CN1427575A - Electronic cipher formation and checking method - Google Patents
Electronic cipher formation and checking method Download PDFInfo
- Publication number
- CN1427575A CN1427575A CN 01144350 CN01144350A CN1427575A CN 1427575 A CN1427575 A CN 1427575A CN 01144350 CN01144350 CN 01144350 CN 01144350 A CN01144350 A CN 01144350A CN 1427575 A CN1427575 A CN 1427575A
- Authority
- CN
- China
- Prior art keywords
- electronic
- electronic cipher
- cipher
- information
- conversion
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
A method for generating and checking electronic cipher is disclosed. The method for generating electronic cipher includes such steps as transforming the plaintext to coding information, performing hash operation to become short plaintext coding information and encrypting with private key to form electronic cipher. The method for checking electronic cipher includes such steps as decrypting with public key to become intermediate result, and comparing it with said short plaintext coding information.
Description
Technical field
The present invention relates to a kind of information security technology, relate to a kind of Electronic Password Formation And Verification Ways or rather, particularly a kind of employing is based on the Electronic Password Formation And Verification Ways of short ciphertext asymmetric-key encryption algorithm.
Background technology
Along with the fast development of computer and network technologies, information security issue more and more is subject to people's attention.
Computer local area at company or tissue is online, usually have different rights of using respectively between the internal staff and between internal staff and the external staff, each terminal use has number of the account and the password of oneself respectively, and each terminal use utilizes number of the account of oneself and password to carry out the visit of different stage.
On Internet, having many e-sourcings to need to pay just can obtain, also need different numbers of the account and password to be set to each user for this reason, the user imported number of the account and password before calling these e-sourcings, resource provider is discerned the user according to password and number of the account, and user's charge information etc. is recorded on its account number, to guarantee the right of validated user.
On the computer network of bank and securities broker company, economic interests and lawful right in order to guarantee the client also are provided with different numbers of the account and password for different users, and the different numbers of the account of validated user and password reflect authority or the interests that the user is different.In concrete the application, the user is if enter main frame and conduct interviews, must import number of the account and password (claiming password again), after system test is confirmed, the user system that is allowed for access, if can not be by system test, system generally can point out the user to re-enter password, and for example three times, still can not be by check, then think the disabled user, and then adopt punitive measures such as locked number of the account.
Therefore, user account and password are the important signs of identification user in computer and the network system, especially user cipher, it lose or stolenly bring loss in various degree to user and resource provider (as above-mentioned individual, tissue, bank or securities broker company) possibly.
Along with popularizing of computer and network technologies, the electronic theft case is on the rise, and computer hacker can be intercepted and captured number of the account and password by the input of monitoring number of the account and password, or guesses user's password by dictionary attack; In addition, network internal employee attacks, intercepts and captures may also should preventing of user account and password by controlling one or some equipment fully to system.
Adopt the dynamic electronic cipher technology; the password of inputing when being to use the each access system in family has nothing in common with each other; as by the input of certain rule,, can effectively protect user account and password as changing once by per minute or changing password by the method that a kind of password is changed in each use.As publication number is that CN 1116341A, name are called the application for a patent for invention of " not reproducible software ' chaos ' is sector card (chaos) ", its technical scheme is: produce chaotic signal by the controlled chaos circuit in the sector card, be code signal with this signal map again and deliver to computer, thereby realize encryption software.But this encryption method is the cryptographic algorithm of symmetrical system in essence.
Encryption system is divided into symmetric key cipher system and asymmetric key cipher system, the cryptographic algorithm of so-called symmetrical system is meant that encryption key K1 equates with decruption key K2, it is substantial equivalence, and the asymmetric key cipher system, be meant that then encryption key K1 and decruption key K2 are unequal, promptly essence is not equal to.
The password of forming by a plurality of electronic cipher equipment form with verifying system in, if use the symmetric key cipher system, because it also is that electronic cipher is veritified key that electronic cipher generates key, like this, in order to allow miscellaneous equipment can veritify the correctness of electronic cipher, this key is inevitable shared by two or more equipment institute, and this just brings the problem in the key management, and this key can not be difficult to the identification of the equipment of realizing as unique sign of equipment.Particularly in certain applied environment, when having taken place that thereby password is stolen to cause damage, actually can't judge user oneself because of accidentally stolen or lose, still intercepted and captured or guess and obtain by online assault, or the result that defalcates of internal system employee.
The asymmetric key cipher algorithm as RSA public key algorithm, ELGamal public key algorithm, ellipse curve public key cipher algorithm etc., all is an asymmetric key cipher algorithm commonly used in the world at present.In the asymmetric key cipher algorithm; oneself secret parameter-private key needs protection; oneself sign to guarantee that other people can't pretend to be; simultaneously openly can disclosed part-PKI; can verify this signature for authentication; all other men except the private key possessor can not be by disclosed parameter-PKI, and the secret parameter-private key of deriving is because they are infeasible on calculating.
