| Digital signature is an important technology in the area of Public-Key Cryptography Digital signature provides the data integrity and non-repudiation of signatures.The security definition of digital signature scheme is existential unforgeable under adaptive chosen-message attacks(EUF-CMA).However,due to the presence of side-channel attacks,the security definition is not sufficient.When an adversary gets the private information of the signature scheme,especially the information of the secret key,the adversary would forge a signature successfully.It is a great threat for the security of the signature scheme.For example,bitcoin transactions are signed by the elliptic curve signature scheme.If the partial information of the secret key is leaked,then bitcoin would be stolen.For SM2 signature scheme,if the partial information of the secret key is leaked,users of the SM2 scheme would suffer a loss.Thus,it's necessary for us to research the leakage-resilient signature schemes.In this thesis,we focus on the continual leakage-resilient version of the varieties of digital signature schemes.The property of continual leakage resistance improves the security of digital signature schemes.Although the adversary obtain the partial information of the secret key,it can't forge a signature.In this thesis,we will propose two continual leakage-resilient signature schemes.One is the continual leakage-resilient elliptic curve signature scheme.Another is the continual leakage-resilient SM2 signature scheme.The security goal of these two schemes are that the adversary can't forge any signatures although it can obtain the partial information of the secret key.We simply describe these two continual leakage-resilient signature schemes as follows:(1)We studied the elliptic curve digital signature algorithm(ECDSA)and proposed the continual leakage-resilient elliptic curve digital signature algorithm.First,the secret key is separated into two parts,and they are stored in two different and independent places of the memory.Next,the signature scheme is divided into two progresses.These two progresses are called a round of signature computation.Before every round of the signature algorithm is computed,two parts of the secret key are updated firstly,and then the new secret key is used to sign messages.Finally,we generate the proposed signature scheme.The proposed scheme is provably secure in the generic bilinear group model.We analysis the computation complexity of the proposed scheme,and the simulation experiment verified its good efficiency.The leakage-resilient elliptic curve signature scheme can be implied into variety of applications.For instance,if the bitcoin transaction implies this signature scheme,the adversary would not forge a signature although it can obtain the partial information of the secret key.In this way,the user's bitcoin would not be stolen.(2)We investigated the SM2 signature scheme and put forward the continual leakage-resilient SM2 digital signature scheme.First,we transform the key generation algorithm into the bilinear pairing group.Specifically,we split the secret key into two independent parts,and place them on two different parts of the memory.Second,we change the signing algorithm to two processes and they are run in order.Before every signing algorithm is started,two secret keys have to be updated and are used to generate new signatures.Finally,we create the continual leakage-resilient SM2 signature scheme.The complexity analysis and simulation experiment verified the good efficiency of the proposed signature scheme.The proposed continual leakage-resilient SM2 signature scheme can be applied into variety of areas.For instance,in the area of bank,the proposed signature scheme could guarantee the security of the digital currency although the secret key was leaked. |
PDF Full Text Request