Aitps:基于非对称模格问题的两方协同签名方案  被引量：3

作　　者：文嘉明 王后珍[1,2,3] 刘金会 张焕国[1,2] Wen Jiaming;Wang Houzhen;Liu Jinhui;Zhang Huanguo(School of Cyber Science and Engineering,Wuhan University,Wuhan 430072;Key Laboratory of Aerospace Information Security and Trusted Computing(Wuhan University),Ministry of Education,Wuhan 430072;State Key Laboratory of Cryptology,Beijing 100878;School of Cyber Security,Northwestern Polytechnical University,Xi’an 710072)

机构地区：[1]武汉大学国家网络安全学院,武汉430072 [2]空天信息安全与可信计算教育部重点实验室(武汉大学),武汉430072 [3]密码科学技术国家重点实验室,北京100878 [4]西北工业大学网络空间安全学院,西安710072

出　　处：《计算机研究与发展》2023年第9期2137-2151,共15页Journal of Computer Research and Development

基　　金：国家重点研发计划项目(2022YFB4500800);国家自然科学基金项目(62272385,62272389,U19B2021);中央高校基本科研业务费专项资金(2042022kf0021)。

摘　　要：物联网和区块链等技术的兴起和发展,使得多方协同签名协议重新受到了关注.多方协同签名是一种特殊的数字签名,要求多个用户进行交互后共同对一个消息产生合法的签名,以达到认证的目的.优点在于相比起每个用户分别进行签名可以缩短尺寸,同时使用分布式的方法,任何一方都无法独自进行签名,防范了因为单个用户的密钥丢失或被劫持而导致被冒充身份的隐患.另一方面,量子计算机的进展对传统的公钥密码方案构成了潜在的威胁,美国国家标准与技术研究院(National Institute of Standards and Technology,NIST)在2016年启动抗量子密码(post-quantum cryptography,PQC)的国际标准征集项目,并于2022年7月确定了被选为标准的算法.同时,基于其入选的数字签名方案(例如CRYSTALS-Dilithium)的协同签名方案也已经陆续出现.2019年,中国密码学会举办了全国密码算法设计竞赛,其中公钥组获得一等奖的Aigis-sig签名方案采用了与Dilithium类似的结构.基于Aigis-sig数字签名方案设计了一种两方协同签名方案,称之为Aitps,并根据其提供的参数进行了实例化和对比,得到了相比已有的所有基于Dilithium的两方协同签名方案更优的密钥和签名大小,例如在同等的安全强度下签名尺寸可缩减20%以上.此外,该方案也可以扩展为多方协同签名.Recent years,with the advancement of the IoT and blockchain,multi-party signature protocols have received renewed attention.Multi-party signature is a special digital signature that requires users to interact with each other to jointly generate a signature for a message and achieve the authentication.Compared with each user signing respectively,the advantage is that the key size can be greatly decreased,and every party cannot get a legal signature only by itself,which can be used to prevent the danger of being impersonated when user’s key is lost or hijacked.On the other hand,the progress of quantum computers poses a potential threat to the traditional public key cryptography scheme,the PQC(post-quantum cryptography)project was organized by the NIST(National Institute of Standards and Technology)in the US since 2016,and it determined the algorithm that was standardized in July 2022.At the same time,the multi-party signature based on its candidate digital signature schemes(such as CRYSTALS-Dilithium)also appeared.Chinese Association for Cryptologic Research(CACR)also held a national cryptographic algorithm design competition in 2019,Aigis-sig,which is the first prize signature algorithm,adopts the similar structure with Dilithium.In this paper,Aitps is proposed,which is a two-party signature based on Aigis-sig.Compared with the existing Dilithium-based two-party signatures,Aitps has better key sizes and signature sizes.For example,the signature sizes can be reduced by more than 20%at the same security level.Lastly,Aitps can also be extended to multi-party signature.

关 键 词：数字签名 两方协同签名 基于格的密码学 抗量子密码 密钥保护 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]