| 摘要 |
<P>PROBLEM TO BE SOLVED: To provide a blind signature device of concurrent safety that does not rely on a third-party institution, a partial blind signature device, a receiver, a system, a method, and a program. Ž<P>SOLUTION: In the blind signature device, a signature means includes a first signature step and a second signature step. In the first signature step, ξ and ε are randomly selected, when q is the modulus; an inverse element D of a sum of x and ε is calculated; a result a'_i of modulo exponentiation of a part of a public key g_i with the inverse element D is calculated for i=1, ..., n, Mask (a'_1, ξ), ...; and Mask (a'_n, ξ) are defined as a_0, ..., and a_n, respectively, and a_0, ..., and a_n are outputted. In the second signature step, data b is received, s_i is randomly selected for i=k, ..., n, a result E_i, obtained by dividing s_i by a sum of x and ε is calculated for i=k, ..., n when q is the modulus, results c obtained, by multiplying Unmask (b, ξ) by E_k, ..., E_n are calculated, and c, s_[k+1], ..., s_n, ε are outputted. Ž<P>COPYRIGHT: (C)2010,JPO&INPIT Ž
|
