CN-121462215-B - Efficient quantum-lattice-resistant password threshold signature method and system for distributed environment

Abstract

The invention relates to a high-efficiency quantum-lattice-password-resisting threshold signature method and system for a distributed environment, which belong to the technical field of new generation information and comprise the steps of inputting a message to be signed, preset parameters and a preprocessed MAC key share to a computer system by participation, extracting the MAC share of each participant, outputting a global shared MAC value, generating a private key polynomial, a noise-containing public key and a key pair by means of RLWE refusing sampling, sharing the key share, generating a random value for the key share and the MAC share of the participant and obtaining a refreshed shared value, generating a private key related random input based on the refreshed parameters and the preset mean standard deviation, generating a message commitment value by combining the random input and the like, selecting challenge bits to generate a partial signature, merging and outputting a final signature by Lagrange interpolation after verification is broadcasted, verifying a message hash commitment and comparing verification value, and outputting a signature result by the computer system.

Inventors

• YUAN HAO
• CHEN YULING
• HE ZHONGXIANG
• SUN JING

Assignees

• 贵州大学

Dates

Publication Date

20260508

Application Date

20251204

Claims (10)

1. 1. A high-efficiency quantum-lattice-resistant password threshold signature method facing a distributed environment is characterized by comprising the following steps: the participation direction computer system inputs the message to be signed, preset parameters and the preprocessed MAC key share; each participant extracts own MAC share, generates a random vector, performs multi-round splitting, recombination, hash operation and consistency verification, and verifies through outputting a global shared MAC value; The participants refuses to sample through RLWE to generate a private key polynomial from the discrete Gaussian distribution, generate a random polynomial with uniform distribution and a public key with error terms, obtain a key pair with noise protection, and share the key share to other participants; The party generates a random shared value and a random multiplication factor for the shared value of the secret key share and the self MAC share, and the refreshed shared value is obtained through multi-round modular addition and modular multiplication iterative operation; The participants generate random input which is related to the private key and accords with statistical distribution through discrete Gaussian distribution sampling, sample discretization and acceptance judgment based on parameters corresponding to the refreshed shared value and preset mean value and standard deviation; The participators generate message promise values of the messages to be signed by using a hash function based on the random input and combining the global shared MAC value, the refreshed shared value and the secret key pair, select challenge bits and generate partial signatures by using discrete Gaussian sampling, and execute hash promise consistency check on the partial signatures, wherein the verification passes through the broadcast partial signatures; The participator receives the final signature, the challenge bit broadcasted in the signature generation stage and the shared public key, performs hash promise consistency check on the message to be signed, calculates and compares the verification value based on the final signature, the challenge bit and the public key, and outputs a signature passing or invalid result by the computer system.
2. 2. The distributed environment-oriented efficient quantum-lattice-password-threshold-signing method according to claim 1, wherein the preset parameters comprise one or more of a modulus, a polynomial dimension, a discrete Gaussian distribution standard deviation and a challenge bit length, the random polynomial and a public key containing an error term are generated through a private key and a random polynomial modulo multiplication plus the error term, and the acceptance judgment comprises calculating an acceptance probability based on sample difference, and judging by uniformly distributing random numbers with 0-1.
3. 3. The distributed environment-oriented efficient quantum-lattice-password-threshold-signing-method as claimed in claim 1, wherein the self-MAC shares extracted by each party are share fragments corresponding to the message to be signed, and the generated random vector contains a plurality of random coefficients; The random coefficients are random sampling coefficients corresponding to the number of the participants or the number of the message segments to be signed, and each random coefficient corresponds to a message part or a message segment to be signed of one participant respectively; in multi-round splitting and recombination, each participant firstly splits own MAC share into a plurality of sections of sub shares, and then carries out recombination calculation on the plurality of sections of sub shares by combining coefficients of random vectors; When consistency verification is carried out, each participant firstly generates a hash value for the self-recombined MAC related value and broadcasts the hash value, then verifies whether the MAC related values broadcast by other participants are consistent with the corresponding hash values, if any participant verifies that the MAC related values are inconsistent, the message authentication code share generation flow is terminated, and only if all participants verify that the MAC related values are consistent, the global shared MAC value is output.
4. 4. The method for efficient quantum-lattice-cipher-resistant threshold signature for distributed environments according to claim 1, wherein the generating, by the party, a private key polynomial from a discrete gaussian distribution by RLWE refusing sampling, a uniformly distributed random polynomial and a public key containing an error term, obtaining a key pair containing noise protection, and sharing the key share to other parties specifically comprises: When the participant executes RLWE refusing to sample, generating a private key polynomial from discrete Gaussian distribution according to a preset coefficient range and polynomial dimension; When the public key with error items is generated, firstly, generating the error items conforming to the discrete Gaussian distribution by refusing to sample, then, multiplying the private key polynomial with the random polynomial, and then, superposing the error items and carrying out modular operation to obtain the public key with noise protection; The generated key pair comprises the random polynomial and the private key polynomial, and the participants share the corresponding shares of the random polynomial and the private key polynomial in the key pair to other participants respectively.
5. 5. The distributed environment-oriented efficient quantum-lattice-password-threshold-signing-method as claimed in claim 1, wherein, when the shared value is refreshed, the random shared value and the random multiplication factor generated by the participant are sampled from the uniform distribution corresponding to the preset modulus; The multi-round modular addition and modular multiplication iterative operation comprises the steps of respectively executing modular addition operation on shared values of a secret key share and an own MAC share to obtain an initial modified shared value, executing modular multiplication operation on the initial modified shared value to update the shared value into an intermediate modified shared value, repeatedly executing five times of operation, generating a new random addition number and executing modular addition each time of operation, regenerating a new random multiplication factor and executing modular multiplication, taking the updated shared value each time of operation as input of the next round of operation, and finally obtaining a refreshed shared value.
6. 6. The distributed environment-oriented efficient quantum-lattice-password-threshold-signature method as claimed in claim 2, wherein when the participants are subjected to discrete Gaussian distribution sampling, a sample set corresponding to polynomial dimensions is generated; When the judgment is accepted, the acceptance probability is calculated according to the difference between the sampling sample and the discretization sample, then a random number is generated from the uniform distribution of 0 to 1, if the random number is smaller than the acceptance probability, the discretization sample is accepted, otherwise, the discrete Gaussian distribution sampling and sample discretization steps are executed again, the process is repeatedly carried out until all the participators obtain the discretization sample which accords with the expected statistical distribution, and the sample is used as the random input related to the private key.
7. 7. The method for high-efficiency quantum-lattice-password-resistant threshold signature for distributed environment as claimed in claim 1, wherein when the party generates a partial signature by combining random input, a random value is generated by rejecting sampling, the rejecting sampling is executed according to a preset challenge bit length and polynomial dimension; When the challenge bit is selected, sampling from uniform distribution containing three values of-1, 0 and 1 to obtain the challenge bit; After generating the partial signature, each participant generates a corresponding hash commitment value by a hash function on the partial signature generated by itself, and broadcasts the hash commitment value to all other participants, and then when the hash commitment consistency check is carried out on the partial signature, the participant checks whether the hash commitment value of the partial signature generated by itself is consistent with the hash commitment value which is broadcast by other participants and is generated for the partial signature of the participant.
8. 8. The method for efficiently signing the quantum-lattice-resistant password threshold oriented to the distributed environment according to claim 1 is characterized in that when hash promise consistency check is carried out on a message to be signed, the hash value of the message to be signed is recalculated, whether the hash value is consistent with a promise value of the message reserved in a signature generation stage is compared, if not, signature invalidation is directly judged, when a verification value is calculated, mathematical transformation is firstly carried out on a polynomial product of a public key and a final signature to obtain a first verification value, mathematical transformation is carried out on a polynomial product of the public key and a challenge bit to obtain a second verification value, when the verification value is compared, after modular operation is carried out on the first verification value and the second verification value respectively, whether the results of the modular operation of the first verification value and the second verification value are consistent is checked, and the verification results of all participants are consistent, so that signature passing is judged.
9. 9. The efficient quantum-lattice-resistant password threshold signature system for the distributed environment is characterized by comprising a multi-party terminal and a computer system, wherein the computer system comprises a storage module and a processing module, the multi-party terminal comprises a participant and a coordinator, and the processing module comprises one or a combination of the following units: The MAC share generating unit extracts the MAC shares of all the participants, and outputs a global shared MAC value through random vector generation, multi-round splitting recombination hash and consistency verification; the key generation unit refuses sampling to generate a private key polynomial, a noisy public key and a key pair through RLWE, and shares the key share; The shared value refreshing unit generates a random value for the key share and the MAC share, and the refreshed shared value is obtained by multi-round modulo addition and multiplication; the sampling refusing unit generates a private key related random input conforming to statistical distribution; the signature generation unit is used for generating partial signatures by combining random input and the like, and outputting final signatures by Lagrange interpolation and merging after hash commitment verification; The verification unit is used for verifying the message hash promise and comparing the verification values; The storage module stores the data of each stage, and the computer system outputs the signature result.
10. 10. A computer readable storage medium having stored thereon a computer program, which when executed implements a distributed environment oriented efficient anti-quantum lattice cryptographic threshold signing method as claimed in any one of claims 1 to 8.

Description

Efficient quantum-lattice-resistant password threshold signature method and system for distributed environment Technical Field The invention belongs to the technical fields of blockchain, quantum computation and the like in new generation information technology, and particularly relates to specific technical classifications of digital signature, cryptography, quantum resistance, threshold signature and the like, in particular to a high-efficiency quantum-lattice-resistant password threshold signature method and system for a distributed environment, which are applicable to application scenes such as metauniverse, blockchain nodes, internet of things security, distributed identity authentication and the like which need multiparty cooperation and high security guarantee. Background With the development of quantum computing, traditional public key cryptography (such as RSA and ECC) is at risk of being cracked by quantum algorithms. For this reason, lattice cryptography is an important branch of quantum cryptography, and has become a research hotspot because of its strong security and realizability based on difficult lattice problems (such as RLWE hypothesis). However, most of the existing lattice-based signature schemes are single-point key signatures, and it is difficult to meet security and availability requirements of multi-party participation, key share management and threshold signatures in a distributed environment. Under the scene of multiparty participation, if a reasonable threshold signature mechanism is not adopted, the key leakage and single-point fault risk are obviously increased. For example, the prior art (represented by CRYSTALS-Dilithium) has the following problems in the field of distributed anti-quantum signatures. Firstly, in the aspect of architecture limitation, dilithium is a single-point signature architecture, lacks the cooperative capability of multiple participants, cannot meet the threshold signature requirement of a distributed system (such as blockchain and multi-mechanism cooperation), and is easy to be subjected to single-point faults or attacks due to centralized key generation and signature processes. Secondly, the prior art relies on hash comparison in a signature verification stage, lacks of front integrity verification of messages/shares, and cannot block tampering at the initial stage of signature generation. In addition, the key parameters of the prior art are fixed, a refreshing mechanism is not available, the key is difficult to deal with long-term storage or multiple use scenes, the anti-attack capability is very weak, and the defense against fault attacks and side channel attacks is insufficient. Therefore, a solution that not only has quantum security but also supports efficient distributed key management and threshold signature generation and verification is needed to adapt to application environments with high security requirements such as blockchain, internet of things and the like. Disclosure of Invention The invention mainly aims to provide a high-efficiency quantum-lattice-password-resistant threshold signature method and system for a distributed environment, which are used for solving the problems that signatures are easy to be attacked by quanta, messages are easy to be tampered and signatures are easy to be forged in the distributed environment, ensuring the security and effectiveness of multi-party collaborative signatures, and meeting the requirements of the distributed environment on high-security quantum-resistant signatures. Based on a first main aspect of the present invention, there is provided a distributed environment-oriented efficient quantum-lattice-resistant cryptographic threshold signature method, including: the participation direction computer system inputs the message to be signed, preset parameters and the preprocessed MAC key share; each participant extracts own MAC share, generates a random vector, performs multi-round splitting, recombination, hash operation and consistency verification, and verifies through outputting a global shared MAC value; The participants refuses to sample through RLWE to generate a private key polynomial from the discrete Gaussian distribution, generate a random polynomial with uniform distribution and a public key with error terms, obtain a key pair with noise protection, and share the key share to other participants; The party generates a random shared value and a random multiplication factor for the shared value of the secret key share and the self MAC share, and the refreshed shared value is obtained through multi-round modular addition and modular multiplication iterative operation; The participants generate random input which is related to the private key and accords with statistical distribution through discrete Gaussian distribution sampling, sample discretization and acceptance judgment based on parameters corresponding to the refreshed shared value and preset mean value and standard deviation; The parti