摘要
SM2是我国于2010年发布的椭圆曲线公钥密码标准,由于其具有比RSA签验速度快、存储空间小和运算复杂度低的特点被广泛应用于金融、社保等领域。随着国密算法的推广应用,密钥安全和数据隐私问题备受关注。单密钥签名模式的签名权力过于集中,无法满足分布式环境的应用需求,密钥泄露将威胁整个密码系统的安全,密钥的安全存储和合理利用问题亟待解决。此外,标准SM2数字签名算法无法实现消息内容的隐私保护功能,国密算法的签名消息的隐私保护有待进一步探究。针对签名算法的密钥安全和数据隐私问题,已有对SM2的协作签名研究和盲签名研究,然而,没有对SM2盲签名的协作设计,提出一种两方协作的盲签名协议,允许除用户以外的两方执行签名操作,签名过程无须恢复完整私钥,不会泄露部分私钥和秘密数的信息,密钥分散存储提升密钥安全性,盲签名性质保护消息隐私。在安全性方面,协议满足不可伪造性和不可链接性;在效率方面,使用C语言进行仿真测试,系统中各个参与者在本地的运行耗时均在可承受范围内,在签名者诚实执行协议的情况下,协作签名阶段中各个实体的时间损耗与执行一次轻量级的SM2盲签名的时间损耗基本一致。因此,该协议在功能和效率上具备一定的实用前景。
SM2,issued by China in 2010,is a public key cryptography standard based on elliptic curves.It has been widely used in finance,social security and other fields thanks to its advantages of improved signature efficiency,decreased storage space and computing complexity than RSA.With the popularization and application of SM2,the issues of its key security and data privacy are of great concern.The single-key mode inhibits the potential application in multi-user settings,and the leakage of the key will threaten the security of the entire cryptosystem due to the centralization.The problem of secure storage and reasonable utilization of keys needs to be solved urgently.In addition,the SM2 digital signature algorithm cannot guarantee the message privacy.Aiming at the issues of key security and data privacy of the signature algorithm,many researchers have proposed the idea of cooperative signature and blind signature for SM2.However,there isn’t SM2 collaborative blind signature scheme proposed.Then a two-party cooperative blind signing protocol based on SM2 was proposed in this paper,which allowed two parties to sign except the user.The signing process did not require recovering the complete private key,while not revealing the information of the partial private key and secret number.The key was stored separately to improve the security of the key,while the blind signature protected the privacy of the message.In terms of security,the protocol satisfied unforgeability and unlinkability.The protocol was implemented using C to demonstrate the efficiency of each participant’s local operation.In the honest model,the time cost of each entity in the cooperative signature phase was similar as that of executing a lightweight SM2 blind signature.Overall,the proposed protocol has certain advantages in terms of function and efficiency.
作者
白雪
秦宝东
郭瑞
郑东
BAI Xue;QIN Baodong;GUO Rui;ZHENG Dong(School of Cyberspace Security,Xi’an University of Posts&Telecommunications,Xi’an 710121,China)
出处
《网络与信息安全学报》
2022年第6期39-51,共13页
Chinese Journal of Network and Information Security
基金
国家自然科学基金(61872292)
青海省基础研究计划项目(2020-ZJ-701)。
关键词
SM2
协作盲签名
密钥安全
隐私保护
SM2
two-party blind signature
key security
privacy protection
