CN115455448A - Signature method, signature device, electronic device and storage medium - Google Patents

Signature method, signature device, electronic device and storage medium Download PDF

Info

Publication number
CN115455448A
CN115455448A CN202211118668.7A CN202211118668A CN115455448A CN 115455448 A CN115455448 A CN 115455448A CN 202211118668 A CN202211118668 A CN 202211118668A CN 115455448 A CN115455448 A CN 115455448A
Authority
CN
China
Prior art keywords
signature
information
document
encrypted
digest
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211118668.7A
Other languages
Chinese (zh)
Inventor
陈龙杰
李嫚
仝建刚
朱应钊
乔宏明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN202211118668.7A priority Critical patent/CN115455448A/en
Publication of CN115455448A publication Critical patent/CN115455448A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0487Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser
    • G06F3/0488Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
    • G06F3/04883Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures for inputting data by handwriting, e.g. gesture or text

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Human Computer Interaction (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The application provides a signature method, a signature device, an electronic device and a storage medium. The signature method comprises the following steps: obtaining touch information in the process of generating handwriting information; the tactile information is tactile perception information of a signer for a tactile signature device; encrypting the touch information to obtain touch encrypted information; acquiring a signature document corresponding to the handwriting information; the signature document is an electronic document needing to be signed; and combining the touch sense encryption information, the handwriting information and the signature document to obtain signature data. The method and the device can improve the security of the signature data.

Description

Signature method, signature device, electronic device and storage medium
Technical Field
The present application relates to the field of computer technologies, and in particular, to a signature method, a signature apparatus, an electronic device, and a storage medium.
Background
In electronic agreement signing through computer equipment, a signer is required to sign an electronic document to determine the signing. At present, when signing, a signer mainly writes a name of the signer on a terminal by hand, and the signer is uniquely identified based on the uniqueness of the handwriting shape of the signer. However, in practical applications, handwriting of a signer is easy to forge, which results in poor security of the signature data obtained in this way.
Disclosure of Invention
An object of the present application is to provide a signature method, a signature apparatus, an electronic device, and a storage medium, which improve security of signature data at least to some extent.
According to an aspect of the embodiments of the present application, there is provided a signature method, including:
obtaining touch information in the process of generating handwriting information; the tactile information is tactile perception information of a signer aiming at the tactile signature device;
encrypting the touch information to obtain touch encrypted information;
acquiring a signature document corresponding to the handwriting information; the signature document is an electronic document needing to be signed;
and combining the touch sense encryption information, the handwriting information and the signature document to obtain signature data.
According to an aspect of the embodiments of the present application, there is provided a signature apparatus, including:
the touch information acquisition module is used for acquiring touch information in the handwriting information generation process; the tactile information is tactile perception information of a signer for a tactile signature device;
the touch information encryption module is used for encrypting the touch information to obtain touch encrypted information; the tactile sensation encryption information is information obtained by encrypting the tactile sensation information;
the signature document acquisition module is used for acquiring a signature document corresponding to the handwriting information; the signature document is an electronic document needing to be signed;
and the signature data generation module is used for combining the touch sense encryption information, the handwriting information and the signature document to obtain signature data.
In some embodiments of the present application, based on the above technical solutions, the signature apparatus is configured to:
acquiring an original document and a first encrypted digest sent by a signature requester; the first encrypted digest is information obtained by encrypting the digest of the original document through the first private key;
decrypting the first encrypted digest according to the public key corresponding to the first private key to obtain the digest of the original document;
and if the original document is detected to be not tampered based on the abstract of the original document, taking the original document as a signature document corresponding to the handwriting information.
In some embodiments of the present application, based on the above technical solutions, the signature apparatus is configured to:
acquiring the abstract of the signature data;
encrypting the digest of the signature data through a second private key to obtain a second encrypted digest;
sending the signature data and the second cryptographic digest to the signature requestor; the second cryptographic digest is used to verify whether the signature data is tampered with.
According to an aspect of an embodiment of the present application, there is provided a signature method, including:
acquiring an original document, and encrypting the abstract of the original document to obtain a first encrypted abstract;
sending the original document and the first encrypted digest to a signature executor; the original document and the first encrypted digest are used for indicating the signature executor to return signature data, the signature data are data obtained by combining touch sense encrypted information, handwriting information and a signature document, the touch sense encrypted information is information obtained by encrypting touch sense information in the process of generating the handwriting information, and the touch sense information is touch sense perception information of a signer for touch sense signature equipment;
and receiving signature data fed back by the signature executing party according to the original document and the first encrypted digest.
According to an aspect of the embodiments of the present application, there is provided a signature apparatus, including:
the document and summary encryption module is used for encrypting an original document and a summary of the original document through a first private key to obtain an encrypted document and a first encrypted summary; the first private key is a private key used for encrypting the original document and the digest of the original document, the encrypted document is the document after the original document is encrypted, and the first encrypted digest is information obtained by encrypting the digest of the original document through the first private key;
the sending module is used for sending the original document and the first encrypted digest to a signature executor; the original document and the first encrypted digest are used for indicating the signature executor to return signature data, the signature data are data obtained by combining touch sense encrypted information, handwriting information and a signature document, the touch sense encrypted information is information obtained by encrypting touch sense information in the process of generating the handwriting information, and the touch sense information is touch sense perception information of a signer for touch sense signature equipment;
and the receiving module is used for receiving the signature data fed back by the signature executive party according to the original document and the first encrypted abstract.
In some embodiments of the present application, based on the above technical solutions, the signature apparatus is configured to:
receiving signature data and a second encrypted abstract fed back by the signature executing party according to the original document and the first encrypted abstract; the second encrypted digest is information obtained by encrypting the digest of the signature data through a second private key;
decrypting the second encrypted digest according to the public key corresponding to the second private key to obtain the digest of the signature data;
and if the signature data is detected to be not tampered according to the abstract of the signature data, obtaining a signature result according to the signature data.
In some embodiments of the present application, based on the above technical solutions, the signature apparatus is configured to:
detecting whether the identity corresponding to the signature data is matched with the identity of a signer;
and if the identity corresponding to the signature data is matched with the identity of the signer, obtaining a signature result according to the signature data.
In some embodiments of the present application, based on the above technical solutions, the signature apparatus is configured to:
sending the signature data to a third party; the signature data is used for indicating the third party to decrypt the encrypted touch sense information in the signature data to obtain touch sense information, predicting the identity corresponding to the touch sense information according to an identity authentication model to obtain identity information corresponding to the touch sense information, obtaining an identity authentication result according to the identity information, and returning the identity authentication result and the abstract of the touch sense information, wherein the identity authentication model is a prediction model obtained by training a preset model through a touch sense data sample and a mapping relation sample, and the mapping relation sample is a sample formed by the corresponding relation between pre-calibrated touch sense data and an identity;
receiving an identity authentication result returned by the third party according to the signature data and the abstract of the tactile information;
and if the identity authentication result is that the tactile information is matched with the identity of the signer and the tactile information is not tampered according to the abstract of the tactile information, matching the identity corresponding to the signature data with the identity of the signer.
According to an aspect of an embodiment of the present application, there is provided an electronic device including: one or more processors; storage means for storing one or more programs which, when executed by the one or more processors, cause the electronic device to implement the methods provided in the various alternative implementations described above.
According to an aspect of embodiments of the present application, there is provided a computer program medium having stored thereon computer readable instructions, which, when executed by a processor of a computer, cause the computer to perform the method provided in the above various alternative implementations.
According to an aspect of embodiments herein, there is provided a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the method provided in the various alternative implementations described above.
According to the technical scheme provided by the embodiment of the application, the touch information in the handwriting information generation process is encrypted and combined with the signature document and the handwriting information to form signature data. On one hand, the touch information is difficult to forge, and on the other hand, the encrypted touch information can prevent others from signing instead, so that the identity of the signer can be identified by adopting the signature data.
Other features and advantages of the present application will be apparent from the following detailed description, or may be learned by practice of the application.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
The above and other objects, features and advantages of the present application will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings.
Fig. 1 shows a schematic flow diagram of a signature method according to an embodiment of the present application.
Fig. 2 shows a schematic flow diagram of a signature method according to an embodiment of the present application.
FIG. 3 illustrates a schematic diagram of communication interactions among a signer, a requestor, and a third party according to one embodiment of the present application.
Fig. 4 is a schematic structural diagram of a signature system according to an embodiment of the present application.
Fig. 5 shows a schematic structural diagram of a signature device according to an embodiment of the present application.
Fig. 6 shows a schematic structural diagram of a signature device according to an embodiment of the present application.
Fig. 7 shows a schematic structural diagram of an electronic device according to an embodiment of the application.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these example embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The drawings are merely schematic illustrations of the present application and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more example embodiments. In the following description, numerous specific details are provided to give a thorough understanding of example embodiments of the application. One skilled in the relevant art will recognize, however, that the subject matter of the present application can be practiced without one or more of the specific details, or with other methods, components, steps, and so forth. In other instances, well-known structures, methods, implementations, or operations are not shown or described in detail to avoid obscuring aspects of the application.
Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
Fig. 1 shows a schematic flow diagram of a signature method according to an embodiment of the present application, the method comprising the steps of:
and S101, obtaining touch information in the handwriting information generating process.
The tactile information is tactile perception information of the signer for the tactile signature apparatus. The handwriting information may include information such as strokes, stroke order, speed at which the handwriting information was generated, time, and the like. A tactile signature device is a device capable of detecting tactile sensory information.
In this embodiment, the executing entity is a signature executing party. The signature executing party is a party performing signature, and may specifically be various terminal devices used for matching with a signer to perform signature by handwriting and generating corresponding handwriting, such as: tablet computers, smart phones, and the like have touch screen devices.
As an alternative embodiment, the signer signs a signature on the screen of the signature executor through a touch-sensitive pen to generate handwriting information, and the signature executor extracts, from the touch-sensitive pen, the touch-sensitive information recorded by the touch-sensitive pen during the generation of the handwriting information, such as: and (4) pressure information. In addition, time information of the handwriting information generation process can be extracted from the touch pen. The signature executor may detect and record handwriting information through its touch screen.
As an alternative embodiment, the signature executor is a terminal device with pressure sensing. The terminal equipment can detect the pressure through the pressure sensor, so that the pressure signal in the handwriting information generating process can be detected through the terminal equipment, and the touch information comprising the pressure information can be obtained.
As an alternative embodiment, the tactile information includes pressure information and speed information, and the signature characteristics specific to the signer in the signature process can be well reflected by the tactile information and the speed information, so that the identity of the signer can be more safely characterized by avoiding being easily forged.
In step S102, the tactile sensation information is encrypted to obtain tactile sensation encrypted information.
In order to increase the security of the signature data, the tactile encrypted information is obtained by encrypting the tactile information. The touch-sensitive encrypted information can be further used as hidden identity verification data to prevent the information from being used for forging the signature after being directly transmitted to other equipment. Correspondingly, the handwriting information may not be encrypted and is used to publicly indicate the identity of the signer.
By extracting and encrypting the touch information in the handwriting information generating process, the handwriting information generating method can prevent the handwriting information from being forged by other people and effectively prevent the handwriting information from being signed by other people in the process of transmitting the touch encrypted information.
In addition, the tactile information can be used for identifying the identity of a signer, the problem that identity authentication is single can be solved by adding the tactile information, and elements and data types of handwriting anti-counterfeiting and identity verification are enriched.
And step S103, acquiring a signature document corresponding to the handwriting information.
A signature document is an electronic document that requires a signature.
As an alternative embodiment, the signature document is an electronic document that is directly sent by the signature requester for signature. The signature executive party receives the signature document sent by the signature requesting party.
As an alternative implementation, the signature document is an original document obtained by decrypting and verifying a digest of the original document sent by the signature requester. Before sending an original document, a signature executor encrypts a digest of the original document to obtain a first encrypted digest and sends the first encrypted digest to the signature executor. The signature executing party combines the first encrypted digest to verify whether the original document is tampered or not, and the original document is verified in the mode, so that the transmission security of the original document is higher, and the security of signature data is further higher.
And step S104, combining the touch sense encryption information, the handwriting information and the signature document to obtain signature data.
In one embodiment, obtaining a signature document corresponding to handwriting information includes:
acquiring an original document and a first encrypted digest sent by a signature requester; the first encrypted digest is information obtained by encrypting the digest of the original document through a first private key;
decrypting the first encrypted digest according to the public key corresponding to the first private key to obtain the digest of the original document;
and if the original document is detected to be not tampered based on the abstract of the original document, taking the original document as a signature document corresponding to the handwriting information.
In order to improve the security of original document transmission in the signing process and avoid the leakage and tampering of the original document, a signing requester can encrypt the original document, and an asymmetric encryption mode is adopted to encrypt the abstract of the original document. The method comprises the steps of encrypting the abstract of an original document by a first private key to obtain an encrypted document abstract, and sending the encrypted document abstract, namely the first encrypted abstract, to a signature executor.
In one embodiment, after combining the tactile encryption information, the handwriting information, and the signature document, the method further comprises:
acquiring a digest of the signature data;
encrypting the digest of the signature data through a second private key to obtain a second encrypted digest;
sending the signature data and the second encrypted digest to a signature requester; the second cryptographic digest is used to verify whether the signature data has been tampered with.
In this way, asymmetric encryption is used for the signature data. In the transmission process of the signature data, the uniqueness of the signature document is ensured, and meanwhile, the signature document, the touch information and the handwriting information are combined into an inseparable whole, so that the signature document, the touch information or the handwriting information is prevented from being changed in the transmission process, and the uniqueness and the safety of the signature data are improved.
As an alternative embodiment, after the signature data is obtained, the signature data is sent to the signature requester, i.e. to the party providing the signature document. After the signature requester obtains the signature data, the signature requester can decrypt the touch encrypted information in the signature data, identify the identity of the signer based on the touch information without error, and obtain the handwriting information of the real signer. The forgery of the signature data is prevented, and the security of the signature data is improved.
In a remote signing scene, the signing parties transmit the document and the signature data which need to be signed by adopting the mode, so that data tampering is avoided, the identity of a signer can be safely identified, and the uniqueness and the safety of remote signing are improved.
The process of generating signature data is described in detail below in connection with a particular scenario.
The tactile signal is extracted by a tactile signature device. The stroke and speed time information is recorded through a screen, and the stress and time data are extracted through a touch pen. And a touch screen device with a pressure sensor can be adopted, and strokes, touch signals and time information in the signature process can be recorded directly through software.
And encrypting the obtained tactile information represented by the strength and the speed to serve as hidden identity verification data, and preventing the information from being used for forging the signature after being directly transmitted to a third party. And the stroke sequence and other data represented by the image can be used as the mapping of the encrypted signature data for publicly indicating the identity of the signer.
During signature, the integrity of the document and the source identity of the document are confirmed through the private key encryption information of the original document and the abstract and the public key decryption, and whether the electronic document is correct is confirmed. And when the document is accurate and correct, combining the document and the handwriting signature information, encrypting the abstract of the combined information by using a private key, and transmitting the encrypted abstract to a protocol provider to finish a signature process.
The data abstract extraction method can be obtained through a hash function and other methods, aims to provide the data abstract extraction method for others, verifies the data source and integrity, can ensure that the data abstract is not replaced in the data stream transfer process, and ensures the data consistency in the whole process.
By adopting the mode, the handwriting electronic signature is improved by combining the touch technology, the optimized representation of the handwriting electronic signature in the remote protocol signing process is realized by combining the characteristics of touch information, and the safety of signing a contract by using the handwriting electronic signature is improved to a certain extent.
In the embodiment, the touch information in the process of generating the handwriting information is encrypted and combined with the signature document and the handwriting information to form signature data. On one hand, the touch information is difficult to forge, and on the other hand, the encrypted touch information can prevent others from signing instead, so that the identity of the signer can be identified by adopting the signature data.
Fig. 2 shows a schematic flow diagram of a signature method according to an embodiment of the present application, the method comprising the steps of:
step S201, acquiring an original document, and encrypting the digest of the original document to obtain a first encrypted digest.
In this embodiment, the executing agent is a signing requester. The signature requestor is a correspondent that requests to sign the electronic document.
Step S202, the original document and the first encrypted digest are sent to the signature executor.
The original document and the first encrypted digest are used for indicating a signature executing party to return signature data, the signature data are data obtained by combining touch sense encrypted information, handwriting information and a signature document, the touch sense encrypted information is information obtained by encrypting the touch sense information in the process of generating the handwriting information, and the touch sense information is touch sense perception information of a signer for touch sense signature equipment.
Step S203, receiving the signature data fed back by the signature executor according to the original document and the first encrypted digest.
In one embodiment, after sending the original document and the first cryptographic digest to the signature executor, the method further comprises:
receiving signature data and a second encrypted abstract fed back by a signature executing party according to the original document and the first encrypted abstract; the second encrypted digest is information obtained by encrypting the digest of the signature data by a second private key;
decrypting the second encrypted digest according to the public key corresponding to the second private key to obtain the digest of the signature data;
and if the signature data is detected to be not tampered according to the abstract of the signature data, obtaining a signature result according to the signature data.
In this way, the inseparability of the document from the signature is established by multiple asymmetric encryptions. The signature data is prevented from being tampered, so that the security in the transmission process of the signature data is improved.
In an embodiment, after receiving the signature data fed back by the signature executor according to the original document and the first encrypted digest, the method further includes:
detecting whether the identity corresponding to the signature data is matched with the identity of the signer;
and if the identity corresponding to the signature data is matched with the identity of the signer, obtaining a signature result according to the signature data.
As an optional implementation, detecting whether the identity corresponding to the signature data matches with the identity of the signer includes: decrypting the encrypted touch sense information in the signature data to obtain touch sense information, predicting the identity corresponding to the touch sense information according to the identity authentication model to obtain identity information corresponding to the touch sense information, obtaining an identity authentication result according to the identity information, and matching the identity corresponding to the signature data with the identity of the signer if the identity authentication result is that the touch sense information is matched with the identity of the signer.
In one embodiment, detecting whether the identity corresponding to the signature data matches the identity of the signer includes:
sending the signature data to a third party; the signature data is used for indicating a third party to decrypt the encrypted touch sense information in the signature data to obtain touch sense information, predicting the identity corresponding to the touch sense information according to an identity identification model to obtain identity information corresponding to the touch sense information, obtaining an identity identification result according to the identity information, and returning the identity identification result and the abstract of the touch sense information, wherein the identity identification model is a prediction model obtained by training a preset model through a touch sense data sample and a mapping relation sample, and the mapping relation sample is a sample formed by the corresponding relation between touch sense data calibrated in advance and an identity mark;
receiving an identity authentication result and a summary of tactile information returned by a third party according to the signature data;
and if the identity authentication result is that the tactile information is matched with the identity of the signer and the tactile information is not tampered according to the abstract of the tactile information, matching the identity corresponding to the signature data with the identity of the signer.
In addition, if the identification result is that the tactile information does not match the identity of the signer, the identity corresponding to the signature data does not match the identity of the signer.
The identity corresponding to the touch information is identified through the identity identification model, so that whether the signature data is matched with the signer or not can be determined, the security of the signature data is improved, and the non-repudiation of the protocol signing process is improved for the signing scene.
As an alternative embodiment, the signature result is information that confirms that the signature data is error-free, or information that the signature data is verified. In the subscription scenario, the result of the signature is to determine that the agreement is complete.
Referring to fig. 3, fig. 3 shows a schematic diagram of communication interaction between a signer (i.e., a signature executor), a requester (i.e., a signature requester), and a third party. The overall communication process is described in connection with fig. 3.
The requester sends the electronic document original text and the document abstract encryption information to the signing party. The requesting party generates an electronic document and an electronic document abstract, encrypts the document abstract by adopting a private key A to obtain document abstract encryption information, and sends the electronic document original text and the document abstract encryption information to the signing party.
And the signing party detects that the electronic document is not tampered according to the document abstract encryption information. And the signing party receives the electronic document original text and the document digest encryption information, decrypts the document digest encryption information by adopting the public key corresponding to the private key A to obtain the electronic document digest, and detects that the electronic document is not tampered according to the electronic document digest.
The signing party acquires handwriting information and encrypted touch information. The signature party further acquires a signature timestamp, a stroke and a sequence; and (3) acquiring the strength and the speed in the signing process, and encrypting the strength and the speed by adopting a key C to obtain encrypted handwriting touch data.
The signing party generates a document signature combination. And the signing party combines the encrypted handwriting touch data, the electronic document original text, and the signature time stamp, the strokes and the sequence into a document signature combination.
The signer generates combined digest encrypted information. And the signing party extracts the abstract of the document signature combination, encrypts the abstract of the document signature combination by using a private key B to obtain the encrypted information of the combined abstract.
The signer sends the document signature combination and the combined digest encryption information to the requester.
The requester sends the encrypted handwriting touch data to a third party. And the requester decrypts the encrypted information of the combined abstract according to the public key corresponding to the private key B to obtain the abstract of the document signature combination, determines the integrity and the accuracy of the document signature combination according to the abstract of the document signature combination, and sends the encrypted handwriting touch data in the document signature combination to a third party if the document is complete and accurate, namely, the document is not tampered.
And the third party verifies that the identity corresponding to the touch information is correct. And the third party decrypts the encrypted handwriting touch data by adopting the secret key C to obtain unencrypted handwriting touch data, namely the strength and the speed in the process of generating the handwriting information, and predicts the strength and the speed through the identity authentication model to obtain the handwriting identity corresponding to the touch information.
And the third party sends the result that the handwriting identity is correct to the requester. And under the condition that the handwriting identity is detected to be correct, sending a result of the correct handwriting identity and the abstract of the handwriting touch data to the requester.
And the requester finally generates the signed document according to the result that the handwriting identity is correct and the document signature combination.
Referring to fig. 4, fig. 4 shows a schematic structural diagram of the signature system. The signature system comprises an identity authentication module, a document processing module and a signature generation module. The identity authentication module mainly comprises functions of handwriting and identity mapping data, signature data decoding, identity authentication model and the like; the document processing module comprises the functions of document and document abstract generation, data confirmation, data comparison and the like; the signature generation module comprises functions of handwriting signature data extraction, handwriting touch data encryption, document signature combination, combined data abstract encryption and the like, and by combining the three modules, the handwriting touch data is used for combining the handwriting signature and the document content to jointly complete a remote signature process of a protocol.
Each module is described in detail below.
A signature generation module: and extracting information such as stroke sequence, force speed and the like in the handwriting signature process through the touch signature equipment, and recording the signature time. And the handwriting touch information is encrypted by using the key C, so that other people are prevented from forging the signature data, and a contract is forged and signed. And receiving the document original text and the document abstract encrypted data transmitted from the document processing module, decrypting the document abstract encrypted data by using a public key corresponding to the private key A, and verifying whether the transmitted document data is correct or not. And combining the unencrypted stroke sequence, the signature timestamp and the encrypted touch information, and the original text and abstract encryption information of the electronic document, which is transmitted by the document processing module, to generate document signature combination data containing document and handwriting data. The document is signed and the data is combined to generate the abstract of the document, and the private key B is used for signing the abstract, so that the document content is prevented from being changed after the company receives the signature. And finally to the document processing module. The anti-counterfeiting effect in the handwriting signature is improved by using data such as the touch sense in the handwriting signature process.
An identity identification module: and training an identity authentication model by using the mapping relation between the identity information and the handwriting touch data, and verifying the identity of the handwriting signer by using the identity authentication model. And decrypting the handwriting touch data by using the key C corresponding to the handwriting generating module for the data input into the decoding module, and inputting the obtained result into the identity authentication model to authenticate the identity information of the handwriting signer. And returning the identity information result obtained by the identification and the handwriting touch abstract to the document processing module. And establishing an identity authentication model by using the handwriting and identity mapping data to authenticate whether the handwriting corresponds to the person.
The document processing module: and generating electronic document original data and recording a time stamp of the final version of the document. The document digest is extracted, the digest is encrypted by using a private key A, and the encrypted digest and the document original are input into a signature generation module. And decrypting the document signature combination data transmitted by the signature generation module through a public key corresponding to the private key B and confirming whether the document and the signature data are accurate or not. And receiving the identification result in the identity identification module, and completing the final protocol signing process through the comparison model. And determining inseparability of the document and the signature through multiple asymmetric encryption actions with handwriting signature contents in the document transmission process.
By adopting the method, the touch information in the handwriting electronic signature process is extracted and used for the identity verification of the handwriting signature data, the problem that identity information identification is single in the handwriting signature process is solved, and the element types of handwriting anti-counterfeiting and identity verification are enriched. The touch data of the handwritten handwriting signature is encrypted, so that the handwritten handwriting signature can be prevented from being forged by others and being signed by others. Finally, the real identity of the signer is determined, and the safety and the non-repudiation of the protocol signing are improved.
In addition, the document information and the handwriting signature information after the document information is combined are encrypted by using an asymmetric encryption method, the identities of both parties signed by a remote protocol are attached to the decryption information, and the protocol content and the handwriting signature information are bound, so that the uniqueness of the electronic document is ensured, the electronic document and the signature information are combined into an inseparable whole, the electronic document information or the signature information is prevented from being changed, and the inseparability of data in the process of signing by the remote protocol is improved.
Fig. 5 shows a signature apparatus according to an embodiment of the present application, the apparatus comprising:
the touch information acquisition module 301 is configured to acquire touch information in a handwriting information generation process; the tactile information is tactile perception information of a signer for the tactile signature device;
the tactile sensation information encryption module 302 is used for encrypting the tactile sensation information to obtain tactile sensation encrypted information; the tactile sensation encryption information is information obtained by encrypting the tactile sensation information;
a signature document obtaining module 303, configured to obtain a signature document corresponding to the handwriting information; the signature document is an electronic document requiring signature;
and the signature data generation module 304 is configured to combine the touch sense encryption information, the handwriting information, and the signature document to obtain signature data.
In an exemplary embodiment of the present application, an apparatus is configured to:
acquiring an original document and a first encrypted digest sent by a signature requester; the first encrypted digest is information obtained by encrypting the digest of the original document through a first private key;
decrypting the first encrypted digest according to the public key corresponding to the first private key to obtain the digest of the original document;
and if the original document is detected to be not tampered based on the abstract of the original document, taking the original document as a signature document corresponding to the handwriting information.
In an exemplary embodiment of the present application, an apparatus is configured to:
acquiring a digest of the signature data;
encrypting the digest of the signature data through a second private key to obtain a second encrypted digest;
sending the signature data and the second encrypted digest to a signature requester; the second cryptographic digest is used to verify whether the signature data has been tampered with.
Fig. 6 shows a signature apparatus according to an embodiment of the present application, the apparatus comprising:
the document and digest encryption module 401 is configured to encrypt an original document and a digest of the original document by using a first private key to obtain an encrypted document and a first encrypted digest; the first private key is a private key used for encrypting the original document and the abstract of the original document, the encrypted document is the document after the original document is encrypted, and the first encrypted abstract is information obtained after the abstract of the original document is encrypted through the first private key;
a sending module 402, configured to send the original document and the first encrypted digest to the signature executor; the original document and the first encrypted digest are used for indicating a signature executor to return signature data, the signature data are data obtained by combining touch sense encrypted information, handwriting information and a signature document, the touch sense encrypted information is information obtained by encrypting the touch sense information in the process of generating the handwriting information, and the touch sense information is touch sense perception information of a signer for touch sense signature equipment;
and a receiving module 403, configured to receive signature data fed back by the signature executor according to the original document and the first encrypted digest.
In an exemplary embodiment of the present application, an apparatus is configured to:
receiving signature data and a second encrypted abstract fed back by a signature executing party according to the original document and the first encrypted abstract; the second encrypted digest is information obtained by encrypting the digest of the signature data by a second private key;
decrypting the second encrypted digest according to the public key corresponding to the second private key to obtain the digest of the signature data;
and if the signature data is detected to be not tampered according to the abstract of the signature data, obtaining a signature result according to the signature data.
In an exemplary embodiment of the present application, an apparatus is configured to:
detecting whether the identity corresponding to the signature data is matched with the identity of the signer;
and if the identity corresponding to the signature data is matched with the identity of the signer, obtaining a signature result according to the signature data.
In an exemplary embodiment of the present application, an apparatus is configured to:
sending the signature data to a third party; the signature data is used for indicating a third party to decrypt the encrypted touch sense information in the signature data to obtain touch sense information, predicting the identity corresponding to the touch sense information according to an identity identification model to obtain identity information corresponding to the touch sense information, obtaining an identity identification result according to the identity information, and returning the identity identification result and an abstract of the touch sense information, wherein the identity identification model is a prediction model obtained by training a preset model through a touch sense data sample and a mapping relation sample, and the mapping relation sample is a sample formed by the corresponding relation between pre-calibrated touch sense data and an identity;
receiving an identity authentication result and a summary of tactile information returned by a third party according to the signature data;
and if the identity authentication result is that the tactile information is matched with the identity of the signer and the tactile information is not tampered according to the abstract of the tactile information, matching the identity corresponding to the signature data with the identity of the signer.
An electronic device 50 according to one embodiment of the present application is described below with reference to fig. 7. The electronic device 50 shown in fig. 7 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 7, the electronic device 50 is in the form of a general purpose computing device. The components of the electronic device 50 may include, but are not limited to: the at least one processing unit 510, the at least one memory unit 520, and a bus 530 that couples various system components including the memory unit 520 and the processing unit 510.
Wherein the storage unit stores program code, which can be executed by the processing unit 510, to cause the processing unit 510 to perform the steps according to various exemplary embodiments of the present application described in the description part of the above exemplary methods of the present specification. For example, processing unit 510 may perform various steps as shown in fig. 1.
The memory unit 520 may include a readable medium in the form of a volatile memory unit, such as a random access memory unit (RAM) 5201 and/or a cache memory unit 5202, and may further include a read only memory unit (ROM) 5203.
Storage unit 520 may also include a program/utility 5204 having a set (at least one) of program modules 5205, such program modules 5205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 530 may be a local bus representing one or more of several types of bus structures, including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or any of a variety of bus architectures.
The electronic device 50 may also communicate with one or more external devices 600 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 50, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 50 to communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interfaces 550. An input/output (I/O) interface 550 is connected to the display unit 540. Also, the electronic device 50 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet) via the network adapter 360. As shown, the network adapter 560 communicates with the other modules of the electronic device 50 over the bus 530. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with electronic device 50, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present application may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a mobile terminal, etc.) to execute the method according to the embodiments of the present application.
In an exemplary embodiment of the present application, there is also provided a computer-readable storage medium having stored thereon computer-readable instructions which, when executed by a processor of a computer, cause the computer to perform the method described in the above method embodiment section.
According to an embodiment of the present application, there is also provided a program product for implementing the method in the above method embodiment, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present application is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as JAVA, C + +, or the like, as well as conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the application. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Moreover, although the steps of the methods in this application are depicted in the drawings in a particular order, this does not require or imply that these steps must be performed in this particular order, or that all of the depicted steps must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions, etc.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present application can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to make a computing device (which can be a personal computer, a mobile terminal, etc.) execute the method according to the embodiments of the present application.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.

Claims (10)

1. A signature method, comprising:
obtaining touch information in the process of generating handwriting information; the tactile information is tactile perception information of a signer for a tactile signature device;
encrypting the touch information to obtain touch encrypted information;
acquiring a signature document corresponding to the handwriting information; the signature document is an electronic document needing to be signed;
and combining the touch sense encryption information, the handwriting information and the signature document to obtain signature data.
2. The method of claim 1, wherein obtaining a signature document corresponding to the handwriting information comprises:
acquiring an original document and a first encrypted digest sent by a signature requester; the first encrypted digest is information obtained by encrypting the digest of the original document through the first private key;
decrypting the first encrypted digest according to the public key corresponding to the first private key to obtain the digest of the original document;
and if the original document is detected to be not tampered based on the abstract of the original document, taking the original document as a signature document corresponding to the handwriting information.
3. The method of claim 2, wherein after combining the tactile encryption information, the handwriting information, and the signature document, the method further comprises:
acquiring the abstract of the signature data;
encrypting the digest of the signature data through a second private key to obtain a second encrypted digest;
sending the signature data and the second cryptographic digest to the signature requestor; the second cryptographic digest is used to verify whether the signature data is tampered with.
4. A signature method, comprising:
acquiring an original document, and encrypting the abstract of the original document to obtain a first encrypted abstract;
sending the original document and the first encrypted digest to a signature executor; the original document and the first encrypted digest are used for indicating the signature executor to return signature data, the signature data are data obtained by combining touch sense encrypted information, handwriting information and a signature document, the touch sense encrypted information is information obtained by encrypting touch sense information in the process of generating the handwriting information, and the touch sense information is touch sense perception information of a signer for touch sense signature equipment;
and receiving the signature data fed back by the signature executing party according to the original document and the first encrypted digest.
5. The method of claim 4, wherein after sending the original document and the first cryptographic digest to a signature executor, the method further comprises:
receiving signature data and a second encrypted abstract fed back by the signature executing party according to the original document and the first encrypted abstract; the second encrypted digest is information obtained by encrypting the digest of the signature data through a second private key;
decrypting the second encrypted digest according to the public key corresponding to the second private key to obtain the digest of the signature data;
and if the signature data is detected to be not tampered according to the abstract of the signature data, obtaining a signature result according to the signature data.
6. The method of claim 4, wherein after receiving the signature data fed back by the signature executor from the original document and the first cryptographic digest, the method further comprises:
detecting whether the identity corresponding to the signature data is matched with the identity of a signer;
and if the identity corresponding to the signature data is matched with the identity of the signer, obtaining a signature result according to the signature data.
7. The method of claim 6, wherein detecting whether the identity corresponding to the signature data matches the identity of the signer comprises:
sending the signature data to a third party; the signature data is used for indicating the third party to decrypt the encrypted touch sense information in the signature data to obtain touch sense information, predicting the identity corresponding to the touch sense information according to an identity authentication model to obtain identity information corresponding to the touch sense information, obtaining an identity authentication result according to the identity information, and returning the identity authentication result and the abstract of the touch sense information, wherein the identity authentication model is a prediction model obtained by training a preset model through a touch sense data sample and a mapping relation sample, and the mapping relation sample is a sample formed by the corresponding relation between pre-calibrated touch sense data and an identity;
receiving an identity authentication result returned by the third party according to the signature data and the abstract of the tactile information;
and if the identity authentication result is that the tactile information is matched with the identity of the signer and the tactile information is not tampered according to the abstract of the tactile information, matching the identity corresponding to the signature data with the identity of the signer.
8. A signature device is characterized by comprising a tactile information acquisition module, a tactile information encryption module, a signature document acquisition module and a signature data generation module,
the touch information acquisition module is used for acquiring touch information in the handwriting information generation process; the tactile information is tactile perception information of a signer for a tactile signature device;
the touch information encryption module is used for encrypting the touch information to obtain touch encrypted information; the tactile sensation encryption information is information obtained by encrypting the tactile sensation information;
the signature document acquisition module is used for acquiring a signature document corresponding to the handwriting information; the signature document is an electronic document needing to be signed;
the signature data generation module is used for combining the touch sense encryption information, the handwriting information and the signature document to obtain signature data;
or the device comprises a document and abstract encryption module, a sending module and a receiving module,
the document and digest encryption module is used for encrypting an original document and a digest of the original document through a first private key to obtain an encrypted document and a first encrypted digest; the first private key is a private key used for encrypting the original document and the digest of the original document, the encrypted document is the document after the original document is encrypted, and the first encrypted digest is information obtained by encrypting the digest of the original document through the first private key;
the sending module is used for sending the original document and the first encrypted digest to a signature executor; the original document and the first encrypted digest are used for indicating the signature executor to return signature data, the signature data are data obtained by combining touch sense encrypted information, handwriting information and a signature document, the touch sense encrypted information is information obtained by encrypting touch sense information in the process of generating the handwriting information, and the touch sense information is touch sense perception information of a signer for touch sense signature equipment;
the receiving module is configured to receive signature data fed back by the signature executor according to the original document and the first encrypted digest.
9. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs which, when executed by the one or more processors, cause the electronic device to carry out the method of any one of claims 1 to 7.
10. A computer-readable storage medium having stored thereon computer-readable instructions which, when executed by a processor of a computer, cause the computer to perform the method of any one of claims 1 to 7.
CN202211118668.7A 2022-09-13 2022-09-13 Signature method, signature device, electronic device and storage medium Pending CN115455448A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211118668.7A CN115455448A (en) 2022-09-13 2022-09-13 Signature method, signature device, electronic device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211118668.7A CN115455448A (en) 2022-09-13 2022-09-13 Signature method, signature device, electronic device and storage medium

Publications (1)

Publication Number Publication Date
CN115455448A true CN115455448A (en) 2022-12-09

Family

ID=84302486

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211118668.7A Pending CN115455448A (en) 2022-09-13 2022-09-13 Signature method, signature device, electronic device and storage medium

Country Status (1)

Country Link
CN (1) CN115455448A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116090027A (en) * 2023-04-07 2023-05-09 深圳奥联信息安全技术有限公司 Electronic document signature protection method and system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116090027A (en) * 2023-04-07 2023-05-09 深圳奥联信息安全技术有限公司 Electronic document signature protection method and system

Similar Documents

Publication Publication Date Title
EP3291504B1 (en) Authentication and secure transmission of data between signature devices and host computers using transport layer security
CN110011793A (en) Anti-fake data processing method of tracing to the source, device, equipment and medium
RU2018105186A (en) VERIFICATION OF PORTABLE CONSUMER DEVICES
CN102035654B (en) Identity authentication method, identity authentication equipment, server and identity authentication-based encryption method
CN111291339B (en) Method, device, equipment and storage medium for processing blockchain data
CN109951295B (en) Key processing and using method, device, equipment and medium
US20230368194A1 (en) Encryption method and decryption method for payment key, payment authentication method, and terminal device
US20200089867A1 (en) System and method for authentication
EP4128692B1 (en) Service-to-service strong authentication
CN111460525B (en) Block chain-based data processing method, device and storage medium
US20180343247A1 (en) Method, user terminal and authentication service server for authentication
KR102171746B1 (en) Bio Electronic Signature Using Block-chain Method and Device Thereof
CN113610526A (en) Data trust method and device, electronic equipment and storage medium
CN115455448A (en) Signature method, signature device, electronic device and storage medium
CN108900472B (en) Information transmission method and device
CN110601836B (en) Key acquisition method, device, server and medium
CN111415155B (en) Encryption method, device, equipment and storage medium for falling-chain transaction data
CN115051816B (en) Privacy protection-based cloud computing method and device and financial data cloud computing method and device
TWI673626B (en) Method for verifying electronic files using biometrics, terminal electronic device and computer readable recording medium
CN107911220B (en) Signature method, signature device and terminal equipment
CN106156571B (en) Encrypting fingerprint tool, encrypting fingerprint tool encrypting and deciphering system and encipher-decipher method
CN113645183A (en) Data encryption transmission method, system, computer equipment and storage medium
KR101809662B1 (en) Method and system for securing some area of the image file
KR20200137126A (en) Apparatus and method for registering biometric information, apparatus and method for biometric authentication
CN117522417B (en) Transaction security verification method and device based on quantum encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination