Skip to main content
Springer Nature Link
Log in

A provable-secure and practical two-party distributed signing protocol for SM2 signature algorithm

  • Research Article
  • Published:
Frontiers of Computer Science Aims and scope Submit manuscript

Abstract

Mobile devices are widely used for data access, communications and storage. However, storing a private key for signature and other cryptographic usage on a single mobile device can be challenging, due to its computational limitations. Thus, a number of (t, n) threshold secret sharing schemes designed to minimize private key from leakage have been proposed in the literature. However, existing schemes generally suffer from key reconstruction attack. In this paper, we propose an efficient and secure two-party distributed signing protocol for the SM2 signature algorithm. The latter has been mandated by the Chinese government for all electronic commerce applications. The proposed protocol separates the private key to storage on two devices and can generate a valid signature without the need to reconstruct the entire private key. We prove that our protocol is secure under nonstandard assumption. Then, we implement our protocol using MIRACL Cryptographic SDK to demonstrate that the protocol can be deployed in practice to prevent key disclosure.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Clarke N L, Mekala A R. The application of signature recognition to transparent handwriting verification for mobile devices. Information Management & Computer Security, 2007, 15(3): 214–225

    Article  Google Scholar 

  2. Plamondon R, Pirlo G, Impedovo D. Online signature verification. Handbook of Document Image Processing and Recognition, Springer, London, 2014, 917–947

    Chapter  Google Scholar 

  3. Sae-Bae N, Memon N. Online signature verification on mobile devices. IEEE Transactions on Information Forensics and Security, 2014, 9(6): 933–947

    Article  Google Scholar 

  4. Lin Q, Li J, Huang Z, Chen W, Shen J. A short linearly homomorphic proxy signature scheme. IEEE Access, 2018, 6: 12966–12972

    Article  Google Scholar 

  5. Shamir A. How to share a secret. Communications of the ACM, 1979, 22(11): 612–613

    Article  MathSciNet  Google Scholar 

  6. Harn L. Comments on’fair (t, n) threshold secret sharing scheme’. IET Information Security, 2014, 8(6): 303–304

    Article  Google Scholar 

  7. Harn L, Fuyou M. Multilevel threshold secret sharing based on the Chinese Remainder Theorem. Information Processing Letters, 2014, 114(9): 504–509

    Article  MathSciNet  Google Scholar 

  8. Kurihara J, Kiyomoto S, Fukushima K, Tanaka T. A new (k, n)-threshold secret sharing scheme and its extension. In: Proceedings of International Conference on Information Security. 2008, 455–470

  9. Stadler M. Publicly verifiable secret sharing. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques. 1996, 190–199

  10. Tassa T. Hierarchical threshold secret sharing. Journal of Cryptology, 2007, 20(2): 237–264

    Article  MathSciNet  Google Scholar 

  11. Gennaro R, Jarecki S, Krawczyk H, Rabin T. Robust threshold DSS signatures. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques. 1996, 354–371

  12. MacKenzie P, Reiter M K. Two-party generation of DSA signatures. In: Proceedings of Annual International Cryptology Conference. 2001, 137–154

  13. Shoup V. Practical threshold signatures. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques. 2000, 207–220

    Chapter  Google Scholar 

  14. Goyal V, Pandey O, Sahai A, Waters B. Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security. 2006, 89–98

  15. Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In: Proceedings of 2007 IEEE Symposium on Security and Privacy. 2007, 321–334

  16. Itakura K. A public-key cryptosystem suitable for digital multisignatures. NEC Research & Development, 1983, 71: 1–8

    Google Scholar 

  17. Yi L, Bai G, Xiao G. Proxy multi-signature scheme: a new type of proxy signature scheme. Electronics Letters, 2000, 36(6): 527–528

    Article  Google Scholar 

  18. Lu S, Ostrovsky R, Sahai A, Shacham H, Waters B. Sequential aggregate signatures and multisignatures without random oracles. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2006, 465–485

  19. Ristenpart T, Yilek S. The power of proofs-of-possession: securing multiparty signatures against rogue-key attacks. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2007, 228–245

  20. Cao F, Cao Z. A secure identity-based proxy multi-signature scheme. Information Sciences, 2009, 179(3): 292–302

    Article  MathSciNet  Google Scholar 

  21. Li X, Chen K. ID-based multi-proxy signature, proxy multi-signature and multi-proxy multi-signature schemes from bilinear pairings. Applied Mathematics and Computation, 2005, 169(1): 437–450

    Article  MathSciNet  Google Scholar 

  22. Park J M, Chong E K, Siegel H J. Constructing fair-exchange protocols for E-commerce via distributed computation of RSA signatures. In: Proceedings of the 22nd Annual Symposium on Principles of Distributed Computing. 2003, 172–181

  23. Boldyreva A. Threshold signatures, multisignatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme. In: Proceedings of International Workshop on Public Key Cryptography. 2003, 31–46

  24. Obi O O. Security issues in mobile ad-hoc networks: a survey. The 17th White House Papers Graduate Research In Informatics at Sussex, 2004

  25. Beimel A. Secret-sharing schemes: a survey. In: Proceedings of International Conference on Coding and Cryptology. 2011, 11–46

  26. Alam M K. An approach secret sharing algorithm in cloud computing security over single to multi clouds. CiteSeer, 2013

  27. Tassa T. Hierarchical threshold secret sharing. Journal of Cryptology, 2007, 20(2): 237–264

    Article  MathSciNet  Google Scholar 

  28. Hazay C, Lindell Y. Efficient Secure Two-party Protocols: Techniques and Constructions. Springer Science & Business Media, 2010

  29. Hazay C, Mikkelsen G L, Rabin T, Toft T. Efficient RSA key generation and threshold paillier in the two-party setting. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2012, 313–331

  30. Lindell Y. Fast secure two-party ECDSA signing. In: Proceedings of Annual International Cryptology Conference. 2017, 613–644

  31. Schnorr C P. Efficient signature generation by smart cards. Journal of Cryptology, 1991, 4(3): 161–174

    Article  Google Scholar 

  32. Paillier P. Public-key cryptosystems based on composite degree residuosity classes. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques. 1999, 223–238

Download references

Acknowledgements

The work was supported in part by the National Key Research and Development Program of China (2018YFC1315404), the National Natural Science Foundation of China (Grant Nos. 61572379, and 61501333), and the fund of the Jiangsu Key Laboratory of Big Data Security & Intelligent Processing (BDSIP1807).

Author information

Authors and Affiliations

  1. Key Laboratory of Aerospace Information Security and Trusted Computing of Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Wuhan, 430072, China

    Yudi Zhang & Debiao He

  2. School of Computer Sciences, Hubei University of Technology, Wuhan, 430068, China

    Mingwu Zhang

  3. Department of Information Systems and Cyber Security and Department of Electrical and Computer Engineering, University of Texas at San Antonio, San Antonio, TX, 78249, USA

    Kim-Kwang Raymond Choo

Authors
  1. Yudi Zhang
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Debiao He
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Mingwu Zhang
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Kim-Kwang Raymond Choo
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Debiao He.

Additional information

Yudi Zhang received his Master degree from Hubei University of Technology, China in 2017. He is currently pursing his PhD degree at School of Cyber Science and Engineering, Wuhan University, China. His main research interests include cryptography and information security, in particular, cryptographic protocols.

Debiao He received his PhD degree in applied mathematics from School of Mathematics and Statistics, Wuhan University, China in 2009. He is currently an professor of the School of Cyber Science and Engineering, Wuhan University, China. His main research interests include cryptography and information security, in particular, cryptographic protocols.

Mingwu Zhang is a professor with the School of Computer Sciences, Hubei University of Technology (HBUT), China. From August 2010 to August 2012, he was a JSPS postdoctoral fellow of the Japan Society of Promotion Sciences, Institute of Mathematics for Industry, Kyushu University, Fukuoka, Japan. He is the Director of Institute of Data Security and Privacy Preservation of HBUT, China. His research interests include cryptography technology for networks, secure computations, privacy preservations, etc.

Kim-Kwang Raymond Choo received his PhD in Information Security in 2006 from Queensland University of Technology, Australia. He currently holds the Cloud Technology Endowed Professorship at The University of Texas at San Antonio, USA. He is the recipient of various awards including the 2018 UTSA College of Business Col. Jean Piccione and Lt. Col. Philip Piccione Endowed Research Award for Tenured Faculty, Outstanding Associate Editor of 2018 for IEEE Access, IEEE TrustCom 2018 Best Paper Award, ESORICS 2015 Best Paper Award, Winning Team of the Germany’s University of Erlangen-Nuremberg (FAU) Digital Forensics Research Challenge 2015, 2014 Highly Commended Award by the Australia New Zealand Policing Advisory Agency, Fulbright Scholarship in 2009, 2008 Australia Day Achievement Medallion, and British Computer Society’s Wilkes Award in 2008. He is a fellow of the Australian Computer Society, IEEE Senior Member and Co-Chair of IEEE Multimedia Communications Technical Committee’s Digital Rights Management for Multimedia Interest Group.

Electronic Supplementary Material

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhang, Y., He, D., Zhang, M. et al. A provable-secure and practical two-party distributed signing protocol for SM2 signature algorithm. Front. Comput. Sci. 14, 143803 (2020). https://doi.org/10.1007/s11704-018-8106-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11704-018-8106-9

Keywords