信息安全研究第10卷第2期2024年2月JournalotinformationSecurityResearchVol.10No.2Feb.2024DOl:10.12379/j.issn.2096-1057.2024.02.09基于国密SM2算法的局部可验证聚合签名算法研究沈荣耀马利民23王佳慧4张伟主1,21(北京信息科技大学北京未来区块链与隐私计算高精尖中心北京100101)2(北京信息科技大学计算机学院北京100101)3(北京信息科技大学国家经济安全预警工程北京实验室北京100101)4(国家信息中心信息与网络安全部北京100045)(shenry66@163.com)ResearchonLocallyVerifiableAggregateSignatureAlgorithmBasedonSM2ShenRongyaol-2,MaLimin23,WangJiahui*,andZhangWeil.2I(BeijingAdoancedInnovationCenterforFutureBlockchainandPrivacyComputing,BeijingInformationScience&TechnologyUniversity,Beijing100101)2(SchoolofComputer,BeijingInformationScience&TechnologyUniversity,Beijing100101)3(BeijingLaboratoryofNationalEconomicSecurityEarly-warningEngineering,BeijingInformatiomScience&TechnologyUniversity,Beijing100101)4(DepartmentofInformationandNetworkSecurity,StateInformationCenter,Beijing100045)AbstractTheSM2algorithmisbasedontheellipticcurvecryptosystem,whichwasreleasedbytheStateCryptographyAdministrationin2010.Atpresent,itiswidelyusedine-government,medicalcare,financeandotherfields.Amongthem,digitalsignatureisthemainapplicationofSM2algorithm,andthenumberofsignatureandverificationoperationsgeneratedinvarioussecurityapplicationscenarioshasincreasedexponentially.AimingattheproblemthatmassiveSM2digitalsignaturesoccupyalargestoragespaceandtheefficiencyofverifyingsignaturesonebyoneislow.ThispaperproposesapartiallyverifiableaggregatesignatureschemebasedonthenationalsecretSM2algorithm,whichusesaggregatesignaturestoreducestorageoverheadandimproveverificationefficiency.Ontheotherhand,whentheverifieronlyneedstoverifythespecifiedmessageandtheaggregatedsignature,itmustalsoobtaintheplaintextofallthemessagesatthetimeofaggregation.Usingpartiallyverifiablesignatures,theverifieronlyneedstospecifythemessage,aggregatesignatureandshortprompttocompletetheverification.Analyzethecorrectnessandsecurityofthisscheme.Throughexperimen...
