• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    The present invention relates to a method and apparatus for generating a cryptographic signature by means of elliptic curves. The method comprises a step (306) for generating a first signature component r and a further step (308) for generating a second signature component based on the first signature component r. The calculations include a long-term private key, a private key for the session and a public key for the session.
    公开号:CH711133B1
    申请号:CH01275/15
    申请日:2015-09-04
    公开日:2019-07-15
    发明作者:Antipa Adrian
    申请人:Infosec Global Inc;
    IPC主号:
    专利说明:

    description
    Technical Field The present invention relates to data communication systems and protocols used in such systems.
    Background Data communication systems are used to exchange information between devices. The information to be exchanged includes data arranged as sequences of digital bits that are formatted to be recognized by other devices and allow the information to be processed and / or recovered.
    The exchange of information may take place via a publicly available network, such as a communication link between two devices, over an associated network within an organization, or may take place between two devices within the same associated component as within a computer or point of sale device.
    The devices range from relatively large computer systems to telecommunications devices, cell phones, monitors, sensors, electronic purses and smart cards, and a wide variety of devices connected to transfer data between two or more such devices.
    A variety of communication protocols have been developed to allow the exchange of data between different devices. The communication protocols enable the exchange of data in a robust manner, often with error correction and error detection functionality, and direct the data to the intended recipient and restore it for reuse.
    Since the data may be accessible to other devices, they are susceptible to interception and monitoring or manipulation. The sensitive nature of the information requires that steps be taken to safeguard the information and ensure its integrity.
    A number of methods, collectively referred to as encryption protocols and authentication protocols, have been developed to provide the required attributes and to ensure security and / or integrity in the exchange of information. These methods use a key that is combined with the data.
    There are two major forms of cryptosystems that implement the protocols: symmetric key cryptosystems and asymmetric or public-key cryptosystems. In a symmetric key cryptosystem, the devices exchanging information share a common key known only to the devices that are to share the information. Systems with symmetric keys have the advantage that they are relatively fast and therefore can handle large amounts of data in a relatively short time, even with limited computational power. However, the keys must be securely distributed to the various services, resulting in increased operational costs and increased vulnerabilities if the key is compromised.
    Public-key cryptosystems use a key pair, one of which is public and the other is private and assigned to each device. The public key and the private key are linked by a "grave" mathematical problem, so even if the public key and the underlying problem are known, the private key can not be recovered in a reasonable amount of time. One such problem is the factorization of the product of two large primes, as used in RSA cryptosystems. Another is the discrete log problem in a finite cyclic group. A generator, α, of the underlying group is identified as a system parameter, and a random integer, k, is generated for use as a private key. To get a public key, K, a k-fold group operation is performed so that K = f (a, k).
    In discrete log cryptosystems, various groups can be used, comprising the multiplicative group of a finite field, the group of integers in a finite cyclic group of order p, usually given as Zp * and consisting of the integers 0 to p -1. The group operation is a multiplication such that K = f (ak).
    Another group used for improved security is an Elliptic Curve Group. The elliptic curve group is composed of pairs of elements, one of which is given as x and the other as y in a range which satisfies the equation of the selected elliptic curve. For a group of order p, the relationship is generally defined by y2 = x3 + ax + b mod p. Other underlying fields use different curves. Each such pair of elements is a point on the curve and a generator of the group or a suitable subgroup is indicated as a point P. The group operation is an addition so that a private key k has an associated public key f (kP).
    Public-key cryptosystems reduce the infrastructure required for symmetric-key cryptosystems. A device generates a key pair by obtaining an integer k, which is used as a private key, and performs a k-fold group operation to generate the associated public key. For an elliptic curve group, this would be kP. The public key is published so that it is available to other devices.
    Devices can then use the key pair when communicating with each other. When a device wants to encrypt a message to be sent to another device, it uses the public key of the intended recipient in an encryption protocol. The message can be decrypted and recovered by the other device using the private key.
    To confirm the integrity of a message to the recipient, the device may also use the key pair in a digital signature protocol. The message is signed using the private key k and other devices can confirm the integrity of the message using the public key kP.
    A digital signature is a computer-readable data string (or number) that associates a message with the originator of that data string. An algorithm for generating digital signatures is a method for generating digital signatures.