Because the Password Length at the asymmetric key cipher algorithm can influence security intensity too in short-term, so require Password Length usually greater than 100 bits, thereby limited the exploitativeness of asymmetric key cipher algorithm, as only being adapted at online use, can't under off-line state, satisfy the instructions for use of hand-kept password.
The information that prevents is distorted or is forged is the another kind of problem that is present in the information security field, traditional practice is to use seal seal or handwritten signature, yet, there is the defective of two aspects in this mode: the first, because it is a feature with changeless pattern and literal, do not have any contact between this pattern or literal and the information that needs protection, in panoramic correction technology and before forging technological side, then seeming is pale and weak, and therefore forges case of victimization such as bank money, tax bill and remains incessant after repeated prohibition; It two is, along with popularizing of computer interconnection network technology, online transaction obtains fast development, is to adopt traditional signature mode to the signature of this class of Transaction Information " electronic information ".
The digital signature technology of Xing Qiing its essence is and adopts a kind of undeniable password formation method therefrom, forms an electronic cipher by the information that needs protection, and can prevent distorting and forging of information, and energy certifying signature person's identity.
Summary of the invention
The objective of the invention is to design a kind of Electronic Password Formation And Verification Ways, utilize electronic computer, information coding and cryptological technique, adopt short ciphertext asymmetric-key encryption algorithm, formed electronic cipher, not only can be used for forming dynamic electronic cipher, and can realize the digital signature of information, and veritify electronic cipher and identification forms the people of electronic cipher or organizes identity.
The technical scheme that realizes the object of the invention is such, a kind of Electronic Password Formation And Verification Ways, comprise by the side of signing and issuing and cleartext information is encrypted the processing procedure that forms electronic cipher, with by authentication electronic cipher is decrypted the veritification processing procedure of recovering cleartext information, it is characterized in that:
The encryption process of the described side of signing and issuing further comprises following treatment step:
A. will the side of signing and issuing convert coded message (M) expressly to the cleartext information (A) of authentication as offered;
B. coded message (M) is expressly done hash (HASH) operation, form Xiao Ming's literary composition coded message (m);
C. use private key (K1) that Xiao Ming's literary composition coded message (m) is made enciphering transformation and form electronic cipher (C);
The veritification processing procedure of described authentication further comprises following treatment step:
D. use PKI (K2) that described electronic cipher (C) is done the deciphering conversion and form intermediate object program (m ') and temporary;
E. will the side of signing and issuing convert coded message (M) expressly to the cleartext information (A) of authentication as offered;
F. the coded message (M) of above-mentioned plaintext is done hash (HASH) operation, form Xiao Ming's literary composition coded message (m);
G. temporary intermediate object program (m ') and above-mentioned Xiao Ming's literary composition coded message (m) are compared, judge when both are identical that the checking result is correct, judge when both are inconsistent that the checking result is incorrect.
Cleartext information in described steps A and the step e (A) comprises literal, symbol, image, figure, numeric string or any information that can be digitized.
Cleartext information in described steps A, the step e (A) is a random number that is produced by electronic cipher equipment according to the number of the account of authorized user and personal code; PKI among the described step D (K2) comes out with authorized user number of the account index.
Described steps A and step e are to carry out by identical coding method, and described coding comprises ASCII character, Hanzi internal code or any coding that can state " 0 ", " 1 " Bit String as.
Also comprise before the described steps A: the user cipher of the checking side of signing and issuing user input, when the user cipher of judging input is correct, accurate in execution in step A.
Hash in described step B and the step F (HASH) operation is to adopt key to carry out arithmetic operation.
Enciphering transformation among the described step C is to adopt signature (S) computing to carry out conversion, electronic cipher (C)=S[private key (K1), Xiao Ming's literary composition coded message (m)]; Deciphering conversion among the described step D is to adopt veritification (V) computing to carry out conversion, intermediate object program (m ')=V[PKI (K2), electronic cipher (C)].
Described S conversion and V conversion are based on Nonlinear System of Equations and find the solution the computing that problem of difficult is constructed on finite fields, further comprise:
0,1 Bit String binary information is used as finite field gf (2
n) on amount, the structure GF (2
n) on one group of conversion F that inverts easily
1, F
2F
nAnd inverse transformation
Utilize signature (S) conversion and two kinds of operations of veritification (V) conversion respectively, calculate electronic cipher (C) among the described step B and the electronic cipher (C) among the veritification step D, represent original Bit String, represent the ciphertext of x with y with x, for
x=V(y)=F
1,F
2……F
n(y)。
Electronic cipher (C) among described step C and the step D; it is the electronic information that to carry out communication; or can be by the written information of artificial hand write record, or the written information that can print, print by machine, this written information is carried on the safeguard protection body.
Described PKI K2 and private key K1 are that configuration has nothing in common with each other in pairs, and each side of signing and issuing has whole PKIs of unique private key and veritification side.
The present invention utilizes electronic computer, information coding technique and cryptological technique, adopt short ciphertext asymmetric-key encryption algorithm and by a PKI and the key that private key is formed, for all can be encoded to literal, symbol, the figure of " 0 ", " 1 " Bit String, the given information (being called " expressly ") of image, coding forms the electronic cipher of certain amount of information, the ciphertext that claims cleartext information again, this ciphertext is made up of " 0 ", " 1 " Bit String of some.Can with said process abstract be mathematical problem, i.e. encrypt and decrypt problem.Be described below with digital:
Electronic cipher formation algorithm: C=f1 (K1, M),
Electronic cipher veritification algorithm: M=f2 (K2, C)
Wherein, M is that expressly C is the electronic cipher (ciphertext of cleartext information) of M, and f1 is that electronic cipher forms algorithm (encryption), and K1 is the formation key of electronic cipher, is " private key "; F2 is that electronic cipher is veritified algorithm (deciphering), and K2 is that electronic cipher is veritified key, is called " PKI ".
And the password forming device of employing asymmetric key cipher system, because it is private key that every encryption device has only self electronic cipher to form key, and PKI can openly be veritified the equipment of electronic cipher to other, can not derive private key by PKI, under such unsymmetrical key system, key management is convenient, safe, can realize the identification of equipment, has digital signature function.
Electronic cipher formation method of the present invention is a kind of cryptographic algorithm of lacking the unsymmetrical key of ciphertext, have higher intensity, and ciphertext length only needs 30-39 bit (10-12 position decimal number), can take into account the demand of networking and off line two aspects.
In order to improve the computational efficiency and the anti-attack ability of electronic cipher formation method and electronic cipher equipment, the main operation of described cryptographic algorithm can be finished by the cryptographic algorithm application-specific integrated circuit (ASIC), promptly adopts hardware to finish the important computations function and the storage of sensitive data.
Short ciphertext asymmetric key algorithm of the present invention has very strong anti-attack ability, and formed ciphertext is that electronic cipher is suitable in the application of manual typing.
Electronic cipher formation method of the present invention can form an electronic cipher according to cleartext information, i.e. Ming Wen digital signature, and this electronic cipher only utilizes corresponding private key to form.
Whether electronic cipher checking method of the present invention according to cleartext information and electronic cipher, utilizes the corresponding PKI of used private key when forming electronic cipher, can be distorted by the verification cleartext information.
Method of the present invention, when being used to discern electronic cipher formation people or organizing identity, because electronic cipher forms the people or organizes employed electronic cipher, this formation people or the organizing ability that only hold specific private key form, so can discern its identity.
The present invention can use the cryptographic algorithm application-specific integrated circuit (ASIC) when implementing, finish important computations function, the storage of sensitive data with hardware, thereby not only can improve the computational efficiency of system, and can improve anti-attack and anti-replication capacity from bottom hardware to whole system.
The present invention can utilize hardware devices such as computer microprocessor chip, cryptographic algorithm application-specific integrated circuit (ASIC), memory device, LCD, keyboard, IC-card, real time clock device, communication device when implementing, and computer application software, can design electronic cipher equipment, be used to form electronic cipher, veritify the people of electronic cipher and identification formation electronic cipher or organize identity.
Description of drawings
Fig. 1 is according to electronic cipher formation method theory diagram of the present invention;
Fig. 2 is according to veritification electronic cipher method theory diagram of the present invention;
Fig. 3 is according to first embodiment of the present invention, is used to form the FB(flow block) of dynamic electronic cipher;
Fig. 4 is according to second embodiment of the present invention, is used for the screen display schematic diagram of bank draft electronics authentication system, comprises Fig. 4 a, Fig. 4 b, Fig. 4 c, Fig. 4 d and Fig. 4 e.
Embodiment
Below with reference to accompanying drawing technical scheme of the present invention is elaborated.
Referring to Fig. 1, Fig. 2, be respectively Principle of Process block diagram according to electronic cipher formation method of the present invention and checking method.Under the encryption system of short ciphertext asymmetric key algorithm of the present invention, electronic cipher forms algorithm and adopts different keys respectively with electronic cipher veritification algorithm, be private key K1 and PKI K2, private key is used to form electronic cipher, and PKI is used to veritify electronic cipher, private key secret is preserved, and PKI can disclose, and can not derive private key from PKI.
Short ciphertext asymmetric key cipher algorithm basic principle is based on Nonlinear System of Equations and finds the solution this difficult problem of difficulty on finite field, and its design philosophy is that binary information (0,1 Bit String) is used as finite field gf (2
n) on amount, the structure GF (2
n) on one group of conversion F that inverts easily
1, F
2F
nAnd inverse transformation
, utilize signature conversion (S conversion) respectively and veritify two kinds of operational computations electronic ciphers of conversion (V conversion) and the veritification electronic cipher, promptly
x=V(y)=F
1,F
2……F
n(y)
Wherein, x is original Bit String, and y is the ciphertext of x.Because the conversion on the finite field can be expressed as polynomial function, will veritify the form that function V (y) is expressed as one group of polynomial function, the veritification function V (y) that openly provides is not F
1, F
2F
n(y) form, but the form of polynomial function.Utilize above-mentioned Nonlinear System of Equations to find the solution difficult problem, therefore, after obtaining this group polynomial function, obtain signature function, it is difficult promptly will obtaining and veritify the letter inverse of a number, and this has just guaranteed not to be difficult under the condition of private key obtain expressly from ciphertext having.
