带鲁棒性的子分组多重Schnorr签名方案

Robust Schnorr-based subgroup multi-signature scheme

共识机制是区块链系统的核心技术,但是目前的共识机制存在3个问题,即共识效率低、可靠性和安全性低、计算复杂度高。针对这些问题,提出了一种新的子分组多重Schnorr签名方案,该方案既拥有Schnorr数字签名密码体制的计算复杂度低优势,又拥有子分组多重签名的优势(它可以从集合的全体成员中选择不定数量的成员组成子分组,以代替群组产生多重签名,由于子分组是不可预知的,因此可以有效避免出现Byzantine叛徒,提高了方案的安全性,解决了共识机制存在的可靠性和安全性低、计算复杂度高的问题)。该方案引入了公共第三方(PTP,publicthirdparty),PTP由可自动公开执行的智能合约充当,完全公开透明,不仅可以抵御流氓密钥攻击,还减少了签名过程的总通信轮次和时间开销,解决了共识机制存在的共识效率低问题。同时,详细证明了该方案具有鲁棒性,可以提高共识机制的安全性;基于离散对数假设,该方案在随机预言模型下具有不可伪造性。理论分析和实验结果证明,该方案拥有更小的公钥长度、私钥长度、单签名长度和多重签名长度,拥有更少的通信轮次,签名生成算法和验证签名算法的时间开销更小,应用在共识机制上具有更优越的性能。

The consensus mechanism has been considered as the core technology of blockchain systems.However,current consensus mechanisms have encountered three issues:low consensus efficiency,low reliability and security,and high computational complexity.To address these issues,a new Schnorr-based subgroup multi-signature scheme was proposed.This scheme retained the advantage of low computational complexity inherent in the Schnorr digital signature cryptosystem while incorporating the benefits of subgroup multi-signature.It allowed an indeterminate number of members from the entire set to form subgroups to generate multi-signatures,which replaced the group signature.The unpredictability of the subgroups effectively avoided the occurrence of Byzantine traitors,thus enhancing security and solving the problems of low reliability,security,and high computational complexity in consensus mechanisms.Additionally,a public third party was introduced,implemented by automatically and publicly executed smart contracts.It was completely open and transparent,capable of resisting the rogue public-key attack,and reduced the total number of communication rounds and time overhead in the signing process,addressing the issue of low consensus efficiency.The robustness of this scheme was proven in detail,demonstrating an improvement in the security of consensus mechanisms.Based on the discrete logarithm assumption,the scheme was shown to be unforgeable in the random oracle model.Theoretical analysis and experimental results show that the scheme possesses smaller public key length,private key length,single signature length,and multi-signature length,with fewer communication rounds and reduced time overhead in the signature generation and verification algorithms,providing superior performance when applied to consensus mechanisms.