CN110175473B - Digital signature method based on lattice difficulty problem - Google Patents

Digital signature method based on lattice difficulty problem Download PDF

Info

Publication number
CN110175473B
CN110175473B CN201910429858.2A CN201910429858A CN110175473B CN 110175473 B CN110175473 B CN 110175473B CN 201910429858 A CN201910429858 A CN 201910429858A CN 110175473 B CN110175473 B CN 110175473B
Authority
CN
China
Prior art keywords
signature
polynomial
generating
key
binary
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910429858.2A
Other languages
Chinese (zh)
Other versions
CN110175473A (en
Inventor
魏文宽
王保仓
张志立
薛冠豪
赵青青
曲全博
曾一波
庞宏平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201910429858.2A priority Critical patent/CN110175473B/en
Publication of CN110175473A publication Critical patent/CN110175473A/en
Application granted granted Critical
Publication of CN110175473B publication Critical patent/CN110175473B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a digital signature method based on a lattice difficulty problem, which mainly solves the problem of low signature efficiency in the prior art and reduces the signature length on the premise of improving the efficiency. The method comprises the following implementation steps: 1. the signature entity generates a parameter system according to the security requirement; generating a signature private key and a verification public key by using a parameter system according to a key generation method; 2. the signature entity uses the verification public key to generate a random value and a partial signature value required in the signature process in advance; 3. the signing entity signs the message by using a signature private key and outputs a signature message meeting the requirement; 4. the verifier verifies the validity of the signed message using the verification public key. The invention improves the signature generation efficiency under the same security level, reduces the signature length, and can be used for ensuring the integrity of information transmission, the identity authentication of an information sender and preventing the occurrence of transaction repudiation.

Description

Digital signature method based on lattice difficulty problem
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a digital signature method which can be used for guaranteeing the integrity of information transmission, the identity authentication of an information sender and preventing the occurrence of transaction repudiation.
Background
After a quantum computer model is developed, the time complexity of a traditional cryptographic algorithm is reduced from omega (n) to O (n) by the quantum algorithm, so that the traditional cryptographic scheme constructed based on the number theory is no longer safe, the cryptographic scheme constructed based on the lattice has a well-known quantum resistance characteristic, and almost all traditional cryptographic primitives can be realized on the lattice, so that the lattice theory and the construction and application of the lattice cipher are widely researched by a person skilled in the cryptographic technology field.
The digital signature is also called a public key digital signature, like a physical signature, and is a section of digital string which ensures that a receiver can verify the authenticity of information by an information sender, and the digital signature is signed by using a private key and verified by using a public key. With the continuous development of lattice theory, many different types of lattice signature schemes have appeared, but the schemes are roughly divided into two types, namely a digital signature method based on lattice trapdoor construction, and a method for constructing a lattice signature without using trapdoors.
For the first type, gentry et al proposed in 2008 the first method for constructing a lattice digital signature, which uses a lattice trapdoor to construct a verification public key and a signature private key, and uses spherical discrete gaussian sampling in the signature process, although having good security, the security assurance comes from using spherical discrete gaussian sampling technique in the signature process, which makes this type of method have a common disadvantage and low signature efficiency.
Compared with the above-mentioned type of digital signature method, it should be more advantageous to realize that Bai and Galbraith propose a lattice signature method based on the Fiat-Shamir transform structure, which is proposed as the second type to be mentioned next, in 2014, and this type of method was studied later by aikim et al under the name of TESLA. Although this type of scheme is relatively efficient in hardware implementation, it also has some drawbacks. Firstly, the existing methods of this type all use discrete gaussian sampling in the key generation and signature process; secondly, in order to ensure the security of the private signature key, a sampling rejection method is used, so that the output probability of the signature is no longer hundreds of percent, but only about 1/3 and the upper limit is limited to 3/4, which all affect the signature efficiency.
Disclosure of Invention
The present invention aims to provide a digital signature method based on the above-mentioned difficult problem to improve the efficiency of signature generation and reduce the signature length under the same security level.
In order to achieve the purpose, the technical scheme of the invention comprises the following steps:
(1) The signing entity generates a parameter system according to own security requirements, wherein the parameter system comprises: a first prime number p =2, a second prime number q greater than p, a prime number n satisfying 2 n -1 is a Messen prime number, a Hash function Hash of a binary string of arbitrary length to a binary string of n bits length, a modulo x n -1 univariate polynomial whole-coefficient ring
Figure BDA0002068639570000021
A set of n-order binary polynomials {0,1} n And a set of integers greater than or equal to 0 and less than q
Figure BDA0002068639570000022
Defining polynomial multiplication as ring R q Multiplication of (c);
(2) Generating a signature private key and a verification public key:
the signing entity generates a polynomial as the first public key a, a belongs to R q The sum of all coefficients satisfying polynomial a is a multiple of q and the sum of all coefficients of polynomial asp (mod q) is equal to q, and a binary polynomial is generated as the verification secret key s, s ∈ {0,1} n And generating a second public key by using the first public key a and the verification private key s:
Figure BDA0002068639570000023
respectively using (t, a) and s as a public verification key and a private signature key of a signature entity, wherein the symbol
Figure BDA0002068639570000024
Representing rounding down each coefficient of the intra-symbol polynomial, (mod p) representing modulo p each element in the vector;
(3) The signature Sig of the message m is generated and verified:
(3.1) the signing entity uses the Hash function Hash to generate a Hash value c = Hash (m), c is converted into decimal number, and is marked as c D
(3.2) generating a binary polynomial k by the signing entity B ,k B ∈{0,1} n And generates a first signature value:
Figure BDA0002068639570000025
satisfy polynomial pak B (modq) each coefficient being greater than (q-1)/2;
(3.3) converting the binary polynomial k B R and s are converted into decimal numbers, and are respectively marked as k D 、r D And s D And generate k D In the mold 2 n Multiplicative inverse in the sense of-1
Figure BDA0002068639570000026
And a second signature value:
Figure BDA0002068639570000027
(3.4) production of z D In the mold 2 n Multiplication inverse in the sense of-1
Figure BDA0002068639570000028
And generates a first intermediate item
Figure BDA0002068639570000029
Consider b as a polynomial of order n, denoted b B Verification (z) D ,r D ) Whether it can be used as signature Sig for message m:
if polynomial pak B (modq)-pad B (modq) is greater than 0, then Sig = (z) D ,r D ) Otherwise, returning to the step (3.2);
(4) The validity of the message m is verified with the signature Sig and the public key (t, a):
(4.1) generating a Hash value c = Hash (m) using the message m and a Hash function Hash;
(4.2) production of z D In the mold 2 n Multiplicative inverse in the sense of-1
Figure BDA0002068639570000031
Converting c into decimal number, and recording as c D And then generating the first intermediate item
Figure BDA0002068639570000032
And a second intermediate item
Figure BDA0002068639570000033
Let b and d be regarded as n-th order polynomials and respectively marked as b B And d B
(4.3) mixing D Conversion to a binary polynomial, denoted r B Generating a verification value: d' = r B -tb B (modp);
