- 个人中心
- 退出登录
浏览全部资源
扫码关注微信
- HOME
- ABOUT
- Acta Electronica Sinic About JournalPeer Review ProcessPublication EthicsContactSubscription
- Editorial Board Editorial Board
- Acta Electronica Sinic
- CONTENTS
- Issues Online FirstCurrent IssuePast Issues
- Articles Articles with DataMost Cited ArticlesMost Downloaded Articles
- Special Issues Special IssuesVirtual IssuesCall for Papers
- Issues
- RESOURCES
- Author Guide Manuscript SubmissionPeer Review ProcessProduction ProcessCopyright and LicensingAppeal & Withdraw
- For Guest Editors Proposing Special IssueManaging Special Issue
- Download Center
- Author Guide
A Two-Party SM2 Signing Protocol with Strict Provable Security
- ACTA ELECTRONICA SINICA Vol. 52, Issue 2, Pages: 540-549(2024)
- 作者机构:
1.云海链控股股份有限公司,海南澄迈 571924
2.牛津(海南)区块链研究院有限公司密码学实验室,海南澄迈 571924
- 作者简介:
- 基金信息:Finance science and technology project of Hainan province(ZDKJ2020009)
DOI:10.12263/DZXB.20220027
CLC: TP309;Received:03 January 2022,
Revised:2023-01-31,
Published:25 February 2024
- 稿件说明:
移动端阅览
程一帆,刘擎宇,梁泽宇,等.严格可证明安全的两方协同SM2签名协议[J].电子学报,2024,52(02):540-549.
CHENG Yi-fan, LIU Qing-yu, LIANG Ze-yu, et al.A Two-Party SM2 Signing Protocol with Strict Provable Security[J].Acta Electronica Sinica, 2024, 52(02): 540-549.
程一帆,刘擎宇,梁泽宇,等.严格可证明安全的两方协同SM2签名协议[J].电子学报,2024,52(02):540-549. DOI:10.12263/DZXB.20220027
CHENG Yi-fan, LIU Qing-yu, LIANG Ze-yu, et al.A Two-Party SM2 Signing Protocol with Strict Provable Security[J].Acta Electronica Sinica, 2024, 52(02): 540-549. DOI:10.12263/DZXB.20220027
摘要
SM2签名算法自提出后得到了广泛的应用,其中电子合同是一个典型的应用场景.用户在使用电子合同服务签约时,由于单个用户抗攻击能力较弱,存在严重的私钥泄露风险,因此往往将私钥托管在服务商的云端服务器上.但是这又涉及对服务商的信任问题,甚至直接影响电子合同的合法性.为了解决这个两难问题,我们基于同态加密的思想提出了一种两方协同SM2签名协议,用户和服务商协同生成并保存各自的私钥分片,在使用时通过线上交互的方式合作生成签名,从而同时解决安全和信任问题.我们发现,现有的两方协同SM2签名协议的安全性都存在问题或者错误,就我们所知,本协议是第一个严格可证明安全的两方协同SM2签名协议.
Abstract
Since it was first proposed
the SM2 signature algorithm has become increasingly popular. A typical application scenario is the electronic contract service. Due to the inadequate anti-attack capability of a single user and the high risk of private key leakage
users who use electronic contract services to sign contracts frequently host the private key on the service provider’s cloud server. However
this calls for consumers to have faith in service providers
and it will even impact the contract’s legitimacy. We suggest a two-party SM2 signing protocol based on the concept of homomorphic encryption to address this conundrum. In order to simultaneously address the issues of security and trust
users and service providers work together to create and save their own private key fragments as well as generate signatures through online interaction. We discover that the two-party SM2 signing protocols currently in use have flaws or security mistakes. This protocol is the first strictly proven secure two-party SM2 signature protocol that we are aware of.
关键词
Keywords
references
RIVEST R L , HELLMAN M E , ANDERSON J C , et al . Responses to NIST’s proposal [J]. Communications of the ACM , 1992 , 35 ( 7 ): 41 - 54 .
国家密码管理局 . SM2椭圆曲线公钥密码算法: GM/T0003-2012 [S/OL]. ( 2012 ) [2023 ]. http://www.sca.gov.cn/sca/xxgk/2010-12/17/1002386/files/b791a9f908bb4803875ab6aeeb7b4e03.pdf http://www.sca.gov.cn/sca/xxgk/2010-12/17/1002386/files/b791a9f908bb4803875ab6aeeb7b4e03.pdf .
全国信息安全标准化技术委员会 . SM2椭圆曲线公钥密码算法 : GB/T 32918.1-2016 [S/OL]. ( 2016 ) [2023 ]. https://std.samr.gov.cn/gb/search/gbDetailed?id=71F772D81182D3A7E05397BE0A0AB82A https://std.samr.gov.cn/gb/search/gbDetailed?id=71F772D81182D3A7E05397BE0A0AB82A .
IX-IEC . Information technology - Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms : ISO/IEC 14888-3:2016 [S/OL]. ( 2016 ) [2023 ]. https://www.iso.org/standard/64267.html https://www.iso.org/standard/64267.html .
Docusign , Inc . The modern chief legal officer [EB/OL].( 2021 )[2024]. https://assets.ctfassets.net/3fcisxc3a6xz/3phbTe5Holw8Sxo1IuXiCj /1784ec22b996c661bda6fabea 6c5912f/The_Modern_Chief_Legal_Officer.pdf https://assets.ctfassets.net/3fcisxc3a6xz/3phbTe5Holw8Sxo1IuXiCj/1784ec22b996c661bda6fabea6c5912f/The_Modern_Chief_Legal_Officer.pdf .
杭州天谷信息科技有限公司 . 签管一体化电子合同云平台 [EB/OL].( 2021 )[2023]. https://www.esign.cn/product/platform/ https://www.esign.cn/product/platform/ .
深圳法大大网络科技有限公司 . 电子合同 [EB/OL].( 2023 )[2023]. https://www.fadada.com/contractnotice/list-19 https://www.fadada.com/contractnotice/list-19 .
KATZ J , LINDELL Y . Introduction to Modern Cryptography [M]. Boca Raton : CRC Press , 2020 .
侯红霞 , 杨波 , 张丽娜 , 等 . 安全的两方协作SM2签名算法 [J]. 电子学报 , 2020 , 48 ( 1 ): 1 - 8 .
HOU H X , YANG B , ZHANG L N , et al . Secure two-party SM2 signature algorithm [J]. Acta Electronica Sinica , 2020 , 48 ( 1 ): 1 - 8 . (in Chinese)
冯琦 , 何德彪 , 罗敏 , 等 . 移动互联网环境下轻量级SM2两方协同签名 [J]. 计算机研究与发展 , 2020 , 57 ( 10 ): 2136 - 2146 .
FENG Q , HE D B , LUO M , et al . Efficient two-party SM2 signing protocol for mobile Internet [J]. Journal of Computer Research and Development , 2020 , 57 ( 10 ): 2136 - 2146 . (in Chinese)
MACKENZIE P , REITER M K . Two-party generation of DSA signatures [J]. International Journal of Information Security , 2004 , 2 ( 3 ): 218 - 239 .
LINDELL Y . Fast secure two-party ECDSA signing [C]// Annual International Cryptology Conference . Cham : Springer , 2017 : 613 - 644 .
DOERNER J , KONDI Y , LEE E , et al . Secure two-party threshold ECDSA from ECDSA assumptions [C]// 2018 IEEE Symposium on Security and Privacy . San Francisco : IEEE , 2018 : 980 - 997 .
GENNARO R , GOLDFEDER S . Fast multiparty threshold ECDSA with fast trustless setup [C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM , 2018 : 1179 - 1194 .
DOERNER J , KONDI Y , LEE E , et al . Threshold ECDSA from ECDSA assumptions: the multiparty case [C]// 2019 IEEE Symposium on Security and Privacy . San Francisco : IEEE , 2019 : 1051 - 1066 .
LINDELL Y , NOF A . Fast secure multiparty ECDSA with practical distributed key generation and applications to cryptocurrency custody [C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM , 2018 : 1837 - 1854 .
DAMGÅRD I , JAKOBSEN T P , NIELSEN J B , et al . Fast threshold ECDSA with honest majority [C]// International Conference on Security and Cryptography for Networks . Cham : Springer , 2020 : 382 - 400 .
GENNARO R , GOLDFEDER S . One round threshold ECDSA with identifiable abort [EB/OL]. ( 2020 )[2023]. https://eprint.iacr.org/2020/540.pdf https://eprint.iacr.org/2020/540.pdf .
尚铭 , 马原 , 林璟锵 , 等 . SM2椭圆曲线门限密码算法 [J]. 密码学报 , 2014 , 1 ( 2 ): 155 - 166 .
SHANG M , MA Y , LIN J Q , et al . A threshold scheme for SM2 elliptic curve cryptographic algorithm [J]. Journal of Cryptologic Research , 2014 , 1 ( 2 ): 155 - 166 . (in Chinese)
LINDELL Y . How to simulate it-A turorial on the simulation proof technique [M]// Tutorials on The Foundations of Cryptography . Berlin : Springer , 2017 : 277 - 346 .
HAZAY C , LINDELL Y . Efficient Secure Two-party Protocols: Techniques and Constructions [M]. Berlin : Springer , 2010 .
LINDELL Y . Highly-efficient universally-composable commitments based on the DDH assumption [C]// Annual International Conference on the Theory and Applications of Cryptographic Techniques . Berlin : Springer , 2011 : 446 - 466 .
BLAZY O , CHEVALIER C , POINTCHEVAL D , et al . Analysis and improvement of Lindell’s UC-secure commitment schemes [C]// International Conference on Applied Cryptography and Network Security . Berlin : Springer , 2013 : 534 - 551 .
FUJISAKI E . Improving practical UC-secure commitments based on the DDH assumption [J]. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences , 2022 , 105 ( 3 ): 182 - 194 .
FIAT A , SHAMIR A . How to prove yourself: Practical solutions to identification and signature problems [C]// Conference on the Theory and Application of Cryptographic Techniques . Berlin : Springer , 1986 : 186 - 194 .
PAILLIER P . Public-key cryptosystems based on composite degree residuosity classes [C]// International Conference on the Theory and Applications of Cryptographic Techniques . Berlin : Springer , 1999 : 223 - 238 .
SCHNORR C P . Efficient identification and signatures for smart cards [C]// Conference on the Theory and Application of Cryptology . New York : Springer , 1989 : 239 - 252 .
HAZAY C , MIKKELSEN G L , RABIN T , et al . Efficient RSA key generation and threshold paillier in the two-party setting [J]. Journal of Cryptology , 2019 , 32 ( 2 ): 265 - 323 .
BOUDOT F . Efficient proofs that a committed number lies in an interval [C]// International Conference on the Theory and Applications of Cryptographic Techniques . Berlin : Springer , 2000 : 431 - 444 .
SCHOENMAKERS B . Cryptographic protocols [EB/OL]. ( 2022 )[2023]. https://www.win.tue.nl/~berry/CryptographicProtocols/LectureNotes.pdf https://www.win.tue.nl/~berry/CryptographicProtocols/LectureNotes.pdf .
0
Views
13
下载量
0
CSCD
- L-PDFDownload
- Meta-XMLDownload
- BibTeXDownload
- EndnoteDownload
- RefMan Download
- NoteExpressDownload
- NoteFirstDownload
Publicity Resources
Related Articles
Related Author
Related Institution
- Technical support is provided by Beijing Founder electronics co., LTD 京ICP备09064830号-19
京公网安备11010802024621 - It is recommended to read the content of this site in Chrome&IE9+. Please switch to extreme mode in browser 360.
- Cookies We use cookies to help provide and enhance our service and tailor content. By continuing, you agree to the use of cookies.