchains using bifurcated self-executing programs comprising shared digital signature requirements
CN118101213A (en) Signature encryption method, system and equipment
Fatima et al. An efficient secure auditing framework for big data storage in cloud computing environment
JP2019057827A (en) Distributed authentication system and program
US20220067727A1 (en) Method for operating a distributed database system, distributed database system, and industrial automation system
EP3419212B1 (en) Computer implemented method, computer system and computer readable computer program product
Gan et al. Online/offline remote data auditing with strong key-exposure resilience for cloud storage
Wang et al. Mutual authentication‐based RA scheme for embedded systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination