网络与信息安全学报 (Dec 2022)

Anti malicious KGC certificateless signature scheme based on blockchain and domestic cryptographic SM9

  • Fei TANG, Ning GAN, Xianggui YANG, Jinyang WANG

DOI
https://doi.org/10.11959/j.issn.2096-109x.2022073
Journal volume & issue
Vol. 8, no. 6
pp. 9 – 19

Abstract

Read online

The certificateless cryptosystem can solve the problems of certificate management and key escrow at the same time, but its security model always assumes that Type II adversary (named malicious KGC) will not launch public key replacement attacks.This security assumption has certain limitations in real-world applications.As an efficient identity-based cryptographic scheme, SM9 signature scheme adopts R-ate bilinear pairing which has good security and high computational efficiency.However, it requires KGC to generate and manage keys for users, so it has the problem of key escrow.In view of the above problems, a certificateless signature scheme against malicious KGC was constructed based on blockchain and SM9 signature algorithm.Based on the properties of decentralization and tamper-proof of blockchain, the proposed scheme used the smart contract to record part of the public key corresponding to the user’s secret value on the blockchain.Then, the verifier can revoke the smart contract to query the user’s public key during the signature verification stage.Therefore, the proposed scheme ensured the authenticity of the user’s public key.The user’s private key consisted of the partial private key generated by KGC and a secret randomly chosen by the user.The user required the partial private key generated by KGC to endorse his identity identifier when the user generates the private key for the first time.Subsequently, the private key can be independently updated by changing the secret and the corresponding partial public key.During this process, the identity remains unchanged, which provided a viable solution for key management in decentralized application scenarios.The blockchain relied on the consensus mechanism to ensure the consistency of the distributed data.Based on the traceability of the blockchain, the change log of user’s partial public key was stored in the blockchain, which can trace the source of malicious public key replacement attacks and thereby prevent malicious KGC from launching public key replacement attacks.According to the experimental simulation and security proof results, the total overhead of signature and verification of the proposed scheme is only 7.4ms.Compared with similar certificateless signature schemes, the proposed scheme can effectively resist public key replacement attacks and has higher computational efficiency.

Keywords