基于国密SM2算法的局部可验证聚合签名算法研究

信息安全研究 ›› 2024, Vol. 10 ›› Issue (2): 156-.

基于国密SM2算法的局部可验证聚合签名算法研究

沈荣耀1,2马利民2,3王佳慧4张伟1,2

1(北京信息科技大学北京未来区块链与隐私计算高精尖中心北京100101)
2(北京信息科技大学计算机学院北京100101)
3(北京信息科技大学国家经济安全预警工程北京实验室北京100101)
4(国家信息中心信息与网络安全部北京100045)

出版日期:2024-02-21 发布日期:2024-02-22
通讯作者: 张伟博士，教授.主要研究方向为大数据存储与安全、软硬件协同设计. zhwei@bistu.edu.cn
作者简介:沈荣耀硕士.主要研究方向为网络数据安全、密码应用技术. shenry66@163.com 马利民博士，副教授.主要研究方向为网络安全协议、信息隐藏技术、大数据安全. markgoogle@qq.com 王佳慧博士，研究员.主要研究方向为云计算安全、大数据安全、云取证安全. wangjiahui@sic.gov.cn 张伟博士，教授.主要研究方向为大数据存储与安全、软硬件协同设计. zhwei@bistu.edu.cn

Research on Locally Verifiable Aggregate Signature Algorithm Based on SM2

Shen Rongyao1,2, Ma Limin2,3, Wang Jiahui4, and Zhang Wei1,2

1(Beijing Advanced Innovation Center for Future Blockchain and Privacy Computing, Beijing Information Science & Technology University, Beijing 100101)
2(School of Computer, Beijing Information Science & Technology University, Beijing 100101)
3(Beijing Laboratory of National Economic Security Earlywarning Engineering, Beijing Information Science & Technology University, Beijing 100101)
4(Department of Information and Network Security, State Information Center, Beijing 100045)

Online:2024-02-21 Published:2024-02-22

摘要/Abstract

摘要： 国密SM2算法基于椭圆曲线密码体制，由国家密码管理局于2010年发布，目前广泛应用于电子政务、医疗、金融等领域，其中数字签名作为SM2算法的主要应用，各种安全应用场景下产生的签名、验签操作次数呈指数级增长.针对海量SM2数字签名占用较大的存储空间，且对签名逐个验证效率较低的问题，提出一种基于国密SM2算法的局部可验证聚合签名方案，使用聚合签名，降低存储开销，提高验证效率.另一方面，针对验证方仅验证指定消息及聚合签名时，也必须获取聚合时的全部消息明文的问题，利用局部可验证签名，使得验证方仅需指定消息、聚合签名及短提示即可完成验证.对方案的正确性及安全性进行分析.通过实验数据和理论分析，与同类方案相比，该方案具备较高性能.

关键词: SM2算法, 聚合签名, 局部可验证签名, 椭圆曲线, 数字签名算法

Abstract: The SM2 algorithm is based on the elliptic curve cryptosystem, which was released by the State Cryptography Administration in 2010. At present, it is widely used in egovernment, medical care, finance and other fields. Among them, digital signature is the main application of SM2 algorithm, and the number of signature and verification operations generated in various security application scenarios has increased exponentially. Aiming at the problem that massive SM2 digital signatures occupy a large storage space and the efficiency of verifying signatures one by one is low. This paper proposes a partially verifiable aggregate signature scheme based on the national secret SM2 algorithm, which uses aggregate signatures to reduce storage overhead and improve verification efficiency. On the other hand, when the verifier only needs to verify the specified message and the aggregated signature, it must also obtain the plaintext of all the messages at the time of aggregation. Using partially verifiable signatures, the verifier only needs to specify the message, aggregate signature and short prompt to complete the verification. Analyze the correctness and security of this scheme. Through experimental data and theoretical analysis, compared with similar schemes, this scheme has higher performance.

Key words: SM2 algorithm, aggregate signatures, locally verifiable signature, elliptic curve, digital signature algorithm

中图分类号:

TP309.2

沈荣耀, 马利民, 王佳慧, 张伟, . 基于国密SM2算法的局部可验证聚合签名算法研究[J]. 信息安全研究, 2024, 10(2): 156-.

参考文献

［1］Boneh D, Gentry C, Lynn B, et al. Aggregate and verifiably encrypted signatures from bilinear maps［C］ LNCS 2656: Advances in Cryptology—EUROCRYPT 2003. Berlin: Springer, 2003: 416432［2］Goyal R,Vaikuntanathan V. Locally verifiable signature and key aggregation［C］ LNCS 13508: Advances in Cryptology—CRYPTO 2022. Berlin: Springer, 2022: 761791［3］汪朝晖, 张振峰. SM2椭圆曲线公钥密码算法综述［J］. 信息安全研究, 2016, 2(11): 972982［4］Gentry C, Ramzan Z. Identitybased aggregate signatures［C］ LNCS 3958: Proc of the 9th Int Conf on Theory and Practice in PublicKey Cryptography. Berlin: Springer, 2006: 257273［5］Boldyreva A, Gentry C, O’Neill A, et al. Ordered multisignatures and identitybased sequential aggregate signatures, with applications to secure routing［C］ Proc of the 14th ACM Conf on Computer and Communications Security. New York: ACM, 2007: 276285［6］Muranaka K, Yanai N, Okamura S, et al. ISDSR: Secure DSR with IDbased sequential aggregate signature［C］ Proc of the 13th Int Conf on eBusiness and Telecommunications. New York: ACM, 2016: 376387［7］Kojima H, Yanai N, Cruz J P. ISDSR+: Improving the security and availability of secure routing protocol［J］. IEEE Access, 2019, 7: 7484974868［8］安涛, 马文平, 刘小雪. VANET中基于SM9密码算法的聚合签名方案［J］. 计算机应用与软件, 2020, 37(12): 280284, 321［9］Kumar P, Kumari S, Sharma V, et al. A certificateless aggregate signature scheme for healthcare wireless sensor network［J］. Sustainable Computing: Informatics and Systems, 2018, 18: 8089［10］Kumar P, Kumari S, Sharma V, et al. Secure CLS and CLAS schemes designed for VANETs［J］. Journal of Supercomputing, 2019, 75(6): 30763098［11］蒙彤, 郭瑞, 王翊丞, 等.医疗网络中无证书并行密钥隔离聚合签名方案［JOL］. 计算机工程与应用［20230221］. http:kns.cnki.netkcmsdetail11.2127.TP.20221129.1456.010.html［12］Verma G K, Singh B B, Kumar N, et al. PFCBAS: Pairing free and provable certificatebased aggregate signature scheme for the ehealthcare monitoring system［J］. IEEE Systems Journal, 2019, 14(2): 17041715［13］Verma G K, Singh B B, Kumar N, et al. CBCAS: Certificatebased efficient signature scheme with compact aggregation for industrial Internet of things environment［J］. IEEE Internet of Things Journal, 2019, 7(4): 25632572［14］Verma G K, Kumar N,Gope P, et al. SCBS: A short certificatebased signature scheme with efficient aggregation for industrialInternetofthings environment［J］. IEEE Internet of Things Journal, 2021, 8(11): 93059316［15］Zhu F, Yi X,Abuadbba A, et al. Certificatebased anonymous authentication with efficient aggregation for wireless medical sensor networks［J］. IEEE Internet of Things Journal, 2021, 9(14): 1220912218［16］Xie Y, Li X, Zhang S, et al. iCLAS: An improved certificateless aggregate signature scheme for healthcare wireless sensor networks［J］. IEEE Access, 2019, 7: 1517015185

[1]	秦体红, 汪宗斌, 张宇, 刘洋, . 物联网PKI技术研究[J]. 信息安全研究, 2022, 8(12): 1156-.
[2]	高小龙, 王玉, 安鹏, 唐波, 刘金会, . 一种适用于大规模场景的匿名电子投票系统[J]. 信息安全研究, 2022, 8(10): 990-.
[3]	陈亚茹丛培强陈庄. 一种椭圆曲线数字签名的改进方案[J]. 信息安全研究, 2019, 5(3): 217-222.
[4]	郑昉昱董建阔林璟锵高莉莉. 基于GPU的高性能密码计算[J]. 信息安全研究, 2019, 5(1): 88-96.
[5]	李超. 无线传感器网络面向隐私保护的数据融合算法[J]. 信息安全研究, 2017, 3(6): 523-528.
[6]	汪朝晖. SM2椭圆曲线公钥密码算法综述[J]. 信息安全研究, 2016, 2(11): 972-982.