Figure 1 shows that the forming process of electronic cipher, its step is as follows:
Step 1: obtain coding expressly by cleartext information, cleartext information can be imported by modes such as scanning, manual typings, also can produce at random and by artificial input, coding wherein can be ISN or other coding of ASCII character, Chinese character, this process will obtain the digital information of literal, symbol, figure, numeric string etc., be designated as plaintext M.
Step 2: the plaintext M that obtains in the step 1 is done the hash computing, be called the HASH computing, promptly obtain m=HASH (M).The Hash computing is the operation of extracting cleartext information " summary ", make that working as plaintext M changes, when the change of 1 bit only takes place, the variation of half bit will take place in Hash m as a result, this is called " avalanche effect ", and the variation that takes place of plaintext M will have influence on Hash as a result on each bit of m equably.In addition, in order further to improve the intensity of algorithm, Hash adopts the Hash computing of band key.
Step 3: the private key K1 that the electronic cipher former utilizes oneself to the Hash in the step 2 as a result m carry out enciphering transformation, promptly C=S (K1, m), with ciphertext C as electronic cipher.Because private key K1 maintains secrecy, can calculate this ciphertext C so only hold the electronic cipher of private key K1 formation.Ciphertext C can show, print, and can generate bar code etc., also can transmit on communication line.
Figure 2 shows that the process of veritifying electronic cipher, its step is as follows:
Step 1: obtain coding M expressly by cleartext information, wherein said coding can be ISN or other coding of ASCII character, Chinese character;
Step 2: the plaintext M that obtains in the step 1 is done the HASH computing, i.e. m=HASH (M).Described Hash arithmetic operation is identical with Hash arithmetic operation in Fig. 1 step 2;
Step 3: electronic cipher veritification person utilizes electronic cipher former's PKI K2 that electronic cipher C is carried out verification operation, promptly m '=V (K2, C), with the Hash in m ' and the step 2 as a result m compare, if both are identical, it is correct then to veritify the result, otherwise, veritify erroneous results.
Key K 1 is to generate in pairs with private key K2, distributes to authorized user during registration.
Shown in Figure 3 is according to first embodiment of the present invention, is to utilize electronic cipher equipment to form the flow chart of dynamic electronic cipher.For the resource on access computer or the network system, system is provided with different numbers of the account and password for each user, in the present embodiment, in order to realize the dynamic electronic cipher login, at first should finish the mandate work of system to electronic cipher equipment, just can utilize electronic cipher equipment then, adopt dynamic password to carry out register.
System is to the electronic cipher device authorization, mainly finish the certification work of system to user identity, set user's number of the account, produce a pair of PKI and private key at random, user account and this to delivering key secret preservation in the electronic cipher equipment, and are kept at user account and user's PKI in the user account database of system.For the convenience on using, system can also design the personal code (PIN) of a login for the user, and is issued to electronic cipher equipment, is recorded in simultaneously in the user account database.More than operation can realize by the mode of computer system and the serial communication of electronic cipher equipment, also can utilize the IC-card transmission of band encryption function to realize in the mode of off line.
Use the operating procedure of electronic cipher login system as described below:
Step 31: give input user account and personal code, submission system then on user's the operation interface at system prompt;
Step 32: system receives user's request, if user account and personal code are all correct, then enter step 63 and carry out, otherwise system's refusal provides service for the user, and returns to user's corresponding prompt;
Step 33: user's number of the account under the system log (SYSLOG), and produce a random number, deliver on user's the operation interface and show;
Step 34: the user is input to the keyboard of this random number by electronic cipher equipment in the electronic cipher equipment, the private key of electronic cipher equipment utilization oneself, with this random number as expressly, utilize signature (S) algorithm computation in the short ciphertext asymmetric arithmetic to go out an electronic cipher, and it is presented on the display of electronic cipher equipment;
Step 35: the user is input to the electronic cipher on the electronic cipher device display in the interface of user's login, and submits to system;
Step 36: system utilizes the number of the account index of user in the step 33 to go out this user's PKI, utilize the plaintext of electronic cipher in veritification (V) the algorithm computation step 35 in the short ciphertext asymmetric arithmetic, if this plaintext is identical with the random number that it is produced, think that then user's dynamic electronic cipher is correct, allow this login request of users (step 37), otherwise system's refusal provides service for the user, and returns to user's corresponding prompt (step 38).
