42 results about "Short signature" patented technology

One embodiment of the present invention sets forth a technique for automatically provisioning a diskless computing device and an associated server system. A diskless computing device client incorporates an iSCSI initiator that is used to access resources provided by an iSCSI target that is resident on a server computing device. The iSCSI initiator is implemented in the client firmware, providing INT13 disk services entry points, thereby enabling the client to transparently access virtual storage devices at boot time. The client device conducts an apparently local installation using the virtual storage devices provided by the server computing device. A short signature value is associated with the boot image, uniquely associating the boot image with the specific client hardware configuration. When the client device boots normally, the signature value of the client device is presented to the server computing device to automatically reference the appropriate boot image.

The invention discloses a multi-inter-domain asymmetric group key agreement protocol method under the mobile cloud computing network environment. The method comprises the following steps: adopting a bilinear mapping technology and a blind secret key technology to realize a short signature mechanism between a domain secret key management center and a domain terminal; using a short signature technology to realize a multi-inter-domain group key agreement authentication mechanism of terminals distributed in different domains, and further realize asymmetric group key agreement of the terminals distributed in multiple domains. The protocol method disclosed by the invention has the anonymity and the authentication, supports dynamic group key updating of nodes, and realizes the security of forward confidentiality and backward confidentiality of the group keys; on the hypothesis of the Diffe-Hellman bilinear computing problem, the security of the protocol is proved; the computing and communication energy consumption of the protocol is low; the method is good in flexibility, security and practicability, and suitable for cross-domain group key agreement of the terminals distributed in the multiple domains under the mobile cloud computing network environment.

The systems and methods of aggregate signing of digital signatures on multiple messages simultaneously, comprising: receiving two or more digital messages wherein each message is signed using two or more digitally split keys from a private key and the two or more digital signatures of the message using the split key are combined to get a compressed short signature; receiving the compressed short signature for each message; receiving a public key associated with the private key for each message; aggregate signing the messages to output an aggregate signature. The aggregate signature can be further verified against any or all of the messages.

According to some embodiments of the invention, a message is processed before encryption so that the encryption method generates a short ciphertext. The message processing can be viewed as a mapping (610) that maps the message into another message that generates the short ciphertext. The mapping is reversible at least if the (possibly encoded) message (H(M)) is in a restricted set, e.g. a set [0,h?] of short messages. In some embodiments of the present invention, short signatures are provided by mapping the signature into a short signature. The mapping (810) is reversible at least if the original message (H(M)) used to generate the signature is short. Signcryption, aggregate signature, and ring signature outputs are also shortened.

The invention relates to an authenticable asymmetrical group secret key negotiation scheme in a mobile unbalanced network. The scheme comprises the steps that signature and authentication of group members are carried out, group members negotiate an asymmetrical shared secret key, and consistency verification of the shared secret key is carried out. According to the signature and authentication, a short signature mechanism of mobile equipment in a network is achieved by adopting a bilinear mapping technology, and members of mobile groups provide identify authentication by using the signature before the group secret key is negotiated to defense active attack of adversaries. According to step that the group members negotiate the asymmetrical shared secret key, all mobile equipment in the mobile unbalanced network negotiates a pair of asymmetrical group communication encryption/decryption secret keys, and members outside the group can send secret messages to members inside the group by encrypting the secret messages through a public key without the necessary of joining the group. According to the consistency verification of the shared secret key, after the group members negotiate the group secret key, the accuracy and the consistency of the calculated group secret key can be guaranteed. According to the authenticable asymmetrical group secret key negotiation scheme in the mobile unbalanced network, when secret communication is carried out among mobile group equipment in the mobile network environment, safe communication among the group equipment can be guaranteed, energy consumption of calculation and communication is quite low, and good flexibility, safety and practicability are achieved.

One embodiment of the present invention sets forth a technique for automatically provisioning a diskless computing device and an associated server system. A diskless computing device client incorporates an iSCSI initiator that is used to access resources provided by an iSCSI target that is resident on a server computing device. The iSCSI initiator is implemented in the client firmware, providing INT13 disk services entry points, thereby enabling the client to transparently access virtual storage devices at boot time. The client device conducts an apparently local installation using the virtual storage devices provided by the server computing device. A short signature value is associated with the boot image, uniquely associating the boot image with the specific client hardware configuration. When the client device boots normally, the signature value of the client device is presented to the server computing device to automatically reference the appropriate boot image.

The invention relates to a cloud data integrity verification scheme based on a blockchain, which uses the technical means of digital short signature, bilinear mapping, the blockchain and the like to solve the problems of integrity of cloud storage data, uncredibility of a third-party auditor and the like at present. When a data owner interacts with a cloud server, the data owner C generates a key pair, performs block processing on its own data and generates a homomorphic verification tag by using a digital signature. The data owner C uploads the data block and a homomorphic verification tag set to the cloud server S, and uploads a hash value set corresponding to the data block to a smart contract on the blockchain, and the smart contract verifies the data of the data owner. The smart contract sends a challenge to verify whether the integrity of the data, and S generates a response proof according to the challenge. Finally, the smart contract verifies whether the proof is correct. Due to the fact that the blockchain has the characteristics of non-tampering, decentration and the like, the integrity and privacy of the scheme are strongly guaranteed.

The invention discloses a symbol seal method based on a public key system, belonging to the cryptographic technology and computer technology field; the invention leads the unforgeability of a seal to be corresponding to the security of a public key digital signature system, comprising four parts: database creating of symbolized seal, key controlling, seal stamping and seal authentication, wherein, the database creating part is used for creating three relevant databases, the key controlling part is used for generating and managing a pair of private keys and public keys of a document (certificate) issuing unit, the seal stamping part is used for the document (certificate) issuing unit to generate a 64 system short signature character string to the Hash summary of a document or a certificate and stamp a seal image, and the seal authentication part is used for a document (certificate) receiving unit to judge the authenticity of source of the document or the certificate by the short signature character string; the method has low cost and easy operation, not only retains the appearance style of the traditional seal, but also greatly improves the security thereof, and can be widely applied in the issuing and transferring business of various paper documents or certificates, and electronic version documents or certificates of various units.

The invention provides a privacy protection attribute authentication system and method based on a verifiable declaration, and relates to the technical field of privacy protection in identity authentication. The method comprises the following steps: firstly, designing a data structure of a voucher by adopting a verifiable declaration of W3C, and verifying a signature of the data structure to confirm whether the declarated content is valid or not, thereby standardizing an identity verification standard; for the privacy problem existing in the verifiable declaration, expanding the structure of the verifiable declaration, and adding corresponding fields, so that the verifiable declaration has anonymity. Interval certification, non-relation certification and or relation certification of attribute values are realized by adopting a BB short signature scheme and a non-interactive zero-knowledge certification technology; detailed designs of protocols are given, including initialization, a certificate issuing protocol, a certificate showing protocol and an attribute proving protocol, and a verifiable declaration is applied to the protocols; and privacy protection authentication of the user is realized.

A lightweight group signature system and method with short signatures according to the exemplary embodiments of the present invention can provide security characteristics similar to group signature mechanisms providing the existing known controllable linkability but can make a revocation method simple by outputting a short signature and providing excellent operation efficiency at the time of signature generation, signature verification, and revocation on smart terminals, and can be widely applied to various anonymity-based application environments, making by making operation efficiency excellent at the time of signature generation and verification and outputting very short signature lengths.

The invention relates to the technical field of information security, in particular to a broadcast type automatic correlation monitoring system (ADS-B) message authentication scheme based on certificateless short signatures. Aiming at potential safety hazards of ADS-B, by utilizing the characteristics of low bandwidth and less available data bits, the invention provides the ADS-B message authentication method based on the certificateless short signature. Compared with the current similar methods, the signature length is reduced by 3/4, the overall performance is improved to a certain extent, and the signature periodical performance is improved by nearly 1 time. In addition, the method does not need to manage certificates, eliminates the problem of secret key hosting, and greatly reduces the burden of the system ADS-B. And the availability and the overall safety of the system are enhanced. In order to further analyze the performance of the authentication method, NS2 is used to simulatethe ADS-B network, and the result shows that on the premise of guaranteeing ADS-B data integrity, identity authentication and non-repudiation, the influence on the network is very small, and the minimum operation function standard specification of 1090ES is met.

The invention discloses a method for processing short ciphertext signature of an invoice. The method comprises: through a tax-control device, generating a public key and a private key for a user, andstoring the private key in the tax-control device; through a safe channel, sending the public key to a tax invoice management system and storing the public key in the tax invoice management system, sothat the tax invoice management system performs verification operation on invoice information; the tax-control device using the private key, and based on parameters of a BN curve domestic cryptographic SM9 algorithm, the parameters not exceeding 256 bits, to perform signature processing on invoice information; and an invoice verifying party downloading the public key through the tax invoice management system, and using the public key to verify the invoice data information. The short signature method can satisfy requirement of length of a current invoice password region.

The invention discloses an alliance chain encryption method based on a bilinear mapping technology. The method comprises the steps of (1) achieving the construction of an alliance chain encryption system based on the bilinear mapping technology, including the generation and setting of a public key and a private key, and the selection of an encryption function; (2) encrypting a secret key based ona bilinear mapping technology, and distributing the secret key in a secret key negotiation mode; and (3) based on the model and the secret key distribution method, realizing secret key exchange, plaintext encryption and digital signature processes based on the bilinear mapping technology. According to the invention, the bilinear mapping technology is an encryption technology commonly used in cryptology; in combination with a hash function, a signature scheme with the characteristics of short signature, safety, high efficiency and the like is constructed for encryption, and signature verification is carried out on signatures; the encryption efficiency is improved; and the function of improving the overall working efficiency of the system is achieved.

The invention discloses a TCP search optimization method under a high performance calculating network; the method comprises the following steps: 1, in TCP conversation processing, preferably calculating TCP conversations to obtain 32-bit short signatures if the TCP conversation order of magnitude is at the million level, carrying out XOR for the front 16-bit and rear 16-bit of the 32-bit short signatures obtained on the previous basis if the TCP conversation order of magnitude is at 100-million level, thus obtaining 16-bit short signatures; 2, respectively using the 32- bit short signatures and the 16-bit short signatures to replace a TCP tetrad identification TCP conversations; 3, building corresponding relations between the front P TCP conversation short signatures and Hash slots one by one; mapping the front P TCP conversation short signatures and Hash slots one by one if arrived TCP conversations exceed P, and assigning the TCP conversation short signatures (starting from P+1) from a TCB pool to a conflict list. The method can reduce the searching taken cache size, and can reduce the Hash conflict probability.

The invention improves capability for wireless terminal moved in high speed to reverse access channel. The method groups signature sequences. Different groups of signature sequences are utilized in different speed ranges. Using blocked mode, network side receives signed signature sequence groups in high speed so as to raise performance of reverse access channel. Different blocked modes are utilized to detect groups of signature sequences in different speed ranges. The blocked mode is not utilized for the signature sequence group in lowest speed; and the signature sequence group in higher speed utilizes smaller block. Using only one signature sequence group under one blocked mode carries out correlation detection. Partitioned blocks can be superposed each other. Shorter signature sequence can be selected for wireless terminal closer to base station; and longer signature sequence can be selected for wireless terminal farther to base station.