JP4037601B2 - Digital signature method - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to a digital signature method for verifying the authenticity of a document by adding a digital signature sentence to an electronic document.
[0002]
[Problems to be solved by the invention]
In the digital signature, the signature user creates a signature sentence from the document and a private key known only to him and sends it to the verifier together with the original document.
The verifier verifies the validity of the document from the user's public key, signature text, and original document.
[0003]
At this time, if the document sent by the user is long, it is troublesome to divide the document into short parts and attach a signature sentence to each one, and it takes too much time for signature and verification.
Therefore, instead of the document itself to which the signature sentence is attached, the document is compressed and the signature sentence is attached thereto.
[0004]
In document compression, a document having an arbitrary length is generally input to a hash function, and conversion is performed so that the output is a positive integer less than n.
Since the hash function compresses a long document, it must be able to be calculated efficiently.
[0005]
However, in order to prevent falsification, the hash function should not be such that the original document can be obtained from the function value, and one-way property is required.
For this reason, signature methods such as an RSA signature using a power-residue calculation and an ElGamal signature for obtaining a discrete logarithm have been proposed, but all of them require a huge amount of calculation for ensuring safety.
[0006]
Therefore, the present invention has been made for the purpose of proposing a digital signature method based on a simple compression method that does not require an enormous amount of calculation while maintaining unidirectionality.
[0007]
[Means for Solving the Problems]
In order to achieve this object, the present invention is configured as follows.
That is, the invention of claim 1 compresses the secret key Ks concealed by the user into a compressed secret key Ks ′ by a predetermined compression procedure to obtain a public key,
The user
Encrypt the original text M into the secret text C with the secret key Ks to assemble the secret key secret text CKs,
This is compressed into the compressed secret key code CKs ′ by the compression procedure to form a signature text,
The signature text CKs ′ is added to the original text M and transmitted,
The verifier
A compressed original text M ′ obtained by compressing the received original text M by the compression procedure,
Furthermore, the public key Ks' is encrypted into the secret text C 'and the public key secret text C'Ks' is assembled.
This is a digital signature method characterized by comparing the signature sentence CKs ′ with the signature sentence CKs ′ to determine whether or not it is accepted.
[0008]
In the invention of claim 2, the user and the verifier share the common key Kc,
When a user and a verifier communicate via a communication channel,
2. The digital signature method according to claim 1, wherein the original text M and the signature text CKs ′ are concealed by the common key Kc.
[0009]
In the invention of claim 3, the user can
Sending the secret key cipher CKs ", which is compressed in the middle of the compression procedure by the compression procedure, as a provisional signature sentence;
The verifier
2. The digital signature method according to claim 1, wherein the received provisional signature sentence CKs ″ is completely compressed into a signature sentence CKs ′ by the compression procedure to determine whether or not the signature is accepted.
[0010]
In the invention of claim 4, when the user transmits the provisional signature CKs ",
Encrypt the secret text C "with the preset perturbation key Kd to assemble the perturbation key provisional signature text C" Kd,
4. The digital signature method according to claim 3, wherein the perturbation key provisional signature sentence C "Kd is replaced with the provisional signature sentence CKs" and transmitted.
[0011]
The invention of claim 5 provides the compression procedure as follows:
Inputting a string of numbers of arbitrary length and arranging them in an n × n matrix in order;
Outputting an algebraic value n + n digit number string modulo 10 as a compressed number from the total value of n digits of each matrix arranged in a matrix;
Repeating the steps until the end of the input of the number sequence;
4. The digital signature method according to claim 1 or 3, comprising:
[0012]
In the invention of claim 6, when the numeric strings are input and arranged in a matrix,
6. The digital signature method according to claim 5, wherein the n + n compressed numbers output in the previous step are mixed and arranged in the input number string.
[0013]
According to a seventh aspect of the present invention, the digital text according to claim 1 or 4, wherein the memorized text C, C ′, C ″ is an algebraic numeric string modulo 10 from the sum of the original text of the number and each digit of the key. It is a signing method.
[0014]
In the invention of claim 8, when the perturbation key Kd and the provisional signature sentence CKs ″ have the same length, and the n × n digits of the perturbation key Kd are arranged in an n × n matrix, the sum of the numbers in each matrix 5. The digital signature method according to claim 4, wherein each digit of the perturbation key Kd is set so that the value is a multiple of 10.
[0015]
The invention of claim 9 is such that when the n × n digits of the perturbation key Kd are arranged in an n × n matrix, the second digit of the total value of the numbers in each matrix is the number designated by the user. 5. The digital signature method according to claim 4, wherein a numerical value of each digit of the disturbance key Kd is set.
[0016]
In the invention of claim 10, when the n × n digits of the perturbed key provisional signature sentence C ″ Kd are arranged in an n × n matrix, the second digit of the total value of each matrix is designated by the user. 5. The digital signature method according to claim 4, wherein each digit of the perturbation key Kd is set to be a number.
[0017]
DETAILED DESCRIPTION OF THE INVENTION
Embodiments of the present invention will be described below with reference to the drawings.
FIG. 1 shows a block diagram of a digital signature method embodying the present invention.
Each process in the embodiment is executed on a computer resource including an input unit such as a keyboard, an arithmetic processing unit configured by a memory, a CPU, and the like, and an output unit such as a display.
Each processing corresponds to the processing configuration of the program stored in the memory of the arithmetic processing unit, and is executed by the arithmetic processing unit.
In the digital signature method, a sender S and a receiver R share a common key Kc, and a compressed secret key Ks ′ obtained by compressing a secret key Ks concealed by the sender S by a predetermined compression procedure P is used as a public key.
In the compression procedure P, a numeric string a (k) having an arbitrary length is sequentially arranged in a matrix A (n × n) and compressed into a compressed number A ′ (n + n).
As for the size of the matrix A (n × n), n = 12 to 24 is appropriate when the numeric string a (k) is a decimal number.
Further, when the numeric string a (k) is a hexadecimal number, n = 18 to 36 is appropriate.
Accordingly, in the case of a decimal number, a 24-48 digit number is output as the compressed number A ′ (n + n), and in the case of a hexadecimal number, a 36-72 digit number is output as the compressed number A ′ (n + n).
[0018]
The secret key Ks uses a computer resource to generate a key that the signature user keeps other than himself / herself.
For example, the computer resource calculation processing unit generates a decimal or hexadecimal random number having a length corresponding to the amount of information to be communicated.
The common key Kc is generated in order to perform secure communication between the user and the verifier by the computer resource calculation processing unit .
For example, a common key for cryptographic communication is generated using a Diffie-Hellman key agreement protocol.
At this time, if it is necessary to prevent intermediate intrusion, ID information of both the user and the verifier is added to prevent the attack.
[0019]
The compression procedure P will be described with reference to the flowchart of FIG.
The compression procedure P is executed by a computer resource calculation processing unit.
In the compression procedure P, first, a numeric string a (k) having an arbitrary length is input and arranged in a matrix A (n × n) (step P01).
The numerical sequence a (k) is arranged from the first row of the matrix A (n × n) only for the first time,
The array is sequentially input to the right one by one from the upper left corner frame.
When n characters have been entered, n characters are arranged in the same manner to the next line.
When all the boxes are filled with numbers, the array is finished.
[0020]
Next, the numbers of each matrix of the matrix A (n × n) are summed up and the algebraic value modulo 10 (the value when the total value is 1 digit, the remainder when divided by 10 when it is 2 digits or more) (Numerical value) is output as the compressed number A ′ (n + n) (step P02).
As a result, the n-digit number of each matrix is compressed to one digit, and the entire n × n-digit matrix A (n × n) is compressed into n + n-digit compressed numbers A ′ (n + n).
Next, it is determined whether or not there is a remaining input in the numeric string a (k), and if not, the process ends (step P03).
If there is a remaining input, the compressed numbers A ′ (n + n) output in step P02 are arranged in the first and second rows of the matrix A (n × n), and the process returns to step P01 (step P04).
[0021]
The procedure of the digital signature method embodying the present invention will be described below.
In addition, each procedure shown below is performed by the calculation processing part of a computer resource.
First, the sender S encrypts the original text M into the secret text C using the common key Kc by using the computer resource calculation processing unit, and assembles the common key secret text CKc (step S01).
The encryption is performed by obtaining an algebraic value modulo 10 from the added value of each digit of the original text M and the common key Kc.
Next, the original text M is encrypted into the secret text C with the secret key Ks to assemble the secret key secret text CKs (step S02).
Similarly, the encryption is performed by obtaining an algebraic value modulo 10 from the added value of each digit of the original text M and the secret key Ks.
[0022]
Next, the secret key cryptogram CKs is compressed halfway by the compression procedure P to generate an n × n-digit compressed mid-course secret key cryptogram CKs ″, which is used as a provisional signature text (step S03).
The n × n-digit provisional signature text CKs ″ becomes an n + n-digit compressed signature text CKs ′ when completely compressed.
Next, the provisional signature sentence CKs ″ is encrypted with the n × n digit disturbance key Kd to assemble the disturbance key provisional signature sentence C ″ Kd (step S04).
Encryption is performed by obtaining an algebraic value modulo 10 from the added value of each digit of the n × n-digit provisional signature text CKs ″ and the perturbation key Kd.
[0023]
When the disturbance key Kd is arranged in an n × n matrix, the digit of each digit is set so that the total value of the numbers in each matrix is a multiple of ten.
Therefore, when the disturbance key Kd is completely compressed by the compression procedure P, the n + n-digit compressed output is all zero.
Since the verifier verifies a part of the secret key cipher CKs ″ during the compression, the secret key cipher CKs ″ during the compression is thus encrypted with the disruption key Kd.
[0024]
Also, the number of the second digit of the total value of the numbers of each matrix of the disturbance key Kd is set to a range of 0 to 9 if n is 12 or more (n is 18 or more and 0 to F in hexadecimal). You can specify any number of secrets that only the user knows.
Since this verifier or third party cannot know this secret number, it becomes the basis for proof when fraud is performed by the verifier or third party.
[0025]
Further, the number of the second digit of the total value of each matrix of the disturbance key provisional signature sentence C ″ Kd encrypted with the disturbance key Kd can also be set in the range of 0 to 9 (0 to F in hexadecimal). Therefore, an arbitrary secret number that can be confirmed by the verifier can be designated.
This secret number can be used for authentication or the like by informing the verifier in advance.
[0026]
Next, the perturbation key provisional signature sentence C ″ Kd is encrypted with the common key Kc to assemble the common key perturbation key provisional signature sentence C ″ KdKc (step S05).
The encryption is performed by obtaining an algebraic value modulo 10 from the added value of each digit of the n × n digit perturbation key provisional signature text C ″ Kd and the common key Kc.
[0027]
Finally, the common key disruptive key provisional signature sentence C ″ KdKc is added to the common key secret sentence CKc and transmitted to the receiver R (step S06).
The recipient R first translates the received common key secret code CKc with the common key Kc using a computer resource processing unit and decrypts it into the original text M (step R01).
Next, the original text M is compressed by the compression procedure P to generate a compressed original text M ′ (step R02).
Next, the compressed original text M ′ is encrypted into the encrypted text C ′ with the public key Ks ′, and the public key compressed encrypted text C′Ks ′ is assembled (step R03).
Encryption is performed by obtaining an algebraic value modulo 10 from the added value of each digit of the compressed original text M ′ and the public key Ks ′.
[0028]
Next, the received common key disruptive key provisional signature sentence C ″ KdKc is translated with the common key Kc and decrypted into the disruption key provisional signature sentence C ″ Kd (step R04).
Next, the n × n digit disturbed key provisional signature text C ″ Kd is completely compressed by the compression procedure P to generate an n + n digit compressed signature text CKs ′ (step R05).
[0029]
At this time, as described above, when the compression key Pd is completely compressed by the compression procedure P, the n + n-digit compressed output is all 0, and is therefore erased as a result.
Further, the provisional signature sentence CKs ″ becomes an n + n-digit compressed signature sentence CKs ′ when completely compressed.
Therefore, when the perturbation key provisional signature sentence C ″ Kd is completely compressed, it becomes equivalent to the compressed signature sentence CKs ′.
Finally, if the public key compressed cipher text C′Ks ′ and the compressed signature text CKs ′ are compared and matched, the validity of the user is authenticated, and if not matched, the user is denied (step R06).
[0030]
【The invention's effect】
As described above, the digital signature method of the present invention performs compression and encryption by matrix operation and addition modulo 10, compresses the private key as a public key, and converts the original text compressed by the user into the private key. The signature text is created by encrypting the original text, and the original text compressed by the verifier is encrypted with the public key and compared with the signature text.
[0031]
Therefore, according to the present invention, even if the order of compression and encryption is changed, the calculation result of addition modulo 10 is the same, so that it is not necessary to perform complicated and heavy calculation processing such as exponentiation However, it is possible to perform unidirectional calculation by a simple method.
As a result, the authentication efficiency can be improved, and the computer resources can be reduced in size to improve the economic efficiency.
Further, the desired safety can be ensured by increasing the size of the matrix to enhance the unidirectionality.
[Brief description of the drawings]
FIG. 1 is a block diagram of a digital signature method embodying the present invention.
FIG. 2 is a flowchart of a compression procedure embodying the present invention.
[Explanation of symbols]
A Matrix A 'Compression number P Compression procedure R Recipient S Sender a Number string

Claims (7)

In a digital signature method in which a user side adds a digital signature text to a digitized document and transmits the digital document, and the received verifier verifies the validity of the document,
The processing unit of the signature user generates a secret key Ks having a length corresponding to the amount of information to be communicated, arranges it in a matrix of n rows × n columns , and obtains a total value of each matrix. Compressed into compressed private key Ks' in the procedure to make public key,
The predetermined compression procedure includes a step of sequentially inputting a numeric string of an arbitrary length into an n × n matrix and arranging it, and an algebraic value modulo 10 from the total value of each matrix arranged in the matrix, that is, When the total value is 1 digit, the number is 2 digits. When it is 2 digits or more, the remainder is divided by 10 n + n digit string as a compressed digit, and n + n compressed digits output in the previous step after you arranged in a matrix of the next n × n, arranged sequentially enter the remaining digit string, which repeats the step of outputting the same compression numbers per thereto until the end of the digit string, further use arithmetic processing unit of the finisher side, assembled private key Kurabun CKs seeking algebraic value modulo 10 for each sum value of each digit of the original sentence M secret key Ks, this with the predetermined compression procedure N × n compressed halfway And provisional signed statement to the middle of compression compression to secret key Kurabun CKs '',
The provisional signature text CKs ”is added to the original text M and transmitted.
The arithmetic processing unit on the verifier side completely compresses the received provisional signature sentence CKs ″ into the n + n-digit signature sentence CKs ′ by the predetermined compression procedure,
And compressed in the predetermined compression procedure generates compressed original M 'the received original text M by have you to the arithmetic processing unit of the user side,
Further assembled public key Kurabun C'Ks' seeking algebraic value modulo 10 for each sum of the digits of the compressed original M 'and the public key Ks',
Compared the C'Ks 'and the signature document CKs' and, if they match then authenticate the validity of the user, a digital signature method, characterized by being configured to deny If they do not match. In a digital signature method in which a user side adds a digital signature text to a digitized document and transmits the digital document, and the received verifier verifies the validity of the document,
A processing unit of the signature user generates a secret key Ks having a length corresponding to the amount of information to be communicated, and arranges this in a matrix A of n rows × n columns to obtain a total value of each matrix. Compressed into a compressed private key Ks ′ in the compression procedure to make a public key,
In the predetermined compression procedure, the numbers of the input sequence are arranged in order from the first row to the n-th row of the matrix A (n × n), and n rows are arranged, and the numbers are summed for each row and each column. N + n compressed numbers A ′ are obtained by calculating the algebraic value modulo, that is, the number when the total value is 1 digit, and the remainder when divided by 10 when the total value is 2 digits or more. , The first n of the compressed numbers A ′ (n + n) are replaced by the matrix A (n × n). 1 In the row, the remaining n are placed in the second row, and the first n of the remaining numbers in the input number sequence are placed in the third row. Repeat the step of obtaining A ′ (n + n),
Further, the calculation processing unit on the user side obtains an algebraic value modulo 10 for each added value of the original text M and the secret key Ks, and assembles the secret key cipher CKs, which is used as the predetermined compression procedure. In the middle and compressed to n × n digits of compressed secret key code CKs ”as a provisional signature sentence,
The provisional signature text CKs ”is added to the original text M and transmitted.
The arithmetic processing unit on the verifier side completely compresses the received provisional signature sentence CKs ″ into the n + n-digit signature sentence CKs ′ by the predetermined compression procedure,
The received original text M is compressed in the predetermined compression procedure in the user-side arithmetic processing unit to generate a compressed original text M ′,
Further, an algebraic value modulo 10 is obtained for each added value of the compressed original text M ′ and the public key Ks ′, and a public key secret text C′Ks ′ is assembled.
A digital signature method, wherein the C′Ks ′ and the signature text CKs ′ are compared, and if they match, the validity of the user is authenticated, and if they do not match, the digital signature method is rejected. When the arithmetic processing unit on the user side and the arithmetic processing unit on the verifier side communicate via the communication path,
The calculation processing unit on the user side or the calculation processing unit on the verifier side uses the common key Kc shared in advance by both the calculation processing unit on the user side and the calculation processing unit on the verifier side,
The calculation processing unit on the user side encrypts and transmits the original text M and the provisional signature text CKs ”with the common key Kc,
3. The digital signature method according to claim 1 or 2 , wherein the processor on the verifier side that receives this decrypts the original text M and the provisional signature text CKs "with the common key Kc. . When the arithmetic processing unit on the user side transmits the provisional signature CKs ”,
An algebraic value is obtained from the added value of each digit of this provisional signature sentence CKs "and a preset n × n digit perturbation key Kd, and encrypted into a secret text C" to assemble a perturbation key provisional signature sentence C "Kd. ,
3. The digital signature method according to claim 1, wherein the provisional signature sentence CKs ″ is transmitted by replacing the perturbation key provisional signature sentence C ″ Kd. When the perturbation key Kd and the provisional signature sentence CKs ″ have the same length and n × n digits of the perturbation key Kd are arranged in an n × n matrix, the total value of the numbers in each matrix is a multiple of 10. 5. The digital signature method according to claim 4 , wherein a numerical value of each digit of the perturbation key Kd is set as described above. When the n × n digits of the perturbation key Kd are arranged in an n × n matrix,
5. The digital signature method according to claim 4 , wherein each digit of the perturbation key Kd is set so that the second digit of the total value of each matrix is a number designated by the user. When the n × n digits of the perturbation key provisional signature text C ″ Kd are arranged in an n × n matrix, the perturbation is performed so that the second digit of the total value of each matrix becomes the number designated by the user. 5. A digital signature method according to claim 4 , wherein a number of each digit of the key Kd is set.

Images