CN107846281B - Proxy multiple signature method and system based on position - Google Patents

Proxy multiple signature method and system based on position Download PDF

Info

Publication number
CN107846281B
CN107846281B CN201711036923.2A CN201711036923A CN107846281B CN 107846281 B CN107846281 B CN 107846281B CN 201711036923 A CN201711036923 A CN 201711036923A CN 107846281 B CN107846281 B CN 107846281B
Authority
CN
China
Prior art keywords
proxy
signer
original
signature
location
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711036923.2A
Other languages
Chinese (zh)
Other versions
CN107846281A (en
Inventor
薛庆水
李文举
陈颖
舒明磊
杨瑞君
王栋
戴酉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Institute of Technology
Original Assignee
Shanghai Institute of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Institute of Technology filed Critical Shanghai Institute of Technology
Priority to CN201711036923.2A priority Critical patent/CN107846281B/en
Publication of CN107846281A publication Critical patent/CN107846281A/en
Application granted granted Critical
Publication of CN107846281B publication Critical patent/CN107846281B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/52Network services specially adapted for the location of the user terminal

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a proxy multiple signature method and a system based on position, wherein the method comprises the following steps: initializing a proxy signer PS, an original signer group OSG and a position infrastructure PI; the authenticity verification of the position of the original signer group OSG is completed under the participation of the PI, the authenticity verification of the position of the agent signer PS is verified through the PI, and finally the original signer group OSG completes the agent signature authorization of the appointed position of the agent signer PS; the agent signer PS completes the authentication function of the position of the agent signer PS under the support of the PI, and then executes the agent signing function of the specific information; and the proxy signature verifier V verifies that the proxy signature is actually subjected to proxy signature on the preset information by the original signer group at the specified position in combination with the proxy signer authorized to the specified position. The method has high safety and wide application range, and realizes the transfer of the authentication right of the identity and the position.

Description

Proxy multiple signature method and system based on position
Technical Field
The invention relates to the technical field of network information security, in particular to a proxy multiple signature method and a proxy multiple signature system based on positions.
Background
In recent years, location-based related services and applications and proxy signature technology have been intensively researched and developed. Location-based services and applications can perform location-based positioning for a user's location, and can also provide location-related services to the user, such as hotel services, dining services, postal services, and travel services. Proxy signature techniques provide the ability for one user to authorize another user to perform proxy signatures, thereby enabling the authentication of message integrity, non-repudiation, and origin.
However, the prior art cannot realize the function of jointly authorizing a single user at another location to implement proxy signature at a specified location on behalf of a user group by the user group at different locations in a mobile internet environment. Thus, user location security and location-related message integrity, authentication, and non-repudiation cannot be guaranteed.
Disclosure of Invention
In view of the defects in the prior art, the invention aims to provide a proxy multiple signature method and a proxy multiple signature system based on position.
In a first aspect, the present invention provides a proxy multiple signature method based on location, including:
position based implementation PI obtains safety parameter 1 in initialization processkThe master key mk and the public parameter pp respectively send unique corresponding identity information to each original signer OS in the original signer group OSG; wherein, it is assumed that the original signer group OSG includes n original signers OS, and the ith original signer is marked as OSiWherein i ═ 1,2,3, …, n; the ith original signer OSiThe corresponding identity information is IDiN represents the total number of original signers;
receiving OS from original signeriThe sent proxy signature request information contains the original signer OSiCorresponding position information
Figure BDA0001450780430000011
Determining each original signer OS through a position location protocoliCorresponding position information
Figure BDA0001450780430000012
To each original signer OS when valid informationiSending corresponding confirmation information; and generates a proxy authorization key package
Figure BDA0001450780430000013
i=1,2,3,…,n;
Figure BDA0001450780430000021
Representing the proxy authorization key packet corresponding to the ith original signer;
sending a corresponding proxy authorization Keybag to each original signer
Figure BDA0001450780430000022
Receiving a proxy authorization certificate dw sent by a checker side, wherein the dw comprises identities, positions, signable message types and valid period information of all original signers and proxy signers;
and generating a proxy signature key package pskp according to the proxy authorization certificate dw, and sending the pskp to a proxy signer PS.
Optionally, the proxy authorization key package is encapsulated with a position location protocol, an authorization key, identity information corresponding to the original signer, identity information of the proxy signer, location information corresponding to the original signer, and location information of the proxy signer;
and a position positioning protocol, an agent signature key, identity information of an agent signer, position information of the agent signer and a signature algorithm are packaged in the agent signature key package pskp.
Optionally, the position location protocol comprises: and the global positioning system GPS protocol is used for determining the positions of the original signer and the proxy signer.
In a second aspect, the present invention provides a proxy multiple signature method based on location, including:
original signer OSiSending proxy signature request information to a location-based implementation PI, wherein the proxy signature request information comprises the original signer OSiCorresponding position information
Figure BDA0001450780430000023
Wherein the OSiRepresenting the i-th original signer,
Figure BDA0001450780430000024
indicating the position information corresponding to the ith original signer, wherein i is 1,2,3, …, n, n indicates the total number of the original signers;
original signer OSiProxy authorization key package for receiving location-based implementation PI transmission
Figure BDA0001450780430000025
i=1,2,3,…,n;
Figure BDA0001450780430000026
Representing the proxy authorization key package corresponding to the ith original signer:
authorizing a key package based on a proxy
Figure BDA0001450780430000027
Determining original signer OSiWhen the position of the proxy is valid, generating corresponding proxy authorization information; the proxy authorization information comprises identity information of an original signer, position information of the original signer and a signature dw generated according to the proxy authorization key packagei,dwiIndicating the ith proxy authorization Keybag
Figure BDA0001450780430000028
A generated signature;
and sending the agent authorization information to a checker, wherein the checker is any one of the original signers specified in the original signer group OSG.
Optionally, the proxy authorization key package is encapsulated with a position location protocol, an authorization key, identity information corresponding to the original signer, identity information of the proxy signer, location information corresponding to the original signer, and location information of the proxy signer;
optionally, when the original signer is used as the checker, the method further includes:
determining any one of the original signers specified in the original signer group OSG as a checker that checks the proxy authorization key package
Figure BDA0001450780430000031
Generated signature dwiWhether by the original signer OSiSo as to generate the signal of the first frequency band,
if not, the operation is invalid, and the flow is ended;
if so,
then dwiEffective, all dw judgediIf all are valid, i is 1,2,3, …, n, if all are valid, then generating proxy authorization certificate, and order
Figure BDA0001450780430000032
dw represents an agent authorization certificate, and the dw comprises identity information, position information, signable message type information and validity period information of all original signatories and agent signatories;
the proxy authorization certificate is sent to the proxy signer PS.
In a third aspect, the present invention provides a proxy multiple signature method based on location, including:
receiving a proxy signature key package pskp sent by a location-based implementation PI and a proxy authorization certificate sent by an inspector;
determining the position information Pos of the agent signer PS according to the position positioning protocol encapsulated in the agent signing key package pskpPSIf the validity is not valid, the flow is ended;
if it is valid, the user can select the appropriate channel,
then a multiple signature is sent to the signature verifier V, said multiple signature being: (m, s, dw, pp), (m, s, dw, pp) represents a signature s for the message m, and the number of times the signature s is valid is 1;
wherein the position information PosPSEffective means that: the location information of the proxy signer PS coincides with the location information on the proxy signer PS in the proxy authorization certificate.
In a fourth aspect, the present invention provides a location-based proxy multiple signature method, including:
receiving a proxy multiple signature (m, s, dw, pp) sent by a proxy signer PS; wherein (m, s, dw, pp) represents a signature s for a message m, and the number of times the signature s is valid is 1;
checking whether the proxy authorization certificate is valid or not through the identity information and the position information of the original signer, the identity information and the position information of the proxy signer and the public parameter pp, and if the proxy authorization certificate is invalid, ending the process;
if yes, verifying whether s is the proxy multiple signature of the message m through a preset multiple signature verification algorithm, and if yes, confirming that the message m is really signed by the proxy signer at the specified position PosPSRepresenting the original signer group.
In a fifth aspect, the present invention provides a location-based proxy multiple signature system, comprising: a location infrastructure PI, an original signer OS, a proxy signer PS and a signature verifier V; wherein,
the location infrastructure PI is configured to perform the location-based proxy multi-signature method of any one of the first aspect of the claims;
the original signer OS is configured to execute the location-based proxy multi-signature method of any one of the second aspect of the claims;
the proxy signer PS is configured to execute the location-based proxy multi-signature method according to the third aspect of the claims;
the signature verifier V is adapted to perform the location-based proxy multiple signature method according to the fourth aspect of the present invention.
Compared with the prior art, the invention has the following beneficial effects:
the invention can realize the function that a plurality of users in different positions authorize the users in the appointed position to sign on behalf of the plurality of users, and ensures the integrity and non-repudiation of the information based on the position, so that the information related to the position is safer and more reliable. Further, in an alternative scheme, the proxy multi-signature method based on the position provided by the invention also verifies the signature message issued by the proxy signer, and does not limit the position of the proxy signature verifier, thereby further ensuring the reliability and the safety of the signature message.
Drawings
Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments with reference to the following drawings:
FIG. 1 is a schematic diagram of an application scenario of the method of the present invention;
FIG. 2 is a flowchart of a multiple signature method for a location-based proxy according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating an exemplary process of proxying the authorization key package according to an embodiment of the present invention;
fig. 4 is a flowchart illustrating a process of proxy signing key package according to an embodiment of the present invention.
Detailed Description
The present invention will be described in detail with reference to specific examples. The following examples will assist those skilled in the art in further understanding the invention, but are not intended to limit the invention in any way. It should be noted that it would be obvious to those skilled in the art that various changes and modifications can be made without departing from the spirit of the invention. All falling within the scope of the present invention.
The system applying the proxy multiple signature method based on the position provided by the invention comprises the following steps: location Infrastructure (PI), Original Signer (OS), Proxy Signer (PS), and signature Verifier (Verifier, V); wherein all Original signers constitute an Original Signer Group (OSG). As shown in fig. 1, the original signer group OSG jointly authorizes the proxy signer PS, and with the assistance of the location infrastructure PI, performs the proxy signing capability of the proxy signer PS at a specific location for specific information.
As shown in fig. 2, the multiple signature method for a location-based proxy according to the present invention may include: the first step is as follows: initializing a proxy signer PS, an original signer group OSG and a position infrastructure PI; the second step is that: firstly, the authenticity verification of the position of an original signer group OSG is completed under the participation of PI, then PI verifies the authenticity verification of the position of a proxy signer PS, and finally the original signer group OSG completes proxy signature authorization of the appointed position of the proxy signer PS; the third step: firstly, the agent signer PS needs to complete the authentication function of the position of the agent signer PS under the support of the PI, and then executes the agent signing function of specific information; the fourth step: and the proxy signature verifier V verifies that the proxy signature is actually subjected to proxy signature on the preset information by the original signer group at the specified position in combination with the proxy signer authorized to the specified position.
Further, as shown in fig. 3, an original signer OS (original signer group OSG) first determines whether the corresponding original signer OS is at a designated location with the assistance of the PI, and if so, generates a proxy authorization key; if not, ending. The proxy authorization key is used as the input of the proxy authorization generation module, and generates a proxy authorization certificate by combining the authorization certificate information, and sends the proxy authorization certificate to the proxy signer PS.
Further, as shown in fig. 4, the proxy signer PS first determines whether the position is at the designated position with the assistance of the PI, and if so, generates a proxy signing key, and if not, ends. The proxy signature key is used as the input of proxy signature generation, and is added with a message to be signed to generate a proxy signature which is sent to a proxy signature verifier V.
The proxy multiple signature method based on the position can realize the function that a plurality of users in different positions authorize the users in the appointed position to represent the plurality of users for signature, and ensure the integrity and non-repudiation of the information based on the position, so that the information related to the position is safer and more reliable.
Optionally, the proxy multiple signature method based on location provided by the invention also verifies the signature message issued by the proxy signer, and does not limit the location of the proxy signature verifier, thereby further ensuring the reliability and security of the signature message.
The method in the invention is different from the traditional method based on identity verification, realizes the transfer of the authentication right based on identity and position, and meets the safety requirement of a plurality of user groups at different positions on arbitrary appointed proxy signature for authorization under the environment of mobile internet.
In order to more clearly describe the method of the present invention, the following detailed description is given with reference to specific examples. Specifically, the position base setting PI side includes the steps of:
step A1: position based implementation PI obtains safety parameter 1 in initialization processkThe master key mk and the public parameter pp respectively send unique corresponding identity information to each original signer OS in the original signer group OSG; wherein, it is assumed that the original signer group OSG includes n original signers OS, and the ith original signer is marked as OSiWherein i ═ 1,2,3, …, n; the ith original signer OSiThe corresponding identity information is IDi
Step A2: receiving OS from original signeriThe sent proxy signature request information contains the original signer OSiCorresponding position information
Figure BDA0001450780430000061
Step A3: determining each original signer OS through a position location protocoliCorresponding position information
Figure BDA0001450780430000062
To each original signer OS when valid informationiSending corresponding confirmation information; and generates a proxy authorization key package
Figure BDA0001450780430000063
i=1,2,3,…,n;
Figure BDA0001450780430000064
Representing the proxy authorization key packet corresponding to the ith original signer; wherein, the proxy authorization key package is packaged with a position positioning protocol, an authorization key and a corresponding original signerIdentity information of the original signer, identity information of the proxy signer, position information of the corresponding original signer and position information of the proxy signer;
step A4: sending a corresponding proxy authorization Keybag to each original signer
Figure BDA0001450780430000065
Step A5: receiving a proxy authorization certificate dw sent by a checker side, wherein the dw comprises identities, positions, signable message types and valid period information of all original signers and proxy signers;
step A6: and generating a proxy signature key package pskp according to the proxy authorization certificate dw, and sending the proxy signature key package pskp to a proxy signer PS, wherein a position positioning protocol, a proxy signature key, identity information of the proxy signer, position information of the proxy signer, a signature algorithm and the like are packaged in the proxy signature key package pskp.
The original signer OS side (original signer group OSG side) includes the steps of:
step B1: original signer OSiSending proxy signature request information to a location-based implementation PI, wherein the proxy signature request information comprises the OS of the original signeriCorresponding position information
Figure BDA0001450780430000066
Wherein the OSiRepresenting the i-th original signer,
Figure BDA0001450780430000067
indicating the position information corresponding to the ith original signer, wherein i is 1,2,3, …, n, n indicates the total number of the original signers;
step B2: original signer OSiProxy authorization key package for receiving location-based implementation PI transmission
Figure BDA0001450780430000068
i=1,2,3,…,n;
Figure BDA0001450780430000069
Representing the proxy authorization key packet corresponding to the ith original signer; the proxy authorization key package is packaged with a position positioning protocol, an authorization key, identity information corresponding to an original signer, identity information of a proxy signer, position information corresponding to the original signer and position information of the proxy signer;
step B3: authorizing a key package based on a proxy
Figure BDA00014507804300000610
Determining original signer OSiWhen the position of the proxy is valid, generating corresponding proxy authorization information; the proxy authorization information comprises identity information of an original signer, position information of the original signer and a signature dw generated according to the proxy authorization key packagei,dwiIndicating the ith proxy authorization Keybag
Figure BDA00014507804300000611
A generated signature;
step B4: transmitting the proxy authorization information to a checker (Clerk), wherein the checker is any one of the original signers specified in the original signer group OSG.
The inspector side comprises the following steps:
step C1: determining any one of the original signers specified in the original signer group OSG as a checker that checks the proxy authorization key package
Figure BDA0001450780430000071
Generated signature dwiWhether by the original signer OSiGenerating, if so, dwiIf yes, executing the step C2, otherwise, invalidating and ending the flow;
step C2: determine all dwiIf all are valid, i is 1,2,3, …, n, if all are valid, then generating proxy authorization certificate, and order
Figure BDA0001450780430000072
dw denotes a proxy authorization certificate, and dw includes allIdentity information, position information, signable message type information and validity period information of an original signer and an agent signer;
step C3: the proxy authorization certificate is sent to the proxy signer PS.
The PS side of the proxy signer comprises the following steps:
step D1: receiving a proxy signature key package pskp sent by a location-based implementation PI and a proxy authorization certificate sent by an inspector;
step D2: determining the position information Pos of the agent signer PS according to the position positioning protocol encapsulated in the agent signing key package pskpPSIf yes, go to step D3; if the result is invalid, ending the flow; wherein the position information PosPSEffective means that: the position information of the proxy signer PS is consistent with the position information of the proxy signer PS in the proxy authorization certificate;
step D3: sending a multiple signature to a signature verifier V, the multiple signature being: (m, s, dw, pp), (m, s, dw, pp) represents a signature s for the message m, and the number of times the signature s is valid is 1.
The signature verifier V side comprises the following steps:
step E1: receiving a proxy multiple signature (m, s, dw, pp) sent by a proxy signer PS;
step E2: checking whether the proxy authorization certificate is valid through the identity information and the position information of the original signer, the identity information and the position information of the proxy signer and the public parameter pp, if so, executing a step E3, and if not, ending the flow;
step E3: verifying whether s is the proxy multiple signature of the message m through a preset multiple signature verification algorithm, and if the verification is successful, confirming that the message m is really signed by a proxy signer at the specified position PosPSRepresenting the original signer group (at location)
Figure BDA0001450780430000073
A signature performed (i ═ 1,2,..., n)); if the verification fails, the flow is ended.
It should be noted that, the steps in the location-based proxy multi-signature method provided by the present invention may be implemented by using corresponding modules, devices, units, and the like in the location-based proxy multi-signature system, and those skilled in the art may refer to the technical solution of the system to implement the step flow of the method, that is, the embodiments in the system may be understood as preferred examples for implementing the method, and details are not repeated herein.
Those skilled in the art will appreciate that, in addition to implementing the system and its various devices provided by the present invention in purely computer readable program code means, the method steps can be fully programmed to implement the same functions by implementing the system and its various devices in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Therefore, the system and various devices thereof provided by the present invention can be regarded as a hardware component, and the devices included in the system and various devices thereof for realizing various functions can also be regarded as structures in the hardware component; means for performing the functions may also be regarded as structures within both software modules and hardware components for performing the methods.
The foregoing description of specific embodiments of the present invention has been presented. It is to be understood that the present invention is not limited to the specific embodiments described above, and that various changes or modifications may be made by one skilled in the art within the scope of the appended claims without departing from the spirit of the invention. The embodiments and features of the embodiments of the present application may be combined with each other arbitrarily without conflict.

Claims (8)

1. A proxy multiple signature method based on location, comprising:
position based implementation PI obtains safety parameter 1 in initialization processkThe master key mk and the public parameter pp respectively send unique corresponding identity information to each original signer OS in the original signer group OSG; wherein, it is assumed that the original signer group OSG includes n original signers OS, and the ith original signer is marked as OSiWherein i ═ 1,2,3, …, n; the ith original signer OSiThe corresponding identity information is IDiN represents the total number of original signers;
receiving OS from original signeriThe sent proxy signature request information contains the original signer OSiCorresponding position information
Figure FDA0002727915350000011
Determining each original signer OS through a position location protocoliCorresponding position information
Figure FDA0002727915350000012
To each original signer OS when valid informationiSending corresponding confirmation information; and generates a proxy authorization key package
Figure FDA0002727915350000013
i=1,2,3,…,n;
Figure FDA0002727915350000014
Representing the proxy authorization key packet corresponding to the ith original signer;
sending a corresponding proxy authorization Keybag to each original signer
Figure FDA0002727915350000015
Receiving a proxy authorization certificate dw sent by a checker side, wherein the dw comprises identities, positions, signable message types and valid period information of all original signers and proxy signers;
generating a proxy signature key package pskp according to the proxy authorization certificate dw, and sending the pskp to a proxy signer PS; the proxy signing key package pskp is generated when a proxy signer is at a specified position, and the checker is any one of the original signers specified in the original signer group OSG.
2. The location-based proxy multi-signing method of claim 1, wherein the proxy authorization key package encapsulates a position location protocol, an authorization key, identity information corresponding to an original signer, identity information of a proxy signer, location information corresponding to the original signer, and location information of the proxy signer;
and a position positioning protocol, an agent signature key, identity information of an agent signer, position information of the agent signer and a signature algorithm are packaged in the agent signature key package pskp.
3. A location-based proxy multi-signature method as claimed in claim 1 or 2, wherein the position-location protocol comprises: and the global positioning system GPS protocol is used for determining the positions of the original signer and the proxy signer.
4. A proxy multiple signature method based on location, comprising:
original signer OSiSending proxy signature request information to a location-based implementation PI, wherein the proxy signature request information comprises the OS of the original signeriCorresponding position information
Figure FDA0002727915350000016
Wherein the OSiRepresenting the i-th original signer,
Figure FDA0002727915350000017
indicating the position information corresponding to the ith original signer, wherein i is 1,2,3, …, n, n indicates the total number of the original signers;
original signer OSiProxy authorization key package for receiving location-based implementation PI transmission
Figure FDA0002727915350000021
Figure FDA0002727915350000022
Representing the proxy authorization corresponding to the ith original signerA rights key package;
authorizing a key package based on a proxy
Figure FDA0002727915350000023
Determining original signer OSiWhen the position of the proxy is valid, generating corresponding proxy authorization information; the proxy authorization information comprises identity information of an original signer, position information of the original signer and a signature dw generated according to the proxy authorization key packagei,dwiIndicating the ith proxy authorization Keybag
Figure FDA0002727915350000024
A generated signature; wherein the proxy signing key package pskp is generated by a proxy signer at a specified location;
and sending the agent authorization information to a checker, wherein the checker is any one of the original signers specified in the original signer group OSG.
5. The location-based proxy multi-signing method of claim 4, wherein the proxy authorization key package encapsulates a position location protocol, an authorization key, identity information corresponding to the original signer, identity information of the proxy signer, location information corresponding to the original signer, and location information of the proxy signer.
6. A proxy multi-signature method based on location as claimed in claim 4 or 5 wherein when the original signer is used as the checker, it further comprises:
determining any one of the original signers specified in the original signer group OSG as a checker that checks the proxy authorization key package
Figure FDA0002727915350000025
Generated signature dwiWhether by the original signer OSiSo as to generate the signal of the first frequency band,
if not, the operation is invalid, and the flow is ended;
if so,
then dwiEffective, all dw judgediIf all are valid, i is 1,2,3, …, n, if all are valid, then generating proxy authorization certificate, and order
Figure FDA0002727915350000026
dw represents an agent authorization certificate, and the dw comprises identity information, position information, signable message type information and validity period information of all original signatories and agent signatories;
the proxy authorization certificate is sent to the proxy signer PS.
7. A proxy multiple signature method based on location, comprising:
receiving a proxy signature key package pskp sent by a location-based implementation PI and a proxy authorization certificate sent by an inspector; the proxy signing key package pskp is generated when a proxy signer is at a specified position, and the checker is any one original signer specified in an original signer group OSG;
determining the position information Pos of the agent signer PS according to the position positioning protocol encapsulated in the agent signing key package pskpPSIf the validity is not valid, the flow is ended;
if it is valid, the user can select the appropriate channel,
then a multiple signature is sent to the signature verifier V, said multiple signature being: (m, s, dw, pp), (m, s, dw, pp) represents a signature s for the message m, and the number of times the signature s is valid is 1;
wherein the position information PosPSEffective means that: the location information of the proxy signer PS coincides with the location information on the proxy signer PS in the proxy authorization certificate.
8. A location-based proxy multi-signature system, comprising: a location infrastructure PI, an original signer OS, a proxy signer PS and a signature verifier V; wherein,
the location infrastructure PI is configured to perform the location-based proxy multi-signature method of any one of claims 1-3;
the original signer OS is configured to execute the location-based proxy multi-signature method of any one of claims 4 to 6;
the proxy signer PS is configured to execute the location-based proxy multi-signature method of claim 7;
the signature verifier V is used for receiving a proxy multiple signature (m, s, dw, pp) sent by a proxy signer PS; wherein (m, s, dw, pp) represents a signature s for a message m, and the number of times the signature s is valid is 1;
checking whether the proxy authorization certificate is valid or not through the identity information and the position information of the original signer, the identity information and the position information of the proxy signer and the public parameter pp, and if the proxy authorization certificate is invalid, ending the process;
if yes, verifying whether s is the proxy multiple signature of the message m through a preset multiple signature verification algorithm, and if yes, confirming that the message m is really signed by the proxy signer at the specified position PosPSRepresenting the original signer group.
CN201711036923.2A 2017-10-30 2017-10-30 Proxy multiple signature method and system based on position Active CN107846281B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711036923.2A CN107846281B (en) 2017-10-30 2017-10-30 Proxy multiple signature method and system based on position

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711036923.2A CN107846281B (en) 2017-10-30 2017-10-30 Proxy multiple signature method and system based on position

Publications (2)

Publication Number Publication Date
CN107846281A CN107846281A (en) 2018-03-27
CN107846281B true CN107846281B (en) 2020-12-08

Family

ID=61681938

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711036923.2A Active CN107846281B (en) 2017-10-30 2017-10-30 Proxy multiple signature method and system based on position

Country Status (1)

Country Link
CN (1) CN107846281B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110311791A (en) * 2019-07-03 2019-10-08 郑州师范学院 A kind of message verification method, device, equipment and readable storage medium storing program for executing
CN113346992B (en) * 2021-05-27 2022-06-28 淮阴工学院 Identity-based multi-proxy signature method and device for protecting private key
CN115033912B (en) * 2022-04-20 2023-04-25 郑州轻工业大学 Medical data cross-equipment anonymous verification method, device and equipment based on blockchain

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1503932A (en) * 2001-01-23 2004-06-09 ���������˼�빫˾ Method and system for obtaining digital signatures
CN104160653A (en) * 2012-03-08 2014-11-19 英特尔公司 Multi-factor certificate authority
WO2017027134A8 (en) * 2015-08-07 2017-09-28 Qualcomm Incorporated Validating authorization for use of a set of features of a device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2003226413A1 (en) * 2002-04-15 2003-11-03 Docomo Communications Laboratories Usa, Inc. Signature schemes using bilinear mappings

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1503932A (en) * 2001-01-23 2004-06-09 ���������˼�빫˾ Method and system for obtaining digital signatures
CN104160653A (en) * 2012-03-08 2014-11-19 英特尔公司 Multi-factor certificate authority
WO2017027134A8 (en) * 2015-08-07 2017-09-28 Qualcomm Incorporated Validating authorization for use of a set of features of a device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Proxy Multi-Signature Binding Positioning Protocol;Qingshui Xue;《2014 IEEE/CIC International Conference on Communications in China (ICCC)》;20150115;第I节-第IV节,图1-2 *

Also Published As

Publication number Publication date
CN107846281A (en) 2018-03-27

Similar Documents

Publication Publication Date Title
CN103685138B (en) The authentication method of the Android platform application software that mobile interchange is online and system
CN108768652B (en) Coalition block chain bottom layer encryption method capable of resisting quantum attack
CN110247884B (en) Method, device and system for updating certificate and computer readable storage medium
WO2018177093A1 (en) Block chain processing method, accounting node, verification node and storage medium
CN104753881B (en) A kind of WebService safety certification access control method based on software digital certificate and timestamp
JP2019519987A (en) Block chain based identity authentication method, device, node and system
CN113301022B (en) Internet of things equipment identity security authentication method based on block chain and fog calculation
CN106452782A (en) Method and system for producing a secure communication channel for terminals
CN103167491A (en) Authentication method of mobile terminal uniqueness based on software digital certificate
CN113743921B (en) Digital asset processing method, device, equipment and storage medium
CN103532966A (en) Device and method supporting USB-KEY-based SSO (single sign on) of virtual desktop
CN107846281B (en) Proxy multiple signature method and system based on position
CN110071807B (en) Block chain point-to-point node authentication method, system and computer readable storage medium
JP2023544529A (en) Authentication methods and systems
WO2014110877A1 (en) Mobile terminal device and user authentication method based on pki technology
WO2023024487A1 (en) Blockchain-based interconnected vehicle authentication system and method
US20080301793A1 (en) Apparatus and method of verifying online certificate for offline device
Bruni et al. Formal security analysis of the MaCAN protocol
EP2262165B1 (en) User generated content registering method, apparatus and system
CN110278082A (en) A kind of the group member dissemination method and equipment of group's digital signature
CN111541660B (en) Identity authentication method for remote vehicle control
CN114092092B (en) Decentralized digital certificate management system based on threshold signature and use method
CN108632037B (en) Public key processing method and device of public key infrastructure
CN108833104A (en) A kind of signature method, verification method and the device of file
WO2019178762A1 (en) Method, server, and system for verifying validity of terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant