Citation: | Zhu Liufu, Li Jiguo, Lai Jianchang, Huang Xinyi, Zhang Yichen. Attribute-Based Online/Offline Signature Scheme Based on SM9[J]. Journal of Computer Research and Development, 2023, 60(2): 362-370. DOI: 10.7544/issn1000-1239.202220530 |
The attribute-based signature (ABS) scheme uses a set of attributes to identify users. The user can generate a valid signature only when the attributes satisfy the access policy. Compared with the traditional digital signature scheme, the ABS scheme not only utilizes a set of attributes to hide the real identity of users to obtain anonymity, but also realizes fine-grained access control by access policy. In ABS schemes based on elliptic curve, a large number of group exponentiation operations or pairing operations are usually required, which are computationally expensive, resulting in high computational overhead in the signature process. The online/offline signature technology can pre-compute expensive operations offline before knowing message, thereby reducing the online computing cost of lightweight devices. As a commercial cipher independently designed by China, the SM9 identity-based cryptographic algorithm has been standardized by ISO/IEC and is widely used. Based on the SM9 identity-based cryptographic algorithm, we propose an attribute-based online/offline signature (ABOOS) scheme based on the SM9 by using the online/offline signature technology in this paper. Not only ine-grained access control can be achieved, but also it is suitable for lightweight devices. In the random oracle model, the security of the proposed scheme is reduced to the q-strong Diffie-Hellman (q-SDH) hard problem. Theoretical analysis and experimental simulation show that the proposed scheme effectively reduces the computational cost of the signing process, and is suitable for application environments such as the internet of things.
[1] |
Even S, Goldreich O, Micali S. On-line/off-line digital signatures[C] //Proc of the 9th Conf on the Theory and Application of Cryptology. Berlin: Springer, 1990: 263-275
|
[2] |
Sahai A, Waters B. Fuzzy identity-based encryption[C] //Proc of the 24th Annual Int Conf on the Theory and Applications of Cryptographic Techniques. Berlin: Springer, 2005: 457-473
|
[3] |
Zhang Ruyuan, Li Jiguo, Lu Yang, et al. Escrow-free attribute based encryption with user revocation[J]. Information Sciences, 2022, 600(1): 59−72
|
[4] |
Li Jiguo, Chen Ningyu, Zhang Yichen. Extended file hierarchy access control scheme with attribute based encryption in cloud computing[J]. IEEE Transactions on Emerging Topics in Computing, 2021, 9(2): 983−993 doi: 10.1109/TETC.2019.2904637
|
[5] |
Li Jiguo, Wang Yao, Zhang Yichen, et al. Full verifiability for outsourced decryption in attribute based encryption[J]. IEEE Transactions on Services Computing, 2020, 13(3): 478−487 doi: 10.1109/TSC.2017.2710190
|
[6] |
国家密码管理局. GM/T 0044—2016 SM9标识密码算法[S]. 北京: 中国标准出版社, 2016
State Cryptography Administration. GM/T 0044—2016 Identity-based cryptographic algorithms SM9 [S]. Beijing: Standard Press of China, 2016 (in Chinese)
|
[7] |
Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption[C] //Proc of the 28th IEEE Symp on Security and Privacy (SP’07). Los Alamitos, CA: IEEE Computer Society, 2007: 321-334
|
[8] |
Chen Ningyu, Li Jiguo, Zhang Yichen, et al. Efficient CP-ABE scheme with shared decryption in cloud storage[J]. IEEE Transactions on Computers, 2022, 71(1): 175−184 doi: 10.1109/TC.2020.3043950
|
[9] |
Li Jiguo, Zhang Yichen, Ning Jianting, et al. Attribute based encryption with privacy protection and accountability for CloudIoT[J]. IEEE Transactions on Cloud Computing, 2020, 10(2): 762−773
|
[10] |
Goyal V, Pandey O, Saha A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C] //Proc of the 13th ACM Conf on Computer and Communications Security. New York: ACM, 2006: 89–98
|
[11] |
Maji K, Prabhakaran M, Rosulek M. Attribute-based signatures[C] //Proc of the 11th Int Conf on Topics in Cryptology. Berlin: Springer, 2011: 376-392
|
[12] |
Okamoto T, Takashima K. Efficient attribute-based signatures for non-monotone predicates in the standard model[C] //Proc of the 14th Int Conf on Practice and Theory in Public Key Cryptography. Berlin: Springer, 2011: 409-421
|
[13] |
Liu J K, Baek J, Zhou Jianying, et al. Efficient online/offline identity-based signature for wireless sensor network[J]. International Journal of Information Security, 2010, 9(4): 287−296 doi: 10.1007/s10207-010-0109-y
|
[14] |
Liu Dan, Zhang Shun, Zhong Hong, et al. An efficient identity-based online/offline signature scheme without key escrow[J]. International Journal of Network Security, 2017, 19(1): 127−137
|
[15] |
Rao Y S. Attribute-based online/offline signcryption scheme[J]. International Journal of Communication Systems, 2017, 30(16): 3322−3342 doi: 10.1002/dac.3322
|
[16] |
张应辉,贺江勇,郭瑞,等. 工业物联网中服务器辅助且可验证的属性基签名方案[J]. 计算机研究与发展,2020,57(10):2177−2187 doi: 10.7544/issn1000-1239.2020.20200421
Zhang Yinghui, He Jiangyong, Guo Rui, et al. Server-aided and verifiable attribute-based signature for industrial internet of things[J]. Journal of Computer Research and Development, 2020, 57(10): 2177−2187 (in Chinese) doi: 10.7544/issn1000-1239.2020.20200421
|
[17] |
Chen Yu, Li Jiguo, Liu Chengdong, et al. Efficient attribute-based server-aided verification signature[J/OL]. IEEE Transactions on Services Computing, 2021 [2022-05-24]. https://ieeexplore.ieee.org/abstract/document/9483637
|
[18] |
Li Jiguo, Chen Yu, Han Jinguang, et al. Decentralized attribute-based server-aid signature in the internet of things[J]. IEEE Internet of Things Journal, 2021, 9(6): 4573−4583
|
[19] |
李继国,朱留富,刘成东,等. 标准模型下证明安全的可追踪属性基净化签名[J]. 计算机研究与发展,2021,58(10):2253−2264 doi: 10.7544/issn1000-1239.2021.20210669
Li Jiguo, Zhu Liufu, Liu Chengdong, et al. Provably secure traceable attribute-based sanitizable signature scheme in the standard model[J]. Journal of Computer Research and Development, 2021, 58(10): 2253−2264 (in Chinese) doi: 10.7544/issn1000-1239.2021.20210669
|
[20] |
Cheng Zhaohui. Security analysis of SM9 key agreement and encryption[C] //Proc of the 14th Int Conf on Information Security and Cryptology. Berlin: Springer, 2018: 3-25
|
[21] |
王松,房利国,韩炼冰,等. 一种SM9数字签名及验证算法的快速实现方法[J]. 通信技术,2019,52(10):2524−2527 doi: 10.3969/j.issn.1002-0802.2019.10.035
Wang Song, Fang Liguo, Han Lianbing, et al. Fast implementation of SM9 digital signature and verification algorithms[J]. Communication Technology, 2019, 52(10): 2524−2527 (in Chinese) doi: 10.3969/j.issn.1002-0802.2019.10.035
|
[22] |
Lai Jianchang, Huang Xinyi, He Debiao, et al. Provably secure scheme based on SM9[J]. The Computer Journal, 2022, 65(7): 1692−1701 doi: 10.1093/comjnl/bxab009
|
[23] |
赖建昌,黄欣沂,何德彪. 一种基于商密SM9的高效标识广播加密方案[J]. 计算机学报,2021,44(5):897−907 doi: 10.11897/SP.J.1016.2021.00897
Lai Jianchang, Huang Xinyi, He Debiao. An efficient identity-based broadcast encryption scheme based on SM9[J]. Chinese Journal of Computers, 2021, 44(5): 897−907 (in Chinese) doi: 10.11897/SP.J.1016.2021.00897
|
[24] |
赖建昌,黄欣沂,何德彪,等. 基于商密SM9的高效标识签密[J]. 密码学报,2021,8(2):314−329 doi: 10.13868/j.cnki.jcr.000440
Lai Jianchang, Huang Xinyi, He Debiao, et al. An efficient identity-based signcryption scheme based on SM9[J]. Journal of Cryptologic Research, 2021, 8(2): 314−329 (in Chinese) doi: 10.13868/j.cnki.jcr.000440
|
[25] |
Pointcheval D, Stern J. Security arguments for digital signatures and blind signatures[J]. Journal of Cryptology, 2000, 13(3): 361−396 doi: 10.1007/s001450010003
|
[26] |
Fan C I, Tseng Y F, Lin C W. Attribute-based encryption from identity-based encryption[EB/OL]. 2017 [2022-05-24]. https://eprint.iacr.org/2017/219
|
[27] |
Zhang Jinxin, Chen Jiageng, Meng Weizhi. Efficient attribute-based signature for monotone predicates[C] //Proc of the 15th Int Conf on Provable Security. Berlin: Springer, 2021: 346−362
|
[28] |
Gu Ke, Jia Weijia, Wang Guojun, et al. Efficient and secure attribute-based signature for monotone predicates[J]. Acta Informatica, 2017, 54(5): 521−541.
|
[1] | Zhou Quan, Chen Minhui, Wei Kaijun, Zheng Yulong. Traceable Attribute-Based Signature for SM9-Based Support Policy Hidden[J]. Journal of Computer Research and Development, 2025, 62(4): 1065-1074. DOI: 10.7544/issn1000-1239.202330744 |
[2] | Threshold SM9 Signature Scheme with UC Security for Blockchain[J]. Journal of Computer Research and Development. DOI: 10.7544/issn1000-1239.202440830 |
[3] | Zhu Liufu, Li Jiguo, Lu Yang, Zhang Yichen. Efficient and Forward-Secure Attribute-Based Sanitizable Signature Scheme[J]. Journal of Computer Research and Development, 2023, 60(12): 2737-2748. DOI: 10.7544/issn1000-1239.202220212 |
[4] | An Haoyang, He Debiao, Bao Zijian, Peng Cong, Luo Min. Ring Signature Based on the SM9 Digital Signature And Its Application in Blockchain Privacy Protection[J]. Journal of Computer Research and Development, 2023, 60(11): 2545-2554. DOI: 10.7544/issn1000-1239.202330265 |
[5] | Li Jiguo, Zhu Liufu, Liu Chengdong, Lu Yang, Han Jinguang, Wang Huaqun, Zhang Yichen. Provably Secure Traceable Attribute-Based Sanitizable Signature Scheme in the Standard Model[J]. Journal of Computer Research and Development, 2021, 58(10): 2253-2264. DOI: 10.7544/issn1000-1239.2021.20210669 |
[6] | Wu Jinjin, Liu Quan, Chen Song, Yan Yan. Averaged Weighted Double Deep Q-Network[J]. Journal of Computer Research and Development, 2020, 57(3): 576-589. DOI: 10.7544/issn1000-1239.2020.20190159 |
[7] | Bai Chenjia, Liu Peng, Zhao Wei, Tang Xianglong. Active Sampling for Deep Q-Learning Based on TD-error Adaptive Correction[J]. Journal of Computer Research and Development, 2019, 56(2): 262-280. DOI: 10.7544/issn1000-1239.2019.20170812 |
[8] | Zhu Fei, Wu Wen, Liu Quan, Fu Yuchen. A Deep Q-Network Method Based on Upper Confidence Bound Experience Sampling[J]. Journal of Computer Research and Development, 2018, 55(8): 1694-1705. DOI: 10.7544/issn1000-1239.2018.20180148 |
[9] | Liu Tao, He Yanxiang, Xiong Qi. A Q-Learning Based Real-Time Mitigating Mechanism against LDoS Attack and Its Modeling and Simulation with CPN[J]. Journal of Computer Research and Development, 2011, 48(3): 432-439. |
[10] | Deng Shanshan, Sun yi, Zhang Lisheng, Mo Zhifeng, Xie Yingke. Design of HighSpeed FFT Processor for Length N=q×2\+m[J]. Journal of Computer Research and Development, 2008, 45(8): 1430-1438. |
1. |
孔燕燕,江明明,闫一然,葛徽. 格上高效的支持多属性机构属性签名方案. 淮北师范大学学报(自然科学版). 2025(01): 56-61 .
![]() | |
2. |
陈泽宇,刘丽华,王尚平. SM9身份认证方案及其应用研究综述. 计算机工程与应用. 2025(05): 18-31 .
![]() | |
3. |
刘行,明洋,王晨豪,赵一. 基于SM9的可验证公平标识广播代理重加密. 计算机学报. 2025(03): 721-737 .
![]() | |
4. |
陶金玲. 基于SM9的广播多重签名. 软件导刊. 2025(04): 130-135 .
![]() | |
5. |
周权,陈民辉,卫凯俊,郑玉龙. 基于SM9的支持策略隐藏的可追踪属性签名. 计算机研究与发展. 2025(04): 1065-1074 .
![]() | |
6. |
钱丽平. 基于机器学习的匿名大数据访问控制系统设计. 电脑编程技巧与维护. 2025(04): 138-140 .
![]() | |
7. |
芮志清,梅瑶,陈振哲,吴敬征,凌祥,罗天悦,武延军. SeChain:基于国密算法的RISC-V安全启动机制设计与实现. 计算机研究与发展. 2024(06): 1458-1475 .
![]() | |
8. |
李继国,方淳. 基于SM9的指定验证者聚合签名方案. 网络与信息安全学报. 2024(04): 63-71 .
![]() | |
9. |
安浩杨,何德彪,包子健,彭聪,罗敏. 基于SM9数字签名的环签名及其在区块链隐私保护中的应用. 计算机研究与发展. 2023(11): 2545-2554 .
![]() |