[1] GB/T 32918.2-2016,信息安全技术SM2椭圆曲线公钥密码算法[S].
[2] ISO/IEC 14888-3:2016,Information Technology-Security Techniques-Digital Signatures with Appendix-Part 3:Discrete Logarithm Based Mechanisms[S].
[3] ZHANG Yu-di,HE De-biao,ZHANG Ming-wu,et al.A provable-secure and practical two-party distributed signing protocol for SM2 signature algorithm[OL].Frontiers of Computer Science,2018-05-28.DOI:10.1007/s11704-018-8106-9.
[4] LIU M,CHEN J,LI H.Partially known nonces and fault injection attacks on SM2 signature algorithm[A].Proceedings of the 9th International Conference on Information Security and Cryptology[C].Berlin:Springer,2013.343-358.
[5] CHEN Jia-zhe,LIU Ming-jie,LI He-xin,SHI Hong-song.Mind your nonces moving:Template-based partially-sharing nonces attack on SM2 digital signature algorithm[A].Proceedings of the 10th ACM Symposium on Information,Computer and Communications Security[C].Singapore:ACM,2015.609-614.
[6] ZHANG Kai-yu,XU Sen,GU Da-wu,et al.Practical partial-nonce-exposure attack on ECC algorithm[A].Proceedings of the 13th International Conference on Computational Intelligence and Security[C].New York:IEEE,2017.248-252.
[7] TUVERI N,HASSAN S,et al.Side-channel analysis of SM2:a late-stage featurization case study[A].Proceedings of the 34th Annual Computer Security Applications Conference[C].San Juan:ACM,2018.147-160.
[8] SHAMIR A.How to share a secret[J].Communications of the ACM,1979,22(11):612-613.
[9] 马春光,石岚,等.属性基门限签名方案及其安全性研究[J].电子学报,2013,41(5):1012-1015. MA Chun-guang,SHI Lan,et al.Threshold attribute-based signature and its security[J].Acta Electronica Sinica,2013,41(5):1012-1015.(in Chinese)
[10] YANG Xiao-dong,WANG Cai-fen,ZHANG Lei,QIU Jian-bin.On-line/off-line threshold proxy re-signatures[J].Chinese Journal of Electronics,2014,23(2):248-253.
[11] YAN Jie,LU Yu,CHEN Li-yun,NIE Wei.A SM2 elliptic curve threshold signature scheme without a trusted center[J].KSII Transactions on International and Information Systems,2016,2(10):897-913.
[12] PEDERSEN T P.Distributed provers with applications to undeniable signatures[A].Proceedings of Advances in Cryptology-EUROCRYPT'91[C].Berlin:Springer,1991.221-242.
[13] LINDELL Y.Fast secure two-party ecdsa signing[A].Proceedings of Annual International Cryptology Conference[C].Berlin:Springer,2017.613-644.
[14] HE De-biao,ZHANG Yu-di,et al.Secure and efficient two-party signing protocol for the identity-based signature scheme in the IEEE P1363 standard for public key cryptography[OL].IEEE Transactions on Dependable and Secure Computing,2018-07-19.DOI:10.1109/TDSC.2018.2857775.
[15] ZHANG Yu-di,HE De-biao,et al.Efficient and provably secure distributed signing protocol for mobile devices in wireless networks[J].IEEE Internet of Things Journal,2018,5(6):5271-5280.
[16] GOLDWASSER S,MICALI S,RACKOFF C.The knowledge complexity of interactive proof system[J].SIAM Journal on Computing,1989,18(1):186-208.
[17] BLUM M.Coin flipping by telephone[A].Proceedings of Advances in Cryptology-CRYPT'81[C].Berlin:Springer,1981.133-137.
[18] PAILLIER P.Cryptosystems based on composite degree residuosity classes[A].Proceedings of Advances in Cryptology-EUROCRYPT'99[C].Berlin:Springer,1999.223-238.
[19] CANETTI R.Universally composable security:a new paradigm for cryptographic protocols[A].Proceedings of the 42nd IEEE Symposium on the FOCS[C].New York:IEEE,2001.136-145. |