+

CN1444168A - Probability type asymmetric encipherment method based on public key certificate on ellipse curve - Google Patents

Probability type asymmetric encipherment method based on public key certificate on ellipse curve Download PDF

Info

Publication number
CN1444168A
CN1444168A CN 03116623 CN03116623A CN1444168A CN 1444168 A CN1444168 A CN 1444168A CN 03116623 CN03116623 CN 03116623 CN 03116623 A CN03116623 A CN 03116623A CN 1444168 A CN1444168 A CN 1444168A
Authority
CN
China
Prior art keywords
vector
elliptic curve
public key
pki
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN 03116623
Other languages
Chinese (zh)
Inventor
朱华飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang University ZJU
Original Assignee
Zhejiang University ZJU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang University ZJU filed Critical Zhejiang University ZJU
Priority to CN 03116623 priority Critical patent/CN1444168A/en
Publication of CN1444168A publication Critical patent/CN1444168A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

本发明公开了一种椭圆曲线上基于公钥证书的概率型非对称加密方法。它从椭圆曲线上的Diffie-Hellman判定问题出发,辅以抗碰撞杂凑函数和公钥证书进行加密和解密的公钥密码系统。由于本体制构造在椭圆曲线上,因此它计算速度快,安全性高,用较小的密钥长度就可以保证较高的安全性。可广泛应用于文件加密及计算机网络安全技术领域。The invention discloses a probabilistic asymmetric encryption method based on a public key certificate on an elliptic curve. It starts from the Diffie-Hellman decision problem on the elliptic curve, supplemented by a public-key cryptosystem for encryption and decryption with anti-collision hash functions and public-key certificates. Since the ontology system is constructed on the elliptic curve, its calculation speed is fast and its security is high, and a relatively small key length can guarantee high security. It can be widely used in the technical fields of file encryption and computer network security.

Description

一种椭圆曲线上基于公钥证书的概率型非对称加密方法A Probabilistic Asymmetric Encryption Method Based on Public Key Certificate on Elliptic Curve

                          技术领域Technical field

本发明涉及保密或安全通信的非对称公钥加密方法,具体地说是一种椭圆曲线上基于公钥证书的概率型非对称加密方法。The invention relates to an asymmetric public key encryption method for confidential or safe communication, in particular to a probabilistic asymmetric encryption method based on public key certificates on an elliptic curve.

                          背景技术 Background technique

在数据安全保密问题得到广泛认识以前,计算机的安全保密在绝大多数人的印象中是指硬件的物理安全。但是,当今计算机远程终端存取、通信和网络等新技术已取得长足的发展,单纯物理意义上的保护措施除可保护硬件设备的安全外,对信息和服务的保护意义越来越小,数据安全保密已成为计算机安全保密的主题。Before the issue of data security and confidentiality was widely recognized, the security and confidentiality of computers referred to the physical security of hardware in the impression of most people. However, today's new technologies such as computer remote terminal access, communication and network have made great progress. In addition to protecting the security of hardware devices, purely physical protection measures have less and less significance for the protection of information and services. Security and confidentiality have become the subject of computer security and confidentiality.

安全性可证明的密码算法和通信协议是密码学的一个重要而又困难的研究课题,通信安全保密研究围绕寻找更强更好的密码体制而展开。传统的密码体帛由于在加密和解密时使用的是单一密钥,一旦加密密钥泄露,整个密码体制就失去了作用。因此在实际应用中暴露出了越来越多的缺陷,难以在商业上获得更广泛的应用。公钥体制的特点就是加密解密用不同的密钥,,将其中一个公开用来加密,另一个保密用来解密的非对称加密体制。目前国际上流行的公钥加密体制有基于大数分解、离散对数困难问题假设等难题。第一个较实用的基于Diffie-Hellman判定问题的公钥加密体制是由Cramer-Shoup提出的,它具有可证明的安全性,可以抵抗自适应选择密文的攻击。Cryptographic algorithms and communication protocols with provable security are an important and difficult research topic in cryptography. The research on communication security and confidentiality revolves around finding stronger and better cryptosystems. Because the traditional cipher body uses a single key for encryption and decryption, once the encryption key is leaked, the entire cipher system will lose its function. Therefore, more and more defects have been exposed in practical applications, and it is difficult to obtain wider commercial applications. The characteristic of the public key system is that different keys are used for encryption and decryption, one of which is used for encryption and the other is kept secret for decryption. At present, the popular public key encryption system in the world is based on the assumption of large number decomposition and discrete logarithm difficulty. The first practical public key encryption system based on Diffie-Hellman decision problem is proposed by Cramer-Shoup, which has provable security and can resist the attack of adaptively chosen ciphertext.

                          发明内容Contents of Invention

本发明的目的是提供一种基于椭圆曲线上基于公钥证书的概率型非对称加密算法。它是从椭圆曲线上的Diffie-Gellman判定问题出发,辅以公钥证书和抗碰撞杂凑函数,进行加密/解密的公钥密码系统。The purpose of the present invention is to provide a probabilistic asymmetric encryption algorithm based on public key certificates on elliptic curves. It starts from the Diffie-Gellman decision problem on the elliptic curve, supplemented by public key certificates and anti-collision hash functions, and performs encryption/decryption public key cryptosystem.

本发明采用的技术方案的具体实现步骤如下:The concrete realization steps of the technical solution adopted in the present invention are as follows:

1.定义了一个系统参数(Fq,E,P,n,H),其中Fq是有限域,域的特征为大素数q,E是Fq上的椭圆曲线,P是E上的一个有理点,称为基点,P的阶为素数n,H是抗碰撞杂凑函数,系统参数矢量(Fq,E,P,n,H)可由一组用户公用。1. A system parameter (Fq, E, P, n, H) is defined, where Fq is a finite field characterized by a large prime number q, E is an elliptic curve on Fq, and P is a rational point on E, It is called the base point, the order of P is a prime number n, H is an anti-collision hash function, and the system parameter vector (Fq, E, P, n, H) can be shared by a group of users.

2.随机选取四个小于n的元素w,x,y,z作为私钥矢量,随机选择一不大于n的元素t与基点P进行椭圆曲线E上的模乘法运算得到的结果g1作为公钥的第一矢量,私钥矢量的四个分量分别与公钥的第一分量g1进行椭圆曲线E上的模乘法运算得到公钥矢量的其它四个分量,加上用户证书数据Cert-data构成公钥矢量的六个分量,系统参数为(Fq,E,P,n,H),其私钥和公钥矢量的生成步骤如下:2. Randomly select four elements w, x, y, and z smaller than n as the private key vector, and randomly select an element t not greater than n to perform modular multiplication on the elliptic curve E with the base point P. The result g 1 is used as the public key The first vector of the key, the four components of the private key vector and the first component g 1 of the public key are respectively subjected to modular multiplication on the elliptic curve E to obtain the other four components of the public key vector, plus the user certificate data Cert-data The six components that constitute the public key vector, the system parameters are (F q , E, P, n, H), and the steps to generate the private key and public key vector are as follows:

(a)选定t<n,计算g1=tP为生成元,作为公钥矢量的第一分量,任取w,x,y,z<n构成私钥矢量;(a) Select t<n, calculate g 1 =tP as the generating element, as the first component of the public key vector, and randomly select w, x, y, z<n to form the private key vector;

(b)计算g2=wg1,c=xg1,d=yg1,h=zg1(b) Calculate g 2 =wg 1 , c=xg 1 , d=yg 1 , h=zg 1 ;

(c)私钥为(w,x,y,z),公钥为(g1,g2,c,d,h,Cert-data)。(c) The private key is (w, x, y, z), and the public key is (g 1 , g 2 , c, d, h, Cert-data).

3.利用接收者的公钥和证书数据加密成由四个分量组成的密文矢量,系统参数为(Zp,G,q,H),接收者的公钥为(g1,g2,c,d,h,Cert-data),加密明文m,加密步骤为:3. Use the recipient’s public key and certificate data to encrypt into a ciphertext vector composed of four components, the system parameters are (Z p , G, q, H), and the recipient’s public key is (g 1 , g 2 , c, d, h, Cert-data), encrypted plaintext m, the encryption steps are:

(a)随机选取r<n;(a) randomly select r<n;

(b)计算u1=rg1,u2=rg2,e=(mrh);(b) Calculate u 1 =rg 1 , u 2 =rg 2 , e=(mrh);

(c)计算α=H(Cert-data,u1,u2,e),v=r(c+αd):(c) Calculate α=H(Cert-data, u 1 , u 2 , e), v=r(c+αd):

(d)输出密文矢量为(u1,u2,e,v)。(d) The output ciphertext vector is (u 1 , u 2 , e, v).

