CN116886306A - Verifiable digital signature method based on elliptic curve - Google Patents

Verifiable digital signature method based on elliptic curve Download PDF

Info

Publication number
CN116886306A
CN116886306A CN202311064368.XA CN202311064368A CN116886306A CN 116886306 A CN116886306 A CN 116886306A CN 202311064368 A CN202311064368 A CN 202311064368A CN 116886306 A CN116886306 A CN 116886306A
Authority
CN
China
Prior art keywords
data
data transmission
transmission device
shore
based server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311064368.XA
Other languages
Chinese (zh)
Inventor
叶俊
曹新辉
郭祯
周颖
蒋羽
蒋维丽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hainan University
Original Assignee
Hainan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hainan University filed Critical Hainan University
Priority to CN202311064368.XA priority Critical patent/CN116886306A/en
Publication of CN116886306A publication Critical patent/CN116886306A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a verifiable digital signature method based on elliptic curve, which is applied to a data acquisition and transmission system in an ocean open network environment. The method comprises a system initialization flow, a device registration and key generation flow and an authentication flow. The invention can effectively ensure the authenticity of data transmission, and the identity of a data sender is required to be verified before each data is received so as to ensure the validity and the authenticity of the data source.

Description

Verifiable digital signature method based on elliptic curve
Technical field:
the invention relates to the field of data security encryption and transmission, in particular to a verifiable digital signature method based on elliptic curves.
The background technology is as follows:
currently, marine networks are generally composed of devices such as sensors, satellites and fixed platforms, which form a marine complex network environment, which makes security and privacy of marine information particularly important, but is not limited to the requirements of identity authentication, data protection, network security, etc. On the other hand, traditional network security cannot be directly used in a complex network environment in the ocean due to the limitations of computing power and storage power of the device. The prior ocean information security mainly has the problems of limited equipment performance and insufficient security capability; the network environment is open and is easy to attack by adversaries; the safety protection measures are few, and the safety protection level is not enough; in terms of authentication, the collection of marine information generally goes far from land to deep blue. Therefore, when the device transmits data, the transmission and authentication are difficult to be carried out once and the relay device is required to be used for forwarding, however, the relay device is vulnerable to adversary attacks in the process of information transmission, and potential safety hazards such as interception, tampering, counterfeiting, replay and the like are likely to be faced. In order to ensure the authenticity and validity of data, the security and traceability of the data transmission process need to be ensured while authenticating the device.
The invention comprises the following steps:
in order to achieve the above purpose, the invention provides a verifiable digital signature method based on elliptic curve based on the prior digital signature so as to solve the problem of data transmission of a plurality of remote nodes.
The method is applied to a data acquisition and transmission system in an ocean open network environment, and the system comprises acquisition equipment, a plurality of relay equipment and a shore-based server; the acquisition equipment is provided with a unique identity id and an identity credential generated correspondingly with the unique identity id, and can execute related operation; the shore-based server is used for decrypting source data, tracing the whole authentication process, verifying the authenticity and legitimacy of data sources, managing the whole communication network, initializing public system parameters and being responsible for registration of acquisition equipment and relay equipment in an ocean communication environment; the relay equipment forms at least one common channel;
the method comprises a system initialization flow, a device registration and key generation flow and an authentication flow;
the system initialization flow is used for initializing system parameters of the shore-based server;
the equipment registration and key generation flow is used for realizing the registration of each acquisition equipment and the relay equipment on the shore-based server;
the authentication flow is used for generating information after the acquisition device acquires data, sending the information to the relay devices of the public channels, verifying and transmitting each level of relay devices according to the level, and finally transmitting the information to the shore-based server, wherein the shore-based server needs to authenticate the identity of the information source device.
Further, the system initialization process includes the following steps:
step one: the shore-based server is arranged in a prime finite field Z with a base point P q Select a non-singular elliptic curve E on = {0,1, …, q-1} q (u, v) in the form of y 2 =x 3 +ux+v (mod q); q is any prime number;
step two: the shore-based server selects a form h (& gt): 0,1} * →{0,1} l The function adopts an input character string with any length, and generates an output with fixed length as a message digest;
step three: the shore-based server selecting a random secret valueAnd calculate T pub =s·p; then select the random number +.>As a system private key and calculates a corresponding system public key K pub =K pri ·P;
Step four: the shore-based server publishes common system parameters:
{E q (u,v),h(·),P,K pub ,T pub }。
further, the equipment registration and key generation process comprises a collecting equipment booklet registration process and a relay equipment registration sub-process;
the booklet annotating flow of the collection equipment specifically comprises the following steps: the acquisition device selects an identity id and then sends the identity id to the shore-based server through a secure channel, and the shore-based server generates an identity credential hid=h (id s K for the acquisition device pri ) Sending the data to acquisition equipment;
the flow of the relay equipment for annotating booklets specifically comprises the following steps: negotiating between the shore-based server and the relay device, and assisting the relay device to generate private key information d i And save and publish public key information Q i =d i P; simultaneous shore-based server generation of information A i =K pri ·Q i Shore-based service delivery a i And (3) numbering the relay equipment for the i.
Further, the authentication process includes the following steps:
step one: after the acquisition device collects the data, the acquisition device selects a random numberAnd obtaining the current timestamp t 1 And calculates r=r·p, then confuses the identity and calculates +.> And an authentication code mac=h (id HID t) 1 ||r) while calculating the key=h (hid||t) 1 ||r) is used to encrypt the collected data; after which it is at time stamp t 1 When transmitting information M= { t to i-level data transmission device of the channel through the belonging public channel 1 ,R,MAC,MID};
Step two: the i-stage data transmission device is at time t 2 After receiving the data transmitted by the previous-stage data transmission device, the i-stage data transmission device judges whether the difference value between the receiving time and the data transmitting time of the previous-stage data transmission device is smaller than a preset time value, if so, the data is verified to pass, otherwise, the data is not verified to pass; if not, the communication data is not accepted, and if the verification is passed, the i-stage data transmission device generates a randomNumber of digitsAnd calculate N i =r i ·Q j 、R i =r i P, where Q j For the public key of a j-level data transmission device, and selecting a temporary identity TID i =h(id i ||r i ) And a current timestamp t 3 Then calculate +.>Auth ij =h(TID i ||R i ||t 3 ||A i Q j ) Signature informationData information->Wherein d is i Private key information for the i-level data transmission device; after which it is at time stamp t 3 Transmitting data { sign } to the j-stage data transmission device of the belonging public channel i 、M i 、h(M)、R i 、AID i 、t 3 };
Step three: the j-stage data transmission device is at time t 4 Receiving the request information, the data transmission device determines |t 4 -t 3 |<Whether deltat is true or not to verify the received timestamp, and if not, not accepting the communication data; if true, the verification passes, and the j-stage data transmission device calculates N j =d j ·R i Wherein d j Private key information for the data transmission device; and then is reducedAuth 'is then calculated' ij =h(TID' i ||R i ||t 3 ||A j Q i ) The method comprises the steps of carrying out a first treatment on the surface of the Finally comparingAnd h (M) Q i If the identity is equal, verifying the identity is successful; the j-stage data transmission device generates a random number +.>And N 'is calculated' j =r j ·Q k 、R j =r j P, where Q k For k-level data transmission device public key and selecting temporary identity TID j =h(id j ||r j ) And a current timestamp t 5 Then calculate +.>And Auth jk =h(TID j ||R j ||t 5 ||A j Q k ) The method comprises the steps of carrying out a first treatment on the surface of the Finally, j-stage data transmission device calculates signature informationAnd data information->After which it is at time stamp t 5 Transmitting data { sign } to k-level data transmission device of common channel j 、M j 、h(M)、R j 、AID j 、t 5 -a }; the final j-stage data transmission device verifies the received data after calculating the data to be transmitted, and calculates the data authenticityTransmitting the data to the upper data transmission device to verify the data, wherein the upper data transmission device utilizes the data M.Q generated by the upper data transmission device i And->By contrast, if equal, step four is executed;
step four: the k-level data transmission device receives the data transmitted by the j-level data transmission device, then the k-level data transmission device is used as a new 'j-level data transmission device' to execute the operation and verification in the same mode as the j-level data transmission device in the third step, the data are sequentially transmitted downwards along a common channel, the data transmission devices at the subsequent levels repeatedly execute the same operation, and the data are sequentially transmitted downwards along the common channel until the shore-based server receives the data;
step five: the information is transmitted to a shore-based server, and the shore-based server calculates to obtain information M;
step six: the bank-based server authenticates the identity of the equipment from which the information M is derived, and if the authentication is successful, the step seven is carried out;
step seven: the acquisition equipment encrypts the acquired data through the key and transmits the encrypted data to the shore-based server through the public channel.
Further, in the fifth step, the method for obtaining the information M by the shore-based server includes:
assuming that the last-stage relay device of the common channel transmitting the message M is the j-th stage data transmission device described in the third step, the shore-based server first calculates Auth' jk The calculation method is as follows:
first, N is calculated k =d k ·R j Wherein d is k Is a private key of a shore-based server and then is restoredAuth 'is then calculated' jk h(TID′ j |||R j ||t 5 ||M k Q j ) Due to Auth' jk =Auth jk Therefore->Due to Q j Known to give M i . Then through the same procedure, due to Auth' ij =Auth ij Therefore-> Obtain->Due to Q i It is known that M is further obtained.
Further, in the step six, the authentication method is as follows: :
first calculateThen finding out the corresponding HID through id';
then calculate MAC '=h (id' || HID t 1 ||R i );
And comparing the identity authentication codes with the identity authentication codes MAC, and if the identity authentication codes MAC are equal, authenticating the identity successfully.
Further, in the third step, the data M.Q generated by the upper data transmission device itself is used i And (3) withIn contrast, if not, it is indicated that the next-stage data transmission device may be maliciously changed, and the previous-stage data transmission device transmits the message to the server through the common channel.
Further, the data transmission device is an acquisition device or a relay device.
The beneficial effects of the invention are as follows:
1. the authenticity of data transmission can be effectively ensured, and each time before data is received, the identity of a data sender is required to be verified, so that the validity and the authenticity of a data source are ensured.
2. The integrity of the data can be effectively ensured, and in the process of transmitting the data, a data receiver can ensure that the data is not tampered by unauthorized equipment or can be rapidly found after tampering.
3. The method can effectively ensure traceability of data transmission, and each entity can carry out communication confirmation on the upper data source while receiving and authenticating the data source so as to ensure traceability of the data in the transmission process.
Description of the drawings:
FIG. 1 is a flow chart of the present invention.
Fig. 2 is a schematic diagram of a system to which the present invention is applied.
Fig. 3 is a schematic diagram of the registration phase of the present invention.
The specific embodiment is as follows:
the present embodiment will be described with reference to fig. 1.
The design concept of the invention is as follows: the invention provides a verifiable digital signature method based on elliptic curves, which is used for secure communication between devices. Because the data is collected in the ocean, when the data is transmitted by the collecting equipment, the data is difficult to be transmitted once and is required to be forwarded by the relay equipment, the method adopts a multi-stage data transmission mode, the collecting equipment is responsible for collecting ocean data and encrypting the data, the relay equipment is responsible for forwarding the data and verifying the data source, and the shore-based server is responsible for decrypting the data and verifying the whole data transmission flow. The protocol is suitable for a multi-node transmission network environment, the integrity of data is guaranteed through a signature technology in the transmission process of the data, and meanwhile, the authenticity and the legality of a data source are guaranteed through a verification technology. And the proposed protocol has a small traffic overhead.
The specific application scene of the invention is that under the ocean open network environment, the safety of communication between the devices is ensured while the devices transmit data. A specific data transmission model is shown in fig. 1. In this model, there are an acquisition device, several relay devices and a shore-based server. The acquisition device has a unique identity i d and also an identity credential generated corresponding thereto, and is capable of performing the relevant arithmetic operations designed in the scheme. The relay device has a pair of public and private keys and a unique identity id, while the public key of the relay device is exposed. The shore-based server is in the whole system capable of decrypting source data and tracing back the whole authentication process and verifying the authenticity and legitimacy of the data source, is trusted and secure, manages the whole communication network and initializes some common system parameters. It is responsible for registration of acquisition devices and relay devices in an ocean communication environment.
In this embodiment, the collecting device and the relay device are collectively referred to as a data transmission device, and the collecting device can also perform tasks of calculation, verification and data transmission in the verification process.
As shown in fig. 2, the present invention includes the following processes:
system initialization flow
This procedure is used for initializing system parameters for the shore-based server.
The shore-based server performs the following operations to initialize system parameters.
Step one: the shore-based server is arranged in a prime finite field Z with a base point P q Select a non-singular elliptic curve E on = {0,1, …, q-1} q (u, v) in the form of y 2 =x 3 +ux+v (mod q). q is any prime number.
Step two: the shore-based server selects a form h (& gt): 0,1} * →{0,1} l The anti-collision one-way hash function of the system adopts an input character string with any length and generates an output with fixed length as a message digest.
Step three: the shore-based server selecting a random secret valueAnd calculate T pub =s·p. Then select the random number +.>As a system private key and calculates a corresponding system public key K pub =K pri ·P。
Step four: public system parameters issued by shore-based server
{E q (u,v),h(·),P,K pub ,T pub }。
Second, equipment registration and key generation flow
The process is a registration process for each acquisition device and relay device, which is performed on a secure channel. The method comprises the following specific steps:
each acquisition device and the relay device select their identity ids and then send them to the shore-based server via a secure channel, respectively. The shore-based server generates an identity credential hid=h (id s K) for the acquisition device pri ) At the same timeNegotiating between the shore-based server and the relay device, and assisting the relay device to generate private key information d i And save and publish public key information Q i =d i P, while the shore-based server generates information A i =K pri ·Q i Shore-based service transmission information HID and a i Respectively to the acquisition device and the relay device. The specific flow is shown in FIG. 3 (ID in the figure client Representing acquisition device ID, ID node Representing the relay node device id
Third, authentication flow
The authentication flow is used for generating information after the acquisition device acquires data, sending the information to the relay devices of the public channels, verifying and transmitting each level of relay devices according to the level, and finally transmitting the information to the shore-based server, wherein the shore-based server needs to authenticate the identity of the information source device.
Step one: after the acquisition device collects certain data, the acquisition device generates information according to the following steps that the acquisition device selects random numbersAnd obtaining the current timestamp t 1 And calculates r=r·p, then obfuscates the identity and calculatesAnd an authentication code mac=h (id HID t) 1 ||r) while it calculates the key=h (hid||t) 1 ||r) is used to encrypt the collected data. After which it is at time stamp t 1 When transmitting information M= { t to i-level data transmission device of the channel through the belonging public channel 1 ,R,MAC,MID}。
Step two: the i-stage data transmission device is at time t 2 After receiving the data transmitted by the last data transmission device, the data transmission device judges whether the difference between the receiving time and the data transmitting time of the last data transmission device is smaller than a preset time threshold value, if so, the data transmission device verifies that the data is passed, otherwise, the data transmission device does not pass; if the verification is not passed, the communication data is not accepted.
The i-stage data transmission device here is generally a public oneA first level relay device of the common transmission channel. The data transmission equipment at the previous stage is acquisition equipment, and the data transmission equipment at the ith stage is used for judging |t 2 -t 1 |<Whether Δt is true verifies the received timestamp, Δt being a predetermined time difference threshold. If true, the i-level data transmission device generates a random numberAnd calculate N i =r i ·Q j (wherein Q j Public key for next-level data transmission device, i.e., j-level data transmission device), R i =r i P, and select temporary identity TID i =h(id i ||r i ) And a current timestamp t 3 Then calculate +.>And Auth ij =h(TID i ||R i ||t 3 ||A i Q j ) Finally, i-stage data transmission device calculates signature informationAnd data information-> After which it is at time stamp t 3 Transmitting data { sign over a common channel to a j-stage data transmission device i 、M i 、h(M)、R i 、AID i 、t 3 }。
If |t 2 -t 1 |<If Δt is not established, it is determined that there is a risk of the communication, and the communication data is not accepted until the above condition is satisfied.
The previous level data transmission device is the rest level relay device, and the actual timestamp and the related parameters are used for calculation, so that the verification and calculation modes are the same, and the details are not repeated here.
Step three: j seriesAt time t by the transmitting device 4 After receiving the request information, by judging |t 4 -t 3 |<Whether deltat holds true verifies the received timestamp. If true, the j-stage data transmission device will calculate N j =d j ·R i Then reduce Auth 'is then calculated' ij =h(TID' i |||R i ||t 3 ||A j Q i ). Finally comparingAnd h (M) Q i If equal, the identity verification is successful. Then the j-stage data transmission device generates a random number +.>And N 'is calculated' j =r j ·Q k (wherein Q k Public key of the K-level data transmission device for the next accepted data), R j =r j P, and select temporary identity TID j =h(id j ||r j ) And a current timestamp t 5 . Then calculateAnd Auth jk =h(TID j ||R j ||t 5 ||A j Q k ). Finally j-stage data transmission device calculates signature information +.> And data information->After which it is at timeThe stamp is t 5 And then transmitting the data to the next stage of data transmission equipment through a common channel: k-stage data transmission device transmits data { sign } j 、M j 、h(M)、R j 、AID j 、t 5 }. The final j-stage data transmission device will verify the authenticity of the received data after calculating the data it is going to send, it will calculate +.>The data M.Q generated by the data transmitting device to the receiving device i And->In contrast, if equal, the description is not problematic, if unequal, the description generates data M i If the data is tampered with by the equipment of the previous stage, the next stage data transmission equipment is possibly maliciously changed, and the identity information of the tampered data transmission equipment is transmitted to the shore-based server through the public channel by the previous stage data transmission equipment. The shore-based server will take some corresponding action, such as notifying personnel to see specifically if the device is malfunctioning.
When the relay device of the second node is verified, firstly verifying the identity of the relay device on the first node, then verifying whether the data of the relay device is changed in the transmission process, if the verification is successful, the relay device of the second node calculates and sends verification data to the acquisition device, the acquisition device can be used as the relay device at the moment, then the acquisition device verifies whether the first node changes the data M, and the relay device verification modes of the other nodes are the same.
Step four: the k-stage data transmission device receives the data transmitted by the j-stage data transmission device, then performs the operation and verification in the same manner as the j-stage data transmission device in the third step as the new j-stage data transmission device, sequentially transmits the data downwards along the common channel, and repeatedly performs the same operation by the data transmission devices of the subsequent stages, sequentially transmits the data downwards along the common channel until the shore-based server receives the data.
Step five: the information is transmitted to a shore-based server, and the shore-based server calculates the information M.
Assuming that the last-stage relay device of the common channel transmitting the message M is the j-th stage data transmission device described in the third step, the shore-based server first calculates Auth' jk The calculation method is as follows:
first, N is calculated k =d k ·R j Wherein d is k Is a private key of a shore-based server and then is restoredAuth 'is then calculated' jk =h(TID′ j ||R j ||t 5 ||A k Q j ) Due to Auth' jk =Auth jk Therefore->Due to Q j Known to give M i . Then through the same procedure, due to Auth' ij =Auth ij Therefore->Obtain-> Due to Q i It is known that M is further obtained.
The above assumption is that only a calculation method is provided, and if the relay device at the last stage is a relay device at other stages, the index corresponding to the calculation formula is modified to be the number of the corresponding relay device.
Step six: and step seven, the bank-based server authenticates the identity of the equipment from which the information M is derived, and the authentication is successful.
After receiving the information M, the shore-based server needs to authenticate the identity of the device from which the information M originated, so there is the following calculation:
first calculateThen finding out the corresponding HID through id';
then calculate MAC '=h (id' || HID t 1 ||R i )。
If the MAC' is equal to the identity authentication code MAC, the authentication of the identity is successful, otherwise, the authentication is failed. By means of symmetric encryption, the acquisition equipment can encrypt acquired data through a key after authentication is successful, and the shore-based server can calculate the key to decrypt the data.
Step seven: the acquisition equipment encrypts the acquired data through the key and transmits the encrypted data to the shore-based server through the public channel.

Claims (8)

1. The verifiable digital signature method based on elliptic curve is characterized in that the method is applied to a data acquisition and transmission system in an ocean open network environment, and the system comprises acquisition equipment, a plurality of relay equipment and a shore-based server; the acquisition equipment is provided with a unique identity id and an identity credential generated correspondingly with the unique identity id, and can execute related operation; the shore-based server is used for decrypting source data, tracing the whole authentication process, verifying the authenticity and legitimacy of data sources, managing the whole communication network, initializing public system parameters and being responsible for registration of acquisition equipment and relay equipment in an ocean communication environment; the relay equipment forms at least one common channel;
the method comprises a system initialization flow, a device registration and key generation flow and an authentication flow;
the system initialization flow is used for initializing system parameters of the shore-based server;
the equipment registration and key generation flow is used for realizing the registration of each acquisition equipment and the relay equipment on the shore-based server;
the authentication flow is used for generating information after the acquisition device acquires data, sending the information to the relay devices of the public channels, verifying and transmitting each level of relay devices according to the level, and finally transmitting the information to the shore-based server, wherein the shore-based server authenticates the identity of the information source device.
2. The method of verifiable digital signature based on elliptic curves as recited in claim 1, wherein the system initialization procedure includes the steps of:
step one: the shore-based server is arranged in a prime finite field Z with a base point P q Select a non-singular elliptic curve E on = {0,1, …, q-1} q (u, v) in the form of y 2 =x 3 +ux+v (mod q); q is any prime number;
step two: the shore-based server selects a form h (& gt): 0,1} * →{0,1} l The function adopts an input character string with any length, and generates an output with fixed length as a message digest;
step three: the shore-based server selecting a random secret valueAnd calculate T pub =s·p; then select a random numberAs a system private key and calculates a corresponding system public key K pub =K pri ·P;
Step four: the shore-based server publishes common system parameters: { E q (u,v),h(·),P,K pub ,T pub }。
3. The verifiable digital signature method based on elliptic curve as recited in claim 2, wherein the device registration and key generation process includes a collection device registration process and a relay device registration sub-process;
the booklet annotating flow of the collection equipment specifically comprises the following steps: the acquisition device selects an identity id and then sends the identity id to the shore-based server through a secure channel, and the shore-based server generates an identity credential hid=h (id s K for the acquisition device pri ) Sending the data to acquisition equipment;
the flow of the relay equipment for annotating booklets specifically comprises the following steps: negotiating between the shore-based server and the relay device, and assisting the relay device to generate private key information d i And save and publish public key information Q i =d i P; simultaneous shore-based server generation of information A i =K pri ·Q i Shore-based service delivery a i And (3) numbering the relay equipment for the i.
4. The verifiable digital signature method based on elliptic curve as recited in claim 2, wherein the authentication procedure includes the steps of:
step one: after the acquisition device collects the data, the acquisition device selects a random numberAnd obtaining the current timestamp t 1 And calculates r=r·p, then confuses the identity and calculates +.> And an authentication code mac=h (id HID t) 1 ||r) while calculating the key=h (hid||t) 1 ||r) is used to encrypt the collected data; after which it is at time stamp t 1 When transmitting information M= { t to i-level data transmission device of the channel through the belonging public channel 1 ,R,MAC,MID};
Step two: the i-stage data transmission device is at time t 2 After receiving the data transmitted by the previous-stage data transmission device, the i-stage data transmission device judges whether interpolation of the receiving time and the data transmitting time of the previous-stage data transmission device is smaller than a preset time value, if so, the data is verified to pass, otherwise, the data is not passed; if not, the communication data is not accepted, and if the verification is passed, the i-stage data transmission device generates a random numberAnd calculate N i =r i ·Q j 、R i =r i P, where Q j For the public key of a j-level data transmission device, and selecting a temporary identity TID i =h(id i ||r i ) And a current timestamp t 3 Then calculate +.> Signature informationData information->Wherein d is i Private key information for the i-level data transmission device; after which it is at time stamp t 3 Transmitting data { sign } to the j-stage data transmission device of the belonging public channel i 、M i 、h(M)、R i 、AID i 、t 3 };
Step three: the j-stage data transmission device is at time t 4 Receiving the request information, the data transmission device determines |t 4 -t 3 |<Whether deltat is true or not to verify the received timestamp, and if not, not accepting the communication data; if true, the verification passes, and the j-stage data transmission device calculates N j =d j ·R i Wherein d j Private key information for the data transmission device; and then is reducedAuth 'is then calculated' ij =h(TID' i ||R i ||t 3 ||A j Q i ) The method comprises the steps of carrying out a first treatment on the surface of the Finally comparingAnd h (M) Q i If the identity is equal, verifying the identity is successful; the j-stage data transmission device generates a random number +.>And calculate N j '=r j ·Q k 、R j =r j P, where Q k For k-level data transmission device public key and selecting temporary identity TID j =h(id j ||r j ) And a current timestamp t 5 Then calculate +.>And Auth jk =h(TID j ||R j ||t 5 ||A j Q k ) The method comprises the steps of carrying out a first treatment on the surface of the Finally, j-stage data transmission device calculates signature informationAnd data information->After which it is at time stamp t 5 Transmitting data { sign } to k-level data transmission device of common channel j 、M j 、h(M)、R j 、AID j 、t 5 -a }; the final j-stage data transmission device verifies the received data after calculating the data to be transmitted, and calculates the data authenticityTransmitting the data to the upper data transmission device to verify the data, wherein the upper data transmission device utilizes the data M.Q generated by the upper data transmission device i And->By contrast, if equal, step four is executed;
step four: the k-level data transmission device receives the data transmitted by the j-level data transmission device, then the k-level data transmission device is used as a new 'j-level data transmission device' to execute the operation and verification in the same mode as the j-level data transmission device in the third step, the data are sequentially transmitted downwards along a common channel, the data transmission devices at the subsequent levels repeatedly execute the same operation, and the data are sequentially transmitted downwards along the common channel until the shore-based server receives the data;
step five: the information is transmitted to a shore-based server, and the shore-based server calculates to obtain information M;
step six: the bank-based server authenticates the identity of the equipment from which the information M is derived, and if the authentication is successful, the step seven is carried out;
step seven: the acquisition equipment encrypts the acquired data through the key and transmits the encrypted data to the shore-based server through the public channel.
5. The verifiable digital signature method based on elliptic curve as recited in claim 2, wherein in the fifth step, the method for obtaining the information M by the shore-based server is as follows:
assuming that the last-stage relay device of the common channel transmitting the message M is the j-th stage data transmission device described in the third step, the shore-based server first calculates Auth j ' k The calculation method is as follows:
first, N is calculated k =d k ·R j Wherein d is k Is a private key of a shore-based server and then is restoredThen calculate Auth j ' k h(TID j '|||R j ||t 5 ||M k Q j ) Due to Auth j ' k =Auth jk Therefore, it isDue to Q j Known to give M i Then through the same procedure, due to Auth' ij =Auth ij Therefore-> Obtain->Due to Q i It is known that M is further obtained.
6. The verifiable digital signature method based on elliptic curve as recited in claim 2, wherein in the sixth step, the authentication method is as follows: :
first calculateThen finding out the corresponding HID through id';
then calculate MAC '=h (id' || HID t 1 ||R i );
And comparing the identity authentication codes with the identity authentication codes MAC, and if the identity authentication codes MAC are equal, authenticating the identity successfully.
7. The method of verifying digital signature as set forth in claim 2, wherein in the third step, the previous data transmission device uses its own generated data m.q i And (3) withIn contrast, if not, it is indicated that the next-stage data transmission device may be maliciously changed, and the previous-stage data transmission device transmits the message to the server through the common channel.
8. A verifiable digital signature method as recited in claim 2 wherein the data transmission device is an acquisition device or a relay device.
CN202311064368.XA 2023-08-23 2023-08-23 Verifiable digital signature method based on elliptic curve Pending CN116886306A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311064368.XA CN116886306A (en) 2023-08-23 2023-08-23 Verifiable digital signature method based on elliptic curve

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311064368.XA CN116886306A (en) 2023-08-23 2023-08-23 Verifiable digital signature method based on elliptic curve

Publications (1)

Publication Number Publication Date
CN116886306A true CN116886306A (en) 2023-10-13

Family

ID=88260705

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311064368.XA Pending CN116886306A (en) 2023-08-23 2023-08-23 Verifiable digital signature method based on elliptic curve

Country Status (1)

Country Link
CN (1) CN116886306A (en)

Similar Documents

Publication Publication Date Title
CN111083131B (en) Lightweight identity authentication method for power Internet of things sensing terminal
US20210367753A1 (en) Trusted measurement and control network authentication method based on double cryptographic values and chaotic encryption
CN102315937B (en) System and method for secure transaction of data between wireless communication device and server
CN101902476B (en) Method for authenticating identity of mobile peer-to-peer user
JP2017063432A (en) System and method for designing secure client-server communication protocols based on certificateless public key infrastructure
US20100293379A1 (en) method for secure data transmission in wireless sensor network
WO2007011897A2 (en) Cryptographic authentication, and/or establishment of shared cryptographic keys, using a signing key encrypted with a non-one-time-pad encryption, including (but not limited to) techniques with improved security against malleability attacks
CN105163309B (en) A method of the wireless sensor network security communication based on combination pin
EP3360279B1 (en) Public key infrastructure&amp;method of distribution
JP2000083018A (en) Method for transmitting information needing secrecy by first using communication that is not kept secret
CN104901935A (en) Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem)
AU2015202599B2 (en) Methods and devices for securing keys when key-management processes are subverted by an adversary
CN110535626B (en) Secret communication method and system for identity-based quantum communication service station
CN109951513A (en) Anti- quantum calculation wired home quantum cloud storage method and system based on quantum key card
CN114125833A (en) Multi-factor authentication key agreement method for intelligent equipment communication
CN111181718A (en) Anti-quantum computing IKE system based on alliance chain and negotiation communication method
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
TWI556618B (en) Network Group Authentication System and Method
CN116388995A (en) Lightweight smart grid authentication method based on PUF
CN113676448A (en) Off-line equipment bidirectional authentication method and system based on symmetric key
CN111245611B (en) Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment
CN115865313A (en) Lightweight privacy protection longitudinal federal learning model parameter aggregation method
CN112566114B (en) WLAN (Wireless local area network) mesh network secure communication method based on block chain
CN116055136A (en) Secret sharing-based multi-target authentication method
CN113014376B (en) Method for safety authentication between user and server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination