yaole
28 lines
648 B
Markdown
28 lines
648 B
Markdown
# 判断标识,用户私钥和主公钥的一致性
|
|
Let $h_1 = H_1(ID||hid, N)$, for the user sign key $ds$,
|
|
$$
|
|
ds = \left[ \frac{ks}{h_1+ks} \right]\cdot P_1,
|
|
$$
|
|
and $P_{pubs} = [ks]\cdot P_2$, we have
|
|
$$
|
|
\begin{array}{rcl}
|
|
& & e(ds, P_{pubs} + [h_1]\cdot P2) \\
|
|
&=& e(\left[ \frac{ks}{h_1+ks} \right]\cdot P_1, [ks+h_1]\cdot P_2)\\
|
|
&=& e(P_1, P_{2})^{ks} \\
|
|
&=& e(P_1, P_{pubs}).
|
|
\end{array}
|
|
$$
|
|
|
|
|
|
Thus, we need to compute if the following equation holds:
|
|
$$
|
|
e(ds, P_{pubs} + [h_1]\cdot P_2) \overset{?}{=} e(P_1, P_{pubs}).
|
|
$$
|
|
|
|
The same for encryption user key $de$:
|
|
$$
|
|
e(P_{pube} + [h_1]\cdot P_1, de) \overset{?}{=} e(P_{pube}, P_2).
|
|
$$
|
|
|
|
|