5.接收者在收到密文矢量后,能检验并拒绝无效密文,对于有效密文则可利用接收者的私钥和证书数据恢复出明文,系统参数为(Fq,E,P,n,H),密文矢量为(u1,u2,e,v),其检验及恢复明文步骤如下:5. After receiving the ciphertext vector, the receiver can check and reject the invalid ciphertext. For valid ciphertext, the receiver’s private key and certificate data can be used to recover the plaintext. The system parameters are (Fq, E, P, n , H), the ciphertext vector is (u 1 , u 2 , e, v), the steps of checking and recovering the plaintext are as follows:

(a)计算α=H(Cert-data,u1,u2,e);(a) Calculate α=H(Cert-data, u 1 , u 2 , e);

(b)检验u2=wu1成立与否,如不成立拒绝密文,否则执行下一步;(b) Check whether u 2 = wu 1 is established, if not established, reject the ciphertext, otherwise execute the next step;

(c)检验v=(x+yα)u1成立与否,如不成立则拒绝密文,否则执行下一步;(c) Check whether v=(x+yα)u 1 is established or not, if not established, reject the ciphertext, otherwise execute the next step;

(d)计算m=ezu1,恢复出明文m。(d) Calculate m=ezu 1 and recover the plaintext m.

本发明与背景技术相比具有的有益效果是:The beneficial effect that the present invention has compared with background technology is:

它是从椭圆曲线上的Diffie-Hellman判定问题出发,辅以公钥证书和抗碰撞杂凑函数,进行加密/解密的公钥密码系统。由于本体制构造在椭圆曲线上,因此它计算速度快,安全性高,用较小的密钥长度就可以保证较高的安全性。可广泛应用于文件加密及计算机网络安全技术领域。It starts from the Diffie-Hellman decision problem on the elliptic curve, supplemented by public key certificates and anti-collision hash functions, and performs encryption/decryption public key cryptosystem. Since the ontology system is constructed on the elliptic curve, its calculation speed is fast and its security is high, and a relatively small key length can guarantee high security. It can be widely used in the technical fields of file encryption and computer network security.

                        具体实施方式 Detailed ways

当本发明用于网络与信息保密通信时,假定发信者A想发送给收信者B一个保密的信息。这果想发送的信息就是明文m,本发明中,发信者和收信者共同用一椭圆曲线,这里给出在如下椭圆曲线上实施的实例:When the present invention is used in network and information confidential communication, it is assumed that sender A wants to send a confidential message to recipient B. The information that this fruit wants to send is exactly the plaintext m, and in the present invention, sender and recipient share an elliptic curve, provide the example that implements on following elliptic curve here:

  E:y2=x3+ax+b mod nE: y 2 =x 3 +ax+b mod n

  其中 in

p=6277101735386680763835789423207666416083908700390324961279;p=6277101735386680763835789423207666416083908700390324961279;

seedE=0x3045ae6fc8422f64ed579528d38120eae12196d5;seedE = 0x3045ae6fc8422f64ed579528d38120eae12196d5;

r=0x3099d2bbbfcb2538542dcd5fb078b6ed5f3d6fe2c745de65;r = 0x3099d2bbbfcb2538542dcd5fb078b6ed5f3d6fe2c745de65;

a=-3;a=-3;

b=0x64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1;b=0x64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1;

h=1h=1

椭圆曲线的阶为:The order of the elliptic curve is:

n=6277101735386680763835789423176059013767194773182842284081;n=6277101735386680763835789423176059013767194773182842284081;

它是一个素数。It is a prime number.

阶为n的基点为P的选取为:The selection of the base point P with order n is:

P=(xG,yG)其中P = (xG, yG) where

xG=0x188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012;xG=0x188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012;

yG=0x07192b95ffc8da78631011ed6b24cdd573f977a11e794811;用户A选取w,x,y,z小于n作为自己的保密私钥,分别计算g2=g1 w,c=g1 x,d=g1 y,h=g1 z。并将(g1,g2,c,d,h,Cert-data)作为公钥并公开,Cert-data为用户证书数据。用户B按照本方法的步骤进行操作,发送密文。A在收到加密信息后进行验证并解密。yG=0x07192b95ffc8da78631011ed6b24cdd573f977a11e794811; User A selects w, x, y, z less than n as his private secret key, and calculates g 2 =g 1 w , c=g 1 x , d=g 1 y , h=g 1 z respectively. And (g 1 , g 2 , c, d, h, Cert-data) is used as a public key and made public, and Cert-data is user certificate data. User B operates according to the steps of this method, and sends the ciphertext. A verifies and decrypts the encrypted information after receiving it.

Claims (5)

  1. On the elliptic curve based on the probability type asymmetrical encryption method of public key certificate, it is characterized in that the Diffie-Hellman decision problem from the elliptic curve, be aided with the common key cryptosystem that anti-collision hash function and public key certificate carry out encryption and decryption.
  2. 2. based on the probability type asymmetrical encryption method of public key certificate, it is characterized in that having defined a systematic parameter (F on a kind of elliptic curve according to claim 1 q, E, P, n, H), F wherein qBe Galois field, the territory be characterized as big prime number q, E is F qOn elliptic curve, P is a rational point on the E, is called basic point, the rank of P are prime number n, H is anti-collision hash function, systematic parameter vector (F q, E, P, n H) can be public by one group of user.
  3. 3. on a kind of elliptic curve according to claim 2 based on the probability type asymmetrical encryption method of public key certificate, it is characterized in that by four element w less than n, x, y, z selects an element t and a basic point P who is not more than n to carry out the g as a result that the modular multiplication on the elliptic curve E obtains as the private key vector at random 1As first vector of PKI, four components of private key vector respectively with the first component g of PKI 1Carry out modular multiplication on the elliptic curve E and obtain other four components of PKI vector, add that user certificate data Cert-data constitutes six components of PKI vector, systematic parameter is (F q, E, P, n, H), the generation step of its private key and PKI vector is as follows:
    (a) selected t<n calculates g 1=tP is a generator, as first component of PKI vector, appoints and gets w, and x, y, z<n constitutes the private key vector;
    (b) calculate g 2=wg 1, c=xg 1, d=yg 1, h=zg 1
    (c) private key be (w, x, y, z), PKI is (g 1, g 2, c, d, h, Cert-data).
  4. 4. based on the probability type asymmetrical encryption method of public key certificate, it is characterized in that utilizing recipient's PKI and certificate data to be encrypted to the ciphertext vector of being made up of four components on a kind of elliptic curve according to claim 2, systematic parameter is (Z p, G, q, H), PKI is (g 1, g 2, c, d, h, Cert-data), and encrypting plaintext m, encrypting step is:
    (a) picked at random r<n;
    (b) calculate u 1=rg 1, u 2=rg 2, e=(m rh);
    (c) calculate α=H (Cert-data, u 1, u 2, e), v=r (c+ α d);
    (d) output ciphertext vector is (u 1, u 2, e, v).
  5. 5. on a kind of elliptic curve according to claim 2 based on the probability type asymmetrical encryption method of public key certificate, after it is characterized in that the recipient arrives the ciphertext vector, can check and refuse invalid ciphertext, then can utilize recipient's private key and certificate data to recover expressly for effective ciphertext, systematic parameter is (Fq, E, P, n, H), the ciphertext vector is (u 1, u 2, e, v), expressly step is as follows for its check and recovery:
    (a) calculate α=H (Cert-data, u 1, u 2, e);
    (b) check u 2=wu 1Whether set up, as the refusal ciphertext that is false, otherwise carry out next step;
    (c) check v=(x+y α) u 1Whether set up, as be false and then refuse ciphertext, otherwise carry out next step;
    (d) calculate m=e zu 1, recover expressly m.
CN 03116623 2003-04-23 2003-04-23 Probability type asymmetric encipherment method based on public key certificate on ellipse curve Pending CN1444168A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 03116623 CN1444168A (en) 2003-04-23 2003-04-23 Probability type asymmetric encipherment method based on public key certificate on ellipse curve

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 03116623 CN1444168A (en) 2003-04-23 2003-04-23 Probability type asymmetric encipherment method based on public key certificate on ellipse curve

Publications (1)

Publication Number Publication Date
CN1444168A true CN1444168A (en) 2003-09-24

Family

ID=27814902

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 03116623 Pending CN1444168A (en) 2003-04-23 2003-04-23 Probability type asymmetric encipherment method based on public key certificate on ellipse curve

Country Status (1)

Country Link
CN (1) CN1444168A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101931529A (en) * 2010-08-09 2010-12-29 中兴通讯股份有限公司 Data encryption method, data decryption method and nodes
EP2334008A1 (en) 2009-12-10 2011-06-15 Tata Consultancy Services Limited A system and method for designing secure client-server communication protocols based on certificateless public key infrastructure
CN103124213A (en) * 2013-03-05 2013-05-29 丁勇 Key management method of sensor network based on elliptic curve cryptography
CN109818741A (en) * 2017-11-22 2019-05-28 航天信息股份有限公司 A kind of decryption calculation method and device based on elliptic curve
CN115580402A (en) * 2022-12-09 2023-01-06 蓝象智联(杭州)科技有限公司 Data hiding query method for secure multi-party computation

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2334008A1 (en) 2009-12-10 2011-06-15 Tata Consultancy Services Limited A system and method for designing secure client-server communication protocols based on certificateless public key infrastructure
US8670563B2 (en) 2009-12-10 2014-03-11 Tata Consultancy Services Ltd. System and method for designing secure client-server communication protocols based on certificateless public key infrastructure
CN101931529A (en) * 2010-08-09 2010-12-29 中兴通讯股份有限公司 Data encryption method, data decryption method and nodes
CN101931529B (en) * 2010-08-09 2014-07-16 中兴通讯股份有限公司 Data encryption method, data decryption method and nodes
CN103124213A (en) * 2013-03-05 2013-05-29 丁勇 Key management method of sensor network based on elliptic curve cryptography
CN103124213B (en) * 2013-03-05 2015-09-16 丁勇 Based on the sensor network cipher key management method of elliptic curve cipher
CN109818741A (en) * 2017-11-22 2019-05-28 航天信息股份有限公司 A kind of decryption calculation method and device based on elliptic curve
CN115580402A (en) * 2022-12-09 2023-01-06 蓝象智联(杭州)科技有限公司 Data hiding query method for secure multi-party computation
CN115580402B (en) * 2022-12-09 2023-03-17 蓝象智联(杭州)科技有限公司 Data hiding query method for secure multi-party computation

Similar Documents

Publication Publication Date Title
Boneh Twenty years of attacks on the RSA cryptosystem
JP4785851B2 (en) Digital signatures, including identity-based aggregate signatures
CN103023637B (en) Encryption and search method for revocable keyword search public keys in cloud storage
CN109462481B (en) Secret signcryption method based on asymmetric bilinear pairings
CN104301108B (en) It is a kind of from identity-based environment to the label decryption method without certificate environment
CN110851845A (en) A Lightweight Single User Multiple Data Encapsulation Method for Fully Homomorphic Data
Raymond et al. Security issues in the Diffie-Hellman key agreement protocol
CN110113155A (en) One kind is efficiently without CertPubKey encryption method
CN1277365C (en) High performance and quick public pin encryption
CN114448641A (en) A privacy encryption method, electronic device, storage medium and chip
CN118984214B (en) A distributed quantum-resistant digital signature method and system
Shen et al. Survey on asymmetric cryptography algorithms
Ahmed et al. Comparative analysis of cryptographic algorithms in context of communication: A systematic review
CN112769539B (en) A method and system for generating RSA keys and coordinating RSA signature and decryption
Amounas et al. An efficient signcryption scheme based on the elliptic curve discrete logarithm problem
CN1444168A (en) Probability type asymmetric encipherment method based on public key certificate on ellipse curve
CN109495478B (en) A distributed secure communication method and system based on blockchain
Ahirwal et al. Signcryption scheme that utilizes elliptic curve for both encryption and signature generation
Young et al. Space-efficient kleptography without random oracles
Chauhan An implemented of hybrid cryptography using elliptic curve cryptosystem (ECC) and MD5
Fares et al. Design and implementation of certificateless cryptography for IoT applications
CN109787773B (en) Anti-quantum computation signcryption method and system based on private key pool and Elgamal
CN115134120A (en) ECC (error correction code) and OPT (optical packet transport) combined encryption method
CN109787772B (en) Anti-quantum computation signcryption method and system based on symmetric key pool
Shirur et al. Design and Implementation of Synthesizable Two-Level Cryptosystem for High-Security enabled Applications

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载