Digital signature generation apparatus, digital signature verification apparatus, and key generation apparatus
First Claim
1. A digital signature generation apparatus comprising:
- a memory to store (1) a finite field Fq and (2) a section D(ux(s, t), uy(s, t), s, t) as a secret key, the section being one of surfaces of a three-dimensional manifold A(x, y, s, t) which is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t and is defined on the finite field Fq, the x-coordinate and y-coordinate of the section being expressed by functions of the parameter s and the parameter t;
a calculation unit configured to calculate a hash value of a message m;
a first generation unit configured to generate a hash value polynomial by embedding the hash value in a 1-variable polynomial h(t) defined on the finite field Fq; and
a second generation unit configured to generate a digital signature Ds(Ux(t), Uy(t), t) which is a curve on the section, the x-coordinate and y-coordinate of the curve being expressed by functions of the parameter t, by substituting the hash value polynomial in the parameter s of the section.
1 Assignment
0 Petitions
Accused Products
Abstract
A digital signature generation apparatus includes memory to store finite field Fq and section D(ux(s, t), uy(s, t), s, t) as secret key, section being one of surfaces of three-dimensional manifold A(x, y, s, t) which is expressed by x-coordinate, y-coordinate, parameter s, and parameter t and is defined on finite field Fq, x-coordinate and y-coordinate of section being expressed by functions of parameter s and parameter t, calculates hash value of message m, generates hash value polynomial by embedding hash value in 1-variable polynomial h(t) defined on finite field Fq, and generates digital signature Ds(Ux(t), Uy(t), t) which is curve on section, the x-coordinate and y-coordinate of curve being expressed by functions of parameter t, by substituting hash value polynomial in parameter s of section.
22 Citations
18 Claims
-
1. A digital signature generation apparatus comprising:
-
a memory to store (1) a finite field Fq and (2) a section D(ux(s, t), uy(s, t), s, t) as a secret key, the section being one of surfaces of a three-dimensional manifold A(x, y, s, t) which is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t and is defined on the finite field Fq, the x-coordinate and y-coordinate of the section being expressed by functions of the parameter s and the parameter t; a calculation unit configured to calculate a hash value of a message m; a first generation unit configured to generate a hash value polynomial by embedding the hash value in a 1-variable polynomial h(t) defined on the finite field Fq; and a second generation unit configured to generate a digital signature Ds(Ux(t), Uy(t), t) which is a curve on the section, the x-coordinate and y-coordinate of the curve being expressed by functions of the parameter t, by substituting the hash value polynomial in the parameter s of the section. - View Dependent Claims (2)
-
-
3. A digital signature verification apparatus comprising:
-
a memory to store a finite field Fq and a polynomial of a three-dimensional manifold A(x, y, s, t) which is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t and is defined on the finite field Fq; a first input unit configured to input a message m; a second input unit configured to input a digital signature Ds;
(Ux(t), Uy(t), t) corresponding to the message m, the digital signature being a curve on a section D(ux(s, t), uy(s, t), s, t) which is one of surfaces of the three-dimensional manifold A(x, y, s, t), the x-coordinate and y-coordinate of the section being expressed by functions of the parameter t, the digital signature being generated by using the section as a secret keya first calculation unit configured to calculate a hash value of the message m; a generation unit configured to generate a hash value polynomial by embedding the hash value in a 1-variable polynomial for the parameter t defined on the finite field Fq; a second calculation unit configured to calculate an algebraic surface X(x, y, t) corresponding to the hash value by substituting the hash value polynomial in the parameter s of the polynomial stored in the memory; and a verification unit configured to verifying authenticity of the message and the digital signature by substituting a function Ux(t) representing the x-coordinate of the digital signature and a function Uy(t) representing the y-coordinate of the digital signature in an x-coordinate and a y-coordinate, respectively, of the algebraic surface X(x, y, t).
-
-
4. A key generation apparatus for generating a finite field Fq, a three-dimensional manifold A(x, y, s, t) which is used as a public key for signature verification, is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t, and is defined on the finite field Fq, and a section which is used as a secret key for signature generation and is one of surfaces of the three-dimensional manifold A(x, y, s, t), x-coordinate and y-coordinate of the section being expressed by functions of the parameter s and the parameter t, comprising:
-
a first generation unit configured to generate a first 2-variable polynomial λ
x(s, t) for the parameter s and the parameter t defined on the finite field Fq;a second generation unit configured to generate a second 2-variable polynomial λ
y(s, t) which is divisible by the first 2-variable polynomial λ
x(s, t) and is defined on the finite field Fq;a third generation unit configured to generate two 2-variable polynomials ux(s, t) and vx(s, t) for the parameter s and the parameter t defined on the finite field Fq so that a difference {ux(s, t)−
vx(s, t)} between the two 2-variable polynomials equals the first 2-variable polynomial λ
x(s, t);a fourth generation unit configured to generate two 2-variable polynomials uy(s, t) and vy(s, t) for the parameter s and the parameter t defined on the finite field Fq so that a difference {uy(s, t)−
vy(s, t)} between the two 2-variable polynomials equals the second 2-variable polynomial λ
y(s, t);a section generation unit configured to generate a section D1;
(x, y, s, t)=(ux(s, t), uy(s, t), s, t) which has the 2-variable polynomial ux(s, t) generated by the third generation unit as an x-coordinate, and the 2-variable polynomial uy(s, t) generated by the fourth generation unit as a y-coordinate, and a section D2;
(x, y, s, t)=(vx(s, t), vy(s, t), s, t) which has the 2-variable polynomial vx(s, t) generated by the third generation unit as an x-coordinate, and the 2-variable polynomial vy(s, t) generated by the fourth generation unit as a y-coordinate; anda manifold generation unit configures to generate a polynomial of the three-dimensional manifold A(x, y, s, t) which includes the section D1 and the section D2.
-
-
5. A key generation apparatus for generating a finite field Fq, a three-dimensional manifold A(x, y, s, t) which is used as a public key for signature verification, is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t, and is defined on the finite field Fq, and a section which is used as a secret key for signature generation and is one of surfaces of the three-dimensional manifold A(x, y, s, t), x-coordinate and y-coordinate of the section being expressed by functions of the parameter s and the parameter t, comprising:
-
a first generation unit configured to generate n (n is a positive integer), first to n-th (n is a positive integer) 2-variable polynomials ux,i(s, t) (i;
1≦
i≦
n) for the parameter s and the parameter t defined on the finite field Fq, and n, first to n-th n 2-variable polynomials uy,i(s, t) (i;
1≦
i≦
n) for the parameter s and the parameter t defined on the finite field Fq;a second generation unit configured to generate n, first to n-th sections Di (1≦
i≦
n) by generating an i-th section Di;
(x, y, s, t)=(ux,i(s, t), uy,i(s, t), s, t) (1≦
i≦
n) which has the i-th (1≦
i≦
n) 2-variable polynomials ux,i(s, t) and uy,i(s, t) generated by the first generation unit as an x-coordinate and a y-coordinate, respectively;a third generation unit configured to generate first to n-th x-factors and y-factors by generating an i-th x-factor (x−
ux,i(s, t)) and y-factor (y−
uy,i(s, t)) using the i-th (1≦
i≦
n) 2-variable polynomials ux,i(s, t) and uy,i(s, t) generated by the first generation unit;a fourth generation unit configured to generate an equation obtained by distributing the i-th (1≦
i≦
n) x-factor and y-factor to a left-hand side and a right-hand side and coupling a product of n x-factors and y-factors distributed to the left-hand side and a product of n x-factors and y-factors distributed to the right-hand side by an equal sign; anda fifth generation unit configured to generate a polynomial of the three-dimensional manifold A(x, y, s, t) by expanding the equation generated by the fourth generation unit. - View Dependent Claims (6)
