CN113468580A - Multi-party collaborative signature method and system - Google Patents

Multi-party collaborative signature method and system Download PDF

Info

Publication number
CN113468580A
CN113468580A CN202110839565.9A CN202110839565A CN113468580A CN 113468580 A CN113468580 A CN 113468580A CN 202110839565 A CN202110839565 A CN 202110839565A CN 113468580 A CN113468580 A CN 113468580A
Authority
CN
China
Prior art keywords
signature
private key
key component
cooperative
signing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110839565.9A
Other languages
Chinese (zh)
Other versions
CN113468580B (en
Inventor
牟宁波
李鑫
袁巍
孙曼
谢丹力
孙超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CCB Finetech Co Ltd
Original Assignee
CCB Finetech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CCB Finetech Co Ltd filed Critical CCB Finetech Co Ltd
Priority to CN202110839565.9A priority Critical patent/CN113468580B/en
Publication of CN113468580A publication Critical patent/CN113468580A/en
Application granted granted Critical
Publication of CN113468580B publication Critical patent/CN113468580B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a method and a system for multi-party collaborative signature, and relates to the technical field of computers. One embodiment of the method comprises: the method comprises the steps that a signature main body generates a signature private key, a plurality of private key components are generated according to the signature private key, and the plurality of private key components are distributed to the signature main body and a cooperation party, wherein the number of the private key components is equal to the sum of the number of the signature main body and the number of the cooperation party, the private key component of the signature main body is a first private key component, and the private key component of the cooperation party is a second private key component; in response to the collaborative signing request, the signing main body signs the data to be signed according to the first private key component to obtain a partial signing result, and sends the partial signing result to the collaborator; and the cooperative party performs cooperative signature operation according to the second private key component and the partial signature result to obtain a complete signature. The implementation mode realizes that the client side completely controls the generation of the private key, can efficiently generate the digital signature and meets the relevant requirements of electronic signature law.

Description

Multi-party collaborative signature method and system
Technical Field
The invention relates to the technical field of computers, in particular to a multi-party collaborative signature method and system.
Background
In order to realize independent and independent independence of commercial cryptography, the national cryptology agency issued GM/T0003 SM2 elliptic curve public key cryptography in 2012 and increased to the national standard GB/T32918 in 2016. The digital signature algorithm of part 2 is an effective solution for user identity authentication and is also the technical basis of the electronic signature method.
With the rapid development of various internet applications in recent years, the software security requirements based on the mobile terminal and the PC terminal are higher and higher. Under the condition that the attack technology is continuously developed, the safety of a private key cannot be well guaranteed at an application end, and the traditional mode based on the integral operation of the private key signature cannot meet the service requirement under the condition that no special hardware is used for protection.
Most of the current collaborative signing methods adopt a method that a signature main body and a collaborator generate a secret key together, and do not meet the related requirement that the electronic signature making data is only controlled by an electronic signer during signing in an electronic signature method.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method and a system for multi-party collaborative signing, which can enable a client to completely control generation of a private key, and can efficiently generate a digital signature, thereby meeting the requirements related to the electronic signature law. The client and the server cooperate to generate the digital signature, so that the condition that the client is attacked can be prevented. The generation of the signature is initiated by the client, and the server can determine whether to respond after verifying the identity of the client, so that the safety of the digital signature service is ensured. And the multiple parties assist in completing the signature together, so that the method is suitable for scenes such as process approval, mobile terminal application and the like.
To achieve the above object, according to an aspect of the embodiments of the present invention, a method for multi-party cooperative signature is provided.
A method of multi-party collaborative signing, comprising:
the method comprises the steps that a signature main body generates a signature private key, a plurality of private key components are generated according to the signature private key, and the private key components are distributed to the signature main body and a cooperation party, wherein the number of the private key components is equal to the sum of the number of the signature main body and the number of the cooperation party, the private key component of the signature main body is a first private key component, and the private key component of the cooperation party is a second private key component;
in response to the cooperative signing request, the signing main body signs the data to be signed according to the first private key component to obtain a partial signing result, and sends the partial signing result to the cooperative party;
and the cooperative party performs cooperative signature operation according to the second private key component and the partial signature result to obtain a complete signature.
Optionally, the generating, by the signing principal, a plurality of private key components according to the private signature key includes:
the signature body is calculated over the operational domain of the elliptic curve (d)A+1) and taking the plurality of factors as the plurality of private key components, wherein dAIs the signature private key.
Optionally, the distributing, by the signing authority, the plurality of private key components to the signing authority and the collaborator comprises:
and the signature main body sends the second private key component to the cooperative party in a secure mode, wherein the secure mode comprises the step of encrypting the second private key component in a public key encryption mode, a digital envelope mode, a session key mode, a secure channel mode or a pre-established key mode.
Optionally, after the signature main body distributes the plurality of private key components to the signature main body and the collaborator, the method further includes:
the collaborator stores the private key components in a secret division sharing mode at multiple places.
Optionally, after the signature main body distributes the plurality of private key components to the signature main body and the collaborator, the method further includes:
the signature main body reserves or destroys the signature private key and the private key component distributed to the collaborator.
Optionally, the signing main body signing the data to be signed according to the first private key component to obtain a partial signature result includes:
the signature body selects a random number k based on an SM2 algorithm and calculates a standard r component;
and the signature main body calculates a private key component carrier s 'based on the random number k, the r component and the first private key component, and takes the r component and the private key component carrier s' as a partial signature result obtained by signing data to be signed.
Optionally, calculating the r component of the criterion comprises:
calculating (x1, y1) as k · G based on the random number k and a base point G defined by GB/T32918.5;
calculating the hash value e ═ H (Z) of the data to be signedA| M), where H () is the SM3 hash algorithm, ZAIdentifying a client user, and M is data to be signed;
calculating r ═ e + x1 mod n according to x1 and the hash value e, wherein n is the order of the base point G on the elliptic curve;
if r is 0 or r + k is n, the random number k is reselected and the r component is calculated again.
Optionally, the performing, by the collaborator, a collaborative signature operation according to the second private key component and the partial signature result to obtain a complete signature includes:
a first cooperative party in the cooperative parties calculates a first intermediate signature result according to a second private key component of the first cooperative party and the partial signature result;
a second cooperative party in the cooperative parties calculates a second intermediate signature result according to a second private key component of the second cooperative party and the first intermediate signature result;
repeating the steps until each cooperative party completes calculation to obtain a cooperative signature result;
and the cooperative party calculates a complete signature according to the cooperative signature result.
Optionally, the performing, by the collaborator, a collaborative signature operation according to the second private key component and the partial signature result to obtain a complete signature includes:
a first one of the collaborators calculates a first intermediate private key component carrier s ' from its second private key component and a private key component carrier s ' in the partial signature result '1
A second one of the collaborators is according to its second private key component and the first intermediate private key component carrier s'1Calculating a second intermediate private key component carrier s'2
And so on until each cooperative party completes calculation to obtain a cooperative private key component carrier s'(N-1)Wherein (N-1) is the number of the cooperative parties;
the cooperator is according to the cooperative private key component carrier s'(N-1)And calculating a complete signature by using the r component in the partial signature result.
Optionally, each cooperator performs calculation through multiplication operation on an operation domain of an elliptic curve until the cooperative signature result is obtained;
the cooperator calculates the full signature by the inverse of the multiplication and addition operations on the operational domain of the elliptic curve.
Optionally, after obtaining the complete signature, further comprising:
the correctness of the full signature is verified by the standard SM2 digital signature verification procedure of GB/T32918.2.
Optionally, after the signing main body generates the private signing key, the method further includes:
the signature main body generates and publishes a signature public key corresponding to the signature private key;
after obtaining the complete signature, further comprising:
any one of the signing principal and the collaborator uses the public signature key to verify the validity of the full signature.
According to another aspect of the embodiments of the present invention, a system for multi-party collaborative signing is provided.
A system of multi-party collaborative signing, comprising a signing principal and collaborators, wherein:
the signature main body is used for generating a signature private key, generating a plurality of private key components according to the signature private key, and distributing the plurality of private key components to the signature main body and the collaborator, wherein the number of the private key components is the same as the sum of the number of the signature main body and the number of the collaborator, the private key component of the signature main body is a first private key component, and the private key component of the collaborator is a second private key component; responding to a cooperative signing request, signing data to be signed according to the first private key component to obtain a partial signing result, and sending the partial signing result to the cooperative party;
and the cooperative party is used for performing cooperative signature operation according to the second private key component and the partial signature result to obtain a complete signature.
According to still another aspect of the embodiments of the present invention, an electronic device for multi-party collaborative signing is provided.
An electronic device for multi-party collaborative signing, comprising: one or more processors; the storage device is used for storing one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors implement the multi-party collaborative signing method provided by the embodiment of the invention.
According to yet another aspect of embodiments of the present invention, a computer-readable medium is provided.
A computer readable medium, on which a computer program is stored, the program, when executed by a processor, implements the method for multi-party cooperative signing provided by embodiments of the present invention.
One embodiment of the above invention has the following advantages or benefits: generating a signature private key through a signature main body, generating a plurality of private key components according to the signature private key, and distributing the plurality of private key components to the signature main body and a collaborator, wherein the number of the private key components is the same as the sum of the number of the signature main body and the number of the collaborator, the private key component of the signature main body is a first private key component, and the private key component of the collaborator is a second private key component; in response to the collaborative signing request, the signing main body signs the data to be signed according to the first private key component to obtain a partial signing result, and sends the partial signing result to the collaborator; the technical scheme that the cooperative signature operation is carried out by the cooperative party according to the second private key component and the partial signature result to obtain the complete signature is that the private key of the SM2 digital signature is split into at least two parts by the signature main body, wherein one part is retained by the cooperative party, and the rest is put on record to the cooperative party. When the signature body needs to carry out digital signature, the signature body generates a partial SM2 signature according to the private key component of the signature body, and then the cooperative signature operation is continuously carried out by the cooperative party to form a complete SM2 digital signature. Therefore, the client side can completely control the generation of the private key, and can efficiently generate the digital signature, thereby meeting the relevant requirements of electronic signature law. The client and the server cooperate to generate the digital signature, so that the condition that the client is attacked can be prevented. The generation of the signature is initiated by the client, and the server can determine whether to respond after verifying the identity of the client, so that the safety of the digital signature service is ensured. And the multiple parties assist in completing the signature together, so that the method is suitable for scenes such as process approval, mobile terminal application and the like.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
FIG. 1 is a diagram illustrating the main steps of a multi-party collaborative signature method according to an embodiment of the present invention;
FIG. 2 is a schematic flow chart illustrating generation and distribution of a signing key according to one embodiment of the present invention;
FIG. 3 is a schematic diagram of the main modules of a system for multi-party collaborative signing according to an embodiment of the present invention;
FIG. 4 is an exemplary system architecture diagram in which embodiments of the present invention may be employed;
fig. 5 is a schematic block diagram of a computer system suitable for use in implementing a terminal device or server of an embodiment of the invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
In order to solve the technical problems in the prior art, the invention provides a multi-party collaborative signature method, starting from the SM2 algorithm principle, a signature main body generates a signature private key according to a standard SM2 signature algorithm, then a plurality of private key components backed up to collaborators are directly generated according to the private key of the signature main body, when digital signature is carried out, the signature main body firstly carries out digital signature operation, and then the collaborators complete signature in sequence according to the private key components of the collaborators (without distinguishing the sequence), so that the signature safety cannot be influenced when a single private key component is lost on the premise of not influencing the signature correctness. The whole calculation process only relates to a pair of standard keys, multi-party collaborative signature is realized on the basis of meeting the requirements of an electronic signature method, and safe and controllable SM2 standard signature can be efficiently carried out.
Fig. 1 is a schematic diagram of main steps of a multi-party collaborative signature method according to an embodiment of the present invention. As shown in fig. 1, the multi-party collaborative signature method according to the embodiment of the present invention mainly includes the following steps S101 to S103.
Step S101: the method comprises the steps that a signature main body generates a signature private key, a plurality of private key components are generated according to the signature private key, and the plurality of private key components are distributed to the signature main body and a cooperation party, wherein the number of the private key components is equal to the sum of the number of the signature main body and the number of the cooperation party, the private key component of the signature main body is a first private key component, and the private key component of the cooperation party is a second private key component;
step S102: in response to the collaborative signing request, the signing main body signs the data to be signed according to the first private key component to obtain a partial signing result, and sends the partial signing result to the collaborator;
step S103: and the cooperative party performs cooperative signature operation according to the second private key component and the partial signature result to obtain a complete signature.
According to the above steps S101 to S103, the private key of the SM2 digital signature can be split into at least two parts by the signature main body, wherein one part of the private key is retained by itself, and the rest is recorded to the collaborating party. When the signature body needs to carry out digital signature, the signature body generates a partial SM2 signature according to the private key component of the signature body, and then the cooperative signature operation is continuously carried out by the cooperative party to form a complete SM2 digital signature. In the specific implementation process of the embodiment of the present invention, the signature body may also be generally used as a client for digital signature, and each collaborator for signature may also be used as each server for digital signature. In the following description of the embodiments, the signature body is a client, and the collaborator is a server.
According to the embodiment of the invention, the signature body is according to GB/T32918.2' information security technology SM2 elliptic curve public key cryptographic algorithm part 2: digital signature algorithm' generation of signature private key dAAnd a corresponding public key dAG (wherein "·" is the standard point multiplication of elliptic curves, and G is the base point specified in GB/T32918.5). Then, the signature agent generates a plurality of private key components according to the signature private key, which may specifically include: the signature body is calculated over the operational domain of the elliptic curve (d)A+1) and taking the plurality of factors as a plurality of private key components, wherein dAIs the private signature key.
In one embodiment of the invention, the signature body is in the operational domain GP (P) or GF (P) of the elliptic curvem) Upper calculation of dA’=(dA+1)-1N factors of (a): first private key component dmWith a second private key component dnWherein d isnIncluding dn1~dn(N-1)So that d isA’=dm*dn=dm*dn1*dn2*...*dn(N-1)(wherein, N is the number of the participants of the digital signature, namely the sum of the number of the signature main body and the number of the collaborators, and N is more than or equal to 2). D involved in the above calculationA' is (d)A+1) in the operand GP (P) or GF (P)m) The inverse of (d) aboveA’*(dA+1) ═ 1. The signing principal then saves the first private key component dmA second private key component dn1~dn(N-1)And the data is sent to the (N-1) cooperators in a secure mode, and the data before encryption cannot be obtained even if the data is intercepted in the transmission process.
In one embodiment of the invention, during the process of the signature body distributing the plurality of private key components to the signature body and the collaborator, the signature body distributes the second private key component d to the signature body and the collaboratorn1~dn(N-1)And sending the second private key component to the cooperative party in a secure mode, wherein the secure mode comprises encrypting the second private key component in a mode of public key encryption, digital envelopes, session keys, secure channels or pre-established keys. Here, the public key in the public key encryption scheme may be a public key of each partner or may be a background unified public key. The collaborator may complete decryption with the assistance of the third party to obtain its corresponding second private key component.
Fig. 2 is a schematic diagram of a generation and distribution flow of a signing key according to an embodiment of the present invention. As shown in FIG. 2, in an embodiment of the invention, the signing principal (client) first generates a private key dAAnd public key dAG; then calculate dA’=(dA+1)-1(ii) a Then, by calculating dA’=dm*dn=dm*dn1*dn2*...*dn(N-1)To obtain a plurality of private key components; finally, d is reservedmEncryption dn1~dn(N-1)Obtain the ciphertext C1~C(N-1)And cipher text C (including C)1~C(N-1)) And sending the data to a cooperative party (a server). The cooperators (servers) decrypt C separately1~C(N-1)A key component is obtained.
According to the technical scheme of the invention, the signature body is used for selfComplete calculation of key generation, dnAs a key component of the registration of the signature body to the collaborator, the ability of the signature body to generate the SM2 digital signature alone is not affected, the collaborator cannot generate the SM2 digital signature alone, and the digital signature can fully represent the true intention of the signature body.
According to one embodiment of the present invention, after the signature body distributes the plurality of private key components to the signature body and the collaborator, the method further includes: the cooperative party stores a plurality of private key components in a secret division sharing mode at multiple places. Therefore, even if one private key component is acquired, all the private key components cannot be acquired, so that the data security is higher.
According to another embodiment of the present invention, after the signature body distributes the plurality of private key components to the signature body and the collaborator, the method further includes: the signing authority retains or destroys the private signature key and the private key component distributed to the collaborators. In the private key component dnAfter being sent to the collaborators, the signing main body can reserve or destroy dnAnd can retain or destroy the private key dA
According to another embodiment of the present invention, the signing main body signing the data to be signed according to the first private key component to obtain the partial signature result includes:
the signature body selects a random number k based on an SM2 algorithm and calculates a standard r component;
the signature main body calculates a private key component carrier s 'based on the random number k, the r component and the first private key component, and takes the r component and the private key component carrier s' as a partial signature result obtained by signing data to be signed.
In the embodiment of the invention, when calculating the r component meeting the GB/T32918.2 standard, the following steps may be mainly included:
based on the random number k and a base point G defined by GB/T32918.5, (x1, y1) is calculated as k · G. The random number k may be obtained by using its own random number library, may also be obtained by invoking a random number library of a system, may also be obtained from a background, and the like, which is not limited in the present invention;
calculating the hash value e of the data to be signedH(ZA| M), where H () is the SM3 hash algorithm, ZAIdentifying a client user, and M is data to be signed;
r ═ e + x1 mod n is calculated from x1 and the hash value e, where n is the order of the base point G on the elliptic curve. Here, (mod n) means n is to be modulo;
if r is 0 or r + k is n, the random number k is reselected and the r component is calculated again. Specifically, the random number k may be reselected, and the above steps may be repeated to calculate the r component again until the acquired r component satisfies the requirement.
After the standard r component is obtained through calculation, the signature body is based on the random number k and the first private key component dmCalculating the private key component carrier s ═ (k + r) × dm(mod n), where "+" is a multiplication operation on the operand domain. Thereafter, the r component and the private key component carrier s 'are transmitted to the cooperator as a partial signature result (r, s').
According to another embodiment of the present invention, the step of the cooperative party performing the cooperative signature operation according to the second private key component and the partial signature result to obtain the complete signature specifically may include:
a first cooperative party in the cooperative parties calculates a first intermediate signature result according to a second private key component of the first cooperative party and the partial signature result;
a second cooperative party in the cooperative parties calculates a second intermediate signature result according to a second private key component of the second cooperative party and the first intermediate signature result;
repeating the steps until each cooperative party completes calculation to obtain a cooperative signature result;
and the cooperative party calculates a complete signature according to the cooperative signature result.
According to another embodiment of the present invention, the step of the cooperative signing operation performed by the cooperative party according to the second private key component and the partial signature result to obtain the complete signature specifically may include:
a first one of the collaborators calculates a first intermediate private key component carrier s ' from its second private key component and a private key component carrier s ' in the partial signature result '1
A second one of the collaborators is according to its second private key component and the first intermediate private key component carrier s'1Calculating a second intermediate private key component carrier s'2
And so on until each cooperative party completes calculation to obtain a cooperative private key component carrier s'(N-1)Wherein (N-1) is the number of the cooperative parties;
the cooperator is according to the cooperative private key component carrier s'(N-1)And calculating a complete signature by using the r component in the partial signature result.
According to the embodiment of the invention, each cooperator performs calculation through multiplication operation on an operation domain of an elliptic curve until the cooperative signature result is obtained; the cooperator calculates the full signature by the inverse of the multiplication and addition operations on the operational domain of the elliptic curve.
In the embodiment of the invention, after receiving the partial signature result (r, s'), the collaborator can perform signature calculation according to the second private key component and the partial signature result. Specifically, suppose that the collaborators include a first collaborator, a second collaborator, … …, and an (N-1) th collaborator, and the second private key component corresponding to each collaborator is d respectivelyn1、dn2、……、dn(N-1)Then each collaborator will do the following:
the first collaborator carries out partial signature on the basis of the private key component carrier s 'in the partial signature result (r, s') and the second private key component d of the first collaboratorn1Calculating a first intermediate private key component carrier s'1=s’*dn1
Second cooperator from a first intermediate private key component carrier s'1And its own second private key component dn2Calculating a first intermediate private key component carrier s'2=s’1*dn2
And so on until each cooperative party completes calculation to obtain a cooperative private key component carrier s'(N-1)=s’(N-2)*dn(N-1)
Any one of the collaborators is according toSynergistic private key component carrier s'(N-1)And calculating a complete signature according to r 'in the partial signature result'(N-1)And r component calculation SM2 signed s component s ═ s'(N-1)R (mod n) (where "+" is the multiplication operation on the field and "-" is the inverse of the addition operation on the field), then the standard SM2 full signature (r, s) is formed. In the embodiment of the present invention, after each collaborator performs one calculation, the corresponding intermediate signature result (including the r component and the intermediate private key component carrier) is sent to the next collaborator together, and the specific execution order is not limited between these collaborators.
According to one embodiment of the present invention, after obtaining the full signature, the method further includes: the correctness of the full signature is verified by the standard SM2 digital signature verification procedure of GB/T32918.2.
According to still another embodiment of the present invention, after the signing principal generates the private signing key, the method further comprises: the signature main body generates and publishes a signature public key corresponding to the signature private key;
and, after obtaining the complete signature, further comprising: any one of the signing principal and the collaborator uses the public signature key to verify the validity of the full signature.
In the embodiment of the present invention, the method for verifying the correctness and validity of the complete signature only needs to comply with the SM2 standard, which is not limited by the present invention.
The following describes a specific implementation procedure of the multi-party cooperative signature method according to the present invention with reference to a specific embodiment. In the embodiment of the invention, the specific implementation comprises the following steps:
step 1: the client side adopts the part 2 of the GB/T32918.2 information security technology SM2 elliptic curve public key cryptographic algorithm: digital signature AlgorithmAAnd a corresponding public key dAG (where "·" is a standard doubling operation of elliptic curves);
step 2: the client end is in the operation field GP (P) or GF (P) of the elliptic curvem) Upper calculation of dA’=(dA+1)-1And is combined withCalculating dAN factors of dmAnd dn1~dn(N-1)So that d isA’=dm*dn=dm*dn1*dn2*...*dn(N-1)(where "+" is a multiplication over a domain);
and step 3: client side holding private key component dmThe private key component dn1~dn(N-1)The method comprises the steps that after being subjected to security encryption protection in the modes of public key encryption, digital envelopes, session keys, security channels or prefabricated keys and the like, the security encryption protection is sent to a server 1 to a server (N-1) through a communication unit;
and 4, step 4: when a client signs a message M, firstly, a random number k is selected, and (x1, y1) is calculated to be k.G based on a base point G specified by GB/T32918.5;
and 5: the client calculates a hash value e ═ H (ZA | | | M), where H () is SM3 hash algorithm, and ZA is client user identifier;
step 6: the client calculates r ═ e + x1 (mod n), where n is the order of the base point G on the elliptic curve. If r is 0 or r + k is n, returning to the step 4 to reselect the random number k for calculation again;
and 7: the client is based on the random number k and the private key component dmCalculating s ═ (k + r) × dm(mod n) (where "+" is the multiplication over the domain), and sends (r, s') to the server;
and 8: the server 1 according to (r, s') and its private key component dn1Calculating s'1=s’*dn1Service side 2 is according to (r, s'1) Private key component d with itselfn2Calculating s'2=s’1*dn2Sequentially calculating until the server side (N-1) calculates s'(N-1)=s’(N-2)*dn(N-1)And the sequence of the service end is not required in sequence. Finally calculating s ═ s'(N-1)-r (mod n) (where "+" is the multiplication operation on the field and "-" is the inverse of the addition operation on the field), forming the standard SM2 signature (r, s).
So far, part 2 of the elliptic curve public key cryptographic algorithm conforming to GB/T32918.2 information security technology SM2 is completed: digital signature algorithm "standard SM2 digitally signs (r, s).
Compared with the prior art, the invention has the following advantages and beneficial effects: the method and the device realize that the client completely controls the generation of the private key, can efficiently generate the digital signature and meet the relevant requirements of electronic signature method. The client and the server cooperate to generate the digital signature, so that the condition that the client is attacked can be prevented. The generation of the signature is initiated by the client, and the server can determine whether to respond after verifying the identity of the client, so that the safety of the digital signature service is ensured. And the multiple parties assist in completing the signature together, so that the method is suitable for scenes such as process approval, mobile terminal application and the like.
According to the technical scheme of the invention, a signature main body (client) and a cooperative party (server) can be realized by software, hardware or a combination of the software and the hardware, and both comprise the following functional units:
a calculation unit: performing various cryptographic operations related to SM2 digital signatures;
a storage unit: the private key component, the elliptic curve parameter and the like are saved;
a communication unit: may communicate with other partners (including servers and/or clients) that collaborate in signing.
Fig. 3 is a schematic diagram of main modules of a system for multi-party collaborative signing according to an embodiment of the present invention. As shown in fig. 3, a system 300 for multi-party collaborative signing according to an embodiment of the present invention mainly includes a signature main body 301 and a collaborator 302.
The signature agent 301 is configured to generate a signature private key, generate a plurality of private key components according to the signature private key, and distribute the plurality of private key components to the signature agent and the collaborator, where the number of the private key components is the same as the sum of the numbers of the signature agent and the collaborator, the private key component of the signature agent is a first private key component, and the private key component of the collaborator is a second private key component; responding to a cooperative signing request, signing data to be signed according to the first private key component to obtain a partial signing result, and sending the partial signing result to the cooperative party;
and the collaborator 302 is configured to perform collaborative signature operation according to the second private key component and the partial signature result to obtain a complete signature.
According to an embodiment of the present invention, when generating a plurality of private key components from the private signature key, the signature body 301 may further be configured to:
calculating a plurality of factors of an inverse element of (dA +1) over an operational domain of an elliptic curve and taking the plurality of factors as the plurality of private key components, wherein dA is the signature private key.
According to another embodiment of the present invention, the signature body 301, when distributing the plurality of private key components to the signature body and collaborators, may further be configured to:
and sending the second private key component to the cooperative party in a secure manner, wherein the secure manner comprises encrypting the second private key component by means of public key encryption, a digital envelope, a session key, a secure channel or a pre-established key.
According to yet another embodiment of the present invention, after signature body 301 distributes the plurality of private key components to the signature body and collaborators, collaborators 302 may be further configured to:
storing the plurality of private key components in a secret split shared manner at a plurality of locations.
According to yet another embodiment of the present invention, after distributing the plurality of private key components to the signature body and collaborators, signature body 301 may be further configured to:
retaining or destroying the private signature key and the private key component distributed to the collaborator.
According to another embodiment of the present invention, when signing the data to be signed according to the first private key component to obtain a partial signature result, the signature main body 301 may further be configured to:
selecting a random number k based on an SM2 algorithm, and calculating a standard r component;
and calculating a private key component carrier s 'based on the random number k, the r component and the first private key component, and using the r component and the private key component carrier s' as a partial signature result obtained by signing the data to be signed.
According to yet another embodiment of the present invention, the signature body 301, when calculating the r component of the standard, may also be used to:
calculating (x1, y1) as k · G based on the random number k and a base point G defined by GB/T32918.5;
calculating the hash value e ═ H (Z) of the data to be signedA| M), where H () is the SM3 hash algorithm, ZAIdentifying a client user, and M is data to be signed;
calculating r ═ e + x1 mod n according to x1 and the hash value e, wherein n is the order of the base point G on the elliptic curve;
if r is 0 or r + k is n, the random number k is reselected and the r component is calculated again.
According to another embodiment of the present invention, when performing a cooperative signature operation according to the second private key component and the partial signature result to obtain a complete signature, the cooperator 302 may further be configured to:
the first cooperative party calculates a first intermediate signature result according to the second private key component of the first cooperative party and the partial signature result;
the second cooperative party calculates a second intermediate signature result according to the second private key component of the second cooperative party and the first intermediate signature result;
repeating the steps until each cooperative party completes calculation to obtain a cooperative signature result;
and calculating a complete signature according to the collaborative signature result.
According to another embodiment of the present invention, when performing a cooperative signature operation according to the second private key component and the partial signature result to obtain a complete signature, the cooperator 302 may further be configured to:
the first collaborator calculates a first intermediate private key component carrier s ' according to the second private key component of the first collaborator and the private key component carrier s ' in the partial signature result '1
A second cooperator from its second private key component and said first intermediate private key component carrier s'1Calculating a second intermediate private key component carrier s'2
In this kind ofAnd pushing until each collaborator finishes calculating to obtain a collaborative private key component carrier s'(N-1)Wherein (N-1) is the number of the cooperative parties;
from the cooperative private key component carrier s'(N-1)And calculating a complete signature by using the r component in the partial signature result.
According to another embodiment of the present invention, each collaborator performs calculation through multiplication operation on the operation domain of the elliptic curve until obtaining the collaborative signature result; the cooperator calculates the full signature by the inverse of the multiplication and addition operations on the operational domain of the elliptic curve.
According to another embodiment of the present invention, the system 300 for multi-party collaborative signing further comprises a signature verification module (not shown in the figure) for:
after the full signature is obtained, the correctness of the full signature is verified by the standard SM2 digital signature verification procedure of GB/T32918.2.
According to yet another embodiment of the present invention, after generating the private signature key, the signature body 301 may further be configured to: generating and publishing a signature public key corresponding to the signature private key;
and the signature verification module can be further used for verifying the validity of the complete signature by any one of the signature main body and the collaborator by using the signature public key after the complete signature is obtained.
According to the technical scheme of the embodiment of the invention, a signature private key is generated by a signature main body, a plurality of private key components are generated according to the signature private key, and the plurality of private key components are distributed to the signature main body and a cooperative party, wherein the number of the private key components is the same as the sum of the numbers of the signature main body and the cooperative party, the private key component of the signature main body is a first private key component, and the private key component of the cooperative party is a second private key component; in response to the collaborative signing request, the signing main body signs the data to be signed according to the first private key component to obtain a partial signing result, and sends the partial signing result to the collaborator; the technical scheme that the cooperative signature operation is carried out by the cooperative party according to the second private key component and the partial signature result to obtain the complete signature is that the private key of the SM2 digital signature is split into at least two parts by the signature main body, wherein one part is retained by the cooperative party, and the rest is put on record to the cooperative party. When the signature body needs to carry out digital signature, the signature body generates a partial SM2 signature according to the private key component of the signature body, and then the cooperative signature operation is continuously carried out by the cooperative party to form a complete SM2 digital signature. Therefore, the client side can completely control the generation of the private key, and can efficiently generate the digital signature, thereby meeting the relevant requirements of electronic signature law. The client and the server cooperate to generate the digital signature, so that the condition that the client is attacked can be prevented. The generation of the signature is initiated by the client, and the server can determine whether to respond after verifying the identity of the client, so that the safety of the digital signature service is ensured. And the multiple parties assist in completing the signature together, so that the method is suitable for scenes such as process approval, mobile terminal application and the like.
Fig. 4 illustrates an exemplary system architecture 400 of a multi-party collaborative signing method or a multi-party collaborative signing system to which embodiments of the present invention may be applied.
As shown in fig. 4, the system architecture 400 may include terminal devices 401, 402, 403, a network 404, and a server 405. The network 404 serves as a medium for providing communication links between the terminal devices 401, 402, 403 and the server 405. Network 404 may include various types of connections, such as wire, wireless communication links, or fiber optic cables, to name a few.
A user may use terminal devices 401, 402, 403 to interact with a server 405 over a network 404 to receive or send messages or the like. Various kinds of messaging signature body applications, such as a bank application, a digital signature application, a secure encryption application, an instant messaging tool, a mailbox signature body, social platform software, etc. (just examples) may be installed on the terminal devices 401, 402, 403.
The terminal devices 401, 402, 403 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 405 may be a server providing various services, such as a background management server (for example only) providing support for digital signature requests issued by users using the terminal devices 401, 402, 403. The background management server can sign the received data such as the digital signature request and the like by the signing main body according to the first private key component to obtain a partial signature result, and sends the partial signature result to the collaborator; and the cooperative party performs cooperative signature operation according to the second private key component and the partial signature result to obtain a complete signature and the like, and feeds back a processing result (such as a complete digital signature or a signature result-just an example) to the terminal equipment.
It should be noted that the multi-party cooperative signature method provided by the embodiment of the present invention is generally executed by the server 405, and accordingly, the multi-party cooperative signature system is generally disposed in the server 405.
It should be understood that the number of terminal devices, networks, and servers in fig. 4 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring now to FIG. 5, a block diagram of a computer system 500 suitable for use with a terminal device or server implementing an embodiment of the invention is shown. The terminal device or the server shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 5, the computer system 500 includes a Central Processing Unit (CPU)501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data necessary for the operation of the system 500 are also stored. The CPU 501, ROM 502, and RAM 503 are connected to each other via a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
The following components are connected to the I/O interface 505: an input portion 506 including a keyboard, a mouse, and the like; an output portion 507 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication processing via a network such as the internet. The driver 510 is also connected to the I/O interface 505 as necessary. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as necessary, so that a computer program read out therefrom is mounted into the storage section 508 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 509, and/or installed from the removable medium 511. The computer program performs the above-described functions defined in the system of the present invention when executed by the Central Processing Unit (CPU) 501.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules described in the embodiments of the present invention may be implemented by software, or may be implemented by hardware. The described units or modules may also be provided in a processor, and may be described as: a processor includes a signature body and a collaborator. The names of these units or modules do not in some cases constitute a limitation on the units or modules themselves, for example, a collaborator may also be described as a "module for performing a collaborative signature operation based on the second private key component and the partial signature result to obtain a complete signature".
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to comprise: the method comprises the steps that a signature main body generates a signature private key, a plurality of private key components are generated according to the signature private key, and the private key components are distributed to the signature main body and a cooperation party, wherein the number of the private key components is equal to the sum of the number of the signature main body and the number of the cooperation party, the private key component of the signature main body is a first private key component, and the private key component of the cooperation party is a second private key component; in response to the cooperative signing request, the signing main body signs the data to be signed according to the first private key component to obtain a partial signing result, and sends the partial signing result to the cooperative party; and the cooperative party performs cooperative signature operation according to the second private key component and the partial signature result to obtain a complete signature.
According to the technical scheme of the embodiment of the invention, a signature private key is generated by a signature main body, a plurality of private key components are generated according to the signature private key, and the plurality of private key components are distributed to the signature main body and a cooperative party, wherein the number of the private key components is the same as the sum of the numbers of the signature main body and the cooperative party, the private key component of the signature main body is a first private key component, and the private key component of the cooperative party is a second private key component; in response to the collaborative signing request, the signing main body signs the data to be signed according to the first private key component to obtain a partial signing result, and sends the partial signing result to the collaborator; the technical scheme that the cooperative signature operation is carried out by the cooperative party according to the second private key component and the partial signature result to obtain the complete signature is that the private key of the SM2 digital signature is split into at least two parts by the signature main body, wherein one part is retained by the cooperative party, and the rest is put on record to the cooperative party. When the signature body needs to carry out digital signature, the signature body generates a partial SM2 signature according to the private key component of the signature body, and then the cooperative signature operation is continuously carried out by the cooperative party to form a complete SM2 digital signature. Therefore, the client side can completely control the generation of the private key, and can efficiently generate the digital signature, thereby meeting the relevant requirements of electronic signature law. The client and the server cooperate to generate the digital signature, so that the condition that the client is attacked can be prevented. The generation of the signature is initiated by the client, and the server can determine whether to respond after verifying the identity of the client, so that the safety of the digital signature service is ensured. And the multiple parties assist in completing the signature together, so that the method is suitable for scenes such as process approval, mobile terminal application and the like.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (15)

1. A method for multi-party collaborative signing, comprising:
the method comprises the steps that a signature main body generates a signature private key, a plurality of private key components are generated according to the signature private key, and the private key components are distributed to the signature main body and a cooperation party, wherein the number of the private key components is equal to the sum of the number of the signature main body and the number of the cooperation party, the private key component of the signature main body is a first private key component, and the private key component of the cooperation party is a second private key component;
in response to the cooperative signing request, the signing main body signs the data to be signed according to the first private key component to obtain a partial signing result, and sends the partial signing result to the cooperative party;
and the cooperative party performs cooperative signature operation according to the second private key component and the partial signature result to obtain a complete signature.
2. The method of claim 1, wherein the signing principal generating a plurality of private key components from the private signature key comprises:
the signature body is calculated over the operational domain of the elliptic curve (d)A+1) and taking the plurality of factors as the plurality of private key components, wherein dAIs the signature private key.
3. The method of claim 1, wherein a signature body distributes the plurality of private key components to the signature body and collaborators comprises:
and the signature main body sends the second private key component to the cooperative party in a secure mode, wherein the secure mode comprises the step of encrypting the second private key component in a public key encryption mode, a digital envelope mode, a session key mode, a secure channel mode or a pre-established key mode.
4. The method of claim 1, wherein after the signature body distributes the plurality of private key components to the signature body and collaborators, further comprising:
the collaborator stores the private key components in a secret division sharing mode at multiple places.
5. The method of claim 1, wherein after the signature body distributes the plurality of private key components to the signature body and collaborators, further comprising:
the signature main body reserves or destroys the signature private key and the private key component distributed to the collaborator.
6. The method of claim 1, wherein the signing main body signing the data to be signed according to the first private key component to obtain a partial signature result comprises:
the signature body selects a random number k based on an SM2 algorithm and calculates a standard r component;
and the signature main body calculates a private key component carrier s 'based on the random number k, the r component and the first private key component, and takes the r component and the private key component carrier s' as a partial signature result obtained by signing data to be signed.
7. The method of claim 6, wherein computing the r component of the criterion comprises:
calculating (51, 41) k · G based on the random number k and a base point G defined by GB/T32918.5;
calculating the hash value e ═ H (Z) of the data to be signedA| M), where H () is the SM3 hash algorithm, ZAIdentifying a client user, and M is data to be signed;
calculating r ═ e +51 mod n according to 51 and the hash value e, wherein n is the order of the base point G on the elliptic curve;
if r is 0 or r + k is n, the random number k is reselected and the r component is calculated again.
8. The method of claim 1, wherein the collaborator performing a collaborative signature operation according to the second private key component and the partial signature result to obtain a complete signature comprises:
a first cooperative party in the cooperative parties calculates a first intermediate signature result according to a second private key component of the first cooperative party and the partial signature result;
a second cooperative party in the cooperative parties calculates a second intermediate signature result according to a second private key component of the second cooperative party and the first intermediate signature result;
repeating the steps until each cooperative party completes calculation to obtain a cooperative signature result;
and the cooperative party calculates a complete signature according to the cooperative signature result.
9. The method of claim 6, wherein the collaborator performing a collaborative signature operation according to the second private key component and the partial signature result to obtain a complete signature comprises:
a first one of the collaborators based on its second private key componentAnd calculating a first intermediate private key component carrier s ' from private key component carrier s ' in the partial signature result '1
A second one of the collaborators is according to its second private key component and the first intermediate private key component carrier s'1Calculating a second intermediate private key component carrier s'2
And so on until each cooperative party completes calculation to obtain a cooperative private key component carrier s'(N-1)Wherein (N-1) is the number of the cooperative parties;
the cooperator is according to the cooperative private key component carrier s'(N-1)And calculating a complete signature by using the r component in the partial signature result.
10. The method according to claim 8 or 9,
each cooperator carries out calculation through multiplication operation on an operation domain of the elliptic curve until the cooperative signature result is obtained;
the cooperator calculates the full signature by the inverse of the multiplication and addition operations on the operational domain of the elliptic curve.
11. The method of claim 1, after obtaining the full signature, further comprising:
the correctness of the full signature is verified by the standard SM2 digital signature verification procedure of GB/T32918.2.
12. The method of claim 1, wherein after the signing principal generates a private signature key, the method further comprises:
the signature main body generates and publishes a signature public key corresponding to the signature private key;
after obtaining the complete signature, further comprising:
any one of the signing principal and the collaborator uses the public signature key to verify the validity of the full signature.
13. A system for multi-party collaborative signing, comprising a signing principal and a collaborator, wherein:
the signature main body is used for generating a signature private key, generating a plurality of private key components according to the signature private key, and distributing the plurality of private key components to the signature main body and the collaborator, wherein the number of the private key components is the same as the sum of the number of the signature main body and the number of the collaborator, the private key component of the signature main body is a first private key component, and the private key component of the collaborator is a second private key component; responding to a cooperative signing request, signing data to be signed according to the first private key component to obtain a partial signing result, and sending the partial signing result to the cooperative party;
and the cooperative party is used for performing cooperative signature operation according to the second private key component and the partial signature result to obtain a complete signature.
14. An electronic device for multi-party collaborative signing, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-12.
15. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-12.
CN202110839565.9A 2021-07-23 2021-07-23 Multi-party collaborative signature method and system Active CN113468580B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110839565.9A CN113468580B (en) 2021-07-23 2021-07-23 Multi-party collaborative signature method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110839565.9A CN113468580B (en) 2021-07-23 2021-07-23 Multi-party collaborative signature method and system

Publications (2)

Publication Number Publication Date
CN113468580A true CN113468580A (en) 2021-10-01
CN113468580B CN113468580B (en) 2022-08-09

Family

ID=77882217

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110839565.9A Active CN113468580B (en) 2021-07-23 2021-07-23 Multi-party collaborative signature method and system

Country Status (1)

Country Link
CN (1) CN113468580B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114650172A (en) * 2022-02-28 2022-06-21 智慧齐鲁(山东)大数据科技有限公司 Password service system based on multiclass password equipment
CN115314205A (en) * 2022-10-11 2022-11-08 中安网脉(北京)技术股份有限公司 Collaborative signature system and method based on key segmentation

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107196763A (en) * 2017-07-06 2017-09-22 数安时代科技股份有限公司 SM2 algorithms collaboration signature and decryption method, device and system
CN108989047A (en) * 2018-07-19 2018-12-11 郑州信大捷安信息技术股份有限公司 A kind of communicating pair collaboration endorsement method and system based on SM2 algorithm
CN111130804A (en) * 2019-12-27 2020-05-08 上海市数字证书认证中心有限公司 SM2 algorithm-based collaborative signature method, device, system and medium
CN111147246A (en) * 2020-02-18 2020-05-12 数据通信科学技术研究所 Multi-party collaborative signature method and system based on SM2
CN111200502A (en) * 2020-01-03 2020-05-26 信安神州科技(广州)有限公司 Collaborative digital signature method and device
CN111211911A (en) * 2019-12-31 2020-05-29 支付宝(杭州)信息技术有限公司 Collaborative signature method, device, equipment and system
CN111934877A (en) * 2020-06-23 2020-11-13 中国科学院信息工程研究所 SM2 collaborative threshold signature method and electronic device
CN112118113A (en) * 2020-09-18 2020-12-22 上海市数字证书认证中心有限公司 Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107196763A (en) * 2017-07-06 2017-09-22 数安时代科技股份有限公司 SM2 algorithms collaboration signature and decryption method, device and system
CN108989047A (en) * 2018-07-19 2018-12-11 郑州信大捷安信息技术股份有限公司 A kind of communicating pair collaboration endorsement method and system based on SM2 algorithm
CN111130804A (en) * 2019-12-27 2020-05-08 上海市数字证书认证中心有限公司 SM2 algorithm-based collaborative signature method, device, system and medium
CN111211911A (en) * 2019-12-31 2020-05-29 支付宝(杭州)信息技术有限公司 Collaborative signature method, device, equipment and system
CN111200502A (en) * 2020-01-03 2020-05-26 信安神州科技(广州)有限公司 Collaborative digital signature method and device
CN111147246A (en) * 2020-02-18 2020-05-12 数据通信科学技术研究所 Multi-party collaborative signature method and system based on SM2
CN111934877A (en) * 2020-06-23 2020-11-13 中国科学院信息工程研究所 SM2 collaborative threshold signature method and electronic device
CN112118113A (en) * 2020-09-18 2020-12-22 上海市数字证书认证中心有限公司 Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114650172A (en) * 2022-02-28 2022-06-21 智慧齐鲁(山东)大数据科技有限公司 Password service system based on multiclass password equipment
CN115314205A (en) * 2022-10-11 2022-11-08 中安网脉(北京)技术股份有限公司 Collaborative signature system and method based on key segmentation
CN115314205B (en) * 2022-10-11 2023-01-03 中安网脉(北京)技术股份有限公司 Collaborative signature system and method based on key segmentation

Also Published As

Publication number Publication date
CN113468580B (en) 2022-08-09

Similar Documents

Publication Publication Date Title
CN108352015B (en) Secure multi-party loss-resistant storage and encryption key transfer for blockchain based systems in conjunction with wallet management systems
CN103490892B (en) Digital signature method and system, application server and cloud cipher server
US11791992B2 (en) Computer implemented method and system for transferring control of a digital asset
CN107483212A (en) A kind of method of both sides' cooperation generation digital signature
CN109886692B (en) Data transmission method, device, medium and electronic equipment based on block chain
CN113468580B (en) Multi-party collaborative signature method and system
WO2017221723A1 (en) Terminal device, key distribution management device, server-client system, communication method, and program
CN113193961B (en) Digital certificate management method and device
CN113382002A (en) Data request method, request response method, data communication system, and storage medium
US10530581B2 (en) Authenticated broadcast encryption
CN111698264A (en) Method and apparatus for maintaining user authentication sessions
CN113206746B (en) Digital certificate management method and device
CN114037447A (en) Method and device for off-line transaction
CN111865761B (en) Social chat information evidence storing method based on block chain intelligent contracts
WO2023174350A1 (en) Identity authentication method, apparatus and device, and storage medium
CN111401888A (en) Method and device for generating multiple signature wallets
CN113179169B (en) Digital certificate management method and device
US20220385453A1 (en) Secure file transfer
TWI782701B (en) Non-interactive approval system for blockchain wallet and method thereof
CN113206738B (en) Digital certificate management method and device
CN113206745B (en) Digital certificate management method and device
CN113242132B (en) Digital certificate management method and device
CN109639409B (en) Key initialization method, key initialization device, electronic equipment and computer-readable storage medium
CN113918971A (en) Block chain based message transmission method, device, equipment and readable storage medium
CN113626848A (en) Sample data generation method and device, electronic equipment and computer readable medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant