Collaborative Generations Of Sm9 Private Key And Digital Signature Using Homomorphic Encryption

Abstract

SM9 is a class of identity based cryptography (IBC) schemes released by the State Cryptography Administration of China. With SM9, a user’s private key is generated by a central system called private key generator (PKG) using a master key. To prevent the disastrous damage caused by the master key leakage and to meet the corporate customers’ requirement of involving in the key generation process, two collaborative SM9 private key generation schemes are proposed, in which a user’s SM9 private key is collaboratively generated by two separate PKGs sharing the master key. The two PKGs are deployed in an SM9 private key service provider’s site or one of the PKGs is deployed in the private key service provider’s site while the other is deployed in a corporate customer’s site. To alleviate the possible loss caused by the leakage of a user’s private key in the end device that has no dedicated cryptographic hardware, an SM9 signature collaborative generation scheme is proposed, in which the secret of a user’s SM9 private key is shared between the user’s end device and a dedicated cryptographic device, and the devices collaborate to generate the signature to a message with their respective secret shares when signing a message with the SM9 private key is required. The approach for the proposed schemes is secret sharing and homomorphic encryption. The proposed schemes effectively address the private key leakage issues mentioned above.