Deprecated: The each() function is deprecated. This message will be suppressed on further calls in /home/zhenxiangba/zhenxiangba.com/public_html/phproxy-improved-master/index.php on line 456
JPH0237147B2 - - Google Patents
[go: Go Back, main page]

JPH0237147B2 - - Google Patents

Info

Publication number
JPH0237147B2
JPH0237147B2 JP59123121A JP12312184A JPH0237147B2 JP H0237147 B2 JPH0237147 B2 JP H0237147B2 JP 59123121 A JP59123121 A JP 59123121A JP 12312184 A JP12312184 A JP 12312184A JP H0237147 B2 JPH0237147 B2 JP H0237147B2
Authority
JP
Japan
Prior art keywords
signature
document
public
information
creator
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
JP59123121A
Other languages
Japanese (ja)
Other versions
JPS612445A (en
Inventor
Tatsuaki Okamoto
Akira Shiraishi
Tsukasa Kawaoka
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NTT Inc
Original Assignee
Nippon Telegraph and Telephone Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp filed Critical Nippon Telegraph and Telephone Corp
Priority to JP59123121A priority Critical patent/JPS612445A/en
Publication of JPS612445A publication Critical patent/JPS612445A/en
Publication of JPH0237147B2 publication Critical patent/JPH0237147B2/ja
Granted legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)

Description

【発明の詳細な説明】 〔産業上の利用分野〕 本発明は、文書をデイジタル情報として送受信
するシステムにおいて、文書の作成責任者を受信
者及び第3者が検証できるように、文書に署名を
付加して通信する通信方式に関する。
[Detailed Description of the Invention] [Industrial Application Field] The present invention provides a system for transmitting and receiving documents as digital information, in which a document is signed so that the recipient and a third party can verify the person responsible for creating the document. It relates to a communication method for additional communication.

〔従来技術〕[Prior art]

従来の署名文書通信方式としては、RSA法に
代表される公開鍵暗号を用いた方式(R.L.
Rivest,et,al,:“A Method for Obtaining
Digital Signatures and Public−Key
Cryptosystems”Communications on ACM,
vol,2,No.2,pp.120〜126,1978)が最も有望
な方式であるとされている。しかし、この方式で
は署名作成者対応に公開情報を公開簿に登録する
必要があり、多数の署名作成者(送信者)がシス
テムに存在する場合、公開簿の維持、管理に多大
なコストを要するという欠点がある。さらに、文
書通信システム内のどの装置でもローカルに全て
の署名文書の検証が行えるような分散処理システ
ムでは、各装置で全送信者の公開情報を維持・管
理する必要があり、従来のこのような分散処理シ
ステムに適用することは困難である。
Conventional signed document communication methods include methods using public key cryptography (RL) represented by the RSA method.
Rivest, et al.: “A Method for Obtaining
Digital Signatures and Public−Key
Cryptosystems”Communications on ACM,
Vol. 2, No. 2, pp. 120-126, 1978) is said to be the most promising method. However, with this method, it is necessary to register public information in a public register in order to correspond to signature creators, and if a large number of signature creators (senders) exist in the system, maintaining and managing the public register requires a large amount of cost. There is a drawback. Furthermore, in a distributed processing system where any device in the document communication system can locally verify all signed documents, each device must maintain and manage public information for all senders, which is difficult to do in the past. It is difficult to apply to distributed processing systems.

〔発明の目的〕[Purpose of the invention]

本発明の目的は全署名作成者に対して唯一に共
通な公開情報を用いて署名文書の検証を可能とな
る署名文書通信方式を提供することにある。
SUMMARY OF THE INVENTION An object of the present invention is to provide a signed document communication system that enables verification of a signed document using public information that is uniquely common to all signature creators.

〔発明の実施例〕 本発明では、前出のRSA公開鍵暗号法及び指
数合同関数演算を利用する。
[Embodiments of the Invention] In the present invention, the above-mentioned RSA public key cryptography and exponential congruence function operation are used.

最初、第2図により署名作成/検証を行う前に
設定すべき情報について説明する。まず、システ
ムに唯一存在するシステム管理ユニツト3(例え
ば特別に保護されたプログラムで動作する装置)
は、次の関係によりp、q、n、e、d、Ai(i
=1、2、…)を秘密に生成する。以下、特に断
らない限り、各変数はすべて正の整数とする。
First, information to be set before signature creation/verification will be explained with reference to FIG. First, the system management unit 3, which is the only one in the system (e.g. a device running a specially protected program)
is p, q, n, e, d, Ai(i
=1, 2,...) secretly. In the following, all variables are assumed to be positive integers unless otherwise specified.

p、q:素数 (1) n=p・q (2) e・d=1(modL) (3) ただし、L=LCM〔(p−1)、(q−1)〕(LCM
〔x、y〕は、x、yの最小公倍数) 1≦e≦L−1、1≦d≦L−1 Ai≡IDid(modn) (4) ここで、IDiは署名作成者iの識別番号である。
p, q: Prime numbers (1) n=p・q (2) e・d=1 (modL) (3) However, L=LCM [(p-1), (q-1)] (LCM
[x, y] is the least common multiple of x, y) 1≦e≦L−1, 1≦d≦L−1 Ai≡IDi d (modn) (4) Here, IDi is the identification of signature creator i It's a number.

以上において、e、dはRSA公開鍵暗号法の
公開鍵、秘密鍵に対応する。また、p・qの生成
アルゴリズム、式(3)、(4)の演算アルゴリズムにつ
いては、前出のRivest等の論文、並びにD.E.
Knuth氏の著書“The Art of Computer
Prgramming,vol.2”(Addison−Wesley,
1969)に述べられている。
In the above, e and d correspond to the public key and private key of RSA public key cryptography. Regarding the generation algorithm of p and q and the calculation algorithm of equations (3) and (4), please refer to the aforementioned paper by Rivest et al. and DE
Knuth’s book “The Art of Computer
"Programming, vol. 2" (Addison-Wesley,
(1969).

上記各情報を生成したシステム管理ユニツト3
は、(p、q、d)を秘密に保持すると共に、Ai
を各署名作成者1,2,…の局へ送り、(e、n)
を公開情報として受信側(署名検証者)5の局の
公開簿51に登録する。ここで、公開簿の情報は
受信側以外のユツトが保持しておいても良い。
System management unit 3 that generated the above information
holds (p, q, d) secret and Ai
is sent to the station of each signature creator 1, 2, ..., (e, n)
is registered as public information in the public register 51 of the station on the receiving side (signature verifier) 5. Here, the information in the public list may be held by a unit other than the receiving side.

次に第1図に従つて、本発明による署名作成/
検証を説明する。まず、送信側4(署名作成者1
の局に対応)は、署名する文書mを2進数で表現
された整数と考え、次の式を満足するようにmを
mj(j=1、2、…)に分割する。
Next, according to FIG. 1, signature creation/
Explain verification. First, sender 4 (signature creator 1
) considers the document m to be signed as an integer expressed in binary and sets m so that it satisfies the following formula:
Divide into m j (j=1, 2,...).

0≦mj≦n−1 (5) 以降、この分割されたmjを簡単にmと記す。 0≦m j ≦n−1 (5) Hereinafter, this divided m j will be simply written as m.

次に、送信側4は乱数発生器42より乱数q
(1≦q≦n−1)を生成し、メモリ40,41
に保持されたm、ID1、A1、n及び乱数発生器4
0のqにより、指数合同演算器43,44,4
4′、合同乗算器45、及び指数合同演算器46
を用いて、次の関係を持つ値S、Tを生成し、
m、ID1と共に受信側に送る。
Next, the sending side 4 receives a random number q from the random number generator 42.
(1≦q≦n-1) and memory 40, 41
m, ID 1 , A 1 , n and random number generator 4 held in
Due to q of 0, exponential congruence calculators 43, 44, 4
4', congruence multiplier 45, and exponent congruence operator 46
, generate values S and T with the following relationship,
m, and send it to the receiving side with ID 1 .

指数合同関数演算とは、バイナリ値のa、b、
nを入力しab(mod n)を出力する演算である。
Exponential congruence function operation is the binary value a, b,
This is an operation that inputs n and outputs a b (mod n).

S≡A1・A1 mgT(modn) (6) T≡ID1 g(modn) (7) 受信側5では、公開簿(メモリ)51に保持し
ておいた公開情報e、n及び送信側4からの受信
情報m、S、T、ID1より、指数合同演算器5
2,52′と合同乗算器53でID1・Tm、指数合
同演算器54でSeを生成し、比較器55を用い
て、 Se≡ID1・TmT(modn) (8) の関係が成立するかどうかを検証する。この関係
が成立すれば、mを作成したものは識別番号ID1
を持つ者1であることを認証する。
S≡A 1・A 1 mgT (modn) (6) T≡ID 1 g (modn) (7) On the receiving side 5, the public information e, n held in the public list (memory) 51 and the transmitting side From the received information m, S, T, ID 1 from 4, exponent congruence calculator 5
2, 52', the congruence multiplier 53 generates ID 1・T m , the exponent congruence calculator 54 generates S e , and the comparator 55 generates S e ≡ID 1・T mT (modn) (8) Verify whether the relationship holds. If this relationship holds true, the creator of m has the identification number ID 1
Authenticate that you are the person with the

このように、本発明ではシステムに共通な単一
の公開情報のみを用いて、すべての署名者の署名
検証ができる。つまり、(2)、(3)式で生成した公開
情報(e、n)は、システムに共通な単一な公開
情報であり、これを用いた(8)式により署名の検証
を行う。つまり、署名文書となる(m、S、T、
ID)の正当性は、(e、n)を用いて(8)式で検証
できる。
In this manner, the present invention allows signature verification of all signers using only a single piece of public information common to the system. In other words, the public information (e, n) generated by formulas (2) and (3) is a single public information common to the system, and the signature is verified using formula (8). In other words, it becomes a signed document (m, S, T,
The validity of ID) can be verified using equation (8) using (e, n).

なお、上記した式(4)、(7)、(8)において、ID1
かわりにh(ID1)を用いてもよい。ここでhは
任意の一方向性関数あり、h(x)よりxを求め
ることが困難な関数である。一方向性関数の具体
例については、W.Diffie等の論文“A New
Direction in Cryptography”(IEEE Trans.
Inform.Theory,IT−22,6,344〜654頁、
1976)に述べられている。
Note that in the above equations (4), (7), and (8), h(ID 1 ) may be used instead of ID 1 . Here, h is an arbitrary one-way function, and is a function in which it is difficult to obtain x from h(x). For a concrete example of a one-way function, see the paper “A New
“Direction in Cryptography” (IEEE Trans.
Inform.Theory, IT-22, 6, pp. 344-654,
(1976).

また、以上述べた手順において、式(6)、(8)の代
りに次の式(6−1)、(8−1)を用いてもよ
い。
Furthermore, in the procedure described above, the following equations (6-1) and (8-1) may be used instead of equations (6) and (8).

S≡Ai・Aiq S≡Ai・Ai q

Claims (1)

【特許請求の範囲】[Claims] 1 文書をデイジタル情報として局間で送受信す
るシステムにおいて、システム管理ユニツトがシ
ステム内に唯一存在し、該システム管理ユニツト
は、自分のみが秘密に保持する情報と各署名作成
者の識別番号を用いて、各署名作成者の署名用秘
密情報を秘密に生成し、各署名作成者局に配布す
ると共に、各署名検証者局で共通に用いられる公
開情報を生成し、公開簿に登録しておき、文書の
送信時、送信側の局(署名作成者局)は送信する
文書に対して、前記署名用秘密情報と該文書から
指数合同関数演算を基本として、該文書に付加す
る署名を作成して該文書と共に送信し、受信側の
局(署名検証者局)は受信した文書と署名に対
し、前記公開簿に登録されている公開情報を用い
て指数合同演算を基本として、受信した文書の作
成責任者の検証を行うことを特徴とする署名文書
通信方式。
1. In a system in which documents are sent and received between offices as digital information, there is only a system management unit within the system, and this system management unit uses information that is kept secret only by itself and the identification number of each signature creator. , secretly generate signature secret information of each signature creator and distribute it to each signature creator bureau, and generate public information commonly used by each signature verifier bureau and register it in a public register, When transmitting a document, the transmitting station (signature creator station) creates a signature to be added to the document to be transmitted based on the signature secret information and the document using an exponential congruence function operation. The receiving station (signature verifier station) creates the received document based on exponential congruence calculation using the public information registered in the public register for the received document and signature. A signature document communication method characterized by verifying the person in charge.
JP59123121A 1984-06-15 1984-06-15 Signature document communication system Granted JPS612445A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP59123121A JPS612445A (en) 1984-06-15 1984-06-15 Signature document communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP59123121A JPS612445A (en) 1984-06-15 1984-06-15 Signature document communication system

Publications (2)

Publication Number Publication Date
JPS612445A JPS612445A (en) 1986-01-08
JPH0237147B2 true JPH0237147B2 (en) 1990-08-22

Family

ID=14852701

Family Applications (1)

Application Number Title Priority Date Filing Date
JP59123121A Granted JPS612445A (en) 1984-06-15 1984-06-15 Signature document communication system

Country Status (1)

Country Link
JP (1) JPS612445A (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS6354038A (en) * 1986-08-22 1988-03-08 Nec Corp Key distributing device
US5016274A (en) * 1988-11-08 1991-05-14 Silvio Micali On-line/off-line digital signing
US5341162A (en) * 1992-08-24 1994-08-23 Xerox Corporation Liquid deagassing apparatus

Also Published As

Publication number Publication date
JPS612445A (en) 1986-01-08

Similar Documents

Publication Publication Date Title
US10530585B2 (en) Digital signing by utilizing multiple distinct signing keys, distributed between two parties
Okamoto A digital multisignature scheme using bijective public-key cryptosystems
US7093133B2 (en) Group signature generation system using multiple primes
Shao Proxy signature schemes based on factoring
EP0503119B1 (en) Public key cryptographic system using elliptic curves over rings
US8069347B2 (en) Method for the application of implicit signature schemes
US7996676B2 (en) Masked digital signatures
US6154841A (en) Digital signature method and communication system
JP3522447B2 (en) Authentication exchange method and additional public electronic signature method
EP1964306B1 (en) Group signature scheme with improved efficiency, in particular in a join procedure
US9882890B2 (en) Reissue of cryptographic credentials
Okamoto et al. Identity-based information security management system for personal computer networks
KR0144086B1 (en) Certificate Exchange and Digital Signature Method
JP2002534701A (en) Auto-recoverable, auto-encryptable cryptosystem using escrowed signature-only keys
Hwang et al. An untraceable blind signature scheme
JP2956709B2 (en) Public key generation method and apparatus
JP3513324B2 (en) Digital signature processing method
JPH0237147B2 (en)
CA2306468A1 (en) Signature verification for elgamal schemes
JP2904819B2 (en) Digital signature method
JP2868104B2 (en) Digital signature method based on elliptic curve, signer device and verifier device
Zheng Signcryption or how to achieve cost (signature & encryption)<< cost (signature)+ cost (encryption)
Lim et al. The Korean certificate-based digital signature algorithm
JP2629452B2 (en) Public key generation method and key sharing method
Lin RPCAE: a novel revocable proxy convertible authenticated encryption scheme

Legal Events

Date Code Title Description
EXPY Cancellation because of completion of term