CN102546173A - Digital signature system and signature method based on certificate - Google Patents

Digital signature system and signature method based on certificate Download PDF

Info

Publication number
CN102546173A
CN102546173A CN2011104264753A CN201110426475A CN102546173A CN 102546173 A CN102546173 A CN 102546173A CN 2011104264753 A CN2011104264753 A CN 2011104264753A CN 201110426475 A CN201110426475 A CN 201110426475A CN 102546173 A CN102546173 A CN 102546173A
Authority
CN
China
Prior art keywords
user
certificate
signature
module
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2011104264753A
Other languages
Chinese (zh)
Other versions
CN102546173B (en
Inventor
李继国
王芝伟
张亦辰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hohai University HHU
Original Assignee
Hohai University HHU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hohai University HHU filed Critical Hohai University HHU
Priority to CN201110426475.3A priority Critical patent/CN102546173B/en
Publication of CN102546173A publication Critical patent/CN102546173A/en
Application granted granted Critical
Publication of CN102546173B publication Critical patent/CN102546173B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a digital signature system based on a certificate, which comprises a system parameter setting module, a user secret key generation module, a user certificate authentication module, a signature module and a checking module. The system parameter setting module generates system main secret key and system public parameter which is transmitted to other modules. The user secret key generation module generates public key and private key pairs of all users. The user certificate authentication module conducts signature on identification and public key of a user, generates the certificate of the user and transmits the certificate to the signature module. The signature module conducts signature on information and transmits the information to the checking module. The checking module checks effectiveness of the signature generated by the signature module. The system has small calculation cost and communication cost on the premise that safety is ensured, improves system operation efficiency, and is capable of reducing calculation cost and communication cost based on a digital signature method of the certificate, and improves operation efficiency of the digital signature method based on the certificate. The digital signature method based on the certificate is further disclosed.

