Nothing Special   »   [go: up one dir, main page]

CN116915409A - Linkable double-ring signature method and system based on identification - Google Patents

Linkable double-ring signature method and system based on identification Download PDF

Info

Publication number
CN116915409A
CN116915409A CN202310650815.3A CN202310650815A CN116915409A CN 116915409 A CN116915409 A CN 116915409A CN 202310650815 A CN202310650815 A CN 202310650815A CN 116915409 A CN116915409 A CN 116915409A
Authority
CN
China
Prior art keywords
ring member
private key
user
signature
member node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310650815.3A
Other languages
Chinese (zh)
Inventor
杨晨
晏敏
成奇
丰梦琪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inner Mongolia Digital Economy Security Technology Co ltd
Inner Mongolia Zheyuan Network Security Technology Co ltd
Institute of Software of CAS
Original Assignee
Inner Mongolia Digital Economy Security Technology Co ltd
Inner Mongolia Zheyuan Network Security Technology Co ltd
Institute of Software of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inner Mongolia Digital Economy Security Technology Co ltd, Inner Mongolia Zheyuan Network Security Technology Co ltd, Institute of Software of CAS filed Critical Inner Mongolia Digital Economy Security Technology Co ltd
Priority to CN202310650815.3A priority Critical patent/CN116915409A/en
Publication of CN116915409A publication Critical patent/CN116915409A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a method and a system for a linkable double-ring signature based on identification, wherein the method comprises the following steps: acquiring a main public and private key pair; user identity ID based on primary private key and said ring member node j j Generating a user private key sk of the ring member node j j The method comprises the steps of carrying out a first treatment on the surface of the When a ring member node j signs a message, calculating a link label I based on the user identity and the user private key of the ring member node in the ring member list, and outputting the signature sigma of the message according to the link label I, the main public key and the user private keys of all ring member nodes; verifying the signature σ. The application effectively reduces the consumption of bandwidth resources, and makes the scheme easy to deploy, manage and realize.

Description

Linkable double-ring signature method and system based on identification
Technical Field
The disclosure relates to the technical field of information security, in particular to a method and a system for a linkable double-ring signature based on identification.
Background
The linkable ring signature (Linkable Ring Signature; LRS) is a special ring signature technology, and besides the non-counterfeitability and anonymity of the ring signature, the method can link the signatures signed by the same signer, is widely applied to scenes such as electronic voting, electronic anonymity election and the like, and solves the problem of repeated voting or multiple elections. Although existing linkable ring signature schemes effectively reduce signature length by employing a dual ring technique (dual). However, these schemes involve a process of exchanging digital certificates and public keys, require consuming higher bandwidth resources, and involve cumbersome certificate management issues.
To above-mentioned problem, this patent has designed a can link dicyclo signature scheme based on the sign cryptograph, not only can effectively reduce the signature size, and the communication both sides need not to exchange public key certificate and save the secret key directory moreover, can safe generation and verify the signature.
Disclosure of Invention
The application aims at a linkable double-ring signature scheme based on identification, and aims to solve the problems that the existing linkable double-ring signature involves complicated digital certificate exchange, large signature length and the like, effectively reduces bandwidth resource consumption, and enables the scheme to be easy to deploy, manage and realize.
The technical scheme of the application comprises the following steps:
a linkable dual ring signature method based on identification, applied to a ring member node j in a ring member list, the method comprising:
acquiring a main public and private key pair; wherein the primary public-private key pair is generated by a trusted central node;
user identity ID based on primary private key and said ring member node j j Generating a user private key sk of the ring member node j j
When the ring member node j signs a message, calculating a link label I based on the user identity and the user private key of the ring member node in the ring member list, and outputting a signature sigma of the message according to the link label I, the main public key and the user private keys of all ring member nodes;
verifying the signature σ.
Further, the master public-private key pair is generated by a trusted central node, comprising:
acquiring system parameter lambda and selecting a random numberWherein (1)>Represents an integer set consisting of integers 0,1,2, …, q-1, q representing a large prime number;
the random number x is taken as the value of the master private key sk, and the master public key pk=g is calculated x The method comprises the steps of carrying out a first treatment on the surface of the Wherein g represents the multiplication cycle groupIs a generator of (1).
Further, the user identity ID based on the master private key and the ring member node j j Generating a user private key sk of the ring member node j j Comprising:
selecting a random numberWherein (1)>Represents an integer set consisting of integers 0,1,2, …, q-1, q representing a large prime number;
computing a first portion K of a user private key j =g l The method comprises the steps of carrying out a first treatment on the surface of the Wherein g represents the multiplication cycle groupIs a generator of (1);
computing a first portion K of the user private key j And user identity ID j A hash value h of (a);
calculating a second portion d of the user's private key j =l+xh (mod q); wherein x represents the value of the master private key sk;
user private key sk of output ring member node j j =(K j ,d j )。
Further, the calculating the link label I based on the user identity and the user private key of the ring member node in the ring member list includes:
acquiring ring member listsWhere n represents the number of ring member nodes in the ring member list, ID i Representing the user identity, K, of the ith ring member node i Representing a first portion of a user private key of an ith ring member node as a user identification of the ith ring member node;
generating parameters based on user identifications of all ring member nodesAnd calculates the parameter +.>A hash value u of (a);
computing link labels
Further, the outputting the signature σ of the message according to the link label I, the master public key and the private keys of the users of all ring member nodes includes:
selecting random numbersRandom number set +.>Wherein the random number setComprises n-1 random numbers c i
Calculating intermediate parametersWherein g r R times representing group element g, pk represents the master public key, +>Representing bit strings of arbitrary length {0,1} * Mapping to integer set->A secure cryptographic hash function thereon;
calculating an intermediate parameter based on the random number r, the hash value u and the link label I
Calculating message m, parametersHash values c of the intermediate parameter R and the intermediate parameter T;
based on the hash value c and the set of random numbersObtaining an intermediate reference value c for signing by the ring member node j j
Aggregating the random numbersAs a first part of the signature sigma, taking an intermediate parameter s as a second part of the signature sigma, and taking the link tag I as a third part of the signature sigma; wherein the intermediate parameter s=r-c j ·d j (mod q)。
Further, said verifying said signature σ comprises:
generating parameters based on user identifications of all ring member nodesAnd calculates the parameter +.>Hash value of (a)
Calculating intermediate parametersAnd intermediate parameters->
Calculating message m, parametersHash values c ' of the intermediate parameter R ' and the intermediate parameter T ';
at the hash valueIn the case of (2), the signature sigma verification is successful.
A linkable dual ring signature device based on an identity, the device being disposed in a ring member node j, the device comprising:
the key acquisition module is used for acquiring a main public key pair and a private key pair; wherein the primary public-private key pair is generated by a trusted central node;
a private key generation module for generating a private key based on the primary private key and the user identity ID of the ring member node j j Generating a user private key sk of the ring member node j j
The signature generation module is used for calculating a link label I based on the user identity and the user private key of the ring member node in the ring member list when the ring member node j signs a message, and outputting the signature sigma of the message according to the link label I, the main public key and the user private keys of all ring member nodes;
and the signature verification module is used for verifying the signature sigma.
An identity-based linkable dual ring signature system, the system comprising:
a plurality of ring member nodes; wherein each ring member node j is configured to:
acquiring a main public and private key pair; wherein the primary public-private key pair is generated by a trusted central node;
user identity ID based on primary private key and said ring member node j j Generating a user private key sk of the ring member node j j
When the ring member node j signs a message, calculating a link label I based on the user identity and the user private key of the ring member node in the ring member list, and outputting a signature sigma of the message according to the link label I, the main public key and the user private keys of all ring member nodes;
verifying the signature σ.
A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the method of any of the preceding claims when executing the computer program.
A computer readable storage medium having stored thereon computer program instructions, which when executed implement the method of any of the preceding claims.
Compared with the prior art, the application can have the following beneficial effects:
at present, the identification password is combined with the single ring signature, and the existing linkable double ring signature has the processes of exchanging digital certificates and public keys, so that higher bandwidth resources are required to be consumed, and the problems of complicated certificate management are involved, so that the safe and efficient development requirements are difficult to meet.
The application designs a linkable double-ring signature scheme based on the identification password algorithm, which not only can effectively reduce the signature size, but also can effectively reduce the signature sizeBecause the user identity is the public information such as mail address, mobile phone number, QQ number, identity card code, etc. in practice, and the K in the private key information i Is publicable, so that the signature can be safely generated and verified without exchanging public key certificates and saving a key catalog.
Drawings
FIG. 1 is a flowchart illustrating an identification-based linkable dual ring signature method, according to an example embodiment.
Detailed Description
The following detailed description of the present application is provided in connection with the examples and the accompanying drawings, which illustrate only one possible embodiment of the application, but not all possible embodiments, and are not intended to limit the application.
The application mainly comprises four parts of key generation (KGen), identification encryption (Extract), signature (Sign) and verification (Verify). The method comprises the following steps:
algorithm 1. Key generation (KGen): inputting system parameter lambda, randomly selectingCalculation of y=g x The algorithm outputs the primary private key sk=x and the primary public key pk=y of the sender. Wherein (1)>Is an integer set consisting of integers 0,1,2, …, q-1, q is a large prime number, g is a multiplication cycle group +.>Is a generator of (1).
Algorithm 2. Identification key extraction (Extract): input master private key sk and user identity ID a Randomly selectComputing a first portion K of a user private key a =g l Master private key sk and user identity ID a Hash value +.>Second portion d of user private key a =l+xh (mod q), outputting the user private key sk a =(K a ,d a ). Wherein mod q is a modulo q operation, +.>Representing bit strings of arbitrary length {0,1} * Mapping to integer set->A secure cryptographic hash function thereon.
Algorithm 3 signature (Sign):
step 3.1: inputting user private key sk j =(K j ,d j ) List of ring membersMessage m. Calculating a hash value of a first part of a user private key +.>Wherein the application uses the first part K of the private key of the user i As user identification, ID i Representing the user identity of ring member i, n representing the number of ring member users, 1<i<n。
Step 3.2: computing link labels
Step 3.3: randomly selecting random numbersCalculate-> And s=r-c j ·d j (mod q). Wherein g r R times of group element g>Representing the identity K by a user in a ring member list i The vector, j, represents the signer number, 1<j<n,/>C, for the random number selected in the calculation process j Computationally generated R, T is an intermediate value and s is part of the signature result.
Step 3.4: output signature σ= (c) 1 ,…c n ,s,I)。
Algorithm 4. Verify (Verify): inputting signature sigma to be verified, ring member listMessage m. Calculation of If it isAlgorithm output 1 indicates that verification is successful, otherwise output 0.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. The embodiments are to be considered as illustrative only, and the present disclosure is not limited to the precise construction that has been described above and shown in the accompanying drawings, and various modifications and changes may be made without departing from the scope thereof.