    Digital signature systems are designed to provide the digital equivalent of handwritten signatures (and beyond). A digital signature is a number that depends on a secret that is known only to the signer (the private key of the signer) and, in addition, depends on the contents of the signed message.
    Signatures must be verifiable - if there is a dispute as to whether an entity has signed a document, an unbiased third party should be able to justify the matter in an equitable manner without having access to the document Private key of the signer is required. It can come to arguments, if a signer tries to reject a signature produced by him or if a counterfeiter makes a dishonest claim.
    The three basic different forms of signatures are: An attached digital signature system in which the original message must be an input to the verification process. A message recovery digital signature system that does not require the original message to be entered during the verification process. Usually, the original message is restored during the review. - A partial message recovery digital signature system where only part of the message needs to be recovered.
    The present application deals with asymmetric digital signature systems with appendix. As previously discussed, asymmetrically means that each instance selects a key pair consisting of a private key and an associated public key. The instance maintains the privacy of the private key it uses to sign messages and makes authentic copies of its public key that are available to other instances that use them to verify signatures. Attachment usually means that a cryptographic hash function is used to generate a message digest of the message and the signing transformation is applied to the message digest rather than to the message itself.
    A digital signature must be secure if it is to fulfill its traceability function. There are several types of attacks on digital signatures known. The types of attacks on digital signatures include: - Key-only attack: An opponent has only the public key of the signer. Known Signature Attack: An adversary knows the signer's public key and has pairs of message signatures selected and generated by the signer. - Chosen Message Attack: The opponent selects signed messages from the signer, in which case the signer acts as an oracle. - Attacks on digital signatures can lead to the following breakpoints: - Total Break: An opponent is either able to calculate the private key information of the signer or finds an effective alternative signature algorithm. - Sélective Forgery: An adversary is able to generate a valid signature for a particular message. - Existential Forgery: An opponent is able to fake a signature for at least one message. - Universal Forgery: An adversary can fake any message without the secret key.
    Ideally, a digital signature system should be existentially forgery-proof in a Chosen message attack. This concept of security was introduced by Goldwasser, Micali and Rivest. Informally, this confirms that an adversary who is able to obtain an instance's signature for any messages of his choice will not be able to successfully forge a signature of that instance for a single other message.
    Digital signature systems can be used to provide the following basic cryptographic services: data integrity (the assurance that data has not been modified by unauthorized or unknown means), data origin authentication (assurance that the data origin is as claimed), and traceability (the assurance that an entity can not deny previous actions or commitments). digital
    Signature systems are commonly used as primitives in cryptographic protocols that provide other services, including instance authentication, authenticated key transport, and authenticated key agreement.
    The digital signature systems used today can be classified according to the serious underlying mathematical problem which forms the basis for their security: Systems for the prime factorization (IF), whose security is based on the recalcitrance of the Prime factor decomposition problem is based. Examples include the RSA and Rabin signature systems.
    Systems with discrete logarithms (DL) whose security is based on the recalcitrance of the (ordinary) discrete logarithm problem in a finite field. Examples include the EIGamal, Schnorr, DSA, and Nyberg Rueppel signature systems.
    Elliptic Curve (EC) systems whose safety is based on the recalcitrance of the discrete logarithm problem of elliptic curves.
    One signature system whose use is widespread is the Elliptic Curve Digital Signature Algorithm (ECD-SA). To generate the signature, it is necessary to hash the message and generate a public session key from a random integer. A signature component is obtained by a modular reduction of a coordinate of the point representing the public session key and the other signature component combines the hash and private keys of the signer. This necessitates a reversal of the private key of the session, which can be computationally expensive.
    The check requires hashing the message and reversing the other component. Various mathematical methods have been developed to make the signature and verification efficient, but the hashing and the modular reduction remain computationally expensive.
    It is an object of the present invention to provide a signature system in which the above disadvantages can be avoided or mitigated.
    Summary In one aspect, there is provided a method of generating an elliptic curve cryptography signature comprising a first component and a second component for a message using a long-term privilege key, a private key for the session and a public key for the session generated from the private key for the session, the method comprising: generating a first signature component using an x coordinate of the public key for the session and the message; Generating a second signature component by combining the long-term private key and the first signature component to provide a first result, subtracting the first result from the private key for the session to provide a second result, and combining the second result with the private key for the session.
    In another aspect, there is provided a cryptographic correspondent device comprising a processor and a memory, wherein the memory stores a long-term private key, the device further comprising an associated long-term cryptographic public key using of the long-term private key and a cryptographic generator, and an identity are associated with the memory, further storing computer instructions which, when executed by the processor, cause the processor to perform a procedure for the elliptical Implementing a curve cryptography signature, comprising: generating a private key for the session and an associated cryptographic public key for the session; Generating a first signature component using an x-coordinate of the public key for the session and the message; and generating a second signature component by combining the long-term private key and the first signature component to provide a first result, subtracting the first result from the private key for the session to provide a second result, and combining the second result with the private key for the session.
    According to another aspect, a signature may be verified by: reconstructing the public key for the session from the signature components, a long-term public key that matches the long-term private key, and a base point generator; Restoring the x-coordinate of the reconstructed public key for the session; Generating an intermediate component from the first signature component and the message; and verifying the signature by comparing the intermediate component and the restored public domain x-coordinate of the session session.
    DESCRIPTION OF THE DRAWINGS An embodiment of the invention will now be described with reference to the accompanying drawings, in which:
    Fig. 1 is a schematic representation of a data communication system;
    Fig. 2 is an illustration of a device used in the data communication system of Fig. 1; and
    FIG. 3 is a flowchart showing the protocol implemented between a pair of devices shown in FIG. 1. FIG.
    Detailed Description The protocol is described in the context of an elliptic curve group generated by a point P which should have a prim order n.
    Thus, referring to FIG. 1, a data communication system 10 includes a plurality of devices 12 interconnected by communication links 14. The devices 12 may be of any known type, including a computer 12a, a server 12b, a cellular phone 12c, an ATM 12d, and a smart card 12e. The communication links 14 may be conventional landline telephone connections, wireless connections implemented between the devices 12, near-field communication connections such as Bluetooth, or other conventional forms of communication.
    The devices 12 are different in purpose, but typically include a communication module 20 (Figure 2) for communicating with the links 14. A memory 22 provides a persistent instruction storage medium for implementing protocols and data as desired save. A secure storage module 24, which may be part of the memory 22 or a separate module, is used to store private information such as the private keys used in the encryption protocols and to withstand manipulation with that data. An arithmetic logic unit (ALU) 26 is provided to execute the arithmetic operation instructions from the memory 22 using the data stored in the memories 22, 24. Also, a random or pseudorandom number generator 28 is integrated to generate bit strings that represent random numbers in a cryptographically secure manner. The memory 22 also includes an instruction set for conditioning the ALU 26 to execute a block cipher algorithm such as an AES block cipher, which will be described in more detail below.
    It will be appreciated that the device 12 illustrated in FIG. 2 is highly schematic and representative of a conventional device used in a data communication system.
    The memory 22 stores system parameters for the cryptosystem to be implemented and a series of computer readable instructions for implementing the required protocol. In the case of an elliptic curve cryptosystem, elliptic curve domain parameters consist of six sets q, a, b, P, n and h, which are: The field size q The coefficients of the elliptic curve a and b
    - Base point generator P - Order n of base point generator - The cofactor h, which is the number such that hn is the number of points on the elliptic curve.
    The parameters are represented as bit strings and the representation of the base point P is represented as a pair of bit strings, each representing an element of the underlying field. As is usual, one of these episodes can be truncated, as the full representation can be restored by the other coordinate and the truncated representation.
    The secure memory module 24 contains a bit sequence representing a long-term private key d and the associated public key Q. For an elliptic curve cryptosystem, the key Q = dP.
    Ephemeral values computed by the ALU may also be stored in the secure module 24 if their value is to be secret.
    A digital signature protocol is required when one of the devices 12 sends a message, m, to one or more of the other devices and the other devices need to be able to authenticate the message. The message may, for example, be a document to be signed by all parties or may be a command to the ATM 12d for the transfer of funds. To describe the protocol, each device is identified as an instance such as Alice or Bob, as is common in the handling of cryptographic protocols, or identified as a correspondent. It is understood, however, that each instance is a device 12 that performs operations using the device illustrated in FIG.
    The instance Alice writes a message, m, which is a bit string representative of the information to be sent to another instance, Bob. The signature system accepts as its input the message, m, and the private key d of the signer (Alice), which is an integer.
