Unlock instant, AI-driven research and patent intelligence for your innovation.

Generation method of two-party SM2 digital signature

A digital signature and algorithm technology, applied in the field of information security, can solve problems such as large amount of calculation, lack of mutual trust, leakage or supervision, and achieve the effect of small amount of calculation and less interaction

Active Publication Date: 2019-03-29
PEKING UNIV
View PDF6 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the process of using SM2 signature, if the key is only kept by one party, there is often a risk of disclosure or supervision. Therefore, in many application scenarios, the key needs to be held separately by two parties (who may not trust each other at all), and the signature It can only be generated with the joint participation of two parties, and neither party can generate a signature alone
[0004] However, two-party SM2 digital signatures cannot be directly generated
In the existing two-party SM2 signature generation schemes, some methods are implemented based on secret sharing. However, such methods must disclose their secrets to the other party. Meet the actual needs of certain scenarios

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Generation method of two-party SM2 digital signature
  • Generation method of two-party SM2 digital signature
  • Generation method of two-party SM2 digital signature

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0186] Example 1: SM2-based certificate distribution

[0187] The present invention can be used in an SM2-based certificate distribution system. If a certificate can only be distributed when two organizations sign it together, organization A can generate a public-private key 1 , P 1 >, Institution B generates public and private keys 2 , P 2 >, they can agree that only if there is a public key [d 1 d 2 ]G-G([d 1 ]P 2 -G,[d 2 ]P 1 -G) The certificate can only be distributed when the corresponding signature is issued, then they can use the method of the invention to check out the corresponding signature. At the same time, since the private key will not be disclosed during the signing process, the private key can be used multiple times. And because of the existence of zero-knowledge proof, it can avoid the signature failure caused by a party's deliberate non-cooperation.

Embodiment 2

[0188] Example 2: Dual U-shield solution based on SM2

[0189] The present invention can be used in the dual U-shield scheme based on SM2. Assuming that an account or a certain system of a bank requires two people to authorize to access it, two U-shields can be constructed to store the private key d respectively. 1 、d 2 , it is agreed that only when there is a public key [d 1 d 2 [d 1 d 2 ] G-G corresponding signature, so as to access the system or account.

Embodiment 3

[0190] Example 3: Two-party signature of SM2-based blockchain system

[0191] The present invention can be used in an SM2-based block chain system, enabling it to support two-party signatures. Assuming that Alice and Bob jointly hold a certain property on the blockchain and require that the property can be spent only when both Alice and Bob agree, then Alice and Bob can generate a pair of public and private keys respectively 1 , P 1 > and 2 , P 2 >, Alice and Bob can deposit this asset at address [d 1 d 2 ]G-G([d 1 ]P 2 -G,[d 2 ]P 1 -G) blockchain account, when a party wants to spend this asset, he can use this invention to check out [d 1 d 2 ] G-G corresponding signature, thus spending the asset. At the same time, since the other party's own private key will not be disclosed during the signing process, this method can be used multiple times without changing the private key. Due to the existence of zero-knowledge proof, it is possible to avoid signature failure cause...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a generation method of a two-party SM2 digital signature, and belongs to the technical field of information security. A Paillier homomorphic encryption scheme is utilized to enable two mutually untrusted parties to cooperate to generate the SM2 digital signature. The invention also pertinently provides a construction method of zero-knowledge proof for proving that in a cooperation process, the two parties have no behavior violating an agreement. A non-cooperative party can be quickly identified through the zero-knowledge proof when signature fails. Compared with two-party signature schemes based on polynomial secret sharing, the method of the invention has higher efficiency and better security and privacy.

Description

technical field [0001] The invention belongs to the technical field of information security and relates to a method for generating a digital signature, in particular to a method for generating a two-party SM2 digital signature. Background technique [0002] SM2 Elliptic Curve Public Key Cryptography Algorithm (SM2 for short) is a public key encryption standard issued by the State Cryptography Administration on December 17, 2010. In the commercial encryption system, SM2 is mainly used to replace the RSA (Rivest-Shamir-Adleman) encryption algorithm. SM2 is based on Elliptic Curve Cryptography (ECC), and its security is comparable to NIST Prime256. [0003] The SM2 signature process is as follows figure 1 As shown, the SM2 signature verification process is as follows figure 2 shown. In the process of using SM2 signature, if the key is only kept by one party, there is often a risk of disclosure or supervision. Therefore, in many application scenarios, the key needs to be he...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L9/30H04L9/08
CPCH04L9/0869H04L9/3066H04L9/3239H04L9/3247H04L9/3268
Inventor 关志王珂陈霄陈钟南湘浩
Owner PEKING UNIV