CN112613054A - Electronic archive verification method and device based on GRS code and electronic equipment - Google Patents

Electronic archive verification method and device based on GRS code and electronic equipment Download PDF

Info

Publication number
CN112613054A
CN112613054A CN202011570306.2A CN202011570306A CN112613054A CN 112613054 A CN112613054 A CN 112613054A CN 202011570306 A CN202011570306 A CN 202011570306A CN 112613054 A CN112613054 A CN 112613054A
Authority
CN
China
Prior art keywords
electronic file
digital signature
matrix
electronic
public key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202011570306.2A
Other languages
Chinese (zh)
Inventor
吴从华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Cresun Innovation Technology Co Ltd
Original Assignee
Xian Cresun Innovation Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Cresun Innovation Technology Co Ltd filed Critical Xian Cresun Innovation Technology Co Ltd
Priority to CN202011570306.2A priority Critical patent/CN112613054A/en
Publication of CN112613054A publication Critical patent/CN112613054A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/13File access structures, e.g. distributed indices
    • G06F16/137Hash-based
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/10Complex mathematical operations
    • G06F17/16Matrix or vector computation, e.g. matrix-matrix or matrix-vector multiplication, matrix factorization
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K17/00Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Mathematical Physics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computational Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Computer Hardware Design (AREA)
  • Pure & Applied Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Computing Systems (AREA)
  • Algebra (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an electronic archive verification method, an electronic archive verification device and electronic equipment based on GRS codes, wherein the method comprises the following steps: a sending end receives a file submitted by a user to form an electronic file; the sending terminal adds an electronic file number seal to the electronic file to generate an electronic file; a sending end constructs a GRS code based on a finite field; the sending end generates a public key and a private key according to the GRS code; the sending end encrypts the electronic file to obtain a digital signature, and sends the public key and the electronic file containing the digital signature to the receiving end; the electronic file of the digital signature is sent to a receiving end; the receiving end extracts the digital signature from the electronic file containing the digital signature, and decrypts the digital signature by using the public key to obtain a digest value to be verified; the receiving end carries out Hash operation on the electronic file which picks up the digital signature to obtain a first abstract value; the receiving end compares the abstract value to be verified with an abstract value, and if the abstract value to be verified is equal to the abstract value, the verification is successful. The verification scheme provided by the invention can ensure that the verification speed is high and the verification is safe.

Description

Electronic archive verification method and device based on GRS code and electronic equipment
Technical Field
The invention belongs to the field of electronic archives, and particularly relates to an electronic archive verification method, an electronic archive verification device and electronic equipment based on GRS codes.
Background
The electronic archive refers to a general set of electronic image files stored by a device such as a computer disk, associated with paper archives, and usually in units of files.
The construction of a guarantee system for the authenticity, integrity, availability and safety of the electronic file is a necessary means for realizing the effective management and safety management of the electronic file. Due to the physical characteristics of the electronic archive information, the electronic archive is susceptible to external force such as external environment and operation in the life cycle, for example, the electronic archive is tampered, data in network transmission is damaged, system function is incomplete or system faults and the like, and the originality, integrity, usability and safety of the electronic archive are easily affected and damaged, so that the voucher value of the electronic archive is difficult to guarantee.
Therefore, how to provide an efficient and secure electronic file verification scheme is an urgent problem to be solved in the industry.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides an electronic archive verification method, an electronic archive verification device and electronic equipment based on GRS codes. The technical problem to be solved by the invention is realized by the following technical scheme:
in a first aspect, an embodiment of the present invention provides an electronic archive verification method based on a GRS code; the method comprises the following steps:
a sending end receives a file submitted by a user to form an electronic file;
the sending end adds an electronic file number stamp to the electronic file to generate an electronic file;
the sending end constructs a GRS code based on a finite field;
the sending end generates a public key and a private key according to the GRS code;
the sending end encrypts the electronic file to obtain a digital signature, and sends the public key and the electronic file containing the digital signature to a receiving end;
the receiving end extracts the digital signature from the electronic file containing the digital signature, and decrypts the digital signature by using the public key to obtain a digest value to be verified;
the receiving end carries out Hash operation on the electronic file which picks up the digital signature to obtain a first abstract value;
and the receiving end compares the abstract value to be verified with the abstract value, and if the abstract value to be verified is equal to the abstract value, the verification is successful.
In an embodiment of the present invention, the encrypting the electronic file by the sending end and sending the electronic file containing the digital signature to the receiving end includes:
the sending end carries out Hash operation on the electronic file to obtain a second abstract value;
the sending end encrypts the second digest value by using the private key to obtain the digital signature;
and the sending end sends the electronic file containing the digital signature to a receiving end.
In one embodiment of the present invention, the constructing a finite field based GRS code includes:
constructing a finite field, and constructing a GRS code with the code length of n, the dimension of k and the error correction capability of t according to the finite field, wherein n, k and t are all any positive integers and satisfy the requirement
Figure BDA0002862290540000021
In an embodiment of the present invention, the generating a public key and a private key according to the GRS code includes:
and selecting an (n-k) x (n-k) nonsingular matrix, an n x n dense matrix and an n x n sparse matrix in the finite field, wherein the rank of the dense matrix is z, the average row weight and the column weight of the sparse matrix are x, z and x are natural numbers, z is less than n, and x is less than n.
Performing matrix addition operation on the dense matrix and the sparse matrix to obtain a transformation matrix;
performing matrix multiplication on the inverse matrix of the nonsingular matrix, the check matrix and the transposed matrix of the transformation matrix to obtain a public key; wherein the check matrix is a matrix of the GRS code (n-k) x n;
and taking the nonsingular matrix, the check matrix, the transformation matrix and a decoding algorithm as private keys.
In an embodiment of the present invention, the performing, by the sending end, a hash operation on the electronic archive to obtain a second digest value includes:
performing primary hash operation on the electronic file;
and performing the Hash operation again on the result obtained by the primary Hash operation to obtain the second abstract value.
In an embodiment of the present invention, the encrypting, by the sending end, the second digest value using the private key to obtain the digital signature includes:
multiplying the nonsingular matrix and the second abstract value to obtain a syndrome to be translated;
decoding the syndrome to be decoded by using the decoding algorithm in combination with the check matrix of the private key to obtain a first error vector;
performing matrix multiplication on the first error vector and an inverse matrix of a transformation matrix of the private key to obtain a second error vector, wherein the weight of the second error vector is less than or equal to the error correction capability value of the GRS code;
and using the second error vector as the digital signature.
In an embodiment of the present invention, after obtaining the second error vector, the method further includes:
constructing an index pair for the second error vector to obtain an index pair for the second error vector;
correspondingly, the index pair is used as the digital signature.
In a second aspect, an embodiment of the present invention further provides an electronic archive verification apparatus based on a GRS code, including:
the electronic file generating unit is used for receiving files submitted by a user and forming electronic files;
the electronic file generating unit is used for adding an electronic file number seal on the electronic file to generate an electronic file;
the constructing unit is used for constructing a GRS code based on a finite field;
the secret key generating unit is used for generating a public key and a private key according to the GRS code;
the encryption unit is used for encrypting the electronic file to obtain a digital signature and sending the public key and the electronic file containing the digital signature to a receiving end;
the decryption unit is used for extracting the digital signature from the electronic file containing the digital signature and decrypting the digital signature by using the public key to obtain a digest value to be verified;
the Hash operation unit is used for carrying out Hash operation on the electronic file which takes the digital signature to obtain a first abstract value;
and the verification unit is used for comparing the abstract value to be verified with the abstract value, and if the abstract value to be verified is equal to the abstract value, the verification is successful.
In a third aspect, an embodiment of the present invention further provides an electronic device, including a processor, a communication interface, a memory, and a communication bus, where the processor, the communication interface, and the memory complete mutual communication through the communication bus;
a memory for storing a computer program;
a processor adapted to perform the method steps of any of the first aspect when executing a program stored in the memory.
In a fourth aspect, an embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and when the computer program is executed by a processor, the computer program implements the method steps in any one of the first aspect.
The scheme provided by the embodiment of the invention adopts the finite field FqThe GRS code generates a public key and a private key, the electronic file is encrypted to obtain a digital signature, the digital signature is decrypted by using the public key in the signature verification process, and the obtained digest value to be verified is compared with a first digest value obtained by carrying out hash operation on the electronic file, so that whether verification can be successful is judged; the electronic file verification method based on the GRS code can ensure the originality, integrity, usability and safety of the electronic file, and the digital signature method adopted by the invention has higher feasibility, can reduce the amount of public keys and improve the digital signature efficiency, thereby achieving the purposes of high verification speed and high safety of the electronic file.
The present invention will be described in further detail with reference to the accompanying drawings and examples.
Drawings
FIG. 1 is a flowchart illustrating a method for verifying an electronic file based on a GRS code according to an embodiment of the present invention;
FIG. 2 is a schematic structural diagram of an electronic file verification apparatus based on GRS codes according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to specific examples, but the embodiments of the present invention are not limited thereto.
Example one
Referring to fig. 1, fig. 1 is a flowchart illustrating an electronic file verification method based on GRS codes according to an embodiment of the present invention. The electronic archive verification method based on the GRS code provided by the embodiment of the invention comprises the following steps:
and S1, the sender receives the file submitted by the user to form an electronic file.
And S2, the sending end adds the electronic file with an electronic file number seal to generate an electronic file.
It is understood that the electronic document seal added in this step can be completed by using an electronic document seal system in the prior art. The electronic file number seal system is used as a basic platform construction, and meets the application combination of various file services (file receiving, file storage, file management and file utilization) and electronic file number seals. Based on the electronic file number seal system, functions of file number seal filling, file number seal stamping, digital signature, document authority setting, network encryption transmission, file number seal signature verification, two-dimensional codes, safe printing and the like can be provided. The electronic document number seal system supports various document formats such as Word, Excel, WPS, Web forms, PDF and the like, and meets the requirements of various application systems.
The electronic file number stamp adopts the security technologies of digital signature, data encryption, two-dimensional bar code and the like to carry out technical processing on the filed electronic file to obtain the anti-counterfeiting property, the non-tampering property and the non-repudiation property of the information resource, thereby ensuring the authenticity, the integrity and the safety availability of the information resource and realizing the real 'electronic file'. Digital signature and metadata information of the electronic file are contained in the two-dimensional bar code, signature information of the paper file can be verified through the two-dimensional bar code, authenticity, integrity and safety availability of the paper file are guaranteed, code scanning query and management of the paper file are supported, and convenience is brought to management and utilization of the paper file.
It should be noted that, before the implementation, the filling of the document number seal is required to be performed as the basis for the functions of electronic document number seal adding, digital signature, verification, two-dimensional bar code and the like. The electronic file number seal is filled in, the filled file information is synchronously displayed on a file number seal picture, the size and the font size of the file number seal and the color of the file number seal can be adjusted through the file number seal setting, after the file number seal is confirmed to be filled in, the signature button is clicked, and the file number seal is finally generated and is added on the current document.
And S3, the transmitting end constructs a GRS code based on the finite field.
It should be noted that the selection of the embodiment of the present invention is based on the finite field FqInstead of being based on the normal binary system, because the code with the same security level (such as Goppa code) is based on the finite field F when facing the ISD decoding attackqThe Goppa code of (2) has a smaller public key amount than the binary-based Goppa code. For example,a finite field-based Goppa code with a security level of 128, the public key amount being 725740 bits; and a binary Goppa code-based, public key quantity of 1537536bits with a security level of 128. In contrast, based on the finite field FqThe amount of public keys of Goppa code is nearly an order of magnitude smaller than that of the public keys based on binary Goppa code.
In addition, the GRS code is selected rather than the other codes (e.g., Goppa code) because the GRS code is a very large distance separable (MDS) code, which has good performance; the existing coder and decoder of the GRS code has a plurality of applications in various fields and good practicability; furthermore, GRS codes are more flexible than Goppa codes; and the GRS code has the advantage of stronger expandability.
And S4, the sending end generates a public key and a private key according to the GRS code.
The embodiment of the invention adopts the GRS code based on the finite field to generate the public key and the private key, and can ensure that the public key and the private key have higher safety performance and smaller occupied space.
S5, the sending terminal encrypts the electronic file to obtain a digital signature, and sends the public key and the electronic file containing the digital signature to a receiving terminal.
Encryption technology is the most common security means, and important data is converted into scrambled code (encryption) by using technical means and transmitted, and then is restored (decrypted) by using the same or different means after reaching a destination.
The encryption technique includes two elements: an algorithm and a key. An algorithm is a step of combining ordinary information or understandable information with a string of numbers (keys), which is an algorithm used to encode and decrypt data, to generate an unintelligible ciphertext. In security, information communication of a network can be secured by appropriate key encryption techniques and management mechanisms.
At present, common encryption modes comprise symmetric encryption and asymmetric encryption, and in the prior art, a digital signature combines an asymmetric encryption mode and Hash operation, so that an encryption effect is achieved.
And S6, the receiving end extracts the digital signature from the electronic file containing the digital signature, and decrypts the digital signature by using the public key to obtain a digest value to be verified.
In this step, the receiving end first extracts the digital signature from the electronic file containing the digital signature, and decrypts the digital signature by using the public key sent by the receiving end together.
And S7, the receiving terminal performs hash operation on the electronic file which is extracted with the digital signature to obtain a first abstract value.
After the previous step, the electronic file originally containing the digital signature is left, so that in the step, the receiving end performs hash operation on the electronic file to obtain a first abstract value.
And S8, the receiving end compares the digest value to be verified with the first digest value, and if the digest value to be verified is equal to the first digest value, the verification is successful.
After the two steps, the step is mainly to compare the abstract value to be verified with the first abstract value, if the abstract value to be verified is equal to the first abstract value, the verification is successful, and if the abstract value to be verified is not equal to the first abstract value, the verification fails.
The embodiment of the invention provides an electronic archive verification method based on GRS codes, which adopts a finite field FqThe GRS code generates a public key and a private key, the electronic file is encrypted to obtain a digital signature, the digital signature is decrypted by using the public key in the signature verification process, and the obtained digest value to be verified is compared with a first digest value obtained by carrying out hash operation on the electronic file, so that whether verification can be successful is judged; the electronic file verification method based on the GRS code can ensure the originality, integrity, usability and safety of the electronic file, and the digital signature method adopted by the invention has higher feasibility, can reduce the amount of public keys and improve the digital signature efficiency, thereby achieving the purposes of high verification speed and high safety of the electronic file.
Example two
In this embodiment, on the basis of the first embodiment, each step of the electronic file verification method based on the GRS code of the finite field is described in detail.
Optionally, constructing a GRS code based on finite fields may include:
constructing a finite field, and constructing a GRS code (generalized Reed-Solomon code) with a code length of n, a dimension of k and an error correction capability of t according to the finite field, wherein n, k and t are all any positive integers and satisfy the requirement of
Figure BDA0002862290540000091
Wherein the finite field can select a finite field F comprising q elementsqAnd selecting a positive integer m so that q satisfies q 2m
Optionally, generating a public key and a private key according to the GRS code may include the following steps:
selecting (n-k) x (n-k) nonsingular matrixes, n x n dense matrixes and n x n sparse matrixes in the finite domain, wherein the rank of the dense matrixes is z, the average row weight and the column weight of the sparse matrixes are x, z and x are natural numbers, z is smaller than n, and x is smaller than n.
As an embodiment of the present invention, a dense matrix may be adopted, in which the rank z is much smaller than n, and the average row weight and column weight x of the sparse matrix are much smaller than n.
In particular, a dense matrix may be represented by the product of the transpose of the matrix and the matrix, i.e.
Figure BDA0002862290540000092
Wherein
Figure BDA0002862290540000093
Is a finite field FqTwo zxn matrices are defined above, and the rank of the matrix is z.
Optionally, in this embodiment, the following choices for the parameters m, n, k, t, and x are available for reference, see table 1, and there are but not limited to these choices, but considering the correctness, feasibility, and security of the scheme, and the public key amount and the signature length, the scheme of the present invention preferably adopts three sets of parameter values listed in table 1.
TABLE 1 parameter selection
m n k t x
12 4094 4074 10 1~1.1
16 65534 65516 9 1~1.1
10 1022 1002 10 1~1.1
And (II) performing matrix addition operation on the dense matrix and the sparse matrix to obtain a transformation matrix.
Specifically, the addition operation adopts formula (1):
Figure BDA0002862290540000101
wherein the content of the first and second substances,
Figure BDA0002862290540000102
a transformation matrix is represented that is,
Figure BDA0002862290540000103
a dense matrix is represented that is,
Figure BDA0002862290540000104
a sparse matrix is represented.
Thirdly, matrix multiplication is carried out on the inverse matrix of the nonsingular matrix, the check matrix and the transposed matrix of the transformation matrix to obtain a public key; wherein, the check matrix is a matrix of the GRS code (n-k) x n.
Specifically, the multiplication operation adopts formula (2):
Figure BDA0002862290540000105
wherein the content of the first and second substances,
Figure BDA0002862290540000106
which represents the public key(s),
Figure BDA0002862290540000107
representing the inverse of the non-singular matrix,
Figure BDA0002862290540000108
a check matrix is represented that is,
Figure BDA0002862290540000109
representing a transpose of the transform matrix.
And (IV) taking the nonsingular matrix, the check matrix, the transformation matrix and a decoding algorithm as private keys.
It will be appreciated that the public key is used for external disclosure and the private key is used for storage. The public key and the private key are two different parameter sets in an algorithm, but are inherently associated with each other, and are generated simultaneously but can be used independently.
Optionally, the sending end performs hash operation on the electronic archive to obtain a second digest value.
The hash operation can change an input vector of an arbitrary length into an output of a fixed length by a hash algorithm. Note that the hash operation is one-way, non-reversible.
In an alternative embodiment, the step may include the following steps:
(1) and carrying out primary hash operation on the electronic file.
Specifically, the electronic file M is subjected to the initial hash operation to obtain h (M).
(2) And performing the Hash operation again on the result obtained by the primary Hash operation to obtain the second abstract value.
Specifically, the result h (m) obtained by the primary hash operation is subjected to the hash operation again to obtain the digest value SxI.e. calculating SxH (m) i), wherein i is 0,1,2 … …. In the embodiment of the invention, i is taken to be 0, and the abstract value S is made to bexIs a vector of length n-k.
It should be noted that, the digest value may also be obtained by one or more hash operations, and the fixed length output is satisfied.
Optionally, the encrypting, by the sending end, the second digest value using the private key to obtain the digital signature includes:
(a) and performing multiplication operation on the nonsingular matrix and the second abstract value to obtain a syndrome to be translated.
Specifically, the multiplication operation adopts formula (3):
Figure BDA0002862290540000111
wherein, S'xWhich represents the syndrome to be interpreted,
Figure BDA0002862290540000112
representing a non-singular matrix, SxRepresenting the digest value.
(b) And decoding the syndrome to be decoded by using the decoding algorithm by combining the check matrix of the private key to obtain a first error vector.
Any existing decoding algorithm can be selected as the decoding algorithm, and in this embodiment, the decoding algorithm is preferably an iterative decoding algorithm in the time domain, that is,: BM iterative decoding algorithms (Berlekamp-Massey), Chien search algorithms (Chien), and Forney algorithms. The decoding algorithm is fast in speed, simple to implement and easy to implement by a computer, so that the decoding algorithm is a fast decoding algorithm.
Optionally, the decoding algorithm may include the following steps:
the method comprises the following steps: calculating a syndrome;
step two: determining an error location polynomial;
step three: determining an error estimation function;
step four: and solving the error position number and the error numerical value, and correcting errors.
Completing the four steps to finish one-time decoding, and if the decoding is successful, directly decoding an error vector; otherwise, it is considered as decoding failure.
With the scheme of the embodiment of the present invention, if the decoding fails, i ═ i +1 is resumed from step (1) until the decoding succeeds.
(c) And performing matrix multiplication on the first error vector and an inverse matrix of the transformation matrix of the private key to obtain a second error vector, wherein the weight of the second error vector is less than or equal to the error correction capability value t of the GRS code.
Specifically, see formula (4):
Figure BDA0002862290540000121
wherein the content of the first and second substances,
Figure BDA0002862290540000122
which represents a second error vector, is,
Figure BDA0002862290540000123
which represents a first error vector, is shown,
Figure BDA0002862290540000124
an inverse matrix of a transformation matrix representing the private key.
(d) And using the second error vector as the digital signature.
So far, a digital signature based on an error vector error correction code has been obtained, but the error vector occupies more bits due to the existence of a plurality of 0 elements. In order to reduce the bit number, the scheme provided by the invention can be further optimized on the basis of the embodiment.
Preferably, after obtaining the second error vector, the method further includes the following steps:
and constructing an index pair for the second error vector to obtain the index pair of the second error vector.
Specifically, the index pair of the second error vector can be obtained according to equation (5).
Figure BDA0002862290540000131
Wherein, IeRepresenting an index pair.
Extracting non-zero elements in the second error vector and marking as error values, and constructing an index pair I of the second error vector by using the error position alpha and the error position ce
Accordingly, the index pair is treated as a digital signature.
It should be noted that the signature usually corresponds to the process of verifying the signature asGenerating only digital signature, and comparing the obtained index pair IeAs a digital signature; in the process of signature verification, the signature verifier needs to use the index pair IeChecking the signature with the abstract value h (m) I), so that after the signature is successfully checked, the [ I ] is finally checkede|i]As a digital signature of the plaintext M.
In a preferred scheme, by further establishing an index pair for the generated second error vector and using the index as a digital signature, the number of bits can be reduced, thereby reducing the signature length.
Optionally, the receiving end extracts the digital signature from the electronic archive containing the digital signature, and decrypts the digital signature by using the public key to obtain the digest value to be verified.
Corresponding to the scheme that the obtained second error vector is used as the digital signature in the signature method, the step is to directly decrypt the second error vector by using a public key to obtain a digest value to be verified.
Corresponding to the scheme that the obtained index pair is used as the digital signature in the signature method, in the step, the second error vector needs to be restored according to the index pair, and then the public key is used for decrypting the second error vector to obtain the digest value to be verified.
In particular, the second error vector needs to be recovered from the index pair, i.e. in index pair IeMiddle alphajPosition of index by cjFilling in at αjThe positions outside the index are filled with 0's until the vector
Figure BDA0002862290540000141
Up to (n-k).
And decrypting the second error vector by using the public key, namely obtaining a digest value to be verified according to a formula (6):
Figure BDA0002862290540000142
wherein y represents the digest value to be verified.
Computing public keys
Figure BDA0002862290540000143
According to ajValue of corresponding row of index and cjAnd taking the product as the digest value to be verified.
Optionally, the receiving end performs hash operation on the electronic file for extracting the digital signature to obtain a first digest value.
Similarly, the electronic file needs to be hashed twice, and the specific steps are the same as the above "the sending end performs the hash operation on the electronic file to obtain the second digest value", which is not described herein again. The digest value y' is obtained by two hash operations, i.e., h (m) i).
Optionally, the receiving end compares the digest value to be verified with the digest value, and if the digest value to be verified is equal to the first digest value, the verification is successful.
Specifically, the digest value y to be verified is compared with the digest value y ', and if y is equal to y', that is, the digest value to be verified is equal to the digest value, the signature is verified successfully; otherwise, the signature fails to be verified.
The scheme provided by the embodiment of the invention is based on the finite field FqThe GRS code generates a public key and a private key, obtains a digest value according to the electronic file, and encrypts the digest value by using the private key to obtain a digital signature. In the process of verifying the signature, the public key is used for decrypting the digital signature, and the digital signature is compared with the digest value, so that whether the verification is successful can be judged. The digital signature scheme has high feasibility, and can reduce the public key amount, improve the digital signature efficiency and further improve the security.
EXAMPLE III
Referring to fig. 2, fig. 2 is a schematic structural diagram of an electronic file verification apparatus based on GRS codes according to an embodiment of the present invention. As shown in fig. 2, an electronic archive verification device based on GRS code includes:
an electronic file generating unit 201, configured to receive a file submitted by a user and form an electronic file;
an electronic file generating unit 202, configured to add an electronic file number stamp to the electronic file to generate an electronic file;
a constructing unit 203, configured to construct a GRS code based on a finite field;
a key generating unit 204, configured to generate a public key and a private key according to the GRS code;
the encryption unit 205 is configured to encrypt the electronic file to obtain a digital signature, and send the public key and the electronic file containing the digital signature to a receiving end;
a decryption unit 206, configured to extract the digital signature from the electronic file containing the digital signature, and decrypt the digital signature by using the public key to obtain a digest value to be verified;
a hash operation unit 207, configured to perform a hash operation on the electronic file with the digital signature extracted, so as to obtain a first digest value;
the verification unit 208 is configured to compare the digest value to be verified with the digest value, and if the digest value to be verified is equal to the digest value, the verification is successful.
Example four
The embodiment of the present invention further provides an electronic device, as shown in fig. 3, which includes a processor 301, a communication interface 302, a memory 303, and a communication bus 304, where the processor 301, the communication interface 302, and the memory 303 complete mutual communication through the communication bus 304,
a memory 303 for storing a computer program;
the processor 301, when executing the program stored in the memory 303, implements the following steps:
a sending end receives a file submitted by a user to form an electronic file;
the sending end adds an electronic file number stamp to the electronic file to generate an electronic file;
the sending end constructs a GRS code based on a finite field;
the sending end generates a public key and a private key according to the GRS code;
the sending end encrypts the electronic file to obtain a digital signature, and sends the public key and the electronic file containing the digital signature to a receiving end;
the receiving end extracts the digital signature from the electronic file containing the digital signature, and decrypts the digital signature by using the public key to obtain a digest value to be verified;
the receiving end carries out Hash operation on the electronic file which picks up the digital signature to obtain a first abstract value;
and the receiving end compares the abstract value to be verified with the abstract value, and if the abstract value to be verified is equal to the abstract value, the verification is successful.
The communication bus mentioned in the electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the electronic equipment and other equipment.
The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
The method provided by the embodiment of the invention can be applied to electronic equipment. Specifically, the electronic device may be: desktop computers, laptop computers, intelligent mobile terminals, servers, and the like. Without limitation, any electronic device that can implement the present invention is within the scope of the present invention.
EXAMPLE five
The embodiment of the present invention further provides a computer-readable storage medium, wherein a computer program is stored in the computer-readable storage medium, and the computer program, when executed by a processor, performs the method steps of the first embodiment or the second embodiment.
For the apparatus/electronic device/storage medium embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to part of the description of the method embodiment.
It should be noted that the apparatus, the electronic device and the storage medium according to the embodiments of the present invention are respectively an apparatus, an electronic device and a storage medium to which the electronic file verification method based on the GRS code is applied, and all embodiments of the electronic file verification method based on the GRS code are applicable to the apparatus, the electronic device and the storage medium, and can achieve the same or similar beneficial effects.
By applying the terminal equipment provided by the embodiment of the invention, proper nouns and/or fixed phrases can be displayed for a user to select, so that the input time of the user is reduced, and the user experience is improved.
The terminal device exists in various forms including but not limited to:
(1) a mobile communication device: such devices are characterized by mobile communications capabilities and are primarily targeted at providing voice, data communications. Such terminals include: smart phones (e.g., iphones), multimedia phones, functional phones, and low-end phones, among others.
(2) Ultra mobile personal computer device: the equipment belongs to the category of personal computers, has calculation and processing functions and generally has the characteristic of mobile internet access. Such terminals include: PDA, MID, and UMPC devices, etc., such as ipads.
(3) A portable entertainment device: such devices can display and play multimedia content. This type of device comprises: audio, video players (e.g., ipods), handheld game consoles, electronic books, and smart toys and portable car navigation devices.
(4) And other electronic devices with data interaction functions.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, apparatus (device), or computer program product. Accordingly, this application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects that may all generally be referred to herein as a "module" or "system. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. A computer program stored/distributed on a suitable medium supplied together with or as part of other hardware, may also take other distributed forms, such as via the Internet or other wired or wireless telecommunication systems.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (devices) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing is a more detailed description of the invention in connection with specific preferred embodiments and it is not intended that the invention be limited to these specific details. For those skilled in the art to which the invention pertains, several simple deductions or substitutions can be made without departing from the spirit of the invention, and all shall be considered as belonging to the protection scope of the invention.

Claims (10)

1. An electronic archive verification method based on GRS codes is characterized by comprising the following steps:
a sending end receives a file submitted by a user to form an electronic file;
the sending end adds an electronic file number stamp to the electronic file to generate an electronic file;
the sending end constructs a GRS code based on a finite field;
the sending end generates a public key and a private key according to the GRS code;
the sending end encrypts the electronic file to obtain a digital signature, and sends the public key and the electronic file containing the digital signature to a receiving end;
the receiving end extracts the digital signature from the electronic file containing the digital signature, and decrypts the digital signature by using the public key to obtain a digest value to be verified;
the receiving end carries out Hash operation on the electronic file which picks up the digital signature to obtain a first abstract value;
and the receiving end compares the digest value to be verified with the first digest value, and if the digest value to be verified is equal to the first digest value, the verification is successful.
2. The method of claim 1, wherein the sending end encrypts the electronic file and sends the public key and the electronic file containing the digital signature to a receiving end, and the method comprises:
the sending end carries out Hash operation on the electronic file to obtain a second abstract value;
the sending end encrypts the second digest value by using the private key to obtain the digital signature;
and the sending end sends the public key and the electronic file containing the digital signature to a receiving end.
3. The method of claim 2, wherein constructing a finite field based GRS code comprises:
constructing a finite field, and constructing a GRS code with the code length of n, the dimension of k and the error correction capability of t according to the finite field, wherein n, k and t are all any positive integers and satisfy the requirement
Figure FDA0002862290530000021
4. The method of claim 3, wherein the generating a public key and a private key from the GRS code comprises:
and selecting an (n-k) x (n-k) nonsingular matrix, an n x n dense matrix and an n x n sparse matrix in the finite field, wherein the rank of the dense matrix is z, the average row weight and the column weight of the sparse matrix are x, z and x are natural numbers, z is less than n, and x is less than n.
Performing matrix addition operation on the dense matrix and the sparse matrix to obtain a transformation matrix;
performing matrix multiplication on the inverse matrix of the nonsingular matrix, the check matrix and the transposed matrix of the transformation matrix to obtain a public key; wherein the check matrix is a matrix of the GRS code (n-k) x n;
and taking the nonsingular matrix, the check matrix, the transformation matrix and a decoding algorithm as private keys.
5. The method of claim 4, wherein the sending end performs a hash operation on the electronic archive to obtain a second digest value, comprising:
performing primary hash operation on the electronic file;
and performing the Hash operation again on the result obtained by the primary Hash operation to obtain the second abstract value.
6. The method of claim 5, wherein the sending end encrypts the second digest value using the private key to obtain the digital signature, and comprises:
multiplying the nonsingular matrix and the second abstract value to obtain a syndrome to be translated;
decoding the syndrome to be decoded by using the decoding algorithm in combination with the check matrix of the private key to obtain a first error vector;
performing matrix multiplication on the first error vector and an inverse matrix of a transformation matrix of the private key to obtain a second error vector, wherein the weight of the second error vector is less than or equal to the error correction capability value of the GRS code;
and using the second error vector as the digital signature.
7. The method of claim 6, further comprising, after obtaining the second error vector:
constructing an index pair for the second error vector to obtain an index pair for the second error vector;
correspondingly, the index pair is used as the digital signature.
8. An electronic archive verification device based on GRS codes is characterized by comprising:
the electronic file generating unit is used for receiving files submitted by a user and forming electronic files;
the electronic file generating unit is used for adding an electronic file number seal on the electronic file to generate an electronic file;
the constructing unit is used for constructing a GRS code based on a finite field;
the secret key generating unit is used for generating a public key and a private key according to the GRS code;
the encryption unit is used for encrypting the electronic file to obtain a digital signature and sending the public key and the electronic file containing the digital signature to a receiving end;
the decryption unit is used for extracting the digital signature from the electronic file containing the digital signature and decrypting the digital signature by using the public key to obtain a digest value to be verified;
the Hash operation unit is used for carrying out Hash operation on the electronic file which takes the digital signature to obtain a first abstract value;
and the verification unit is used for comparing the abstract value to be verified with the first abstract value, and if the abstract value to be verified is equal to the first abstract value, the verification is successful.
9. An electronic device is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor and the communication interface are used for realizing mutual communication by the memory through the communication bus;
a memory for storing a computer program;
a processor for implementing the method steps of any one of claims 1 to 8 when executing a program stored in the memory.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method steps of any one of claims 1 to 8.
CN202011570306.2A 2020-12-26 2020-12-26 Electronic archive verification method and device based on GRS code and electronic equipment Withdrawn CN112613054A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011570306.2A CN112613054A (en) 2020-12-26 2020-12-26 Electronic archive verification method and device based on GRS code and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011570306.2A CN112613054A (en) 2020-12-26 2020-12-26 Electronic archive verification method and device based on GRS code and electronic equipment

Publications (1)

Publication Number Publication Date
CN112613054A true CN112613054A (en) 2021-04-06

Family

ID=75247986

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011570306.2A Withdrawn CN112613054A (en) 2020-12-26 2020-12-26 Electronic archive verification method and device based on GRS code and electronic equipment

Country Status (1)

Country Link
CN (1) CN112613054A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117499160A (en) * 2023-12-29 2024-02-02 同略科技有限公司 Network security protection method and system based on electronic file

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117499160A (en) * 2023-12-29 2024-02-02 同略科技有限公司 Network security protection method and system based on electronic file
CN117499160B (en) * 2023-12-29 2024-04-09 同略科技有限公司 Network security protection method and system based on electronic file

Similar Documents

Publication Publication Date Title
CN108989287B (en) Encryption method, device, terminal equipment and storage medium
US8689087B2 (en) Method and entity for probabilistic symmetrical encryption
EP2691906B1 (en) Method and system for protecting execution of cryptographic hash functions
EP3553995A1 (en) Terminal device for performing homomorphic encryption, server device for processing cipher text thereof, and methods therefor
CN106953723B (en) Splitting and merging method for preventing DFA attack
Rashwan et al. Security of the GPT cryptosystem and its applications to cryptography
JP7065888B6 (en) Cryptographic devices and methods
KR101942030B1 (en) Electronic device for performing code-based encryption supporting integrity verification of a message and operating method thereof
CN107273724B (en) Watermarking input and output of white-box implementations
Dumas et al. Foundations of coding: compression, encryption, error correction
CN107534549B (en) Readable storage medium, method and system for encrypting data stream block
CN111656733A (en) White-box computation of key message authentication codes
CN112635009A (en) Medical data encryption method based on block chain
CN104769881A (en) AES implementation with error correction
CN112613054A (en) Electronic archive verification method and device based on GRS code and electronic equipment
CN112613018A (en) Block chain-based digital certificate using system
US11128475B2 (en) Electronic device capable of data communication through electronic signatures based on syndrome and operating method thereof
CN114221753B (en) Key data processing method and electronic equipment
CN112613879A (en) Financial transaction data processing method based on GRS code
CN112634092A (en) Contract authentication method and device based on block chain and electronic equipment
CN115277064A (en) Data encryption method, data decryption method, data encryption device, data decryption device, electronic equipment and medium
CN112613844A (en) Personnel contract electronic signature method
CN112633712A (en) Online bidding method and system based on GRS codes
CN112614557A (en) Electronic medical record encryption archiving method
CN110071927B (en) Information encryption method, system and related components

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20210406

WW01 Invention patent application withdrawn after publication