yaole
648 B
648 B
判断标识,用户私钥和主公钥的一致性
Let h_1 = H_1(ID||hid, N), for the user sign key ds,
ds = \left[ \frac{ks}{h_1+ks} \right]\cdot P_1,
and P_{pubs} = [ks]\cdot P_2, we have
\begin{array}{rcl}
& & e(ds, P_{pubs} + [h_1]\cdot P2) \\
&=& e(\left[ \frac{ks}{h_1+ks} \right]\cdot P_1, [ks+h_1]\cdot P_2)\\
&=& e(P_1, P_{2})^{ks} \\
&=& e(P_1, P_{pubs}).
\end{array}
Thus, we need to compute if the following equation holds:
e(ds, P_{pubs} + [h_1]\cdot P_2) \overset{?}{=} e(P_1, P_{pubs}).
The same for encryption user key de:
e(P_{pube} + [h_1]\cdot P_1, de) \overset{?}{=} e(P_{pube}, P_2).