    The verification system accepts as input the message, m, the public key Q of the signer, which is an element of the group generated by the generating point P, and an alleged signature for the message by the signer. The signature includes a pair of signature components that are computed by the signer and that are usually sent to the recipients with the message, m.
    To sign the message, m, using the private key d of the signer: Alice, at block 300, generates a message, m, and, using a cryptographic hash function H, creates a hash to do so, e = H (m) and at block 302 uses the RNG 28 to calculate an integer k in the range [1, n-1]. The value k is the ephemeral (or short-term or session) private key of Alice. At block 304, the ALU 24 performs a point multiplication to use an elliptic curve point K = kP, which is used as Alice's ephemeral public key.
    The ephemeral public key K is represented by a pair of bit strings, x, y, which are both elements of the underlying field, as shown at block 304. At block 306, the bit sequence representing the coordinate x is used as an integer to calculate an intermediate value, r, r = e + x (mod n).
    At block 308, the ALU 24 then calculates the second signature component s from the session key k, the first signature component r, and the private key d: s = (k + 1) -1 (k-dr) (mod n) [0049 As shown at block 310, the component s is an integer and the signature for the message m is the pair of components r, s. The message m is sent to Bob by Bob along with the signature (r, s) using the communication module 20.
    The signature protocol can be summarized as follows: a. Calculate e = H (m), where H is a cryptographic hash function. b. Calculating an elliptic curve point K by randomly selecting an integer k in the range of [1, n-1], and then calculating the elliptic curve point kP = K. c. Let x be the affine x-coordinate of the point kP. d. Calculate the integer r = e + x (mod n). e. Calculate the integer s = (k + 1) _1 (k - dr) (mod n). If s = 1, then go to step (b). f. Output (r, s) as the signature of the message m.
    After Bob has received the message m, he may want to verify the signature and thus confirm that it has been sent by Alice and its contents have not been altered.
    At block 312, Bob composes a hash for message m with a cryptographic hash function H to generate e = H (m). At block 314, using the relationship K '= s' (1-s') _ 1 P + r' (1-s') _ 1 Q, an ALU 24 calculates an elliptic curve point K ', where (r', s') is the signature received from Bob and Q is Alice's public key received from a trusted source, such as a certificate signed by a certification authority ("CA"), and sent to Bob by Alice.
    At block 316, the x coordinate of point K 'is obtained and compared with (r' - e ') (mod n) at block 318, and if they are equal, the signature is checked as shown at block 320 , If not, the signature is rejected and the message can be considered invalid, as shown at block 322.
    In summary, the verification protocol includes the following: a. Check that r 'and s' are in the interval [0, n-1] and s' # 1. If one of the two checks fails to produce the required result, then print "invalid". b. Calculate Elliptic Curve Point K '= s' (1-s ') _ 1P + r' (1-s ') _ 1 Q. If K' = "invalid". c. Let x 'be the x-coordinate of the point K'. d. Calculate e = H (m). e. Check that x '= (r' - e) (mod n). If the check does not provide the required result, then print "invalid"; otherwise spend "valid".
    The first signature component r can be calculated as r = (H (m) + x) (mod n). The first signature component r may also be composed of x and m using a one-way function such as a cryptographic hash function, i. r = H (x II m) are calculated. An alternative calculation is available that uses a block cipher such as the AES block cipher to calculate r = Ex (m). In one embodiment, coordinate x is used as the symmetric key for encryption of block cipher E, which is executed in the ALU.
    权利要求:
    Claims (14)
    [1]
    claims
    A method of generating a verifiable elliptic curve cryptography signature comprising a first signature component and a second signature component for a message using a long-term private key, a session private key, and a session public key generated from a multiplication comprising the session private key and a base point generator, the method comprising: generating the first signature component, comprising adding an x coordinate of the session public key to a cryptographic hash of the message; Generating the second signature component, comprising multiplying the long-term private key and the first signature component to provide a first result, subtracting the first result from the session private key to provide a second result, adding one to the session private -Key to provide a third result, and multiplying the inverse of the third result by the second result.
    [2]
    2. A method for verifying a signature generated by the method of claim 1, the method comprising: reconstructing the session public key from the signature components, a long-term public key that matches the long-term private key, and the base point generator; Restoring the x-coordinate of the reconstructed session public key; Generating an intermediate component from the first signature component by subtracting the hash of the message; and verifying the signature by comparing the intermediate component and the restored x-coordinate of the session public key.
    [3]
    3. The method of claim 1, wherein the first signature component is generated as the sum of a hash of the message and the x-coordinate of the session public key.
    [4]
    4. The method of claim 2, wherein the intermediate component is generated as a subtraction of a hash of the message from the first signature component.
    [5]
    The method of claim 1, wherein generating the third result comprises adding one to the value of the session private key.
    [6]
    The method of claim 1, wherein the first signature component is generated by encrypting the message with a block cipher using the x-coordinate of the session public key as a symmetric key.
    [7]
    The method of claim 1, wherein the first signature component is generated by applying a cryptographic hash function for the concatenation of the message and the x-coordinate of the session public key.
    [8]
    A cryptographic correspondent device comprising a processor and a memory, wherein the memory stores a long-term private key, the device further comprising an associated cryptographic long-term public key using the long-term private key and a cryptographic generator, and having an identity associated therewith, and wherein the memory further stores computer instructions that, when executed by the processor, cause the processor to implement a method for elliptic curve cryptography signature method comprising: generating a session private key and an associated session cryptographic public key generated from a multiplication comprising the session private key and a base point generator; Generating a first signature component including adding an x-coordinate of the session public key to a cryptographic hash of the message; and generating a second signature component comprising multiplying the long-term private key and the first signature component to provide a first result, subtracting the first result from the session private key to provide a second result, and adding one to the session private -Key to provide a third result, and multiplying the inverse of the third result by the second result.
    [9]
    9. The apparatus of claim 8, wherein the signature is verifiable by: reconstructing the session public key from the signature components, a long-term public key that matches the long-term private key, and the base point generator; Restoring the x-coordinate of the reconstructed session public key; Generating an intermediate component from the first signature component by subtracting the hash of the message; and verifying the signature by comparing the intermediate component and the restored x-coordinate of the session public key.
    [10]
    10. The apparatus of claim 8, wherein the first signature component is generated as the sum of a hash of the message and the x-coordinate of the session public key.
    [11]
    11. The apparatus of claim 8, wherein the first signature component is generated by applying a cryptographic hash function to the concatenation of the message and the x-coordinate of the session public key.
    [12]
    12. The apparatus of claim 9, wherein the intermediate component is generated as a subtraction of a hash of the message from the first signature component.
    [13]
    13. The apparatus of claim 8, wherein generating the third result comprises adding one to the value of the session private key.
    [14]
    14. The apparatus of claim 9, wherein the first signature component generates by encrypting the message with a block cipher using the x-coordinate of the session public key as a symmetric key.
    类似技术:
    公开号 | 公开日 | 专利标题
    CH711133B1|2019-07-15|Protocol for signature generation
    DE69918818T2|2005-08-25|A method for generating a public key in a secure digital communication system and implicit certificate
    DE60200496T2|2005-06-23|Method and apparatus for performing an efficient password-authenticated key exchange
    DE19804054B4|2010-04-01|System for verification of data cards
    DE69834431T3|2009-09-10|LIQUID RESISTANT CRYPTOGRAPHIC PROCESS AND DEVICE
    Camenisch1998|Group signature schemes and payment systems based on the discrete logarithm problem
    DE69938624T2|2009-06-10|ROBUST AND EFFICIENT DISTRIBUTED GENERATION OF A RSA KEY
    DE60036112T2|2007-12-06|SERVER SUPPORTED RECOVERY OF A STRONG SECRET FROM A WEAK SECRET
    DE69636815T2|2007-11-08|PROCEDURE FOR MEETING KEY GENERATION WITH IMPLIED SIGNATURES
    DE19803939B4|2020-03-26|Procedure for identifying authorized access officers
    DE60031304T3|2010-07-01|METHOD FOR AUTHENTICATING SOFTWARE USERS
    DE102012206341A1|2012-10-31|Shared encryption of data
    CH708239B1|2019-02-28|Key agreement protocol.
    DE102010002241B4|2012-03-22|Apparatus and method for efficient one-way authentication
    CH708240A2|2014-12-31|Signature log and device for its implementation.
    DE19829643C2|2000-05-04|Method and device for block verification of multiple digital signatures and storage medium on which the method is stored
    EP1368929B1|2019-06-05|Authentication method
    DE102008055076A1|2010-07-01|Device and method for protecting data, computer program, computer program product
    DE10328860A1|2005-01-20|Device and method for encrypting data
    DE112012000971B4|2014-06-26|data encryption
    Ho et al.2015|Simple-yet-efficient construction and revocation of group signatures
    CH711134A2|2016-11-30|Key tuning protocol.
    EP3182318B1|2021-06-16|Signature generation by means of a security token
    Shao et al.2006|Efficient ID-based threshold signature schemes without pairings
    DE102020119569B3|2021-12-09|Provision of cryptographic information
    同族专利:
    公开号 | 公开日
    US9800418B2|2017-10-24|
    US20160352525A1|2016-12-01|
    CH711133A2|2016-11-30|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US6782100B1|1997-01-29|2004-08-24|Certicom Corp.|Accelerated finite field operations on an elliptic curve|
    CA2228185C|1997-01-31|2007-11-06|Certicom Corp.|Verification protocol|
    US6279110B1|1997-11-10|2001-08-21|Certicom Corporation|Masked digital signatures|
    US7587605B1|2004-03-19|2009-09-08|Microsoft Corporation|Cryptographic pairing-based short signature generation and verification|
    US8467535B2|2005-01-18|2013-06-18|Certicom Corp.|Accelerated verification of digital signatures and public keys|
    US8396213B2|2005-01-21|2013-03-12|Certicom Corp.|Elliptic curve random number generation|
    EP2151947A1|2008-08-05|2010-02-10|Irdeto Access B.V.|Signcryption scheme based on elliptic curve cryptography|
    US8775813B2|2010-02-26|2014-07-08|Certicom Corp.|ElGamal signature schemes|
    US9143319B2|2010-09-17|2015-09-22|Certicom Corp.|Mechanism for managing authentication device lifecycles|
    EP2442483A3|2010-10-15|2012-08-15|Certicom Corp.|Elliptic curve Pinstov Vanstone signature scheme with authenticated message recovery|
    FR2982106B1|2011-10-28|2014-04-18|Logiways France|MESSAGE CRYPTOGRAPHIC SIGNATURE METHOD, SIGNATURE VERIFICATION METHOD AND CORRESPONDING SIGNATURE AND VERIFICATION DEVICES|
    US20150006900A1|2013-06-27|2015-01-01|Infosec Global Inc.|Signature protocol|IT201600076089A1|2016-07-20|2018-01-20|St Microelectronics Srl|PROCEDURE FOR THE GENERATION OF A DIGITAL SIGNATURE OF A MESSAGE, CORRESPONDING GENERATION UNITS, ELECTRONIC EQUIPMENT AND COMPUTER PRODUCT|
    GB201617620D0|2016-10-18|2016-11-30|Cybernetica As|Composite digital signatures|
    US10341098B2|2017-01-24|2019-07-02|Nxp B.V.|Method of generating cryptographic key pairs|
    US10798086B2|2017-05-08|2020-10-06|Amazon Technologies, Inc.|Implicit certificates using ring learning with errors|
    US10511591B2|2017-05-08|2019-12-17|Amazon Technologies, Inc.|Generation of shared secrets using pairwise implicit certificates|
    WO2018208546A1|2017-05-08|2018-11-15|Amazon Technologies, Inc.|Generation of shared secrets using pairwise implicit certificates|
    US10516543B2|2017-05-08|2019-12-24|Amazon Technologies, Inc.|Communication protocol using implicit certificates|
    EP3673616A4|2019-05-31|2020-10-28|Advanced New Technologies Co., Ltd.|Method for restoring public key based on sm2 signature|
    法律状态:
    2018-05-15| PCAR| Change of the address of the representative|Free format text: NEW ADDRESS: HOLEESTRASSE 87, 4054 BASEL (CH) |
    2018-07-13| NV| New agent|Representative=s name: ISLER AND PEDRAZZINI AG, CH |
    优先权:
    申请号 | 申请日 | 专利标题
    US14/721,548|US9800418B2|2015-05-26|2015-05-26|Signature protocol|
    [返回顶部]