基于图的数据系统通用指定验证者传递签名证明方案

IF 1.5 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Concurrency and Computation-Practice & Experience Pub Date : 2025-09-23 DOI:10.1002/cpe.70295

Yucan Xu, Qixin Wang, Yufei Ren, Ying Hu, Fei Zhu, Wei Wu, Shaojun Yang

{"title":"基于图的数据系统通用指定验证者传递签名证明方案","authors":"Yucan Xu, Qixin Wang, Yufei Ren, Ying Hu, Fei Zhu, Wei Wu, Shaojun Yang","doi":"10.1002/cpe.70295","DOIUrl":null,"url":null,"abstract":"<div>\n \n Transitive signatures are a special type of homomorphic signature proposed by Turing Award winners Micali and Rivest, which are highly suitable for authenticating dynamically growing graph-based data systems. In such a signature scheme, anyone with the signer's public key is allowed to generate a signature for a composed edge <math>\n <semantics>\n <mrow>\n <mo>(</mo>\n <mi>i</mi>\n <mo>,</mo>\n <mi>k</mi>\n <mo>)</mo>\n </mrow>\n <annotation>$$ \\left(i,k\\right) $$</annotation>\n </semantics></math>, from two signatures on adjacent edges <math>\n <semantics>\n <mrow>\n <mo>(</mo>\n <mi>i</mi>\n <mo>,</mo>\n <mi>j</mi>\n <mo>)</mo>\n </mrow>\n <annotation>$$ \\left(i,j\\right) $$</annotation>\n </semantics></math> and <math>\n <semantics>\n <mrow>\n <mo>(</mo>\n <mi>j</mi>\n <mo>,</mo>\n <mi>k</mi>\n <mo>)</mo>\n </mrow>\n <annotation>$$ \\left(j,k\\right) $$</annotation>\n </semantics></math>. To prevent the problem of malicious dissemination of signatures by verifiers leading to data privacy leakage, researchers have proposed a series of universal designated verifier transitive signature (UDVTS) schemes. However, existing work requires that the designated verifier create its own secret-public key pair using the public key parameters provided by the signer. Besides, these schemes suffer from significant performance defects due to expensive pairing or exponentiation operations. In this work, we design a pairing-free and exponentiation-free UDVTS proof scheme based on the SM2 digital signature algorithm and a zero-knowledge proof scheme. We prove the security of our construction based on rigorous cryptographic assumptions. The performance comparison with related work shows that our UDVTS proof scheme has an optimal computational cost and desirable communication cost. For example, compared to the state-of-the-art work, we reduce the signing cost by <math>\n <semantics>\n <mrow>\n <mn>70</mn>\n <mo>.</mo>\n <mn>54</mn>\n <mo>%</mo>\n </mrow>\n <annotation>$$ 70.54\\% $$</annotation>\n </semantics></math> and the designated verification cost by <math>\n <semantics>\n <mrow>\n <mn>96</mn>\n <mo>.</mo>\n <mn>05</mn>\n <mo>%</mo>\n </mrow>\n <annotation>$$ 96.05\\% $$</annotation>\n </semantics></math>.\n </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 23-24","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2025-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Practical Universal Designated Verifier Transitive Signature Proof Scheme for Graph-Based Data Systems\",\"authors\":\"Yucan Xu, Qixin Wang, Yufei Ren, Ying Hu, Fei Zhu, Wei Wu, Shaojun Yang\",\"doi\":\"10.1002/cpe.70295\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div>\\n \\n Transitive signatures are a special type of homomorphic signature proposed by Turing Award winners Micali and Rivest, which are highly suitable for authenticating dynamically growing graph-based data systems. In such a signature scheme, anyone with the signer's public key is allowed to generate a signature for a composed edge <math>\\n <semantics>\\n <mrow>\\n <mo>(</mo>\\n <mi>i</mi>\\n <mo>,</mo>\\n <mi>k</mi>\\n <mo>)</mo>\\n </mrow>\\n <annotation>$$ \\\\left(i,k\\\\right) $$</annotation>\\n </semantics></math>, from two signatures on adjacent edges <math>\\n <semantics>\\n <mrow>\\n <mo>(</mo>\\n <mi>i</mi>\\n <mo>,</mo>\\n <mi>j</mi>\\n <mo>)</mo>\\n </mrow>\\n <annotation>$$ \\\\left(i,j\\\\right) $$</annotation>\\n </semantics></math> and <math>\\n <semantics>\\n <mrow>\\n <mo>(</mo>\\n <mi>j</mi>\\n <mo>,</mo>\\n <mi>k</mi>\\n <mo>)</mo>\\n </mrow>\\n <annotation>$$ \\\\left(j,k\\\\right) $$</annotation>\\n </semantics></math>. To prevent the problem of malicious dissemination of signatures by verifiers leading to data privacy leakage, researchers have proposed a series of universal designated verifier transitive signature (UDVTS) schemes. However, existing work requires that the designated verifier create its own secret-public key pair using the public key parameters provided by the signer. Besides, these schemes suffer from significant performance defects due to expensive pairing or exponentiation operations. In this work, we design a pairing-free and exponentiation-free UDVTS proof scheme based on the SM2 digital signature algorithm and a zero-knowledge proof scheme. We prove the security of our construction based on rigorous cryptographic assumptions. The performance comparison with related work shows that our UDVTS proof scheme has an optimal computational cost and desirable communication cost. For example, compared to the state-of-the-art work, we reduce the signing cost by <math>\\n <semantics>\\n <mrow>\\n <mn>70</mn>\\n <mo>.</mo>\\n <mn>54</mn>\\n <mo>%</mo>\\n </mrow>\\n <annotation>$$ 70.54\\\\% $$</annotation>\\n </semantics></math> and the designated verification cost by <math>\\n <semantics>\\n <mrow>\\n <mn>96</mn>\\n <mo>.</mo>\\n <mn>05</mn>\\n <mo>%</mo>\\n </mrow>\\n <annotation>$$ 96.05\\\\% $$</annotation>\\n </semantics></math>.\\n </div>\",\"PeriodicalId\":55214,\"journal\":{\"name\":\"Concurrency and Computation-Practice & Experience\",\"volume\":\"37 23-24\",\"pages\":\"\"},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2025-09-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Concurrency and Computation-Practice & Experience\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1002/cpe.70295\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Concurrency and Computation-Practice & Experience","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/cpe.70295","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

摘要

传递签名是图灵奖获得者Micali和Rivest提出的一种特殊类型的同态签名，非常适合于对动态增长的基于图的数据系统进行身份验证。在这样的签名方案中，任何拥有签名者公钥的人都可以从相邻边（i, k）上的两个签名生成一条合成边（i, k） $$ \left(i,k\right) $$的签名。J) $$ \left(i,j\right) $$和（J, k） $$ \left(j,k\right) $$。为了防止验证者恶意传播签名导致数据隐私泄露的问题，研究人员提出了一系列通用指定验证者传递签名（UDVTS）方案。但是，现有的工作要求指定的验证者使用签名者提供的公钥参数创建自己的私钥-公钥对。此外，由于昂贵的配对或求幂操作，这些方案存在明显的性能缺陷。本文基于SM2数字签名算法和零知识证明方案，设计了一种无配对、无幂的UDVTS证明方案。我们基于严格的密码学假设证明了我们的结构的安全性。与相关工作的性能比较表明，我们的UDVTS证明方案具有最优的计算成本和理想的通信成本。例如，与最先进的工作相比，我们减少了70％的签约成本。54 % $$ 70.54\% $$ and the designated verification cost by 96 . 05 % $$ 96.05\% $$ .

本文章由计算机程序翻译，如有差异，请以英文原文为准。

Practical Universal Designated Verifier Transitive Signature Proof Scheme for Graph-Based Data Systems

查看原文本刊更多论文

Practical Universal Designated Verifier Transitive Signature Proof Scheme for Graph-Based Data Systems

Transitive signatures are a special type of homomorphic signature proposed by Turing Award winners Micali and Rivest, which are highly suitable for authenticating dynamically growing graph-based data systems. In such a signature scheme, anyone with the signer's public key is allowed to generate a signature for a composed edge $(i, k)$ , from two signatures on adjacent edges $(i, j)$ and $(j, k)$ . To prevent the problem of malicious dissemination of signatures by verifiers leading to data privacy leakage, researchers have proposed a series of universal designated verifier transitive signature (UDVTS) schemes. However, existing work requires that the designated verifier create its own secret-public key pair using the public key parameters provided by the signer. Besides, these schemes suffer from significant performance defects due to expensive pairing or exponentiation operations. In this work, we design a pairing-free and exponentiation-free UDVTS proof scheme based on the SM2 digital signature algorithm and a zero-knowledge proof scheme. We prove the security of our construction based on rigorous cryptographic assumptions. The performance comparison with related work shows that our UDVTS proof scheme has an optimal computational cost and desirable communication cost. For example, compared to the state-of-the-art work, we reduce the signing cost by $70.54 %$ and the designated verification cost by $96.05 %$ .

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Concurrency and Computation-Practice & Experience 工程技术-计算机：理论方法

CiteScore

5.00

自引率

10.00%

发文量

664

审稿时长

9.6 months

期刊介绍： Concurrency and Computation: Practice and Experience (CCPE) publishes high-quality, original research papers, and authoritative research review papers, in the overlapping fields of: Parallel and distributed computing; High-performance computing; Computational and data science; Artificial intelligence and machine learning; Big data applications, algorithms, and systems; Network science; Ontologies and semantics; Security and privacy; Cloud/edge/fog computing; Green computing; and Quantum computing.