WO2008133521A1 - Procede de signature et de cryptage de donnees numeriques - Google Patents
Procede de signature et de cryptage de donnees numeriques Download PDFInfo
- Publication number
- WO2008133521A1 WO2008133521A1 PCT/NO2007/000149 NO2007000149W WO2008133521A1 WO 2008133521 A1 WO2008133521 A1 WO 2008133521A1 NO 2007000149 W NO2007000149 W NO 2007000149W WO 2008133521 A1 WO2008133521 A1 WO 2008133521A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- message
- combined
- ciphertext
- block
- hash value
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Definitions
- Present invention relates to a method for digital signing and/or encryption of documents primarily for digital signing and/or encryption of small electronic documents such as for smart card systems, television broadcast systems, Short Message Service (SMS), Multimedia Message Service (MMS), etc.
- SMS Short Message Service
- MMS Multimedia Message Service
- the objective of present invention is to overcome the problems with the prior art by combining the signature and message when signing.
- PKI Public Key Infrastructure
- the session key and the message are combined. This is achieved with the methods according to present invention as they are defined by the features of the claims.
- figure 1 shows a typical communication link between two points
- figure 2 shows how the signing process works
- figure 3 shows how the signature verification is carried out
- figure 4 shows how the encryption process works
- figure 5 shows how the decryption process works.
- a message which can be text, a picture, audio, video, software, bit stream, etc., being sent from a sender 101 to a recipient 103 is to be signed by sender 101.
- the message 201 is passed through a hash function 204 to generate the hash value 207 as
- the message 201 is split 203 into at least one part 205 not to be combined with the hash value, and at least one part 206 to be combined with the hash value.
- the hash value 207 is combined 208 with the at least one part of the message 206 to obtain a full signature block 209.
- the signature block 209 is signed 210 with the private part of the signature key 202, resulting in the signedQ block 211.
- the at least one part of the message not combined with the hash value 205 is combined 212 with signed block 211 to obtain the signed message 213.
- a signed message sent from a sender 101 to a recipient 103 is to be verified bys recipient 103.
- the signed message 301 is split 303 into the at least one part of the message not in the signed block 308 and the signed block 304.
- the signed block 304 and the public part of the signature key pair 302 are used to recover 305 the signature block 306.
- the signature block 306 is split 307 into the at least one part of the message 309 combined with the hash value, and the hash value 310.
- the at least one part of theQ message 308 not in the signed block is combined 311 with the at least one part 309 previously combined with the hash value, to produce the recovered message 312.
- the recovered message 312 is passed through the hash function 313 to obtain a calculated hash 314.
- the recovered hash 310 and the calculated hash 314 are compared 315. If they are equal, the signature verification has succeeded, and the recovered message 312 5 is output 316, if not the signature verification has failed 317.
- a message to be sent from a sender 101 to a recipient 103 is to be encrypted by sender 101.
- the message 401 is encrypted 404 using the session key 402, to produce0 the ciphertext 405.
- the ciphertext 405 is split 406 into at least one part 407 not to be combined with the session key, and at least one part 408 to be combined with the session key.
- the at least one part of the ciphertext to be combined with the session key 408, is combined 409 with the session key 402 to produce the block to be asymmetrically encrypted 410.
- the block to be asymmetrically encrypted 410 is 5 asymmetrically encrypted 411 with the public key 403 to produce the asymmetrically encrypted block 412.
- the at least one part of the ciphertext 407 not combined with the session key 402 is combined 413 with the asymmetrically encrypted block 412 to produce the complete ciphertext 414.
- a ciphertext message sent from a sender 101 to a recipient 103 is to be decrypted by recipient 103.
- a complete ciphertext 501 is split 503 into the at least one part of the ciphertext 508 not in the asymmetrically encrypted block and the asymmetrically encrypted block 504.
- the asymmetrically encrypted block 504 is decrypted 505 using the private key 502 to recover the block 506.
- the block 506 is split 507 into the part of the ciphertext 509 combined with the session key, and the session key 510.
- the parts of the ciphertext 508 and 509 are combined 511 to produce the ciphertext 512.
- the ciphertext 512 is decrypted 513 using the session key 510 resulting in the message 514.
- the signature and encryption methods can be combined. It is possible to encrypt a message and then sign it, or to sign a message and then encrypt it. Although the advantages of present invention are most easily noticed in the context of small messages, the invention is also fully applicable to signing and encrypting long messages. As indicated above the data signed and/or encrypted need not be a message intended for transmission per se, but can be any digital data. Methods defined in present invention are not limited to using hash values, but may for example use: keyed hash values, also known as Message
- MACs Authentication Codes
- keys various management data related to the message or the communication it represents, auditing data, anonymization data, etc.
- the invention seems to be particularly advantageous when signing and/or encrypting short messages that are limited to a small total length (such as 1120 bits for SMS messages).
- Some possible embodiments are cryptographically strong signature systems and/or cryptographically strong asymmetric encryption for, but not limited to: o Short Message Service (SMS) messages, where this is not practical without present invention; o Multimedia Messaging Service (MMS) messages, where present invention saves precious transmission capacity; o DVB transport packages and similar broadcast scenarios, where present invention makes possible the use of strong signatures and asymmetric cryptography; o offline smart card payment and smart card based payment transactions in general, which is another example of a system where total message length is very limited, and where strong cryptographical security is important; o cryptographically protected networking protocols, where a moderate packet/window size is employed, so that space is saved on signed packets/transmission units
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
L'invention concerne un procédé de signature numérique de document, consistant à appliquer premièrement une fonction de hachage sur le document pour générer la valeur de hachage, ladite valeur et une partie du texte en clair étant combinées avant d'être signées. L'invention concerne également un procédé correspondant de vérification de documents signés par la mise en œuvre de ce procédé de signature. L'invention concerne encore un procédé de cryptage de document, dans lequel une clé symétrique et une partie du document crypté symétriquement sont combinées avant d'être cryptées au moyen de la clé publique d'une paire de clés asymétriques. L'invention concerne enfin un procédé correspondant de décryptage de documents cryptés par la mise en œuvre de ce procédé de cryptage.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/NO2007/000149 WO2008133521A1 (fr) | 2007-04-26 | 2007-04-26 | Procede de signature et de cryptage de donnees numeriques |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/NO2007/000149 WO2008133521A1 (fr) | 2007-04-26 | 2007-04-26 | Procede de signature et de cryptage de donnees numeriques |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2008133521A1 true WO2008133521A1 (fr) | 2008-11-06 |
Family
ID=39925881
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/NO2007/000149 WO2008133521A1 (fr) | 2007-04-26 | 2007-04-26 | Procede de signature et de cryptage de donnees numeriques |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2008133521A1 (fr) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103946856A (zh) * | 2013-09-30 | 2014-07-23 | 华为技术有限公司 | 加解密处理方法、装置和设备 |
CN103971245A (zh) * | 2014-01-30 | 2014-08-06 | 四川谦泰仁投资管理有限公司 | 一种用于商品电子防伪的组合加密系统 |
CN104052606A (zh) * | 2014-06-20 | 2014-09-17 | 北京邮电大学 | 数字签名、签名认证装置以及数字签名方法 |
CN105848119A (zh) * | 2016-03-22 | 2016-08-10 | 赵莉莉 | 提供短信接收确认显示的方法、移动终端、服务器和系统 |
GB2541975A (en) * | 2015-09-01 | 2017-03-08 | Wistron Neweb Corp | Data protection device and data protection method thereof |
CN113595727A (zh) * | 2021-09-26 | 2021-11-02 | 南京慧链和信数字信息科技研究院有限公司 | 一种基于密钥分存与硬件绑定的密钥安全系统 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1083700A2 (fr) * | 1999-09-07 | 2001-03-14 | Certicom Corp. | Procédé de signature numérique hybride |
JP2005012466A (ja) * | 2003-06-18 | 2005-01-13 | Denso Corp | メッセージ認証方法及びメッセージ認証システム |
WO2005043326A2 (fr) * | 2003-10-31 | 2005-05-12 | Docomo Communications Laboratories Usa, Inc. | Mecanismes de cryptage et de signature utilisant des mises en correspondance de messages afin de reduire la taille desdits messages |
US20060078125A1 (en) * | 2004-10-08 | 2006-04-13 | Philip Cacayorin | Devices and methods for implementing cryptographic scrambling |
-
2007
- 2007-04-26 WO PCT/NO2007/000149 patent/WO2008133521A1/fr active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1083700A2 (fr) * | 1999-09-07 | 2001-03-14 | Certicom Corp. | Procédé de signature numérique hybride |
JP2005012466A (ja) * | 2003-06-18 | 2005-01-13 | Denso Corp | メッセージ認証方法及びメッセージ認証システム |
WO2005043326A2 (fr) * | 2003-10-31 | 2005-05-12 | Docomo Communications Laboratories Usa, Inc. | Mecanismes de cryptage et de signature utilisant des mises en correspondance de messages afin de reduire la taille desdits messages |
US20060078125A1 (en) * | 2004-10-08 | 2006-04-13 | Philip Cacayorin | Devices and methods for implementing cryptographic scrambling |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103946856A (zh) * | 2013-09-30 | 2014-07-23 | 华为技术有限公司 | 加解密处理方法、装置和设备 |
EP2879327A4 (fr) * | 2013-09-30 | 2015-06-03 | Huawei Tech Co Ltd | Procédé, appareil et dispositif de traitement de chiffrement et de déchiffrement |
CN103971245A (zh) * | 2014-01-30 | 2014-08-06 | 四川谦泰仁投资管理有限公司 | 一种用于商品电子防伪的组合加密系统 |
CN103971245B (zh) * | 2014-01-30 | 2017-06-27 | 四川谦泰仁投资管理有限公司 | 一种用于商品电子防伪的组合加密系统 |
CN104052606A (zh) * | 2014-06-20 | 2014-09-17 | 北京邮电大学 | 数字签名、签名认证装置以及数字签名方法 |
CN104052606B (zh) * | 2014-06-20 | 2017-05-24 | 北京邮电大学 | 数字签名、签名认证装置以及数字签名方法 |
GB2541975A (en) * | 2015-09-01 | 2017-03-08 | Wistron Neweb Corp | Data protection device and data protection method thereof |
GB2541975B (en) * | 2015-09-01 | 2019-08-28 | Wistron Neweb Corp | Data protection device and data protection method thereof |
CN105848119A (zh) * | 2016-03-22 | 2016-08-10 | 赵莉莉 | 提供短信接收确认显示的方法、移动终端、服务器和系统 |
CN113595727A (zh) * | 2021-09-26 | 2021-11-02 | 南京慧链和信数字信息科技研究院有限公司 | 一种基于密钥分存与硬件绑定的密钥安全系统 |
CN113595727B (zh) * | 2021-09-26 | 2021-12-21 | 南京慧链和信数字信息科技研究院有限公司 | 一种基于密钥分存与硬件绑定的密钥安全系统 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109743171B (zh) | 一种解决多方数字签名、时间戳及加密的密钥串联方法 | |
CA2698000C (fr) | Signatures avec recuperation de message confidentiel | |
US6396926B1 (en) | Scheme for fast realization of encrytion, decryption and authentication | |
US8688998B2 (en) | Resilent cryptographic scheme | |
US20120096274A1 (en) | Authenticated encryption for digital signatures with message recovery | |
CN110113150B (zh) | 基于无证书环境的可否认认证的加密方法和系统 | |
CA2373787C (fr) | Authentification automatique du chainage de textes cryptes | |
US11888832B2 (en) | System and method to improve user authentication for enhanced security of cryptographically protected communication sessions | |
US7894608B2 (en) | Secure approach to send data from one system to another | |
CN109104271A (zh) | 一种数字签名的方法、装置和系统 | |
WO2008133521A1 (fr) | Procede de signature et de cryptage de donnees numeriques | |
CN111049738B (zh) | 基于混合加密的电子邮件数据安全保护方法 | |
WO2014205571A1 (fr) | Protocole de signature | |
WO2013039659A1 (fr) | Schémas de chiffrement hybrides | |
CN113837756A (zh) | 一种电子发票验证方法和系统 | |
CN111641494A (zh) | 全球区块链的实现方法及装置 | |
KR100323799B1 (ko) | 안전성이 증명가능한 타원곡선 공개키 암호화 시스템 | |
Dũng | Variant of OTP Cipher with Symmetric Key Solution | |
Kandul et al. | Steganography with cryptography in android | |
TWI242966B (en) | Security transmitting method and system of digital medical information | |
JPS62216447A (ja) | メツセ−ジ認証通信方式 | |
CN113014531B (zh) | 一种应用于电子邮件数据加密传输的方法 | |
JP3862397B2 (ja) | 情報通信システム | |
CN113676329A (zh) | 一种基于ecdsa算法的电子公文交换加密方法 | |
CN111698219A (zh) | 基于材料光谱特征的区块链分类帐实现方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07747610 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 07747610 Country of ref document: EP Kind code of ref document: A1 |