-
-
7. A digital signature generation method including:
-
storing, in a memory, (1) a finite field Fq and (2) a section D(ux(s, t), uy(s, t), s, t) as a secret key, the section being one of surfaces of a three-dimensional manifold A(x, y, s, t) which is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t and is defined on the finite field Fq, the x-coordinate and y-coordinate of the section being expressed by functions of the parameter s and the parameter t; calculating a hash value of a message m; generating a hash value polynomial by embedding the hash value in a 1-variable polynomial h(t) defined on the finite field Fq; and generating a digital signature Ds(Ux(t), Uy(t), t) which is a curve on the section, the x-coordinate and y-coordinate of the curve being expressed by functions of the parameter t, by substituting the hash value polynomial in the parameter s of the section. - View Dependent Claims (8)
-
-
9. A digital signature verification method including:
-
storing, in a memory, a finite field Fq and a polynomial of a three-dimensional manifold A(x, y, s, t) which is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t and is defined on the finite field Fq; inputting a message m; inputting a digital signature Ds;
(Ux(t), Uy(t), t) corresponding to the message m, the digital signature being a curve on a section D(ux(s, t), uy(s, t), s, t) which is one of surfaces of the three-dimensional manifold A(x, y, s, t), the x-coordinate and y-coordinate of the section being expressed by functions of the parameter t, the digital signature being generated by using the section as a secret keycalculating a hash value of the message m; generating a hash value polynomial by embedding the hash value in a 1-variable polynomial for the parameter t defined on the finite field Fq; calculating an algebraic surface X(x, y, t) corresponding to the hash value by substituting the hash value polynomial in the parameter s of the polynomial stored in the memory; and verifying authenticity of the message and the digital signature by substituting a function Ux(t) representing the x-coordinate of the digital signature and a function Uy(t) representing the y-coordinate of the digital signature in an x-coordinate and a y-coordinate, respectively, of the algebraic surface X(x, y, t).
-
-
10. A key generation method for generating a finite field Fq, a three-dimensional manifold A(x, y, s, t) which is used as a public key for signature verification, is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t, and is defined on the finite field Fq, and a section which is used as a secret key for signature generation and is one of surfaces of the three-dimensional manifold A(x, y, s, t), x-coordinate and y-coordinate of the section being expressed by functions of the parameter s and the parameter t, the method including:
-
generating a first 2-variable polynomial λ
x(s, t) for the parameter s and the parameter t defined on the finite field Fq;generating a second 2-variable polynomial λ
y(s, t) which is divisible by the first 2-variable polynomial λ
x(s, t) and is defined on the finite field Fq;generating two 2-variable polynomials ux(s, t) and vx(s, t) for the parameter s and the parameter t defined on the finite field Fq so that a difference {ux(s, t)−
vx(s, t)} between the two 2-variable polynomials equals the first 2-variable polynomial λ
x(s, t);generating two 2-variable polynomials uy(s, t) and vy(s, t) for the parameter s and the parameter t defined on the finite field Fq so that a difference {uy(s, t)−
vy(s, t)} between the two 2-variable polynomials equals the second 2-variable polynomialgenerating a section D1;
(x, y, s, t)=(ux(s, t), uy(s, t), s, t) which has the 2-variable polynomial ux(s, t) as an x-coordinate, and the 2-variable polynomial uy(s, t) as a y-coordinate, and a section D2;
(x, y, s, t)=(vx(s, t), vy(s, t), s, t) which has the 2-variable polynomial vx(s, t) as an x-coordinate, and the 2-variable polynomial vy(s, t) as a y-coordinate; andgenerating a polynomial of the three-dimensional manifold A(x, y, s, t) which includes the section D1 and the section D2.
-
-
11. A key generation method for generating a finite field Fq, a three-dimensional manifold A(x, y, s, t) which is used as a public key for signature verification, is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t, and is defined on the finite field Fq, and a section which is used as a secret key for signature generation and is one of surfaces of the three-dimensional manifold A(x, y, s, t), x-coordinate and y-coordinate of the section being expressed by functions of the parameter s and the parameter t, the method including:
-
generating n (n is a positive integer), first to n-th (n is a positive integer) 2-variable polynomials ux,i(s, t) (i;
1≦
i≦
n) for the parameter s and the parameter t defined on the finite field Fq, and n, first to n-th n 2-variable polynomials uy,i(s, t) (i;
1≦
i≦
n) for the parameter s and the parameter t defined on the finite field Fq;generating n, first to n-th sections Di (1≦
i≦
n) by generating an i-th section Di;
(x, y, s, t)=(ux,i(s, t), uy,i(s, t), s, t) (1≦
i≦
n) which has the i-th (1≦
i≦
n) 2-variable polynomials ux,i(s, t) and uy,i(s, t) as an x-coordinate and a y-coordinate, respectively;generating first to n-th x-factors and y-factors by generating an i-th x-factor (x−
ux,i(s, t)) and y-factor (y−
uy,i(s, t)) using the i-th (1≦
i≦
n) 2-variable polynomials ux,i(s, t) and uy,i(s, t);generating an equation obtained by distributing the i-th (1≦
i≦
n) x-factor and y-factor to a left-hand side and a right-hand side and coupling a product of n x-factors and y-factors distributed to the left-hand side and a product of n x-factors and y-factors distributed to the right-hand side by an equal sign; andgenerating a polynomial of the three-dimensional manifold A(x, y, s, t) by expanding the equation. - View Dependent Claims (12)
-
-
13. A digital signature generation program stored on a computer readable medium, the program including:
-
first program instruction means for instructing a computer processor to store, in a memory, (1) a finite field Fq and (2) a section D(ux(s, t), uy(s, t), s, t) as a secret key, the section being one of surfaces of a three-dimensional manifold A(x, y, s, t) which is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t and is defined on the finite field Fq, the x-coordinate and y-coordinate of the section being expressed by functions of the parameter s and the parameter t; second program instruction means for instructing the computer processor to calculate a hash value of a message m; third program instruction means for instructing the computer processor to generate a hash value polynomial by embedding the hash value in a 1-variable polynomial h(t) defined on the finite field Fq; and fourth program instruction means for instructing the computer processor to generate a digital signature Ds(Ux(t), Uy(t), t) which is a curve on the section, the x-coordinate and y-coordinate of the curve being expressed by functions of the parameter t, by substituting the hash value polynomial in the parameter s of the section. - View Dependent Claims (14)
-
-
15. A digital signature verification program stored on a computer readable medium, the program including:
-
first program instruction means for instructing a computer processor to store, in a memory, a finite field Fq and a polynomial of a three-dimensional manifold A(x, y, s, t) which is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t and is defined on the finite field Fq; second program instruction means for instructing the computer processor to input a message m; third program instruction means for instructing the computer processor to input a digital signature Ds;
(Ux(t), Uy(t), t) corresponding to the message m, the digital signature being a curve on a section D(ux(s, t), uy(s, t), s, t) which is one of surfaces of the three-dimensional manifold A(x, y, s, t), the x-coordinate and y-coordinate of the section being expressed by functions of the parameter t, the digital signature being generated by using the section as a secret keyfourth program instruction means for instructing the computer processor to calculate a hash value of the message m; fifth program instruction means for instructing the computer processor to generate a hash value polynomial by embedding the hash value in a 1-variable polynomial for the parameter t defined on the finite field Fq; sixth program instruction means for instructing the computer processor to calculate an algebraic surface X(x, y, t) corresponding to the hash value by substituting the hash value polynomial in the parameter s of the polynomial stored in the memory; and seventh program instruction means for instructing the computer processor to verify authenticity of the message and the digital signature by substituting a function Ux(t) representing the x-coordinate of the digital signature and a function Uy(t) representing the y-coordinate of the digital signature in an x-coordinate and a y-coordinate, respectively, of the algebraic surface X(x, y, t).
-
-
16. A key generation program for generating a finite field Fq, a three-dimensional manifold A(x, y, s, t) which is used as a public key for signature verification, is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t, and is defined on the finite field Fq, and a section which is used as a secret key for signature generation and is one of surfaces of the three-dimensional manifold A(x, y, s, t), x-coordinate and y-coordinate of the section being expressed by functions of the parameter s and the parameter t, the program stored on a computer readable medium, the program including:
-
first program instruction means for instructing a computer processor to generate a first 2-variable polynomial λ
x(s, t) for the parameter s and the parameter t defined on the finite field Fq;second program instruction means for instructing the computer processor to generate a second 2-variable polynomial λ
y(s, t) which is divisible by the first 2-variable polynomial λ
x(s, t) and is defined on the finite field Fq;third program instruction means for instructing the computer processor to generate two 2-variable polynomials ux(s, t) and vx(s, t) for the parameter s and the parameter t defined on the finite field Fq so that a difference {ux(s, t)−
vx(s, t)} between the two 2-variable polynomials equals the first 2-variable polynomial λ
x(s, t);fourth program instruction means for instructing the computer processor to generate two 2-variable polynomials uy(s, t) and vy(s, t) for the parameter s and the parameter t defined on the finite field Fq so that a difference {uy(s, t)−
vy(s, t)} between the two 2-variable polynomials equals the second 2-variable polynomial λ
y(s, t);fifth program instruction means for instructing the computer processor to generate a section D1;
(x, y, s, t)=(ux(s, t), uy(s, t), s, t) which has the 2-variable polynomial ux(s, t) as an x-coordinate, and the 2-variable polynomial uy(s, t) as a y-coordinate, and a section D2;
(x, y, s, t)=(vx(s, t), vy(s, t), s, t) which has the 2-variable polynomial vx(s, t) as an x-coordinate, and the 2-variable polynomial vy(s, t) as a y-coordinate; andsixth program instruction means for instructing the computer processor to generate a polynomial of the three-dimensional manifold A(x, y, s, t) which includes the section D1 and the section D2.
-
-
17. A key generation program for generating a finite field Fq, a three-dimensional manifold A(x, y, s, t) which is used as a public key for signature verification, is expressed by an x-coordinate, a y-coordinate, a parameter s, and a parameter t, and is defined on the finite field Fq, and a section which is used as a secret key for signature generation and is one of surfaces of the three-dimensional manifold A(x, y, s, t), x-coordinate and y-coordinate of the section being expressed by functions of the parameter s and the parameter t, the program stored on a computer readable medium, the program including:
-
first program instruction means for instructing a computer processor to generate n (n is a positive integer), first to n-th (n is a positive integer), 2-variable polynomials ux,i(s, t) (i;
1≦
i≦
n) for the parameter s and the parameter t defined on the finite field Fq, and n, first to n-th n 2-variable polynomials uy,i(s, t) (i;
1≦
i≦
n) for the parameter s and the parameter t defined on the finite field Fq;second program instruction means for instructing the computer processor to generate n, first to n-th sections Di (1≦
i≦
n) by generating an i-th section Di;
(x, y, s, t)=(ux,i(s, t), uy,i(s, t), s, t) (1≦
i≦
n) which has the i-th (1≦
i≦
n) 2-variable polynomials ux,i(s, t) and uy,i(s, t) as an x-coordinate and a y-coordinate, respectively;third program instruction means for instructing the computer processor to generate first to n-th x-factors and y-factors by generating an i-th x-factor (x−
ux,i(s, t)) and y-factor (y−
uy,i(s, t)) using the i-th (1≦
i≦
n) 2-variable polynomials ux,i(s, t) and uy,i(s, t);fourth program instruction means for instructing the computer processor to generate an equation obtained by distributing the i-th (1≦
i≦
n) x-factor and y-factor to a left-hand side and a right-hand side and coupling a product of n x-factors and y-factors distributed to the left-hand side and a product of n x-factors and y-factors distributed to the right-hand side by an equal sign; andfifth program instruction means for instructing the computer processor to generate a polynomial of the three-dimensional manifold A(x, y, s, t) by expanding the equation. - View Dependent Claims (18)
-
Specification