Claims (10)

1. A method of identity-based linkable dual ring signature applied to a ring member node j in a ring member list, the method comprising:
acquiring a main public and private key pair; wherein the primary public-private key pair is generated by a trusted central node;
user identity ID based on primary private key and said ring member node j j Generating a user private key sk of the ring member node j j
When the ring member node j signs a message, calculating a link label I based on the user identity and the user private key of the ring member node in the ring member list, and outputting a signature sigma of the message according to the link label I, the main public key and the user private keys of all ring member nodes;
verifying the signature σ.
2. The method of claim 1, wherein the master public-private key pair is generated by a trusted central node, comprising:
acquiring system parameter lambda and selecting a random numberWherein (1)>Represents an integer set consisting of integers 0,1,2, …, q-1, q representing a large prime number;
the random number x is taken as the value of the master private key sk, and the master public key pk=g is calculated x The method comprises the steps of carrying out a first treatment on the surface of the Wherein g represents the multiplication cycle groupIs a generator of (1).
3. The method of claim 1, wherein the user ID based on a master private key and the ring member node j j Generating a user private key sk of the ring member node j j Comprising:
selecting a random numberWherein (1)>Represents an integer set consisting of integers 0,1,2, …, q-1, q representing a large prime number;
computing a first portion K of a user private key j =g l The method comprises the steps of carrying out a first treatment on the surface of the Wherein g represents the multiplication cycle groupIs a generator of (1);
computing a first portion K of the user private key j And user identity ID j A hash value h of (a);
calculating a second portion d of the user's private key j =l+xh (mod q); wherein x represents the value of the master private key sk;
user private key sk of output ring member node j j =(K j ,d j )。
4. The method of claim 3, wherein the calculating a link label I based on the user identity and the user private key of the ring member node in the ring member list comprises:
acquiring ring member listsWhere n represents the number of ring member nodes in the ring member list, ID i Representing the user identity, K, of the ith ring member node i Representing a first portion of a user private key of an ith ring member node as a user identification of the ith ring member node;
generating parameters based on user identifications of all ring member nodesAnd calculates the parameter +.>A hash value u of (a);
computing link labels
5. The method of claim 4, wherein outputting the signature σ of the message based on the link ticket I, a master public key, and user private keys of all ring member nodes, comprises:
selecting random numbersRandom number set +.>Wherein the set of random numbers +.>Comprises n-1 random numbers c i
Calculating intermediate parametersWherein g r R times representing group element g, pk represents the master public key, +>Representing bit strings of arbitrary length {0,1} * Mapping to integer set->A secure cryptographic hash function thereon;
calculating an intermediate parameter based on the random number r, the hash value u and the link label I
Calculating message m, parametersHash values c of the intermediate parameter R and the intermediate parameter T;
based on the hash value c and the set of random numbersObtaining an intermediate reference value c for signing by the ring member node j j
Aggregating the random numbersAs a first part of the signature sigma, taking an intermediate parameter s as a second part of the signature sigma, and taking the link tag I as a third part of the signature sigma; wherein the intermediate parameter s=r-c j ·d j (mod q)。
6. The method of claim 5, wherein said verifying said signature σ comprises:
generating parameters based on user identifications of all ring member nodesAnd calculates the parameter +.>Hash value +.>
Calculating intermediate parametersAnd intermediate parameters->
Calculating message m, parametersHash values c ' of the intermediate parameter R ' and the intermediate parameter T ';
at the hash valueIn the case of (2), the signature sigma verification is successful.
7. A linkable dual ring signature device based on identification, said device being disposed in a ring member node j, said device comprising:
the key acquisition module is used for acquiring a main public key pair and a private key pair; wherein the primary public-private key pair is generated by a trusted central node;
a private key generation module for generating a private key based on the primary private key and the user identity ID of the ring member node j j Generating a user private key sk of the ring member node j j
The signature generation module is used for calculating a link label I based on the user identity and the user private key of the ring member node in the ring member list when the ring member node j signs a message, and outputting the signature sigma of the message according to the link label I, the main public key and the user private keys of all ring member nodes;
and the signature verification module is used for verifying the signature sigma.
8. An identity-based linkable dual ring signature system, the system comprising:
a plurality of ring member nodes; wherein each ring member node j is configured to:
acquiring a main public and private key pair; wherein the primary public-private key pair is generated by a trusted central node;
user identity ID based on primary private key and said ring member node j j Generating a user privacy of the ring member node jKey sk j
When the ring member node j signs a message, calculating a link label I based on the user identity and the user private key of the ring member node in the ring member list, and outputting a signature sigma of the message according to the link label I, the main public key and the user private keys of all ring member nodes;
verifying the signature σ.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the method of any one of claims 1 to 6 when executing the computer program.
10. A computer readable storage medium having stored thereon computer program instructions, which when executed implement the method of any of claims 1 to 6.
CN202310650815.3A 2023-06-02 2023-06-02 Linkable double-ring signature method and system based on identification Pending CN116915409A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310650815.3A CN116915409A (en) 2023-06-02 2023-06-02 Linkable double-ring signature method and system based on identification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310650815.3A CN116915409A (en) 2023-06-02 2023-06-02 Linkable double-ring signature method and system based on identification

Publications (1)

Publication Number Publication Date
CN116915409A true CN116915409A (en) 2023-10-20

Family

ID=88361705

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310650815.3A Pending CN116915409A (en) 2023-06-02 2023-06-02 Linkable double-ring signature method and system based on identification

Country Status (1)

Country Link
CN (1) CN116915409A (en)

Similar Documents

Publication Publication Date Title
Karati et al. Provably secure and lightweight certificateless signature scheme for IIoT environments
CN107579819B (en) A kind of SM9 digital signature generation method and system
CN104539423B (en) A kind of implementation method without CertPubKey cipher system of no Bilinear map computing
Schröder et al. Verifiable data streaming
EP2302834A2 (en) System and method for providing credentials
KR20100116215A (en) Group signature system, device, and program
US7000110B1 (en) One-way function generation method, one-way function value generation device, proving device, authentication method, and authentication device
WO2011148902A1 (en) Anonymous credential system, user device, verification device, anonymous credential method, and anonymous credential program
Li et al. Generalization of proxy signature-based on discrete logarithms
JP2004208262A (en) Apparatus and method of ring signature based on id employing bilinear pairing
WO2010046799A2 (en) Method of generating a cryptographic key, network and computer program therefor
CN110932865A (en) Linkable ring signature generation method based on SM2 digital signature algorithm
Shankar et al. Improved Multisignature Scheme for Authenticity of Digital Document in Digital Forensics Using Edward‐Curve Digital Signature Algorithm
KR101382626B1 (en) System and method for id-based strong designated verifier signature
Meshram et al. A provably secure lightweight subtree-based short signature scheme with fuzzy user data sharing for human-centered IoT
CN112152813B (en) Certificateless content extraction signcryption method supporting privacy protection
Zhao et al. Fuzzy identity-based dynamic auditing of big data on cloud storage
CN110190957A (en) Multivariable broadcasting multi-signature method based on no certificate
CN116346328A (en) Digital signature method, system, equipment and computer readable storage medium
CN110519040B (en) Anti-quantum computation digital signature method and system based on identity
CN114499887B (en) Signing key generation and related methods, systems, computer devices and storage media
Li et al. A forward-secure certificate-based signature scheme
CN108768634A (en) Verifiable Encryptosystem signature generating method and system
Fei et al. A secure digital signature algorithm based on elliptic curve and chaotic mappings
Liu et al. Strong Identity‐Based Proxy Signature Schemes, Revisited

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination