Public-key signature methods and systems
First Claim
1. A digital signature cryptographic method, performed by a computing device, the method comprising:
- supplying a set S1 of k polynomial functions as a public-key, the set S1 including the functions P1(x1, . . . , xn+v, y1, . . . , yk), . . . , Pk(x1, . . . , xn+v, y1, . . . , yk), where k, v, and n are integers, x1, . . . , xn+v are n+v variables of a first type, y1, . . . , yk are k variables of a second type, and the set S1 is obtained by applying a secret key operation on a set S2 of k polynomial functions P′
1(a1, . . . , an+v, y1, . . . , yk), . . . , P′
k(a1, . . . , an+v, y1, . . . , yk) where a1, . . . , an+v are n+v variables which include a set of n “
oil”
variables a1, . . . , an, and a set of v “
vinegar”
variables an an+1, . . . , an+v, the supplying comprising selecting the number v of “
vinegar”
variables to be greater than the number n of “
oil”
variables;
providing a message to be signed;
applying a hash function on the message to produce a series of k values b1, . . . , bk;
substituting the series of k values b1, . . . , bk for the variables y1, . . . , yk of the set S2 respectively to produce a set S3 of k polynomial functions P″
k(a1, . . . an+v), . . . , P″
k(a1, . . . , an+v);
selecting v values a′
n+1, . . . , an+v for the v “
vinegar”
variables an+1, . . . an+v;
solving a set of equations P″
1(a1, . . . , an, a′
n+1, . . . , a′
n+v)=0, . . . , P″
k(a1, . . . , an, a′
n+1, . . . , a′
n+v)=0 to obtain a solution for a′
1, . . . , a′
n;
applying the secret key operation to transform a′
1, . . . , a′
n+v to a digital signature e1, . . . , en+v; and
assigning e1, . . . , en+v as the digital signature of the message.
10 Assignments
0 Petitions
Accused Products
Abstract
The invention provides for a cryptographic method for digital signature.
A set S1 of k polynomial functions Pk(x1, . . . , xn+v, y1, . . . , yk) are supplied as a public key, where k, v, and n are integers, x1, . . . , xn+v are n+v variables of a first type, and y1, . . . , yk are k variables of a second type, the set S1 being obtained by applying a secret key operation on a given set S2 of k polynomial functions P′k(a1, . . . , an+v, y1, . . . , yk), a1, . . . , an+v designating n+v variables including a set of n “oil” and v “vinegar” variables.
A message to be signed is provided and submitted to a hash function to produce a series of k values b1, . . . , bk. These k values are substituted for the k variables y1, . . . . , yk of the set S2 to produce a set S3 of k polynomial functions P″k(a1, . . . , an+v), and v values a′n+1, . . . , a′n+1, are selected for the v “vinegar” variables. A set of equations P″k(a1, . . . , a′n+v)=0 is solved to obtain a solution for a′1, . . . , a′n and the secret key operation is applied to transform the solution to the digital signature.
33 Citations
36 Claims
-
1. A digital signature cryptographic method, performed by a computing device, the method comprising:
-
supplying a set S1 of k polynomial functions as a public-key, the set S1 including the functions P1(x1, . . . , xn+v, y1, . . . , yk), . . . , Pk(x1, . . . , xn+v, y1, . . . , yk), where k, v, and n are integers, x1, . . . , xn+v are n+v variables of a first type, y1, . . . , yk are k variables of a second type, and the set S1 is obtained by applying a secret key operation on a set S2 of k polynomial functions P′
1(a1, . . . , an+v, y1, . . . , yk), . . . , P′
k(a1, . . . , an+v, y1, . . . , yk) where a1, . . . , an+v are n+v variables which include a set of n “
oil”
variables a1, . . . , an, and a set of v “
vinegar”
variables an an+1, . . . , an+v, the supplying comprising selecting the number v of “
vinegar”
variables to be greater than the number n of “
oil”
variables;providing a message to be signed; applying a hash function on the message to produce a series of k values b1, . . . , bk; substituting the series of k values b1, . . . , bk for the variables y1, . . . , yk of the set S2 respectively to produce a set S3 of k polynomial functions P″
k(a1, . . . an+v), . . . , P″
k(a1, . . . , an+v);selecting v values a′
n+1, . . . , an+v for the v “
vinegar”
variables an+1, . . . an+v;solving a set of equations P″
1(a1, . . . , an, a′
n+1, . . . , a′
n+v)=0, . . . , P″
k(a1, . . . , an, a′
n+1, . . . , a′
n+v)=0 to obtain a solution for a′
1, . . . , a′
n;applying the secret key operation to transform a′
1, . . . , a′
n+v to a digital signature e1, . . . , en+v; andassigning e1, . . . , en+v as the digital signature of the message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer system for generating a signature, comprising:
-
a signature input receiver operative to receive a set S1 of k polynomial functions as a public-key and a message to be signed, the set S1 including the functions P1(x1, . . . , xn+v, y1, . . . , yk), . . . , Pk(x1, . . . , xn+v, y1, . . . , yk), where k, v, and n are integers, x1, . . . , xn+v are n+v variables of a first type, y1, . . . , yk are k variables of a second type, and the set S1 is obtained by applying a secret key operation on a set S2 of k polynomial functions P′
1(a1, . . . , an+v, y1, . . . , yk), . . . , P′
k(a1, . . . , an+v, y1, . . . , yk), where a1, . . . , an+v are n+v variables which include a set of n “
oil”
variables a1, . . . , an, and a set of v “
vinegar”
variables an+1, . . . , an+v and the number v of “
vinegar”
variables is greater than the number n of “
oil”
variables; anda signature processor operatively associated with the signature input receiver and operative to perform the following operations; to apply a hash function on the message to produce a series of k values b1, . . . , bk, to substitute the series of k values b1, . . . , bk for the variables y1, . . . , yk of the set S2 respectively to produce a set S3 of k polynomial functions P″
1(a1, . . . , an+v), . . . , P″
k(a1, . . . , an+v),to select v values a′
n+1, . . . , a′
n+v for the v “
vinegar”
variables an+1, . . . , an+v;to solve a set of equations P″
1(a1, . . . , an, a′
n+1, . . . , a′
n+v)=0, . . . , P″
k(a1, . . . , an, a′
n+1, . . . , a′
n+v)=0 to obtain a solution for a′
1, . . . , a′
n;to apply the secret key operation to transform a′
1, . . . , a′
n+v into a digital signature e1, . . . , en+v; andto assign e1, . . . , en+v as the digital signature of the message. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A digital signature generated by a computer system the digital signature comprising:
a signature e1, . . . , en+v generated by processing a set S1 of k polynomial functions provided as a public-key and a message to be signed, where the set S1 includes functions P1(x1, . . . , xn+v, y1, . . . , yk), . . . , Pk(x1, . . . , xn+v, y1, . . . , yk), where k, v, and n are integers, x1, . . . , xn+v are n+v variables of a first type, y1, . . . , yk are k variables of a second type, and the set S1 is obtained by applying a secret key operation on a set S2 of k polynomial functions P′
1(a1, . . . , an+v, y1, . . . , yk), . . . , P′
k(a1, . . . , an+v, y1, . . . , yk) where a1, . . . , an+v are n+v variables which include a set of n “
oil”
variables a1, . . . , an, and a set of v “
vinegar”
variables an+1, . . . , an+v, and the number v of “
vinegar”
variables is greater than the number n of “
oil”
variables, so that a hash function applied on the message to produce a series of k values b1, . . . , bk that are substituted for the variables y1, . . . , yk of the set S2 respectively to produce a set S3 of k polynomial functions P″
1(a1, . . . , an+v), . . . , P″
k(a1, . . . , an+v) and v values a′
n+1, . . . , a′
n+v that are selected for the v “
vinegar”
variables an+1, . . . , an+v enable to solve a set of equations P″
1(a1, . . . , an, a′
n+1, . . . , a′
n+v)=0, . . . , P″
k(a1, . . . , an, a′
n+1, . . . , a′
n+v)=0 to obtain a solution for a′
1, . . . , a′
n+v, and application of the secret key operation transforms a′
1, . . . , a′
n+v into e1, . . . , en+v which is assigned as the digital signature of the message.
Specification