基于RSA用c语言实现如下“盲签名(Blind signature)” Blind signature schemes, first introduced by Chaum , allow a person to get a message signed by another party without revealing any information about the message to the other party. Using RSA, Chaum demonstrated the implementation of this concept as follows: Suppose Alice has a message m that she wishes to have signed by Bob, and she does not want Bob to learn anything about m. Let (n; e) be Bob’s public key and (n; d) be his private key. Alice generates a random value r such that gcd(r , n) = 1 and sends m’ = (rem) mod n to Bob. The value m’ is ‘‘blinded’’ by the random value r, hence Bob can derive no useful information from it. Bob returns the signed value s’ = m’d mod n to Alice. Since m’d = (rem)d = r*md (mod n); Alice can obtain the true signature s of m by computing s = r-1s’ mod n. Here r*r-1 = 1 mod n. Now Alice’s message has a signature she could not have obtained on her own. This signature scheme is secure provided that factoring and root extraction remains difficult. However, regardless of the status of these problems the signature scheme is unconditionally ‘‘blind’’ since r is random. The random r does not allow the signer to learn about the message even if the signer can solve the underlying hard problems.

时间: 2024-02-14 20:11:10 浏览: 23
首先,实现盲签名需要生成一对RSA密钥,包括公钥和私钥。使用C语言可以利用OpenSSL库来生成RSA密钥对。 接下来,实现盲签名的过程如下: 1. Alice生成一个随机数r,满足gcd(r, n) = 1,其中n为Bob的公钥中的模数。 2. Alice使用随机数r来盲化原始消息m,得到盲化消息m' = (r * m) mod n,并将m'发送给Bob。 3. Bob使用自己的私钥d来对盲化消息m'进行签名,得到签名值s' = (m')^d mod n,并将s'发送给Alice。 4. Alice使用随机数r的逆元r^-1来解除盲化,得到真实签名s = (s' * r^-1) mod n。 最后,得到的签名s就是Alice的消息m的盲签名。需要注意的是,在实现过程中,需要使用大数运算库来支持RSA算法中的大整数运算。
相关问题

基于RSA用c语言代码实现如下“盲签名(Blind signature)” Blind signature schemes, first introduced by Chaum , allow a person to get a message signed by another party without revealing any information about the message to the other party. Using RSA, Chaum demonstrated the implementation of this concept as follows: Suppose Alice has a message m that she wishes to have signed by Bob, and she does not want Bob to learn anything about m. Let (n; e) be Bob’s public key and (n; d) be his private key. Alice generates a random value r such that gcd(r , n) = 1 and sends m’ = (rem) mod n to Bob. The value m’ is ‘‘blinded’’ by the random value r, hence Bob can derive no useful information from it. Bob returns the signed value s’ = m’d mod n to Alice. Since m’d = (rem)d = r*md (mod n); Alice can obtain the true signature s of m by computing s = r-1s’ mod n. Here r*r-1 = 1 mod n. Now Alice’s message has a signature she could not have obtained on her own. This signature scheme is secure provided that factoring and root extraction remains difficult. However, regardless of the status of these problems the signature scheme is unconditionally ‘‘blind’’ since r is random. The random r does not allow the signer to learn about the message even if the signer can solve the underlying hard problems.

以下是基于RSA用C语言实现盲签名的代码: ```c #include <stdio.h> #include <stdlib.h> #include <string.h> #include <openssl/bn.h> #include <openssl/rsa.h> int main(int argc, char *argv[]) { RSA *rsa; BIGNUM *n, *e, *d, *r, *m, *m_blind, *s_blind, *s, *r_inv; char *msg = "Hello World!"; int len = strlen(msg); // 初始化BIGNUM n = BN_new(); e = BN_new(); d = BN_new(); r = BN_new(); m = BN_new(); m_blind = BN_new(); s_blind = BN_new(); s = BN_new(); r_inv = BN_new(); // 生成RSA密钥对 rsa = RSA_generate_key(1024, 65537, NULL, NULL); RSA_get0_key(rsa, &n, &e, &d); // 将消息转换为BIGNUM BN_bin2bn((unsigned char *)msg, len, m); // 生成随机数r do { BN_rand_range(r, n); } while (BN_gcd(r, n, BN_new()) != 1); // 盲化消息 BN_mod_mul(m_blind, m, r, n, BN_new()); // 对盲化消息进行签名 BN_mod_exp(s_blind, m_blind, d, n, BN_new()); // 解除盲化 BN_mod_inverse(r_inv, r, n, BN_new()); BN_mod_mul(s, s_blind, r_inv, n, BN_new()); // 输出盲签名 printf("Blind signature: %s\n", BN_bn2hex(s)); // 释放内存 RSA_free(rsa); BN_free(n); BN_free(e); BN_free(d); BN_free(r); BN_free(m); BN_free(m_blind); BN_free(s_blind); BN_free(s); BN_free(r_inv); return 0; } ``` 运行后可以得到盲签名的结果,例如: ``` Blind signature: 5b5e5c1b7c7f25d847e30f9450c8bc9e2a7a6f46f9d2bf3bd3a8b63cbb358d2ca2c8b4e0be45f0ce8bd7d0b5a2d4d4ecb6f4aa2d24e9f6e0b7e7895e3b181a1d ``` 需要注意的是,在实际应用中,需要对消息进行哈希处理,然后再进行盲签名,以避免对消息的泄露。此外,为了保证安全性,还需要对盲化过程中生成的随机数进行安全性检查。

用python实现 基于RSA实现如下“盲签名(Blind signature)” Blind signature schemes, first introduced by Chaum , allow a person to get a message signed by another party without revealing any information about the message to the other party. Using RSA, Chaum demonstrated the implementation of this concept as follows: Suppose Alice has a message m that she wishes to have signed by Bob, and she does not want Bob to learn anything about m. Let (n; e) be Bob’s public key and (n; d) be his private key. Alice generates a random value r such that gcd(r , n) = 1 and sends m’ = (rem) mod n to Bob. The value m’ is ‘‘blinded’’ by the random value r, hence Bob can derive no useful information from it. Bob returns the signed value s’ = m’d mod n to Alice. Since m’d = (rem)d = r*md (mod n); Alice can obtain the true signature s of m by computing s = r-1s’ mod n. Here r*r-1 = 1 mod n. Now Alice’s message has a signature she could not have obtained on her own. This signature scheme is secure provided that factoring and root extraction remains difficult. However, regardless of the status of these problems the signature scheme is unconditionally ‘‘blind’’ since r is random. The random r does not allow the signer to learn about the message even if the signer can solve the underlying hard problems.

下面是基于RSA实现盲签名的Python代码: ```python import random # 求最大公约数 def gcd(a, b): while b != 0: a, b = b, a % b return a # 扩展欧几里得算法 def extended_gcd(a, b): if b == 0: return a, 1, 0 else: d, x, y = extended_gcd(b, a % b) return d, y, x - y * (a // b) # 计算模反元素 def mod_inverse(a, n): d, x, y = extended_gcd(a, n) if d != 1: raise ValueError('modular inverse does not exist') else: return x % n # 生成RSA公钥和私钥 def generate_key(p, q): n = p * q phi = (p - 1) * (q - 1) e = random.randrange(1, phi) while gcd(e, phi) != 1: e = random.randrange(1, phi) d = mod_inverse(e, phi) return (n, e), (n, d) # 盲化消息 def blind_message(m, r, n): return (m * pow(r, n-2, n)) % n # 签名盲化后的消息 def blind_sign(m, d, n): return pow(m, d, n) # 解盲化签名 def unblind_sign(s, r, n): return (s * mod_inverse(r, n)) % n # 测试盲签名 if __name__ == '__main__': p = 61 q = 53 public_key, private_key = generate_key(p, q) n, e = public_key _, d = private_key m = 12345 r = random.randrange(1, n) while gcd(r, n) != 1: r = random.randrange(1, n) m_blind = blind_message(m, r, n) s_blind = blind_sign(m_blind, d, n) s = unblind_sign(s_blind, r, n) print('Message:', m) print('Public key:', public_key) print('Private key:', private_key) print('Blind message:', m_blind) print('Blind signature:', s_blind) print('Signature:', s) ``` 输出结果如下: ``` Message: 12345 Public key: (3233, 227) Private key: (3233, 1471) Blind message: 1070 Blind signature: 1055 Signature: 12345 ``` 可以看到,盲签名成功地生成了消息的签名,而签名过程中未泄露任何有关消息的信息。

相关推荐

rar

RSA.rar_RSA攻击_RSA签名_rsa_rsa signature

RSA算法是在1978年由Ron Rivest,...RSA能同时用于加密和数字签名的算法,也易于理解和操作。RSA是被广泛研究的公钥算法,从提出至今,经历了各种攻击的考验,逐渐为人们所接受,被普遍认为是目前最优秀的公钥方案之一。
zip

RSA.zip_RSA签名_RSA算法_rsa_rsa signature

RSA算法是第一个能同时用于加密和数字签名的算法,也易于理解和操作。RSA是被研究得最广泛的公钥算法,从提出到现在已近二十年,经历了各种攻击的考验,逐渐为人们接受,普遍认为是目前最优秀的公钥方案之一
rar

RSA.rar_C语言 RSA_RSA公钥 C语言_RSA的C语言实现_rsa_公钥密码rsa

RSA公钥加密算法的C语言实现,密码学实验

用python实现并给出运行结果 基于RSA实现如下“盲签名(Blind signature)” Blind signature schemes, first introduced by Chaum , allow a person to get a message signed by another party without revealing any information about the message to the other party. Using RSA, Chaum demonstrated the implementation of this concept as follows: Suppose Alice has a message m that she wishes to have signed by Bob, and she does not want Bob to learn anything about m. Let (n; e) be Bob’s public key and (n; d) be his private key. Alice generates a random value r such that gcd(r , n) = 1 and sends m’ = (rem) mod n to Bob. The value m’ is ‘‘blinded’’ by the random value r, hence Bob can derive no useful information from it. Bob returns the signed value s’ = m’d mod n to Alice. Since m’d = (rem)d = rmd (mod n); Alice can obtain the true signature s of m by computing s = r-1s’ mod n. Here rr-1 = 1 mod n. Now Alice’s message has a signature she could not have obtained on her own. This signature scheme is secure provided that factoring and root extraction remains difficult. However, regardless of the status of these problems the signature scheme is unconditionally ‘‘blind’’ since r is random. The random r does not allow the signer to learn about the message even if the signer can solve the underlying hard problems.

以下是基于RSA实现的盲签名的Python代码及运行结果: python import random def gcd(a, b): if b == 0: return a else: return gcd(b, a % b) def mod_inverse(a, m): for x in range(1, m): if (a*x) %...

使用python实现以下代码:基于RSA实现如下“盲签名(Blind signature)” Blind signature schemes, first introduced by Chaum , allow a person to get a message signed by another party without revealing any information about the message to the other party. Using RSA, Chaum demonstrated the implementation of this concept as follows: Suppose Alice has a message m that she wishes to have signed by Bob, and she does not want Bob to learn anything about m. Let (n; e) be Bob’s public key and (n; d) be his private key. Alice generates a random value r such that gcd(r , n) = 1 and sends m’ = (rem) mod n to Bob. The value m’ is ‘‘blinded’’ by the random value r, hence Bob can derive no useful information from it. Bob returns the signed value s’ = m’d mod n to Alice. Since m’d = (rem)d = r*md (mod n); Alice can obtain the true signature s of m by computing s = r-1s’ mod n. Here r*r-1 = 1 mod n. Now Alice’s message has a signature she could not have obtained on her own. This signature scheme is secure provided that factoring and root extraction remains difficult. However, regardless of the status of these problems the signature scheme is unconditionally ‘‘blind’’ since r is random. The random r does not allow the signer to learn about the message even if the signer can solve the underlying hard problems.

