摘要 |
The present invention discloses a digital signature scheme based on braid group conjugacy problem and a verifying method thereof, wherein the signatory S selects three braids xˆˆ LB m (l),x' ˆˆ B n ( l ), a ˆˆ B n ( l ), and considers braid pair( x ', x ) as a public key of S , braid a as a private key of S ; Signatory S uses hash function h for a message M needing signature to get y = h(M) ˆˆ B n ( l ); generating a braid b ˆˆ RB n-1-m (l) randomly, then signing the message M with the own private key a and the braid b generated randomly to obtain Sign(M) = a -1 byb -1 a ; a signature verifying party V obtains the public key of S , calculating the message M by employing a system parameter hash function h , obtaining the y=h(M); judging whether sign(M) and y are conjugate or not, if not, sign(M) is an illegal signature, the verification fails; if yes, sign(M) is a legal signature of message M; the present invention avoids the problem ofk-CSP in SCSS signature scheme of prior art, and improves the security of signature algorithm and reduces the number of braids involved and the number for conjugacy decision without reducing security, thereby improving the operation efficiency of signature.
|