National Secret Substitution of zk-snark Bilinear Pair

doi:10.3969/j.issn.1671-1122.2019.10.002

Abstract

Abstract:

In recent years, with the emphasis on privacy protection, zero-knowledge proof technology has also developed rapidly. zk-snark is a compact non-interactive zero-knowledge proof protocol, in which the polynomial division algorithm is implemented by the fast Fourier transform algorithm, which requires that the order of the bilinear pair used by zk-snark satisfy formula: n-1|220. However, the bilinear pairing used in the current national secret SM9 algorithm does not meet this requirement. If the direct replacement with the existing bilinear pair is directly used, the performance of zk-snark will be greatly reduced. In this paper, based on the BN curve to construct a bilinear pairing method, a national secret substitution of zk-snark bilinear pairnally densified scheme of zk-snark bilinear pairing is proposed. Under the premise of not affecting the performance of zk-snark, the security requirements of the national secret are met, so that zk -snark can be applied to national secret products.

Key words: information security, bilinear pair, BN curve, zk-snark, SM9

CLC Number:

TP309

Lin LI, Xuxia ZHANG. National Secret Substitution of zk-snark Bilinear Pair[J]. Netinfo Security, 2019, 19(10): 10-15.

Figures/Tables 2

References 11

[1]	GOLDWASSER S, MICALI S, RACKOFF C.The Knowledge Complexity of Interactive Proof Systems[C]//ACM. 17th Annual ACM Symposium on Theory of Computing, May 6-8, 1985, Providence, Rhode Island, USA. New York: ACM, 1985: 291-304.
[2]	FIAT A, SHAMIR A.How to Prove Yourself: Practical Solutions to Identification and Signature Problems[C]//Springer. Conference on the Theory and Application of Cryptographic Techniques, August 11-15, 1986, Santa Barbara, California, USA. Heidelberg: Springer, 1986: 186-194.
[3]	GENNARO R, GENTRY C, PARNO B, et al.Quadratic Span Programs and Succinct NIZKs without PCPs[C]//Springer. 2013 Annual International Conference on the Theory and Applications of Cryptographic Techniques, May 26-30, 2013, Athens, Greece. Heidelberg: Springer, 2013: 626-645.
[4]	SASSON E B, CHIESA A, GARMAN C, et al.Zerocash: Decentralized Anonymous Payments from Bitcoin[C]//IEEE. 2014 IEEE Symposium on Security and Privacy, May 18-21, 2014, San Jose, CA, USA. New Jersey: IEEE, 2014: 459-474.
[5]	CSES. SM9 Identification Cryptography Algorithm[EB/OL]. , 2016-3-28.
	工标网. SM9标识密码算法[EB/OL]. .
[6]	BARRETO P S L M, NAEHRIG M. Pairing-friendly Elliptic Curves of Prime Order[C]//Springer. 2005 International Workshop on Selected Areas in Cryptography, August 11-12, 2005, Kingston, ON, Canada. Heidelberg: Springer, 2005: 319-331.
[7]	MAO Wenbo, WANG Jilin.Modern Cryptography Theory and Practice[M]. Beijing: Electronic Industry Press, 2004.
	毛文波,王继林.现代密码学理论与实践[M].北京:电子工业出版社,2004.
[8]	XU Qiuliang, LI Daxing.Constructing Elliptic Curves Suitable for Cryptosystems-methods and Implementation[J]. Chinese Journal of Computers, 1998, 21(12): 1059-1065.
	徐秋亮,李大兴. 适用于建立密码体制的椭圆曲线的构造方法及实现[J]. 计算机学报,1998,21(12):1059-1065.
[9]	HISIL H, WONG K K H, CARTER G, et al. Twisted Edwards Curves Revisited[C]//Springer. International Conference on the Theory and Application of Cryptology and Information Security, December 7-11, 2008, Melbourne, VIC, Australia. Heidelberg: Springer, 2008: 326-343.
[10]	MILLER V.Short Programs for Functions on Curves[J]. Unpublished Manuscript, 1986, 97(101-102): 44.
[11]	NAEHRIG M, NIEDERHAGEN R, SCHWABE P.New Software Speed Records for Cryptographic Pairings[C]//Springer. International Conference on Cryptology and Information Security in Latin America, August 8-11, 2010, Puebla, Mexico. Heidelberg: Springer, 2010: 109-123.

参数名	参数值
基域	1098213DB62D24002847500083800000412D7C6000000000278D0000000000001
群的阶	1098213DB62D2400284750008380000030E21D4800000000278D0000000000001
迹	104B5F180000000000000000000000001
b	17
G1的生成元	X: 93DE051D62BF718FF5ED0704487D01D6E1E4086909DC3280E8C4E4817C66DDEF Y: 816D24EAB9800D53531A6D71A055F5DA65B506219114EFA6B17F384F0D47CCE7
扭曲线参数
G2的生成元	X:(F57BE8BFE8C8DDCBBDACB8642303796B81E0CDD2B672B97ED6F06ED9AEE548C2, 8AA843A5EC41AF18B066C7D209A9346E08699D73CC35D80794D3ED0EBD2FD0DF) Y:(40E9BBF7281AA2390590DCE41BF609100332C26E22A0FB176D5F3BCCAEDECC36, CF966E44BE216F48CF09C22DCB661DDE71806ED6591688AF95E73A297451A4FF)

	SM9标准双线性对方案	本文双线性对方案
参数选取	不支持傅里叶变换	支持傅里叶变换
zk-snark性能	多项式除法无法优化	多项式除法可优化
支持zk-snark情况	不支持zk-snark	支持zk-snark

[1]	ZHOU Yihua, LV Zhuqing, YANG Yuguang, SHI Weimin. Data Deposit Management System Based on Blockchain Technology [J]. Netinfo Security, 2019, 19(8): 8-14.
[2]	ZHANG Xuefeng, PENG Hua. Blind Signature Scheme Based on SM9 Algorithm [J]. Netinfo Security, 2019, 19(8): 61-67.
[3]	WANG Yue, CHENG Xiangguo, WANG Xuqi. Research on Key-insulated Group Signature Scheme Based on Bilinear Pairings [J]. 信息网络安全, 2018, 18(6): 61-66.
[4]	CHEN Yan, GE Jianyong, LAI Jing, LU Zhen. Security System of the Information System in the Cloud [J]. 信息网络安全, 2018, 18(4): 79-86.
[5]	LV Congdong, HAN Zhen. A Security Model of Cloud Computing Based on IP Model [J]. 信息网络安全, 2018, 18(11): 27-32.
[6]	KANG Baoyuan, WANG Jiaqiang, SHAO Dongyang, LI Chunqing. A Secure Authentication and Key Agreement Protocol for Heterogeneous Ad Hoc Wireless Sensor Networks [J]. 信息网络安全, 2018, 18(1): 23-30.
[7]	GU Chunhua, GAO Yuan, TIAN Xiuxia. Security Optimized RBAC Access Control Model [J]. 信息网络安全, 2017, 17(5): 74-79.
[8]	LIANG Zhong, ZHOU Jiakun, ZHU Han, CHEN Bo. Research on Aggregation Technology for Information Security Knowledge Based on Security Ontology [J]. 信息网络安全, 2017, 17(4): 78-85.
[9]	CHEN Yameng, CHENG Xiangguo, WANG Shuo, GAO Ming. Research on Certificateless Group Signature Scheme Based on Bilinear Pairings [J]. 信息网络安全, 2017, 17(3): 53-58.
[10]	TANG Chunming, GAO Long. Multi-parties Key Agreement Protocol in Block Chain [J]. 信息网络安全, 2017, 17(12): 17-21.
[11]	ZHOU Jingzhe, CHEN Changsong. Analysis of Network Information Security in the Cloud Computing Architecture [J]. 信息网络安全, 2017, 17(11): 74-79.
[12]	SU Qi, WANG Wei, LIU Yin, YU Zhanpeng. Research on the Scheme of Information Security Protection in Electric Power Industry [J]. 信息网络安全, 2017, 17(11): 84-88.
[13]	HUANG Nana, WAN Liang, DENG Xuankun, YI Huifan. A Cross Site Script Vulnerability Detection Technology Based on Sequential Minimum Optimization Algorithm [J]. 信息网络安全, 2017, 17(10): 55-62.
[14]	ZHANG Lei, YU Dongsheng, YANG Jun, HU Jiming. Research on Information Security Supervision Strategy Based on Private Cloud Model [J]. 信息网络安全, 2017, 17(10): 86-89.
[15]	WANG Yubin, CHEN Si, CHENG Nan. Research on Industrial Control System Security Defense [J]. 信息网络安全, 2016, 16(9): 35-39.