基于SM9盲签名与环签名的安全电子选举协议

Secure E-Voting Protocol Based on SM9 Blind Signature and Ring Signature

针对电子选举过程中匿名性、公开可验证性、选票碰撞及伪造等问题,提出基于SM9算法的匿名公开可验证电子选举系统协议设计方案。以SM9签名算法为基础,构造基于身份的SM9盲签名算法和可链接环签名算法。算法安全分析表明,在随机预言机模型下,盲签名算法具有盲性和不可伪造性,环签名算法具有不可伪造性、匿名性、可链接性。在计算开销方面,盲签名算法在密钥提取阶段只需要1次标量乘、1次模逆和1次模乘运算,单次消耗的时间约为0.8717 ms,环签名算法在密钥提取、环签名生成、环签名验证阶段均具有较高的效率,整个环签名过程只需要5次双线性对运算,单次消耗的时间约为27.2617 ms。在通信开销方面,盲签名和环签名的签名长度均优于对比方案。电子选举协议的安全分析表明,所提方案满足电子选举系统的安全要求,与同类方案相比具有公开可验证、无收据性等优点,适合应用于大规模选举。

To solve the problems of anonymity,public verifiability,ballot collision,and forgery in the process of e-voting,an anonymous public verifiable e-voting system protocol design scheme is proposed based on SM9 algorithm.This scheme constructs an identity-based SM9 blind signature algorithm and linkable ring signature algorithm based on SM9 cryptographic algorithm.Algorithm security analysis shows that,under the random oracle model,the blind signature algorithm is blind and unforgeable,and the ring signature algorithm is unforgeable,anonymous,and linkable.In terms of computational overhead,the blind signature algorithm has certain advantages in the key extraction stage.It only requires one scalar multiplication operation,one modular inverse operation,and one modular multiplication operation,and the time consumed is only approximately 0.8717 ms.The ring signature algorithm has higher efficiency in each stage of key extraction,ring signature generation,and ring signature verification,and the time consumed is only approximately 27.2617 ms.In terms of communication overhead,the signature lengths of both blind signature and ring signature are better than those of the comparison schemes.Security analysis of the e-voting protocol shows that the proposed scheme meets the security requirements of the e-voting system.Compared with similar schemes,it has the advantages of open verifiability and no receipt,and is suitable for large-scale elections.