Description

Digital signature system and endorsement method based on certificate
Technical field
The present invention relates to the digital signature technology of network security, be meant a kind of especially safely and efficiently based on the digital signature system and the digital signature method of certificate.
Background technology
Along with the develop rapidly of the computer network and the communication technology, the mankind progressively march toward informationized society, and digitlization, networking will become the new basic platform of global IT application.In the social informatization process, Internet development is very easy to people's study, work and life, and computer application has been penetrated into fields of society such as politics, economy, military affairs, science and culture and family life.Unconsciously; Information becomes most important a kind of resource and wealth; But because processes such as the transmission of information, storage, processing carry out on open communication network often, so information receives the threat of various attack means such as eavesdropping, intercepting, modification, forgery, playback easily.
Digital signature is as one of means that ensure the network information security; Can effectively solve in the network information transfer and forge, deny, pretend to be and distort problem; It is one of core technology that realizes the electronic security(ELSEC) transaction; Aspects such as fail safe, authenticity and non repudiation guaranteeing transaction have important effect, thereby are one of information security core technologies, all have important use to be worth in fields such as encryption key distribution, e-bank, electronics security, e-commerce and e-governments.
Traditional digital signature system is based on PKIX, employing be the authentication mode of certificate, realize the binding of client public key and identity information through authenticating authority mechanism (CA) certificate of being issued, thereby guarantee the authentic and valid of client public key.Certificate management comprises the cancelling of certificate, stores, renewal etc., needs very big amount of calculation and storage capacity, particularly certificate revocation problem.In addition, traditional P KI technology also exists the third party to inquire problem.So-called third party's inquiry is meant the third party before the PKI that uses certain user, and certificate status from this user to CA that need inquire is with the true and validity of verification public key.This method labor time, space and calculating were once becoming the obstacle that common key cryptosystem develops.
In order to simplify the problems such as administration overhead of digital certificate, Shamir had at first proposed the notion based on the cryptographic system of identity in 1984.Cryptographic system based on identity; Need not preserve each user's public key certificate; Do not need a public file yet and store all users' PKI; Each user's PKI all is to generate by his identity is direct, and user's identity can be his name, telephone number, ID card No., mailing address or E-mail address etc., and user's private key then is to produce by trusted party (PKG) is unified.Though the cryptographic system based on identity has overcome the certificate management problem that exists in the conventional public-key cryptographic system; But owing to still need a trusted party to produce and issue user's private key; Thereby exist intrinsic key escrow problem; Be the private key that Any user is known at credible center, thereby can eavesdrop the communication of Any user, and then can decipher the ciphertext of Any user or forge the signature of Any user.
In order to overcome based on the key escrow problem in the cryptographic system of identity; Gentry has proposed the system of a new public key cryptography-based on the public-key cryptosystem (CBC:Certificate-based Cryptography) of certificate in European cryptography meeting in 2003; This system is with traditional public-key cryptosystem with based on the advantages of the cryptographic system of identity; Eliminate the certification authentication process of high cost, and do not had the hidden danger of key escrow.The repertoire that has certificate in the conventional public-key cryptographic system based on the certificate in the public-key cryptosystem of certificate; And in deciphering and signature process as the part of private key, thereby encrypt and signature-verification process in do not exist the third party of cert status to inquire.And in the public-key cryptosystem based on certificate, the transmission of certificate need not passed through safe lane, does not have the problem of key distribution.Though the research based on the digital signature scheme of certificate makes progress to some extent, more or less there are some problem and shortage in the present digital signature method based on certificate at aspects such as security intensity, operational efficiency.
Based on above analysis, the inventor studies improvement to existing digital signature method based on certificate, and this case produces thus.
Summary of the invention
The object of the invention; Be to provide a kind of digital signature system and endorsement method based on certificate; It does not use traditional bilinearity to mapping in signature process and proof procedure, under the prerequisite that guarantees fail safe, has less calculation cost and communication cost, has improved the operational efficiency of system.
Another object of the present invention is to provide a kind of digital signature system and endorsement method based on certificate, and it can reduce based on the calculation cost of the digital signature method of certificate and communication cost, improves the operation efficiency based on the digital signature method of certificate.
In order to reach above-mentioned purpose, solution of the present invention is:
A kind of digital signature system based on certificate comprises system parameter setting module, user key generation module, user certificate authentication module, signature blocks and authentication module;
The system parameter setting module; Be used for generation system master key and system's open parameters; And system's master key sent to the user certificate authentication module, system's open parameters is sent to user key generation module, user certificate authentication module, signature blocks and authentication module;
The user key generation module, the PKI and the private key that are used to generate each user are right, and user's PKI is sent to user certificate authentication module and authentication module, and user's private key is sent to signature blocks;
The user certificate authentication module through system's master key and the system's open parameters that the system parameter setting module is sent, is signed to user's identity and PKI, produces user's certificate, and user's certificate is sent to signature blocks;
Signature blocks, the user certificate through the private key for user and the user certificate authentication module of the transmission of user key generation module are issued message is signed, and the signature that will produce sends to authentication module;
The client public key that authentication module, system's open parameters of sending through the system parameter setting module and user key generation module send is verified the validity of the signature of signature blocks generation.
A kind of digital signature method based on certificate may further comprise the steps:
A: the master key msk of initialization system open parameters params and system;
B: the PKI PK that generates the user according to the said open parameters params of system IDWith private key usk ID
C: according to the said open parameters params of system, user's identity ID, master key msk of system and user's PKI PK IDProduce user's certificate Cert ID
D: according to user's private key usk IDCertificate Cert with the user IDMessage m signed obtain σ;
E: according to said open parameters params of system and user's PKI PK IDValidity to the signature sigma of message m is verified.
Above-mentioned steps A specifically comprises:
A1: choose two big prime number p and q and satisfy q|p-1;
A2: a generator g of picked at random
Figure BDA0000121898960000031
, choose a crash-resistant hash hash function H;
A3: picked at random Computing system Your Majesty key y=g xModp;
The open parameters params of system is<p, q, and g, y, H>, the master key msk of system is x.
Among the above-mentioned steps A2, selected hash hash function H selects hash function MD-5, SHA-1, SHA-2 or SHA-3 for use.
Above-mentioned steps B specifically comprises:
B1: picked at random
Figure BDA0000121898960000041
Private key usk as the user ID
B2: calculating is as user's PKI.
Above-mentioned steps C specifically comprises:
C1: picked at random
Figure BDA0000121898960000043
Calculate W=g sModp;
C2: calculate R=s+xH (ID, PK ID, W) modq obtains user's certificate Cert ID=<W, R>.Above-mentioned steps D specifically comprises:
D1: picked at random
Figure BDA0000121898960000044
Calculate U=g rModp;
D2: calculate h 1=H (m, PK ID, U, W) and h 2=H (m, ID, PK ID, U, W);
D3: calculate z=R+x IDH 1+ rh 2Modq, obtain the corresponding signature of message m and be σ=<U, W, z>.
Above-mentioned steps E specifically comprises:
E1: calculate h 0=H (ID, PK ID, W), h 1=H (m, PK ID, U, W) and h 2=H (m, ID, PK ID, U, W);
E2: whether checking equality
Figure BDA0000121898960000045
is set up; If equality is set up; Then accept signature; Otherwise, the refusal signature.
After adopting such scheme; The present invention has reduced the calculation cost and the communication cost of signature scheme under the situation that guarantees signature safety, improved the treatment effeciency of signature server; Having saved the calculation resources of signature server, is a kind of new digital signature method safely and efficiently.
Description of drawings
Fig. 1 is the digital signature system sketch map that the present invention is based on certificate;
Fig. 2 is the flow chart that the present invention is based on the digital signature method of certificate;
Fig. 3 is that the present invention is applied to the sketch map based on component property remote proving system.
Embodiment
Below will combine accompanying drawing, technical scheme of the present invention will be elaborated.
As shown in Figure 1, comprise system parameter setting modules A, user key generation module B, user certificate authentication module C, signature blocks D and authentication module E according to the digital signature system that the present invention is based on certificate.
Wherein, The system parameter setting modules A is used for generation system master key msk and the open parameters params of system; And the master key msk of system sent to user certificate authentication module C, the open parameters params of system is sent to user key generation module B, user certificate authentication module C, signature blocks D and authentication module E respectively.
User key generation module B is used to generate each user's PKI PK IDWith private key usk ID, and with user's PKI PK IDSend to user certificate authentication module C and authentication module E, with user's private key usk IDSend to signature blocks D.
Master key msk of system and the open parameters params of system that user certificate authentication module C sends through the system parameter setting modules A are to the identity ID and the PKI PK of validated user IDSign, produce user's certificate Cet ID, and with user's certificate Cert IDSend to signature blocks.
The private key for user usk that signature blocks D sends through user key generation module B IDThe user certificate Cert that issues with user certificate authentication module C ID, message m is signed, and the signature sigma that produces is sent to authentication module E.
Authentication module E is through the open parameters params of system of system parameter setting modules A transmission and the client public key PK of user key generation module B transmission ID, the validity of the signature sigma that signature blocks D is produced is verified.
The flow chart that will combine digital signature method below specifies the operation of each module in this digital signature system.
As shown in Figure 2, this system parameter setting modules A is carried out following steps:
A1: choose two big prime number p and q and satisfy q|p-1, wherein p is 1024 a integer, and q is 160 a integer;
A2: a generator g of picked at random , choose SHA-1 as crash-resistant hash function H ();
A3: picked at random
Figure BDA0000121898960000052
Computing system Your Majesty key y=g xModp.
Comprehensive above-mentioned information, system parameter setting modules A retrieval system open parameters params is<p, q, g, y, H>, the master key msk of system is x.
This user key generation module B carries out following steps:
B1: picked at random
Figure BDA0000121898960000061
Private key usk as the user ID
B2: calculating
Figure BDA0000121898960000062
is as user's PKI.
This user certificate authentication module C carries out following steps:
C1: picked at random
Figure BDA0000121898960000063
Calculate W=g sModp;
C2: calculate R=s+xH (ID, PK ID, W) modq obtains user's certificate Cert ID=<W, R>.This signature blocks D carries out following steps:
D1: picked at random
Figure BDA0000121898960000064
Calculate U=g rModp;
D2: calculate h 1=H (m, PK ID, U, W) and h 2=H (m, ID, PK ID, U, W);
D3: calculate z=R+x IDH 1+ rh 2Modq, obtain the corresponding signature of message m and be σ=<U, W, z>.
This authentication module E carries out following steps:
E1: calculate h 0=H (ID, PK ID, W), h 1=H (m, PK ID, U, W), h 2=H (m, ID, PK ID, U, W);
E2: whether checking equality
Figure BDA0000121898960000065
is set up; If equality is set up; Then accept signature; Otherwise, the refusal signature.
To be applied to describe according to the digital signature system based on certificate of the present invention to aforesaid below based on the situation in the remote proving system of component property trusted terminal.
With prove computing platform credible be that the remote proving of target is one of valuable feature function of Trusted Computing, be subjected to the extensive concern of domestic and international scientific research institution.Along with the continuous development of remote proving, the remote proving scheme (component property-based attestation is called for short CPBA) based on component property has appearred.
In remote proving (CPBA) method based on component property, the issuing, cancel and verify and all use traditional P KI method to realize of component property certificate.Therefore, the efficient of component property proof is lower, during particularly to the attribute proof of big quantity assembly, calculate and communication cost bigger, be not particularly suitable.According to of the present invention efficiently based on the digital signature method of certificate; Not only can with cancelling new method be provided for the certificate issued of credible platform (TPM); And to can be used for credible calculating platform proof of identification method be the structure of privacy CA (Pricacy-CA), thereby can form practical more remote certification method.
As shown in Figure 3, improved remote proving system based on component property comprises assembly production firm, user platform, ISP, these 4 roles of certificate issuance authoritative institution.Except assembly production firm, other 3 roles participate in the remote proving process of component property proof.We represent each participant in the system with following symbol:
CA: the algorithm in the certificate issuance authoritative institution (Certificate Authority), main execution graph 1 system parameter setting modules A and user certificate authentication module C, the generation and the issue of responsible system parameters, cancel the component property certificate;
USER: user platform, comprise main frame (HOST) and credible platform module (TPM) two parts, the algorithm among main execution graph 1 user key generation module B and the signature blocks D belongs to the certifier in the identification protocol;
SP: ISP (Service Provider), the algorithm among the main execution graph 1 authentication module E proposes the attribute demand of proof, and the checking component property proves.
The remote proving scheme (CPBA) based on component property of credible calculating platform is that attribute authority (aa) mechanism is the Attribute certificate that various types of components is issued; Attribute certificate and soft, hardware binding are issued jointly, and the platform certifier proves that to the ISP its current operation configuration status satisfies certain security attribute according to the component property certificate of configuration and the integrity measurement of TPM.Improved remote proving scheme based on component property does not need the third party to inquire, has improved the efficient based on the remote proving system of component property.Architecture by Fig. 3 can find out that improved CPBA proof is made up of following steps:
Initialization (Setup): by the algorithm in certificate issuance authoritative institution (CA) the execution graph 1 system parameter setting modules A, generation system master key msk and the open parameters params of system, and the open parameters params of system sent to USER and SP respectively;
Registration (Register):, generate the PKI PK of user platform by the algorithm among user platform (USER) the execution graph 1 user key generation module B IDWith private key usk ID, and with PK IDSend to CA and SP with the platform component property, CA carries out the algorithm among the user certificate authentication module C then, for the user platform component property is issued certificate Cert ID
Proof (Attest): user platform (comprising HOST and TPM) is according to ISP's (SP) proof request, and the algorithm among the execution graph 1 signature blocks D is with the private key usk of oneself IDWith certificate Cert IDComputing platform component property signature sigma is sent signature sigma to SP then and is carried out remote proving;
Checking (Verify): by the algorithm among ISP (SP) the execution graph 1 authentication module E, with open parameters params of system and user platform PKI PK IDPlatform assembly attribute signature sigma is verified.
Improved remote proving system based on the component property trusted terminal has introduced the digital signature scheme based on certificate, has eliminated third party's inquiry of certificate, has reduced the calculation cost and the communication cost of system, has improved the efficient of remote proving system.
Concerning the those of ordinary skill of this technical field, can associate other advantage and distortion at an easy rate according to above implementation type.Therefore, the present invention is not limited to above-mentioned specific embodiment, and it carries out detailed, exemplary explanation as just example to a kind of form of the present invention.In the scope that does not deviate from aim of the present invention, those of ordinary skills can according to above-mentioned specific embodiment through various be equal to that the resulting technical scheme of replacement all should be included in the scope of claim of the present invention and the scope that is equal within.

