【打印本页】      【下载PDF全文】   View/Add Comment  Download reader   Close
←前一篇|后一篇→ 过刊浏览    高级检索
本文已被:浏览 7600次   下载 4482 本文二维码信息
码上扫一扫!
基于SM2数字签名的区块链匿名密钥交换协议
黄佩达,林超,伍玮,何德彪
分享到: 微信 更多
(福建师范大学 计算机与网络空间安全学院 福州 中国 350117;福建师范大学 数学与统计学院 福州 中国 350117;武汉大学 国家网络安全学院 武汉 中国 430072)
摘要:
区块链技术因其去中心化、匿名性、不可篡改、不可伪造等优点, 已经成为我国的一项前沿技术, 在各领域得到广泛的应用。虽然用户可利用区块链发布匿名交易, 有效隐藏交易双方的身份信息, 但双方交易完成后传输交易相关数据可能破坏匿名性。这是因为在数据传输过程中, 为了保证双方通信安全, 往往使用认证密钥交换协议认证双方身份, 计算会话密钥建立安全信道。由于传统的认证密钥交换协议涉及双方的长期公私钥对信息, 所以将泄露交易双方的身份信息。虽然区块链匿名密钥交换可基于交易双方的历史链上交易完成密钥交换, 有效保障交易双方的匿名性, 但现有区块链匿名密钥交换协议主要基于国外密码算法设计, 难以适用于国产区块链平台, 不符合我国密码核心技术自主可控的要求。为丰富国产商用密码算法在区块链匿名密钥交换方面的研究, 满足区块链交易后双方匿名安全通信的需求, 本文以 SM2 数字签名算法和区块链为基础, 构造非交互式和交互式两种区块链匿名密钥交换协议。并在 CK 安全模型中证明非交互式的协议满足会话密钥安全, 交互式的协议满足有前向安全性的会话密钥安全。最后通过理论分析和编程实现结果表明, 本文协议在没有比现有协议消耗更多的计算开销与通信代价的前提下, 可适用于国产化区块链平台。
关键词:  密钥交换协议  SM2数字签名  区块链  CK安全模型
DOI:10.19363/J.cnki.cn10-1380/tn.2024.05.02
Received:July 10, 2022Revised:November 02, 2022
基金项目:本课题得到国家自然科学基金(No. 62102089, No. 62032005, No. 61872089, No. 61972294)、中央高校基本科研业务费专项资金(No.2042021kf1030)、湖北省自然科学基金 (No. 2017CFA007)、福建省自然科学基金(No. 2020J02016)资助。
Blockchain Anonymous Key Exchange Based on SM2 Digital Signature Protocol
HUANG Peida,LIN Chao,WU Wei,HE Debiao
College of Computer and Cyber Security, Fujian Normal University, Fuzhou 350117, China;School of Mathematics and Statistics, Fujian Normal University, Fuzhou 350117, China;School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China
Abstract:
Blockchain technology has become a frontier technology in China and is widely used in various fields due to its advantages of decentralization, anonymity, immutability and unforgeability. Although users can use blockchain to publish anonymous transactions and effectively hide the identity information of both parties to the transaction, the transmission of transaction-related data after the completion of the transaction between the two parties may destroy the anonymity. This is because during data transmission, in order to secure the communication between the two parties, the authentication key exchange protocol is often used to authenticate the identity of both parties and calculate the session key to establish a secure channel. Since the traditional authentication key exchange protocol involves long-term public-private key pair information of both parties, it will disclose the identity information of both parties of the transaction. Although blockchain anonymous key exchange can complete key exchange based on the historical on-chain transactions of both parties to the transaction and effectively guarantee the anonymity of both parties to the transaction, the existing blockchain anonymous key exchange protocol is mainly designed based on foreign cryptographic algorithms, which is difficult to apply to domestic blockchain platforms and does not meet the requirement of independent and controllable core cryptographic technology in China. To enrich the research of domestic commercial cryptographic algorithms in blockchain anonymous key exchange and meet the demand for anonymous and secure communication between two parties after blockchain transactions, this paper constructs two blockchain anonymous key exchange protocols, non-interactive and interactive, based on SM2 digital signature algorithm and blockchain. And it is proved in the CK security model that the non-interactive protocol satisfies the session key security and the interactive protocol satisfies the session key security with forward security. Finally, the theoretical analysis and programming implementation results show that the protocol in this paper can be suitable for domestic blockchain platforms without consuming more computational overhead and communication costs than existing protocols.
Key words:  key exchange protocol  SM2 digital signature  blockchain  CK security model