计算机科学

计算机科学 ›› 2025, Vol. 52 ›› Issue (11A): 241200049-8.doi: 10.11896/jsjkx.241200049

• 信息安全 • 上一篇    下一篇

基于国密算法SM9的签密方案

谢振杰1,2, 罗友强1,3, 赵方方1, 任帅1   

  1. 1 信息工程大学网络空间安全教育部重点实验室 郑州 450001
    2 中国人民解放军78156部队 重庆 400039
    3 中国人民解放军32158部队 新疆 喀什 844000
  • 出版日期:2025-11-15 发布日期:2025-11-10
  • 通讯作者: 赵方方(fangfangzhaowlc@163.com)
  • 作者简介:jsonxie@126.com
  • 基金资助:
    装备预先研究项目(30603010601)

Signcryption Scheme Based on SM9 Domestic Cryptographic Algorithm

XIE Zhenjie1,2, LUO Youqiang1,3, ZHAO Fangfang1, REN Shuai1   

  1. 1 Key Laboratory of Cyberspace Security,Ministry of Education,Information Engineering University,Zhengzhou 450001,China
    2 Troop 78156 of PLA,Chongqing 400039,China
    3 Troop 32158 of PLA,Kashi,Xinjiang 844000,China
  • Online:2025-11-15 Published:2025-11-10
  • Supported by:
    Equipment Pre-research Project(30603010601).

PDF (PC)

11

摘要: 签密是一种结合了数字签名与加密的密码学技术,通过同时执行这2项功能,减少了计算量和通信开销。国密算法SM9作为一款我国自研的标识密码算法,不仅安全高效,还能有效降低公钥基础设施的建设成本以及证书管理开销。针对现有签密方案在计算效率和签密消息长度方面存在的不足,提出了一种基于国密算法SM9的签密方案。通过创新设计签密私钥元组,将密钥和签名的信息合并封装,有效降低计算复杂度并压缩签密消息长度。在随机预言机模型下,分别基于Gap-q-BDHI和q-SDH困难问题,证明了所提方案具有IND-CCA和EUF-CMIA安全性。经过理论分析和实验测试,证实了所提方案的签密和解密验证效率较现有同类方案分别提升67%和62%,而签密消息长度减少25%。

关键词: 签密, 国密算法, SM9, 基于标识的密码

Abstract: Signcryption is a cryptographic technique that combines digital signature and encryption,reducing computational and communication overhead compared to executing them separately.The SM9 domestic cryptographic algorithm,developed indepen-dently in China as an identity-based cryptographic algorithm,is not only secure and efficient,but also effectively lowers the costs associated with public key infrastructure construction and certificate management.Addressing the inefficiencies in computational performance and signcryptext length in existing schemes,a new signcryption scheme based on the SM9 algorithm is proposed.By innovatively designing the signcryption secret key tuple,and combining the key and signature information into a single element,the scheme significantly reduced computational complexity and compressed the signcryptext length.Under the random oracle model,the scheme is proven to have IND-CCA and EUF-CMIA security based on the Gap-q-BDHI and q-SDH hard problems,respectively.Theoretical analysis and experimental tests confirme that the proposed scheme improved signcryption and decryption verification efficiency by 67% and 62%,respectively,compared to the existing similar scheme,while reducing the signcryptext length by 25%.

Key words: Signcryption, Domestic cryptographic algorithm, SM9, Identity-based cryptography

中图分类号: 

  • TP309.7
[1]ZHENG Y L.Digital signcryption or how to achieve cost(signa-ture & encryption)«cost(signature)+cost(encryption)[C]//Proceedings of Advances in Cryptology-CRYPTO’97.Springer Berlin Heidelberg,1997:165-179.
[2]Identity-based cryptographic algorithms SM9-Part 1:General:GB/T 38635.1-2020[S].Beijing:National Information Security Standardization Technical Committee,2020-04-28.
[3]Identity-based cryptographic algorithms SM9-Part 2:Algo-rithms:GB/T 38635.2-2020[S].Beijing:National Information Security Standardization Technical Committee,2020-04-28.
[4]PENG C,HE D B,LUO M,et al.An identity-based ring signature scheme for SM9 algorithm[J].Journal of Cryptologic Research,2021,8(4):724-734.
[5]RAO J T,CUI Z.Secure evoting protocol based on SM9 blind signature and ring signature[J].Computer Engineering,2023,49(6):13-23,33.
[6]AN H Y,HE D B,BAO Z J,et al.Ring signature based on the SM9 digital signature and its application in blockchain privacy protection[J].Journal of Computer Research and Development,2023,60(11):2545-2554.
[7]PU L,LIN C,WU W,et al.A public-key encryption with keyword search scheme from SM9[J].Journal of Cyber Security,2023,8(1):108-118.
[8]LAI J C,HUANG X Y,HED B,et al.An efficient hierarchicalidentity-based encryption based on SM9[J].SCIENTIA SINICA Informations,2023,53(5):918-930.
[9]LIU K,NING J T,WU W,et al.Multi-ciphertext batch auditable decryption outsourcing SM9-HIBE key encapsulation mechanism[J].Journal on Communications,2023,44(12):158-170.
[10]LI C,LIANG J K,DING Y J,et al.Hierarchical identity-based broadcast inner product functional encryption based on SM9[J].SCIENTIA SINICA Informations,2024,54(6):1400-1418.
[11]CUI Y,HUANG X Y,LAIJ C,et al.Anonymous broadcast encryption based on SM9[J].Journal of Cyber Security,2023,8(6):15-27.
[12]LIU X H,HUANG X Y,CHENG Z H,et al.Fault-tolerantidentity-based encryption from SM9[J].Science China(Information Sciences),2024,67(2):104-117.
[13]MALONE-LEE J.Identity-based signcryption[J/OL].https://eprint.iacr.org/2002/098.pdf.
[14]LIBERT B,QUISQUATER J.A new identity based signcryption scheme from pairings[C]//Proc of 2003 IEEE Information Theory Workshop(ITW 2003).IEEE,2003:155-158.
[15]BARRETO P S L M,LIBERT B,MCCULLAGH N,et al.Efficient and provably-secure identity-based signatures and signcryption from bilinear maps[C]//Proc of Advances in Cryptology-ASIACRYPT 2005.Springer Berlin Heidelberg,2005:515-532.
[16]YU Y,YANG B,SUN Y,et al.Identity based signcryptionscheme without random oracles[J].Computer Standard & Interfaces,2009,31(1):56-62.
[17]JIN Z P,WEN Q Y,DU H Z.An improved semantically-secure identity-based signcryption scheme in the standard model[J].Computer & Electrical Engineering,2010,36(3):545-552.
[18]SELVI S S D,VIVEK S S,VINAYAGAMURTHY D,et al.ID based signcryption scheme in standard model[C]//Proceedings Provable Security-ProvSec 2012.Springer Berlin Heidelberg,2012:35-52.
[19]LI F G,TAKAGI T.Secure identity-based signcryption in thestandard model[J].Mathematical and Computer Modelling,2013,57(11/12):2685-2694.
[20]LI X X,QIAN H F,WENG J,et al.Fully secure identity-based signcryption scheme with shorter signcryptext in the standard model[J].Mathematical and Computer Modelling,2013,57(3/4):503-511.
[21]KARATI A,ISLAM S H,BISWASG P,et al.Provably secure identity-based signcryption scheme for crowdsourced industrial internet of things environments[J].IEEE Internet of Things Journal,2018,5(4):2904-2914.
[22]WANG X M,ZHANG Y,GUPTA B B,et al.An identity-based signcryption on lattice without trapdoor[J].Journal of Universal Computer Science,2019,25(3):282-293.
[23]ELTAYIEB N,ELHABOB R,HASSAN A,et al.A blockchain-based attribute-based signcryption scheme to secure data sharing in the cloud[J].Journal of Systems Architecture,2020,102:101653.
[24]MANDAL S,BERA B,SUTRALAA K,et al.Certificateless-signcryption-based three-factor user access control scheme for IoT environment[J].IEEE Internet of Things Journal,2020,7(4):3184-3197.
[25]LAI J C,HUANG X Y,HE D B,et al.An efficient identity-based signcryption schemebased on SM9[J].Journal of Cryptologic Research,2021,8(2):314-329.
[26]WANG Y T.Application research of digital signature algorithm based on SM9[D].Beijing:Beijing Jiaotong University,2021.
[27]ZHANG C.Research on identity-based searchable encryptionschemes[D].Guiyang:Guizhou University,2022.
[28]BAO J B.Identity-based ring signcryption scheme based on SM9 algorithm[D].Wuhan:Wuhan University,2022.
[29]POINTCHEVAL D,STERN J.Security arguments for digitalsignatures and blind signatures[J].Journal of Cryptology,2000,13(3):361-369.
[30]ZHOU J,ZHANG Y J,ZHU Y F.Generic ID-based signature schemes and forking lemma[J].Journal of Information Engineering University,2007,8(2):129-133.
[31]CHENG Z H.Security analysis of SM9 key agreement and encryption[C]//Proc of the 14th International Conference Information Security and Cryptology.Fuzhou,2018:3-25.
[32]LAI J C,HUANG X Y,HED B,et al.Security analysis of national secret SM9 digital signature and key encapsulation algorithm[J].SCIENTIA SINICA Informationis,2021,51(11):1900-1913.
[33]Basddsa.hggm-Domestic cryptographic algorithm SM2/SM3/SM4/SM9/ZUC-Complete source code for Python implementation[EB/OL].(2024-07-11) [2024-07-11].https://gitee.com/basddsa/hggm.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发