JPS6177440A - Signature document communication system - Google Patents

Signature document communication system

Info

Publication number
JPS6177440A
JPS6177440A JP59199179A JP19917984A JPS6177440A JP S6177440 A JPS6177440 A JP S6177440A JP 59199179 A JP59199179 A JP 59199179A JP 19917984 A JP19917984 A JP 19917984A JP S6177440 A JPS6177440 A JP S6177440A
Authority
JP
Japan
Prior art keywords
signer
key
document
information
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
JP59199179A
Other languages
Japanese (ja)
Other versions
JPH0620199B2 (en
Inventor
Tatsuaki Okamoto
龍明 岡本
Akira Shiraishi
旭 白石
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nippon Telegraph and Telephone Corp
Original Assignee
Nippon Telegraph and Telephone Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp filed Critical Nippon Telegraph and Telephone Corp
Priority to JP59199179A priority Critical patent/JPH0620199B2/en
Publication of JPS6177440A publication Critical patent/JPS6177440A/en
Publication of JPH0620199B2 publication Critical patent/JPH0620199B2/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/30Compression, e.g. Merkle-Damgard construction

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)

Abstract

PURPOSE:To obtain the length of signature as a signer even when plural signers exist by allowing each signer to generate a secret key and an open key, allowing a document writer to use a prescribed function so as to convert the open key and to use the secret key to decode it and transmitting the result to the next signer. CONSTITUTION:Each signer i(i=1-l) decides the open key (ei,ni) and the secret key di of the RSA method decided in the system and registers the ei, ni to an open note book. The 1st signer forming the document M1 uses a data compression operating device 2, an RSA decoding operating device 3 and a decoding key d1, n1, converts the M1 with a prescribed function to form information M1, S1 to satisfy a prescribed relation and gives the result to the next signer. The i-th signer uses the decoding key di, ni of the operating device 3 to introduce information Si, Mi satisfying the prescribed relation and gives the result to the (i+1)th signer. In the verification of the signature, a data compressing operating device 2, an RSA ciphering device, the ciphering key ei, ni and a comparator 5 are used to verify whether or not a pre scribed relation is established to the information Mi, Si obtained by using the RAS ciphering operating device and the ciphering key ei, ni with the verification preprocessing and when the relation is established, it is regarded that a correct signa ture is given by a signer (i).

Description

【発明の詳細な説明】 〔産業上の利用分野〕 本発明は、文書をディジタル情報とり、て送受信するシ
ステムにおいて1文書の作成責任者及び複数の査閲、承
認者を受信者及び第三者が検証できるように1文書に署
名を付加した通信する通信方式に関する。Detailed Description of the Invention [Industrial Field of Application] The present invention provides a system for transmitting and receiving documents as digital information, in which a person in charge of creating one document and multiple reviewers and approvers are connected to a recipient and a third party. The present invention relates to a communication method in which a signature is added to a document so that it can be verified.

〔従来技術〕[Prior art]

従来の署・名文書通信方式としては、R8A法に代表さ
れる公開鍵暗号を用いた方式(R,L、R1ves’c
、  et、、  aL   :  ”A  Mejh
od  for  (つbヒaininHD igi仁
al  S igna仁ures  and   Pu
blic −Key  CrypF+osysヒems
”  Communications  on  A 
 CM  、  vol、、  2  。Conventional signature/signature document communication methods include methods using public key cryptography represented by the R8A method (R, L, R1ves'c
, et,, aL: ”A Mejh
od for
blic-Key CrypF+osys ems
”Communications on A
CM, vol., 2.

No2+pp、120−126.1978)が最も有望
な方式であるとされている。し7かし、この方式を用い
て、一つの文書にネV数の者が多重に署名を行うこと、
署名文番長が増加するという欠点がある。これに対し、
署名文書長の増加がほとんどない方式が提案されている
が、(板金、中村:多重署名に適した公開鍵暗号系、情
報処理学会論文誌。No. 2+pp, 120-126.1978) is said to be the most promising method. However, using this method, it is possible for a number of people to sign multiple signatures on one document.
This has the disadvantage that the signature number length increases. On the other hand,
A method has been proposed that causes almost no increase in the length of the signature document, but it is possible to do so without increasing the length of the signature document.

vol、24.Na4.pp474 480.1983
)。vol, 24. Na4. pp474 480.1983
).

この方式は1文書に冗長性が必要であること、シンタッ
クス検証が難しいこと、及び署名順序が事前に固定的に
定められていること等の欠点がある。This method has drawbacks such as the need for redundancy in one document, difficulty in syntax verification, and fixed signature order.

〔発明の目的〕[Purpose of the invention]

本発明の目的は、貼−の文書に対して複数の署名者の署
名を行う場合、単一の署名を行う場合とほぼ同等の署名
文番長となり、かつ、文書に冗長性が必要なく、シンタ
ックス検証が容易で署名順序が自由であるような署名文
書通信方式を提供することにある。An object of the present invention is to achieve a signature number length that is almost the same as when a single signature is applied when multiple signers sign a pasted document, and to eliminate the need for redundancy in the document. The purpose of the present invention is to provide a signed document communication system that allows easy tax verification and free signature order.

〔発明の構成および作用〕[Structure and operation of the invention]

本発明は公開鍵暗号方式を利用するが、以下、実施例で
は、R3A暗号法(前出のRivest氏らの文献)を
用いた場合について示す。Although the present invention utilizes a public key cryptosystem, in the following embodiments, a case will be described in which R3A cryptography (the above-mentioned document by Rivest et al.) is used.

まず、各署名者t(i=1,2.・・・、T)は。First, each signer t (i=1, 2..., T) is.

R3A法の公開鍵(e、、n、)と秘密鍵d1を定め、
(el、n、)を公開鍵に登録する。ここで、In、l
をn、を2進数で表現した場合の桁数(ビット)と考え
る。Define the public key (e, , n,) and private key d1 of the R3A method,
Register (el, n,) as a public key. Here, In, l
Let n be the number of digits (bits) when expressed in binary.

次に、第1図、第2図に従って署名作成手順を説明する
。第1図は本発明において1番目の署名者の署名作成手
順を示す図、第2図はiff目の署名者の署名作成手順
を示す図である。Next, the signature creation procedure will be explained according to FIGS. 1 and 2. FIG. 1 is a diagram showing the signature creation procedure of the first signer in the present invention, and FIG. 2 is a diagram showing the signature creation procedure of the if-th signer.

まず1文書(M)1を作成した者は、第1図で示すよう
に、データ圧縮演算器2、R8A復号演算器3.復号鍵
d、、n、を用いて1次の関係を満足する情報S、、M
、を導き、2番目の署名者へ(M、、S、)を渡す。First, the person who created one document (M) 1, as shown in FIG. Information S, , M that satisfies the linear relationship using decryption keys d, , n
, and passes (M,,S,) to the second signer.

S 、 =m” (modn 、 )        
 (1)m=h  (M)             
(2)M、=M               (3)
ここで、hはデータ圧縮関数であり、次のような実施例
がある。まず、デーイジタル情報Mを(In、  1−
1)ビット毎に分割し、M、、M、。S, = m” (modn, )
(1) m=h (M)
(2) M, = M (3)
Here, h is a data compression function, and the following examples are available. First, digital information M is (In, 1-
1) Divide into bits,M,,M,.

・・・+Mjとする。それらに対し1次の手順でm=h
 (M)を得る。...+Mj. For them, m=h in the first-order procedure
Obtain (M).

C,、=O CI= (MJ I’F;)C,+−+ ) ”  (
modn + )(j=1.2.・・・、J) m=Cエ               (4)次に、
i番目の署名者は、第2図で示すように(aN n、I
>I n、−、lと(bNn、l≦In、−11の場合
に分けて、R5A復号演算器3、復号mdt 、n+ 
を用いて1次の関係を満足する情報S、、M、を導き、
(i+1)番目の署名者へ送る。ただし、i=Iの場合
は、S□1M工を署名検証者へ送る。C,,=O CI= (MJ I'F;)C,+-+ ) ” (
modn + ) (j=1.2..., J) m=Ce (4) Next,
The i-th signer is (aN n, I
R5A decoding calculator 3, decoding mdt, n+
derive information S,,M, that satisfies the first-order relationship using
Send to the (i+1)th signer. However, if i=I, S□1M is sent to the signature verifier.

(a)In、l>In、−,1の場合 S+ H(S+−+ )”  (modrz )   
  (5)M、 =l14.−.          
   (6)(b)In、l≦In++lの場合 シ、゛ S、  =  ([S+−+  コHer(−1)  
  (mad n  +  )(7)1帽1−1 M、   =  [MJ−、、[S+−+  ]   
    コ     (8)二二で[A]r3は、Aの
バイナリ表現の下位Bビットを意味する。つまり、+ 
 [:A]B l=B。(a) When In, l>In, -, 1, S+ H(S+-+)" (modrz)
(5) M, =l14. −.
(6) (b) If In, l≦In++l, ゛S, = ([S+-+ Her(-1)
(mad n + ) (7) 1 cap 1-1 M, = [MJ-,, [S+-+]
(8) In 22, [A]r3 means the lower B bits of the binary representation of A. In other words, +
[:A]B l=B.

また+  [AlI3は、Aのバイナリ表現の上位(l
 A I −B) ビットする。つまり、1 [Aコ 
1=lAI−B、  l  [A]、+l  [Aコ 
 1=lAIまた、[A、C1は、A、Cのバイナリ表
現に対し、Aを上位にしCを下位にして結合したもので
ある6 次に第3図、第4図に従って署名検証手順を説明する。Moreover, + [AlI3 is the upper binary representation of A (l
A I - B) Bit. In other words, 1 [A
1=lAI-B, l [A], +l [A co
1=lAIAlso, [A and C1 are the binary representations of A and C combined with A at the top and C at the bottom.6 Next, the signature verification procedure will be explained according to Figures 3 and 4. do.

第3図は署名検証事前処理を示す図であり、第4図は署
名検証処理を示す図である。FIG. 3 is a diagram showing signature verification pre-processing, and FIG. 4 is a diagram showing signature verification processing.

まず、第3図に示すように、i=I、I−1゜・・・、
2に対し、R8A暗号演算器4.暗号鍵8+In、を用
いて1次の検証事前処理を行う。e++0、は公開鍵よ
り得る。First, as shown in Fig. 3, i=I, I-1°...,
2, R8A cryptographic calculator 4. The first verification preprocessing is performed using the encryption key 8+In. e++0 is obtained from the public key.

(a)l n(−、l <I n+  1の場合S=、
= [S、   (modmn、)]   (9)1札
i−+1 M、 −、=M 、 Iへ□−+ 1−1x+ 1 □
 ’       (10)ここで、S□=S□1ML
=M工 (bNn+−11≧1n、1の場合 M、−,=  口X「。 コ1Ki−11−1’K11
l       (12)次に、第4図に示すように、
検証事前処理で求めた(M、、S、)に対し、データ圧
縮演算器2゜R3A暗号器、暗号@ e + + n 
I−比較器5を用いて1次の関係が成立するかどうかを
検証し、成立すれば、署名文書(M、、S工)は、1人
の署名者i  (i=1.・・・、I)により正しく署
名されたものとみなす。(a) l n(-, S= if l < I n+ 1,
= [S, (modmn,)] (9) 1 note i-+1 M, -, =M, to I □-+ 1-1x+ 1 □
' (10) Here, S□=S□1ML
= M engineering (bNn+-11≧1n, if 1, M, -, = mouth
l (12) Next, as shown in Figure 4,
For (M,,S,) obtained in the verification preprocessing, data compression calculator 2゜R3A encoder, cipher @ e + + n
The I-comparator 5 is used to verify whether a linear relationship holds true, and if it holds true, the signed document (M, S) is signed by one signer i (i=1... , I).

−艦、′ S、  =h (M、 )   (modn、 )  
 (13)以上の実施例において、n+  (i=1.
2.・・・。−Ship, ′S, =h (M, ) (modn, )
(13) In the above embodiments, n+ (i=1.
2. ....

■)の大きさは、安全性等の観点より660ビット程度
にすることが前出のRivestらの論文により准めら
れている6ところで、署名文書(M  。The size of the signature document (M.

S )の大きさをできるだけ小さくするためには5n1
 をできるだけ同じ大きさにすることが望まれる5そこ
で、Int  +”660とする。(i=1゜2、・・
■)。n、をこのように定めてもn、が十分多く存在す
る。二とが前出の抜食らの論文に示されているため、安
全上問題はない。In order to make the size of S) as small as possible, 5n1
It is desirable to make them the same size as possible5. Therefore, Int + "660. (i = 1゜2, . . .
■). Even if n is defined in this way, there will still be a sufficiently large number of n. There is no safety problem because the second and second methods are shown in the paper by Nushoku et al. mentioned above.

このとき1次の関係が成立する。At this time, a linear relationship is established.

+  [M工、S、]≦1Ml+660+Iつまり、1
人の署名を行っても、1人の署名に比べてIバット上増
えることない5 〔発明の効果〕 以上説明したように、本発明によれば、甲、−の文書に
対し複数の署名者の署名を行う場合、Qt−の署名を行
う場合とほぼ同等である。また、署名検証においてシン
タックス検証が可能であり9文書に冗長性を必要し7な
い。さらに、署名順序が事。+ [M, S,]≦1Ml+660+I, that is, 1
Even if a person signs a document, the number of signers will not increase compared to a single person's signature.5 [Effect of the Invention] As explained above, according to the present invention, multiple signers can sign a document from A and -. When performing the signature of Qt-, it is almost equivalent to the case of performing the signature of Qt-. Furthermore, syntax verification is possible in signature verification, and there is no need for redundancy in documents. Additionally, the signing order matters.

前に生成、登録した情報(nl 、 e、、d+ )に
依存しない。従って1本発明は、オフ、イス等において
1文書転送、蓄積が電子化され、一つの文書に対して承
認署名、査閲署名等が必要となる場合に有効である。It does not depend on previously generated and registered information (nl, e, d+). Therefore, the present invention is effective when one document is transferred and stored electronically while off-duty, at a chair, etc., and an approval signature, review signature, etc. are required for one document.

【図面の簡単な説明】[Brief explanation of drawings]

第1図は本発明において1番目の署名者の署名作成手順
を示す図、第2図はi呑口の署名者の署名作成手順を示
す図、第3図は署名検証事前処理を示す図、第4図は署
名検証処理を示す図である。 ■・・・文書M、  2・・・データ圧縮演算器。 3・・・R3A復号器、 4・・・R8A暗号器、5・
・・比較器。FIG. 1 is a diagram showing the signature creation procedure of the first signer in the present invention, FIG. 2 is a diagram showing the signature creation procedure of the i-mouth signer, FIG. FIG. 4 is a diagram showing signature verification processing. ■...Document M, 2...Data compression calculator. 3...R3A decoder, 4...R8A encoder, 5...
...Comparator.

Claims (1)

【特許請求の範囲】[Claims] (1)文書をディジタル情報として送受信し、一つの文
書に対し複数の者が署名を行うシステムにおいて、シス
テムで定められた秘密鍵と公開鍵を各署名者が予めそれ
ぞれ作成して、そのうちの公開鍵を公開鍵に登録してお
き、文書作成者は文書を予め定めた関数により変換し、
それを秘密鍵を用いて復号した情報を文書に付加して次
の署名者へ送り、次の署名者は文書に付加された署名情
報の全体もしくはその一部を秘密鍵を用いて復号し、復
号した情報を復号する前の情報に置き換えたものを署名
文書として次の署名者へ送り、以後上記処理を最終署名
者まで繰り返し、最終的に作成された署名文書を検証す
る側は、まず文書に付加された署名情報の全体もしくは
一部を最後の署名者の公開鍵で暗号化し、その情報を暗
号化する前の情報に置き換えた署名文書の署名情報の全
体もしくは一部をさらに次の署名者の公開鍵で暗号化し
、同様の処理を繰り返し、最後に2番目の署名者の公開
鍵で暗号化した情報で置き換えた署名文書の署名情報の
全体もしくは一部を最初の署名者の公開鍵で暗号化した
情報が文書を前記関数で変換した情報と一致するかどう
か検証することを特徴とする署名文書通信方式。(1) In a system in which documents are sent and received as digital information and multiple people sign one document, each signer creates a private key and a public key determined by the system in advance, and one of them is made public. The key is registered as a public key, and the document creator converts the document using a predetermined function.
The information decrypted using the private key is added to the document and sent to the next signer, and the next signer decrypts all or part of the signature information added to the document using the private key, The decrypted information is replaced with the information before decryption and sent to the next signer as a signed document, and the above process is then repeated up to the final signer. Encrypt all or part of the signature information added to the last signer using the public key of the last signer, and replace the information with the information before encrypting.The whole or part of the signature information of the signed document is then added to the next signature. The same process is repeated, and finally all or part of the signature information of the signed document is replaced with information encrypted with the public key of the second signer, using the public key of the first signer. A signed document communication method characterized by verifying whether the information encrypted by the function matches the information obtained by converting the document by the function.
JP59199179A 1984-09-22 1984-09-22 Signature document communication method Expired - Lifetime JPH0620199B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP59199179A JPH0620199B2 (en) 1984-09-22 1984-09-22 Signature document communication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP59199179A JPH0620199B2 (en) 1984-09-22 1984-09-22 Signature document communication method

Publications (2)

Publication Number Publication Date
JPS6177440A true JPS6177440A (en) 1986-04-21
JPH0620199B2 JPH0620199B2 (en) 1994-03-16

Family

ID=16403459

Family Applications (1)

Application Number Title Priority Date Filing Date
JP59199179A Expired - Lifetime JPH0620199B2 (en) 1984-09-22 1984-09-22 Signature document communication method

Country Status (1)

Country Link
JP (1) JPH0620199B2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006057171A1 (en) * 2004-11-29 2006-06-01 Nec Corporation Signature and verifying method, and signature and verifying device
US8095792B2 (en) 2004-02-13 2012-01-10 Certicom Corp. One way authentication

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8095792B2 (en) 2004-02-13 2012-01-10 Certicom Corp. One way authentication
US8359469B2 (en) 2004-02-13 2013-01-22 Certicom Corp. One way authentication
US8938617B2 (en) 2004-02-13 2015-01-20 Certicom Corp. One way authentication
WO2006057171A1 (en) * 2004-11-29 2006-06-01 Nec Corporation Signature and verifying method, and signature and verifying device
JP4848957B2 (en) * 2004-11-29 2011-12-28 日本電気株式会社 Signature and verification method and signature and verification apparatus

Also Published As

Publication number Publication date
JPH0620199B2 (en) 1994-03-16

Similar Documents

Publication Publication Date Title
US10122710B2 (en) Binding a data transaction to a person&#39;s identity using biometrics
JP2762909B2 (en) Electronic signature device
CN109743171B (en) Key series method for solving multi-party digital signature, timestamp and encryption
JP2776491B2 (en) Tag determination method and device
US7730319B2 (en) Provisional signature schemes
CN108667626A (en) The two sides cooperation SM2 endorsement methods of safety
US9166957B2 (en) Digital file authentication using biometrics
CN110933045A (en) Block chain digital asset privacy protection method based on commitment
CN101136046B (en) Electric signing verification system and method thereof
US20050081039A1 (en) Method for creating and verifying simple object access protocol message in web service security using signature encryption
US9438589B2 (en) Binding a digital file to a person&#39;s identity using biometrics
CN110380846A (en) A kind of electronic health record patient endorsement method and system
CN112035894A (en) Electronic evidence trusteeship system
CN110417555A (en) A kind of safe encryption method and system of personal electric signature
CN114448641A (en) Privacy encryption method, electronic equipment, storage medium and chip
WO2000013368A1 (en) Method of authenticating or &#39;digitally signing&#39; digital data objects
US20050240762A1 (en) Cryptographic method and apparatus
CN113837756A (en) Electronic invoice verification method and system
JP2000250408A (en) File authentication system, system and method for signature, system and method for authentication, and recording medium
CN116346336B (en) Key distribution method based on multi-layer key generation center and related system
US6931126B1 (en) Non malleable encryption method and apparatus using key-encryption keys and digital signature
Chauhan et al. Digital signature with message security process
JPS6177440A (en) Signature document communication system
TWI704794B (en) System and implement method for signing and verifying contract in a block chain network
CN1567288A (en) Method for multiple encryption of file and simultaneous sealing/unsealing

Legal Events

Date Code Title Description
EXPY Cancellation because of completion of term