基于SM2数字签名算法的适配器签名方案

彭聪; 罗敏; 何德彪; 黄欣沂

doi:10.7544/issn1000-1239.2021.20210645

基于SM2数字签名算法的适配器签名方案

¹(武汉大学国家网络安全学院武汉 430072)
²(福建师范大学计算机与网络空间安全学院福州 350117) (cpeng@whu.edu.cn)

基金项目: 国家自然科学基金项目(61972294,61932016,62032005);山东省重点研发计划项目(2020CXGC010107);湖北省科技重大专项(2020AEA013);湖北省自然科学基金项目(2020CFA052);武汉市科技计划项目(2020010601012187)

详细信息

中图分类号: TP393.08
计量
- 文章访问数: 858
- HTML全文浏览量: 13
- PDF下载量: 483
出版历程
- 发布日期: 2021-09-30

Adaptor Signature Scheme Based on the SM2 Digital Signature Algorithm

¹(School of Cyber Science and Engineering, Wuhan University, Wuhan 430072)
²(College of Computer and Cyber Security, Fujian Normal University, Fuzhou 350017)

Funds: This work was supported by the National Natural Science Foundation of China (61972294, 61932016, 62032005), the Key Research and Development Program of Shandong Province (2020CXGC010107), the Special Project on Science and Technology Program of Hubei Provience (2020AEA013), the Natural Science Foundation of Hubei Province (2020CFA052), and the Science and Technology Project of Wuhan Municipal (2020010601012187).

摘要

摘要: 适配器签名(adaptor signature)方案是标准数字签名的一种扩展形式，它可以创建一个隐含困难关系(例如离散对数)状态的“预签名”，并通过困难关系证据将该预签名转换为一个完整签名，且转换后的完整签名可通过一个标准签名方案的验证算法验证其有效性.直观地说，适配器签名应具备2个属性：1)只有知道困难关系证据的用户才能够将预签名转变为完整签名；2)任何用户可以通过预签名和完整签名提取困难关系证据.基于这2个性质，适配器签名方案能够在区块链中提供很好的原子交换性质，并已在实践中得以广泛应用.以SM2数字签名算法为基础，构造了一个新的适配器签名方案(记为SM2-AS).该方案能够有效地衔接SM2签名方案的密钥生成、签名生成和签名验证算法.在随机预言模型下证明了SM2-AS方案是安全的，即满足预签名正确性、预签名可适配性、选择明文攻击下的存在不可伪造性和证据可提取性.理论分析和实验测试表明：SM2-AS方案的性能虽然弱于Schnorr适配器签名方案，但与ECDSA适配器签名方案相当.
- 区块链技术 /
- 支付通道 /
- SM2签名 /
- 适配器签名 /
- 原子交换
Abstract: The adaptor signature scheme is an extension of the standard digital signature, which can create a “pre-signature” that implies the state of a hard relation (such as discrete logarithm problems) and can be transformed into a completed signature by the witness of the hard relation. The completed signature can be verified by the verification algorithm of a standard signature scheme. Intuitively, an adaptor signature has two properties: 1)only users who know the witness can transform the pre-signature into a completed signature; 2)any user may extract the witness through a pre-signature and a completed signature. Thus, the adaptor signature scheme can provide the atomic exchange property in the blockchain, and has been proved to be very widely used in practice. Based on the SM2 digital signature algorithm, a new adaptor signature scheme (SM2-AS) is constructed in this paper. This scheme can effectively match the SM2 signature scheme’s key generation, signature generation and signature verification algorithms. Moreover, under the random oracle model, we prove that the SM2-AS scheme is secure, that is, it satisfies the pre-signature correctness, pre-signature adaptability, existential unforgeability under chosen plaintext attacks, and witness extractability. Through theoretical analysis and experimental test, the performance of the SM2-AS scheme is comparable to that of ECDSA-based adaptor signature scheme, but obviously weaker than that of the Schnorr-based adaptor signature scheme.
- blockchain technology /
- payment channel /
- SM2 signature /
- adaptor signature /
- atomic exchange

HTML全文

参考文献(0)

施引文献(22)

期刊类型引用(10)

1.	杨秀璋，彭国军，刘思德，田杨，李晨光，傅建明. 面向APT攻击的溯源和推理研究综述. 软件学报. 2025(01): 203-252 . 百度学术
2.	申国霞，常鑫. 基于可信密码模块的网络信道潜在攻击挖掘. 信息技术. 2023(10): 152-156+162 . 百度学术
3.	谢峥，路广平，付安民. 一种可扩展的实时多步攻击场景重构方法. 信息安全研究. 2023(12): 1173-1179 . 百度学术
4.	黄维贵，孙怡峰，欧旺，王玉宾. 基于不确定攻击图的违规外联风险分析. 信息工程大学学报. 2022(05): 570-577 . 百度学术
5.	王文娟，杜学绘，单棣斌. 基于动态概率攻击图的云环境攻击场景构建方法. 通信学报. 2021(01): 1-17 . 百度学术
6.	潘亚峰，朱俊虎，周天阳. APT攻击场景重构方法综述. 信息工程大学学报. 2021(01): 55-60+80 . 百度学术
7.	罗智勇，杨旭，刘嘉辉，许瑞. 基于贝叶斯攻击图的网络入侵意图分析模型. 通信学报. 2020(09): 160-169 . 百度学术
8.	王硕，王建华，汤光明，裴庆祺，张玉臣，刘小虎. 一种智能高效的最优渗透路径生成方法. 计算机研究与发展. 2019(05): 929-941 . 本站查看
9.	吴东，郭春，申国伟. 一种基于多因素的告警关联方法. 计算机与现代化. 2019(06): 30-37 . 百度学术
10.	韩宜轩，秦元庆. 基于因果关联的电力工控系统攻击场景还原. 信息技术. 2019(08): 41-44+48 . 百度学术