引用本文: |
-
黄佩达,林超,伍玮,何德彪.基于SM2数字签名的区块链匿名密钥交换协议[J].信息安全学报,2024,9(3):19-28 [点击复制]
- HUANG Peida,LIN Chao,WU Wei,HE Debiao.Blockchain Anonymous Key Exchange Based on SM2 Digital Signature Protocol[J].Journal of Cyber Security,2024,9(3):19-28 [点击复制]
|
|
摘要: |
区块链技术因其去中心化、匿名性、不可篡改、不可伪造等优点, 已经成为我国的一项前沿技术, 在各领域得到广泛的应用。虽然用户可利用区块链发布匿名交易, 有效隐藏交易双方的身份信息, 但双方交易完成后传输交易相关数据可能破坏匿名性。这是因为在数据传输过程中, 为了保证双方通信安全, 往往使用认证密钥交换协议认证双方身份, 计算会话密钥建立安全信道。由于传统的认证密钥交换协议涉及双方的长期公私钥对信息, 所以将泄露交易双方的身份信息。虽然区块链匿名密钥交换可基于交易双方的历史链上交易完成密钥交换, 有效保障交易双方的匿名性, 但现有区块链匿名密钥交换协议主要基于国外密码算法设计, 难以适用于国产区块链平台, 不符合我国密码核心技术自主可控的要求。为丰富国产商用密码算法在区块链匿名密钥交换方面的研究, 满足区块链交易后双方匿名安全通信的需求, 本文以 SM2 数字签名算法和区块链为基础, 构造非交互式和交互式两种区块链匿名密钥交换协议。并在 CK 安全模型中证明非交互式的协议满足会话密钥安全, 交互式的协议满足有前向安全性的会话密钥安全。最后通过理论分析和编程实现结果表明, 本文协议在没有比现有协议消耗更多的计算开销与通信代价的前提下, 可适用于国产化区块链平台。 |
关键词: 密钥交换协议 SM2数字签名 区块链 CK安全模型 |
DOI:10.19363/J.cnki.cn10-1380/tn.2024.05.02 |
投稿时间:2022-07-10修订日期:2022-11-02 |
基金项目:本课题得到国家自然科学基金(No. 62102089, No. 62032005, No. 61872089, No. 61972294)、中央高校基本科研业务费专项资金(No.2042021kf1030)、湖北省自然科学基金 (No. 2017CFA007)、福建省自然科学基金(No. 2020J02016)资助。 |
|
Blockchain Anonymous Key Exchange Based on SM2 Digital Signature Protocol |
HUANG Peida1, LIN Chao1, WU Wei2, HE Debiao3
|
(1.College of Computer and Cyber Security, Fujian Normal University, Fuzhou 350117, China;2.School of Mathematics and Statistics, Fujian Normal University, Fuzhou 350117, China;3.School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China) |
Abstract: |
Blockchain technology has become a frontier technology in China and is widely used in various fields due to its advantages of decentralization, anonymity, immutability and unforgeability. Although users can use blockchain to publish anonymous transactions and effectively hide the identity information of both parties to the transaction, the transmission of transaction-related data after the completion of the transaction between the two parties may destroy the anonymity. This is because during data transmission, in order to secure the communication between the two parties, the authentication key exchange protocol is often used to authenticate the identity of both parties and calculate the session key to establish a secure channel. Since the traditional authentication key exchange protocol involves long-term public-private key pair information of both parties, it will disclose the identity information of both parties of the transaction. Although blockchain anonymous key exchange can complete key exchange based on the historical on-chain transactions of both parties to the transaction and effectively guarantee the anonymity of both parties to the transaction, the existing blockchain anonymous key exchange protocol is mainly designed based on foreign cryptographic algorithms, which is difficult to apply to domestic blockchain platforms and does not meet the requirement of independent and controllable core cryptographic technology in China. To enrich the research of domestic commercial cryptographic algorithms in blockchain anonymous key exchange and meet the demand for anonymous and secure communication between two parties after blockchain transactions, this paper constructs two blockchain anonymous key exchange protocols, non-interactive and interactive, based on SM2 digital signature algorithm and blockchain. And it is proved in the CK security model that the non-interactive protocol satisfies the session key security and the interactive protocol satisfies the session key security with forward security. Finally, the theoretical analysis and programming implementation results show that the protocol in this paper can be suitable for domestic blockchain platforms without consuming more computational overhead and communication costs than existing protocols. |
Key words: key exchange protocol SM2 digital signature blockchain CK security model |