JPS612445A - Signature document communication system - Google Patents
Signature document communication systemInfo
- Publication number
- JPS612445A JPS612445A JP59123121A JP12312184A JPS612445A JP S612445 A JPS612445 A JP S612445A JP 59123121 A JP59123121 A JP 59123121A JP 12312184 A JP12312184 A JP 12312184A JP S612445 A JPS612445 A JP S612445A
- Authority
- JP
- Japan
- Prior art keywords
- document
- signature
- information
- congruity
- exponential
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
Abstract
Description
【発明の詳細な説明】
〔産業上の利用分野〕
本発明は1文書をディジタル情報として送受信するシス
テムにおいて、文書の作成責任者を受信者及び第3者が
検証できろように、文書に署名を付加して通信する通信
方式に関する。[Detailed Description of the Invention] [Industrial Application Field] The present invention provides a system for transmitting and receiving a document as digital information, in which the document is signed so that the person responsible for creating the document can be verified by the recipient and a third party. This invention relates to a communication method that adds and communicates.
従来の署名文書通信方式としては、R8A法に代表され
る公開簿暗号を用いた方式(R,L、Rlvest、
el=、aL : ”A Method
for ObしainiBDigital Sign
atures and Publjc −Key Cr
ypjosysヒems” Communicati
ons on ACM 、 vol、2 。Conventional signature document communication methods include methods using open-book encryption represented by the R8A method (R, L, Rlvest,
el=, aL: ”A Method
for ObshiainiBDigital Sign
atures and Publjc -Key Cr
Communicati
ons on ACM, vol. 2.
No、 2 、 Tl p 、 120−126
、 1978 )が最も有望な方式であるとされている
。し、かじ、この方式では署名作成者対応に公開情報を
公開簿に登録する必要があり、多数の署名作成者(送信
者)がシステムに存在する場合、公開簿の維持、管理に
多大なコストを要するという欠点がある。さらに、文書
通信システム内のどの装置ででもローカルに全ての署名
文書の検証が行えるような分散処理システムでは、各装
置で全送信者の公開情報を維持管理する必要があり、従
来の方式をこのような分散処理システムに適用すること
は困難である。No. 2, Tl p, 120-126
, 1978) is said to be the most promising method. However, with this method, it is necessary to register public information in a public register for signature creators, and if there are many signature creators (senders) in the system, maintaining and managing the public register requires a significant cost. The disadvantage is that it requires Furthermore, in a distributed processing system where all devices within the document communication system can locally verify all signed documents, it is necessary for each device to maintain and manage the public information of all senders. It is difficult to apply it to such distributed processing systems.
本発明の目的は全署名作成者に対して唯一に共通な公開
情報を用いて署名文書の検証を可能となる署名文書通信
方式を提供することにある。SUMMARY OF THE INVENTION An object of the present invention is to provide a signed document communication system that enables verification of a signed document using public information that is uniquely common to all signature creators.
本発明では、前出のR8A公開簿暗分法及び指数合同関
数演算を利用する。In the present invention, the above-mentioned R8A open book cryptographic division method and exponential congruence function calculation are used.
最初、第2図により署名作成/検証を行う前に設定すべ
き情報について説明する。まず、システムに唯一存在す
るシステム管理ユニット・3(例えば特別に保護された
プログラムで動作する装置)は、次の関係によりP+
q+ n+ e+ d+ A+(!=1+2+・・・)
を秘密に生成する。以下、特に断らない限り、各変数は
すべて正の整数とする。First, information to be set before signature creation/verification will be explained with reference to FIG. First, the system management unit 3 (for example, a device that operates with a specially protected program), which is the only one in the system, has P+ due to the following relationship.
q+ n+ e+ d+ A+ (!=1+2+...)
secretly generated. In the following, all variables are assumed to be positive integers unless otherwise specified.
rン、q:素数 (1)。−p
−q (2)e−d =
’ 1 (modL) (3)た
だし2.L=LCM ((p−1)、((1−1))(
LCM Cx、y:lは、X+’Vの最小公倍数)l
≦C≦L−1,1≦d 5L−1
AHE I Dl” (modn)
(4):、:で、ID、は署名作成者iの識別番号であ
る。rn, q: Prime number (1). -p
-q (2) e-d =
' 1 (modL) (3) However, 2. L=LCM ((p-1), ((1-1))(
LCM Cx,y:l is the least common multiple of X+'V)l
≦C≦L-1, 1≦d 5L-1 AHE I Dl” (modn)
(4):,: where ID is the identification number of signature creator i.
以上において、e、dはR8A公開簿暗分法の公開簿、
秘密鍵に対応する。また、p’qの生成アルゴリズム、
式(3)、 (4)の演算アルゴリズムについては、前
出のRivesj等の論文、並びにり、E。In the above, e and d are public registers of the R8A public register cryptography method,
Corresponds to a private key. In addition, the generation algorithm of p'q,
Regarding the calculation algorithms for equations (3) and (4), see the above-mentioned paper by Rivesj et al., E.
Kr+uth氏の著書” T he A rt of
Computer P rgra+ut++1nfX、
vol、 2”(Addison−Weslcy、
1969 )に述べられている。Kr+uth's book “The Art of
Computer P rgra+ut++1nfX,
vol. 2” (Addison-Weslcy,
1969).
上記各情報を生成したシステム管理ユニット3け、(p
、q、d)を秘密に保持すると共に、A、を各署名作成
者l、2.・・・へ送り、(e、n)を公開情報として
受信側(署名検証者)5の公開筒51に登録する。:こ
で、公開筒の情報は受信側以外のユニツトが保持し7て
おいても良い。The three system management units that generated each of the above information (p
, q, d) and keep A, secret for each signature creator, l, 2. ... and registers (e, n) as public information in the public tube 51 of the receiving side (signature verifier) 5. : Here, the information on the public tube may be held by a unit other than the receiving side.
次に第1図に従って0本発明による署名作成/検証を説
明する5まず、送信側4 (署名作成者lに対応)は、
署名する文書mを2進数で表現された整数と考え1次の
式を満足するようにmをm 、1(J −’ 1 +
2+・・・)に分割する。Next, signature creation/verification according to the present invention will be explained according to FIG. 1.5 First, the sender 4 (corresponding to the signature creator l)
Consider the document m to be signed as an integer expressed in binary, and set m to m, 1(J −' 1 +
2+...).
0≦m、≦n −1(5) 以降、この分割されたm、を筐単にmと記す。0≦m,≦n −1 (5) Hereinafter, this divided m will be simply referred to as m.
次に、送信側4は乱数発生器42より乱数q(l≦+1
≦n−1)を生成し、メモリ40.41に保持されたr
rt、ID+ 、A+ 、n及び乱数発生器40のqに
より、指数合同演算器43,114゜合同乗算器45、
及び指数合同演算器46を用いて1次の関係を持つfF
jS、Tを生成し、m、ID1と1tLこ受信側に送る
。Next, the sending side 4 generates a random number q(l≦+1
≦n-1) and stored in memory 40.41
rt, ID+, A+, n and q of the random number generator 40, the exponential congruence operator 43, 114° congruence multiplier 45,
and fF having a linear relationship using the exponential congruence calculator 46
It generates jS and T, and sends m, ID1 and 1tL to the receiving side.
S = A 、 ・A 、、”” (mod n )
(6)T=I D 、’ (mod
n) (7)受信側5では、公開筒
(メモリ)51に保持しておいた公開情報c、n及び送
信側4からの受信情報m、S、丁’、ID、より、指数
合同演算器52と合同乗算器53でTD、・T−5指数
合同演算器54でS を生成し、比較器55を用いて。S = A, ・A,,”” (mod n)
(6) T=I D ,' (mod
n) (7) On the receiving side 5, from the public information c, n held in the public cylinder (memory) 51 and the received information m, S, D', ID from the transmitting side 4, an exponent congruence calculator is used. 52 and a congruence multiplier 53 to generate TD, a T-5 exponent congruence calculator 54 to generate S, and a comparator 55 to generate TD.
S =ID、 ・T (+nodn)
(8)の関係が成立するかどうかを検証する。この関係
が成立す訂ば1mを作成したものは識別番−18ID1
を持つ者lであることを認証する。S = ID, ・T (+nodn)
Verify whether the relationship (8) holds. If this relationship holds true, the one that created 1m has the identification number -18ID1
Authenticate that you are the person with the .
なお、上記した式(4L (7)、 (8)において、
ID1のかわりにh(ID、)を用いてもよい。ここで
hは任意の一方向性関数であり、h、(x)よりXを求
めることが困難な関数である。一方向性関数の具体例に
ついては、 W、 Diffie等の論文”A Na
w Dircction in Crypt、o
Hraphy” (I EEE Trans、
Inform、 Theory、 I T −22+
6.644〜654頁、1976)に述べられている。In addition, in the above equations (4L (7), (8),
h(ID, ) may be used instead of ID1. Here, h is an arbitrary one-way function, and is a function in which it is difficult to obtain X from h and (x). For a concrete example of a one-way function, see the paper by W, Diffie et al.
w Direction in Crypt, o
Hraphy” (I EEE Trans,
Inform, Theory, IT-22+
6.644-654, 1976).
また、以上述へた手順において1式(4)、 (6)。Also, in the procedure described above, equations (4) and (6).
(7)、 (8)の代わりに次の式(9)、 (10)
、 (11)としても良い。Instead of (7) and (8), use the following equations (9) and (10)
, (11) may also be used.
A、ミd −I D、 (modL)
(9)S E m” (mod n )
(10)Se=m”’ (modn)
(11):の場合、送信側(署名作成者)
は乱数9を発生する必要はなく、Tを生成、転送する必
要もない。なお、この場合、A、は、署名作成者が読み
取れないようなカード等の記録媒体に記録される必要が
ある。A, mid-ID, (modL)
(9) S E m” (mod n)
(10) Se=m''' (modn)
(11): In the case of:, the sender (signature creator)
There is no need to generate the random number 9, and there is no need to generate or transfer T. In this case, A needs to be recorded on a recording medium such as a card that cannot be read by the signature creator.
ニオしまで説明した方式では、文書mに対して同じ大き
さの情報S、T(もしくはS)を付加するため、署名文
書の情報長が元の文書の情報長の3倍(もし、くけ2倍
)になってし、まう。そこで、署名文書の情報量を短く
する必要があるが、岡本等の特願昭59−52696号
″署名文書通信方弐″′9〜10頁で述べられている方
式を利用すれば良い。In the method explained up to this point, information S and T (or S) of the same size are added to document m, so if the information length of the signed document is three times the information length of the original document (if It becomes double) and then it goes on. Therefore, it is necessary to shorten the amount of information in the signed document, and the method described in Japanese Patent Application No. 59-52696 "Signed Document Communication Method 2" by Okamoto et al., pages 9-10, may be used.
前出のRivcst等の論文により、 R8A暗号法
においては、p、rrを十分に大きくしておけば。According to the above-mentioned paper by Rivcst et al., in the R8A cryptography, if p and rr are made sufficiently large.
rl+eより、、 Qv t、+ dを求めることが事
実上不可能である二とが示されている。同様に、本発明
において、公開情報、転送情報より秘密情報p。From rl+e, it is shown that it is virtually impossible to obtain Qv t, +d. Similarly, in the present invention, the secret information p is more important than the public information and the transfer information.
tl 、 L、 d 、 At を生成すること、及び
署名検証用の式(8)もしくは(11)を満足する値(
m、S、T。To generate tl, L, d, At, and a value that satisfies equation (8) or (11) for signature verification (
m, S, T.
TDI もしくけ(m、S + I D + )を生
成する:とは事実上不可能である。なお、安全性を保証
するためには、前出のRivcSt等の論文により、T
I、Qの桁数が10t100桁以上であれば十分とされ
ている。It is virtually impossible to generate a TDI combination (m, S + I D + ). In addition, in order to guarantee safety, T
It is considered sufficient if the number of digits of I and Q is 10t100 digits or more.
以上説明したように1本発明によれば、多数の署名作成
者の署名文書を検証する署名検証ユニットは唯一の公開
情報(e、n)を保持するだけで良い、従って、本発明
は多数の署名作成者を有する大規模文書通信システムに
有効である。また、文言通信システム内のどの装置でも
ローカルに全ての署名文書の検証を行えるような分散処
理システムにも有効である。As explained above, according to the present invention, the signature verification unit that verifies the signed documents of a large number of signature creators only needs to hold only one public information (e, n). This is effective for large-scale document communication systems that have signature creators. It is also effective in a distributed processing system in which any device within the text communication system can locally verify all signed documents.
【図面の簡単な説明】
第1図は本発明による署名作成/検証を説明する図、第
2図は本発明で設定すべき情報を説明する図である。
3・・システム管理ユニツ1〜、 4・・・送信側。
5・・・受信側、 42・・・乱数発生器、43.4
4./1G、52.54・・・指数合同演算器、45.
53・・・合同乗算器、 51・・・公開簿、55・
・・比較器。BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a diagram for explaining signature creation/verification according to the present invention, and FIG. 2 is a diagram for explaining information to be set according to the present invention. 3...System management units 1~, 4...Sending side. 5... Receiving side, 42... Random number generator, 43.4
4. /1G, 52.54... exponential congruence operator, 45.
53...Congruent multiplier, 51...Public list, 55.
...Comparator.
Claims (1)
において、システムに唯一存在するシステム管理ユニッ
トが自分のみが秘密に保持する情報と各署名作成者の識
別番号を用いて、各署名作成者の署名用秘密情報を秘密
に生成し、各署名作成者に配布すると共に、各署名の検
証を行う際、共通に用いられる公開情報を生成し、公開
簿に登録しておき、文書の送信時、送信側は送信する文
書に対して、前記秘密情報と該文書から指数合同関数演
算を基本として、該文書に付加する署名を作成して該文
書と共に送信し、受信側は受信した文書と署名に対し、
前記公開簿に登録されている情報を用いて受信した文書
の作成責任者の検証を行うことを特徴とする署名文書通
信方式。(1) In a system that transmits and receives documents as digital information, the system management unit, which is the only system in the system, uses information that only it holds secretly and the identification number of each signature creator to determine the signature secret of each signature creator. In addition to secretly generating information and distributing it to each signature creator, public information that is commonly used when verifying each signature is generated and registered in a public register, and when sending a document, the sender can For a document to be sent, a signature is created to be added to the document based on the secret information and the document using an exponential congruence function calculation, and the signature is sent together with the document.
A signed document communication method characterized in that a person in charge of creating a received document is verified using information registered in the public list.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP59123121A JPS612445A (en) | 1984-06-15 | 1984-06-15 | Signature document communication system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP59123121A JPS612445A (en) | 1984-06-15 | 1984-06-15 | Signature document communication system |
Publications (2)
Publication Number | Publication Date |
---|---|
JPS612445A true JPS612445A (en) | 1986-01-08 |
JPH0237147B2 JPH0237147B2 (en) | 1990-08-22 |
Family
ID=14852701
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP59123121A Granted JPS612445A (en) | 1984-06-15 | 1984-06-15 | Signature document communication system |
Country Status (1)
Country | Link |
---|---|
JP (1) | JPS612445A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS6354038A (en) * | 1986-08-22 | 1988-03-08 | Nec Corp | Key distributing device |
US5016274A (en) * | 1988-11-08 | 1991-05-14 | Silvio Micali | On-line/off-line digital signing |
US5341162A (en) * | 1992-08-24 | 1994-08-23 | Xerox Corporation | Liquid deagassing apparatus |
-
1984
- 1984-06-15 JP JP59123121A patent/JPS612445A/en active Granted
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS6354038A (en) * | 1986-08-22 | 1988-03-08 | Nec Corp | Key distributing device |
JPH0456502B2 (en) * | 1986-08-22 | 1992-09-08 | Nippon Electric Co | |
US5016274A (en) * | 1988-11-08 | 1991-05-14 | Silvio Micali | On-line/off-line digital signing |
US5341162A (en) * | 1992-08-24 | 1994-08-23 | Xerox Corporation | Liquid deagassing apparatus |
Also Published As
Publication number | Publication date |
---|---|
JPH0237147B2 (en) | 1990-08-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10326753B2 (en) | Authentication via revocable signatures | |
Rivest et al. | A method for obtaining digital signatures and public-key cryptosystems | |
US7093133B2 (en) | Group signature generation system using multiple primes | |
Caelli et al. | PKI, elliptic curve cryptography, and digital signatures | |
US6385318B1 (en) | Encrypting method, deciphering method and certifying method | |
JP3281881B2 (en) | A way to reliably stamp timestamps on numeric documents. | |
US20060098824A1 (en) | Method and apparatus for providing short-term private keys in public key-cryptographic systems | |
US11838426B2 (en) | Computer implemented method and system for obtaining digitally signed data | |
US11349668B2 (en) | Encryption device and decryption device | |
CN109905229B (en) | Anti-quantum computing Elgamal encryption and decryption method and system based on group asymmetric key pool | |
JP4250429B2 (en) | Chained signature creation device and control method thereof | |
TW202318833A (en) | Threshold signature scheme | |
US7382877B2 (en) | RSA cryptographic method and system | |
KR100699836B1 (en) | Apparatus and method to counter Different Faults AnalysisDFA in scalar multiplication | |
Krawczyk et al. | Chameleon hashing and signatures | |
GB2313272A (en) | Digital signature protocol with reduced bandwidth | |
Mitchell et al. | CCITT/ISO standards for secure message handling | |
JP3513324B2 (en) | Digital signature processing method | |
CN109905236B (en) | Anti-quantum computing Elgamal encryption and decryption method and system based on private key pool | |
JPS612445A (en) | Signature document communication system | |
KR100397601B1 (en) | Method for message added digital signature and verifying method thereof | |
CN113704831B (en) | Digital signature multiparty generation method and system without simultaneous online of participants | |
Singh et al. | Cryptanalysis of blind signature schemes | |
US20230198778A1 (en) | Method for deriving a partial signature with partial verification | |
US7801302B2 (en) | Cryptographic method and apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EXPY | Cancellation because of completion of term |