Cryptography plays a vital role in maintaining the integrity,non-repudiation,confidentiality and authentication of information,and is one of the core technologies to ensure information security.My country emphasizes the independence and control of cryptographic technology,and commercial cryptographic technology must strengthen independent innovation.In 2017,the "SM9 Identity-Based Cryptographic Algorithms"issued by the State Cryptography Administration Office of Security Commercial Code Administration of my country was adopted by the International Organization for Standardization(ISO).With the continuous improvement of the SM9 cryptographic algorithm at home and abroad,it will be applied on a large scale in various fields in the future.For now,the research on SM9 Identity-Based Cryptographic Algorithms at home and abroad is still in its infancy.As a powerful cryptographic technology,digital signature plays an important role in promoting the application of the SM9 Identity-Based Cryptographic Algorithms.Based on the SM9 digital signature algorithm and supported by identity authentication,proxy signature,and proxy signcryption technology,this paper designs and implements solutions for different problem scenarios.The main contributes are as follows:First,in response to the need for identity authentication in network communication,this article improves the identity authentication model proposed by Ma et al.and others,and solves the problem that the original protocol is vulnerable to selected text attacks initiated by malicious verifiers.Based on the SM9 digital signature algorithm,the article designs SM9 bidirectional authentication protocol.Second,in response to the need for signature authority transfer in digital signatures,there has not yet been a proxy signature design scheme for the SM9 digital signature algorithm.This article uses the method of authorization information generation to apply the proxy signature idea to the SM9 digital signature algorithm,and designs the SM9 proxy signature scheme.Third,in view of the lack of confidentiality of the digital signature algorithm,based on the SM9 proxy signature scheme given in this paper,combined with the SM9 key encapsulation mechanism,the SM9 proxy signcryption scheme is designed,so that the proxy signature can be transmitted confidentially.Finally,in the cloud data sharing scenario of Negalign et al.,this paper combines the SM9 proxy signcryption scheme with the SM9 bidirectional authentication protocol to design the system,so that the system has both proxy signcryption and identity authentication functions.This article gives the detailed process of the above schemes,and verifies the feasibility through design experiments.The SM9 secure cloud data sharing solution obtained by combining the solutions in this paper meets the confidentiality,authenticity,integrity and non-repudiation indicators of information security. |