CDBS:基于CRYSTALS-Dilithium算法的盲签名方案  

作　　者：杨亚涛 常鑫[2] 史浩鹏 王伟 王克[1] YANG Yatao;CHANG Xin;SHI Haopeng;WANG Wei;WANG Ke(Department of Electronic and Communication Engineering,Beijing Electronic Science and Technology Institute,Beijing 100070,China;School of Telecommunication Engineering,Xidian University,Xi’an 710071,China)

机构地区：[1]北京电子科技学院电子与通信工程系,北京100070 [2]西安电子科技大学通信工程学院,陕西西安710071

出　　处：《通信学报》2024年第7期184-195,共12页Journal on Communications

基　　金：北京市自然科学基金资助项目(No.4232034);中央高校基本科研业务费专项资金资助项目(No.3282024052,No.3282024058)。

摘　　要：为了应对传统盲签名方案在用户端、签名方和验证者交互过程中无法抵御量子计算攻击的这一难题,以NIST选定的后量子数字签名算法CRYSTALS-Dilithium为基础框架,设计了一种新型抗量子计算攻击的盲签名方案CDBS。整体方案采用Fiat-Shamir签名结构,包括密钥生成、盲化、签名、去盲和验证5个阶段,方案内部结合拒绝采样技术防止密钥泄露,使用NTT算法优化多项式计算以提高签名和验证效率。分析表明,所提方案安全性依赖于模误差学习(MLWE)问题和小整数解(SIS)问题,同时满足正确性、盲性和不可伪造性。与其他基于格的盲签名方案相比,所提方案具有较高的安全性,且签名生成过程更高效,占用开销更小。在相同样本参数设置下,所提方案整体开销仅为MBS方案的67.1%。经软件测试验证,实现一次完整的盲签名和验证过程平均仅需657.65μs。所提方案为CRYSTALS-Dilithium数字签名算法的拓展应用提供了参考。In order to solve the inadequacy of traditional blind signature schemes in resisting quantum computing attacks during interactions between users,signers,and verifiers was addressed,a novel quantum-resistant blind signature scheme named CDBS was proposed.This scheme aimed to enhance security and could resist quantum computing attacks.The scheme was based on the post-quantum digital signature algorithm CRYSTALS-Dilithium,selected by national institute of standards and technology(NIST).The overall scheme adopted the Fiat-Shamir signature structure,which comprised five stages,such as key generation,blinding,signing,unblinding and verification.The scheme incorporated rejection sampling technology to prevent key leakage and used NTT algorithm to optimise polynomial computation,thereby enhancing the efficiency of both signature generation and verification.Security analysis indicated that the scheme satisfied correctness,blindness,and unforgeability based upon module learning with error(MLWE)and small integer solution(SIS)problems.The scheme showed higher security and more efficient signature generation processes with smaller overhead than other lattice-based blind signature schemes.Given the same parameters,the overall computing overhead in the scheme was only 67.1%of the MBS scheme.Through software testing,an average time was only 657.65μs to complete one blind signature and verification process.This work provided a valuable reference for the extended application on the CRYSTALS-Dilithium digital signature algorithm.

关 键 词：盲签名 数字签名 CRYSTALS-Dilithium 格 后量子密码 

分 类 号：TN92[电子电信—通信与信息系统]