基于ISRSAC数字签名算法的适配器签名方案

doi:10.11959/j.issn.1000-436x.2023056

通信学报 ›› 2023, Vol. 44 ›› Issue (3): 178-185.doi: 10.11959/j.issn.1000-436x.2023056

基于ISRSAC数字签名算法的适配器签名方案

张艳硕¹^,², 刘宁¹, 袁煜淇¹, 杨亚涛³

¹ 北京电子科技学院密码科学与技术系，北京 100070
² 杭州师范大学浙江省密码技术重点实验室，浙江杭州 311121
³ 北京电子科技学院电子与通信工程系，北京 100070

修回日期:2023-01-04 出版日期:2023-03-25 发布日期:2023-03-01
作者简介:张艳硕（1979– ），男，陕西宝鸡人，博士，北京电子科技学院副教授、硕士生导师，主要研究方向为密码理论及其应用
刘宁（1999− ），女，山西忻州人，北京电子科技学院硕士生，主要研究方向为密码学
袁煜淇（2000− ），女，江西南昌人，北京电子科技学院硕士生，主要研究方向为密码学
杨亚涛（1978− ），男，河南平顶山人，博士，北京电子科技学院教授、博士生导师，主要研究方向为信息安全、同态加密、密码协议和算法
基金资助:
中央高校基本科研业务费专项资金资助项目(328202226);浙江省密码技术重点实验室基金资助项目(ZCI21009);国家自然科学基金资助项目(62002003)

Adaptor signature scheme based on ISRSAC digital signature algorithm

Yanshuo ZHANG¹^,², Ning LIU¹, Yuqi YUAN¹, Yatao YANG³

¹ Department of Cryptology Science and Technology, Beijing Electronic Science ＆Technology Institute, Beijing 100070, China
² Key Laboratory of Cryptography of Zhejiang Province, Hangzhou Normal University, Hangzhou 311121, China
³ Department of Electronic and Communication Engineering, Beijing Electronic Science ＆Technology Institute, Beijing 100070, China

Revised:2023-01-04 Online:2023-03-25 Published:2023-03-01
Supported by:
The Fundamental Research Funds for the Central Universities(328202226);Zhejiang Provincial Key Laboratory of Cryptography(ZCI21009);The National Natural Science Foundation of China(62002003)

摘要/Abstract

摘要：

适配器签名方案能够在区块链中提供很好的原子交换性质，并已在实践中得到广泛应用。以改进的安全RSA 密码系统（ISRSAC）数字签名算法为基础构造了一个新的适配器签名方案。在证明所提方案满足预签名的正确性、不可伪造性、预签名的可适配性、证据的可提取性和签名方案的安全性后，将其与基于 SM2 数字签名算法的适配器签名方案、基于 Schnorr 的适配器签名方案和基于 ECDSA 的适配器签名方案在时间开销、主要计算量等方面进行对比分析。分析结果表明，所提方案在时间开销上与其他方案相差不多，但所提方案扩展了ISRSAC算法在当前环境中的应用场景，且ISRSAC算法和适配器签名技术的结合使适配器签名的选择更具灵活性，应用范围更广。

关键词: 适配器签名, ISRSAC, 数字签名, 安全, 不可伪造性

Abstract:

The adapter signature scheme can provide good properties of atomic exchange in the block chain, and has been widely used in practice.A new adapter signature scheme was constructed based on a digital signature algorithm for improved security of RSA cryptosystem (ISRSAC).After proving that the proposed scheme satisfied the correctness of the pre-signature, unforgeability, adaptability of the pre-signature, extractability of the evidence and the security of the signature scheme, it was compared with the adapter signature scheme based on the SM2 digital signature algorithm, the Schnorr-based adapter signature scheme and the ECDSA-based adapter signature scheme.And these schemes were analyzed in terms of time overhead and main calculation amount.The analysis results show that the proposed scheme is similar to other schemes in terms of time overhead, but the proposed scheme expands the application scenarios of ISRSAC algorithm in the current environment, and through the combination of ISRSAC algorithm and adapter signature technology, the selection of adapter signature is more flexible and can have a wider range of applications.

Key words: adapter signature, ISRSAC, digital signature, safety, unforgeability

中图分类号:

TN918.1

张艳硕, 刘宁, 袁煜淇, 杨亚涛. 基于ISRSAC数字签名算法的适配器签名方案[J]. 通信学报, 2023, 44(3): 178-185.

Yanshuo ZHANG, Ning LIU, Yuqi YUAN, Yatao YANG. Adaptor signature scheme based on ISRSAC digital signature algorithm[J]. Journal on Communications, 2023, 44(3): 178-185.

图/表 3

表1

符号及定义"

符号	含义
T_mul	$Z_{m}^{}$ 或 $Z_{q}^{}$ 中执行一次模乘的耗时
T_add	$Z_{m}^{}$ 或 $Z_{q}^{}$ 中执行一次模加的耗时
T_inv	$Z_{m}^{}$ 或 $Z_{q}^{}$ 中执行一次模逆的耗时
T_exp	$Z_{m}^{*}$ 中执行一次模指数的耗时
T_h	一次哈希运算的耗时
T_pm	群G中一次点乘的耗时
T_pa	群G中一次点加的耗时
T_ZP	零知识证明中运行一次生成算法耗时
T_ZV	零知识证明中运行一次验证算法耗时

表1

表2

表3

参考文献 24

[1]	DIFFIE W , HELLMAN M . New directions in cryptography[J]. IEEE Transactions on Information Theory, 1976,22(6): 644-654.
[2]	程朝辉 . 数字签名技术概览[J]. 信息安全与通信保密, 2020,18(7): 48-62.
	CHENG C H . Overview of digital signature technology[J]. Information Security and Communications Privacy, 2020,18(7): 48-62.
[3]	SCHNORR C P . Efficient signature generation by smart cards[J]. Journal of Cryptology, 1991,4(3): 161-174.
[4]	ERWIG A , FAUST S , HOSTáKOVá K ,et al. Two-party adaptor signatures from identification schemes[C]// IACR International Conference on Public-Key Cryptography. Berlin:Springer, 2021: 451-480.
[5]	TANG W Z , WANG W N , FANTI G ,et al. Privacy-utility tradeoffs in routing cryptocurrency over payment channel networks[C]// Proceedings of the ACM on Measurement and Analysis of Computing Systems. New York:ACM Press, 2020: 1-39.
[6]	DECKER C , WATTENHOFER R . A fast and scalable payment network with bitcoin duplex micropayment channels[C]// Symposium on Self-Stabilizing Systems. Berlin:Springer, 2015: 3-18.
[7]	ERDIN E , CEBE M , AKKAYA K ,et al. A scalable private bitcoin payment channel network with privacy guarantees[J]. Journal of Network and Computer Applications， 2021:doi.org/10.1016/j.jnca.2021.103021.
[8]	CLA B , NING M D , XUN W ,et al. Rapido:scaling blockchain with multi-path payment channels[J]. Neurocomputing, 2020,406: 322-332.
[9]	RYU K , KIM W , LEE E K . PayGo:incentive-comparable payment routing based on contract theory[J]. IEEE Access, 2020,8: 70095-70110.
[10]	MILLER A , BENTOV I , KUMARESAN R ,et al. Sprites and state channels:payment networks that go faster than lightning[J]. arXiv Preprint,arXiv:1702.05812, 2017.
[11]	DESHPANDE A , HERLIHY M . Privary-preserving cross-chain atomic swaps[C]// Financial Cryptography and Data Security. Berlin:Springer, 2020: 540-549.
[12]	HOENISCH P , PINO L S D . Atomic swaps between bitcoin and monero[J]. arXiv Preprint,arXiv:2101.12332, 2021.
[13]	MALAVOLTA G , MORENO-SANCHEZ P , SCHNEIDEWIND C ,et al. Anonymous multi-hop locks for blockchain scalability and interoperability[C]// Proceedings of 2019 Network and Distributed System Security Symposium. Reston:Internet Society, 2019:10168773.
[14]	TAIRI E K , MORENO-SANCHEZ P , MAFFEI M . A2L:anonymous atomic locks for scalability in payment channel hubs[C]// Proceedings of 2021 IEEE Symposium on Security and Privacy (SP). Piscataway:IEEE Press, 2021: 1834-1851.
[15]	AUMAYR L , ERSOY O , ERWIG A ,et al. Generalized bitcoin compatible channels[J]. IACR Cryptology ePrint Archive, 2020(2020): 476.
[16]	ESGIN M F , ERSOY O , ERKIN Z . Post-quantum adaptor signatures and payment channel networks[C]// Proceedings of the 25th European Symposium on Research in Computer Security. Berlin:Springer, 2020: 378-397.
[17]	TAIRI E K , MORENO-SANCHEZ P , MAFFEI M . Post-quantum adaptor signature for privacy-preserving off-chain payments[C]// International Conference on Financial Cryptography and Data Security. Berlin:Springer, 2021: 131-150.
[18]	QIN X , CUI H , YUAN T H . Generic adaptor signature[J]. IACR Cryptology ePrint Archive, 2021(2021): 161.
[19]	AUMAYR L , ERSOY O , ERWIG A ,et al. Generalized channels from limited blockchain scripts and adaptor signatures[C]// Lecture Notes in Computer Science. Berlin:Springer, 2021: 635-664.
[20]	THYAGARAJAN S A K , MALAVOLTA G . Lockable signatures for blockchains:scriptless scripts for all signatures[C]// Proceedings of 2021 IEEE Symposium on Security and Privacy (SP). Piscataway:IEEE Press, 2021: 937-954.
[21]	彭聪, 罗敏, 何德彪 ,等. 基于SM2数字签名算法的适配器签名方案[J]. 计算机研究与发展, 2021,58(10): 2278-2286.
	PENG C , LUO M , HE D B ,et al. Adaptor signature scheme based on the SM2 digital signature algorithm[J]. Journal of Computer Research and Development, 2021,58(10): 2278-2286.
[22]	VARALAKSHMI P , THANGAVEL M . Improved secure RSA cryptosystem for data confidentiality in cloud[J]. International Journal of Information Systems and Change Management, 2017,9(4): 261-277.
[23]	YANG T , ZHANG Y S , XIAO S ,et al. Digital signature based on ISRSAC[J]. China Communications, 2021,18(1): 161-168.
[24]	田椒陵 . SM3 算法界面设计及安全性分析[J]. 信息安全与技术, 2014,5(5): 24-26,33.
	TIAN J L . SM3 algorithm interface design and safety analysis[J]. Information Security and Technology, 2014,5(5): 24-26,33.

方案	密钥生成算法	预签名生成算法	预签名验证算法	适配算法	提取算法
基于SM2的方案	T_mul	2T_pm+T_pa+T_h+2T_mul+T_inv+3T_add+T_ZP	2T_pm+T_pa+T_h+2T_mul+3T_add+T_ZV	T_add	T_add
基于Schnorr的方案	T_mul	T_pm+T_pa+T_h+T_mul+T_add	2T_pm+2T_pa+T_h	T_add	T_add
基于ECDSA的方案	T_mul	2T_pm+T_inv+T_h+T_mul+T_add+T_ZP	3T_pm+T_inv+T_h+2T_mul+T_ZV	Ti_nv+T_mul	Ti_nv+T_mul
本文方案	7T_mul+2T_inv	T_h+T_exp	T_h+2T_mul+T_inv+T_exp	T_inv+T_mul	T_inv+T_mul

方案	主要计算量	安全性
基于SM2的方案	群 G 中点乘和点加运算、模乘和模加运算、哈希运算、零知识证明算法运算	预签名正确性、预签名可适配性、aEUF-CMA安全性、证据可提取性
基于Schnorr的方案	群G中点乘运算、模乘运算、哈希运算	aEUF-CMA安全性、预签名可适配性、预签名正确性、证据可提取性
基于ECDSA的方案	群 G 中点乘和点加运算、模乘运算、哈希运算、零知识证明算法运算	aEUF-CMA安全性、预签名可适配性、预签名正确性、证据可提取性
本文方案	模乘和模加运算、哈希运算	预签名正确性、不可伪造性（即aEUF-CMA安全性）、预签名的可适配性、证据的可提取性

基于ISRSAC数字签名算法的适配器签名方案

Adaptor signature scheme based on ISRSAC digital signature algorithm

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 3

参考文献 24

相关文章 15

Metrics

推荐阅读 0

[1]	赵仕祺, 黄小红, 钟志港. 基于信誉的域间路由选择机制的研究与实现[J]. 通信学报, 2023, 44(6): 47-56.
[2]	李元诚, 秦永泰. 基于深度强化学习的软件定义安全中台QoS实时优化算法[J]. 通信学报, 2023, 44(5): 181-192.
[3]	刘盈泽, 郭渊博, 方晨, 李勇飞, 陈庆礼. 基于有限理性的网络防御策略智能规划方法[J]. 通信学报, 2023, 44(5): 52-63.
[4]	谢人超, 文雯, 唐琴琴, 刘云龙, 谢高畅, 黄韬. 轨道交通移动边缘计算网络安全综述[J]. 通信学报, 2023, 44(4): 201-215.
[5]	罗智勇, 张玉, 王青, 宋伟伟. 基于贝叶斯攻击图的SDN入侵意图识别算法的研究[J]. 通信学报, 2023, 44(4): 216-225.
[6]	余雪勇, 邱礼翔, 宋家宁, 朱洪波. 无人机辅助边缘计算中安全通信与能效优化策略[J]. 通信学报, 2023, 44(3): 45-54.
[7]	徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127.
[8]	康海燕, 龙墨澜. 基于吸收马尔可夫链攻击图的网络攻击分析方法研究[J]. 通信学报, 2023, 44(2): 122-135.
[9]	刘彩霞, 季新生, 邬江兴. 移动通信网的内生安全共性问题及破解之道[J]. 通信学报, 2022, 43(9): 70-79.
[10]	石润华, 于辉, 柯唯阳, 徐小桐. 基于BB84态的量子匿名一票否决协议[J]. 通信学报, 2022, 43(8): 109-120.
[11]	陈炜宇, 骆俊杉, 王方刚, 丁海洋, 王世练, 夏国江. 无线隐蔽通信容量限与实现技术综述[J]. 通信学报, 2022, 43(8): 203-218.
[12]	郭渊博, 李勇飞, 陈庆礼, 方晨, 胡阳阳. 融合Focal Loss的网络威胁情报实体抽取[J]. 通信学报, 2022, 43(7): 85-92.
[13]	杜瑞忠, 张玉晴, 李明月. 基于双向索引的高效连接关键字查询动态可搜索加密方案[J]. 通信学报, 2022, 43(5): 123-132.
[14]	罗洪斌, 张珊, 王志远. 共生网络——异构网络安全高效互联的体系结构与机理[J]. 通信学报, 2022, 43(4): 36-49.
[15]	廉欢欢, 侯慧莹, 赵运磊. 后量子基于验证元的三方口令认证密钥交换协议[J]. 通信学报, 2022, 43(4): 95-106.