一种SM9签名私钥生成和数字签名方法及系统和装置

一种SM9签名私钥生成和数字签名方法及系统和装置

发明为SM9签名私钥生成和数字签名方法及系统和装置:P1、P2分别为SM9算法中群G1、G2的生成元,n为群的阶;私钥生成服务端有系统主密钥sm,及Ppub=[sm]P2,PFpub=[sm]P1;客户端有用户主密钥sU,PU1=[sU]P1,PU2f=[(sU)-1]P2;客户端和服务端以s=sm+sU为主密钥,协同生成用户的SM9签名私钥dA及PU2=[(sm+sU)-1]Ppub且服务端得不到dA;签名方以P1为群G1的生成元、Ppub为主公钥,dA为私钥,采用SM9签名算法生成消息的数字签名(h,S);签名验证方验证e(PU1,PU2f)与e(P1,P2)相等,e(PU1+PFpub,...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Format: Patent
Sprache:chi
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:发明为SM9签名私钥生成和数字签名方法及系统和装置:P1、P2分别为SM9算法中群G1、G2的生成元,n为群的阶;私钥生成服务端有系统主密钥sm,及Ppub=[sm]P2,PFpub=[sm]P1;客户端有用户主密钥sU,PU1=[sU]P1,PU2f=[(sU)-1]P2;客户端和服务端以s=sm+sU为主密钥,协同生成用户的SM9签名私钥dA及PU2=[(sm+sU)-1]Ppub且服务端得不到dA;签名方以P1为群G1的生成元、Ppub为主公钥,dA为私钥,采用SM9签名算法生成消息的数字签名(h,S);签名验证方验证e(PU1,PU2f)与e(P1,P2)相等,e(PU1+PFpub,PU2)与e(P1,Ppub)相等后,以P1为群G1的生成元、PU2为群G2的生成元、Ppub为主公钥,采用SM9签名算法验证消息的数字签名(h,S)的有效性。 The invention relates to an SM9 signature private key generation and digital signature method, system and device. P1 and P2 are respectively generators of groups G1 and G2 in an SM9 algorithm, and n is the order of the group. A private key generation server is provided with a system master key sm, Ppub = [sm] P2 and PFpub = [sm] P1.A client has a user master key sU, PU1 = [sU] P1, and PU2f = [(sU)-1] P2; the client and the server cooperatively generate an SM9 signature private key dA and PU2 = [(sm + sU)-1] Ppub of the user by taking s = sm + sU as a main secret key, and the server cannot obtain the dA. A signature party takes P1 as a