(4.4) determination of d B And d' are equal, if equal, the message m is considered valid, otherwise, the message m is considered invalid.
Compared with the prior art, the invention has the following advantages:
1) High efficiency
Compared with the prior art, the invention does not use Gaussian sampling and binary polynomial k B The processes of selecting and generating the first signature value r can be performed in advance, so that the signature efficiency is improved.
2) Short signature length
Compared with the prior art, the invention meets the selection requirement of 2 on the parameter n under the same security level n -1 is the metson prime number, i.e. n has a limited range of choices, but the length of the signature generated is only twice the size of the parameter n, and therefore the signature length is shorter.
Drawings
FIG. 1 is a flow chart of an implementation of the present invention.
Detailed Description
Referring to fig. 1, the implementation steps of the present invention are as follows:
step 1, a signature entity generates a parameter system.
The signing entity generates a parameter system according to own security requirements, wherein the parameter system comprises: a first prime number p =2, a second prime number q greater than p, a prime number n satisfying 2 n -1 is a Messen prime number, a Hash function Hash of a binary string of arbitrary length to a binary string of n bits length, a modulo x n A univariate polynomial integer ring of-1
Figure BDA0002068639570000034
A set of binary polynomials of order n {0,1} n And a set of integers greater than or equal to 0 and less than q
Figure BDA0002068639570000035
Defining polynomial multiplication as ring R q Multiplication in the sense.
And 2, the signing entity generates a verification public key and a signature private key.
2.1 ) randomly selects a binary polynomial as the signature private key s, s belongs to {0,1} n And produce s at R q Multiplication inverse s in *
2.2 The signing entity generates a polynomial a which is a multiple of q and the sum of all coefficients satisfying the polynomial asp (modq) is equal to q:
2.2.1 Split q into n positive integers smaller than q, denoted t i I =1, 2.. N, wherein q is split into n positive integers smaller than q (t) 1 ,t 2 ,...,t n ) N is the number (t) 1 ,t 2 ,...,t n ) The smaller the variance of (c), the greater the probability of signature success thereafter;
2.2.2 ) generate an intermediate variable x i Satisfy 2x i ≡t i (mod q) in which, among others,
Figure BDA0002068639570000041
2.2.3 N integers x) i N coefficients, each of which is considered as an n-th order polynomial, said polynomial being denoted as t *
2.2.4 Generate the first public key: a = t * s * (mod q);
2.3 Generate a second public key:
Figure BDA0002068639570000042
respectively using (t, a) and s as a public verification key and a private signature key of a signature entity, wherein the symbol
Figure BDA0002068639570000043
Indicating rounding down each coefficient of the in-sign polynomial, (mod p) indicating modulo p each coefficient of the polynomial.
And 3, generating an array list (R, K) of the prepared random values by using the first public key a.
3.1 Record the number of coefficient 1 in the signature private key s;
3.2 ) select a preliminary random value according to the number of coefficients 1 in the signature private key s
Figure BDA0002068639570000044
Figure BDA0002068639570000045
And judging the parity of the polynomial s with the coefficient of 1 number:
if the number of the coefficients 1 in the s is even, the binary polynomial with the odd number of the coefficients 1 is randomly selected as a prepared random value
Figure BDA0002068639570000046
Otherwise, selecting binary polynomial with even number of coefficients 1 as
Figure BDA0002068639570000047
3.3 According to what has already been generated
Figure BDA0002068639570000048
And a first public key a, generating a preliminary signature value:
Figure BDA0002068639570000049
3.4 ) a decision polynomial
Figure BDA00020686395700000410
Whether each coefficient of (b) is greater than (q-1)/2: if both are larger than the above range, r = r * And is
Figure BDA00020686395700000411
If not, then the mobile terminal can be switched to the normal mode,returning to the step (step 3.2);
3.5 Repeat the four steps of 3.1), 3.2), 3.3), 3.4), will produce (r, k) each time B ) Are sequentially marked as (r) j ,k j ) And stored into an array list (R, K) where j =1,2,3, \8230.
And 4, generating a signature Sig of the message m and verifying the signature Sig.
4.1 ) the signing entity generates a Hash value c = Hash (m) using a Hash function Hash, converts c to a decimal number denoted c D
4.2 The signing entity selects a set of arrays (R) from the array list (R, K) x ,k x ) Is assigned to (r, k) B ) Wherein x =1,2,3, \8230;
4.3 ) three binary polynomials k B R and s are converted into decimal numbers, which are respectively marked as k D 、r D And s D And generate k D In the mold 2 n Multiplicative inverse in the sense of-1
Figure BDA0002068639570000051
And a second signature value:
Figure BDA0002068639570000052
4.4 ) generates a second signature value z D In the mold 2 n Multiplicative inverse in the sense of-1
Figure BDA0002068639570000053
And generates a first intermediate item
Figure BDA0002068639570000054
Consider b as a polynomial of order n, denoted b B Verification (z) D ,r D ) Whether it can be used as signature Sig for message m:
if polynomial pak B (modq)-pasb B (modq) is greater than or 0, then Sig = (z) D ,r D ),
Otherwise, will (r) x ,k x ) Removed from the array list (R, K) and returned to (step 4.2).
And 5, authenticating the user to perform signature authentication.
To verify the validity of the message m, anyone can use the signature Sig = (z) D ,r D ) And the public key (t, a) performs the following verification process:
5.1 Using the message m and the Hash function Hash to generate a Hash value c = Hash (m), and convert c to a decimal number denoted c D
5.2 Produced z) D In the mold 2 n Multiplicative inverse in the sense of-1
Figure BDA0002068639570000055
Regenerating the first intermediate item
Figure BDA0002068639570000056
And a second intermediate item
Figure BDA0002068639570000057
B and d are regarded as n-order polynomials and are respectively marked as b B And d B
5.3 A signature value r) D Conversion to a binary polynomial, denoted r B Generating a verification value: d' = r B -tb B (modp);
5.4 D) judgment of B And d' are equal, if equal, the message m is considered valid, otherwise, the message m is considered invalid.
It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention.

