CN111769953B - Digital certificate certification method, device, equipment and readable storage medium - Google Patents

Digital certificate certification method, device, equipment and readable storage medium Download PDF

Info

Publication number
CN111769953B
CN111769953B CN202010605091.7A CN202010605091A CN111769953B CN 111769953 B CN111769953 B CN 111769953B CN 202010605091 A CN202010605091 A CN 202010605091A CN 111769953 B CN111769953 B CN 111769953B
Authority
CN
China
Prior art keywords
random number
data
certificate
certification
digital
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010605091.7A
Other languages
Chinese (zh)
Other versions
CN111769953A (en
Inventor
张亮轩
陈亮
张一锋
李宏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongchao Creditcard Industry Development Co Ltd Hangzhou Blockchain Technology Research Institute
Original Assignee
Zhongchao Creditcard Industry Development Co Ltd Hangzhou Blockchain Technology Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhongchao Creditcard Industry Development Co Ltd Hangzhou Blockchain Technology Research Institute filed Critical Zhongchao Creditcard Industry Development Co Ltd Hangzhou Blockchain Technology Research Institute
Priority to CN202010605091.7A priority Critical patent/CN111769953B/en
Publication of CN111769953A publication Critical patent/CN111769953A/en
Application granted granted Critical
Publication of CN111769953B publication Critical patent/CN111769953B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • H04L9/3221Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a method, a device, equipment and a storage medium for proving digital certificates, wherein the method comprises the following steps: obtaining a verification difference value by using the comparison parameter and the data to be verified in the digital certificate, and expanding the verification difference value to obtain a verification sub-difference value; generating a first random number, and performing non-interactive zero knowledge certification based on a certificate-issuing party public key by using the first random number and a verification sub-difference value to obtain a first certification result; generating a second random number, and carrying out non-interactive zero-knowledge proof based on the certificate-issuing party public key on the second random number, the verification sub-difference value and the first proof result to obtain a second proof result; obtaining an intermediate parameter by using the first random number and the second random number, and performing non-interactive zero-knowledge proof based on a certificate-issuing party public key by using the intermediate parameter and data to be verified to obtain a third proof result; generating a proof result by using the first proof result, the second proof result and the third proof result; the method can prove the logic relation on the premise of not revealing privacy.

Description

Digital certificate certification method, device, equipment and readable storage medium
Technical Field
The invention relates to the technical field of privacy protection, in particular to a digital certificate proving method, a digital certificate proving device, digital certificate proving equipment and a computer readable storage medium.
Background
The digital certificate is a digital certificate, and the current digital certificate is the electronization of a real-object certificate, for example, an electronic identity card is the electronization of an identity card. The digital certificate records the same information as the original certificate, can replace the original certificate to carry out inspection in certain scenes, and has the same function as the original certificate.
When the digital license is inspected, the related technology generally directly reads all data and information in the digital license, that is, a user presents the total data in the digital license to a verifier, and the verifier extracts effective information from the data and verifies the data. However, in some cases, only some logic certification needs to be performed on the digital license, that is, only some data in the digital license of the user needs to be verified to satisfy some logic judgment (for example, the verifier only needs to verify whether the age of the user is greater than 18 years old, and does not need to know the true age or birth date of the user), and the way of reading and certifying the data may cause the disclosure of the user privacy, which is not favorable for protecting the user privacy.
Therefore, how to solve the problems that the related technologies are easy to cause privacy disclosure and are not beneficial to protecting the privacy of the user is a technical problem to be solved by the technical personnel in the field.
Disclosure of Invention
In view of the above, the present invention provides a digital certificate proving method, a digital certificate proving apparatus, a digital certificate proving device, and a computer readable storage medium, which solve the problems of the related art that privacy is easily leaked and is not beneficial to protecting user privacy.
In order to solve the technical problem, the invention provides a digital certificate proving method, which comprises the following steps:
obtaining a verification difference value by using the comparison parameter and the data to be verified in the digital license, and expanding the verification difference value to obtain a verification sub-difference value;
generating a first random number, and performing non-interactive zero knowledge certification based on a certificate-issuing party public key by using the first random number and the verification sub-difference value to obtain a first certification result;
generating a second random number, and performing non-interactive zero-knowledge proof based on the public key of the certificate issuer on the second random number and the data to be verified to obtain a second proof result;
obtaining an intermediate parameter by using the first random number and the second random number, and performing non-interactive zero knowledge proof based on the certificate-issuing party public key by using the intermediate parameter, the verification sub-difference value and the first proof result to obtain a third proof result;
generating a proof result using the first proof result, the second proof result, and the third proof result.
Optionally, the obtaining a verification difference value by using the comparison parameter and the data to be verified in the digital license includes:
acquiring a condition to be verified, and determining a comparison parameter and certification project information according to the condition to be verified;
determining the data to be verified in the digital certificate according to the certification project information;
and calculating to obtain the verification difference value by using the data to be verified and the comparison parameters.
Optionally, the expanding the verification difference to obtain a verification sub-difference includes:
performing square sum expansion based on the integers on the verification difference to obtain four integers;
determining four of the integers as the verify sub-difference values.
Optionally, the method further comprises:
and sending the certification result to a verifier so that the verifier verifies the certification result by using the public key of the verifier.
Optionally, before obtaining the verification difference by using the comparison parameter and the data to be verified in the digital license, the method further includes:
acquiring a digital license random number sent by a certificate sender, and generating a user random number;
acquiring the public key of the certificate issuer, and generating a certificate intermediate number by using the public key of the certificate issuer, the user random number, the digital certificate random number and the identity data;
sending the license intermediate number and the target privacy data to the proving party so that the proving party can generate an initial digital license;
and acquiring the initial digital license, and generating the digital license by using the initial digital license.
Optionally, the sending the license intermediate number and the target privacy data to the proving party so that the proving party generates an initial digital license includes:
and sending the license intermediate number and the target privacy data to the certificate sender so that the certificate sender generates a random prime number and a random integer, signing the license intermediate number by using the random prime number and the random integer to obtain a license signature, and generating the initial digital license by using the license signature, the random prime number and the random integer.
Optionally, the method further comprises:
generating a third random number, and determining data to be output in the digital license;
randomizing the digital license by using the third random number to obtain a randomized digital license;
carrying out non-interactive zero-knowledge proof based on the certificate-issuing party public key on the randomized digital certificate and the data to be output to obtain a data set to be output corresponding to the data to be output;
and outputting the data set to be output.
The invention also provides a digital certificate certification device, which comprises:
the acquisition module is used for obtaining a verification difference value by using the comparison parameters and the data to be verified in the digital license and expanding the verification difference value to obtain a verification sub-difference value;
the first certification module is used for generating a first random number and performing non-interactive zero-knowledge certification based on a certificate-issuing party public key by using the first random number and the verification sub-difference value to obtain a first certification result;
the second certification module is used for generating a second random number and carrying out non-interactive zero-knowledge certification on the second random number and the data to be verified based on the public key of the certificate issuer to obtain a second certification result;
a third proving module, configured to obtain an intermediate parameter by using the first random number and the second random number, and perform non-interactive zero-knowledge proof based on the public key of the issuer by using the intermediate parameter, the verifier difference, and the first proving result to obtain a third proving result;
a result generation module to generate a proof result using the first proof result, the second proof result, and the third proof result.
The invention also provides a digital license certification device, comprising a memory and a processor, wherein:
the memory is used for storing a computer program;
the processor is used for executing the computer program to realize the digital certificate proving method.
The present invention also provides a computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the above-described digital certificate authority method.
The digital certificate proving method provided by the invention obtains a verification difference value by using the comparison parameter and the data to be verified in the digital certificate, and expands the verification difference value to obtain a verification sub-difference value; generating a first random number, and performing non-interactive zero knowledge certification based on a certificate-issuing party public key by using the first random number and a verification sub-difference value to obtain a first certification result; generating a second random number, and carrying out non-interactive zero-knowledge proof based on the public key of the sender on the second random number, the verification sub-difference value and the first proof result to obtain a second proof result; obtaining an intermediate parameter by using the first random number and the second random number, and performing non-interactive zero-knowledge proof based on a certificate-issuing party public key by using the intermediate parameter and data to be verified to obtain a third proof result; and generating a proof result by using the first proof result, the second proof result and the third proof result.
Therefore, in the method, when the digital license is proved, the data in the digital license is not extracted and verified by a verifying party, but a verification difference value is obtained by a user according to the data to be verified and the comparison parameter, and the verification difference value is expanded into a verification sub-difference value and a corresponding first proving result is generated, so that the verification sub-difference value can be proved to exist on the premise of not revealing the verification sub-difference value; the second proof result is generated, so that the logical relation between the data to be verified and the comparison parameter to be verified is proved to be correct on the premise of not revealing the data to be verified; the verification difference can exist without revealing the verification difference by generating the third proof result. The proof results generated by the first proof result, the second proof result and the third proof result can be used for proving the logical relationship to be proved on the premise of not revealing privacy, so that the privacy disclosure is prevented, the privacy protection performance is improved, and the problems that the privacy disclosure is easily caused and the user privacy is not protected in the related technology are solved.
In addition, the invention also provides a digital certificate certification device, digital certificate certification equipment and a computer readable storage medium, and the digital certificate certification device, the digital certificate certification equipment and the computer readable storage medium have the beneficial effects.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a digital license authentication method according to an embodiment of the present invention;
fig. 2 is a flowchart of a digital license information output method according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a digital certificate certification device according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a digital license certification device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In a possible implementation manner, please refer to fig. 1, where fig. 1 is a flowchart of a digital license authentication method according to an embodiment of the present invention. The method comprises the following steps:
s101: and obtaining a verification difference value by using the comparison parameter and the data to be verified in the digital license, and expanding the verification difference value to obtain a verification sub-difference value.
Some or all of the steps in the embodiments of the present invention may be executed by a user, where the user is specifically a terminal or a device used by the user, and may be, for example, a mobile phone, a computer, or other devices that may be used for performing digital certificate certification. The proof of the digital license is to judge whether some data in the digital license meets a certain logic condition, and the logic condition comprises a comparison parameter for performing logic comparison with the data in the digital license.
The data to be verified in the digital license is the data participating in the digital license certification, and the data may be any data in the digital license or may be all data. The comparison parameters can be obtained from the conditions to be verified, i.e. the logical conditions that need to be judged whether to be satisfied or not. The specific content of the condition to be verified is not limited in this embodiment, and may be, for example, a judgment greater than or less than, or a judgment greater than or equal to or less than or equal to, or a judgment after some fixed operations. Through analysis of most of the to-be-verified conditions which are possibly used, the to-be-verified conditions can be equal to the size relationship between the to-be-verified data and the comparison parameters, namely when the to-be-verified data and the comparison parameters meet a certain size relationship, the to-be-verified conditions can be determined to be met. Therefore, when the digital license is proved, the comparison parameters and the data to be verified in the digital license can be used for calculating to obtain a verification difference value, and the verification difference value is expanded to obtain a verification sub-difference value, so that the proof that the condition to be verified is established can be generated subsequently. The number of the verification sub-difference values is fixed, the specific number can be set according to actual needs, and the method for expanding the verification difference values into the verification sub-difference values can be selected at will under the condition that any verification difference value can be expanded to obtain legal verification sub-difference values, for example, when the number of the verification sub-difference values is four, the verification difference values can be expanded by adopting a method based on integer square sum expansion.
It should be noted that the present embodiment is not limited to the case where the condition to be verified is not satisfied.
S102: and generating a first random number, and performing non-interactive zero knowledge certification based on the certificate-issuing party public key by using the first random number and the verification sub-difference value to obtain a first certification result.
The first random number is used for hiding the verification sub-difference values, namely, a zero-knowledge proof that the verification sub-difference values exist is given, and the verification sub-difference values are hidden on the premise that the verification sub-difference values exist. The number of the first random numbers may be the same as the number of the authentication sub-difference values.
The non-interactive Zero Knowledge proof is one of Zero Knowledge proofs, which has Zero Knowledge and non-interactivity, and Zero-Knowledge (Zero-Knowledge) means that a user side can prove that the user side knows or owns information without exposing the information itself. That is, the use of non-interactive zero knowledge proof by the user side may allow the verifier to believe that a discussion is correct without telling the verifier the details of the demonstration. Non-Interactive means that the verifier can do zero knowledge proof without interacting with the user. The user side proves the agreement to be valid to any verifier who takes time to verify it by publishing the agreement in advance. The specific content of the non-interactive zero-knowledge proof algorithm is not limited, and for example, the interactive zero-knowledge proof protocol (Sigma protocol) can be converted according to the feattes-sammier heuristic protocol to obtain the non-interactive zero-knowledge proof protocol. The Sigma protocol is an efficient interactive zero-knowledge proof protocol. It may enable the user side to prove to the verifier that he knows the secret without presenting the secret to him.
Suppose that the prover (i.e., the user side) knows that secret x satisfies y = g x He needs to prove knowledge of the secret to the verifier (i.e. the verifier). The proof may be expressed as PK { (x): y = g x Proof can be done using a Sigma protocol:
1) The prover generates a random number r;
2) Prover calculates t = g r And sends it to the verifier;
3) The verifier selects a random number c and sends the random number c to the prover;
4) The prover calculates s = r-c · x, sending s to the verifier;
5) Verifier verification g s ·y c If t is true.
In this embodiment, after the first random number is generated, the non-interactive zero knowledge proof based on the prover public key is performed by using the first random number and each verification sub-difference value, that is, the first random number and the verification sub-difference value are used to perform an operation according to a first non-interactive zero knowledge proof formula constructed based on the prover public key, so as to obtain a corresponding first proof result. The public key of the issuing party is a public key disclosed by the issuing party of the digital certificate, and the specific content of the public key is related to a signature method adopted by the issuing party, which is not limited in this embodiment.
