软件学报 ISSN 1000-9825, CODEN RUXUEW                                        E-mail: jos@iscas.ac.cn
         Journal of Software,2021,32(9):2935−2944 [doi: 10.13328/j.cnki.jos.006019]   http://www.jos.org.cn
         ©中国科学院软件研究所版权所有.                                                          Tel: +86-10-62562563


                                                 ∗
         抗量子计算的多变量盲签名方案

         俞惠芳,   付帅凤


         (西安邮电大学  网络空间安全学院,陕西  西安  710121)
         通讯作者:  俞惠芳, E-mail: yuhuifang@xupt.edu.cn

         摘   要:  盲签名是一种特殊的数字签名,可广泛应用于各种匿名场合.目前,大多数盲签名的安全性主要基于大整
         数分解问题或离散对数问题的难解性.然而,实用量子计算机的即将诞生会使得传统的盲签名不再安全,而且量子算
         法的出现对传统的盲签名亦提出了挑战.因此,构造能够防御量子计算攻击的盲签名方案具有重要的意义.多变量公
         钥密码是后量子密码的主要候选者之一.在多变量公钥密码和盲签名的理论基础上,设计了一种新颖的多变量公钥
                                                                 r
                                                              r
         密码体制下的盲签名方案.该密码方案借助另一非线性可逆变换 L:F →F 将签名的公私钥分离,减少了公私钥之间
         的线性关系,提高了盲签名的安全性.分析表明:该密码方案不仅具有盲性、不可伪造性和不可追踪性,而且还具有
         计算复杂度低及抗量子计算攻击的优点.
         关键词:  多变量;盲签名;非满射中心映射;后量子安全
         中图法分类号: TP309

         中文引用格式:  俞惠芳,付帅凤.抗量子计算的多变量盲签名方案.软件学报,2021,32(9):2935−2944.  http://www.jos.org.cn/
         1000-9825/6019.htm
         英文引用格式: Yu HF, Fu SF. Post-Quantum blind signature scheme based on multivariate cryptosystem. Ruan Jian Xue Bao/
         Journal of Software, 2021,32(9):2935−2944 (in Chinese). http://www.jos.org.cn/1000-9825/6019.htm
         Post-quantum Blind Signature Scheme Based on Multivariate Cryptosystem

         YU Hui-Fang,    FU Shuai-Feng
         (School of Cyberspace Security, Xi’an University of Posts & Telecommunications, Xi’an 710121, China)

         Abstract:    Blind  signature is  a special digital signature,  which  is  widely used in various anonymity  environments.  At present,  the
         security of most blind signature schemes is mainly based on the intractability of large integer factoring (LIF) or discrete logarithm (DL)
         problems. However, with the birth of practical quantum computers, the traditional public key cryptosystem will be unsecure; moreover,
         the quantum algorithms make it face severe challenges. Hence, it is of great value to construct blind signature schemes that can resist the
         quantum computing attacks. One of main candidates of post-quantum cryptosystems is multivariate public key cryptosystem (MPKC). On
         the basis of the theory of MPKC and blind signature, a post-quantum blind signature scheme is proposed based on MPKC. The proposed
                                                                                             r
                                                                                                r
         cryptographic scheme separates the public and private keys of the signature by using another nonlinear reversible transformation L:F →F ,
         which reduces the linear relationship between the public and private keys. Accordingly, it improves the security of the blind signature
         scheme. Analysis shows that this cryptographic scheme has the blindness, unforgeability, and untraceability; in addition, it has the merits
         of low computational complexity and resisting quantum computing attacks.
         Key words:    multivariate; blind signature; nonsurjective center mapping; post-quantum security

                         [1]
             1983 年,Chaum 首次提出了盲签名的概念.盲签名是一种具有消息盲化特性的签名.假设消息拥有者想要
         签名者对待签消息进行签名,但是又不想让签名者知道待签消息的具体内容,即使以后签名者又见到了该消息

            ∗  基金项目:  陕西省自然科学基金基础研究计划(2020JZ-54);  西安邮电大学研究生创新基金(CXJJLY2018076)
              Foundation item: Key Program of Natural Science Basic Research Plan of Shaanxi Province (2020JZ-54); Innovation Foundation of
         Postgraduate of Xi’an University of Posts & Telecommunications (CXJJLY2018076)
              收稿时间: 2019-04-14;  修改时间: 2019-11-20, 2020-01-03;  采用时间: 2020-02-06; jos 在线出版时间: 2021-04-20