Multi-party co-signature scheme based on SM2

PLOS ONE RESEARCH ARTICLE Multi-party co-signature scheme based on SM2 Liang Tan1¤c, Xinglin Shang ID1, Liping Zou1☯¤a, Hekun Yang1☯¤b, Yi Wen1, Zhongzhu Liu ID2* 1 College of Computer Science, Sichuan Normal University, Chengdu, Sichuan, China, 2 School of Mathematics and Statistics, Huizhou University, Guangdong Province, China a1111111111 a1111111111 a1111111111 a1111111111 a1111111111 ☯ These authors contributed equally to this work. ¤a Current address: Southwest Petroleum University, Network and Information Center, Chengdu, Sichuan, China ¤b Current address: Department of Computer Science, Sichuan Aerospace Vocational College, Chengdu, Sichuan, China ¤c Current address: Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China * Abstract OPEN ACCESS Citation: Tan L, Shang X, Zou L, Yang H, Wen Y, Liu Z (2023) Multi-party co-signature scheme based on SM2. PLoS ONE 18(2): e0268245. https://doi.org/10.1371/journal.pone.0268245 Editor: Pandi Vijayakumar, University College of Engineering Tindivanam, INDIA Received: December 27, 2021 Accepted: April 26, 2022 Published: February 6, 2023 Peer Review History: PLOS recognizes the benefits of transparency in the peer review process; therefore, we enable the publication of all of the content of peer review and author responses alongside final, published articles. The editorial history of this article is available here: https://doi.org/10.1371/journal.pone.0268245 Copyright: © 2023 Tan et al. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. Data Availability Statement: The data underlying the results presented in the study are available from the Open Science Framework database (https://osf.io/BHX32/). Funding: This work was supported by the National Natural Science Foundation of China 61373162, the Two-party collaborative signature scheme is an important cryptographic technology for user authentication and data integrity protection when using mobile devices for financial and securities transactions. However, the two-party collaboration scheme has the following shortcomings: firstly, it is not flexible enough, and it requires the collaborating parties to be secure and trusted; secondly, the two-party collaboration security still needs to be improved. Once a hacker obtains the signature private key and collaborative identity of a mobile device, it can construct a legitimate two-party collaborative signature. Third, the application scenario of two-party co-signature is limited and cannot meet the application scenario of multi-device co-signature. For this reason, this paper designs a multi-party collaborative signature scheme based on SM2 digital signature algorithm in the standard “SM2 Elliptic Curve Public Key Cryptography” of GM/T003-2012. This scheme consists of multiple (more than 2) participants to jointly generate the signature group public key and valid signature in an interactive manner, while ensuring that each user cannot know the signature key other than their own during the signing process. We implement this scheme based on the GMP library. The experimental results show that this scheme is not only flexible but also more secure and trustworthy to meet the application scenario of multi-device collaborative signing. In addition, the time for multiple participants to construct signatures in this scheme is similar, and the time for signature verification is less different from that of the original SM2 signature. Introduction With the rapid development of mobile Internet, the owners of mobile smart devices are increasing, and device owners can use their mobile devices to communicate with each other anytime and anywhere, and mobile devices have been fully integrated into the production life PLOS ONE | https://doi.org/10.1371/journal.pone.0268245 February 6, 2023 1 / 24 PLOS ONE Sichuan Provincial Science and Technology Support Project 2019YFG0183, and the Sichuan Provincial Key Laboratory Project KJ201402. The funder had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript. Competing interests: The authors have declared that no competing interests exist. Multi-party co-signature scheme based on SM2 of society. According to real-time data from GSMA intelligence, as of the end of 2019, there are currently more than 5.2 billion unique owners of mobile devices worldwide (i.e., more than 67% of the world’s population has a mobile device), and this number is forecast to increase to 5.8 billion by the end of 2025, accounting for 70% of the world’s population [1]. Nowadays, it is very common for users to use mobile devices to conduct financial, securities and other transactions, and it has become particularly important to ensure the security of sensitive user data and transaction processes [2–4]. Data signature is an important cryptographic technology for authentication of mobile device users and integrity protection of mobile device data, which can play an important role in protecting users’ sensitive data and transaction process security. However, the digital signature technology has extremely high requirements for the storage and management of the signature private key of the mobile device, mobile devices themselves have security risks such as easy loss or hijacking, and limited computing power, if the software module is used to save the signature private key to the local or smart chip [5], this simple device security deployment and open network connections make mobile devices extremely easy to become the target of network attacks [6, 7]. Once the mobile device is hacked and the signature private key is stolen, the hacker can pretend to be a user in banking, insurance, securities, transportation, postal, ecommerce, mobile communications and other industries to conduct transactions, causing huge economic losses to the user. Currently, there are two specific methods to solve this problem. One is the threshold signature scheme based on Shamir’s secret sharing, which splits the signature private key of a device among n participants when and only when there are more than a threshold t (t�n) participants collaboratively recovering the complete private key and signing it with their respective private key slice [8]. The signature private key slice in this scheme is no longer stored and managed by a unique device but by n devices, thus it is more secure and trustworthy, and even if a hacker breaks one or m(m < t) of the devices and obtains their private key slice, it still cannot construct a legitimate signature. However, this scheme is difficult to apply to mobile terminals with limited computing and storage resources. In addition such threshold signature schemes [9–13] all require the participation of trusted centers and suffer from high communication computat (...truncated)