基于SM9的两方协同盲签名方案

doi:10.19678/j.issn.1000-3428.0064968

摘要/Abstract

摘要： 为了解决现有国密SM9盲签名方案中签名私钥易泄露以及签名权力过于集中的问题，提出一种基于国密SM9的两方协同盲签名方案。密钥生成中心将SM9的签名私钥分割成两个部分并分配给两方签名者，同时设计一种两方协同盲签名的协议，在该协议中用户使用特定的盲化因子对待签消息进行盲化，由两个签名参与方合作生成合法的SM9盲签名。该协议保证只有拥有签名权限的通信双方才能合作生成有效的SM9盲签名，且在交互签名的过程中不会泄漏完整的SM9签名私钥，在保护待签消息隐私的同时能有效解决现有SM9盲签名中签名私钥的安全性问题，且两方签名协议的设计能满足特定场景下对分散签名权力的需求。理论分析与仿真结果表明，该方案的签名长度接近现有SM9相关签名方案但功能更加完善，在通用安全构架下被证明满足盲签名的基本安全要求，相较原始SM9签名方案，所提方案在增加合理时间消耗的前提下能够有效提高协同特性。

关键词: SM9算法, 基于标识的签名, 盲签名, 密钥分割, 两方协同签名

Abstract: In the existing SM9 blind signature scheme，the signature private key is leaked easily and the signature power is centralized，which are problematic.Hence，a two-party collaborative blind signature scheme based on SM9 is proposed.The Key Generation Center（KGC） separates the signature private key of SM9 into two and distributes it to two signers.Additionally，it designs a two-party cooperative blind signature protocol，in which the user uses a specific blinding factor to conceal the message to be signed，and the two signature participants cooperate to generate a legal SM9 blind signature.This protocol ensures that only the communication parties with signature authority can cooperate to generate an effective SM9 blind signature and that the complete SM9 signature private key will not be disclosed during an interactive signature.Thus，the security problem of the signature private key in the existing SM9 blind signature is solved effectively while the privacy of the message to be signed is protected.Furthermore，the design of the two-party signature protocol satisfies the requirements for decentralized signature authority in specific scenarios.Theoretical analysis and simulation results show that the signature length of the proposed scheme is similar to that of the existing SM9-related signature scheme but its function is more ideal；additionally，the proposed scheme can satisfy the basic security requirements of blind signatures under the general security framework.Compared with the original SM9 signature scheme，the proposed scheme can effectively improve its cooperative characteristics by increasing the reasonable time consumption.

Key words: SM9 algorithm, Identity-Based Signature（IBS）, blind signature, key segmentation, two-party cooperative signature

中图分类号:

TP391

陈倩倩, 秦宝东. 基于SM9的两方协同盲签名方案[J]. 计算机工程, 2023, 49(6): 144-153,161.

CHEN Qianqian, QIN Baodong. Two-Party Cooperative Blind Signature Scheme Based on SM9[J]. Computer Engineering, 2023, 49(6): 144-153,161.

http://www.ecice06.com/CN/Y2023/V49/I6/144

图/表 5

20230615165528

20230615165531

20230615165534

20230615165538

20230615165541

参考文献

[1] 中国互联网络信息中心.第49次中国互联网络发展状况统计报告[EB/OL].[2022-05-05].http://www.cnnic.net.cn/hlwfzyj/hlwxzbg/hlwtjbg/202202/P020220311493378715650.pdf.CNNIC.The 49th statistical report on Internet development in China[EB/OL].[2022-05-05].http://www.cnnic.net.cn/hlwfzyj/hlwxzbg/hlwtjbg/202202/P020220311493378715650.pdf.(in Chinese)
[2] 赖建昌,黄欣沂,何德彪,等.基于商密SM9的高效标识签密[J].密码学报,2021,8(2):314-329.LAI J C,HUANG X Y,HE D B,et al.An efficient identity-based signcryption scheme based on SM9[J].Journal of Cryptologic Research,2021,8(2):314-329.(in Chinese)
[3] 秦宝东,张博鑫,白雪.基于仲裁的SM9标识加密算法[J].计算机学报,2022,45(2):412-426.QIN B D,ZHANG B X,BAI X.Mediated SM9 identity-based encryption algorithm[J].Chinese Journal of Computers,2022,45(2):412-426.(in Chinese)
[4] 张博鑫,耿生玲,秦宝东.高效的可撤销SM9标识签名算法[J].计算机应用研究,2022,39(9):2837-2842,2849.ZHANG B X,GENG S L,QIN B D.Efficient revocable SM9 identity-based signature algorithm[J].Application Research of Computers,2022,39(9):2837-2842,2849.(in Chinese)
[5] CHAUM D.Blind signatures for untraceable payments[EB/OL].[2022-05-05].https://sceweb.sce.uhcl.edu/yang/teaching/csci5234WebSecurityFall2011/Chaum-blind-signatures.PDF.
[6] 张学军.2个改进的基于身份的代理盲签名[J].计算机工程,2009,35(3):15-17.ZHANG X J.Two improved ID-based proxy blind signatures[J].Computer Engineering,2009,35(3):15-17.(in Chinese)
[7] 曹素珍,戴文洁,王彩芬,等.基于身份部分盲签名方案的分析与改进[J].计算机工程与科学,2018,40(12):2193-2197.CAO S Z,DAI W J,WANG C F,et al.Analysis and improvement of an ID-based partially blind signature scheme[J].Computer Engineering & Science,2018,40(12):2193-2197.(in Chinese)
[8] 王方鑫.一种基于RSA算法的盲签名方案[J].电脑知识与技术,2019,15(2):271-272.WANG F X.Blind signature scheme based on RSA algorithm[J].Computer Knowledge and Technology,2019,15(2):271-272.(in Chinese)
[9] 顾兆军,刘东楠.基于身份的Elgamal盲签名方案及其应用[J].计算机工程与设计,2019,40(5):1201-1204,1209.GU Z J,LIU D N.Identity based Elgamal blind signature scheme and its application[J].Computer Engineering and Design,2019,40(5):1201-1204,1209.(in Chinese)
[10] 张雪锋,彭华.一种基于SM9算法的盲签名方案研究[J].信息网络安全,2019(8):61-67.ZHANG X F,PENG H.Blind signature scheme based on SM9 algorithm[J].Netinfo Security,2019(8):61-67.(in Chinese)
[11] 王倩.基于编码的盲签名在电子投票系统中的应用[J].数码世界,2020(9):5-6.WANG Q.Application based on coded blind signature in electronic vote system[J].Digital Space,2020(9):5-6.(in Chinese)
[12] 何德彪,张语荻,张宇波,等.一种基于SM9数字签名的盲签名生成方法及系统:CN108551392B[P].2021-07-06.HE D B,ZHANG Y D,ZHANG Y B,et al.Blind signature generation method and system based on SM9 digital signature:CN108551392B[P].2021-07-06.(in Chinese)
[13] 吕尧,侯金鹏,聂冲,等.基于SM9算法的部分盲签名方案[J].网络与信息安全学报,2021,7(4):147-153.LÜ Y,HOU J P,NIE C,et al.Partial blind signature scheme based on SM9 algorithm[J].Chinese Journal of Network and Information Security,2021,7(4):147-153.(in Chinese)
[14] 陈丽燕.Hash-RSA盲签名的数字货币方案[J].计算机时代,2021(6):52-56.CHEN L Y.Digital currency scheme with Hash-RSA blind signature[J].Computer Era,2021(6):52-56.(in Chinese)
[15] 姜昊堃,董学东,张成.改进的具有前向安全性的无证书代理盲签名方案[J].计算机科学,2021,48(S1):529-532.JIANG H K,DONG X D,ZHANG C.Improved certificateless proxy blind signature scheme with forward security[J].Computer Science,2021,48(S1):529-532.(in Chinese)
[16] 唐卫中,张大伟,佟晖.基于SM2的无证书盲签名方案[J].计算机应用研究,2022,39(2):552-556.TANG W Z,ZHANG D W,TONG H.Certificateless blind signature scheme based on SM2[J].Application Research of Computers,2022,39(2):552-556.(in Chinese)
[17] 符朕皓,林定康,姜皓晨,等.大零币匿名技术及追踪技术综述[J].计算机科学,2021,48(11):62-71.FU Z H,LIN D K,JIANG H C,et al.Survey of anonymous and tracking technology in zerocash[J].Computer Science,2021,48(11):62-71.(in Chinese)
[18] JI Y P,SHEN C F,WANG Y B,et al.Design and implementation of SM9 digital signature algorithm[C]//Proceedings of the 15rd National Signal and Intelligent Information Processing and Application Academic Conference.Washington D.C.,USA:IEEE Press,2022:47-54.
[19] 何德彪,张语荻.一种两方分布式SM9数字签名生成方法与系统:CN107566128A[P].2018-01-09.HE D B,ZHANG Y D.A two-party distributed SM9 digital signature generation method and system:CN107566128A[P].2018-01-09.(in Chinese)
[20] MU Y H,XU H X,LI P L,et al.Secure two-party SM9 signing[J].Science China Information Sciences,2020,63(8):1-3.
[21] MISHRA S,YADUVANSHI R,RAI A K,et al.An ID-based signature scheme from bilinear pairing based on ex-K-plus problem[J].Advanced Materials Research,2011,403:929-934.
[22] BONEH D,BOYEN X.Short signatures without random oracles and the SDH assumption in bilinear groups[EB/OL].[2022-05-05].https://eprints.qut.edu.au/69199/2/Boyen_accepted_draft.pdf.
[23] 袁峰,程朝辉.SM9标识密码算法综述[J].信息安全研究,2016,2(11):1008-1027.YUAN F,CHENG Z H.Overview on SM9 identity-based cryptographic algorithm[J].Journal of Information Security Research,2016,2(11):1008-1027.(in Chinese)
[24] CHAUM D L.Blind signature systems:EP,US4759063(A)[P].198807-19.
[25] 彭聪,何德彪,罗敏,等.基于SM9标识密码算法的环签名方案[J].密码学报,2021,8(4):724-734.PENG C,HE D B,LUO M,et al.An identity-based ring signature scheme for SM9 algorithm[J].Journal of Cryptologic Research,2021,8(4):724-734.(in Chinese)
[26] 赖建昌,黄欣沂,何德彪,等.国密SM9数字签名和密钥封装算法的安全性分析[J].中国科学:信息科学,2021,51(11):1900-1913.LAI J C,HUANG X Y,HE D B,et al.Security analysis of SM9 digital signature and key encapsulation[J].Scientia Sinica(Informationis),2021,51(11):1900-1913.(in Chinese)

选择文件类型/文献管理软件名称

选择包含的内容