网络与信息安全学报 ›› 2022, Vol. 8 ›› Issue (6): 39-51.doi: 10.11959/j.issn.2096-109x.2022081

• 专题:密码学技术与应用 • 上一篇    下一篇

基于SM2的两方协作盲签名协议

白雪, 秦宝东, 郭瑞, 郑东   

  1. 西安邮电大学网络空间安全学院,陕西 西安 710121
  • 修回日期:2022-06-22 出版日期:2022-12-15 发布日期:2023-01-16
  • 作者简介:白雪(1996- ),女,陕西榆林人,西安邮电大学硕士生,主要研究方向为国密算法、公钥密码学
    秦宝东(1982- ),男,江苏徐州人,西安邮电大学教授,主要研究方向为公钥密码学
    郭瑞(1984- ),男,河南洛阳人,西安邮电大学副教授,主要研究方向为区块链安全
    郑东(1964- ),男,山西翼城人,西安邮电大学教授、博士生导师,主要研究方向为信息安全
  • 基金资助:
    国家自然科学基金(61872292);青海省基础研究计划项目(2020-ZJ-701)

Two-party cooperative blind signature based on SM2

Xue BAI, Baodong QIN, Rui GUO, Dong ZHENG   

  1. School of Cyberspace Security, Xi’an University of Posts &Telecommunications, Xi’an 710121, China
  • Revised:2022-06-22 Online:2022-12-15 Published:2023-01-16
  • Supported by:
    The National Natural Science Foundation of China(61872292);Basic Research Program of Qinghai Province(2020-ZJ-701)

摘要:

SM2是我国于2010年发布的椭圆曲线公钥密码标准,由于其具有比RSA签验速度快、存储空间小和运算复杂度低的特点被广泛应用于金融、社保等领域。随着国密算法的推广应用,密钥安全和数据隐私问题备受关注。单密钥签名模式的签名权力过于集中,无法满足分布式环境的应用需求,密钥泄露将威胁整个密码系统的安全,密钥的安全存储和合理利用问题亟待解决。此外,标准 SM2 数字签名算法无法实现消息内容的隐私保护功能,国密算法的签名消息的隐私保护有待进一步探究。针对签名算法的密钥安全和数据隐私问题,已有对SM2的协作签名研究和盲签名研究,然而,没有对SM2盲签名的协作设计,提出一种两方协作的盲签名协议,允许除用户以外的两方执行签名操作,签名过程无须恢复完整私钥,不会泄露部分私钥和秘密数的信息,密钥分散存储提升密钥安全性,盲签名性质保护消息隐私。在安全性方面,协议满足不可伪造性和不可链接性;在效率方面,使用C语言进行仿真测试,系统中各个参与者在本地的运行耗时均在可承受范围内,在签名者诚实执行协议的情况下,协作签名阶段中各个实体的时间损耗与执行一次轻量级的 SM2 盲签名的时间损耗基本一致。因此,该协议在功能和效率上具备一定的实用前景。

关键词: SM2, 协作盲签名, 密钥安全, 隐私保护

Abstract:

SM2, issued by China in 2010, is a public key cryptography standard based on elliptic curves.It has been widely used in finance, social security and other fields thanks to its advantages of improved signature efficiency, decreased storage space and computing complexity than RSA.With the popularization and application of SM2, the issues of its key security and data privacy are of great concern.The single-key mode inhibits the potential application in multi-user settings, and the leakage of the key will threaten the security of the entire cryptosystem due to the centralization.The problem of secure storage and reasonable utilization of keys needs to be solved urgently.In addition, the SM2 digital signature algorithm cannot guarantee the message privacy.Aiming at the issues of key security and data privacy of the signature algorithm, many researchers have proposed the idea of cooperative signature and blind signature for SM2.However, there isn’t SM2 collaborative blind signature scheme proposed.Then a two-party cooperative blind signing protocol based on SM2 was proposed in this paper, which allowed two parties to sign except the user.The signing process did not require recovering the complete private key, while not revealing the information of the partial private key and secret number.The key was stored separately to improve the security of the key, while the blind signature protected the privacy of the message.In terms of security, the protocol satisfied unforgeability and unlinkability.The protocol was implemented using C to demonstrate the efficiency of each participant’s local operation.In the honest model, the time cost of each entity in the cooperative signature phase was similar as that of executing a lightweight SM2 blind signature.Overall, the proposed protocol has certain advantages in terms of function and efficiency.

Key words: SM2, two-party blind signature, key security, privacy protection

中图分类号: 

No Suggested Reading articles found!