摘要
安全性分析为密码方案的安全性提供重要依据和有力保障.我国自主设计的商用标识密码SM9已成为国家标准,其中,SM9数字签名算法和加密算法已成为ISO/IEC国际标准.然而,现有关于SM9标识密码算法安全性分析的公开发表研究成果较少.Cheng在Inscrypt 2018基于Gap-q-BCAA1假设,给出了SM9密钥交换协议、密钥封装机制和公钥加密算法的安全性证明.本文首先基于q-SDH假设和随机谕言模型,证明SM9数字签名算法具有EUF-CMIA的安全性.其次,为了消除对Gap类困难假设的依赖,采用Twin-Hash-ElGamal技术,提出基于SM9密钥封装机制的新型密钥封装机制Twin-SM9.与SM9密钥封装机制相比,Twin-SM9的系统公钥和用户私钥分别增加了一个群元素,而封装密文长度保持不变.在随机谕言模型中证明,若q-BDHI假设成立,则Twin-SM9密钥封装机制满足IND-CCA.然后进一步阐明了SM9标识密码的安全性,研究结果有助于基于SM9的高级密码协议和算法的设计与分析.
Security analysis provides strong guarantees and evidence for security cryptosystems.SM9 is an identity-based cryptosystem designed by China and has become a Chinese standard.The SM9 digital signature and encryption algorithm also became ISO/IEC International standards.However,there are few published research results on the security of SM9 cryptosystems.Based on Gap-q-BCAA1 assumption,Cheng gave the security analysis of SM9 key exchange protocol,key encapsulation and encryption algorithm in Inscrypt 2018.In this paper,we first give the formal security analysis for SM9 digital signature.Based on the q-SDH assumption,we prove that SM9 signature algorithm is EUF-CMIA secure.To eliminate the Gap assumption,we then use the technique of Twin-Hash-ElGamal to modify SM9 key encapsulation slightly without compromising its security and propose a new identity-based key encapsulation mechanism called Twin-SM9.Compared to SM9 key encapsulation,both the system public key and user private key contain one additional group element only and the ciphertext size remains the same.We prove that Twin-SM9 achieves IND-CCA security in the random oracle model based on the q-BDHI assumption.Our results clarify the security of SM9 and are useful for the design of SM9-based cryptosystems.
作者
赖建昌
黄欣沂
何德彪
伍玮
Jianchang LAI;Xinyi HUANG;Debiao HE;Wei WU(Fujian Provincial Key Lab of Network Security and Cryptology,College of Computer and Cyber Security,Fujian Normal University,Fuzhou 350117,China;Key Laboratory of Aerospace Information Security and Trusted Computing,Ministry of Education,School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China;Center for Applied Mathematics of Fujian Province,School of Mathematics and Statistics,Fujian Normal University,Fuzhou 350117,China)
出处
《中国科学:信息科学》
CSCD
北大核心
2021年第11期1900-1913,共14页
Scientia Sinica(Informationis)
基金
国家自然科学基金(批准号:61902191,62032005,61872089,61972294)
江苏省自然科学基金(批准号:BK20190696)
福建省自然科学基金(批准号:2020J02016)资助项目。
