Design And Implementation Of Two-party SM2 Signature Scheme

With the development of science and technology,the digital signature technique plays more and more important role in many fields,especially in military security,secure commercial trade,etc.However,the excessive concentration of signature rights or leakage of signature keys poses security risks.To solve these problems,multi-signatures or threshold signatures can be used.Because threshold signatures are more flexible than multi-signatures,threshold signatures are more common.On the other hand,the China Cryptographic Authority published the SM2 signature algorithm in 2010,so the threshold SM2 signature attracted much attention of researchers.Nevertheless,An essential(2,2)threshold SM2 protocol with low computing and communication cost cannot be implemented in existing schemes,even with the help of a trusted distribution center.At the same time,the Central Bank of China held the digital currency forum in 2016.The digital currency issuance will inevitably use the digital wallet techniques based on SM2 signature algorithms.Therefore,to research two-party SM2 based signature scheme is of great significance.In view of the above problems,the two-party SM2 signature scheme without the trusted center is proposed in this thesis,and the scheme is threshold-optimal.Specifically,main contributions are as follows:(1)The problem that the value can't be shared in two-party SM2 scheme is solved in a new way in this paper.The normal multiplication sharing method cannot share the parameters used in the two-party SM2 scheme,and this paper innovatively proposes a new method by using the random number.(2)This paper has more convenient key management and higher security.Based on the used cryptographic primitives(partial homomorphic encryption,proof of Paillier key was generated correctly,commitment scheme and range proof,signature of knowledge),this scheme is optimal without trusted center and further improve the security of the system.At the same time,the calculation cost of the cryptographic primitive required for each value execution is given.(3)The new scheme performs effectively.This step sending the encrypted random number in the signing process is optimized,and it improves the efficiency.Besides,for the proof of random number and the proof of the difficulty of discrete logarithm on the elliptic curve,this paper uses the signature of knowledge,which is non-interactive and the computation cost is lower than the traditional zero-knowledge proof scheme.(4)The key algorithm of a digital wallet based on a two-party SM2 signature is implemented in this paper.Based on the crypto library named BouncyCastle,the system prototype of the proposed scheme is implemented on the Windows platform(PC),Android platform(mobile phone)and Linux platform(raspberry PI),and the generation of SM2 signature is available between any platforms.The experimental results show that the proposed two-side SM2 signature scheme is efficient.In particular,when the modular number N in the Paillier encryption is 2048 bits,the signature time on the three platforms is 147 ms,367ms and 8122 ms,respectively.The proposal can achieve the property of cross-platform,cross-terminal,and cross-network.