CN117201033A - Blind signature device, system and method - Google Patents
Blind signature device, system and method Download PDFInfo
- Publication number
- CN117201033A CN117201033A CN202311179545.9A CN202311179545A CN117201033A CN 117201033 A CN117201033 A CN 117201033A CN 202311179545 A CN202311179545 A CN 202311179545A CN 117201033 A CN117201033 A CN 117201033A
- Authority
- CN
- China
- Prior art keywords
- signature
- blind
- blind signature
- private key
- sgx
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 238000004590 computer program Methods 0.000 claims description 22
- 230000004044 response Effects 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 abstract description 15
- 238000013461 design Methods 0.000 abstract description 4
- 238000004891 communication Methods 0.000 description 22
- 238000004422 calculation algorithm Methods 0.000 description 11
- 238000010586 diagram Methods 0.000 description 6
- 230000003993 interaction Effects 0.000 description 5
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The application belongs to the technical field of information security, and particularly relates to blind signature equipment, a blind signature system and a blind signature method. The blind signature device comprises a trusted authentication module, a decryption module and a blind signature module, wherein the trusted authentication module is used for determining an encryption public key and a decryption private key according to the random number. The decryption module is used for obtaining signature information according to the decryption private key and the ciphertext in the trusted computing environment. And the blind signature module is used for obtaining a blind signature according to the signature information and the signature private key. And generating an encryption public key and a decryption private key through a trusted authentication module, combining a ciphertext obtained by encrypting the signature information according to the encryption public key by the user equipment, restoring the ciphertext into the signature information through a decryption module by utilizing the decryption private key, and finally carrying out blind signature on the signature information through the signature private key in a blind signature module. The application avoids complex cryptography structure in the blind signature based on the trusted computing technology, so that the blind signature has higher operation efficiency, thereby reducing the design difficulty of the system.
Description
Technical Field
The application relates to the technical field of information security, in particular to blind signature equipment, a blind signature system and a blind signature method.
Background
The blind signature technique is a digital signature technique that allows a message owner to blind a message, then let the signer sign the blind message, and finally the message owner removes the blind factor from the signature to obtain the signature of the signer about the original message. Thus, the signer cannot see the specific content of the signed document, and secondly, after the signature is disclosed, the signer cannot track the signature.
Currently, more blind signature technologies are all based on cryptography, including blind signature technologies based on asymmetric encryption (RSA) algorithm, and the blind signature technologies need to set a very long key to ensure the security of the algorithm, so that the longer the key, the lower the operation efficiency and the larger the signature. There are also blind signature techniques based on elliptic curve public key cryptography algorithms (such as SM 2) or elliptic curve based digital signature algorithms (Elliptic Curve Digital Signature Algorithm, ECDSA), which require at least multiple interactions of the user with the signer to complete the signature.
Disclosure of Invention
The application provides a blind signature device, a blind signature system and a blind signature method, which realize that a user obtains a blind signature from a signer through a software protection extension (Software Guard eXtensions, SGX) trusted computing technology, and avoid a cryptography structure, thereby having higher operation efficiency.
The technical scheme is as follows:
in a first aspect, an embodiment of the present application provides a blind signature apparatus, including: the device comprises a trusted authentication module, a decryption module and a blind signature module. The trusted authentication module is used for determining an encryption public key and a decryption private key. For example, the trusted authentication module is used for determining an encryption public key and a decryption private key according to the random number.
The decryption module is used for obtaining signature information according to a decryption private key and a ciphertext in a trusted computing environment, the trusted computing environment is provided by blind signature equipment, the ciphertext is obtained by encrypting the signature information according to an encryption public key by user equipment, and the signature information is plaintext information which needs to be subjected to blind signature. The blind signature module is used for obtaining a blind signature according to the signature information and the signature private key in the trusted computing environment.
Optionally, the blind signature device is further configured to send a blind signature to the user equipment.
The blind signature device comprises a trusted authentication module, a decryption module and a blind signature module, wherein the trusted authentication module is used for generating an encrypted public key and a decrypted private key. Combining the ciphertext obtained by encrypting the signature information by the user equipment according to the encryption public key, restoring the ciphertext into the signature information by using the decryption private key through the decryption module, and finally carrying out blind signature on the signature information in the blind signature module through the signature private key. The application is applied to blind signature based on SGX trusted computing technology, avoids complex cryptography structure, has higher operation efficiency, thereby reducing the design difficulty of the system and greatly reducing the interaction times.
In a possible implementation manner of the first aspect, the trusted authentication module is further configured to generate an SGX report in response to the trusted authentication request message from the user equipment, where the SGX report carries the encrypted public key. The trusted authentication request message is used to request a blind signature.
In a second aspect, an embodiment of the present application provides a blind signature system, including a blind signature device and a user device. The blind signature device is used for determining a trusted computing environment, decrypting the ciphertext according to the decryption private key in the trusted computing environment, obtaining a blind signature and sending the blind signature to the user device. The user equipment is used for encrypting the signature information according to the encryption public key generated by the blind signature equipment to obtain a ciphertext and receiving the blind signature.
In a possible implementation manner of the second aspect, the user equipment is further configured to send a trusted authentication request message to the signing device, where the trusted authentication request message is used to request blind signing. The blind signature device is further configured to generate an SGX report according to the trusted authentication request message, where the SGX report includes the encrypted public key.
In a third aspect, an embodiment of the present application provides a blind signature method, applied to a blind signature device, where the method provided by the embodiment of the present application includes:
the blind signature device determining a decryption private key in the trusted computing environment and determining an SGX report, the SGX report including the encrypted public key;
the blind signature device sends an encrypted public key to the user device;
the blind signature device receives a ciphertext from the user device, and the ciphertext is obtained by encrypting signature information by the user device according to an encryption public key generated by the blind signature device;
the blind signature device decrypts the ciphertext according to the decryption private key in the trusted computing environment to obtain signature information;
the blind signature device determines a blind signature according to a signature private key and signature information, wherein the signature private key is generated by the signature device;
the blind signature device sends a blind signature to the user device.
In a possible implementation manner of the third aspect, before determining the decryption private key in the trusted computing environment and determining the SGX report, the method provided by the embodiment of the present application further includes:
the method comprises the steps that a blind signature device receives a trusted authentication request message from user equipment, wherein the trusted authentication request message is used for requesting blind signature;
the blind signature device invokes the trusted computing environment according to the trusted authentication request message and generates an SGX report.
In a possible implementation manner of the third aspect, determining the blind signature according to the signature private key and the signature information includes:
the blind signature device determines a first digital signature from the signature private key and the signature information,
the blind signature device determines a second digital signature based on the first digital signature, the first digital signature and the second digital signature being used to form the blind signature.
In a fourth aspect, an embodiment of the present application provides a blind signature method, which is used for a user equipment, where the method provided by the embodiment of the present application includes:
under the condition that the SGX report in the blind signature device is confirmed to be valid, the user device acquires an encryption public key from the blind signature device, wherein the SGX report comprises the encryption public key;
the user equipment receives an encrypted public key from the blind signature equipment;
the user equipment encrypts the signature information according to the encryption public key to obtain a ciphertext;
the user equipment sends ciphertext to the blind signature equipment;
the user device receives a blind signature from the blind signature device.
In a possible implementation manner of the fourth aspect, before confirming that the SGX report in the blind signature device is valid, the method provided by the embodiment of the present application further includes:
the user equipment sends a trusted authentication request message to the blind signature equipment, wherein the trusted authentication request message is used for requesting blind signature; and/or remotely authenticating the SGX report in the blind signature device to determine the validity of the SGX report.
In a possible implementation manner of the fourth aspect, the receiving, by the user equipment, the blind signature from the blind signature device includes:
the user equipment receives a first digital signature and a second digital signature from the blind signature equipment;
the user device determines a blind signature from the first digital signature and the second digital signature.
In a fifth aspect, an embodiment of the present application provides a computer device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, the processor implementing the blind signature method according to the third aspect or the blind signature method according to the fourth aspect when executing the computer program.
In a sixth aspect, embodiments of the present application provide a computer readable storage medium storing a computer program which, when executed by a processor, implements the blind signature method according to the third aspect, or the blind signature method according to the fourth aspect.
In a seventh aspect, the present application provides a computer program product comprising a computer program which, when run on a computer, causes the computer to perform the blind signature method of the third aspect or the blind signature method of the fourth aspect.
It will be appreciated that the advantages of the second, third, fourth, fifth, sixth and seventh aspects may be found in the relevant description of the first aspect and are not repeated here.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a blind signature system provided by an embodiment of the present application;
FIG. 2 is a schematic diagram of another blind signature system provided by an embodiment of the present application;
FIG. 3 is a flow chart of a blind signature method provided by an embodiment of the present application;
fig. 4 is a schematic flow chart of a blind signature method according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth such as the particular system architecture, techniques, etc., in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail, and in other instances, specific details of the technology in the various embodiments may be referenced to each other and specific systems not described in one embodiment may be referenced to other embodiments.
It should be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
Reference in the specification to "an embodiment of the application" or "some embodiments" or the like means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the application. Thus, appearances of the phrases "in other embodiments," "in an embodiment of the application," "other embodiments of the application," and the like in the specification are not necessarily all referring to the same embodiment, but mean "one or more, but not all, embodiments" unless expressly specified otherwise. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.
Furthermore, in the description of the present specification and the appended claims, the terms "first," "second," and the like are used merely to distinguish between descriptions and are not to be construed as indicating or implying relative importance.
Blind signature is a special digital signature technology adopted by a receiver under the condition that the receiver does not obtain the specific content of a signed message, so that a signed user cannot see the specific content of a signed file, a message is allowed to be blinded by a message owner, then the blinded message is signed by the signer, and finally a blind factor is removed from the signature by the message owner, so that the signature of the signer about the original message is obtained.
In some related technologies, a large number of blind signature technologies based on cryptography are used, and first, the blind signature technologies based on an RSA algorithm are used, and the blind signature technologies need to set a long key to ensure the algorithm security, and the longer the key is, the lower the operation efficiency is, and the larger the signature is. Second is a blind signature technique based on elliptic curve public key cryptography (e.g. SM 2) or elliptic curve digital signature algorithm (Elliptic Curve Digital Signature Algorithm, ECDSA), which requires at least multiple interactions of the user with the signer to complete the signature.
In order to solve the problems of low operation efficiency, poor safety coefficient and more interaction times caused by the fact that a user is required to set a long secret key through a complex cryptography structure in the current blind signature technology, the embodiment of the application provides blind signature equipment, a blind signature system and a blind signature method, and the blind signature can be obtained from a signature party by only using an SGX trusted computing technology.
As shown in fig. 1, fig. 1 is a schematic diagram of a blind signature system according to an embodiment of the present application, where the blind signature system includes a blind signature device 10 and a user device 20. The blind signature device 10 is used to send a blind signature to the user device 20.
The blind signature device 10 in the embodiment of the present application refers to an electronic device capable of carrying out blind signature, for example, may be a desktop computer, a portable computer, a network server, a palm computer, a mobile phone, a tablet computer, a wireless terminal device, a communication device, etc., which is not limited in the embodiment of the present application.
In the embodiment of the present application, the user equipment 20 may be a desktop computer, a portable computer, a network server, a palm computer, a mobile phone, a tablet computer, a wireless terminal device, a communication device, etc., which is not limited in the present application.
There may be a communication connection between the blind signature device 10 and the user device 20. For example, the blind signature device 10 may receive the trusted authentication request message sent by the user device 20 through the communication connection, and accordingly, the user device 20 may send the trusted authentication request message to the blind signature device 10 using the communication connection. Of course, the user device 20 may also obtain the encrypted public key from the blind signature device 10 via a communication connection, etc.
As an example, the blind signature device 10 and the user device 20 may be the same type of device, such as a computer, or may be different types of devices, which is not limited in the embodiment of the present application.
In one embodiment of the present application, as shown in fig. 1, the blind signature device 10 includes a trusted authentication module 101, a decryption module 102, and a blind signature module 103. The user device 20 comprises an encryption module 201.
The trusted authentication module 101 is configured to determine an encrypted public key and a decrypted private key. Such as a trusted authentication module 101, for determining an encrypted public key and a decrypted private key from a random number.
Wherein, the random number is a series of numbers randomly generated within a certain range, and the random number can form an encryption public key and a decryption private key.
The Public Key (PK) and the private key (SK) are a key pair obtained through an algorithm, the public key is a public part of the key pair, and the private key is a non-public part. The encryption public key is typically used to encrypt a session key, verify a digital signature, or encrypt data that may be decrypted with a corresponding decryption private key. Key pairs are typically unique and, when used, if a piece of data is encrypted with one of the keys (e.g., the encryption public key), it must be decrypted with the other key (e.g., the decryption private key).
For example, after the encryption module 201 in the user device 20 encrypts a piece of data a with the encryption public key pk, the decryption module 102 in the blind signature device 10 decrypts with the decryption private key sk paired with the encryption public key pk.
The decryption module 102 is configured to decrypt the ciphertext according to the decryption private key in the trusted computing environment to obtain the signature information. The trusted computing environment is provided by the blind signature device 10, and the ciphertext is obtained by the user device 20 encrypting the signature information according to the encryption public key. The encryption module 201 is configured to encrypt the signature information according to the encryption public key to generate ciphertext.
Wherein the trusted computing environment is an isolated environment generated by the blind signature device 10 based on SGX, and an application running in the isolated environment can be guaranteed not to be attacked and tampered by the outside.
Wherein the signature information, also referred to as plaintext information, is a meaningful set of characters or bits that are not encrypted, or information that is obtainable by some sort of published encoding standard. For example, the plaintext information may be a bit stream in a communication system, such as text, a bitmap, digitized speech, digitized video images, and the like.
The Ciphertext (CT) is the information obtained by encrypting the plaintext information.
For example, the user device 20 encrypts the plaintext information e via the encryption module 201 via the encryption public key pk to generate the ciphertext ct. The user device 20 then sends the ciphertext ct to the blind signature apparatus 10 via the communication module. Subsequently, after receiving the ciphertext ct, the blind signature apparatus 10 decrypts the ciphertext ct through the decryption module 102 by using the decryption private key sk, so as to restore the plaintext information e. Wherein the decryption private key sk and the encryption public key pk are a key pair.
The blind signature module 103 is configured to obtain a blind signature according to a signature private key and signature information in a trusted computing environment, where the signature private key is generated by the blind signature device 10.
The signature private key is used for performing blind signature on the signature information, and may be generated by the blind signature device 10 or generated by a digital certificate owner, which is not limited in the present application.
For example, the blind signature module 103 may blindly sign the plaintext information e by the signature private key d. Wherein the blind signature device 10 is unable to obtain its actual content, since the content of the plaintext information e is always in a trusted computing environment.
Optionally, the user device 20 may further comprise a communication module for communicating with the blind signature device 10.
The application provides blind signature equipment, which comprises a trusted authentication module 101, a decryption module 102 and a blind signature module 103, wherein an encrypted public key and a decrypted private key are generated through the trusted authentication module 101. In combination with the ciphertext obtained by encrypting the signature information by the user equipment 20 according to the encryption public key, the ciphertext is restored to the signature information by the decryption module 102 by using the decryption private key, and finally the signature information is blindly signed by the signature private key in the blind signature module 103. The application is applied to blind signature based on SGX trusted computing technology, avoids complex cryptography structure, has higher operation efficiency, thereby reducing the design difficulty of the system and greatly reducing the interaction times.
In one embodiment of the present application, the trusted authentication module 101 is further configured to generate an SGX report according to the trusted authentication request message. The trusted authentication request message is used to request a blind signature. The encrypted public key is appended to the SGX report.
As an example, the blind signature device 10 generates the encrypted public key pk and the decrypted private key sk in the trusted computing environment upon receipt of the trusted authentication request message, and then the blind signature module 103 invokes an SGX hardware instruction set (such as enclu [ error ]), which is used to disclose the encrypted public key pk and append to the SGX report.
Optionally, the blind signature device 10 and the user device 20 provided in the embodiments of the present application may further include a communication module, as shown in fig. 2. The communication module is used for communication between the blind signature device 10 and the user device 20, or communication between the blind signature device 10 and other devices, or communication between the user device 20 and other devices.
For example, the user equipment 20 obtains signature information through the communication module; or the blind signature device 10 transmits the encrypted public key to the user device 20 through the communication module, and accordingly, the user device 20 receives the encrypted public key from the blind signature device 10 through the communication module.
Based on the blind signature system described in the above embodiment, the embodiment of the application provides a blind signature method. Referring to fig. 3, fig. 3 is a schematic diagram of a blind signature method according to an embodiment of the present application, which is applied to a blind signature device 10, and includes:
step S301, the blind signature device 10 determines a decryption private key in the trusted computing environment and determines an SGX report. Wherein the SGX report includes the encrypted public key.
For example, the trusted authentication module 101 in the blind signature device 10 generates an SGX report. In other words, the trusted authentication module 101 generates the encrypted public key pk and the decrypted private key sk, and attaches the encrypted public key pk to the SGX report for disclosure, and saves the decrypted private key sk in the trusted computing environment.
Step S302, the blind signature device 10 transmits the encrypted public key to the user device 20. Accordingly, the user device 20 receives the encrypted public key from the blind signature device 10.
For example, the encryption module 201 in the user equipment 20 receives an SGX report from the trusted authentication module 101 in the blind signature device 10, and the SGX report is attached with the encrypted public key pk.
The user device 20 is further configured to obtain signature information, and send the signature information to the encryption module 201. It may be understood that the signature information acquired by the ue 20 may be acquired by the encryption module 201, or may be acquired by another module of the ue 20, where the other module acquisition is sent to the encryption module 201, which is not limited herein. Wherein other modules are not limited in the present application.
Step S303, the blind signature device 10 receives the ciphertext from the user device 20. Wherein the ciphertext is obtained by encrypting the signature information by the user equipment 20 according to the encryption public key generated by the blind signature device 10. Accordingly, the user device 20 transmits ciphertext to the blind signature apparatus 10.
For example, the encryption module 201 in the user device 20 encrypts the plaintext information e into the ciphertext ct according to the encryption public key pk and the plaintext information e, and then sends the ciphertext ct to the blind signature apparatus 10.
For example, the decryption module 102 of the blind signature device 10 receives ciphertext ct from the user device 20 (e.g., the encryption module 201).
In step S304, the blind signature device 10 decrypts the ciphertext according to the decryption private key in the trusted computing environment to obtain the signature information.
Wherein, in the blind signature device 10, the trusted authentication module 101 is further configured to provide the decryption private key to the decryption module 102.
For example, the decryption module 102 in the blind signature device 10 restores the ciphertext ct to the plaintext information e according to the decryption private key sk and the ciphertext ct.
Step S305, the blind signature device 10 determines a blind signature from the signature private key and the signature information. Wherein the signature private key is generated by the blind signature device 10.
As an example, the blind signature module 103 in the blind signature device 10 determines a first digital signature from the signature private key and the signature information, and then determines a second digital signature from the first digital signature.
For example, taking signature information as plaintext information e as an example, the blind signature module 103 determines a first digital signature r according to a random number, and then determines a second digital signature s according to the first digital signature r, the random number k, the signature private key d and the plaintext information e in a trusted computing environment. The blind signature is then composed of the first digital signature r and the second digital signature s.
Step S306, the blind signature device 10 transmits the blind signature to the user device 20. Accordingly, the user device 20 receives the blind signature from the blind signature device 10.
As an example, taking the blind signature system receiving signature information as plaintext information e as an example, the encryption module 201 in the user equipment 20 obtains the plaintext information e. The trusted authentication module 101 in the blind signature device 10 generates an SGX report, where the SGX report includes the encrypted public key pk and the decrypted private key sk, and the trusted authentication module 101 in the blind signature device 10 sends the encrypted public key pk to the encryption module 201 and sends the decrypted private key sk to the decryption module 102. The encryption module 201 generates ciphertext ct from the encrypted public key pk and the plaintext information e. The encryption module 201 sends the ciphertext ct to the decryption module 102, and after the decryption module 102 receives the ciphertext ct, the decryption module restores the ciphertext ct to plaintext information e according to the decryption private key sk, and sends the plaintext information e to the blind signature module 103. The blind signature apparatus 10 acquires the signature private key d, and transmits the signature private key d to the blind signature module 103, and the blind signature module 103 blindly signs the plaintext information e using the signature private key d. The blind signature module 103 sends the blind signature to the user device 20.
The signature private key d may be generated by the blind signature device 10, or may be generated by another trusted third party and sent to the blind signature device 10, which is not limited in the embodiment of the present application.
In one embodiment of the present application, before the blind signature device 10 determines the decryption private key in the trusted computing environment and determines the SGX report, the method provided by the embodiment of the present application further includes:
the user device 20 sends a trusted authentication request message to the blind signature device 10. Accordingly, the blind signature device 10 receives the trusted authentication request message from the user device 20. The trusted authentication request message is used to request a blind signature.
The blind signature device 10 invokes the trusted computing environment to generate an SGX report in accordance with the trusted authentication request message.
As an example, the user equipment 20 sends a trusted authentication request message to the blind signature device 10, from which the blind signature device 10 generates an SGX report including the encrypted public key pk and the decrypted private key sk, and the user equipment 20 also needs to confirm the validity of the SGX report using remote authentication before receiving the encrypted public key pk, to confirm the application logic that is properly running inside the SGX, thereby determining the validity of the encrypted public key pk. After the user equipment 20 confirms that the SGX report is valid, the blind signature device 10 transmits the encryption public key pk to the user equipment 20.
Alternatively, in the case where the user equipment 20 does not request blind signature for the first time, the user equipment 20 may omit the step of transmitting a trusted authentication request message to the blind signature device 10 to request blind signature.
As an example, the user device 20 may send a trusted authentication request message to the blind signature device 10 to request blind signatures in case blind signatures are requested to the blind signature device 10 for the first time. Or the user equipment 20 may send a trusted authentication request message to the blind signature device 10 to request blind signatures each time a blind signature is requested to the blind signature device 10. The embodiment of the present application is not limited thereto.
It should be noted that, after the blind signature device 10 receives the trusted authentication request message from the user device 20 for the first time, the blind signature device 10 generates an SGX report including an encrypted public key and a decrypted private key, and the validity of the SGX report is confirmed by the user device 20 using remote authentication, which is performed when the blind signature system requests blind signature for the first time. In other words, if the user equipment 20 does not request a blind signature request for the first time, the SGX report in the blind signature device 10 remains, i.e., the encryption public key and the decryption private key remain in the blind signature device 10.
For example, in the case where the user device 20 requests blind signing for the second time, the user device 20 sends information requesting blind signing to the blind signing device 10, the blind signing device 10 directly sends an encrypted public key pk to the user device 20, the user device 20 encrypts plaintext information e using the encrypted public key pk to generate ciphertext ct, sends the ciphertext ct to the blind signing device 10, the blind signing device 10 restores the ciphertext ct to plaintext information e according to the decrypted private key sk, and performs blind signing to the plaintext information e using the signature private key d, and finally sends blind signing to the user device 20.
It should be noted that, for the blind signature device 10, if information of a blind signature that is not requested for the first time from the user device 20 is received, the SGX report may not be generated, or the SGX report may be generated each time the information of a blind signature that is requested for the user device 20 is received, which is not limited in the embodiment of the present application.
In one embodiment of the application, determining a blind signature from a signature private key and signature information comprises: the blind signature device 10 determines a first digital signature from the random number; the blind signature device 10 determines a second digital signature from the first digital signature, the signature private key, and the signature information, wherein the first digital signature and the second digital signature are used to make up the blind signature.
It will be appreciated that in blind signature techniques the signer should not know the content of the signed signature information, but that directly computing the first digital signature and the second digital signature requires knowledge of the content of the signature information. In the embodiment of the present application, in the trusted computing environment, the blind signature device 10 determines the second digital signature according to the signature private key and the signature information, and the content of the signature information is always in the trusted computing environment, so that the signer cannot acquire the real content thereof.
As an example, the calculation formula of the first digital signature r is: r=kg and the number of the cells to be processed,
where k is a random number and G is an elliptic curve base point.
As an example, the second digital signature s is calculated by the formula: s= (rd+e) k-1,
where d is the signature private key and e is the signature information.
Referring to fig. 4, fig. 4 is a schematic flow chart of a blind signature method according to an embodiment of the present application, including: the user equipment 20 determines the validity of the SGX report in the blind signature device from the remote authentication, the SGX report including the encrypted public key; the user device 20 receives the encrypted public key from the blind signature device 10; the user equipment 20 encrypts the signature information according to the encryption public key to obtain a ciphertext; the user device 20 sends the ciphertext to the blind signature device 10; the user device 20 receives the blind signature from the blind signature device 10.
In one embodiment of the present application, before the user equipment 20 confirms the validity of the SGX report in the blind signature device 10, the method provided by the embodiment of the present application further includes: the user equipment 20 sends a trusted authentication request message to the blind signature equipment 10, wherein the trusted authentication request message is used for requesting blind signature; and/or the user equipment 20 remotely authenticates the SGX report in the blind signature device 10 to determine the validity of the SGX report.
In one embodiment of the application, the user device 20 receives the first digital signature and the second digital signature from the blind signature device 10 and determines the blind signature from the first digital signature and the second digital signature.
For example, the user device 20 receives a blind signature from the blind signature device 10, including a first digital signature r and a second digital signature s, and the user device 20 assembles the first digital signature r and the second digital signature s to obtain the blind signature generated by the blind signature device 10.
In one embodiment of the application, the trusted authentication module 101 in the blind signature device 10 is used to determine to establish a trusted computing environment in which to generate an encrypted public key and a decrypted private key. Wherein the decryption module 102 and the blind signature module 103 also perform operations in a trusted computing environment.
As an example, as shown in fig. 4, taking the example that the user equipment 20 requests blind signing for the first time, the user equipment 20 sends a trusted authentication request message to the blind signing device 10. The user equipment 20 acquires the plaintext information e, generates an SGX report in the blind signature device 10, the SGX report including the encrypted public key pk, and the user equipment 20 determines validity of the SGX report using remote authentication. In case the SGX report is valid, the blind signature device 10 sends the encrypted public key pk to the user device 20. The blind signature device 10 invokes the trusted computing enclave into the trusted computing environment. The user equipment 20 encrypts the plaintext information e according to the encryption public key pk to generate a ciphertext ct, then the user equipment 20 sends the ciphertext ct to the blind signature equipment 10, and after the blind signature equipment 10 receives the ciphertext ct, the ciphertext ct is restored to the plaintext information e according to the decryption private key sk in the trusted computing environment. The blind signature device 10 generates a signature private key d, and determines a blind signature using the signature private key d and the plaintext information e in a trusted computing environment. For example, the blind signature device 10 calculates a first digital signature r=kg and a second digital signature s= (rd+e) k-1, and sends the first digital signature r and the second digital signature s to the user device 20, and the user device 20 assembles the first digital signature r and the second digital signature s to obtain the blind signature. After the user device 20 obtains the blind signature, the blind factor may be removed from the blind signature, thereby obtaining a signature of the blind signature device 10 with respect to the plaintext information e.
Fig. 5 is a schematic structural diagram of a computer device according to an embodiment of the present application. As shown in fig. 5, the computer device 501 includes: the steps in the methods in the embodiments described above are implemented by the processor 5011, the memory 5012, and the computer program 5013 stored in the memory 5012 and executable on the processor 5011, when the processor 5011 executes the computer program 5013.
The computer device 501 may be a general purpose computer device or a special purpose computer device. In a specific implementation, the computer device 501 may be a desktop, a portable computer, a network server, a palmtop, a mobile phone, a tablet, a wireless terminal device, a communication device, or an embedded device, and embodiments of the present application are not limited to the type of computer device 501. It will be appreciated by those skilled in the art that fig. 5 is merely an example of a computer device 501 and is not meant to be limiting of the computer device 501, and may include more or fewer components than shown, or may combine certain components, or different components, such as may also include input-output devices, network access devices, etc.
The processor 5011 may be a central processing unit (Central Processing Unit, CPU), the processor 5011 may also be other general purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), off-the-shelf programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. The general purpose processor may be a microprocessor or may be any conventional processor.
The memory 5012 may be an internal storage unit of the computer device 501 in some embodiments, such as a hard disk or memory of the computer device 501. The memory 5012 may also be an external storage device of the computer device 501 in other embodiments, such as a plug-in hard disk, smart Media Card (SMC), secure Digital (SD) Card, flash memory Card (Flash Card) or the like, which are provided on the computer device 501. Further, the memory 5012 may also include both internal storage units and external storage devices of the computer device 501. The memory 5012 is used to store an operating system, application programs, boot loader (BootLoader), data, and other programs, and the like. The memory 5012 may also be used to temporarily store data that has been output or is to be output.
Embodiments of the present application also provide a computer readable storage medium storing a computer program which, when executed by a processor, performs the steps of the above-described embodiments of the blind signature method.
Embodiments of the present application provide a computer program product which, when run on a computer device, causes the computer device to perform the blind signature method of the above embodiments.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present application may implement all or part of the flow of the above-described method embodiments, and may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and where the computer program, when executed by a processor, may implement the steps of the above-described method embodiments. Wherein the computer program comprises computer program code which may be in the form of source code, object code, executable files or in some intermediate form, etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to a photographing apparatus/terminal device, recording medium, computer Memory, ROM (Read-Only Memory), RAM (Random Access Memory ), CD-ROM (Compact Disc Read-Only Memory), magnetic tape, floppy disk, optical data storage device, and so forth. The computer readable storage medium mentioned in the present application may be a non-volatile storage medium, in other words, a non-transitory storage medium.
The embodiment of the application also provides a chip, which comprises a processor, wherein the processor is coupled with a communication interface, and the processor is used for running a computer program or instructions to realize the blind signature method as in the embodiment, and the communication interface is used for communicating with other modules outside the chip.
It should be understood that all or part of the steps to implement the above-described embodiments may be implemented by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. The computer instructions may be stored in the computer-readable storage medium described above.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided by the present application, it should be understood that the disclosed apparatus/computer device and method may be implemented in other manners. For example, the apparatus/computer device embodiments described above are merely illustrative, e.g., the division of modules or units is merely a logical functional division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via interfaces, devices or units, which may be in electrical, mechanical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.
Claims (12)
1. A blind signature device, the device comprising: the device comprises a trusted authentication module, a decryption module and a blind signature module;
the trusted authentication module is used for determining an encrypted public key and a decrypted private key;
the decryption module is used for obtaining signature information according to the decryption private key and ciphertext in a trusted computing environment, the trusted computing environment is provided by the blind signature device, and the ciphertext is obtained by encrypting the signature information by user equipment according to the encryption public key;
and the blind signature module is used for obtaining a blind signature according to the signature information and the signature private key in the trusted computing environment.
2. The apparatus of claim 1, wherein the trusted authentication module is further configured to generate an SGX report in response to a trusted authentication request message from the user device, the SGX report carrying the encrypted public key;
the trusted authentication request message is for requesting the blind signature.
3. The blind signature system is characterized by comprising blind signature equipment and user equipment, wherein the blind signature equipment is used for determining a trusted computing environment, decrypting ciphertext according to a decryption private key in the trusted computing environment to obtain a blind signature and sending the blind signature to the user equipment;
the user equipment is used for obtaining the ciphertext according to the encryption public key encryption signature information generated by the blind signature equipment and receiving the blind signature.
4. The system of claim 3, wherein the user device is further configured to send a trusted authentication request message to the signing device, the trusted authentication request message being configured to request the blind signature;
the blind signature device is further configured to generate an SGX report according to the trusted authentication request message, where the SGX report includes the encrypted public key.
5. A blind signature method for a blind signature device, the method comprising:
determining a decryption private key in a trusted computing environment, and determining an SGX report, the SGX report including an encrypted public key;
transmitting the encrypted public key to user equipment;
receiving ciphertext from the user equipment, wherein the ciphertext is obtained by encrypting signature information by the user equipment according to an encryption public key generated by the blind signature equipment;
decrypting the ciphertext according to the decryption private key in the trusted computing environment to obtain the signature information;
determining a blind signature according to a signature private key and the signature information, wherein the signature private key is generated by blind signature equipment;
and sending the blind signature to the user equipment.
6. The method of claim 5, wherein prior to determining the decryption private key in the trusted computing environment and determining the SGX report, the method further comprises:
receiving a trusted authentication request message from the user equipment, wherein the trusted authentication request message is used for requesting the blind signature;
and calling the trusted computing environment according to the trusted authentication request message, and generating the SGX report.
7. The method of claim 5, wherein determining a blind signature from the signature private key and the signature information comprises:
determining a first digital signature from the signature private key and the signature information,
and determining a second digital signature according to the first digital signature, wherein the first digital signature and the second digital signature are used for forming the blind signature.
8. A method of blind signing for a user device, the method comprising:
in the case of confirming that an SGX report in a blind signature device is valid, obtaining an encrypted public key from the blind signature device, the SGX report including the encrypted public key;
encrypting the signature information according to the encryption public key to obtain a ciphertext;
sending the ciphertext to the blind signature device;
a blind signature from the blind signature device is received.
9. The method of claim 8, wherein prior to confirming that the SGX report in the blind signature device is valid, the method further comprises:
sending a trusted authentication request message to the blind signature device, wherein the trusted authentication request message is used for requesting the blind signature; and/or remotely authenticating the SGX report in the blind signature device to determine the validity of the SGX report.
10. The method of claim 8 or 9, wherein receiving a blind signature from the blind signature device comprises:
receiving a first digital signature and a second digital signature from the blind signature device;
the blind signature is determined from the first digital signature and the second digital signature.
11. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the blind signature method according to any one of claims 5 to 7 or the blind signature method according to any one of claims 8 to 10 when the computer program is executed.
12. A computer readable storage medium storing a computer program, characterized in that the computer program, when executed by a processor, implements the blind signature method according to any one of claims 5 to 7 or the blind signature method according to any one of claims 8 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311179545.9A CN117201033A (en) | 2023-09-13 | 2023-09-13 | Blind signature device, system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311179545.9A CN117201033A (en) | 2023-09-13 | 2023-09-13 | Blind signature device, system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117201033A true CN117201033A (en) | 2023-12-08 |
Family
ID=88984642
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311179545.9A Pending CN117201033A (en) | 2023-09-13 | 2023-09-13 | Blind signature device, system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117201033A (en) |
-
2023
- 2023-09-13 CN CN202311179545.9A patent/CN117201033A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109067524B (en) | Public and private key pair generation method and system | |
| CN107483212B (en) | Method for generating digital signature by cooperation of two parties | |
| CN108809646B (en) | Secure shared key sharing system | |
| US10853497B2 (en) | Method and system for providing an update of code on a memory-constrained device | |
| CN110868291B (en) | Data encryption transmission method, device, system and storage medium | |
| CN110690956B (en) | Bidirectional authentication method and system, server and terminal | |
| US11888832B2 (en) | System and method to improve user authentication for enhanced security of cryptographically protected communication sessions | |
| CN113572743B (en) | Data encryption and decryption methods and devices, computer equipment and storage medium | |
| CN110598429B (en) | Data encryption storage and reading method, terminal equipment and storage medium | |
| CN113811874A (en) | Encrypted data verification method | |
| CN111970114A (en) | File encryption method, system, server and storage medium | |
| CN107947939A (en) | Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms | |
| CN111177748A (en) | Fingerprint storage encryption method, device and system | |
| CN114205142A (en) | Data transmission method and device, electronic equipment and storage medium | |
| US20160148002A1 (en) | Key storage apparatus, key storage method and program therefor | |
| CN111836260B (en) | Authentication information processing method, terminal and network equipment | |
| CN116962067A (en) | Information encryption method, device and equipment | |
| KR102523416B1 (en) | Security Device providing Security function for image, Camera Device having the same and System on Chip controlling Camera Device | |
| JP2003234734A (en) | Mutual authentication method, server device, client device, mutual authentication program and storage medium stored with mutual authentication program | |
| CN114553566B (en) | Data encryption method, device, equipment and storage medium | |
| CN115549910A (en) | Data transmission method, equipment and storage medium | |
| US11570008B2 (en) | Pseudonym credential configuration method and apparatus | |
| CN115442046A (en) | Signature method, signature device, electronic equipment and storage medium | |
| CN112560050B (en) | Secure electronic certificate issuing method, secure electronic certificate issuing device, terminal equipment and storage medium | |
| CN114650181A (en) | E-mail encryption and decryption method, system, equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |