| 引用本文: |
-
雷灵光,常江,王平建,王跃武,周荃,寇春静.容忍丢失的轻量级终端密钥拆分方案的设计与实现[J].信息安全学报,已采用 [点击复制]
- LEI Lingguang,CHANG Jiang,WANG Pingjian,WANG Yuewu,ZHOU Quan,KOU Chunjing.Design and Implementation of a Lightweight and Loss-tolerant Secret Key Splitting Scheme for Mobile Terminals[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 近些年随着移动互联网的发展,越来越多的用户使用移动终端处理敏感业务。这些业务通常依赖签名机制来提供身份认证、不可否认性及完整性保护。然而,移动终端系统上的漏洞与恶意应用层出不穷,难以为签名操作提供安全的执行环境。SM2门限密码是为终端敏感应用提供签名和私钥保护的重要方式之一。但是,现有的SM2门限签名方案需要2t+1个参与者才能完成签名,使用不方便,也涉及较大的通信量和计算量。此外,方案未充分考虑设备丢失情况下密钥份额易被盗用以及密钥份额更新和添加的问题。为解决上述问题,本文围绕实际的应用需求,设计一种适用于移动终端的SM2门限密钥拆分算法,通过将标准SM2签名计算中的乘法运算转换为加法运算,使得t+1个参与者即可完成签名。相应地,签名阶段的通信量与计算量也随之减少。同时,为容忍设备及份额丢失,我们也分析和研究了基于该算法的私钥份额更新以及添加机制。根据设计的算法,以(3,5)门限为例,针对Android系统设计和实现了一套完整的SM2门限签名系统。在实现中,通过引入基于指纹的身份验证、Android KeyStore机制以及构建参与者之间的安全信道等,确保私钥份额生成、存储和使用等过程中的安全性。最后给出算法的安全性证明以及效率分析,并基于原型系统给出了实际的性能评估。 |
| 关键词: 密钥拆分 移动终端 门限签名 |
| DOI:10.19363/J.cnki.cn10-1380/tn.2024.02.11 |
| 投稿时间:2021-12-22修订日期:2022-03-02 |
| 基金项目:国家自然科学基金项目(面上项目,重点项目,重大项目) |
|
| Design and Implementation of a Lightweight and Loss-tolerant Secret Key Splitting Scheme for Mobile Terminals |
|
LEI Lingguang1, CHANG Jiang1, WANG Pingjian1, WANG Yuewu1, ZHOU Quan1, KOU Chunjing2
|
| (1.Institute of Information Engineering,Chinese Academy of Sciences;2.School of Cryptology, University of Chinese Academy of Sciences) |
| Abstract: |
| With the development of mobile Internet, mobile terminals have been widely used to deal with sensitive business in recent years. The sensitive business usually relies on the signing mechanism to provide authentication, non-repudiation and integrity protection. However, the complicated mobile operating systems fail to server as a secure execution environment for the signing operations due to the emerging vulnerabilities and malicious applications. SM2 threshold cryptography is one of the important ways to protect the signing procedure and the private key for terminal sensitive applications. However, existing SM2 threshold scheme requires 2t+1 participants to complete the signing procedure, which is inconvenient to use and requires a large amount of communication and calculation. Moreover, it has not well considered the secret key share stealing through physically obtaining the mobile devices, which is more prone to happening in the mobile scenario. Also, existing scheme does not provide mechanisms to update or add new key share. In this paper, we propose an SM2 threshold secret key splitting algorithm, according to the practical application requirements in the mobile scenario. By converting the multiplication operation in the standard SM2 signature algorithm to the addition operation, we could perform signing with t+1 participants. Corre-spondingly, the amount of communication and computation in the signing stage is reduced. In order to tolerate the loss of equipment and key shares, we also analyze and study the private key share updating and adding mechanisms based on the proposed algorithm. Next, we design and implement a (3,5) threshold signature prototype system for the Android platform. In the implementation, we introduce the fingerprint-based authentication and Android Key-Store mechanisms to enhance the security of private key shares during their generating, storing and utilizing phases. Finally, we analyze the security and efficiency of our algorithm, and evaluate the actual performance overhead on the prototype system. |
| Key words: secret key splitting mobile terminal threshold signature |