Fig. 4 is in conjunction with second preferred embodiment of the invention process, is used for bank draft electronics authentication system.The several terms that use in the banking system at first are described: the electronic cipher as the draft establishment is called draft " authentication ", the process that forms the draft authentication is called " compile and give as security ", and the process of veritification authentication correctness is " nuclear is given as security ", and the electronic cipher equipment with " compile and give as security " and " nuclear is given as security " function just has been called electronics authentication machine.In certain territorial scope, open a family of some communication service or the set of the operational agency of how tame bank and be called one " operation system ", as * * the draft system.In this draft system, * * the how tame banking mechanism of regional appointment can realize that draft circulates.
It is as follows to utilize method and apparatus of the present invention to realize that in operation system draft is compiled the process of giving as security with nuclear signature operation:
Compiling the signature process is: at first the legal operator of insertion blocks and logins with correct password in electronics authentication machine; Then in order " * * business-volume signature-cash order " choice menus, Fig. 4 a is for wherein selecting the menu of cash order, after having selected menu, will the display screen of input bill key element appears requiring shown in Fig. 4 b, wherein, the date of first row is the real-time time that the authentication machine provides, second to go ": " later numeral be what to need manually from the keyboard input, input is cashed capable number as requested, the note number and the amount of money, by " affirmation " key, confidential the asking of authentication imported above-mentioned same data once more, when two secondary data are in full accord, authentication computer authentication, and authentication is presented on the screen, shown in last column of Fig. 4 b.
Nuclear signature process is: at first the legal operator of insertion blocks and logins with correct password in electronics authentication machine, then in order " * * business-nuclear signature-cash order " choice menus, will the display screen of the requirement input nominal value parameter shown in Fig. 4 c appears, wherein, ": " later numeral is to need manually to import from keyboard, imports date of draft as requested successively, signs issue number, note number, the amount of money and authentication; The authentication machine was examined and was escorted calculation by " affirmation " key this moment, if it is correct to examine signature, showed nuclear signature result and other information (volume signature person machine number), shown in Fig. 4 d; If nuclear is given as security mistake, then prompting nuclear is given as security wrong information, shown in 4e.
* * adopt electronic cipher equipment in the draft system, can prevent the bill key element effectively, as date, the amount of money, note number, row number by the crime dramas of unilateral amendment and forgery.
Adopt the electronic cipher equipment of technical solution of the present invention, can form electronic cipher according to given cleartext information, and established electronic cipher is veritified, realize whether encryption, the inspection cleartext information of given cleartext information are distorted or forged, and identification forms the people of electronic cipher or the identity of tissue.
Because the present invention uses the rivest, shamir, adelman based on RSA arithmetic, the anti-attack of system, anti-replication capacity have greatly been improved, confidentiality, integrality, authenticity, the availability of cleartext information have been guaranteed, can satisfy cleartext information secret, false proof, anti-tamper, carry out demands such as identification, can be widely used in the technical fields such as bank, security, network service and electronic lock.
Claims (10)
1. Electronic Password Formation And Verification Ways comprises by the side of signing and issuing cleartext information is encrypted the processing procedure that forms electronic cipher and by authentication electronic cipher is decrypted the veritification processing procedure of recovering cleartext information, it is characterized in that:
The encryption process of the described side of signing and issuing further comprises following treatment step:
A. will the side of signing and issuing convert coded message (M) expressly to the cleartext information (A) of authentication as offered;
B. coded message (M) is expressly done hash (HASH) operation, form Xiao Ming's literary composition coded message (m);
C. use private key (K1) that Xiao Ming's literary composition coded message (m) is made enciphering transformation and form electronic cipher (C);
The veritification processing procedure of described authentication further comprises following treatment step:
D. use PKI (K2) that described electronic cipher (C) is done the deciphering conversion and form intermediate object program (m ') and temporary;
E. the authentication and the cleartext information (A) of the side's of signing and issuing as offered are converted to the coded message (M) of plaintext;
F. the coded message (M) of above-mentioned plaintext is done hash (HASH) operation, form Xiao Ming's literary composition coded message (m);
G. temporary intermediate object program (m ') and above-mentioned Xiao Ming's literary composition coded message (m) are compared, judge when both are identical that the checking result is correct, judge when both are inconsistent that the checking result is incorrect.
2. a kind of Electronic Password Formation And Verification Ways according to claim 1 is characterized in that: the cleartext information in described steps A and the step e (A) comprises literal, symbol, image, figure, numeric string or any information that can be digitized.
3. a kind of Electronic Password Formation And Verification Ways according to claim 1 is characterized in that: the cleartext information in described steps A, the step e (A) is a random number that is produced by electronic cipher equipment according to the number of the account of authorized user and personal code; PKI among the described step D (K2) comes out with authorized user number of the account index.
4. a kind of Electronic Password Formation And Verification Ways according to claim 1, it is characterized in that: described steps A and step e, be to carry out by identical coding method, described coding comprises ASCII character, Hanzi internal code or any coding that can state " 0 ", " 1 " Bit String as.
5. a kind of Electronic Password Formation And Verification Ways according to claim 1 is characterized in that: also comprise before the described steps A: the user cipher of the checking side of signing and issuing user input, and when the user cipher of judging input is correct, accurate in execution in step A.
6. a kind of Electronic Password Formation And Verification Ways according to claim 1 is characterized in that: the hash in described step B and the step F (HASH) operation is to adopt key to carry out arithmetic operation.
7. a kind of Electronic Password Formation And Verification Ways according to claim 1 is characterized in that: the enciphering transformation among the described step C is to adopt signature (S) computing to carry out conversion, electronic cipher (C)=S[private key (K1), Xiao Ming's literary composition coded message (m)]; Deciphering conversion among the described step D is to adopt veritification (V) computing to carry out conversion, intermediate object program (m ')=V[PKI (K2), electronic cipher (C)].
8. a kind of Electronic Password Formation And Verification Ways according to claim 7 is characterized in that: described S conversion and V conversion are based on Nonlinear System of Equations and find the solution the computing that problem of difficult is constructed on finite fields, further comprise:
(1) 0,1 Bit String binary information is used as finite field gf (2
n) on amount, the structure GF (2
n) on one group of conversion F that inverts easily
1, F
2F
nAnd inverse transformation
(2) utilize signature (S) conversion and two kinds of operations of veritification (V) conversion respectively, calculate electronic cipher (C) among the described step B and the electronic cipher (C) among the veritification step D, represent original Bit String, represent the ciphertext of x with y with x, for
x=V(y)=F
1,F
2……F
n(y)。
9. a kind of Electronic Password Formation And Verification Ways according to claim 1; it is characterized in that: the electronic cipher (C) among described step C and the step D; it is the electronic information that to carry out communication; or can be by the written information of artificial hand write record; or the written information that can print, print by machine, this written information is carried on the safeguard protection body.
10. a kind of Electronic Password Formation And Verification Ways according to claim 1 is characterized in that: described PKI K2 and private key K1 are that configuration has nothing in common with each other in pairs, and each side of signing and issuing has whole PKIs of unique private key and veritification side.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB011443502A CN1193538C (en) | 2001-12-17 | 2001-12-17 | Electronic cipher formation and checking method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB011443502A CN1193538C (en) | 2001-12-17 | 2001-12-17 | Electronic cipher formation and checking method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1427575A true CN1427575A (en) | 2003-07-02 |
| CN1193538C CN1193538C (en) | 2005-03-16 |
Family
ID=4677499
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB011443502A Expired - Lifetime CN1193538C (en) | 2001-12-17 | 2001-12-17 | Electronic cipher formation and checking method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1193538C (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008148275A1 (en) * | 2007-06-07 | 2008-12-11 | Guan, Haiying | Method and system for encoding and decoding the digital message |
| CN100461669C (en) * | 2005-02-03 | 2009-02-11 | 贾松仁 | Public key code hopping safety system and method |
| WO2009146655A1 (en) * | 2008-06-06 | 2009-12-10 | Xue Ming | A method, equipment and system for password inputting |
| CN1942347B (en) * | 2004-04-29 | 2011-06-08 | 宝马股份公司 | Authentication of vehicle-external device |
| CN102129589A (en) * | 2011-02-10 | 2011-07-20 | 谢仁康 | Asymmetric encryption two-dimension code anti-counterfeiting method |
| CN102419842A (en) * | 2011-09-27 | 2012-04-18 | 南京财经大学 | Grain management system and processing method thereof |
| CN101131718B (en) * | 2006-08-22 | 2012-05-23 | 华为技术有限公司 | Method, equipment and system for validating completeness of protected contents |
| CN1868162B (en) * | 2003-09-02 | 2012-10-03 | 高通股份有限公司 | Method and apparatus for providing authenticated challenges for broadcast-multicast communications in a communication system |
| CN101894244B (en) * | 2009-05-20 | 2012-11-21 | 鸿富锦精密工业(深圳)有限公司 | System and method for enciphering electronic data |
| CN103501225A (en) * | 2013-10-20 | 2014-01-08 | 张仁平 | Novel dynamic lattice encrypted card system and use method thereof |
| CN104426973A (en) * | 2013-09-03 | 2015-03-18 | 中国移动通信集团公司 | Cloud database encryption method, system and device |
| CN104866779A (en) * | 2015-04-07 | 2015-08-26 | 福建师范大学 | Method and system for controlling life cycle and safe deletion of electronic file |
| CN107222501A (en) * | 2017-07-06 | 2017-09-29 | 中国电子科技集团公司第二十九研究所 | A kind of information interaction security transmission method and system based on the non-electromagnetic signal of message identification code |
| CN109525393A (en) * | 2017-09-20 | 2019-03-26 | 深圳职业技术学院 | A kind of digital signature method of resisting quantum computation attack, verification method and system |
| CN112769573A (en) * | 2020-12-26 | 2021-05-07 | 西安电子科技大学 | Digital signature method, signature verification method and device based on GRS code |
| CN113300844A (en) * | 2021-04-14 | 2021-08-24 | 浙江工业大学 | Asymmetric key setting method with fixed public and private roles |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100361437C (en) * | 2005-05-08 | 2008-01-09 | 中国科学院计算技术研究所 | Digital image hash signature method |
| CN101699474B (en) * | 2009-10-23 | 2011-12-28 | 北京派瑞根科技开发有限公司 | Electronic signature for multi-functional external safety component |
-
2001
- 2001-12-17 CN CNB011443502A patent/CN1193538C/en not_active Expired - Lifetime
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1868162B (en) * | 2003-09-02 | 2012-10-03 | 高通股份有限公司 | Method and apparatus for providing authenticated challenges for broadcast-multicast communications in a communication system |
| CN1942347B (en) * | 2004-04-29 | 2011-06-08 | 宝马股份公司 | Authentication of vehicle-external device |
| CN100461669C (en) * | 2005-02-03 | 2009-02-11 | 贾松仁 | Public key code hopping safety system and method |
| CN101131718B (en) * | 2006-08-22 | 2012-05-23 | 华为技术有限公司 | Method, equipment and system for validating completeness of protected contents |
| WO2008148275A1 (en) * | 2007-06-07 | 2008-12-11 | Guan, Haiying | Method and system for encoding and decoding the digital message |
| WO2009146655A1 (en) * | 2008-06-06 | 2009-12-10 | Xue Ming | A method, equipment and system for password inputting |
| CN101894244B (en) * | 2009-05-20 | 2012-11-21 | 鸿富锦精密工业(深圳)有限公司 | System and method for enciphering electronic data |
| CN102129589A (en) * | 2011-02-10 | 2011-07-20 | 谢仁康 | Asymmetric encryption two-dimension code anti-counterfeiting method |
| CN102419842A (en) * | 2011-09-27 | 2012-04-18 | 南京财经大学 | Grain management system and processing method thereof |
| CN104426973A (en) * | 2013-09-03 | 2015-03-18 | 中国移动通信集团公司 | Cloud database encryption method, system and device |
| CN104426973B (en) * | 2013-09-03 | 2018-03-23 | 中国移动通信集团公司 | A kind of cloud database encryption method, system and device |
| CN103501225A (en) * | 2013-10-20 | 2014-01-08 | 张仁平 | Novel dynamic lattice encrypted card system and use method thereof |
| CN103501225B (en) * | 2013-10-20 | 2016-09-14 | 福建今日特价网络有限公司 | A kind of novel dynamic dot matrix security card system |
| CN104866779A (en) * | 2015-04-07 | 2015-08-26 | 福建师范大学 | Method and system for controlling life cycle and safe deletion of electronic file |
| CN104866779B (en) * | 2015-04-07 | 2018-05-11 | 福建师范大学 | It is a kind of to control e-file life cycle and the method and system of safety deleting |
| CN107222501A (en) * | 2017-07-06 | 2017-09-29 | 中国电子科技集团公司第二十九研究所 | A kind of information interaction security transmission method and system based on the non-electromagnetic signal of message identification code |
| CN109525393A (en) * | 2017-09-20 | 2019-03-26 | 深圳职业技术学院 | A kind of digital signature method of resisting quantum computation attack, verification method and system |
| CN112769573A (en) * | 2020-12-26 | 2021-05-07 | 西安电子科技大学 | Digital signature method, signature verification method and device based on GRS code |
| CN113300844A (en) * | 2021-04-14 | 2021-08-24 | 浙江工业大学 | Asymmetric key setting method with fixed public and private roles |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1193538C (en) | 2005-03-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1193538C (en) | Electronic cipher formation and checking method | |
| CN104104517B (en) | The method and system of disposal password checking | |
| US20200358614A1 (en) | Securing Transactions with a Blockchain Network | |
| CN108197890A (en) | A kind of Self-Service processing method, apparatus and system | |
| US20030101348A1 (en) | Method and system for determining confidence in a digital transaction | |
| AU2016353324A1 (en) | Public/private key biometric authentication system | |
| CN104322003B (en) | Cryptographic authentication and identification method using real-time encryption | |
| CN1689297A (en) | Method of preventing unauthorized distribution and use of electronic keys using a key seed | |
| CN1574740A (en) | Personal authentication device and method thereof | |
| CN1382332A (en) | Method of data protection | |
| CN1747382B (en) | Random encryption and identity authentication | |
| CN1638331A (en) | Pin verification using cipher block chaining | |
| CN1925393A (en) | Point-to-point network identity authenticating method | |
| Chavan et al. | Signature based authentication using contrast enhanced hierarchical visual cryptography | |
| Nagaraju et al. | SecAuthn: Provably secure multi-factor authentication for the cloud computing systems | |
| CN106936588A (en) | A kind of trustship method, the apparatus and system of hardware controls lock | |
| CN1554047A (en) | Device and method for calculating the result of a modular exponentiation | |
| CN1403941A (en) | Safety confirming method combining cipher and biological recognition technology | |
| CN103297237B (en) | Identity registration and authentication method, system, personal authentication apparatus and certificate server | |
| CN107204846A (en) | Digital signature generation method, system, node module and common random number consult determination method | |
| JP2009272737A (en) | Secret authentication system | |
| Han et al. | A novel hybrid crypto-biometric authentication scheme for ATM based banking applications | |
| CN1599313A (en) | Password dynamic enciphering inputmethod of public emipering mode | |
| CN101510875B (en) | Identification authentication method based on N-dimension sphere | |
| KR20030097550A (en) | Authorization Key Escrow Service System and Method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: ZHAORI SCIENCE & TECHNOLOGY (SHENZHEN) CO., LTD. Free format text: FORMER OWNER: ZHAORI SCIENCE AND TECHNOLOGY CO. LTD., BEIJING Effective date: 20061103 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20061103 Address after: Nine road 518040 Shenzhen city Futian District Tairan 213 building 6 floor C-3 block Patentee after: Zhaori Science & Technology (Shenzhen) Co., Ltd. Address before: 100089, Beijing, Haidian District, West Third Ring Road, No. 11, block B, 2 Patentee before: Zhaori Science and Technology Co., Ltd., Beijing |
|
| ASS | Succession or assignment of patent right |
Owner name: ZHAORI SCIENCE AND TECHNOLOGY CO. LTD., BEIJING Free format text: FORMER OWNER: ZHAORI SCIENCE + TECHNOLOGY (SHENZHEN) CO., LTD. Effective date: 20080711 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20080711 Address after: Beijing City, Haidian District Zhichun Road Jinqiu International Building No. 6 B block 4 layer Patentee after: Zhaori Science and Technology Co., Ltd., Beijing Address before: Nine Shenzhen Road, Futian District Tairan 213 building 6 floor C-3 block Patentee before: Zhaori Science & Technology (Shenzhen) Co., Ltd. |
|
| EE01 | Entry into force of recordation of patent licensing contract |
Assignee: Zhaori Science and Technology Co., Ltd., Beijing Assignor: Sinosun Technology (Shenzhen) Co., Ltd. Contract fulfillment period: 2008.2.28 to 2021.12.17 Contract record no.: 2008440000104 Denomination of invention: Electronic cipher formation and checking method Granted publication date: 20050316 License type: Exclusive license Record date: 20080526 |
|
| LIC | Patent licence contract for exploitation submitted for record |
Free format text: EXCLUSIVE LICENCE; TIME LIMIT OF IMPLEMENTING CONTACT: 2008.2.28 TO 2021.12.17 Name of requester: ZHAORI SCIENCE AND TECHNOLOGY CO. LTD., BEIJING Effective date: 20080526 |
|
| ASS | Succession or assignment of patent right |
Owner name: ZHAORI SCIENCE + TECHNOLOGY (SHENZHEN) CO., LTD. Free format text: FORMER OWNER: ZHAORI SCIENCE AND TECHNOLOGY CO., LTD., BEIJING Effective date: 20100715 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100088 4/F, TOWER B, JINQIU INTERNATIONAL BUILDING, NO.6, ZHICHUN ROAD, HAIDIAN DISTRICT, BEIJING CITY TO: 518040 TOWER C, 6/F, BUILDING 213, CHEGONGMIAOTAIRAN INDUSTRIAL PARK, FUTIAN DISTRICT, SHENZHEN CITY |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20100715 Address after: 518040 Shenzhen city Futian District Che Kung Temple Tairan industrial district 213 building 6 floor C block Patentee after: Sinosun Technology (Shenzhen) Co., Ltd. Address before: 100088 Beijing City, Haidian District Zhichun Road Jinqiu International Building No. 6 B block 4 layer Patentee before: Zhaori Science and Technology Co., Ltd., Beijing |
|
| C56 | Change in the name or address of the patentee |
Owner name: SHENZHEN ZHAORI TECHNOLOGY CO., LTD. Free format text: FORMER NAME: ZHAORI SCIENCE + TECHNOLOGY (SHENZHEN) CO., LTD. |
|
| CP01 | Change in the name or title of a patent holder |
Address after: 518040 Shenzhen city Futian District Che Kung Temple Tairan industrial district 213 building 6 floor C block Patentee after: Shenzhen Sinosun Technology Co., Ltd. Address before: 518040 Shenzhen city Futian District Che Kung Temple Tairan industrial district 213 building 6 floor C block Patentee before: Sinosun Technology (Shenzhen) Co., Ltd. |
|
| CX01 | Expiry of patent term | ||
| CX01 | Expiry of patent term |
Granted publication date: 20050316 |