S103: and generating a second random number, and performing non-interactive zero knowledge proof based on the public key of the certificate issuer on the second random number and the data to be verified to obtain a second proof result.
Similar to the step S102, the second random number is used to hide the data to be verified, prove that there is the data to be verified that meets the condition to be verified, and hide the data to be verified, thereby avoiding privacy disclosure. Specifically, after the second random number is obtained, the second random number and the data to be verified are calculated according to a second non-interactive zero-knowledge proof formula established on the basis of the public key of the certificate issuer, and a second proof result is obtained. The second non-interactive zero knowledge proof formula and the first non-interactive zero knowledge proof formula may be the same formula, or different formulas may be set according to actual needs, which is not limited.
S104: and obtaining an intermediate parameter by using the first random number and the second random number, and performing non-interactive zero knowledge certification based on a certificate-issuing party public key by using the intermediate parameter, the verification sub-difference value and the first certification result to obtain a third certification result.
The intermediate parameter is used for hiding the verification difference, namely, a zero knowledge proof that the verification difference exists is given, and the verification difference is hidden on the premise that the verification difference exists. And after the intermediate parameter is obtained, the intermediate parameter, each verification sub difference value and the first certification result are used for calculating according to a third non-interactive zero knowledge certification formula established on the basis of the public key of the certification issuer to obtain a corresponding third certification result. It should be noted that the third non-interactive zero knowledge proof formula may be the same as or different from the first non-interactive zero knowledge proof formula and the second non-interactive zero knowledge proof formula, and is set according to actual needs.
S105: and generating a proof result by using the first proof result, the second proof result and the third proof result.
After the first, second and third proof results are obtained, the final proof result may be generated by using the first, second and third proof results, for example, the three proof results may be directly spliced to obtain the proof result, or the first, second and third proof results may be processed correspondingly, for example, by encryption, and then the processed first, second and third proof results are used to generate the proof result. When the data to be verified meeting the conditions to be verified exist, the privacy of the user side is not revealed, and the privacy protection performance is improved.
By applying the digital certificate proving method provided by the embodiment of the invention, when the digital certificate is proved, a verifying party does not extract data in the digital certificate and verifies the data, but a user obtains a verification difference value according to the data to be verified and the comparison parameters, and the verification difference value is expanded into a verification sub-difference value and a corresponding first proving result is generated, so that the verification sub-difference value can be proved to exist on the premise of not revealing the verification sub-difference value; the second proof result is generated, so that the logical relation between the data to be verified and the comparison parameter to be verified is proved to be correct on the premise of not revealing the data to be verified; the verification difference can exist without revealing the verification difference by generating the third proof result. The proof results generated by the first proof result, the second proof result and the third proof result can be used for proving the logical relation to be proved on the premise of not revealing privacy, so that the privacy disclosure is prevented, the privacy protection performance is improved, and the problems that the privacy disclosure is easily caused and the user privacy is not favorably protected in the related art are solved.
Based on the above embodiments, the present embodiment will explain a specific digital certificate authentication method. Before the certification is carried out, namely before a verification difference value is obtained by using the comparison parameters and the data to be verified in the digital license, the digital license of the digital license is required to be obtained, and the generation method of the digital license is matched with the certification method of the subsequent digital license, and comprises the following steps:
step 11: and acquiring a digital license random number sent by a certificate issuer, and generating a user random number.
In this embodiment, n may be utilized 1 And the digital license random number is generated by the certificate sender and sent to the user side. The user side itself generates a user random number, and in this embodiment, the user random number may be represented by v'.
Step 12: and acquiring a public key of the issuing party, and generating a license intermediate number by using the public key of the issuing party, the user random number, the digital license random number and the identity data.
The public key of the issuing party is generated and published by the issuing party, and the specific content of the public key is related to the signature method adopted by the issuing party. In this embodiment, the certificate issuer may generate the digital certificate by using a CL signature algorithm, which may also be referred to as a CL aggregate signature algorithm, and when a plurality of data are to be signed, the aggregate signature algorithm can greatly reduce the complexity of signature calculation, and the CL aggregate signature algorithm is one of the CL aggregate signature algorithms. In generating the prover public key, the prover randomly selects two security primes (p, q), sets n = pq, randomly selects k +2 quadratic residuals (R) 1 ,…,R k S, Z), finally obtaining the private key sk = (p, q), and disclosing the public key pk = (n, R) of the issuer 1 ,…,R k S, Z). In congruence theory, the Quadratic residue (Quadratic residue) of an integer a to another integer B refers to the remainder obtained by dividing the square of a by B. When there is a certain A, formula A 2 When ≡ d (modp) holds true, then "d is the second residue of modulo p".
In this embodiment, after the public key of the issuing party is obtained, the license intermediate number is generated by using the public key of the issuing party, the user random number, the digital license random number and the identity data. The identity data may also be referred to as a master key, which is itself part of the private data of the user's party and is used to represent the identity of the user's party. In this embodiment, m may be used to represent a master key, i.e. identity data.
After the digital license random number is obtained and the user random number is generated, the method is as follows
Figure GDA0004010448430000091
Calculating to obtain the license intermediate number, wherein U is the license intermediate number, R 1 And S is a public key of the issuing party.
Step 13: and sending the license intermediate number and the target privacy data to the issuing party so that the issuing party can generate the initial digital license.
And after the intermediate number of the certificates is obtained, the intermediate number of the certificates is sent to the certificate issuing party so that the certificate issuing party signs the intermediate number of the certificates to obtain the initial digital certificate. The target privacy data is privacy data except identity data. In one possible implementation, when the issuing party employs the CL signature algorithm, step 13 includes:
and sending the license intermediate number and the target privacy data to a certificate issuing party so that the certificate issuing party generates a random prime number and a random integer, signing the license intermediate number by using the random prime number and the random integer to obtain a license signature, and generating an initial digital license by using the license signature, the random prime number and the random integer.
