[go: up one dir, main page]

CN109743180A - Proxy signature method based on state secrets - Google Patents

Proxy signature method based on state secrets Download PDF

Info

Publication number
CN109743180A
CN109743180A CN201910008410.3A CN201910008410A CN109743180A CN 109743180 A CN109743180 A CN 109743180A CN 201910008410 A CN201910008410 A CN 201910008410A CN 109743180 A CN109743180 A CN 109743180A
Authority
CN
China
Prior art keywords
signature
signer
proxy
seal
agency
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910008410.3A
Other languages
Chinese (zh)
Inventor
彭长根
魏自强
张爽
王艳
方粘粘
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guizhou University
Original Assignee
Guizhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guizhou University filed Critical Guizhou University
Priority to CN201910008410.3A priority Critical patent/CN109743180A/en
Publication of CN109743180A publication Critical patent/CN109743180A/en
Pending legal-status Critical Current

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明公开了一种基于国密的代理签章方法。本发明能很好的解决特殊情况下签章问题,及认证问题。且可操作性好,能保证签章的不可伪造性,在出现争议时代理签章者的身份可以恢复出来,满足原始签章者和代理签章者的不可否认性。并能限制代理签章者权利范围和代理签章的时间范围等。

The invention discloses an agent signature method based on national secrets. The present invention can well solve the problem of signature and authentication under special circumstances. And the operability is good, which can ensure the unforgeability of the signature, and the identity of the proxy signer can be recovered in the event of a dispute, which satisfies the non-repudiation of the original signer and the proxy signer. And can limit the scope of the rights of the agent signer and the time range of the agent's signature.

Description

Based on state it is close act on behalf of signature method
Technical field
The present invention relates to computer security technical field, it is specially a kind of based on state it is close act on behalf of signature method.
Background technique
It can have both the double action of traditional seal and digital signature to Electronic Signature, in identification all person of Electronic Signature Part, it guarantees data integrity, also there is anti-tamper function on the basis of genuineness of document, signature reliability, document validity, it is right Signature owner has editable, manageable function.But in some special circumstances, such as stamped signature people needs when going on business Stamped signature is carried out to document, at this point, limitation is very big for traditional Electronic Signature scheme, therefore allograph strategy is answered With in Electronic Signature, can be very good to meet above-mentioned special circumstances, also can promote the development of e-commerce and e-government.
Summary of the invention
In view of the deficiencies of the prior art, the present invention provides it is a kind of based on state it is close act on behalf of signature method, it can be good Solve the problems, such as stamped signature in special circumstances and authentication question.And operability is good.
In order to achieve the above object, the present invention is achieved by the following technical programs: based on state it is close act on behalf of signature method, The stamped signature right of oneself is entrusted to and acts on behalf of stamped signature people by original stamped signature people, and the stamped signature people that acts on behalf of for obtaining the commission of stamped signature right represents original Beginning stamped signature life is embedded into stamped signature at digital signature, and by Proxy Digital Signature, carries out acting on behalf of stamped signature person's stamped signature process, and Identifier verifies the validity of allograph during person's stamped signature of acting on behalf of stamped signature.
Concrete operations include the following steps:
1) it initializes: selected stamped signature security parameter, original stamped signature person and the key pair for the person that acts on behalf of stamped signature;
2) original stamped signature person licensing process: original stamped signature person passes through original stamped signature person public key, person's public key of acting on behalf of stamped signature, original Stamped signature person private key and the certificate of authority authorize to generate;
3) verifying authorization: acting on behalf of stamped signature, person verifies whether authorization is legal, and verifying is not by terminating stamped signature;When being verified Make, carries out next step operation;
4) allograph: acting on behalf of after stamped signature people passes through, and is plucked by the Hash of act on behalf of stamped signature person's private key, authorization and electronic document Generate allograph;
5) watermark is embedded in: allograph being embedded into seal picture by watermarking algorithm, is formed with agency's label Name acts on behalf of E-seal;
6) document agent stamped signature person carries out capping step 5 to document) act on behalf of seal, form the electronics text after agency affixes one's seal Shelves;
7) verification process of stamped signature is acted on behalf of:
A) extract seal: the E-seal in electronic document after agency is affixed one's seal extracts, and obtains E-seal;
B) watermarking agent signature extracts: extracting the allograph in E-seal using watermark extraction algorithm;
C) act on behalf of stamped signature verifying: by the Hash abstract of electronic document, allograph, the certificate of authority, acting on behalf of stamped signature, person is public Key and original stamped signature person public key carry out acting on behalf of stamped signature verifying;Effectively, then it is effective to act on behalf of stamped signature for verifying, and it is invalid otherwise to act on behalf of stamped signature.
The certificate of authority described in the step 2) and step c) includes original stamped signature person identity information, the person that acts on behalf of stamped signature Interest field and the time restriction for acting on behalf of stamped signature.
Beneficial effect
Compared with prior art, the present invention can solve stamped signature problem and authentication question in special circumstances.And it can grasp The property made is good, can guarantee the unforgeable of stamped signature, and the identity for the person that acts on behalf of stamped signature when disputing on can recover, and meets former The non-repudiation of beginning stamped signature person and the person that acts on behalf of stamped signature.And the time model that person's interest field of acting on behalf of stamped signature can be limited and act on behalf of stamped signature It encloses.
Detailed description of the invention
Fig. 1 is the flow chart for acting on behalf of stamped signature of the invention;
Fig. 2 is the flow chart that stamped signature is acted on behalf of in present invention verifying.
Specific embodiment
Below will with national standard SM2, SM3, invention is further explained, but be not intended as restriction of the invention.
The embodiment of the present invention 1: based on state it is close act on behalf of signature method, wherein original stamped signature person, the person that acts on behalf of stamped signature are from can The third party of letter obtains SM2 key pair.
1) stamped signature security parameter is selected, original stamped signature person is generated, person's SM2 key pair of acting on behalf of stamped signature.
2) original stamped signature person passes through original stamped signature person public key, act on behalf of stamped signature person's public key, original stamped signature person private key and warrant Book authorizes to generate.Wherein the certificate of authority includes original stamped signature person identity information, person's interest field of acting on behalf of stamped signature and acts on behalf of stamped signature Time restriction etc..Such as: 2 months 2018 on March 1st, 1 day 1, Lee was to the commission of internal and more Low Security Level file in generation Stamped signature person Zhang's stamped signature is managed, acting on behalf of stamped signature, person Zhang is effective to authority institute stamped signature.Wherein, the time of stamped signature is acted on behalf of: 2018 2 months on March 1st, 1 day 1 of year;Person's interest field of acting on behalf of stamped signature: internal and more Low Security Level file;Original stamped signature person: Lee; The person Zhang that acts on behalf of stamped signature.
3) person that acts on behalf of stamped signature verifies whether authorization is legal, and verifying is by terminating stamped signature;Make when being verified, carries out next Step operation.
4) abstract of electronic document is generated using national standard SM3.
5) stamped signature people is acted on behalf of to pass through, person's private key of acting on behalf of stamped signature, authorization, electronic document summarization generation allograph.
6) allograph is embedded into seal picture by watermarking algorithm, forms agency's electricity with allograph Sub- seal.
7) person that acts on behalf of stamped signature covers and acts on behalf of seal.
8) electronic document after agency affixes one's seal is formed.
8) act on behalf of the verification process of stamped signature: the E-seal in electronic document after agency is affixed one's seal extracts, and obtains E-seal.The allograph in E-seal is extracted using watermark extraction algorithm.By SM3 generate electronic document abstract, Allograph, the certificate of authority, person's public key of acting on behalf of stamped signature, original stamped signature person public key carry out acting on behalf of stamped signature verifying.Verifying is effective, then generation It is effective to manage stamped signature, it is invalid otherwise to act on behalf of stamped signature.
It although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with A variety of variations, modification, replacement can be carried out to these embodiments without departing from the principles and spirit of the present invention by understanding And modification, the scope of the present invention is defined by the appended.

Claims (3)

1.一种基于国密的代理签章方法,其特征在于:原始签章人将自己的签章权利委托给代理签章人,获得签章权利委托的代理签章人代表原始签章人生成数字签名,并将代理数字签名嵌入到签章中,进行代理签章者签章过程,并在代理签章者签章过程中验证人验证代理签名的有效性。1. a kind of agency signature method based on state secret, it is characterized in that: the original signer entrusts his signature right to the agency signer, and the agency signer that obtains the entrustment of the signature right generates on behalf of the original signer. Digital signature, and the proxy digital signature is embedded in the signature, the proxy signer's signature process is performed, and the verifier verifies the validity of the proxy signature during the proxy signer's signature process. 2.根据权利要求1所述的基于国密的代理签章方法,其特征在于,具体操作包括如下步骤:2. the agency signature method based on state secret according to claim 1, is characterized in that, concrete operation comprises the steps: 1)初始化:选定签章安全参数、原始签章者及代理签章者的密钥对;1) Initialization: Select the signature security parameters, the key pair of the original signer and the proxy signer; 2)原始签章者授权过程:原始签章者通过原始签章者公钥、代理签章者公钥、原始签章者私钥及授权证书来生成授权;2) Authorization process of the original signer: The original signer generates authorization through the original signer's public key, the proxy signer's public key, the original signer's private key and the authorization certificate; 3)验证授权:代理签章者验证授权是否合法,验证不通过结束签章;当验证通过使,进行下一步操作;3) Verify authorization: The agent signer verifies whether the authorization is legal, and if the verification fails, the signature is ended; when the verification is passed, the next step is performed; 4)代理签名:代理签章人通过后,通过代理签章者私钥、授权及电子文档的Hash摘要生成代理签名;4) Proxy signature: After the proxy signer passes, the proxy signature is generated through the proxy signer's private key, authorization and Hash digest of the electronic document; 5)水印嵌入:通过水印嵌入算法把代理签名嵌入到印章图片中,形成带有代理签名的代理电子印章;5) Watermark embedding: the proxy signature is embedded in the seal image through the watermark embedding algorithm to form a proxy electronic seal with the proxy signature; 6)加盖代理印章:文档代理签章者对文档进行加盖步骤5)的代理印章,形成代理盖章后的电子文档;6) Affixing the agency seal: the document agency signer affixes the agency seal of step 5) to the document to form an electronic document after the agency seal; 7)代理签章的验证过程:7) The verification process of the agent's signature: a)提取印章:将代理盖章后的电子文档中的电子印章提取出来,得到电子印章;a) Extract seal: extract the electronic seal from the electronic document sealed by the agent to obtain the electronic seal; b)水印代理签名提取:利用水印提取算法提取电子印章中的代理签名;b) Watermark proxy signature extraction: extract the proxy signature in the electronic seal by using the watermark extraction algorithm; c)代理签章验证:通过电子文档的Hash摘要、代理签名、授权证书、代理签章者公钥及原始签章者公钥进行代理签章验证;验证有效,则代理签章有效,否则代理签章无效。c) Proxy signature verification: the proxy signature verification is performed through the Hash digest, proxy signature, authorization certificate, proxy signer public key and original signer public key of the electronic document; if the verification is valid, the proxy signature is valid, otherwise the proxy Signature is invalid. 3.根据权利要求2所述的本地化加密防护的个人云存储数据保险箱装置,其特征在于:所述的步骤2)及步骤c)中所述的授权证书包括原始签章者身份信息、代理签章者权利范围和代理签章的时间限制。3. The personal cloud storage data safe device of localized encryption protection according to claim 2, is characterized in that: the authorization certificate described in described step 2) and step c) comprises original signer identity information, agent The scope of the signer's rights and the time limit for the agent's signing.
CN201910008410.3A 2019-01-04 2019-01-04 Proxy signature method based on state secrets Pending CN109743180A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910008410.3A CN109743180A (en) 2019-01-04 2019-01-04 Proxy signature method based on state secrets

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910008410.3A CN109743180A (en) 2019-01-04 2019-01-04 Proxy signature method based on state secrets

Publications (1)

Publication Number Publication Date
CN109743180A true CN109743180A (en) 2019-05-10

Family

ID=66363430

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910008410.3A Pending CN109743180A (en) 2019-01-04 2019-01-04 Proxy signature method based on state secrets

Country Status (1)

Country Link
CN (1) CN109743180A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110795762A (en) * 2019-10-30 2020-02-14 贵州大学 Format-preserving encryption method based on stream cipher

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6363479B1 (en) * 1998-07-22 2002-03-26 Entrust Technologies Limited System and method for signing markup language data
JP2002222251A (en) * 2001-01-25 2002-08-09 Nippon Telegr & Teleph Corp <Ntt> Authority transfer type service execution method and method, and recording medium recording authority transfer type service execution program
TWI240533B (en) * 2004-03-22 2005-09-21 Ind Tech Res Inst Group-oriented proxy signature method and system
CN101267296A (en) * 2008-04-25 2008-09-17 武汉理工大学 An Efficient Authorized Electronic Signature Method Without Certification Center
CN101329750A (en) * 2008-07-24 2008-12-24 武汉理工大学 Anti-counterfeit seal generation and verification method with file content protection function
CN101894238A (en) * 2010-08-09 2010-11-24 中国人民解放军海军工程大学 Word document electronic seal system and method based on double authentication

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6363479B1 (en) * 1998-07-22 2002-03-26 Entrust Technologies Limited System and method for signing markup language data
JP2002222251A (en) * 2001-01-25 2002-08-09 Nippon Telegr & Teleph Corp <Ntt> Authority transfer type service execution method and method, and recording medium recording authority transfer type service execution program
TWI240533B (en) * 2004-03-22 2005-09-21 Ind Tech Res Inst Group-oriented proxy signature method and system
CN101267296A (en) * 2008-04-25 2008-09-17 武汉理工大学 An Efficient Authorized Electronic Signature Method Without Certification Center
CN101329750A (en) * 2008-07-24 2008-12-24 武汉理工大学 Anti-counterfeit seal generation and verification method with file content protection function
CN101894238A (en) * 2010-08-09 2010-11-24 中国人民解放军海军工程大学 Word document electronic seal system and method based on double authentication

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110795762A (en) * 2019-10-30 2020-02-14 贵州大学 Format-preserving encryption method based on stream cipher
CN110795762B (en) * 2019-10-30 2023-04-11 贵州大学 Reserved format encryption method based on stream cipher

Similar Documents

Publication Publication Date Title
WO2014154109A1 (en) Generating method, verifying method for electronic bill with anti-fake two dimension (2d) code and system for same
US20080016357A1 (en) Method of securing a digital signature
US20100205431A1 (en) System, method and program product for checking revocation status of a biometric reference template
CN101729256A (en) Security certificate method based on fingerprint, cryptographic technology and fragile digital watermark
CN105635070B (en) Anti-counterfeiting method and system for digital file
CN102427449A (en) Trusted mobile storage method based on security chips
CN100337423C (en) Method of handling secrecy, authentication, authority management and dispersion control for electronic files
CN113824564B (en) Online signing method and system based on blockchain
CN110837634B (en) Electronic signature method based on hardware encryption machine
CN116611082A (en) A File Electronic Signature Algorithm That Can Improve the Security of Electronic Signature
CN113486998A (en) Method for generating and verifying anti-counterfeiting mark of stamped file based on chip stamp
CN107316182A (en) A kind of generation method of electronic contract chain of evidence and generation system
KR100908100B1 (en) System and Method for Mutual Synchronization Using Encrypted Image with Matrosica Structure
Uludag Secure biometric systems
Salih et al. Integrated Digital Signature Based Watermarking Technology for Securing Online Electronic Documents
CN101534296B (en) Public network information integrity and time point existence proof method and system
CN110309677A (en) A kind of secure anti-counterfeiting method and system of electronics license
CN112583772A (en) Data acquisition and storage platform
CN109743180A (en) Proxy signature method based on state secrets
CN104518880A (en) Big data reliability validation method and system based on random sampling detection
ES2972228T3 (en) Digitized handwritten signature authentication
TWI482480B (en) System and method for updating digital certificates automatically
JP2003134108A (en) Electronic signature system, electronic signature verification device, electronic signature verification method, program, and recording medium
CN115659412A (en) Personal electronic seal signature and verification method
CN102096788A (en) Method and device for encrypting official document and method and device for verifying official document

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190510

RJ01 Rejection of invention patent application after publication