Multivariable signature method capable for resisting forged signature attack

Abstract

The invention discloses a multivariable signature method capable for resisting a forged signature attack, which is characterized in that by adding a vector called as signature additional value, a verification condition related to internal information is added during signature verification, so that the forged signature attack can be revisited effectively. The multivariable signature method particularly comprises three stages of data pre-processing, signature generation and signature verification. By taking a multivariable public key cryptosystem as a theoretical basis, a message signature and verification scheme is established according to a multivariable polynomial equation set in a finite field, so that the model defect of the conventional multivariable signature scheme is overcome, and under the condition of resisting a quantum attack, signature verification not only is dependent on public key verification, but also involves a user's legal private key. Therefore, the multivariable signature method can provide a basic technological support for information security of the quantum computer era and establishment of a trust system, and is suitable for secure digital signature in the quantum computer era; and moreover, due to relatively high efficiency and security, the multivariable signature method is particularly suitable for occasions where memory space and operation time are limited.

Description

technical field [0001] The invention belongs to the technical field of cryptography, relates to a multivariable public key cryptosystem in post-quantum cryptography, and in particular to a multivariable digital signature method resistant to counterfeit signature attacks. Background technique [0002] Digital signature is a method for identifying digital information and one of the most important applications of public key cryptography, also known as public key digital signature. In the public key cryptosystem, the principle of digital signature technology is to sign (encrypt) the message with the sender's secret key and transmit it to the receiver together with the original text. The receiver uses the sender's public key to decrypt the signature, and compares the decrypted value with the original text to see if they are the same. If they are the same, the receiver thinks that the signature is sent by a legitimate sender. Therefore, a digital signature usually consists of two...

AI Technical Summary

Problems solved by technology

However, up to now, the multivariate signature model still has the following problems: (1) The verification conditions of the standard signature model are still flawed, because the current multivariate signature verification only relies on the public key, and the verification conditions are too single, That is to say, even if the counterfeiter does not know the legal secret key, it is possible to seek the special relationship anti-deciphering signature through the structure of the public key P; (2) The standard signature model does not involve internal secret information during verification, leaving a possibility for the counterfeiter. Taking advantage of the opportunity, the reason is that the legal person uses his own secret key to invert the signature step by step when signing, but the current verification does not reflect the inversion process in the design, that is to say, when verifying It does not verify whether the counterfeiter has a legitimate key, thereby reducing the difficulty of forgery; (3) The first two reasons will lead to: the attacker can forge a public key P that can pass the verification of the public key P but is not legal. The signature derived from the secret key

[0010] At present, in the signature scheme based on the multi-variable public key system, there is no secure multi-variable signature system that can effectively solve the above problems

Images