Specifically, { m } may be adopted 1 ,...,m k Indicates the target privacy data, i.e. the target privacy data has k items in total, according to
Figure GDA0004010448430000092
Calculating Euler parameters of n
Figure GDA0004010448430000093
And generates a sufficiently large random prime e and a random integer v ". Calculating the modulo inverse e of e -1 I.e. when satisfying
Figure GDA0004010448430000094
Then, a modulo inverse element e is obtained -1 . And calculate
Figure GDA0004010448430000095
Obtaining a signature A, and finally obtaining an initial digital certificate (A, e, v').
Step 14: and acquiring an initial digital license, and generating the digital license by using the initial digital license.
After obtaining the initial digital certificate, the user follows
v=v′+v″
Calculating to obtain an integer v and generating a digital certificate ({ m) i },A,e,v)。
After the digital license is obtained, the digital license can be used for proving the digital license. Specifically, the step S101 may include:
s1011: and acquiring a condition to be verified, and determining a comparison parameter and certification project information according to the condition to be verified.
In this embodiment, the condition to be verified may be m i B or more, obtaining a contrast parameter b and proof item information according to the condition to be verified, wherein the proof item information is m i Corresponding information.
S1012: and determining data to be verified in the digital certificate according to the certification project information.
Determining data to be verified in the digital license according to the certification project information, wherein in the embodiment, the data to be verified is m i . The certification item information may be a name of the data to be verified, or may be number information of the data to be verified.
S1013: and calculating by using the data to be verified and the comparison parameters to obtain a verification difference value.
In this embodiment, since the data to be verified is greater than or equal to the contrast parameter, the data is verified according to
Δ=m i -b
The verification difference Δ is calculated.
S1014: and performing square sum expansion based on the integers on the verification difference to obtain four integers.
According to the mathematical theorem, the verification difference can be expanded into the sum of squares of four integers, so that the verification difference is expanded in the embodiment by adopting the integer-based sum of squares expansion. In particular, according to
Figure GDA0004010448430000101
Expanding the verification difference to obtain four integers u 1 ,u 2 ,u 3 ,u 4
S1015: the four integers are determined as the syndrome differences.
After the verification sub-difference is obtained, step S102 may be performed. In particular, according to
Figure GDA0004010448430000102
Hiding the verifier sub-difference to T i In (c), a first proof result of π is obtained 1 . Wherein NIZKP represents a non-interactive zero knowledge proof, r i Is the first random number, the number of which is the same as the number of the verification sub-differences. Both Z and S belong to the issuer public key.
Accordingly, after the first certification result is obtained, the step S103 may be performed. In particular, according to
Figure GDA0004010448430000103
Certifying data m to be verified i Is greater than the contrast parameter b to obtain a second proof result pi 2 . Wherein r is Δ Is a second random number.
After the second certification result is obtained, step S104 may be performed. In particular, according to
Figure GDA0004010448430000104
Calculating an intermediate parameter, wherein α is the intermediate parameter, in accordance with
Figure GDA0004010448430000111
Hiding the verification difference to T Δ In (d), a third proof result of π is obtained 3 . Wherein r is Δ Is an intermediate parameter.
After the first, second and third certification results are obtained, step S105 may be performed. Specifically, the first proof result, the second proof result and the third proof result can be directly used to form the proof result, and the proof result is (pi) 123 ). By adopting the method, m can be treated i >b,m i B or m is less than or equal to i <b, etc., the present embodiment will not be described herein.
In a possible embodiment, after obtaining the certification result, the method may further include:
s106: and sending the certification result to the verifier so that the verifier verifies the certification result by using the public key of the prover.
After the verifying party obtains the proof result, the verifying party can verify the proving result, the first proof result, the second proof result and the third proof result by using the public key of the proving party of the digital certificate, namely the public key of the proving party, and confirm that the digital certificate of the user party meets the condition to be verified. The privacy information is prevented from being revealed while the certification is performed.
In one possible implementation, the user side needs to present part of the information in the digital license. In order to avoid leakage of private data, data that does not need to be presented may be hidden. Referring to fig. 2, fig. 2 is a flowchart of a digital license information output method according to an embodiment of the present invention, including:
s201: and generating a third random number, and determining data to be output in the digital license.
In this embodiment, r may be A The third random number is represented. Specifically, the output instruction may be analyzed when being acquired, so as to obtain information of data to be output, and the data to be output is determined according to the information of the data to be output.
S202: and randomizing the digital license by using the third random number to obtain the randomized digital license.
In this embodiment, can be as follows
Figure GDA0004010448430000112
v″′=v-e·r A
And randomizing the digital license to obtain the randomized digital license after the treatment.
S203: and carrying out non-interactive zero-knowledge proof based on the public key of the certificate-issuing party on the randomized digital certificate and the data to be output to obtain a data set to be output corresponding to the data to be output.
In this embodiment, can be as follows
Figure GDA0004010448430000121
And generating a non-interactive zero-knowledge proof to obtain a data set to be output. Wherein, pi is a data set to be output, A r Represents a collection of data that is desired to be presented,
Figure GDA0004010448430000122
representing a collection of hidden data. In particular, the master key, i.e. the identity data, of the user side is included in @>
Figure GDA0004010448430000123
In (1).
S204: and outputting the data set to be output.
Through the mode of outputting the data set to be output, the data which is required to be displayed can be displayed, and other data are hidden, so that the data leakage is avoided.
It should be noted that, the signature a is obtained by calculation according to the intermediate value obtained by the master key, and the randomized digital certificate obtained by randomizing the signature a generates a data set to be output. Therefore, after the user side outputs a plurality of data sets to be output, the verification side can confirm that the data sets to be output correspond to the same user side because the master keys corresponding to the data sets to be output are the same, and a linkable function is realized. Therefore, the scheme from the step S201 to the step S204 can not only protect the private data, but also realize the chaining of the data set to be output.
The digital certificate certification device provided by the embodiment of the invention is introduced below, and the digital certificate certification device described below and the digital certificate certification method described above can be referred to correspondingly.
Referring to fig. 3, fig. 3 is a schematic structural diagram of a digital license certification device according to an embodiment of the present invention, including:
the obtaining module 310 is configured to obtain a verification difference value by using the comparison parameter and the data to be verified in the digital license, and expand the verification difference value to obtain a verification sub-difference value;
the first certification module 320 is configured to generate a first random number, and perform non-interactive zero-knowledge certification based on a certificate issuer public key by using the first random number and a verification sub-difference value to obtain a first certification result;
the second proving module 330 is configured to generate a second random number, and perform non-interactive zero-knowledge proof based on the public key of the issuer on the second random number, the verifier difference, and the first proving result to obtain a second proving result;
the third proving module 340 is configured to obtain an intermediate parameter by using the first random number and the second random number, and perform non-interactive zero-knowledge proof based on a public key of a prover by using the intermediate parameter and data to be verified to obtain a third proving result;
a result generation module 350, configured to generate a proof result using the first proof result, the second proof result, and the third proof result.
Optionally, the obtaining module 310 includes:
the first determining unit is used for acquiring a condition to be verified and determining a comparison parameter and certification project information according to the condition to be verified;
the second determining unit is used for determining data to be verified in the digital license according to the certification project information;
and the difference value calculating unit is used for calculating to obtain a verification difference value by utilizing the data to be verified and the comparison parameters.
Optionally, the obtaining module 310 includes:
the expanding unit is used for expanding the verification difference value based on the square sum of the integers to obtain four integers;
and the sub-difference determining unit is used for determining the four integers as the verification sub-differences.
Optionally, the method further comprises:
and the sending module is used for sending the certification result to the verifier so that the verifier can verify the certification result by using the public key of the prover.
Optionally, the method further comprises:
the random number generation module is used for acquiring a digital license random number sent by a certificate sender and generating a user random number;
the intermediate number generation module is used for acquiring a public key of the issuing party and generating a license intermediate number by using the public key of the issuing party, the user random number, the digital license random number and the identity data;
the initial digital license generation module is used for sending the license intermediate number and the target privacy data to the issuing party so as to facilitate the issuing party to generate the initial digital license;
and the digital license generation module is used for acquiring the initial digital license and generating the digital license by using the initial digital license.
Optionally, the initial digital license generation module includes:
and the signature generation unit is used for sending the license intermediate number and the target privacy data to the certificate issuing party so that the certificate issuing party can generate a random prime number and a random integer, signing the license intermediate number by using the random prime number and the random integer to obtain a license signature, and generating the initial digital license by using the license signature, the random prime number and the random integer.
Optionally, the method further comprises:
the data to be output determining module is used for generating a third random number and determining data to be output in the digital license;
the randomization module is used for randomizing the digital license by using a third random number to obtain a randomized digital license;
the data set to be output acquisition module is used for carrying out non-interactive zero-knowledge proof based on a certificate-issuing party public key on the randomized digital certificate and the data to be output to obtain a data set to be output corresponding to the data to be output;
and the output module is used for outputting the data set to be output.
In the following, the digital license certification device provided by the embodiment of the present invention is introduced, and the digital license certification device described below and the digital license certification method described above may be referred to each other.
Referring to fig. 4, fig. 4 is a schematic structural diagram of a digital license certification device according to an embodiment of the present invention. Wherein the digital license attestation device 400 can include a processor 401 and a memory 402, and can further include one or more of a multimedia component 403, an information input/information output (I/O) interface 404, and a communication component 405.
The processor 401 is configured to control the overall operation of the digital license proving apparatus 400, so as to complete all or part of the steps in the digital license proving method; memory 402 is used to store various types of data to support operation at digital license authentication device 400, which may include, for example, instructions for any application or method operating on digital license authentication device 400, as well as application-related data. The Memory 402 may be implemented by any type or combination of volatile and non-volatile Memory devices, such as one or more of Static Random Access Memory (SRAM), electrically Erasable Programmable Read-Only Memory (EEPROM), erasable Programmable Read-Only Memory (EPROM), programmable Read-Only Memory (PROM), read-Only Memory (ROM), magnetic Memory, flash Memory, magnetic or optical disk.
The multimedia components 403 may include a screen and an audio component. Wherein the screen may be, for example, a touch screen and the audio component is used for outputting and/or inputting audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signal may further be stored in the memory 402 or transmitted through the communication component 405. The audio assembly also includes at least one speaker for outputting audio signals. The I/O interface 404 provides an interface between the processor 401 and other interface modules, such as a keyboard, mouse, buttons, etc. These buttons may be virtual buttons or physical buttons. Communication component 405 is used for wired or wireless communication between digital authentication device 400 and other devices. Wireless Communication, such as Wi-Fi, bluetooth, near Field Communication (NFC), 2G, 3G, or 4G, or a combination of one or more of them, so that the corresponding Communication component 405 may include: wi-Fi part, bluetooth part, NFC part.
The Digital certificate certification Device 400 may be implemented by one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital Signal Processing Devices (DSPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), controllers, microcontrollers, microprocessors, or other electronic components for performing the Digital certificate certification methods set forth in the above embodiments.
The following describes a computer-readable storage medium provided by an embodiment of the present invention, and the computer-readable storage medium described below and the digital certificate authentication method described above may be referred to in correspondence.
The invention also provides a computer readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the steps of the above-described digital certificate authority method.
The computer-readable storage medium may include: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
In the present specification, the embodiments are described in a progressive manner, and each embodiment focuses on differences from other embodiments, and the same or similar parts between the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
Those of skill would further appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
Finally, it should also be noted that, herein, relationships such as first and second, etc., are intended only to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms include, or any other variation is intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that includes a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
The digital certificate certification method, the digital certificate certification device, the digital certificate certification equipment and the computer readable storage medium provided by the invention are described in detail, specific examples are applied in the text to explain the principle and the implementation mode of the invention, and the description of the above embodiments is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims (10)

1. A digital certificate certification method, comprising:
obtaining a verification difference value by using the comparison parameter and the data to be verified in the digital license, and expanding the verification difference value to obtain a verification sub-difference value;
generating a first random number, and performing non-interactive zero knowledge certification based on a certificate-issuing party public key by using the first random number and the verification sub-difference value to obtain a first certification result;
generating a second random number, and performing non-interactive zero-knowledge proof based on the public key of the certificate issuer on the second random number and the data to be verified to obtain a second proof result;
obtaining an intermediate parameter by using the first random number and the second random number, and performing non-interactive zero knowledge proof based on the certificate-issuing party public key by using the intermediate parameter, the verification sub-difference value and the first proof result to obtain a third proof result;
generating a proof result using the first proof result, the second proof result, and the third proof result.
2. The method for proving the digital license according to claim 1, wherein the obtaining of the verification difference value by using the comparison parameter and the data to be verified in the digital license comprises:
acquiring a condition to be verified, and determining a comparison parameter and certification project information according to the condition to be verified;
determining the data to be verified in the digital certificate according to the certification project information;
and calculating to obtain the verification difference value by using the data to be verified and the comparison parameters.
3. The digital certificate certification method according to claim 1, wherein the expanding the verification difference to obtain a verification sub-difference comprises:
performing square sum expansion based on the integers on the verification difference to obtain four integers;
determining four of the integers as the verify sub-difference values.
4. The digital license certification method according to claim 1, further comprising:
and sending the certification result to a verifier so that the verifier verifies the certification result by using the public key of the verifier.
5. The method for proving the digital certificate according to claim 1, wherein before obtaining the verification difference by using the comparison parameter and the data to be verified in the digital certificate, the method further comprises:
acquiring a digital license random number sent by a certificate sender, and generating a user random number;
acquiring the public key of the certificate issuer, and generating a certificate intermediate number by using the public key of the certificate issuer, the user random number, the digital certificate random number and the identity data;
sending the license intermediate number and the target privacy data to the proving party so that the proving party can generate an initial digital license;
and acquiring the initial digital license, and generating the digital license by using the initial digital license.
6. The digital license certification method of claim 5, wherein the sending the license intermediate number and the target privacy data to the proving party so that the proving party generates an initial digital license comprises:
and sending the license intermediate number and the target privacy data to the certificate sender so that the certificate sender generates a random prime number and a random integer, signing the license intermediate number by using the random prime number and the random integer to obtain a license signature, and generating the initial digital license by using the license signature, the random prime number and the random integer.
7. The digital certificate certification method according to any one of claims 1 to 6, further comprising:
generating a third random number, and determining data to be output in the digital license;
randomizing the digital license by using the third random number to obtain a randomized digital license;
carrying out non-interactive zero-knowledge proof based on the certificate-issuing party public key on the randomized digital certificate and the data to be output to obtain a data set to be output corresponding to the data to be output;
and outputting the data set to be output.
8. A digital certificate certification apparatus, comprising:
the acquisition module is used for obtaining a verification difference value by using the comparison parameters and the data to be verified in the digital license and expanding the verification difference value to obtain a verification sub-difference value;
the first certification module is used for generating a first random number and performing non-interactive zero-knowledge certification based on a certificate-issuing party public key by using the first random number and the verification sub-difference value to obtain a first certification result;
the second certification module is used for generating a second random number and carrying out non-interactive zero-knowledge certification on the second random number and the data to be verified based on the public key of the certificate issuer to obtain a second certification result;
a third proving module, configured to obtain an intermediate parameter by using the first random number and the second random number, and perform non-interactive zero-knowledge proof based on the public key of the issuer by using the intermediate parameter, the verifier difference, and the first proving result to obtain a third proving result;
a result generation module to generate a proof result using the first proof result, the second proof result, and the third proof result.
9. A digital authentication device comprising a memory and a processor, wherein:
the memory is used for storing a computer program;
the processor is configured to execute the computer program to implement the digital certificate authority method according to any one of claims 1 to 7.
10. A computer-readable storage medium storing a computer program, wherein the computer program when executed by a processor implements the digital certificate authority method according to any one of claims 1 to 7.
CN202010605091.7A 2020-06-29 2020-06-29 Digital certificate certification method, device, equipment and readable storage medium Active CN111769953B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010605091.7A CN111769953B (en) 2020-06-29 2020-06-29 Digital certificate certification method, device, equipment and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010605091.7A CN111769953B (en) 2020-06-29 2020-06-29 Digital certificate certification method, device, equipment and readable storage medium

Publications (2)

Publication Number Publication Date
CN111769953A CN111769953A (en) 2020-10-13
CN111769953B true CN111769953B (en) 2023-03-24

Family

ID=72723191

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010605091.7A Active CN111769953B (en) 2020-06-29 2020-06-29 Digital certificate certification method, device, equipment and readable storage medium

Country Status (1)

Country Link
CN (1) CN111769953B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112600677A (en) * 2020-12-28 2021-04-02 中钞***产业发展有限公司杭州区块链技术研究院 License verification method and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1072124A2 (en) * 1999-02-11 2001-01-31 Bull S.A. Method for verifying the use of public keys generated by an on-board system
CN104811450A (en) * 2015-04-22 2015-07-29 电子科技大学 Data storage method based on identity in cloud computing and integrity verification method based on identity in cloud computing
CN110119598A (en) * 2019-05-17 2019-08-13 北京思源互联科技有限公司 A kind of digital license signs and issues method, verification method and its system
CN110428334A (en) * 2019-08-09 2019-11-08 中国工商银行股份有限公司 Bill processing method and device based on block chain network
CN110517147A (en) * 2019-08-30 2019-11-29 深圳市网心科技有限公司 Transaction data processing method, device, system and computer readable storage medium
CN111245626A (en) * 2020-01-19 2020-06-05 平安科技(深圳)有限公司 Zero knowledge proving method, device and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1072124A2 (en) * 1999-02-11 2001-01-31 Bull S.A. Method for verifying the use of public keys generated by an on-board system
CN104811450A (en) * 2015-04-22 2015-07-29 电子科技大学 Data storage method based on identity in cloud computing and integrity verification method based on identity in cloud computing
CN110119598A (en) * 2019-05-17 2019-08-13 北京思源互联科技有限公司 A kind of digital license signs and issues method, verification method and its system
CN110428334A (en) * 2019-08-09 2019-11-08 中国工商银行股份有限公司 Bill processing method and device based on block chain network
CN110517147A (en) * 2019-08-30 2019-11-29 深圳市网心科技有限公司 Transaction data processing method, device, system and computer readable storage medium
CN111245626A (en) * 2020-01-19 2020-06-05 平安科技(深圳)有限公司 Zero knowledge proving method, device and storage medium

Also Published As

Publication number Publication date
CN111769953A (en) 2020-10-13

Similar Documents

Publication Publication Date Title
CN103081398B (en) For the protection of the system and method that password assets are attacked from white box
JP5488596B2 (en) Signature device, signature verification device, anonymous authentication system, signature method, signature authentication method, and programs thereof
US8959357B2 (en) Biometric encryption and key generation
CN108964916B (en) Signature generation method, generation device, signature verification method and verification device
WO2020038137A1 (en) Two-dimensional code generation method, data processing method, apparatus, and server
JP2010503252A (en) Computing platform proof
CN115001711B (en) Information signing method, device, electronic equipment and computer readable storage medium
CN114257366B (en) Information homomorphic processing method, device, equipment and computer readable storage medium
CN111769953B (en) Digital certificate certification method, device, equipment and readable storage medium
JP5327223B2 (en) Signature system
CN112364335B (en) Identification identity authentication method and device, electronic equipment and storage medium
CN111262707B (en) Digital signature method, verification method, device and storage medium
CN111245594B (en) Homomorphic operation-based collaborative signature method and system
CN110990896B (en) Digital signature device, method, storage medium and equipment based on SM2 white box
Krzywiecki et al. Security of okamoto identification scheme: a defense against ephemeral key leakage and setup
WO2020241817A1 (en) Device and method for certifying reliability of public key, and program for same
CN114445215A (en) Asset certification method, device, equipment and computer readable storage medium
CN114329610A (en) Block chain privacy identity protection method, device, storage medium and system
CN111460523A (en) Data integrity verification method and device and computer-readable storage medium
CN113190862B (en) SM 2-based certificateless key generation method and device, electronic equipment and medium
WO2011033642A1 (en) Signature generation device and signature verification device
JP6688933B1 (en) Device, method and program therefor for certifying reliability of public key
CN117978408B (en) Collaborative signature algorithm detection method, collaborative signature device and readable storage medium
JP2005027059A (en) Electronic signature method, electronic signature processing program, and storage medium
CN110958115B (en) Digital signature device, method, storage medium and equipment based on SM9 white box

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant