Two-party collaborative signature scheme is an important cryptographic technology for user authentication and data integrity protection when using mobile devices for financial and securities transactions. However, the two-party collaboration scheme has the following shortcomings: firstly, it is not flexible enough, and it requires the collaborating parties to be secure and trusted; secondly, the two-party collaboration security still needs to be improved. Once a hacker obtains the signature private key and collaborative identity of a mobile device, it can construct a legitimate two-party collaborative signature. Third, the application scenario of two-party co-signature is limited and cannot meet the application scenario of multi-device co-signature. For this reason, this paper designs a multi-party collaborative signature scheme based on SM2 digital signature algorithm in the standard "SM2 Elliptic Curve Public Key Cryptography" of GM/T003-2012. This scheme consists of multiple (more than 2) participants to jointly generate the signature group public key and valid signature in an interactive manner, while ensuring that each user cannot know the signature key other than their own during the signing process. We implement this scheme based on the GMP library. The experimental results show that this scheme is not only flexible but also more secure and trustworthy to meet the application scenario of multi-device collaborative signing. In addition, the time for multiple participants to construct signatures in this scheme is similar, and the time for signature verification is less different from that of the original SM2 signature.
Copyright: © 2023 Tan et al. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.