Claims (3)

1. A digital signature method based on the lattice difficulty problem is characterized by comprising the following steps:
(1) The signing entity generates a parameter system according to its own security requirements, which includes: first elementThe number p =2, a second prime number q greater than p, one prime number n satisfying 2 n -1 is a Messen prime number, a Hash function Hash of a binary string of arbitrary length to a binary string of n bits length, a modulo x n A univariate polynomial integer ring of-1
Figure FDA0002068639560000011
A set of n-order binary polynomials {0,1} n And a set of integers greater than or equal to 0 and less than q
Figure FDA0002068639560000012
Defining polynomial multiplication as ring R q Multiplication of (a);
(2) Generating a signature private key and a verification public key:
the signing entity generates a polynomial as the first public key a, a belongs to R q The sum of all coefficients satisfying polynomial a is a multiple of q and the sum of all coefficients of polynomial asp (mod q) is equal to q, and a binary polynomial is generated as the verification secret key s, s ∈ {0,1} n And generating a second public key using the first public key a and the verification private key s:
Figure FDA0002068639560000013
respectively using (t, a) and s as a public verification key and a private signature key of a signature entity, wherein the symbol
Figure FDA0002068639560000014
Representing rounding down each coefficient of the polynomial in the symbol, (mod p) representing modulo p each element in the vector;
(3) The signature Sig of the message m is generated and verified:
(3.1) the signing entity uses the Hash function Hash to generate a Hash value c = Hash (m), c is converted into decimal number, and is marked as c D
(3.2) generating a binary polynomial k by the signing entity B ,k B ∈{0,1} n And generates a first signature value:
Figure FDA0002068639560000015
satisfy polynomial pak B (mod q) each coefficient being greater than (q-1)/2;
(3.3) converting the binary polynomial k B R and s are converted into decimal numbers, which are respectively marked as k D 、r D And s D And generate k D In the mold 2 n Multiplicative inverse in the sense of-1
Figure FDA0002068639560000019
And a second signature value:
Figure FDA0002068639560000016
(3.4) production of z D In the mold 2 n Multiplicative inverse in the sense of-1
Figure FDA0002068639560000017
And generating a first intermediate item
Figure FDA0002068639560000018
Consider b as a polynomial of order n, denoted b B Verification (z) D ,r D ) Whether it can be used as signature Sig for message m:
if polynomial pak B (mod q)-pad B (mod q) is greater than or equal to 0, then Sig = (z) D ,r D ) Otherwise, returning to the step (3.2);
(4) The validity of the message m is verified with the signature Sig and the public key (t, a):
(4.1) generating a Hash value c = Hash (m) using the message m and a Hash function Hash;
(4.2) production of z D In the mold 2 n Multiplicative inverse in the sense of-1
Figure FDA0002068639560000021
Converting c into decimal number, and recording as c D The first intermediate term is then generated
Figure FDA0002068639560000022
And a second intermediate item
Figure FDA0002068639560000023
Let b and d be regarded as n-th order polynomials and respectively marked as b B And d B
(4.3) mixing D Conversion to a binary polynomial, denoted r B Generating a verification value: d' = r B -tb B (mod p);
(4.4) determination of d B And d' are equal, if equal, the message m is considered valid, otherwise, the message m is considered invalid.
2. The method of claim 1, wherein the step (2) of generating the verification public key and the signature private key is performed by the steps of:
(2.1) splitting q into n positive integers smaller than q, and recording as (t) 1 ,t 2 ,...,t n );
(2.2) generating an intermediate variable x i Satisfy 2x i ≡t i (mod q) in which, among other things,
Figure FDA0002068639560000024
(2.3) randomly choosing a binary polynomial s, s ∈ {0,1} n Production of s in R q The multiplication inverse element in (1) is denoted as s *
(2.4) dividing n integers (x) 1 ,x 2 ,...,x n ) N coefficients, each of which is considered as an n-th order polynomial, said polynomial being denoted as t *
(2.5) generating a first public key: a = t * s * (mod q);
(2.6) generating a second public key:
Figure FDA0002068639560000025
(2.7) as the private signature key, s and (t, a) as the public verification key.
3. The method of claim 1, wherein step (3.2) generates a binary polynomial k B ,k B ∈{0,1} n And generating a first signature value r by the following steps:
(3.2 a) recording the number of coefficients 1 in the signature private key s;
(3.2 b) selecting a prepared random value according to the number of the coefficient 1 in the signature private key s
Figure FDA0002068639560000031
Figure FDA0002068639560000032
If the number of the coefficients 1 in the s is even, the binary polynomial with the odd number of the coefficients 1 is randomly selected as a prepared random value
Figure FDA0002068639560000033
Otherwise, selecting binary polynomial with even number of coefficients 1 as
Figure FDA0002068639560000034
(3.2 c) generating a preliminary signature value:
Figure FDA0002068639560000035
(3.2 d) judgment polynomial
Figure FDA0002068639560000036
Is greater than (q-1)/2: if both are greater, then a first signature value is generated: r = r * And a binary polynomial:
Figure FDA0002068639560000037
otherwise, return to step (3.2 b).
CN201910429858.2A 2019-05-22 2019-05-22 Digital signature method based on lattice difficulty problem Active CN110175473B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910429858.2A CN110175473B (en) 2019-05-22 2019-05-22 Digital signature method based on lattice difficulty problem

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910429858.2A CN110175473B (en) 2019-05-22 2019-05-22 Digital signature method based on lattice difficulty problem

Publications (2)

Publication Number Publication Date
CN110175473A CN110175473A (en) 2019-08-27
CN110175473B true CN110175473B (en) 2022-12-27

Family

ID=67691851

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910429858.2A Active CN110175473B (en) 2019-05-22 2019-05-22 Digital signature method based on lattice difficulty problem

Country Status (1)

Country Link
CN (1) CN110175473B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11522718B2 (en) 2019-11-28 2022-12-06 Crypto Lab Inc. Methods of generating encryption key and digital signature based on lattices
CN110958116B (en) * 2019-12-06 2021-02-26 中山大学 Multi-copy cloud data integrity auditing method based on lattice signature
CN112383394A (en) * 2020-11-23 2021-02-19 重庆大学 Novel incremental signature method based on ideal lattice
WO2024012431A1 (en) * 2022-07-11 2024-01-18 复旦大学 Method for efficiently, parallely and quickly achieving lattice-based signature

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101547099A (en) * 2009-05-07 2009-09-30 张键红 Elliptical curve-based method and elliptical curve-based device for self-authenticating signature
CN103259662A (en) * 2013-05-02 2013-08-21 电子科技大学 Novel procuration signature and verification method based on integer factorization problems
CN106533699A (en) * 2017-01-05 2017-03-22 河南理工大学 Identity-based blind signature method on lower lattice of standard model
CN108809658A (en) * 2018-07-20 2018-11-13 武汉大学 A kind of digital signature method and system of the identity base based on SM2
CN109714153A (en) * 2019-02-01 2019-05-03 铜陵学院 A kind of efficient aggregate signature method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9722798B2 (en) * 2014-02-10 2017-08-01 Security Innovation Inc. Digital signature method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101547099A (en) * 2009-05-07 2009-09-30 张键红 Elliptical curve-based method and elliptical curve-based device for self-authenticating signature
CN103259662A (en) * 2013-05-02 2013-08-21 电子科技大学 Novel procuration signature and verification method based on integer factorization problems
CN106533699A (en) * 2017-01-05 2017-03-22 河南理工大学 Identity-based blind signature method on lower lattice of standard model
CN108809658A (en) * 2018-07-20 2018-11-13 武汉大学 A kind of digital signature method and system of the identity base based on SM2
CN109714153A (en) * 2019-02-01 2019-05-03 铜陵学院 A kind of efficient aggregate signature method

Also Published As

Publication number Publication date
CN110175473A (en) 2019-08-27

Similar Documents

Publication Publication Date Title
CN110175473B (en) Digital signature method based on lattice difficulty problem
Bellare et al. The knowledge-of-exponent assumptions and 3-round zero-knowledge protocols
Gennaro et al. Secure hash-and-sign signatures without the random oracle
CN109903212B (en) Image encryption method based on H geometric fractal and Hilbert curve
CN108551392B (en) Blind signature generation method and system based on SM9 digital signature
CN101099329B (en) New trapdoor one-way function on elliptic curves and their applications to shorter signatures and asymmetric encryption
CN102387019B (en) Certificateless partially blind signature method
CN102263638B (en) Authenticating device, authentication method and signature generation device
CN101547099A (en) Elliptical curve-based method and elliptical curve-based device for self-authenticating signature
CN107911217B (en) Method and device for cooperatively generating signature based on ECDSA algorithm and data processing system
CN110061828B (en) Distributed digital signature method without trusted center
TWI455555B (en) Authentication device, authentication method, and program
CN115174056B (en) Chameleon signature generation method and chameleon signature generation device based on SM9 signature
Chen et al. Efficient ring signature and group signature schemes based on q-ary identification protocols
CN113032844B (en) Signature method, signature verification method and signature verification device for elliptic curve
CN102064940B (en) High-efficiency on-line/off-line digital signature method
CN112491560A (en) SM2 digital signature method and medium supporting batch verification
CN109981276B (en) National cipher substitution realization method for zk-snark bottom layer bilinear pairs
CN116016795A (en) Image encryption method based on variable step length extraction random number and improved ZigZag conversion
CN115499453A (en) Sharding storage method facing alliance chain
Song et al. An improved Durandal signature scheme
CN114065233A (en) Digital signature aggregation method for big data and block chain application
CN110995441A (en) Multi-party collaborative EdDSA digital signature generation method and medium
CN111082945A (en) Two-party EdDSA (EdDSA) collaborative signature protocol
Cayrel et al. Improved identity-based identification using correcting codes

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant