Journal of Computer Applications ›› 2021, Vol. 41 ›› Issue (7): 1983-1988.DOI: 10.11772/j.issn.1001-9081.2020081220

Special Issue: 网络空间安全

• Cyber security • Previous Articles     Next Articles

Blockchain digital signature scheme with improved SM2 signature method

YANG Longhai, WANG Xueyuan, JIANG Hesong   

  1. School of Information Engineering, Southwest University of Science and Technology, Mianyang Sichuan 621010, China
  • Received:2020-08-14 Revised:2020-11-02 Online:2021-07-10 Published:2021-07-22

改进SM2签名方法的区块链数字签名方案

杨龙海, 王学渊, 蒋和松   

  1. 西南科技大学 信息工程学院, 四川 绵阳 621010
  • 通讯作者: 蒋和松
  • 作者简介:杨龙海(1997-),男,四川眉山人,硕士研究生,主要研究方向:区块链、算法分析;王学渊(1974-),男,四川成都人,副教授,博士,主要研究方向:图像处理、算法分析;蒋和松(1982-),男,重庆人,讲师,博士研究生,主要研究方向:机器人、计算机视觉、物联网。

Abstract: In order to improve the storage security and signature efficiency of digital signature keys in the consortium blockchain Practical Byzantine Fault Tolerance (PBFT) algorithm consensus process, considering the actual application environment of the consortium blockchain PBFT consensus algorithm, a trusted third-party proof signature scheme based on key division and Chinese encryption SM2 algorithm was proposed. In this scheme, by a trusted third-party, the key was generated and split, and the sub-split private key was distributed to the consensus nodes. In each consensus, the identity must be proved to the trusted third-party at first, and then the other half of the sub-split private key was obtained by the verification party to perform identity verification. In this signature scheme, the segmentation and preservation of the private key was realized by combining the characteristics of the consortium chain, and the modular inversion process in the traditional SM2 algorithm was eliminated by using consensus feature and hash digest. The theoretical analysis proved that the proposed scheme was resistant to data tampering and signature forgery, while Java Development Kit (JDK1.8) and TIO network framework were used to simulate the signature process in consensus. Experimental results show that compared with the traditional SM2 algorithm, the proposed scheme is more efficient, and the more consensus nodes, the more obvious the efficiency gap. When the node number reaches 30, the efficiency of the scheme is improved by 27.56%, showing that this scheme can satisfy the current application environment of the consortium blockchain PBFT consensus.

Key words: digital signature, blockchain, key division, Practical Byzantine Fault Tolerance (PBFT), Chinese encryption SM2 algorithm

摘要: 为了提高联盟链实用拜占庭容错(PBFT)算法共识过程中数字签名密钥保存安全性和签名效率问题,结合联盟链PBFT共识算法的实际运用环境提出了一种基于密钥分割和国家标准SM2签名算法的可信第三方证明签名方案。该方案中由可信第三方产生和分割密钥并将子分割私钥分发给共识节点,每次共识须先向可信第三方证明身份后,获取另一半子分割私钥来进行身份签名验证。该签名方案结合联盟链的特性实现了私钥的分割保存,利用共识特性结合哈希摘要消去了传统SM2算法中的模逆的过程。通过理论分析证明了该方案可抗数据篡改和签名伪造,同时借助Java开发工具包(JDK1.8)和TIO网络框架模拟共识中的签名过程。实验结果表明所提方案比传统SM2签名算法效率更高,并且共识节点越多效率差距越明显,在节点数达到30时,其效率较传统SM2算法可以提升27.56%,表明该方案可以满足当前联盟链PBFT共识的应用环境。

关键词: 数字签名, 区块链, 密钥分割, 实用拜占庭容错, 国家标准SM2签名算法

CLC Number: