PROBLEM TO BE SOLVED: To achieve a security-guaranteed efficient blind signature without depending upon a Hash function.;SOLUTION: A blind signature generating apparatus 10 generates private keys x, y, z and public keys g1, g2, w=g2x, u=g2y and v=g2z, selects (r) at random, computes h=g2r and sends them to user equipment 20. The user equipment 20 selects (s), R at random, computes X=g1m(u)(v)s((wh))R and sends them to the blind signature generating apparatus 10. The blind signature generating apparatus 10 selects L at random, computes Y=(Xg1Lz)1/(x+r) and sends (Y, L) to the user equipment 20. The user equipment 20 selects (t) at random, computes =(Y/g1R)1/t, =wt-1ht, =s+L mod p and sends (m) and its blind signature (,,) to a blind signature verifying apparatus 30. The blind signature verifying apparatus 30 verifies whether or not 1, is an element of G2 and e(,w)=e(g1, g2muv) is established.;COPYRIGHT: (C)2007,JPO&INPIT
展开▼
机译:解决的问题:为了在不依赖于哈希函数的情况下实现安全保证的有效盲签名。解决方案:盲签名生成设备10生成私钥x,y,z和公钥g 1 Sub> ,g 2 Sub>,w = g 2 Sub> x Sup>,u = g 2 Sub> y Sup>和v = g 2 Sub> z Sup>,随机选择(r),计算h = g 2 Sub> r Sup>并发送它们将它们发送给用户设备20。用户设备20随机选择一个或多个R,计算X = g 1 Sub> m Sup>(u)(v) s < / Sup>((wh)) R Sup>并将它们发送给盲签名生成设备10。盲签名生成设备10随机选择L,计算Y =(Xg 1 Sub > Lz Sup>) 1 /(x + r) Sup>并将(Y,L)发送到用户设备20。用户设备20随机选择(t),计算= (Y / g 1 Sub> R Sup>) 1 / t Sup>,= w t-1 Sup> h t < / Sup>,= s + L mod p并将(m)及其盲签名(,,)发送给盲签名验证盲签名验证设备30验证1是否为G 2 Sub>的元素,并且e(,w)= e(g 1 Sub>,g < Sub> 2 Sub> m Sup> uv )已建立。;版权:(C)2007,JPO&INPIT
展开▼