Claims (8)

1. digital signature system based on certificate is characterized in that comprising:
The system parameter setting module; Be used for generation system master key and system's open parameters; And system's master key sent to the user certificate authentication module, system's open parameters is sent to user key generation module, user certificate authentication module, signature blocks and authentication module;
The user key generation module, the PKI and the private key that are used to generate each user are right, and user's PKI is sent to user certificate authentication module and authentication module, and user's private key is sent to signature blocks;
The user certificate authentication module through system's master key and the system's open parameters that the system parameter setting module is sent, is signed to user's identity and PKI, produces user's certificate, and user's certificate is sent to signature blocks;
Signature blocks, the user certificate through the private key for user and the user certificate authentication module of the transmission of user key generation module are issued message is signed, and the signature that will produce sends to authentication module;
The client public key that authentication module, system's open parameters of sending through the system parameter setting module and user key generation module send is verified the validity of the signature of signature blocks generation.
2. endorsement method that adopts the digital signature system based on certificate as claimed in claim 1 is characterized in that may further comprise the steps:
A: the master key msk of initialization system open parameters params and system;
B: the PKI PK that generates the user according to the said open parameters params of system IDWith private key usk ID
C: according to the said open parameters params of system, user's identity ID, master key msk of system and user's PKI PK IDProduce user's certificate Cert ID
D: according to user's private key usk IDCertificate Cert with the user IDMessage m signed obtain σ;
E: according to said open parameters params of system and user's PKI PK IDValidity to the signature sigma of message m is verified.
3. the digital signature method based on certificate as claimed in claim 2 is characterized in that said steps A specifically comprises:
A1: choose two big prime number p and q and satisfy q|p-1;
A2: a generator g of picked at random
Figure FDA0000121898950000011
, choose a crash-resistant hash hash function H;
A3: picked at random
Figure FDA0000121898950000012
Computing system Your Majesty key y=g xModp;
The open parameters params of system is<p, q, and g, y, H>, the master key msk of system is x.
4. the digital signature method based on certificate as claimed in claim 3 is characterized in that, in the said steps A 2, selected hash hash function H selects hash function MD-5, SHA-1, SHA-2 or SHA-3 for use.
5. the digital signature method based on certificate as claimed in claim 2 is characterized in that said step B specifically comprises:
B1: picked at random Private key usk as the user ID
B2: calculating
Figure FDA0000121898950000022
is as user's PKI.
6. the digital signature method based on certificate as claimed in claim 2 is characterized in that said step C specifically comprises:
C1: picked at random
Figure FDA0000121898950000023
Calculate W=g sModp;
C2: calculate R=s+xH (ID, PK ID, W) modq obtains user's certificate Cert ID=<W, R>.
7. the digital signature method based on certificate as claimed in claim 2 is characterized in that said step D specifically comprises:
D1: picked at random
Figure FDA0000121898950000024
Calculate U=g rModp;
D2: calculate h 1=H (m, PK ID, U, W) and h 2=H (m, ID, PK ID, U, W);
D3: calculate z=R+x IDH 1+ rh 2Modq, obtain the corresponding signature of message m and be σ=<U, W, z>.
8. the digital signature method based on certificate as claimed in claim 2 is characterized in that said step e specifically comprises:
E1: calculate h 0=H (ID, PK ID, W), h 1=H (m, PK ID, U, W) and h 2=H (m, ID, PK ID, U, W);
E2: whether checking equality
Figure FDA0000121898950000025
is set up; If equality is set up; Then accept signature; Otherwise, the refusal signature.
CN201110426475.3A 2011-12-19 2011-12-19 Digital signature system and signature method based on certificate Expired - Fee Related CN102546173B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201110426475.3A CN102546173B (en) 2011-12-19 2011-12-19 Digital signature system and signature method based on certificate

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110426475.3A CN102546173B (en) 2011-12-19 2011-12-19 Digital signature system and signature method based on certificate

Publications (2)

Publication Number Publication Date
CN102546173A true CN102546173A (en) 2012-07-04
CN102546173B CN102546173B (en) 2014-09-10

Family

ID=46352190

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110426475.3A Expired - Fee Related CN102546173B (en) 2011-12-19 2011-12-19 Digital signature system and signature method based on certificate

Country Status (1)

Country Link
CN (1) CN102546173B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104868993A (en) * 2015-05-15 2015-08-26 河海大学 Two-side authentication key negotiation method and system based on certificate
CN105281910A (en) * 2015-06-26 2016-01-27 浙江巨联科技股份有限公司 Internet of things lock with CA digital certificate serving as network access identity identifier and network access identity identification method
CN105376064A (en) * 2015-11-23 2016-03-02 河海大学 Anonymous message authentication system and message signing method thereof
CN106209743A (en) * 2015-05-06 2016-12-07 广州星海智慧家庭***集成有限公司 A kind of digital home integrated system authentication method of identity-based signature
CN107979459A (en) * 2016-10-24 2018-05-01 福建凯特信息安全技术有限公司 A kind of digital signature applications method based on electronics license
CN110768799A (en) * 2019-12-30 2020-02-07 ***股份有限公司 Digital signature method, device, equipment, medium and system
CN112073173A (en) * 2020-09-07 2020-12-11 中国人民解放军战略支援部队信息工程大学 Illegal signer determination system facing block chain PKI
CN113541972A (en) * 2021-09-17 2021-10-22 杭州天谷信息科技有限公司 Digital certificate generation method and electronic signature method
WO2022116734A1 (en) * 2020-12-04 2022-06-09 华为技术有限公司 Digital certificate issuing method and apparatus, terminal entity, and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101697513A (en) * 2009-10-26 2010-04-21 深圳华为通信技术有限公司 Digital signature method, device and system as well as digital signature verification method
CN101873307A (en) * 2010-03-19 2010-10-27 上海交通大学 Digital signature method, device and system based on identity forward secrecy
CN102420691A (en) * 2011-12-16 2012-04-18 河海大学 Certificate-based forward security signature method and system thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101697513A (en) * 2009-10-26 2010-04-21 深圳华为通信技术有限公司 Digital signature method, device and system as well as digital signature verification method
CN101873307A (en) * 2010-03-19 2010-10-27 上海交通大学 Digital signature method, device and system based on identity forward secrecy
CN102420691A (en) * 2011-12-16 2012-04-18 河海大学 Certificate-based forward security signature method and system thereof

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
JIGUO LI 等: "Improvement of Threshold Signature Scheme Using Self-Certified Public Key", 《INNOVATIVE COMPUTING, INFORMATION AND CONTROL, 2006》, 1 September 2006 (2006-09-01), pages 480 - 483 *
王雯娟 等: "一个高效的基于证书数字签名方案", 《计算机工程与应用》, 14 February 2011 (2011-02-14), pages 89 - 92 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106209743A (en) * 2015-05-06 2016-12-07 广州星海智慧家庭***集成有限公司 A kind of digital home integrated system authentication method of identity-based signature
CN104868993A (en) * 2015-05-15 2015-08-26 河海大学 Two-side authentication key negotiation method and system based on certificate
CN105281910A (en) * 2015-06-26 2016-01-27 浙江巨联科技股份有限公司 Internet of things lock with CA digital certificate serving as network access identity identifier and network access identity identification method
CN105376064A (en) * 2015-11-23 2016-03-02 河海大学 Anonymous message authentication system and message signing method thereof
CN105376064B (en) * 2015-11-23 2018-08-28 河海大学 A kind of anonymity message authentication system and its message signing method
CN107979459A (en) * 2016-10-24 2018-05-01 福建凯特信息安全技术有限公司 A kind of digital signature applications method based on electronics license
CN110768799A (en) * 2019-12-30 2020-02-07 ***股份有限公司 Digital signature method, device, equipment, medium and system
CN110768799B (en) * 2019-12-30 2020-04-14 ***股份有限公司 Digital signature method, device, equipment, medium and system
WO2021135504A1 (en) * 2019-12-30 2021-07-08 ***股份有限公司 Digital signing method, apparatus and device, medium, and system
CN112073173A (en) * 2020-09-07 2020-12-11 中国人民解放军战略支援部队信息工程大学 Illegal signer determination system facing block chain PKI
WO2022116734A1 (en) * 2020-12-04 2022-06-09 华为技术有限公司 Digital certificate issuing method and apparatus, terminal entity, and system
CN113541972A (en) * 2021-09-17 2021-10-22 杭州天谷信息科技有限公司 Digital certificate generation method and electronic signature method

Also Published As

Publication number Publication date
CN102546173B (en) 2014-09-10

Similar Documents

Publication Publication Date Title
CN102546173B (en) Digital signature system and signature method based on certificate
Li et al. Cryptanalysis and improvement of certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks
CN107733648B (en) Identity-based RSA digital signature generation method and system
CN101674304B (en) Network identity authentication system and method
CN103248488B (en) Identity-based key generation method and identity-based authentication method
CN106341232B (en) A kind of anonymous entity discrimination method based on password
CN103297241B (en) Close building method is signed in a kind of One-off public key anonymity
CN108881279B (en) Mobile health medical sensor data privacy protection method
CN104079412B (en) The threshold proxy signature method without credible PKG based on intelligent grid identity security
JP2002534701A (en) Auto-recoverable, auto-encryptable cryptosystem using escrowed signature-only keys
CN104767612A (en) Signcryption method from certificateless environment to public key infrastructure environment
CN110138567A (en) A kind of collaboration endorsement method based on ECDSA
CN109600228A (en) The signature method and sealing system of anti-quantum calculation based on public keys pond
CN103905384A (en) Embedded inter-terminal session handshake realization method based on security digital certificate
Adida et al. Lightweight Encryption for Email.
Kwon Privacy preservation with X. 509 standard certificates
CN110519040B (en) Anti-quantum computation digital signature method and system based on identity
Wang et al. An efficient anonymous batch authenticated and key agreement scheme using self-certified public keys in VANETs
Li et al. Provably Secure Certificate-based Proxy Signature Schemes.
Cheng et al. Cryptanalysis and improvement of a certificateless partially blind signature
Chen et al. Strongly secure certificateless key-insulated signature secure in the standard model
Tian et al. Cryptanalysis and improvement of a certificateless multi-proxy signature scheme
Wang et al. Perfect ambiguous optimistic fair exchange
Hassouna et al. A New Level 3 Trust Hierarchal Certificateless Public Key Cryptography Scheme in the Random Oracle Model.
Shao et al. Certificate‐based verifiably encrypted RSA signatures

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20140910

Termination date: 20181219

CF01 Termination of patent right due to non-payment of annual fee