可证明安全的SM2盲适配器签名方案
Proven secure blind adaptor signature scheme based on the SM2
胡小明 1陈海婵1
作者信息
- 1. 上海第二工业大学计算机与信息工程学院,人工智能研究院,上海 201209
- 折叠
摘要
适配器签名是近年来出现的新密码学原语,其基本思想是将签名过程与秘密值的揭示联系起来,通过将预签名适配为正式签名,使最终的签名结果和常规签名一致.预签名与正式签名可提取出一个秘密值,因此具有原子性,在区块链中拥有良好的应用前景.但是适配器签名不具有匿名性,容易暴露交易参与者身份,在电子支付等隐私需求高的应用场景具有一定的局限性.为了解决这一问题,提出了新的盲适配器签名,系统模型和安全模型,在新系统模型的基础上提出了基于SM2签名算法的盲适配器签名方案,并基于SM2签名方案的不可伪造性和困难关系证明了该方案的安全性满足新提出的安全模型要求,即满足盲性、预签名可适配性、不可伪造性和证据可提取性.性能分析表明,在计算开销上,SM2盲适配器签名方案的总时间仅比SM2适配器签名方案增加了5.91 ms,与现有同类方案相比,该方案盲性更强且具有自主可控性,对于隐私要求高且需要采用国产密码算法的关键应用场景具有良好的应用价值.
Abstract
Adaptor signature(AS)is a novel cryptographic primitive that has gained prominence in recent years for its ability to link the signature process with the revelation of a secret value.The process involves adapting a pre-signature to a formal signature,ensuring that the final signature result aligns with conventional signatures.Both the pre-signature and the formal signature are capable of extracting a secret value,which endows AS with atomicity and suggests its promising application within blockchain technologies.However,the lack of anonymity in AS can lead to the exposure of transaction participants'identities,which may limit its application in scenarios demanding high privacy standards,such as electronic payments.To address this issue,a new blind adaptor signature system model and security model were proposed.Subsequently,a blind adaptor signature scheme was developed based on the SM2 signature algorithm,leveraging the new system model.The security of this new scheme,which was founded on the unforgeability and the hardness of the SM2 signature scheme,was demonstrated to meet the requirements of the newly proposed security model.Specifically,the scheme was proven to satisfy properties such as blindness,pre-signature adaptability,unforgeability,and witness extractability.Performance analysis indicates that the computational overhead of the SM2 blind adaptor signature scheme is minimal,with the total operation time of the signature process only increasing by a negligible 5.91ms compared to the SM2 adaptor signature scheme.Moreover,when compared to existing similar schemes,the SM2 blind adaptor signature scheme offers enhanced blindness and autonomy,making it particularly valuable for key application scenarios that necessitate high privacy requirements and the utilization of domestic cryptographic algorithms.
关键词
SM2数字签名/盲适配器签名/原子性/匿名性Key words
SM2 digital signature/blind adaptor signature/atomicity/anonymity引用本文复制引用
基金项目
上海市科委"扬帆计划"项目(20YF1414400)
出版年
2024
国家科技期刊平台
NSTL
万方数据