| 摘要 |
PROBLEM TO BE SOLVED: To guarantee a fact that a signature requester can not obtain correct signatures equal to or more than a certain number which are issued by a signing person. SOLUTION: Every time a request is made for signature, its signature issuer generates intrinsic information rnd, and z1 =H1 (rnd), z2 =z/z1 (where z is a signing person's public key) z, z1 and z2 are temporarily made into public keys. Then, the requester of the signature computes U=z<v> , U1 =z1 <v> and U2 =U/U1 using a random number v, disturbs a document m using U and U1 and transmits e to the signing person. The person signs e using a secret key x and returns r, c, s1 and s2 . The signature requester disturbs r, c, s1 and s2 so that verification is made possible, obtains certificates L and N which certify the relationship between signatures F, K, T1 and T2 by the signing person and Z and U and sets signatures U, U1 , F, K, T1 , T2 L and N for the document m. |
