信息安全研究 ›› 2023, Vol. 9 ›› Issue (11): 1120-.

• 技术应用 • 上一篇    下一篇

ECDSA协同签名方案设计与实现

彭金辉1雷宗华1张志鸿2   

  1. 1(郑州信大捷安移动信息安全关键技术国家地方联合工程实验室郑州450004)
    2(郑州大学计算机与人工智能学院郑州450001)
  • 出版日期:2023-11-06 发布日期:2023-11-30
  • 通讯作者: 彭金辉 硕士,高级工程师.主要研究方向为信息安全和密码工程. pjh@xdja.com
  • 作者简介:彭金辉 硕士,高级工程师.主要研究方向为信息安全和密码工程. pjh@xdja.com 雷宗华 工程师.主要研究方向为信息安全和密码工程. leizh@xdja.com 张志鸿 博士,教授.主要研究方向为数据挖掘、信息安全、区块链、服务计算. iezhzhang@zzu.edu.cn

Design and Implementation of ECDSA Collaborative Signature Scheme#br#
#br#

Peng Jinhui1, Lei Zonghua1, and Zhang Zhihong2#br#

#br#
  

  1. 1(Xindajiean Mobile Information Security Key Technology National Joint Local Engineering Laboratory, Zhengzhou 450004)
    2(School of Computer and Artificial Intelligence, Zhengzhou University, Zhengzhou 450001)

  • Online:2023-11-06 Published:2023-11-30

摘要: 针对开放环境下移动智能终端软件密码模块的私钥保护问题,设计了一种两方协同签名方案CECDSA.该方案基于标准ECDSA签名算法,实现了双方协同产生密钥对和协同签名,并给出了正确性证明.攻击任何一方均无法获取完整私钥,进而无法伪造签名,充分保证了ECDSA算法在智能终端等开放环境下的安全性.基于椭圆曲线离散对数问题的零知识证明构造模拟协议,给出了该方案的安全性分析,并给出了方案的实现和性能评估.与现有两方ECDSA协同方案比较,在半诚实模型下和恶意模型下,该方案的运算效率和通信量均具有优势.该方案可在软件密码模块中保护私钥存储安全和运行安全,适用于车联网、物联网等互联网领域的敏感数据隐私保护及身份认证.

关键词: 公钥密码, ECDSA算法, 子私钥, 协同签名, 协同计算

Abstract: Aiming at the private key protection of the software password module of a mobile intelligent terminal in the open environment, a twoparty cooperative signature scheme CECDSA is designed. Based on the standard ECDSA signature algorithm, the scheme realizes the key pair and cooperative signature of both parties, and gives the correctness proof. Neither party can obtain a complete private key, and thus cannot forge a signature, which fully guarantees the security of ECDSA algorithm in open environments such as intelligent terminals. Based on the zeroknowledge proof of the elliptic curve discrete logarithm problem, a simulation protocol is constructed, and the security analysis of the scheme is given. The implementation and performance evaluation of the scheme is given. Compared with the existing twoparty ECDSA collaboration schemes, the scheme has advantages in computing efficiency and traffic under the semihonest model and the malicious model. This scheme can protect the security of private key storage and operation in the software password module, and is applicable to the privacy protection and identity authentication of sensitive data in Internet fields such as the Internet of vehicles and the Internet of things.

Key words: publickey cryptography, ECDSA algorithm, private subkey, collaborative signature, collaborative computing

中图分类号: