WO2021012574A1 - Procédé de multisignature, centre de signature, support et dispositif électronique - Google Patents

Procédé de multisignature, centre de signature, support et dispositif électronique Download PDF

Info

Publication number
WO2021012574A1
WO2021012574A1 PCT/CN2019/123094 CN2019123094W WO2021012574A1 WO 2021012574 A1 WO2021012574 A1 WO 2021012574A1 CN 2019123094 W CN2019123094 W CN 2019123094W WO 2021012574 A1 WO2021012574 A1 WO 2021012574A1
Authority
WO
WIPO (PCT)
Prior art keywords
signature
participant
center
message
signed
Prior art date
Application number
PCT/CN2019/123094
Other languages
English (en)
Chinese (zh)
Inventor
蒋福强
贾牧
张鹏程
Original Assignee
深圳壹账通智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳壹账通智能科技有限公司 filed Critical 深圳壹账通智能科技有限公司
Publication of WO2021012574A1 publication Critical patent/WO2021012574A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3255Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures

Definitions

  • the present disclosure relates to the field of information encryption technology, in particular to a multi-signature method, signature center, medium and electronic equipment.
  • each signature participant arbitrarily takes an integer as a private Key, and then use the generator in the cyclic group to obtain the corresponding public key from the private key to obtain the public key set of the signing participants, and then calculate the public key commitment based on the public key set and each public key; each participant obtains A random number, for each random number to obtain a random point after generating a random number of operations; for each signing participant, the binary operation result between each random point, the message to be signed, and the public key of the signing participant Perform a hash operation, then perform a binary operation on the operation result, public key commitment, and public key, and add the random number of the signature participant to the calculated result to obtain the signature of the signature participant, and finally The binary operation result between each random point and the signature of each signature participant are connected to obtain a signature.
  • the purpose of the present disclosure is to provide a multi-signature method, a signature center, a medium, and an electronic device.
  • a multi-signature method is provided, the method is executed by a signature center, the signature center includes a signature unit and a plurality of signature participants, and the method includes:
  • Each signature participant in the signature center obtains a cyclic group of prime order established based on a preset elliptic curve equation, the cyclic group includes generators, and the signature participant has an identifier;
  • Each signature participant in the signature center receives the private key generated by the key generation center according to the signature of the signature participant;
  • Each signature participant in the signature center uses the following formula to obtain the signature participant's public key based on the signature participant's private key:
  • X i is the i-th signature obtained participating party public key
  • g is a generator of the cyclic group
  • x i is the i-th signature participant private key
  • each signature participant in the signature center When a signature request for a message to be signed is received, each signature participant in the signature center generates a random number, and the signature unit in the signature center uses the following formula to set the preset elliptic curve based on the random number of each signature participant Get random points on the target:
  • R i is a random point obtained for the i-th signature participant on the preset elliptic curve
  • r i is a random number generated by the i-th signature participant
  • R is a random number based on each signature participant Random points of the target obtained
  • Each signature participant in the signature center uses the following formula to sign the message to be signed based on the target random point, and sends it to the signature unit in the signature center, and the signature unit synthesizes the signature of each signature participant Obtain the signature of the message to be signed:
  • ID i is the identity of the i-th signing participant
  • c H(X,R,m)
  • H is the hash function
  • m is the message to be signed
  • X is the public signature of all signing participants in the signature center.
  • a signature center which includes a signature unit and a plurality of signature participants, the signature unit includes a target random point acquisition module and a synthesis module, and the signature participant includes an acquisition module and a receiving module , Public key acquisition module, generation module and signature module, these modules can perform the method as described above.
  • a computer-readable program medium which stores computer program instructions, and when the computer program instructions are executed by a computer, the computer executes the aforementioned method.
  • the computer-readable program medium may also be called a computer-readable storage medium, for example, it may be a non-volatile computer-readable storage medium.
  • an electronic device including:
  • a memory where computer-readable instructions are stored, and when the computer-readable instructions are executed by the processor, the method as described above is implemented.
  • the private key of each signature participant is generated by the key generation center according to the signature of the signature participant, it is possible to avoid the occurrence of the phenomenon of reducing the reliability of the signature by generating the private key in a random manner, and improve the security and safety of the signature.
  • the maintainability of the system saves the steps that require a large amount of computing resources on the basis of the existing technology, and improves the efficiency of the signature.
  • Fig. 1 is a schematic diagram showing a system architecture of a multi-signature method according to an exemplary embodiment
  • Fig. 2 is a flowchart showing a multi-signature method according to an exemplary embodiment
  • Fig. 3 is a flowchart of steps after step 230 and steps after step 260 according to an embodiment corresponding to Fig. 2;
  • Fig. 4 is a block diagram showing a signature center according to an exemplary embodiment
  • Fig. 5 is a block diagram showing an example of an electronic device implementing the above multi-signature method according to an exemplary embodiment
  • Fig. 6 shows a computer-readable storage medium for implementing the above-mentioned multi-signature method according to an exemplary embodiment.
  • the present disclosure first provides a multi-signature method.
  • Signing is the process of generating digital signatures.
  • a digital signature is a digital string that can only be generated by the sender of the information and that others cannot forge. This digital string is also an effective proof of the authenticity of the information sent by the sender.
  • Multi-signature refers to a signature that requires multiple signing parties to complete together, and each signing party plays a role in the signing process.
  • the signature participant can be any device with computing and processing functions.
  • the device can be connected to an external device to receive or send information.
  • It can be a portable mobile device, such as a smart phone, a tablet, a laptop, or a PDA (Personal Digital). Assistant), etc., can also be fixed devices, such as computer equipment, field terminals, desktop computers, servers, workstations, etc., or a collection of multiple devices, such as the physical infrastructure of cloud computing.
  • the signature participant may be a server or a computer device.
  • Fig. 1 is a schematic diagram showing a system architecture of a multi-signature method according to an exemplary embodiment.
  • the signature center 100 includes a signature unit 110 and a plurality of signature participants 120, all of which can communicate with the signature unit 110; besides the signature center 100, there is also a key generation center 130.
  • the key generation center 130 can communicate with the signature participant 120 in the signature center 100.
  • the signature participant 120 has an identity, and multiple signature participants 120 in the signature center 100 can respectively receive the private key generated by the key generation center according to the identity of each signature participant 120, and then the signature participant 120 can use the private key to generate The corresponding public key; then, if the signature center 100 receives a signature request for the message to be signed, each signature participant 120 in the signature center 100 will generate a random number, and the signature unit 110 will generate a random number for each signature participant 120 The random number obtains a random point on the preset elliptic curve, and then performs a binary operation on each random point in a predetermined order to obtain the target random point existing on the preset elliptic curve.
  • the signature unit 110 will perform a signature for each signature Participant 120 first performs a hash operation on the set of public keys of all signing participants 120, the target random point, and the message to be identified, and then performs an ellipse based on the result of the hash operation and the identity and private key of the signing participant 120 The two-dimensional calculation of the curve, and the random number generated by the signing participant 120 is added to the result of the two-dimensional calculation to obtain the signature of the signing participant; finally, the target random point and the signature of each signing participant 120 are combined As the signature of the message to be signed finally.
  • FIG. 1 is only one embodiment of the present disclosure, although in the embodiment of FIG. 1,
  • Each signature participant 120 is a desktop computer, and the key generation center 130 is also located outside the signature center 100.
  • the signature participant 120 may be the aforementioned various types of terminals.
  • the key generation center 130 and the signature The inclusion relationship of the center 100 can be arbitrary, that is, the key generation center 130 can be located outside the signature center 100 or inside the signature center 100, so the present disclosure does not limit this, and the protection scope of the present disclosure should not be therefore And subject to any restrictions.
  • Fig. 2 is a flowchart showing a multi-signature method according to an exemplary embodiment. Among them, the method shown in the embodiment of Fig. 2 is executed by a signature center, which includes a signature unit and multiple signature participants, as shown in Fig. 2, including the following steps:
  • Step 210 Each signature participant in the signature center obtains a prime order cyclic group established based on a preset elliptic curve equation.
  • the cyclic group includes generators, and the signature participants have identifiers.
  • the signature center is a system that includes multiple units or modules.
  • the included signature units and multiple signature participants are organically integrated in the signature center, and the signature unit and the signature participants can interact or interact with each other.
  • the signature center can be an organic combination of software, hardware, and firmware.
  • the signature participant can be a module, a terminal, or even a separate system or subsystem.
  • a group is a concept in group theory.
  • a group is a non-empty set that satisfies the conditions of closure, associative law, existence of identity elements, and existence of inverse elements.
  • a unit in a group is called an element in the group. Is the number of elements in the group.
  • a cyclic group is a group that satisfies the condition: each element in the group is a power of a fixed element in the group, so the generator of the cyclic group is the fixed element, and the prime order cyclic group
  • a group is a cyclic group in which the number of elements contained is prime.
  • the general formula of the preset elliptic curve equation is:
  • a and b are the coefficients of the preset elliptic curve equation, and p is the modulus.
  • the general elliptic curve equation can adopt the above form, for example:
  • the set of all points satisfying the preset elliptic curve equation is used as the established prime order cyclic group.
  • the process of establishing the cyclic group of prime order based on the preset elliptic curve equation is established by using the addition algorithm of the elliptic curve.
  • the identity of the signing participant is a string used to uniquely determine the identity of the signing participant, which can include letters, numbers, underscores and other characters, such as MAC address (Media Access Control Address), mobile phone number, bank Card number, account number or ID (Identification, serial number) assigned in advance for each signing participant.
  • MAC address Media Access Control Address
  • mobile phone number bank Card number
  • account number ID (Identification, serial number) assigned in advance for each signing participant.
  • the type of the identity of each signature participant in the signature center is the same, and the type of the identity of the signature participant is one of an ID number, a mobile phone number, and an email address.
  • Step 220 Each signature participant in the signature center receives the private key generated by the key generation center according to the signature of the signature participant.
  • the private key is the key used for encryption in the field of asymmetric encryption.
  • the information encrypted by the private key can only be decrypted with the corresponding public key.
  • the key generation center generates a private key according to the identity of each signing participant in the following manner:
  • the key generation center uses a hash algorithm specific to the key generation center to hash the identity of each signature participant to obtain the private key of each signature participant.
  • the key generation center generates a private key according to the identity of each signing participant in the following manner:
  • the key generation center uses its own private key to encrypt the identity of each signing participant to obtain the private key of each signing participant.
  • the key generation center generates a private key according to the identity of each signing participant in the following manner:
  • the key generation center For each signature participant, the key generation center generates a random character sequence corresponding to the signature of the signature participant as the private key of the signature participant, and combines the private key generated for each signature participant with the corresponding The identity of the signing participant is stored correspondingly.
  • the identities of all signature participants are generated by the key generation center and maintained by the key generation center.
  • the method before each signature participant in the signature center receives the private key generated by the key generation center according to the signature of the signature participant, the method further includes:
  • Each signature participant in the signature center sends the signature of the signature participant to the key generation center, so that the key generation center generates a private key according to the signature of the signature participant.
  • the key generation center has a script embedded at the local end (namely, the signature center), and before each signature participant in the signature center receives the private key generated by the key generation center according to the signature of the signature participant, The key generation center uses a script to crawl the identity of the signing participants in the signature center, and generates a corresponding private key according to the identity of each signing participant.
  • each signature participant in the signature center obtains the public key of the signature participant by using the following formula based on the private key of the signature participant:
  • X i is the i-th signature obtained participant public key
  • g is a generator of the cyclic group
  • x i is the i-th signature participant private key.
  • the public key of each signature participant is obtained by performing binary operations on the elliptic curve a specific number of times on the generator, where the generator is the initial point of the elliptic curve, and the generator The specified number is equal to the private key of the corresponding signing participant.
  • Step 250 When a signature request for the message to be signed is received, each signature participant in the signature center generates a random number, and the signature unit in the signature center uses the following formula based on the random number of each signature participant in the preset Get the target random point on the elliptic curve:
  • R i is a random point obtained for the i-th signature participant on the preset elliptic curve
  • r i is a random number generated by the i-th signature participant
  • R is a random number based on each signature participant Random points of the target obtained.
  • the random number generated by each signature participant is greater than 0 and less than the order of the cyclic group.
  • the signature request for the message to be signed may be a network request based on various protocols, for example, it may be a request under the HTTP protocol.
  • the signature request includes the message to be signed.
  • the signature unit in the signature center before receiving the signature request for the message to be signed, obtains a plurality of messages to be signed, wherein each message to be signed has an identifier, and the signature request for the message to be signed Contains the identity of the message to be signed, and then when a signature request for the message to be signed is received, the signature unit in the signature center obtains the identity and the identity of the message to be signed included in the signature request from the plurality of messages to be signed. Identifies the same message to be signed.
  • each signature participant in the signature center uses the following formula to sign the message to be signed based on the target random point, and sends it to the signature unit in the signature center, and the signature unit synthesizes each signature participant The signature of the party obtains the signature of the message to be signed:
  • ID i is the identity of the i-th signing participant
  • c H(X,R,m)
  • H is the hash function
  • m is the message to be signed
  • X is the public signature of all signing participants in the signature center.
  • the finally synthesized signature of the message to be signed is related to the private key, the identity of each signing participant, the public key of each signing participant, the target random point, and the message to be signed. This improves The complexity of the signature is improved, and the reliability and security of the signature are improved.
  • the private key of each signature participant is generated by the key generation center according to the signature of the signature participant, it is possible to avoid random generation of the private key leading to signature The appearance of the phenomenon of reduced reliability.
  • Both the private key of the signing participant and the signature of the message to be signed are related to the identity of each signing participant, which improves the security of the signature and the maintainability of the system.
  • the steps that require a large amount of computing resources are eliminated, resources are saved, and the efficiency of signatures is improved.
  • FIG. 3 is a flowchart of steps after step 230 and steps after step 260 according to an embodiment shown in the embodiment corresponding to FIG. 2. As shown in Figure 3, it includes the following steps:
  • each signature participant in the signature center publishes the public key of the signature participant, so that the signature verification party can obtain a public key set composed of the public keys of all the signature participants in the signature center.
  • the signing participant publishes its public key through the network. For example, the signing participant adds the public key to the preset webpage code template, generates a webpage file that records the public key and stores it locally; when the signature verifier needs to obtain the public key of the signing participant, the public key is sent to the signing participant Obtain the request, the signing party will return a web page file containing the public key to the signature verifier according to the request, so that the signature verifier can obtain the public key from the web page file, and the signature verifier sends the public key to each signing party Obtain the request to obtain the public key set.
  • the signature center will package the public key set and send it to each signature verifier with which it has established a communication connection, so that the signature verifier can obtain Public key.
  • the signature verifier is an entity with computing processing and communication capabilities, and can be the same type of terminal or system as the signature participant.
  • Step 270 The signature unit in the signature center sends the signature of the message to be signed to the target signature verifier, so that the target signature verifier uses the public key set to verify the signature of the message to be signed.
  • the target signature verifier is a party qualified to verify the signature of the message to be signed.
  • the target signature verifier has an identifier and is stored locally in the signature unit.
  • the signature unit in the signature center receives a request to obtain the signature of the message to be signed, if the identifier in the request is stored locally in the signature unit If the identifiers in are consistent, the signature for the message to be signed is sent to the sender of the request according to the request.
  • the target signature verifier uses the public key set to verify the signature of the message to be signed based on the following formula:
  • g is a generator of the cyclic group
  • R is a random number based on the target random points each acquired signature participants
  • S s 1 + s 2 + ... + s n
  • X it is the i-th signature obtained
  • ID i is the identity of the i-th signing participant
  • c H(X,R,m)
  • H is the hash function
  • m is the message to be signed
  • X is all signatures in the signature center
  • Fig. 4 is a block diagram showing a signature center according to an exemplary embodiment.
  • the signature center 400 includes a signature unit 420 and a plurality of signature participants 410.
  • the signature unit 420 includes a target random point acquisition module 421 and a synthesis module 422.
  • the signature participant 410 includes an acquisition module 411, Module 412, public key acquisition module 413, generation module 414 and signature module 415, where:
  • the obtaining module 411 is configured to obtain a prime order cyclic group established based on a preset elliptic curve equation, the cyclic group including generators, and the signature participant has an identifier;
  • the receiving module 412 is configured to receive the private key generated by the key generation center according to the identity of the signature participant;
  • the public key obtaining module 413 is configured to obtain the public key of the signature participant by using the following formula based on the private key of the signature participant:
  • X i is the i-th signature obtained participating party public key
  • g is a generator of the cyclic group
  • x i is the i-th signature participant private key
  • the generating module 414 is configured to generate a random number when a signature request for a message to be signed is received;
  • the target random point obtaining module 421 is configured to obtain a target random point on the preset elliptic curve based on the random number of each signature participant using the following formula:
  • R i is a random point obtained for the i-th signature participant on the preset elliptic curve
  • r i is a random number generated by the i-th signature participant
  • R is a random number based on each signature participant Random points of the target obtained
  • the signature module 415 is configured to respectively sign the message to be signed based on the target random point using the following formula, and send it to the signature unit in the signature center:
  • ID i is the identity of the i-th signing participant
  • c H(X,R,m)
  • H is the hash function
  • m is the message to be signed
  • X is the public signature of all signing participants in the signature center.
  • a set of keys, s i is the signature of the message to be signed by the i-th signing participant;
  • an electronic device capable of implementing the above method.
  • the electronic device 500 according to this embodiment of the present application will be described below with reference to FIG. 5.
  • the electronic device 500 shown in FIG. 5 is only an example, and should not bring any limitation to the function and use scope of the embodiments of the present application.
  • the electronic device 500 is represented in the form of a general-purpose computing device.
  • the components of the electronic device 500 may include, but are not limited to: the aforementioned at least one processing unit 510, the aforementioned at least one storage unit 520, and a bus 530 connecting different system components (including the storage unit 520 and the processing unit 510).
  • the storage unit stores program code, and the program code can be executed by the processing unit 510, so that the processing unit 510 executes the various exemplary methods described in the above-mentioned "Embodiment Method" section of this specification. Implementation steps.
  • the storage unit 520 may include a readable medium in the form of a volatile storage unit, such as a random access storage unit (RAM) 521 and/or a cache storage unit 522, and may further include a read-only storage unit (ROM) 523.
  • RAM random access storage unit
  • ROM read-only storage unit
  • the storage unit 520 may also include a program/utility tool 524 having a set of (at least one) program module 525.
  • program module 525 includes but is not limited to: an operating system, one or more application programs, other program modules, and program data, Each of these examples or some combination may include the implementation of a network environment.
  • the bus 530 may represent one or more of several types of bus structures, including a storage unit bus or a storage unit controller, a peripheral bus, a graphics acceleration port, a processing unit, or a local area using any bus structure among multiple bus structures. bus.
  • the electronic device 500 may also communicate with one or more external devices 700 (such as keyboards, pointing devices, Bluetooth devices, etc.), and may also communicate with one or more devices that enable a user to interact with the electronic device 500, and/or communicate with Any device (such as a router, modem, etc.) that enables the electronic device 500 to communicate with one or more other computing devices. This communication can be performed through an input/output (I/O) interface 550.
  • the electronic device 500 may also communicate with one or more networks (for example, a local area network (LAN), a wide area network (WAN), and/or a public network, such as the Internet) through the network adapter 560.
  • networks for example, a local area network (LAN), a wide area network (WAN), and/or a public network, such as the Internet
  • the network adapter 560 communicates with other modules of the electronic device 500 through the bus 530.
  • other hardware and/or software modules can be used in conjunction with the electronic device 500, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives And data backup storage system, etc.
  • the exemplary embodiments described herein can be implemented by software, or can be implemented by combining software with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (can be a CD-ROM, U disk, mobile hard disk, etc.) or on the network , Including several instructions to make a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) execute the method according to the embodiments of the present disclosure.
  • a computing device which may be a personal computer, a server, a terminal device, or a network device, etc.
  • a computer-readable storage medium on which is stored a program product capable of implementing the above method of this specification.
  • various aspects of the present application can also be implemented in the form of a program product, which includes program code.
  • the program product runs on a terminal device, the program code is used to enable the The terminal device executes the steps according to various exemplary embodiments of the present application described in the above-mentioned "Exemplary Method" section of this specification.
  • a program product 600 for implementing the above method according to an embodiment of the present application is described. It can adopt a portable compact disk read-only memory (CD-ROM) and include program code, and can be installed in a terminal device, For example, running on a personal computer.
  • CD-ROM compact disk read-only memory
  • the program product of this application is not limited to this.
  • the readable storage medium can be any tangible medium that contains or stores a program, and the program can be used by or combined with an instruction execution system, device, or device.
  • the program product can use any combination of one or more readable media.
  • the readable medium may be a readable signal medium or a readable storage medium.
  • the readable storage medium may be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, device, or device, or a combination of any of the above. More specific examples (non-exhaustive list) of readable storage media include: electrical connections with one or more wires, portable disks, hard disks, random access memory (RAM), read only memory (ROM), erasable Type programmable read only memory (EPROM or flash memory), optical fiber, portable compact disk read only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination of the above.
  • the computer-readable signal medium may include a data signal propagated in baseband or as a part of a carrier wave, and readable program code is carried therein. This propagated data signal can take many forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination of the foregoing.
  • the readable signal medium may also be any readable medium other than a readable storage medium, and the readable medium may send, propagate, or transmit a program for use by or in combination with the instruction execution system, apparatus, or device.
  • the program code contained on the readable medium can be transmitted by any suitable medium, including but not limited to wireless, wired, optical cable, RF, etc., or any suitable combination of the foregoing.
  • the program code used to perform the operations of this application can be written in any combination of one or more programming languages.
  • the programming languages include object-oriented programming languages—such as Java, C++, etc., as well as conventional procedural Programming language-such as "C" language or similar programming language.
  • the program code can be executed entirely on the user's computing device, partly on the user's device, executed as an independent software package, partly on the user's computing device and partly executed on the remote computing device, or entirely on the remote computing device or server Executed on.
  • the remote computing device can be connected to a user computing device through any kind of network, including a local area network (LAN) or a wide area network (WAN), or can be connected to an external computing device (for example, using Internet service providers) Business to connect via the Internet).
  • LAN local area network
  • WAN wide area network
  • Internet service providers Internet service providers

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Mathematical Optimization (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Algebra (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

La présente invention concerne le domaine du chiffrement d'informations, et concerne un procédé de multisignature, un centre de signature, un support et un dispositif électronique. Le procédé est exécuté par le centre de signature, le centre de signature comprenant une unité de signature et une pluralité de participants signataires. Le procédé comprend les étapes suivantes : chaque participant signataire acquiert un groupe cyclique d'ordre premier sous une équation de courbe elliptique ; les participants signataires reçoivent des clés privées qui sont générées par un centre de génération de clé secrète en fonction des identités des participants signataires ; les participants signataires acquièrent des clés publiques associées en utilisant une formule sur la base des clés privées des participants signataires ; chaque participant signataire génère un nombre aléatoire, et une unité de signature acquiert un point aléatoire cible en utilisant une formule sur la base du nombre aléatoire ; selon la formule, sur la base du point aléatoire cible, chaque participant signataire signe un message à signer respectivement et l'envoie à l'unité de signature, et les signatures dudit message sont composées par l'unité de signature. Le procédé de l'invention améliore la sécurité de signature et la maintenabilité d'un système de signature, réduit la consommation de ressources lorsqu'il y a de multiples signatures et améliore l'efficacité de signature.
PCT/CN2019/123094 2019-07-24 2019-12-04 Procédé de multisignature, centre de signature, support et dispositif électronique WO2021012574A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910671776.9 2019-07-24
CN201910671776.9A CN110351096B (zh) 2019-07-24 2019-07-24 多重签名方法、签名中心、程序介质及电子设备

Publications (1)

Publication Number Publication Date
WO2021012574A1 true WO2021012574A1 (fr) 2021-01-28

Family

ID=68180024

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/123094 WO2021012574A1 (fr) 2019-07-24 2019-12-04 Procédé de multisignature, centre de signature, support et dispositif électronique

Country Status (2)

Country Link
CN (1) CN110351096B (fr)
WO (1) WO2021012574A1 (fr)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113139197A (zh) * 2021-04-27 2021-07-20 上海淇玥信息技术有限公司 一种项目验签方法、装置和电子设备
CN113343259A (zh) * 2021-06-17 2021-09-03 北京宏思电子技术有限责任公司 基于sm2的联合签名实现方法、装置、电子设备及存储介质
CN113869901A (zh) * 2021-12-02 2021-12-31 腾讯科技(深圳)有限公司 密钥生成方法、装置、计算机可读存储介质及计算机设备
CN114070556A (zh) * 2021-11-15 2022-02-18 成都卫士通信息产业股份有限公司 一种门限环签名方法、装置、电子设备及可读存储介质
CN114187000A (zh) * 2021-12-10 2022-03-15 建信金融科技有限责任公司 用于分散私钥的签名方法、设备、存储介质及处理器
CN114780923A (zh) * 2022-06-17 2022-07-22 杭州天谷信息科技有限公司 一种电子印章的管控方法及系统
CN115001711A (zh) * 2022-06-10 2022-09-02 成都卫士通信息产业股份有限公司 信息签名方法、装置、电子设备及计算机可读存储介质
CN115225288A (zh) * 2022-07-22 2022-10-21 济南浪潮数据技术有限公司 一种签名信息归档方法、装置、设备及介质
CN115913573A (zh) * 2022-11-30 2023-04-04 广东电网有限责任公司广州供电局 基于区块链的二次设备定值门限发令方法、系统及介质
WO2024119308A1 (fr) * 2022-12-05 2024-06-13 华为技术有限公司 Procédé de communication, nœud, système de communication et support mobile
CN118509179A (zh) * 2024-07-16 2024-08-16 北京信安世纪科技股份有限公司 多方签名生成方法和设备

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110351096B (zh) * 2019-07-24 2022-02-01 深圳壹账通智能科技有限公司 多重签名方法、签名中心、程序介质及电子设备
CN111162912B (zh) * 2019-12-30 2021-06-15 深圳前海微众银行股份有限公司 一种适用于区块链的验证方法、装置及存储介质
CN111523889B (zh) * 2020-04-17 2023-09-01 昆明大棒客科技有限公司 多重签名实现方法、装置、设备和存储介质
CN111817858A (zh) * 2020-07-27 2020-10-23 北京金仓幸福科技有限公司 一种基于多重签名的区块链数据安全方法
CN112613882B (zh) * 2020-12-29 2023-06-02 成都知道创宇信息技术有限公司 一种分布式签名系统及管理方法
CN112737777B (zh) * 2020-12-29 2023-01-10 北京百度网讯科技有限公司 基于密钥的门限签名和验签方法、装置、设备和介质
CN113112269B (zh) * 2021-04-09 2023-11-28 杭州复杂美科技有限公司 多重签名方法、计算机设备和存储介质
CN113381856A (zh) * 2021-07-07 2021-09-10 北京明朝万达科技股份有限公司 数字签名及验签方法、系统、装置及存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009076811A1 (fr) * 2007-12-14 2009-06-25 Huawei Technologies Co., Ltd. Procédé, système, client et serveur destinés à la négociation de clé
CN102983971A (zh) * 2012-10-10 2013-03-20 中国科学技术大学苏州研究院 网络环境中进行用户身份认证的无证书签名方法
CN107171788A (zh) * 2017-04-08 2017-09-15 西安邮电大学 一种基于身份且签名长度恒定的在线离线聚合签名方法
CN110011806A (zh) * 2019-03-22 2019-07-12 西安邮电大学 多源网络编码机制下多重同态签名方法
CN110351096A (zh) * 2019-07-24 2019-10-18 深圳壹账通智能科技有限公司 多重签名方法、签名中心、介质及电子设备

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106941406B (zh) * 2017-05-02 2019-11-08 深圳奥联信息安全技术有限公司 基于标识的加密签名方法、解密验签方法及其装置
GB201709367D0 (en) * 2017-06-13 2017-07-26 Nchain Holdings Ltd Computer-implemented system and method
CN107395370B (zh) * 2017-09-05 2020-07-14 深圳奥联信息安全技术有限公司 基于标识的数字签名方法和装置
CN108650097B (zh) * 2018-04-28 2021-03-09 上海扈民区块链科技有限公司 一种高效的聚合数字签名方法
CN109064170B (zh) * 2018-07-23 2021-10-22 西安电子科技大学 无可信中心的群签名方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009076811A1 (fr) * 2007-12-14 2009-06-25 Huawei Technologies Co., Ltd. Procédé, système, client et serveur destinés à la négociation de clé
CN102983971A (zh) * 2012-10-10 2013-03-20 中国科学技术大学苏州研究院 网络环境中进行用户身份认证的无证书签名方法
CN107171788A (zh) * 2017-04-08 2017-09-15 西安邮电大学 一种基于身份且签名长度恒定的在线离线聚合签名方法
CN110011806A (zh) * 2019-03-22 2019-07-12 西安邮电大学 多源网络编码机制下多重同态签名方法
CN110351096A (zh) * 2019-07-24 2019-10-18 深圳壹账通智能科技有限公司 多重签名方法、签名中心、介质及电子设备

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113139197B (zh) * 2021-04-27 2024-05-28 上海淇玥信息技术有限公司 一种项目验签方法、装置和电子设备
CN113139197A (zh) * 2021-04-27 2021-07-20 上海淇玥信息技术有限公司 一种项目验签方法、装置和电子设备
CN113343259A (zh) * 2021-06-17 2021-09-03 北京宏思电子技术有限责任公司 基于sm2的联合签名实现方法、装置、电子设备及存储介质
CN113343259B (zh) * 2021-06-17 2023-09-29 北京宏思电子技术有限责任公司 基于sm2的联合签名实现方法、装置、电子设备及存储介质
CN114070556B (zh) * 2021-11-15 2023-07-25 成都卫士通信息产业股份有限公司 一种门限环签名方法、装置、电子设备及可读存储介质
CN114070556A (zh) * 2021-11-15 2022-02-18 成都卫士通信息产业股份有限公司 一种门限环签名方法、装置、电子设备及可读存储介质
CN113869901A (zh) * 2021-12-02 2021-12-31 腾讯科技(深圳)有限公司 密钥生成方法、装置、计算机可读存储介质及计算机设备
CN114187000A (zh) * 2021-12-10 2022-03-15 建信金融科技有限责任公司 用于分散私钥的签名方法、设备、存储介质及处理器
CN115001711B (zh) * 2022-06-10 2024-01-30 成都卫士通信息产业股份有限公司 信息签名方法、装置、电子设备及计算机可读存储介质
CN115001711A (zh) * 2022-06-10 2022-09-02 成都卫士通信息产业股份有限公司 信息签名方法、装置、电子设备及计算机可读存储介质
CN114780923B (zh) * 2022-06-17 2022-09-27 杭州天谷信息科技有限公司 一种电子印章的管控方法及系统
CN114780923A (zh) * 2022-06-17 2022-07-22 杭州天谷信息科技有限公司 一种电子印章的管控方法及系统
CN115225288A (zh) * 2022-07-22 2022-10-21 济南浪潮数据技术有限公司 一种签名信息归档方法、装置、设备及介质
CN115913573A (zh) * 2022-11-30 2023-04-04 广东电网有限责任公司广州供电局 基于区块链的二次设备定值门限发令方法、系统及介质
WO2024119308A1 (fr) * 2022-12-05 2024-06-13 华为技术有限公司 Procédé de communication, nœud, système de communication et support mobile
CN118509179A (zh) * 2024-07-16 2024-08-16 北京信安世纪科技股份有限公司 多方签名生成方法和设备

Also Published As

Publication number Publication date
CN110351096A (zh) 2019-10-18
CN110351096B (zh) 2022-02-01

Similar Documents

Publication Publication Date Title
WO2021012574A1 (fr) Procédé de multisignature, centre de signature, support et dispositif électronique
CN110417750B (zh) 基于区块链技术的文件读取和存储的方法、终端设备和存储介质
CN111200502B (zh) 协同数字签名方法和装置
CN107483191B (zh) 一种sm2算法密钥分割签名系统及方法
Yang et al. Provable data possession of resource-constrained mobile devices in cloud computing
JP7164672B2 (ja) デジタル署名方法、署名情報検証方法、関連装置及び電子機器
CN112511514A (zh) 一种http加密传输方法、装置、计算机设备及存储介质
CN108712259B (zh) 基于身份的可代理上传数据的云存储高效审计方法
CN108989309A (zh) 基于窄带物联网的加密通信方法及其加密通信装置
CN114567448B (zh) 一种协同签名方法以及协同签名系统
CN113300837B (zh) 一种基于区块证明的跨链验证方法、装置和电子设备
CN114553590A (zh) 数据传输方法及相关设备
CN114785524B (zh) 电子印章生成方法、装置、设备和介质
CN115085934A (zh) 基于区块链和组合密钥的合同管理方法及相关设备
CN114726597A (zh) 数据传输方法、装置、系统及存储介质
Somaiya et al. Implementation and evaluation of EMAES–A hybrid encryption algorithm for sharing multimedia files with more security and speed
CN111552950B (zh) 一种软件授权方法、装置及计算机可读存储介质
WO2024234813A1 (fr) Procédé et appareil de vérification de signature de message, dispositif électronique, et support de stockage
WO2020177109A1 (fr) Procédé de traitement de tirage au sort, puce de confiance, nœud, support de stockage et dispositif électronique
Kang et al. ID‐Based Public Auditing Protocol for Cloud Data Integrity Checking with Privacy‐Preserving and Effective Aggregation Verification
CN117349685A (zh) 一种通信数据的聚类方法、系统、终端及介质
CN115086428B (zh) 网络请求发送方法、装置与电子设备
US11902428B2 (en) Key exchange system, communication apparatus, key exchange method and program
KR102019558B1 (ko) 내재적 인증서를 사용하는 전자서명에 대한 효율적인 서명 검증 방법
CN111931202A (zh) 用于分布式系统的加密存储方法、终端设备和存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19938993

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19938993

Country of ref document: EP

Kind code of ref document: A1