CN112511311A - Encryption threshold signature method based on confusion technology - Google Patents
Encryption threshold signature method based on confusion technology Download PDFInfo
- Publication number
- CN112511311A CN112511311A CN202011309045.9A CN202011309045A CN112511311A CN 112511311 A CN112511311 A CN 112511311A CN 202011309045 A CN202011309045 A CN 202011309045A CN 112511311 A CN112511311 A CN 112511311A
- Authority
- CN
- China
- Prior art keywords
- signature
- private key
- encryption
- algorithm
- obfuscation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 29
- 238000005516 engineering process Methods 0.000 title claims abstract description 16
- 238000004458 analytical method Methods 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 claims description 3
- 239000002131 composite material Substances 0.000 claims description 3
- 125000004122 cyclic group Chemical group 0.000 claims description 3
- 230000002194 synthesizing effect Effects 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 3
- 239000012634 fragment Substances 0.000 abstract description 13
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 239000006185 dispersion Substances 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3255—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
The application provides an encryption threshold signature method based on a confusion technology, which comprises the steps of generating a public parameter p and a private key slice sk of a member according to a Setup algorithmi(ii) a Generating an encrypted public key pk of a recipient according to an encryption key generation algorithmeAnd the decryption private key ske(ii) a Slicing the private key sk according to a obfuscation algorithmiPerforming obfuscation processing to obtain obfuscated signature private keyAccording to the obfuscated signature private keyGenerating ciphertext after carrying out message signature on message m to be sentAnd will encrypt the textAnd sending the information to the information receiver. The method and the device have the advantages that the obfuscation technology is adopted, so that the threshold signer obfuscates the private key fragments, the problem that the private key fragments are easy to attack and cause leakage in the prior art is solved, the private key fragments of the signer are effectively protected, and the security of the private key fragments is greatly improved.
Description
Technical Field
The application relates to the technical field of threshold cryptography, in particular to an encryption threshold signature method based on an obfuscation technology.
Background
In a (k, n) threshold signature scheme, a valid signature may only be generated when the number of participants is equal to or greater than a threshold value k. The threshold signature has the characteristics of power dispersion, risk sharing and the like. In order to meet different application requirements, threshold group signatures suitable for the mobile internet, threshold ring signatures for realizing block chain technology, threshold proxy signatures for solving the problem of ship ad hoc network authentication and the like are provided. However, the security of the threshold cryptosystem is established on the premise that the private key is safe, and once the private key is leaked, the system has a large potential safety hazard. For example, in a white-box attack environment, an attacker can easily obtain key information by observing or executing cryptographic software, and thus it is necessary to protect private information, particularly key information, therein.
Disclosure of Invention
In view of this, the encryption threshold signature method based on the obfuscation technology of the present application aims to effectively protect the key of the threshold signature.
In order to achieve the purpose, the technical scheme adopted by the application is as follows:
an encryption threshold signature method based on obfuscation technology is applied to a cryptosystem based on obfuscation technology, and the method comprises the following steps:
step 1: the third trusted party generates the public parameter p and the private key slice sk of the member according to the Setup algorithmi;
Step 2: the information receiver obtains respective encrypted public key pk through an encryption key generation algorithm (KG)eAnd the decryption private key ske;
And step 3: the signer splits the private key sk according to a obfuscation algorithm (Obf)iPerforming obfuscation processing to obtain obfuscated signature private key
And 4, step 4: the user can sign the private key according to the obfuscated signatureGenerating ciphertext after message signature of message m to be sentAnd will encrypt the textAnd sending the information to the information receiver.
Optionally, in step 1, the trusted third party generates the public parameter p and the private key slice sk of the member according to the Setup algorithmiThe expression of (a) is:
p={q,G,GT,e,g,g1,g2,u′,U,VK};
sk=(sk1,sk2,…skn);
f(x)=a0+a1x+…+ak-1xk-1;
VK=(gf(1),gf(2),…,gf(n));
vki=gf(i);
where p is a common parameter, G is an addition cyclic group, GTIs a multiplication cycle group, q is G and GTE is a bilinear map, G is a generator of G and is obtained by p analysis, a0,a1,…,akIs ZqRandom element of (i), U ═ U1,u2,…un),g2,u′,u1,u2,…unIs a randomly selected element in G,k is a threshold value, n is the number of participants, ZqThe class ring is left modulo q.
Optionally, the encryption key generation algorithm (KG) in step 2 is specifically:
at ZqRandomly selecting parameters a and b to obtain an encryption private key ske(a, b) and an encrypted public key pke=(pke1,pke2)=(ga,gb)。
Optionally, in the step 3, the signer divides the private key into the pieces sk according to the obfuscation algorithm (Obf)iPerforming obfuscation processing to obtain obfuscated signature private keyThe method specifically comprises the following steps:
the signer performs the encryption algorithm Enc (pk) by runninge,ski) To obtainWhereinEnc is an encryption algorithm, CiIs to skiIs encrypted, i ∈ {1,2, …, n };
Wherein xi1,xi2Is ZqOf (a) the randomly selected parameters of (b),is the obfuscated signature private key.
Optionally, in the step 4, the user uses the obfuscated private signature keyCarries out the process of the message m to be sentGenerating cipher text after message signingThe method specifically comprises the following steps:
judging whether the message m is empty, if so, outputting (p, pk)e) Otherwise, the following steps are carried out:
obtaining a binary-form bit string m of a parsed message m1…mn∈{0,1}n、pke=(pke1,pke2) Andwherein m is1…mn∈{0,1}nRepresents a 0,1 bit string of length n;
generating an encrypted ciphertext after performing message signing, specifically comprising:
(a) partial signature: random selection of ri′∈ZqCalculating partial signaturesIs marked asVerification equationWhether the signature is established or not, if so, the signature is valid; otherwise, the signature is invalid; wherein e represents a group GTPi is a continuous multiplication sign,is made by fragmenting the obfuscated private keyA calculated partial signature;
(b) and (3) synthesizing a signature: inputting k valid partial signaturesWhere the set F is the set {1,2, …, n }And | Φ | ═ k, calculateOutputting composite signaturesIs marked asWherein | Φ | represents the number of elements in the set Φ;
(c) for ciphertextRe-randomization, calculationRandom selection of ZqOf (b) element x'1,x′2,y′1,y′2According toCalculating by running a rerrandomisation algorithm to obtainAndoutput ofWhereinAndand carrying out re-randomization treatment on the synthesized signature in the form of the ciphertext, wherein the sigma is a continuous plus symbol.
The beneficial effect of this application is:
1. because the application adopts the obfuscation technology, the threshold signer performs obfuscation processing on the private key fragment, the problem that the private key fragment is easy to attack and cause leakage in the prior art is solved, the private key fragment of the signer is effectively protected, and the security of the private key fragment is greatly improved;
2. the confidentiality effect is good: according to the method and the device, under the condition that an attacker breaks through the encrypted threshold signature after operation confusion, the attacker cannot obtain the private key fragment of the threshold signer, so that the communication safety is further improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 is a flowchart of an encryption threshold signature method based on obfuscation technology according to the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments.
As shown in fig. 1, an encryption threshold signature method based on obfuscation technology is applied to a cryptographic system based on obfuscation technology, and the method includes:
s101: the trusted third party generates the public parameter p and the private key slice sk of the member according to the Setup algorithmi(ii) a Wherein said public parameter p is public, private key shard skiIs confidential;
the specific expression is as follows:
p={q,G,GT,e,g,g1,g2,u′,U,VK};
sk=(sk1,sk2,…skn);
f(x)=a0+a1x+…+ak-1xk-1;
VK=(gf(1),gf(2),…,gf(n));
vki=gf(i);
where p is a common parameter, G is an addition cyclic group, GTIs a multiplication cycle group, q is G and GTE is a bilinear map, G is a generator of G and is obtained by p analysis, a0,a1,…,akIs ZqRandom element of (i), U ═ U1,u2,…un),g2,u′,u1,u2,…unIs a randomly selected element in G,k is a threshold value, n is the number of participants, ZqThe class ring is left modulo q.
S102: the information receiver obtains respective encrypted public key pk through an encryption key generation algorithm (KG)eAnd the decryption private key ske;
Specifically, the encrypted public key pk of the receiver is generated according to an encryption key generation algorithm (KG)eAnd the decryption private key skeThe method comprises the following steps:
at ZqRandomly selecting parameters a and b to obtain an encryption private key ske(a, b) and an encrypted public key pke=(pke1,pke2)=(ga,gb)。
S103: the signer splits the private key sk according to a obfuscation algorithm (Obf)iPerforming obfuscation processing to obtain obfuscated signature private key
The method specifically comprises the following steps:
the signer performs the encryption algorithm Enc (pk) by runninge,ski) To obtainWhereinEnc is an encryption algorithm, CiIs to skiIs encrypted, i ∈ {1,2, …, n };
Wherein xi1,xi2Is ZqOf (a) the randomly selected parameters of (b),is the obfuscated signature private key.
S104: the user can sign the private key according to the obfuscated signatureGenerating ciphertext after carrying out message signature on message m to be sentAnd will encrypt the textAnd sending the information to the information receiver.
Specifically, the secret key is obtained according to the obfuscated signatureGenerating ciphertext after carrying out message signature on message m to be sentThe method comprises the following steps:
judging whether the message m is empty, if so, outputting (p, pk)e) Otherwise, the following steps are carried out:
obtaining a binary-form bit string m of a parsed message m1…mn∈{0,1}n、pke=(pke1,pke2) Andwherein m is1…mn∈{0,1}nRepresents a 0,1 bit string of length n;
generating an encrypted ciphertext after performing message signing, specifically comprising:
(a) partial signature: r 'is randomly selected'i∈ZqCalculating partial signaturesIs marked asVerification equationWhether the signature is established or not, if so, the signature is valid; otherwise, the signature is invalid; wherein e represents a group GTPi is a continuous multiplication sign,is made by fragmenting the obfuscated private keyA calculated partial signature;
(b) and (3) synthesizing a signature: inputting k valid partial signaturesWhere the set F is a subset of the set {1,2, …, n }, and | Φ | ═ k, are calculatedOutputting composite signaturesIs marked asWherein | Φ | represents the number of elements in the set Φ;
(c) for ciphertextRe-randomization, calculationRandom selection of ZqOf (b) element x'1,x′2,y′1,y′2According toCalculating by running a rerrandomisation algorithm to obtainAndoutput ofWhereinAndand carrying out re-randomization treatment on the synthesized signature in the form of the ciphertext, wherein the sigma is a continuous plus symbol.
According to the method and the device, the obfuscation technology is adopted, the threshold signer obfuscates the private key fragments, the problem that the private key fragments are easy to attack and cause leakage in the prior art is solved, the private key fragments of the signer are effectively protected, and the security of the private key fragments is greatly improved.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (5)
1. An encryption threshold signature method based on an obfuscation technology is applied to a cryptosystem based on the obfuscation technology, and is characterized by comprising the following steps:
step 1: the third trusted party generates the public parameter p and the private key slice sk of the member according to the Setup algorithmi;
Step 2: the information receiver obtains respective encrypted public key pk through an encryption key generation algorithm (KG)eAnd the decryption private key ske;
And step 3: the signer divides the private key into slices sk according to a confusion algorithmiPerforming obfuscation processing to obtain obfuscated signature private key
2. A ciphering threshold signature method based on a obfuscation technique as claimed in claim 1, wherein the third trusted party in step 1Generating public parameter p and private key slice sk of member according to Setup algorithmiThe expression of (a) is:
p={q,G,GT,e,g,g1,g2,u′,U,VK};
sk=(sk1,sk2,…skn);
f(x)=a0+a1x+…+ak-1xk-1;
VK=(gf(1),gf(2),…,gf(n));
vki=gf(i);
where p is a common parameter, G is an addition cyclic group, GTIs a multiplication cycle group, q is G and GTE is a bilinear map, G is a generator of G and is obtained by p analysis, a0,a1,…,akIs ZqRandom element of (i), U ═ U1,u2,…un),g2,u′,u1,u2,…unIs a randomly selected element in G,k is a threshold value, n is the number of participants, ZqThe class ring is left modulo q.
3. The obfuscation-based encryption threshold signature method of claim 2, wherein the encryption key generation algorithm (KG) in step 2 is specifically:
at ZqRandomly selecting parameters a and b to obtain an encryption private key ske(a, b) and an encrypted public key pke=(pke1,pke2)=(ga,gb)。
4. A ciphering threshold signature method based on a obfuscation technique as claimed in claim 3, wherein said steps areIn step 3, the signer divides the private key into the sks according to the confusion algorithmiPerforming obfuscation processing to obtain obfuscated signature private keyThe method specifically comprises the following steps:
the signer performs the encryption algorithm Enc (pk) by runninge,ski) To obtainWhereinEnc is an encryption algorithm, CiIs to skiIs encrypted, i ∈ {1,2, …, n };
5. An encryption threshold signature method based on obfuscation technique as claimed in claim 4 wherein in step 4 the user is able to sign the private key based on the obfuscated signatureGenerating ciphertext after carrying out message signature on message m to be sentThe method specifically comprises the following steps:
judging whether the message m is empty, if so, outputting (p, pk)e) Otherwise, the following steps are carried out:
obtaining a binary-form bit string m of a parsed message m1…mn∈{0,1}n、pke=(pke1,pke2) Andwherein m is1…mn∈{0,1}nRepresents a 0,1 bit string of length n;
generating an encrypted ciphertext after performing message signing, specifically comprising:
(a) partial signature: random selection of ri′∈ZqCalculating partial signaturesIs marked asVerification equationWhether the signature is established or not, if so, the signature is valid; otherwise, the signature is invalid; wherein e represents a group GTPi is a continuous multiplication sign,is made by fragmenting the obfuscated private keyA calculated partial signature;
(b) and (3) synthesizing a signature: inputting k valid partial signaturesWhere the set Φ is a subset of the set {1,2, …, n }, and | Φ | ═ k, are calculatedOutputting composite signaturesIs marked asWherein | Φ | represents the number of elements in the set Φ;
(c) for ciphertextRe-randomization, calculationRandom selection of ZqOf (b) element x'1,x′2,y′1,y′2According to pke,c1,c2,Calculating by running a rerrandomisation algorithm to obtainAndoutput ofWhereinAndand carrying out re-randomization treatment on the synthesized signature in the form of the ciphertext, wherein the sigma is a continuous plus symbol.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011309045.9A CN112511311A (en) | 2020-11-20 | 2020-11-20 | Encryption threshold signature method based on confusion technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011309045.9A CN112511311A (en) | 2020-11-20 | 2020-11-20 | Encryption threshold signature method based on confusion technology |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112511311A true CN112511311A (en) | 2021-03-16 |
Family
ID=74960024
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011309045.9A Pending CN112511311A (en) | 2020-11-20 | 2020-11-20 | Encryption threshold signature method based on confusion technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112511311A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114697046A (en) * | 2022-06-01 | 2022-07-01 | 湖南三湘银行股份有限公司 | Security authentication method and system based on SM9 secret |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013172178A (en) * | 2012-02-17 | 2013-09-02 | Nippon Telegr & Teleph Corp <Ntt> | Signature key obfuscation system, signature key obfuscation method, cryptographic signature system using obfuscated signature key, cryptographic signature method using obfuscated signature key, device, and program |
-
2020
- 2020-11-20 CN CN202011309045.9A patent/CN112511311A/en active Pending
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013172178A (en) * | 2012-02-17 | 2013-09-02 | Nippon Telegr & Teleph Corp <Ntt> | Signature key obfuscation system, signature key obfuscation method, cryptographic signature system using obfuscated signature key, cryptographic signature method using obfuscated signature key, device, and program |
Non-Patent Citations (1)
Title |
---|
李亚红, 王彩芬, 张玉磊,杨小东,黄海燕: "安全加密的门限签名混淆", 通信学报 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114697046A (en) * | 2022-06-01 | 2022-07-01 | 湖南三湘银行股份有限公司 | Security authentication method and system based on SM9 secret |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9172529B2 (en) | Hybrid encryption schemes | |
CN101202623B (en) | Method of generating message authentication code, authentication/encryption and authentication/decryption methods | |
CN107070662B (en) | Encryption Proxy Signature method based on obfuscation | |
US20150326392A1 (en) | Matrix-based cryptosystem | |
WO2018104412A1 (en) | Method of rsa signature or decryption protected using a homomorphic encryption | |
CN107733648A (en) | The RSA digital signature generation method and system of a kind of identity-based | |
CN104378198A (en) | Voice encryption method based on block cipher system | |
CN110851845A (en) | Light-weight single-user multi-data all-homomorphic data packaging method | |
CN114095170A (en) | Data processing method, device, system and computer readable storage medium | |
CN102291396B (en) | Anonymous authentication algorithm for remote authentication between credible platforms | |
Kasodhan et al. | A new approach of digital signature verification based on BioGamal algorithm | |
CN112511311A (en) | Encryption threshold signature method based on confusion technology | |
CN114362912A (en) | Identification password generation method based on distributed key center, electronic device and medium | |
CN112511310B (en) | Confusion method for encrypted identity blind signature | |
EP2571192A1 (en) | Hybrid encryption schemes | |
Krishna et al. | Fully homomorphic encryption with matrix based digital signature standard | |
Kumar et al. | A novel framework for secure file transmission using modified AES and MD5 algorithms | |
CN105763322A (en) | Obfuscatable encryption key-insulated digital signature making method and system | |
CN115865313A (en) | Lightweight privacy protection longitudinal federal learning model parameter aggregation method | |
JPWO2010041690A1 (en) | Multi-party distributed multiplication apparatus, multi-party distributed multiplication system and method | |
Mohit et al. | Modification of symmetric-key DES into efficient asymmetric-key DES using RSA | |
Acharya et al. | Encryption and decryption of informative image by key image using modified Hill cipher technique based on non-invertible matrices | |
JP2004246350A (en) | Enciphering device, deciphering device, enciphering system equipped with the same, enciphering method, and deciphering method | |
Shi et al. | Verification of LINE encryption version 1.0 using ProVerif | |
CN115134120B (en) | Encryption method combining ECC with OPT |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210316 |