基于SM9的多方协同盲签名方案

doi:10.3969/j.issn.1671-1122.2026.05.008

摘要/Abstract

摘要：

针对现有国密SM9盲签名方案无法解决多用户场景下协同签名的问题,文章提出一种基于国密SM9的多方协同盲签名方案。该签名方案包括系统初始化、密钥提取、消息盲化、签名、解盲和验证6个步骤。首先对签名私钥进行分割,由密钥生成中心将其分发给各方签名者；然后,在消息拥有者对消息进行盲化后,由各方签名者完成签名方案生成合法的SM9盲签名,并由消息拥有者进行解盲；最后,利用SM9验证算法对签名进行验证。在通用架构下证明了该签名方案的安全性,签名长度接近SM9签名方案,计算开销低于现有协同签名方案。该方案签名各方无法获取消息隐私,且在交互时不会泄露各自的私钥,满足不可伪造性和盲性,解决了多用户盲签名场景下的现实需求,实现了多方协同签名和协同过程的安全性。

关键词: SM9, 盲签名, 可证明安全, 多方协同签名

Abstract:

A multi-party collaborative blind signature scheme based on State Secrets SM9 was proposed to address the issue of collaborative signatures in multi-user scenarios that cannot be solved by existing State Secrets SM9 blind signature schemes. The plan included six steps: system initialization, key extraction, message blinding, signature, unblinding, and verification. Firstly, the signature private key was divided and distributed to all signatories by the key generation center. After the message owner blinded the message, all signatories completed the signature scheme to generate a valid SM9 blind signature, which was then unblinded by the message owner. Finally, the SM9 verification algorithm was used to validate the signature. The security of the signature scheme has been proven under a universal architecture, with signature lengths close to SM9 signature schemes and computational costs lower than existing collaborative signature schemes. This scheme ensures that all parties involved in the signature cannot obtain message privacy and will not disclose their private keys during interaction, meeting the requirements of unforgeability and blinding. It solves the practical needs of multi-user blind signature scenarios and achieves the security of multi-party collaborative signatures and collaborative processes.

Key words: SM9, blind signature, provable secure, multi-party collaborative signature

中图分类号:

TP309

张雪锋, 史上. 基于SM9的多方协同盲签名方案[J]. 信息网络安全, 2026, 26(5): 758-771.

ZHANG Xuefeng, SHI Shang. Multi-Party Collaborative Blind Signature Scheme Based on SM9[J]. Netinfo Security, 2026, 26(5): 758-771.

图/表 7

图1

图2

表1

表2

表3

表4

图3

参考文献 28

[1]	China Internet Network Information Center. The 52nd Statistical Report on the Development of Internet in China was Released and Interpreted by Experts[J]. China Internet, 2023, (9): 11-15.
	中国互联网络信息中心. 第52次《中国互联网络发展状况统计报告》发布及专家解读[J]. 互联网天地, 2023, (9): 11-15.
[2]	DIFFIE W, HELLMAN M. New Directions in Cryptography[J]. IEEE Transactions on Information Theory, 1976, 22(6): 644-654. doi: 10.1109/TIT.1976.1055638 URL
[3]	National Cryptography Administration. SM9 Identification Password Algorithm Part 1 General Principles: GM/T 0044.1-2016[S]. Beijing: Standard Press, 2016.
	国家密码管理局. SM9标识密码算法第1部分总则:GM/T 0044.1-2016[S]. 北京: 标准出版社, 2016.
[4]	National Cryptography Administration. SM9 Identification Password Algorithm Part 2 General Principles: GM/T 0044.2-2016[S]. Beijing: Standard Press, 2016.
	国家密码管理局. SM9标识密码算法第2部分数字签名算法:GM/T 0044.2-2016[S]. 北京: 标准出版社, 2016.
[5]	National Cryptography Administration. SM9 Identification Password Algorithm Part 3 General Principles: GM/T 0044.3-2016[S]. Beijing: Standard Press, 2016.
	国家密码管理局. SM9标识密码算法第3部分密钥交换协议:GM/T 0044.3-2016[S]. 北京: 标准出版社, 2016.
[6]	National Cryptography Administration. SM9 Identification Password Algorithm Part 4 General Principles: GM/T 0044.4-2016[S]. Beijing: Standard Press, 2016.
	国家密码管理局. SM9标识密码算法第4部分密钥封装机制和公钥加密算法:GM/T 0044.4-2016[S]. 北京: 标准出版社, 2016.
[7]	HUANG Wangwang, ZHOU Hua, WANG Daiqiang, et al. Design of IoT Reconfigurable Key Security Authentication Protocol Based on State Secrets SM9[J]. Netinfo Security, 2024, 24(7): 1006-1014.
	黄旺旺, 周骅, 王代强, 等. 基于国密SM9的物联网可重构密钥安全认证协议设计[J]. 信息网络安全, 2024, 24(7): 1006-1014.
[8]	LIU Chenning, ZUO Liming, ZHOU Ting. API KEY Strong Security Application Solution Based on SM9[J]. Software Guide. 2024, 23(10): 146-151.
	刘晨宁, 左黎明, 周婷. 基于SM9的API KEY强安全应用方案[J]. 软件导刊, 2024, 23(10): 146-151.
[9]	ZHAI Peng, HE Jingsha, ZHANG Yu, et al. Identity Authentication Method Based on SM9 Algorithm and Blockchain Technology in the Internet of Things Environment[J]. Netinfo Security, 2024, 24(2): 179-187.
	翟鹏, 何泾沙, 张昱. 物联网环境下基于SM9算法和区块链技术的身份认证方法[J]. 信息网络安全, 2024, 24(2): 179-187.
[10]	LONG Yihong. SM9 Digital Signature Generation Method and System that Supports Multi-Party Collaboration to Enhance Security: CN 110380855A[P]. 2019.10.25.
	龙毅宏. 支持多方协同增强安全的SM9数字签名生成方法及系统:CN 110380855A[P]. 2019.10.25.
[11]	LAI Jianchang, HUANG Xinyi, HE Debiao, et al. Revocation Encryption Scheme Based on SM9[J]. Journal of Software, 2024, 1-12.
	赖建昌, 黄欣沂, 何德彪, 等. 基于SM9的撤销加密方案[J]. 软件学报, 2024, 1-12.
[12]	CHAUM D. Blind Signatures for Untraceable Payments[C]//Springer.Advances in Cryptology: Proceedings of Crypto 82. Heidelberg:Springer, 1983: 199-203.
[13]	POINTCHEVAL D, STERN J. Security Arguments for Digital Signatures and Blind Signatures[J]. Journal of cryptology, 2000, 13: 361-396. doi: 10.1007/s001450010003 URL
[14]	ZHANG Fangguo, KIM K. Efficient ID-Based Blind Signature and Proxy Signature from Bilinear Pairings[C]//Springer.Information Security and Privacy: The 8th Australasian Conference, (ACISP 2003). Heidelberg:Springer, 2003: 312-323.
[15]	WANG Fangxin. A Blind Signature Scheme Based on RSA Algorithm[J]. Computer Knowledge and Technology, 2019, 15(2): 271-272.
	王方鑫. 一种基于RSA算法的盲签名方案[J]. 电脑知识与技术, 2019, 15(2): 271-272.
[16]	ZHANG Xuefeng, PENG Hua. Research on a Blind Signature Scheme Based on SM9 Algorithm[J]. Netinfo Security, 2019, 19(8): 61-67.
	张雪锋, 彭华. 一种基于SM9算法的盲签名方案研究[J]. 信息网络安全, 2019, 19(8): 61-67.
[17]	LYU Yao, HOU Jinpeng, NIE Chong, et al. Partial Blind Signature Scheme Based on SM9 Algorithm[J]. Chinese Journal of Network and Information Security, 2021, 7(4): 147-153.
	吕尧, 侯金鹏, 聂冲, 等. 基于SM9算法的部分盲签名方案[J]. 网络与信息安全学报, 2021, 7(4): 147-153.
[18]	AWASTHI A K, LAL S. Proxy Blind Signature Scheme[EB/OL]. (2003-04-18)[2025-11-23]. https://eprint.iacr.org/2003/072.
[19]	YANG Qing, CHENG Xiaoyun, LIANG Lei, et al. Improved forward Secure Proxy Multi Blind Signature Scheme[J]. Computer & Digital Engineering, 2023, 51(12): 2901-2905.
	杨青, 程晓云, 梁磊, 等. 改进的前向安全代理多重盲签名方案[J]. 计算机与数字工程, 2023, 51(12): 2901-2905.
[20]	HUANG Xiuju, DU Yunfei, LI Zichen. An Efficient Blind Signature Scheme on an Ideal Lattice[J]. Application Research of Computers, 2022, 39(11): 3461-3464.
	黄秀菊, 杜云飞, 李子臣. 一种理想格上高效盲签名方案[J]. 计算机应用研究, 2022, 39(11): 3461-3464.
[21]	RAO Jintao, CUI Zhe. Electronic Voting Scheme Based on SM2 Threshold Blind Signature[J]. Journal of Computer Applications, 2024, 44(2): 512-518. doi: 10.11772/j.issn.1001-9081.2022121876
	饶金涛, 崔喆. 基于SM2门限盲签名电子选举方案[J]. 计算机应用, 2024, 44(2): 512-518. doi: 10.11772/j.issn.1001-9081.2022121876
[22]	SHAO Qing, ZHANG Leijun. Privacy Protection Scheme for Alliance Chain Transaction Based on SM9 and Blind Signature[J]. Journal of Chinese Computer Systems, 2025, 46(1): 217-224.
	邵清, 张磊军. 结合SM9和盲签名的联盟链交易隐私保护方案[J]. 小型微型计算机系统, 2025, 46(1): 217-224.
[23]	BAI Xue, QIN Baodong, Guo Rui, et al. Two Party Cooperative Blind Signature Protocol Based on SM2[J]. Chinese Journal of Network and Information Security, 2022, 8(6): 39-51.
	白雪, 秦宝东, 郭瑞, 等. 基于SM2的两方协作盲签名协议[J]. 网络与信息安全学报, 2022, 8(6): 39-51.
[24]	HE Debiao, FENG Qi, WANG Jing, et al. A Method of Generating SM9 Digital Signature by Multi Parties in Symmetric Environment: CN 109660361A.[P]. 2019.04.19.
	何德彪, 冯琦, 王婧, 等. 一种对称环境下多方联合生成 SM9 数字签名的方法: CN 109660361A.[P]. 2019.04.19.
[25]	MU Yongheng, XU Haixia, LI Peili, et al. Secure Two-Party SM9 Signing[J]. Scientia Sinica(Informationis), 2020, 63(8): 1-3.
	穆永恒, 徐海霞, 李佩丽, 等. 安全的双方SM9签名方案[J]. 中国科学:信息科学, 2020, 63(8): 1-3.
[26]	CHEN Qianqian, QIN Baodong. Two Party Cooperative Blind Signature Scheme Based on SM9[J]. Computer Engineering, 2023, 49(6): 144-153, 161. doi: 10.19678/j.issn.1000-3428.0064968
	陈倩倩, 秦宝东. 基于SM9的两方协同盲签名方案[J]. 计算机工程, 2023, 49(6): 144-153,161. doi: 10.19678/j.issn.1000-3428.0064968
[27]	LAI Jianchang, HUANG Xinyi, HE Debiao, et al. Security Analysis of SM9 Digital Signature and Key Encapsulation Algorithm[J]. Scientia Sinica(Informationis), 2021, 51(11): 1900-1913.
	赖建昌, 黄欣沂, 何德彪, 等. 国密SM9数字签名和密钥封装算法的安全性分析[J]. 中国科学:信息科学, 2021, 51(11): 1900-1913.
[28]	PEREIRA G C C F, SIMPLICIO J M A, NAEHRIG M, et al. A Family of Implementation-Friendly BN Elliptic Curves[J]. Journal of Systems and Software, 2011, 84(8): 1319-1326. doi: 10.1016/j.jss.2011.03.083 URL

符号	含义
$\left\| {{G}_{1}} \right\|$	群${{G}_{1}}$中元素的大小
$\left\| {{G}_{2}} \right\|$	群${{G}_{2}}$中元素的大小
$\left\| {{G}_{T}} \right\|$	群${{G}_{T}}$中元素的大小
$\left\| Z_{N}^{\text{*}} \right\|$	$Z_{N}^{\text{*}}$中元素的大小
$\left\| G \right\|$	群$G$中元素的大小
$\left\| {{Z}_{q}} \right\|$	${{Z}_{q}}$中元素的大小
$\varpi $	签名成员数量

方案	主公钥长度	签名私钥长度	签名长度	盲性	签名参与方数量	ROM
文献[10]	$\left\| {{G}_{T}}\left\| + \right\|{{G}_{1}}\left\| +2 \right\|{{G}_{2}} \right\|$	$\left\| {{G}_{1}} \right\|$	$4\left\| {{G}_{1}} \right\|$	$\times $	$\varpi $	$\times $
文献[16]	$\left\| {{G}_{T}}\left\| + \right\|{{G}_{1}}\left\| +2 \right\|{{G}_{2}} \right\|$	$\left\| {{G}_{1}} \right\|$	$\left\| Z_{N}^{*} \right\|+\left\| {{G}_{1}} \right\|$	$\surd $	1	$\surd $
文献[24]	$\left\| {{G}_{T}}\left\| + \right\|{{G}_{1}}\left\| +2 \right\|{{G}_{2}} \right\|$	$\left\| {{G}_{1}} \right\|$	$\left\| Z_{N}^{*} \right\|+\left\| {{G}_{1}} \right\|$	$\times $	$\varpi $	$\times $
文献[26]	$\left\| {{G}_{T}}\left\| + \right\|{{G}_{1}}\left\| +2 \right\|{{G}_{2}} \right\|$	$\left\| Z_{N}^{*} \right\|,\left\| {{G}_{1}} \right\|$	$\left\| Z_{N}^{*} \right\|+\left\| {{G}_{1}} \right\|$	$\surd $	2	$\surd $
本文方案	$\left\| {{G}_{T}}\left\| + \right\|{{G}_{1}}\left\| +2 \right\|{{G}_{2}} \right\|$	$\left\| Z_{N}^{*} \right\|$	$\left\| Z_{N}^{*} \right\|+\left\| {{G}_{1}} \right\|$	$\surd $	$\varpi $	$\surd $

符号	含义	运行时间/ms
${{T}_{{{M}_{1}}}}$	群${{G}_{1}}$上的点乘运算	0.0281
${{T}_{{{M}_{2}}}}$	群${{G}_{2}}$上的点乘运算	0.0394
${{T}_{{{M}_{T}}}}$	群${{G}_{T}}$上的乘法运算	3.7125
${{T}_{a}}$	椭圆曲线上的点加运算	0.0267
${{T}_{H}}$	哈希算法 $\text{SHA}256$	10.1325
${{T}_{B}}$	群${{G}_{T}}$上的双线性对运算	12.6370
${{T}_{e}}$	群${{G}_{T}}$上的幂运算	1.2319

方案	签名生成	签名验证
文献[10]	$\begin{align} & \left( 4\varpi +6 \right){{T}_{{{M}_{1}}}}+\left( 2\varpi +1 \right){{T}_{a}}+ \\ & {{T}_{H}}+\left( 2\varpi +3 \right){{T}_{e}}+{{T}_{B}}+\varpi {{T}_{{{M}_{T}}}} \\ \end{align}$	$2{{T}_{H}}+{{T}_{{{M}_{2}}}}+3{{T}_{a}}+{{T}_{B}}+3{{T}_{e}}+{{T}_{{{M}_{T}}}}$
文献[16]	$2{{T}_{H}}+{{T}_{B}}+{{T}_{e}}+{{T}_{{{M}_{1}}}}$	$2{{T}_{H}}+{{T}_{{{M}_{2}}}}+{{T}_{a}}+{{T}_{B}}+{{T}_{e}}+{{T}_{{{M}_{T}}}}$
文献[24]	$\begin{align} & \left( 5{{\varpi }^{2}}-3\varpi \right){{T}_{{{M}_{1}}}}+\left( 4{{\varpi }^{2}}-2\varpi -1 \right){{T}_{a}}+ \\ & {{T}_{H}}+\left( \varpi -1 \right){{T}_{{{M}_{T}}}}+\varpi {{T}_{e}}+{{T}_{B}} \\ \end{align}$	$2{{T}_{H}}+{{T}_{{{M}_{2}}}}+{{T}_{a}}+{{T}_{B}}+{{T}_{e}}+{{T}_{{{M}_{T}}}}$
文献[26]	$6{{T}_{{{M}_{1}}}}+3{{T}_{{{M}_{T}}}}+{{T}_{a}}+{{T}_{H}}+6{{T}_{e}}+{{T}_{B}}$	$2{{T}_{H}}+{{T}_{{{M}_{2}}}}+{{T}_{a}}+{{T}_{B}}+{{T}_{e}}+{{T}_{{{M}_{T}}}}$
本文方案	$2{{T}_{{{M}_{1}}}}+\varpi {{T}_{{{M}_{T}}}}+{{T}_{H}}+\left( \varpi +2 \right){{T}_{e}}+{{T}_{B}}$	$2{{T}_{H}}+{{T}_{{{M}_{2}}}}+{{T}_{a}}+{{T}_{B}}+{{T}_{e}}+{{T}_{{{M}_{T}}}}$