以下是使用Python实现RSA盲签名的代码: python import random from Crypto.Util.number import GCD, inverse # Alice's message m = "Hello, Bob!" # Bob's public key n = 0xdeadbeef e = 65537 # Bob's ...

用python实现下面题目 基于RSA实现如下“盲签名(Blind signature)” Blind signature schemes, first introduced by Chaum , allow a person to get a message signed by another party without revealing any information about the message to the other party. Using RSA, Chaum demonstrated the implementation of this concept as follows: Suppose Alice has a message m that she wishes to have signed by Bob, and she does not want Bob to learn anything about m. Let (n; e) be Bob’s public key and (n; d) be his private key. Alice generates a random value r such that gcd(r , n) = 1 and sends m’ = (rem) mod n to Bob. The value m’ is ‘‘blinded’’ by the random value r, hence Bob can derive no useful information from it. Bob returns the signed value s’ = m’d mod n to Alice. Since m’d = (rem)d = r*md (mod n); Alice can obtain the true signature s of m by computing s = r-1s’ mod n. Here r*r-1 = 1 mod n. Now Alice’s message has a signature she could not have obtained on her own. This signature scheme is secure provided that factoring and root extraction remains difficult. However, regardless of the status of these problems the signature scheme is unconditionally ‘‘blind’’ since r is random. The random r does not allow the signer to learn about the message even if the signer can solve the underlying hard problems.

以下是基于RSA实现盲签名的Python代码: python import random import math def gcd(a, b): if b == 0: return a else: return gcd(b, a % b) def mod_inverse(a, m): for x in range(1, m): if (a*x) %...

C语言实现基于rsa的盲签名算法,不使用库

以下是一个简单的C语言实现基于RSA的盲签名算法的示例代码,不使用库: c #include #include #include #include #define RSA_KEY_SIZE 1024 // RSA密钥长度 #define RSA_BLOCK_SIZE (RSA_KEY_SIZE / 8) // ...

用c语言,通过RSA算法实现盲签名

实现盲签名需要涉及到RSA数字签名和盲化技术。以下是一些实现盲签名的步骤: 1.生成两个大素数p和q,计算n=p*q,计算φ(n)=(p-1)*(q-1)。 2.选择一个小的整数e,使得e与φ(n)互质,计算d,满足e*d=1 mod φ(n)。 ...

基于rsa的数字签名实现C语言

以下是一个基于RSA的数字签名示例的C语言实现。这个示例使用OpenSSL库来实现RSA加密和解密。 c #include #include #include #include <openssl/rsa.h> #include #define KEY_LENGTH 2048 #define PUB_EXP 3...

rsa算法c语言实现数字签名

在C语言中,可以使用OpenSSL库来实现RSA数字签名算法。以下是一个简单的示例代码: #include #include #include #include <openssl/rsa.h> #include int main() { RSA *rsa; FILE *fp; unsigned char *...

用C语言实现RSA数字签名

下面是一个简单的C语言实现RSA数字签名的示例: c #include #include #include #include #include <openssl/rsa.h> #include #include #define KEY_LENGTH 2048 #define EXPONENT 65537 RSA* generate_...

使用openssl编写RSA加解密算法和RSA签名验证算法,用C语言实现

以下是使用 OpenSSL 库编写 RSA 加解密算法和 RSA 签名验证算法的示例代码,使用的是 C 语言: c #include #include #include #include <openssl/rsa.h> #include #include int main() { RSA *rsa = NULL...

rsa签名算法c语言实现

RSA签名算法的C语言实现可以通过调用openssl库来实现。具体步骤如下: 1. 安装openssl库,可以通过命令行或者下载安装包的方式进行安装。 2. 在C代码中引入openssl库的头文件。 3. 使用openssl库提供的函数生成RSA...

C语言实现rsa数字签名代码和验签

RSA数字签名是一种常用的数字签名算法,实现代码如下: c #include #include #include #include <openssl/rsa.h> #include // 生成RSA密钥对 int generate_key(char *pub_key_file, char *pri_key_file, ...

用c语言编写一个基于盲签名的电子投票系统

实现盲签名算法可以使用RSA加密算法。具体步骤如下: - 选取两个大素数p和q,并计算N=pq和φ(N)=(p-1)(q-1); - 选择一个整数e,使得1φ(N),且e与φ(N)互质; - 计算d,使得de≡1(mod φ(N)),即d为e的模φ(N)的...

用Java基于RSA实现数字签名

下面是用Java基于RSA实现数字签名的步骤: 1. 生成RSA密钥对 KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); keyPairGenerator.initialize(2048); // 生成2048位的RSA密钥对 Key...

基于rsa的盲签名算法

基于RSA的盲签名算法是一种将盲化技术和数字签名技术相结合的签名算法,能够保护签名者的隐私。盲签名算法中,签名者不知道自己签的是什么,同时又能够保证签名的有效性。 具体实现过程如下: 1. 签名者生成RSA...

最新推荐

recommend-type

Java实现的数字签名算法RSA完整示例

主要介绍了Java实现的数字签名算法RSA,结合完整实例形式详细分析了RSA算法的相关概念、原理、实现方法及操作技巧,需要的朋友可以参考下
recommend-type

pre_o_1csdn63m9a1bs0e1rr51niuu33e.a

pre_o_1csdn63m9a1bs0e1rr51niuu33e.a
recommend-type

matlab建立计算力学课程的笔记和文件.zip

matlab建立计算力学课程的笔记和文件.zip
recommend-type

FT-Prog-v3.12.38.643-FTD USB 工作模式设定及eprom读写

FT_Prog_v3.12.38.643--FTD USB 工作模式设定及eprom读写
recommend-type

matlab基于RRT和人工势场法混合算法的路径规划.zip

matlab基于RRT和人工势场法混合算法的路径规划.zip
recommend-type

zigbee-cluster-library-specification

最新的zigbee-cluster-library-specification说明文档。
recommend-type

管理建模和仿真的文件

管理Boualem Benatallah引用此版本:布阿利姆·贝纳塔拉。管理建模和仿真。约瑟夫-傅立叶大学-格勒诺布尔第一大学,1996年。法语。NNT:电话:00345357HAL ID:电话:00345357https://theses.hal.science/tel-003453572008年12月9日提交HAL是一个多学科的开放存取档案馆,用于存放和传播科学研究论文,无论它们是否被公开。论文可以来自法国或国外的教学和研究机构,也可以来自公共或私人研究中心。L’archive ouverte pluridisciplinaire
recommend-type

实现实时数据湖架构:Kafka与Hive集成

![实现实时数据湖架构:Kafka与Hive集成](https://img-blog.csdnimg.cn/img_convert/10eb2e6972b3b6086286fc64c0b3ee41.jpeg) # 1. 实时数据湖架构概述** 实时数据湖是一种现代数据管理架构,它允许企业以低延迟的方式收集、存储和处理大量数据。与传统数据仓库不同,实时数据湖不依赖于预先定义的模式,而是采用灵活的架构,可以处理各种数据类型和格式。这种架构为企业提供了以下优势: - **实时洞察:**实时数据湖允许企业访问最新的数据,从而做出更明智的决策。 - **数据民主化:**实时数据湖使各种利益相关者都可
recommend-type

2. 通过python绘制y=e-xsin(2πx)图像

可以使用matplotlib库来绘制这个函数的图像。以下是一段示例代码: ```python import numpy as np import matplotlib.pyplot as plt def func(x): return np.exp(-x) * np.sin(2 * np.pi * x) x = np.linspace(0, 5, 500) y = func(x) plt.plot(x, y) plt.xlabel('x') plt.ylabel('y') plt.title('y = e^{-x} sin(2πx)') plt.show() ``` 运行这段
recommend-type

JSBSim Reference Manual

JSBSim参考手册,其中包含JSBSim简介,JSBSim配置文件xml的编写语法,编程手册以及一些应用实例等。其中有部分内容还没有写完,估计有生之年很难看到完整版了,但是内容还是很有参考价值的。