Signature-generation method, signature-verification method, public-key distribution method, and information-processing apparatus
First Claim
1. A signature-generation method comprising:
- an input step of inputting a message to be signed;
a hash process step, performed by a processor, of performing a hash process on the message to obtain fixed-length data;
an addition step of adding nth padding data to the fixed-length data obtained by performing the hash process on the message, wherein n is an integer from 1 to N, and N is equal to or greater than 2;
a generation step of generating nth signature data from data obtained by performing the hash process on the message by using nth private key, wherein key length of the nth private key is longer than key length of (n+1)th private key and;
an output step of outputting first padding data through nth padding data, nth signature data, and the message,wherein the hash process step, the addition step, and the generation step are repeated a predetermined N number of times, and (n−
1)th signature data generated in the generation step is the nth padding data added to the fixed-length data in the addition step, andwherein the message, the padding data, and the signature data are coupled to one another so that at least one public-key certificate is generated, and where the addition step and the generation step are performed the predetermined N number of times, algorithms used for the hash function vary every time the addition step and the generation step are performed, algorithms used for a public-key cryptosystem vary every time the addition step and the generation step are performed, and key length used for the public-key cryptosystem decreases every time the addition step and the generation step are performed.
1 Assignment
0 Petitions
Accused Products
Abstract
To generate and verify signature data using a known signature algorithm whose safety is ensured from the viewpoint of calculation quantity and ensuring the authenticity thereof over a long time period. A message to be signed is transmitted, a padding-data item is added to the message, and a signature-data item of the message with the padding-data item added thereto is generated by using a hash function and a public-key cryptosystem. The addition step and the generation step are performed a predetermined number of times by using the signature-data item, as the padding-data item, and the signature-data items generated the predetermined number of times and the padding-data items added the predetermined number of times are externally transmitted with the message.
-
Citations
4 Claims
-
1. A signature-generation method comprising:
-
an input step of inputting a message to be signed; a hash process step, performed by a processor, of performing a hash process on the message to obtain fixed-length data; an addition step of adding nth padding data to the fixed-length data obtained by performing the hash process on the message, wherein n is an integer from 1 to N, and N is equal to or greater than 2; a generation step of generating nth signature data from data obtained by performing the hash process on the message by using nth private key, wherein key length of the nth private key is longer than key length of (n+1)th private key and; an output step of outputting first padding data through nth padding data, nth signature data, and the message, wherein the hash process step, the addition step, and the generation step are repeated a predetermined N number of times, and (n−
1)th signature data generated in the generation step is the nth padding data added to the fixed-length data in the addition step, andwherein the message, the padding data, and the signature data are coupled to one another so that at least one public-key certificate is generated, and where the addition step and the generation step are performed the predetermined N number of times, algorithms used for the hash function vary every time the addition step and the generation step are performed, algorithms used for a public-key cryptosystem vary every time the addition step and the generation step are performed, and key length used for the public-key cryptosystem decreases every time the addition step and the generation step are performed. - View Dependent Claims (2)
-
-
3. A computer-readable recording medium configured to store a signature generation method comprising:
-
an input step of inputting a message to be signed; a hash process step of performing a hash process on the message to which the nth padding data has been added obtain fixed-length data; an addition step of adding nth padding data to the fixed-length data obtained by the hash process on the message, wherein n is an integer from 1 to N, and N is equal to or greater than 2; a generation step, performed by a processor, of generating nth signature data from data obtained by performing the hash process on the message by using nth private key, wherein key length of the nth private key is longer than key length of (n+1)th private key; and
;an output step of outputting first padding data through nth padding data, nth signature data, and the message, wherein the hash process step, the addition step, and the generation step are repeated a predetermined N number of times, and (n−
1)th signature data generated in the generation step is the nth padding data added to the fixed-length data in the addition step, andwherein the message, the padding data, and the signature data are coupled to one another so that at least one public-key certificate is generated, and where the addition step and the generation step are performed the predetermined N number of times, algorithms used for the hash function vary every time the addition step and the generation step are performed, algorithms used for a public-key cryptosystem vary every time the addition step and the generation step are performed, and key length used for the public-key cryptosystem decreases every time the addition step and the generation step are performed.
-
-
4. An information-processing apparatus comprising:
-
an input unit configured to input a message to be signed; a hash process unit configured to perform a hash process on the message to obtain fixed-length data; an addition unit configured to add nth padding data to the fixed-length data obtained by the hash process, wherein n is an integer from 1 to N, and N is equal to or greater than 2; a generation unit configured to generate nth signature data from data obtained by performing the hash process on the message using nth private key, wherein key length of the nth private key is longer than key length of (n+1)th private key; and an output unit configured to output the first padding data through the nth padding data, the nth signature data, and the message, wherein processing performed by the hash process unit, the addition unit, and the generation unit are repeated a predetermined N number of times, and (n−
1)th signature data generated by the generation unit is the nth padding data added to the input message by the addition unit, andwherein the message, the padding data, and the signature data are coupled to one another so that at least one public-key certificate is generated, and where processing in the addition unit and the generation unit are performed the predetermined N number of times, algorithms used for the hash process vary every time processing in the addition unit and the generation unit are performed, algorithms used for a public-key cryptosystem vary every time processing in the addition unit and the generation unit are performed, and key length used for the public-key cryptosystem decreases every time processing in the addition unit and the generation unit are performed.
-
Specification