Search

CN-122020729-A - Method, device, equipment and medium for checking mixed signature

CN122020729ACN 122020729 ACN122020729 ACN 122020729ACN-122020729-A

Abstract

The invention provides a method, a device, equipment and a medium for verifying a mixed signature, wherein the method comprises the steps of obtaining a digital object to be verified, wherein the digital object comprises a metadata area, a code data area and at least one signature data area, analyzing the metadata area to obtain a signature verification algorithm identifier, a signature scheme type and a compliance identifier, determining a corresponding verification strategy according to the signature scheme type, judging whether the digital object meets a preset minimum compliance requirement based on the compliance identifier, if so, executing verification on the code data area according to the signature verification algorithm identifier and the determined verification strategy, and outputting a verification result. The invention adopts metadata drive, has policy configurability and algorithm self-adaptability, and supports complex mixing policy. When the compliance upgrading is carried out, the terminal program does not need to be modified, so that one signature verification system can be compatible with multi-manufacturer application and supports smooth and controllable migration from the traditional cryptographic technology to the PQC.

Inventors

  • LIN XINGHAI
  • CHEN WENYAO

Assignees

  • 福建魔方电子科技有限公司

Dates

Publication Date
20260512
Application Date
20251222

Claims (10)

  1. 1. The method for verifying the mixed signature is characterized by comprising the following steps: acquiring a digital object to be verified, wherein the digital object comprises a metadata area, a code data area and at least one signature data area; Analyzing the metadata area to obtain a signature verification algorithm identifier, a signature scheme type and a compliance identifier; the signature verification algorithm identifier is used for indicating a specific cryptographic algorithm combination and supporting dynamic adaptation verification logic, the signature scheme type is used for identifying the cryptographic scheme type adopted by the signature, and comprises a traditional cryptographic algorithm signature, a post quantum cryptographic algorithm signature and a mixed signature, and the compliance identifier is used for indicating the version of the industry security standard followed by the digital object; Determining a corresponding verification strategy according to the signature scheme type, and judging whether the digital object meets a preset minimum compliance requirement or not based on the compliance identifier; if the minimum compliance requirement is met, checking whether the signature verification algorithm identification meets the minimum algorithm strength requirement corresponding to the compliance identifier or not based on the compliance identifier; If the verification is passed, executing verification on the code data area according to the identification of the signature verification algorithm and the determined verification strategy; and outputting a verification result.
  2. 2. The method according to claim 1, characterized in that: When the signature scheme type is a mixed signature, the metadata area further comprises a mixed signature strategy identifier, wherein the mixed signature strategy identifier is used for indicating one of the following strategies: A double-sign independent verification strategy, namely requiring verification of all signatures contained in the digital object to pass, and judging that the verification is successful by a party; Master and slave degradation verification strategies, namely preferentially verifying the signature based on the post quantum cryptography algorithm, and degrading and verifying the signature based on the traditional cryptography algorithm if verification fails; And (3) a time threshold verification strategy, namely adopting different signature validity judgment standards before and after a threshold time point according to a preset time threshold.
  3. 3. The method of claim 2, wherein when the master fallback verification policy is employed and a fallback verification operation is performed, a security audit event log is generated and output regardless of whether the fallback verification was successful.
  4. 4. The method of claim 1, wherein the signature verification algorithm identification dynamically indicates one of the following algorithm combinations: A digital signature algorithm of RSA2048 or higher security strength combined with a hash algorithm of SHA256 or higher security strength; an elliptic curve digital signature algorithm of ECC-P256 or higher security strength is combined with a hash algorithm of SHA256 or higher security strength; the post quantum digital signature algorithm based on lattice, hash or encoding is combined with the corresponding hash algorithm.
  5. 5. The method according to claim 1, characterized in that: A signature in the signature data area, the calculation range of which covers all or part of the content of the metadata area; The industry security standard is a payment card industry PIN transaction security standard, and the version comprises PCI PTS v6, PCI PTS v7 or higher.
  6. 6. The method of claim 1, wherein the method is applied to a unified signature verification management scene of digital objects provided by different manufacturers and adopting different signature algorithms, and the unified management of a signature verification system to the digital objects of multiple manufacturers is realized.
  7. 7. The method according to claim 1, characterized in that: The digital object corresponds to an application software package which is based on an executable program format and is subjected to secondary security encapsulation, the integrity and the source credibility of the application software package are ensured through a digital signature mechanism before distribution, and the application program codes and the resource files in the encapsulated application software package are protected by the integrity.
  8. 8. A device for verifying a mixed signature is characterized in that the method of any one of claims 1 to 7 is realized and comprises the following steps: an object acquisition module configured to acquire a digital object to be authenticated, the digital object including a metadata area, a code data area, and at least one signature data area; The metadata analysis module is configured to analyze the metadata area to obtain a signature verification algorithm identifier, a signature scheme type and a compliance identifier; the signature verification algorithm identifier is used for indicating a specific cryptographic algorithm combination and supporting dynamic adaptation verification logic, the signature scheme type is used for identifying the cryptographic scheme type adopted by the signature, and comprises a traditional cryptographic algorithm signature, a post quantum cryptographic algorithm signature and a mixed signature, and the compliance identifier is used for indicating the version of the industry security standard followed by the digital object; The strategy determining module is configured to determine a corresponding verification strategy according to the signature scheme type; a compliance verification module configured to determine whether the digital object meets a preset minimum compliance requirement based on the compliance identifier; the verification execution module is configured to execute verification on the code data area according to the identification of the signature verification algorithm and the determined verification strategy on the premise of meeting the minimum compliance requirement; and the result output module is configured to output a verification result.
  9. 9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method according to any one of claims 1 to 7 when executing the program.
  10. 10. A computer-readable storage medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the method according to any one of claims 1 to 7.

