Aggregate signatures have been recognized for significantly improving signing efficiency,reducing the computational cost for signers,lowering communication costs,and better protecting the privacy of signers.Currently,many aggregate signature schemes have been designed using foreign cryptographic algorithms,which do not meet the requirements for independent and controllable cryptography technology in China.The SM9 algorithm,a domesti-cally developed identity-based signature scheme in China,was only capable of achieving one-to-one signature and verification,failing to meet the requirements for multiparty signature and verification.To address these issues,a des-ignated verifier aggregate signature(DVAS)scheme was proposed based on the SM9 signature algorithm.Pseud-onyms and the one-way property of hash functions were utilized to prevent the leakage of the signer's personal infor-mation.The privacy of the signer was protected during the signature aggregation phase by controlling data access per-missions for designated verifiers.The security of the scheme was proven under the random oracle model,based on the q-strong Diffie-Hellman(q-SDH)hard problem.Scheme analysis demonstrates that it could prevent the leakage of the signer's privacy.Theoretical analysis and experimental simulation show that,compared to other similar aggre-gate signature schemes,the proposed scheme exhibits superior performance in terms of signature generation and veri-fication.The proposed scheme is capable of effectively reducing the computational cost of batch signature verifica-tion and offered higher computational efficiency,making it more suitable for applications such as cloud services.
维普
万方数据
