Page 111 - 《软件学报》2025年第10期

P. 111

4508 软件学报 2025 年第 36 卷第 10 期

regarded as a critical foundation for security. Energy conservation and the maximization of computing power support have been identified
as key research directions. Therefore, a post-quantum blockchain system featuring diversified computing power and autonomous post-
quantum signature is proposed in this study. The Dilithium signature scheme, recommended by the National Institute of Standards and
Technology (NIST) as a preferred and general-purpose post-quantum signature standard, relies on the security of MLWE and MSIS
problems in power-of-two cyclotomic rings. However, similar to the early adoption of the EC-DSA standard in Bitcoin without adherence
to the NIST-specific elliptic curves, the rich algebraic structure of power-of-two cyclotomic rings poses greater risks and uncertainties
regarding long-term security. To address this, a more conservative and secure approach, based on post-quantum lattice-based cryptography
with fewer algebraic structures, is constructed. In this study, a Dilithium variant, Dilithium-Prime, based on a large-Galois-group prime-
degree prime-ideal field, is proposed as the signature algorithm for the post-quantum blockchain system to ensure high-confidence
transaction signing with post-quantum security. To maximize the computing power support for the post-quantum public blockchain and
address the current issue of declining mining pool and miner income, a multi-parent chain auxiliary proof-of-work consensus mechanism is
introduced. This mechanism enables the request of computing power from all miners using Sha256 and Scrypt hash calculations to assist
in consensus without increasing the workload for existing miners and mining pools. As a result, the source of computing power for the
post-quantum blockchain is expanded, and the utilization rate of existing mining pools and miners is improved. In addition, a block and
transaction structure, along with a difficulty adjustment algorithm tailored for this multi-parent chain auxiliary proof-of-work consensus
mechanism, is proposed. This system stabilizes the block production ratio and production time across different levels of computing power
and effectively responds to extreme cases, such as sudden surges or reductions in computing power, ensuring the system’s robustness.
Key words: blockchain; post-quantum cryptography; consensus mechanism; auxiliary proof-of-work

区块链技术最早由 Nakamoto 在 2008 年提出 [1] , 以数字签名算法、共识机制等为基础, 具有去中心化、不可
篡改等性质, 广泛应用于数字资产管理、跨境支付、数据共享等方面. 其中, 比特币作为目前认可程度最高的公
链, 有数量众多的用户和一定的应用场景. 同时, 也出现了采用比特币相同的架构与共识算法的莱特币等公链.
以比特币为代表的这类区块链公链应用椭圆曲线数字签名算法, 在交易过程中用户通过私钥签名并提交数据
和签名到链上的方式, 有效保证区块链数据的安全性和正确性. 但是, 随着量子计算机的出现, 椭圆曲线数字签名
算法等传统密码的安全性不能在量子时代得到保证, 进而对区块链系统的安全性会产生严重影响.
此外, 比特币等区块链系统中采用工作量证明 (proof-of-work) 共识机制 [1] , 算法核心思想是计算满足一定难度
的哈希值, 计算成功的节点具有出块权. 工作量证明共识机制具有去中心化程度高等优点, 但也有利用率低、消耗
能源多等缺点. 随着比特币在 2024 年 4 月的第 4 次减半, 大部分现存的矿池和矿工的收益率大幅下降, 迫切希望在
不额外增加算力投入的前提下实现收入的多元化. 在量子计算机出现后, 也需要更多的算力提高区块链的安全性.
同时, 在共识中需要通过难度调整算法使得区块平均出块时间尽可能维持在目标值, 以此保证区块链系统的
稳定性. 而难度调整算法因为调整周期过长, 难以对全网算力的突然变化及时做出调整, 算力的突增突减都会对系
统的稳定性产生影响.
针对上述背景和问题, 本文在比特币类的采用工作量证明共识算法和 UTXO 脚本的公链基础上设计了使用
后量子数字签名算法的支持多种算力共识的区块链系统, 主要具有以下 3 点贡献.
(1) 设计并实现了多父链辅助工作量证明共识机制 (multi-parent chain auxiliary proof-of-work consensus
algorithm, Mul-AuxPoW). 该共识机制使其他在工作量证明中采用 Sha256 和 Scrypt 哈希算法的公链作为父链提供
算力支持. 优势是复用父链为了共识消耗的能源, 子链本身并不需要额外的算力和能源消耗, 同时也可以解决现存
矿池和矿工收益率日益减少的困境, 使得他们在不额外增加算力和能源消耗的前提下实现更多收入.
(2) 基于多父链辅助工作量证明共识机制设计了难度调整算法. 算法支持不同算力来源的父链出块数保持在
一定比例以激励小算力. 算法通过对于出块边界值的计算, 更加灵活调整难度, 有效应对算力突增突减的情况.
(3) 在区块链中应用基于素阶数域的高效数字签名方案: Dilithium-Prime 算法 [2] . 相比于基于 power-of-two 分
圆环的 Dilithium 后量子签名标准, 其代数结构更少、置信度更高. 在算法应用中, 对区块链的交易脚本扩容, 适配
后量子数字签名算法.
本文第 1 节介绍工作量证明共识机制以及后量子签名在区块链系统应用的相关工作. 第 2 节介绍架构以及相
关实现细节. 第 3 节对多父链辅助工作量证明共识机制以及难度调整算法的安全性与正确性进行理论分析以及效

106 107 108 109 110 111 112 113 114 115 116