计算机科学

计算机科学 ›› 2025, Vol. 52 ›› Issue (12): 384-390.doi: 10.11896/jsjkx.241000072

• 信息安全 • 上一篇    下一篇

基于国密算法SM9的环签名方案

谢振杰1,2, 张耀1,3, 杨启超1, 宋恩舟1   

  1. 1 信息工程大学网络空间安全教育部重点实验室 郑州 450001
    2 中国人民解放军78156部队 重庆 400039
    3 中国人民解放军新疆昌吉军分区 新疆 昌吉 831100
  • 收稿日期:2024-10-15 修回日期:2025-01-24 出版日期:2025-12-15 发布日期:2025-12-09
  • 通讯作者: 杨启超(yangqichaoo@foxmail.com)
  • 作者简介:(jsonxie@126.com)
  • 基金资助:
    装备预先研究项目(30603010601)

Ring Signature Scheme Based on Domestic Cryptographic Algorithm SM9

XIE Zhenjie1,2, ZHANG Yao1,3, YANG Qichao1, SONG Enzhou1   

  1. 1 Key Laboratory of Cyberspace Security, Ministry of Education, Information Engineering University, Zhengzhou 450001, China
    2 Troop 78156 of PLA, Chongqing 400039, China
    3 Xinjiang Changji Military Subarea of PLA, Changji, Xinjiang 831100, China
  • Received:2024-10-15 Revised:2025-01-24 Published:2025-12-15 Online:2025-12-09
  • About author:XIE Zhenjie,born in 1995,Ph.D candidate.His main research interests include cloud security and cryptography applications.
    YANG Qichao,born in 1992,Ph.D candidate,lecturer.His main research interests include network security,protocol reverse analysis and vulnerability discovery.
  • Supported by:
    This work was supported by the Equipment Pre Research Project(30603010601).

PDF (PC)

8

摘要: 环签名具备自发性和匿名性,其在实现数字签名的同时保护了用户隐私,已被广泛应用于区块链、电子选举和数字货币交易等需要隐藏签名者真实身份的场景。基于标识的密码可避免复杂的公钥基础设施建设和公钥证书管理,具有更好的系统性能。以基于标识密码体制的国密算法SM9数字签名算法为基础,构造了满足一般系统模型和安全模型的环签名方案,在随机预言机模型下基于q-SDH困难问题,证明了提出的方案具有EUF-CMIA安全性,即使在掌握系统主私钥的敌手面前也具备完全匿名性。理论分析和测试表明,该方案相较于现有同类方案具有明显性能优势,当环用户数量为1 024时,签名和验证速率较同类方案分别提升121%和111%,签名数据减少近50%。

关键词: 国密算法, SM9, 环签名, 数字签名, 基于标识的密码

Abstract: Ring signatures possess spontaneity and anonymity,which can protect user privacy while implementing digital signatures.They have been widely used in scenarios requiring the concealment of the signer’s true identity,such as blockchain,electronic voting,and digital currency transactions.Identity-based cryptography can avoid the complexity of public key infrastructure construction and public key certificate management,which offers better system performance.Based on the SM9 digital signature algorithm,an identity-based domestic cryptographic algorithm,this paper constructs a ring signature scheme that satisfies general system model and security model.In the random oracle model,it is proven that this scheme has EUF-CMIA security based on the q-SDH hard problem.It is also proven that this scheme maintains full anonymity even in the presence of adversaries with access to the system’s master secret key.Theoretical analysis and testing indicates that this scheme has significant performance advantages over existing similar schemes.When the number of ring users is 1 024,the signature and verification rates are improved by 121% and 111% respectively,and the signature data size is reduced by nearly 50%.

Key words: Domestic cryptographic algorithm, SM9, Ring signature, Digital signature, Identity-based cryptograph

中图分类号: 

  • TP309.7
[1]RIVEST R L,SHAMIR A,TAUMAN Y.How to leak a secret[C]//Proceedings of Annual International Conference on the Theory and Application of Cryptology and Information Security(ASIACRYPT).Berlin:Springer,2001:552-565.
[2]LI X F,MEI Y R,GONG J,et al.A blockchain privacy protection scheme based on ring signature[J].IEEE Access,2020,8:76765-76772.
[3]SUN S F,AU M H,LIU J K,et al.RingCT 2.0:A compact accumulator-based(linkable ring signature) protocol for blockchain cryptocurrency Monero[C]//Proceedings of Computer Security-ESORICS 2017.Cham:Springer,2017:456-474.
[4]ABE M,MIYAKO O,KOUTAROU S.1-out-of-n signaturesfrom a variety of keys[C]//Proceedings of Annual International Conference on the Theory and Application of Cryptology and Information Security(ASIACRYPT).Berlin:Springer,2002:415-432.
[5]ZHANG F G,KWANGJO K.ID-based blind signature and ring signature from pairings[C]//Proceedings of Annual International Conference on the Theory and Application of Cryptology and Information Security(ASIACRYPT).Berlin:Springer,2002:533-547.
[6]JIA X Y,HE D B,XU Z Y,et al.An efficient identity-based ring signature scheme over a lattice[J].Journal of Cryptologic Research,2017,4(4):392-404.
[7]Identity-based cryptographic algorithms SM9-Part 1:General:GB/T 38635.1-2020[S].Beijing:National Information Security Standardization Technical Committee,2020-04-28.
[8]Identity-based cryptographic algorithms SM9-Part 2:Algo-rithms:GB/T 38635.2-2020[S].Beijing:National Information Security Standardization Technical Committee,2020-04-28.
[9]PU L,LIN C,WU W,et al.A public-key encryption with keyword search scheme from SM9[J].Journal of Cyber Security,2023,8(1):108-118.
[10]LAI J C,HUANG X Y,HE D B,et al.An efficient hierarchicalidentity-based encryption based on SM9[J].SCIENTIA SINICA Informationis,2023,53(5):918-930.
[11]LIU K,NING J T,WU W,et al.Multi-ciphertext batch auditable decryption outsourcing SM9-HIBE key encapsulation mecha-nism[J].Journal on Communications,2023,44(12):158-170.
[12]LI C,LIANG J K,DING Y J,et al.Hierarchical identity-based broadcast inner product functional encryption based on SM9[J].SCIENTIA SINICA Informationis,2024,54(6):1400-1418.
[13]CUI Y,HUANG X Y,LAI J C,et al.Anonymous broadcast encryption based on SM9[J].Journal of Cyber Security,2023,8(6):15-27.
[14]LIU X H,HUANG X Y,CHENG Z H,et al.Fault-tolerantidentity-based encryption from SM9[J].Science China(Information Sciences),2024,67(2):104-117.
[15]LIN C Y,WU T C.An identity-based ring signature schemefrom bilinear pairings[C]//Proceedings of 18th International Conference on Advanced Information Networking and Applications.IEEE,2004:182-185.
[16]HERRANZ J,SAEZ G.New identity-based ring signatureschemes[C]//Proceedings of Information and Communications Security—ICICS 2004.Berlin:Springer,2004:27-39.
[17]CHOW S S M,YIU S M,HUI L C K.Efficient identity based ring signature[C]//Proceedings of Applied Cryptography and Network Security—ACNS 2005.Berlin:Springer,2005:499-512.
[18]BRAKERSKI Z,KALAI Y T.A framework for efficient signa-tures,ring signatures and identity based encryption in the standard model[EB/OL].https://eprint.iacr.org/2010/086.pdf.
[19]PENG C,HE D B,LUO M,et al.An identity-based ring signature scheme for SM9 algorithm[J].Journal of Cryptologic Research,2021,8(4):724-734.
[20]BAO J B.Identity-based ring signcryption scheme based on SM9 algorithm[D].Wuhan:Wuhan University,2022.
[21]DENG H M,PENG C G,DING H F,et al.A threshold ring signature scheme based on GM SM9 algorithm[J].Computer Technology and Development,2022,32(12):95-102.
[22]RAO J T,CUI Z.Secure e-voting protocol based on SM9 blind signature and ring signature[J].Computer Engineering,2023,49(6):13-23,33.
[23]AN H Y,HE D B,BAO Z J,et al.Ring signature based on the SM9 digital signature and its application in blockchain privacy protection[J].Journal of Computer Research and Development,2023,60(11):2545-2554.
[24]POINTCHEVAL D,STERN J.Security arguments for digitalsignatures and blind signatures[J].Journal of Cryptology,2000,13(3):361-369.
[25]HERRANZ J,SAEZ G.Forking lemmas for ring signatureschemes[C]//Proceedings of Indocrypt’03,LNCS.Berlin:Springer,2003:266-279.
[26]ZHOU J,ZHANG Y J,ZHU Y F.Generic ID-based signature schemes and forking lemma[J].Journal of Information Engineering University,2007,8(2):129-133.
[27]ZHOU M,FU G,ZHOU Q.Proof of generic ID-based ring signature by forking lemma[J].Communications Technology,2008,41(7):183-184,188.
[28]LAI J C,HUANG X Y,HE D B,et al.Security analysis of national secret SM9 digital signature and key encapsulation algorithm[J].SCIENTIA SINICA Informationis,2021,51(11):1900-1913.
[29]BENDER A,KATZ J,MORSELLI R.Ring signatures:Stronger definitions,and constructions without random oracles[J].Journal of Cryptology,2009,22(1):114-138.
[30]WANG J T,FAN R,HUANG Z.Fast implementation of high power operation in SM9[J].Computer Engineering,2023,49(9):118-124,136.
[31]XIE Z J,LIU Y M,CAI R J,et al.Performance optimizationmethod of domestic cryptographic algorithm SM9[J].Conputer Science,2025,52(6):390-396.
[32]BASDDSA.Hggm-Domestic cryptographic algorithm SM2/SM3/SM4/SM9/ZUC-Complete source code for Python implementation[EB/OL].(2024-07-11) [2024-07-11].https://gitee.com/basddsa/hggm.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发