摘要
在签名算法中,一旦签名私钥被窃取,敌手就可以随意伪造合法用户的签名,从而致使合法用户的权益受到侵害.为了降低签名私钥泄露的风险,本文提出了一种安全的两方协作SM2数字签名算法,该算法将签名私钥拆分成两个部分,分别交由两方来保管,通过采用零知识证明、比特承诺、同态加密等密码学技术保证了只有合法的通信双方才能安全地协作产生完整的SM2签名,任何一方都不能单独恢复出完整的签名私钥,方案的安全性在通用可组合安全框架下被证明,与已有的SM2协作签名方案相比,本文方案具有交互次数少、协作签名效率高等优势.
In the signature algorithm,once the private key of the signature is stolen,the adversary can forge the signature of the legal user arbitrarily,which will cause the rights of legal users to be infringed.In order to reduce the risk of signature private key leakage,a secure two-party SM2 digital signature algorithm is proposed in this paper.The private key of the signature is divided into two parts and each part of the private key is handed over to the different parties separately.The cryptographic techniques such as zero-knowledge proof,bit commitment and homomorphic encryption are used to ensure that only the legal users can generate the integrated SM2 signature.The integrated private key cannot be recovered individually.The security of the proposed scheme is proved under the universally composable security framework.Compared with the existing SM2 cooperative signature schemes,the proposed scheme has the advantages of fewer interactions and higher efficiency.
出处
《电子学报》
EI
CAS
CSCD
北大核心
2020年第1期1-8,共8页
Acta Electronica Sinica
基金
国家重点研发计划(No.2017YFB0802000)
国家自然科学基金(No.61572303,No.61772326,No.61802241,No.61802242)
“十三五”国家密码发展基金(No.MMJJ20180217)
中国科学院信息工程研究所信息安全国家重点实验室开放课题(No.2017-MS-03)
关键词
数字签名
零知识证明
比特承诺
同态加密
可证明安全
digital signature
zero-knowledge proof
bit commitment
homomorphic encryption
provable security