Description

Method, device, equipment and medium for checking mixed signature Technical Field The invention belongs to the technical field of information security and password application, and particularly relates to a mixed signature verification method, device, equipment and medium for verifying the integrity and authenticity of a software digital object (such as POS terminal application, android APK and Linux mirror image). The method is particularly suitable for application scenes which need to meet dynamic evolution safety compliance standards (such as PCI PTS v6/v 7), support multi-manufacturer heterogeneous environments and can smoothly migrate to quantum cryptography (PQC). Background In the payment industry order receiving service, an order receiving application running on a POS (point of sale) terminal or other equipment is core software for processing sensitive payment transactions. Its integrity verification directly relates to the security and compliance of the payment system. Currently, this field faces a triple challenge, while the existing hard-coded signature verification techniques are unable to cope with. The current payment industry faces three major challenges in software signature verification letter of challenge now: 1) Contradiction of algorithm upgrading pressure and rigidifying technology under compliance driving The PCI PTS standard continues to evolve, but existing signature verification logic is hard coded in the terminal firmware. Every algorithm upgrade needs the firmware update of the whole network terminal, and has high cost and long period. For example, upgrade from PCI PTS v6 (at least RSA2048+sha256 is required) to PCI PTS v7 (at least RSA3072+sha256 is required) and a trend toward more efficient algorithm migration to ECC (elliptic curve cryptography) or the like is presented. Even more urgent, to address quantum computing threats, the industry has begun planning the migration of Post Quantum Cryptography (PQC) algorithms. However, existing signature verification schemes hard code the algorithm in the terminal program. Every time of compliance upgrading, the order receiving mechanism needs to update the firmware or the system with long time consumption and high cost for mass terminals, thereby seriously impeding the agility of the compliance process. 2) Unified management complexity in multi-vendor terminal environment An acquirer typically manages POS terminals from numerous vendors. Due to the technical route difference, different signature algorithms and key systems can be adopted by the application of each manufacturer. The existing hard-coded signature verification mode forces the acquiring mechanism to maintain multiple sets of signature verification logic for different manufacturers, so that the system architecture is complex, the operation and maintenance are difficult, and high-efficiency unified safe wind control and quick access of new manufacturers cannot be realized. 3) Long-term security risk under quantum computing threat, quantum migration resistance and no path The NIST et al institution is strongly pushing the standardization of the PQC algorithm. In the future, the payment industry is necessarily faced with migration from traditional algorithms to PQC algorithms. This migration process will last for many years, during which the legacy algorithm is required to coexist with the PQC algorithm. The prior art is completely incapable of supporting such "mixed mode" verification, and is incapable of providing security for an upcoming "Q day" threat. In view of the foregoing, there is a need in the payment industry for a signature verification scheme that can flexibly accommodate upgrade of the compliance, simplify multi-vendor management, and support smooth migration to anti-quantum algorithms. Disclosure of Invention The invention aims to provide a method, a device, equipment and a medium for verifying a mixed signature. Metadata driving is adopted, policy configurability and algorithm adaptability are provided, and complex mixing policies are supported. When the compliance upgrading is carried out, the terminal program does not need to be modified, so that one signature verification system can be compatible with multi-manufacturer application and supports smooth and controllable migration from the traditional cryptographic technology to the PQC. In a first aspect, the present invention provides a method for verifying a mixed signature, including: acquiring a digital object to be verified, wherein the digital object comprises a metadata area, a code data area and at least one signature data area; Analyzing the metadata area to obtain a signature verification algorithm identifier, a signature scheme type and a compliance identifier; the signature verification algorithm identifier is used for indicating a specific cryptographic algorithm combination and supporting dynamic adaptation verification logic, the signature scheme type is used for identifying the cryptographic sc