CN107425968A - A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system - Google Patents
A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system Download PDFInfo
- Publication number
- CN107425968A CN107425968A CN201710481583.8A CN201710481583A CN107425968A CN 107425968 A CN107425968 A CN 107425968A CN 201710481583 A CN201710481583 A CN 201710481583A CN 107425968 A CN107425968 A CN 107425968A
- Authority
- CN
- China
- Prior art keywords
- bit string
- point
- module
- elliptic curve
- multiplication operation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Algebra (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
Abstract
System is realized the invention discloses the SM2 elliptic curve public key cryptographic algorithms under a kind of binary field F2m, under the control of SM2 control modules, by being communicated with control extension module and decryption control module, and random number generation module, point multiplication operation module, Bit String modular converter, key derivation module, cryptographic Hash module, XOR module is called to encrypt message and decryption ciphertext to realize.The SM2 elliptic curves and algorithm of the present invention is defined on binary field F2m, and the hardware for being advantageous to SM2 elliptic curve encryption algorithms realizes that operating rate is very fast.Point multiplication operation is that elliptic curve equation first is converted into the equation under standard projection coordinate in the present invention, Montgomery (Montgomery) Algorithm for Scalar Multiplication computing is used again, reduce memory space shared during computing, accelerate arithmetic speed, the ability of system attack time series analysis attack and power analysis is enhanced, improves the security of system.
Description
Technical field
The present invention relates to field of information security technology, and in particular to the SM2 curve public keys under a kind of binary field F2m
AES realizes system.
Background technology
With the fast development of Internet technology, information security issue is increasingly severe, in the transmitting procedure of information, such as
What ensures the safety of information, it is ensured that data exempt from any unauthorized or unexpected during storage, transmission and processing
Modification, insertion, deletion, repeating transmission etc. destroy, so as to realize that the authenticity of data, validity and uniformity become most important.SM2
Elliptic curve public key cryptographic algorithm can be good at the demand for solving this respect.
SM2 is the ellipse curve public key cipher algorithm that national Password Management office issued on December 17th, 2010, with tradition
Public-key cryptosystem (such as rsa cryptosystem system) compare, elliptic curve cryptosystem can using relatively short key
To reach identical safe coefficient.Therefore, shorter key make it that the application of elliptic curve cryptosystem is more extensive.
Message encryption and decryption of the SM2 ellipses public key algorithm suitable for the application of national commercial cipher, sender of the message can
So that message to be encrypted using the public key of recipient, recipient's private key corresponding to is decrypted, and obtains message.May be used also simultaneously
The reference of standard setting and the standardization of product and technology is provided for safety product manufacturer, improves the credibility of safety product
With interoperability.
SM3 cryptographic Hash algorithms are the commercial algorithms of national Password Management office establishment, for the numeral label in cipher application
Name and checking, the generation of message authentication code and checking and the generation of random number, can meet the demand for security of a variety of cipher applications.
The content of the invention
The shortcomings that it is an object of the invention to overcome prior art and deficiency, under binary field F2m, first by elliptic curve
Equation is converted to the equation under standard projection coordinate, then carries out dot product fortune using Montgomery (Montgomery) Algorithm for Scalar Multiplication
Calculate, so as to provide a kind of arithmetic speed faster, required memory space is smaller, resistance time analytical attack and power analysis energy
The stronger SM2 elliptic curve public key cryptographic algorithms of power realize system.
Calculating speed is research and one of most concerned problem in application elliptic curve cryptosystem, in elliptic curve cipher
In system algorithm, most time-consuming computing is exactly point multiplication operation, and it occupies the 80% of elliptic curve the amount of calculation.The present invention
In point multiplication operation be:Under binary field F2m, elliptic curve equation is first converted into the equation under standard projection coordinate, then
Using Montgomery (Montgomery) Algorithm for Scalar Multiplication carry out point multiplication operation, so as to provide a kind of arithmetic speed faster, it is required
The SM2 elliptic curve public key cryptographic algorithms that memory space is smaller, resistance time analytical attack and power analysis ability are stronger
Realize system.
The technical problems to be solved by the invention are to provide the SM2 elliptic curve public key cryptographics under a kind of binary field F2m
Algorithm realizes system, and under binary field F2m, elliptic curve equation first is converted into the equation under standard projection coordinate, then
Using Montgomery (Montgomery) Algorithm for Scalar Multiplication carry out point multiplication operation, so as to provide a kind of arithmetic speed faster, it is required
The SM2 elliptic curve public key cryptographic algorithms that memory space is smaller, resistance time analytical attack and power analysis ability are stronger
Realize system.
In order to solve the above technical problems, the SM2 elliptic curve public key cryptographics that the present invention is provided under a kind of binary field F2m are calculated
Method realizes system, and the message of transmission can be encrypted and decrypted for the system.Module used in the system includes:SM2
Control module, control extension module, decryption control module, random number generation module, point multiplication operation module, Bit String modulus of conversion
Block, key derivation module, cryptographic Hash module, XOR module.
The SM2 control modules:For being communicated with control extension module and decryption control module, to control extension mould
Block sends the order for carrying out message encryption, and the order for carrying out message decryption is sent to decryption control module, while receives encryption control
The ciphertext returned after molding block encryption success, the error information returned after failed encryption, receiving and deciphering control module successful decryption
The plaintext returned afterwards, the error information returned after decryption failure;
The control extension module:For receive SM2 control modules transmission progress message encryption order after, with
Machine number generation module, point multiplication operation module, Bit String modular converter, key derivation module, XOR module, cryptographic Hash mould
Block is communicated;The length that user A receives the message M, M to be encrypted is klen bits;Sent to random number generation module
Order, notice random number generation module generation random number k ∈ [1, n-1];By point multiplication operation module, first by elliptic curve equation
Be converted to the equation under standard projection coordinate, then the basic point using Montgomery (Montgomery) Algorithm for Scalar Multiplication to elliptic curve
G and k carries out point multiplication operation, obtains elliptic curve point C1=[k] G=(x1, y1);Will point C by Bit String modular converter1Conversion
For Bit String C1;By point multiplication operation module, elliptic curve equation is first converted into the equation under standard projection coordinate, then use
Public key P of Montgomery (Montgomery) Algorithm for Scalar Multiplication to basic point G rank n cofactor h and user BBCarry out point multiplication operation,
Obtain elliptic curve point S=[h] PB;Whether check point S is infinite point, if S is infinite point, reports an error and exits, if S is not
It is infinite point, then by point multiplication operation module, elliptic curve equation is first converted into the equation under standard projection coordinate, then adopt
With Montgomery (Montgomery) Algorithm for Scalar Multiplication to random number k and user B public key PBPoint multiplication operation is carried out, obtains oval song
Line point [k] PB=(x2, y2);By Bit String modular converter by point (x2, y2) be converted to Bit String;Splice Bit String x2And y2,
Obtain Bit String x2||y2;By Bit String x2||y2Key derivation module is input to integer k len, it is the close of klen to obtain length
Key data bit string t;Examine t whether be all 0 Bit String;If t be all 0 Bit String, notify generating random number mould
Block regenerates random number k ∈ [1, n-1];If t be not be all 0 Bit String, calculated by XOR module
Splice Bit String x2, M and y2, obtain Bit String x2||M||y2;By cryptographic Hash module to Bit String x2||M||y2Carry out close
Code hash computing, obtains Hash Value C3;Splice Bit String C1、C2And C3, obtain ciphertext C=C1||C2||C3;
The decryption control module:For receive SM2 control modules transmission carry out message decryption order after, with point
Multiplication module, Bit String modular converter, key derivation module, XOR module, cryptographic Hash module are communicated:Receive
User A encrypts successful ciphertext C=C1||C2||C3, Bit String C1 is taken out from C;By Bit String modular converter by Bit String
C1 is converted to point C1, check point C1Whether elliptic curve equation is met;If C1Elliptic curve equation is unsatisfactory for, then reports an error and exits;
If C1Meet elliptic curve equation, then by point multiplication operation module, be first converted to elliptic curve equation under standard projection coordinate
Equation, then cofactor h and C using Montgomery (Montgomery) Algorithm for Scalar Multiplication to basic point G rank n1Carry out dot product fortune
Calculate, obtain elliptic curve point S '=[h] C1;Whether check point S ' is infinite point, if S ' is infinite point, reports an error and moves back
Go out, if S ' is not infinite point, by point multiplication operation module, be first converted to elliptic curve equation under standard projection coordinate
Equation, then the private key d using Montgomery (Montgomery) Algorithm for Scalar Multiplication to user BBAnd C1Point multiplication operation is carried out, is obtained ellipse
Circular curve point [dB]C1=(x2', y2’);By Bit String modular converter by point (x2', y2') be converted to Bit String;Splice bit
String x2' and y2', obtain Bit String x2’||y2’;By Bit String x2’||y2' and integer k len be input to key derivation module, obtain
Length is klen key data Bit String t ';Examine t ' whether be all 0 Bit String;If t ' be all 0 Bit String,
Report an error and exit;If t ' be not be all 0 Bit String, Bit String C is taken out from ciphertext C2;Calculated by XOR moduleSplice Bit String x2', M ' and y2', obtain Bit String x2’||M’||y2’;By cryptographic Hash module to Bit String
x2’||M’||y2' cryptographic Hash computing is carried out, obtain Hash Value u;Bit String C is taken out from ciphertext C3;Examine u=C3Whether into
It is vertical;If u ≠ C3, then report an error and exit;If u=C3, then the plaintext M after output is decrypted ';
The random number generation module:For generating the random number k in the range of 1 to (n-1);
The point multiplication operation module:For calculating C1=[k] G=(x1, y1);Calculate S=[h] PB;Calculate [k] PB=(x2,
y2);Calculate S '=[h] C1;Calculate [dB]C1=(x2', y2’);Point multiplication operation is thrown for elliptic curve equation first is converted into standard
Equation under shadow coordinate, then point multiplication operation is carried out using Montgomery (Montgomery) Algorithm for Scalar Multiplication;
The Bit String modular converter:For the point on elliptic curve to be converted into corresponding Bit String, will compare
Spy's string is converted to corresponding point on elliptic curve;
The key derivation module:For to Bit String x2||y2Key derivation computing is carried out with integer k len, obtains length
For klen key data Bit String t;To Bit String x2’||y2' and integer k len progress key derivation computings, obtaining length is
Klen key data Bit String t ';
The cryptographic Hash module:For by using SM3 cryptographic Hash algorithms, trying to achieve Bit String x2||M||y2Hash
Value C3, try to achieve Bit String x2’||M’||y2' Hash Value u;
The XOR module:For calculating
The point multiplication operation is after elliptic curve to be first converted to the elliptic curve under standard projection coordinate, then with covering brother
Ma Li (Montgomery) Algorithm for Scalar Multiplication carries out point multiplication operation, comprises the following steps that:
Step 1:Input k=(kl-1... k1, k0)2, wherein kl-1=1, P=(x, y) ∈ E (F2m);
Step 2:By the non-supersingular elliptic curve equation y under binary field F2m2+ xy=x3+ax2+ b is converted to standard
Equation Y under projection coordinate2Z+XYZ=X3+aX2Z+bZ3;
Step 3:X1=x, Z1=1, (X1, Z1) be point P coordinate;
Step 4:X2=x4+ b, Z2=x2, (X2, Z2) be point 2P coordinate
Step 5:For i from 1-2 to 0, repeat:
Step 6:If ki=1, then T=Z1, Z1=(X1Z2+X2Z1)2, X1=xZ1+X1X2TZ2
T=X2, X2=X2 4+bZ2 4, Z2=T2Z2 2;
Step 7:If ki=0, then T=Z2, Z2=(X1Z2+X2Z1)2, X2=xZ2+X1X2TZ1;
T=X1, X1=X1 4+bZ1 4, Z1=T2Z1 2;
Step 8:x3=X1/Z1;
Step 9:y3=(x+X1/Z1)[(X1+xZ1)(X2+xZ2)+(x2+y)(Z1Z2)](xZ1Z2)-1+y;
Step 10:Return to [k] P=(x3, y3)。
Disappeared in a kind of SM2 ellipse curve public key cipher algorithms under binary field F2m using public key encryption algorithm to encrypt
The implementation method of breath, it is characterised in that comprise the following steps:
Step 1:User A initial data is inputted, including:Systematic parameter a, b of elliptic curve, basic point G, public key PB, base
Point G rank n, n cofactor h, message M to be encrypted (M length is klen bits);
Step 2:Pass through random number generation module generation 1 to the random number k in the range of (n-1);
Step 3:Elliptic curve point C is calculated by point multiplication operation module1=[k] G=(x1, y1);
Step 4:By Bit String modular converter by elliptic curve point C1Be converted to Bit String C1;
Step 5:Elliptic curve point S=[h] P is calculated by point multiplication operation moduleB;
Step 6:Examine whether S=O sets up, report an error and exit if setting up, step 7 is performed if invalid;
Step 7:[k] P is calculated by point multiplication operation moduleB=(x2, y2);
Step 8:By Bit String modular converter by point (x2, y2) be converted to corresponding Bit String;
Step 9:Splice Bit String x2And y2, obtain Bit String x2||y2;
Step 10:By Bit String x2||y2Key derivation module is input to integer k len, obtains the key that length is klen
Data bit string t;
Step 11:Examine t whether be all 0 Bit String, if then return to step two, if otherwise performing step 10
Two;
Step 12:Calculated by XOR module
Step 13:Splice Bit String x2, M and y2, obtain Bit String x2||M||y2;
Step 14:By cryptographic Hash computing module to Bit String x2||M||y2Cryptographic Hash computing is carried out, obtains hash
Value C3;
Step 15:Splice Bit String C1、C2And C3, obtain ciphertext C=C1||C2||C3。
The point multiplication operation is after elliptic curve to be first converted to the elliptic curve under standard projection coordinate, then with covering brother
Ma Li (Montgomery) Algorithm for Scalar Multiplication carries out point multiplication operation, comprises the following steps that:
Step 1:Input k=(kl-1... k1, k0)2, wherein kl-1=1, P=(x, y) ∈ E (F2m);
Step 2:By the non-supersingular elliptic curve equation y under binary field F2m2+ xy=x3+ax2+ b is converted to standard
Equation Y under projection coordinate2Z+XYZ=X3+aX2Z+bZ3;
Step 3:X1=x, Z1=1, (X1, Z1) be point P coordinate;
Step 4:X2=x4+ b, Z2=x2, (X2, Z2) be point 2P coordinate
Step 5:For i from 1-2 to 0, repeat:
Step 6:If ki=1, then T=Z1, Z1=(X1Z2+X2Z1)2, X1=xZ1+X1X2TZ2
T=X2, X2=X2 4+bZ2 4, Z2=T2Z2 2;
Step 7:If ki=0, then T=Z2, Z2=(X1Z2+X2Z1)2, X2=xZ2+X1X2TZ1;
T=X1, X1=X1 4+bZ1 4, Z1=T2Z1 2;
Step 8:x3=X1/Z1;
Step 9:y3=(x+X1/Z1)[(X1+xZ1)(X2+xZ2)+(x2+y)(Z1Z2)](xZ1Z2)-1+y;
Step 10:Return to [k] P=(x3, y3)。
Decrypted in a kind of SM2 ellipse curve public key cipher algorithms under binary field F2m using public key encryption algorithm close
The implementation method of text, it is characterised in that comprise the following steps:
Step 1:User B initial data is inputted, including:Systematic parameter a, b of elliptic curve, basic point G, private key dB, base
Point G rank n, n cofactor h, ciphertext C=C to be decrypted1||C2||C3, C length is klen bits;
Step 2:Bit String C is taken out from ciphertext C1;
Step 3:By Bit String modular converter by Bit String C1Be converted to point C1;
Step 4:Check point C1Whether meet elliptic curve equation, report an error and exit if being unsatisfactory for, performed if meeting
Step 5;
Step 5:Elliptic curve point S '=[h] C is calculated by point multiplication operation module1;
Step 6:Examine whether S '=0 sets up, report an error and exit if setting up, step 7 is performed if invalid;
Step 7:[d is calculated by point multiplication operation moduleB]C1=(x2', y2’);
Step 8:By Bit String modular converter by coordinate x2' and y2' be converted to corresponding Bit String;
Step 9:Splice Bit String x2' and y2', obtain Bit String x2’||y2’;
Step 10:By Bit String x2’||y2' and integer k len be input to key derivation module, obtain length be klen it is close
Key data bit string t ';
Step 11:Examine t ' whether be all 0 Bit String, if then reporting an error and exiting, if otherwise performing step 10
Two;
Step 12:Bit String C is taken out from ciphertext C2, calculated by XOR module
Step 13:Splice Bit String x2', M ' and y2', obtain Bit String x2’||M’||y2’;
Step 14:By cryptographic Hash module to Bit String x2’||M’||y2' cryptographic Hash computing is carried out, obtain hash
Value u;
Step 15:Bit String C is taken out from ciphertext C3;
Step 10 six:Examine u=C3Whether set up, report an error and exit if invalid, step 10 seven is performed if setting up;
Step 10 seven:Plaintext M after output decryption '.
The point multiplication operation is after elliptic curve to be first converted to the elliptic curve under standard projection coordinate, then with covering brother
Ma Li (Montgomery) Algorithm for Scalar Multiplication carries out point multiplication operation, comprises the following steps that:
Step 1:Input k=(kl-1... k1, k0)2, wherein kl-1=1, P=(x, y) ∈ E (F2m);
Step 2:By the non-supersingular elliptic curve equation y under binary field F2m2+ xy=x3+ax2+ b is converted to standard
Equation Y under projection coordinate2Z+XYZ=X3+aX2Z+bZ3;
Step 3:X1=x, Z1=1, (X1, Z1) be point P coordinate;
Step 4:X2=x4+ b, Z2=x2, (X2, Z2) be point 2P coordinate
Step 5:For i from 1-2 to 0, repeat:
Step 6:If ki=1, then T=Z1, Z1=(X1Z2+X2Z1)2, X1=xZ1+X1X2TZ2
T=X2, X2=X2 4+bZ2 4, Z2=T2Z2 2;
Step 7:If ki=0, then T=Z2, Z2=(X1Z2+X2Z1)2, X2=xZ2+X1X2TZ1;
T=X1, X1=X1 4+bZ1 4, Z1=T2Z1 2;
Step 8:x3=X1/Z1;
Step 9:y3=(x+X1/Z1)[(X1+xZ1)(X2+xZ2)+(x2+y)(Z1Z2)](xZ1Z2)-1+y;
Step 10:Return to [k] P=(x3, y3)。
The present invention is had the following advantages relative to prior art and effect:
(1) the SM2 elliptic curves and algorithm that the present invention relates to are defined on binary field F2m, binary system
Computing on domain pertains only to displacement and the mould 2 of step-by-step adds, and the hardware for being very beneficial for SM2 elliptic curve encryption algorithms is realized, and
Operating rate is also than very fast.
(2) present invention is during message encryption and decryption, first using standard projection coordinate, by under binary field F2m
Non-supersingular elliptic curve equation y2+ xy=x3+ax2+ b is converted to the equation Y under standard projection coordinate2Z+XYZ=X3+aX2Z
+bZ3, the point of standard projection coordinate, which adds, is not related to inverting on domain with point multiplication operation, can greatly simplify the complexity of computing, add
Fast calculating speed.
(3) after elliptic curve being converted into the elliptic curve under standard projection coordinate, using Montgomery
(Montgomery) Algorithm for Scalar Multiplication, point multiplication operation only need to calculate the X-coordinate and Z coordinate of point, it is not necessary to calculate Y-coordinate, significantly
Reduce memory space shared during computing, accelerate arithmetic speed.In addition, the Algorithm for Scalar Multiplication changing each time in major cycle
Identical operation is all completed in generation, therefore enhances the ability of system attack time series analysis attack and power analysis, is improved
The security of system.
Brief description of the drawings
Fig. 1 realizes system for the SM2 elliptic curve public key cryptographic algorithms under a kind of binary field F2m provided by the invention
Overall structure figure;
Fig. 2 is to be encrypted in the SM2 ellipse curve public key cipher algorithms under binary field F2m using public key encryption algorithm
The flow chart of message;
Fig. 3 is to be decrypted in the SM2 ellipse curve public key cipher algorithms under binary field F2m using public key encryption algorithm
The flow chart of ciphertext;
Fig. 4 is that elliptic curve equation first is converted into the equation under standard projection coordinate, then using Montgomery
(Montgomery) Algorithm for Scalar Multiplication carries out the flow chart of point multiplication operation.
Embodiment
With reference to embodiment and accompanying drawing, the present invention is described in further detail, but embodiments of the present invention are unlimited
In this.
Embodiment
What the present invention provided the SM2 elliptic curve public key cryptographic algorithms under a kind of binary field F2m realizes system, the invention
In involved SM2 elliptic curves and algorithm be defined on binary field F2m, the equation of elliptic curve is non-super strange
Different curve y2+ xy=x3+ax2+ b, wherein a, b ∈ F2m, and b ≠ 0.Elliptic curve E (F2m)=(x, y) | x, y ∈ F2m, and it is full
Sufficient equation y2+ xy=x3+ax2+ b } ∪ { 0 }, wherein 0 is infinite point.
By the non-supersingular elliptic curve equation y under binary field F2m2+ xy=x3+ax2+ b is converted to standard projection coordinate
Under equation Y2Z+XYZ=X3+aX2Z+bZ3, subpoint (X: Y: Z), Z ≠ 0 and affine point (X/Z, Y/Z) are corresponding, infinity
Point ∞ corresponds to (0: 1: 0), and the negative point of point (X: Y: Z) is (X: X+Y: Z).
Fig. 1 realizes system for the SM2 elliptic curve public key cryptographic algorithms under a kind of binary field F2m provided by the invention
Overall structure figure, the system can both be encrypted to message, message can be decrypted again, so as to ensure message
The destructions such as any unauthorized or unexpected modification, insertion, deletion, repeating transmission are exempted from during storing, transmitting and handling,
Realize the authenticity, validity and uniformity of data.It can be seen that the module used in the system includes:SM2 is controlled
It is module, control extension module, decryption control module, random number generation module, point multiplication operation module, Bit String modular converter, close
Key derives from module, cryptographic Hash module, XOR module.
SM2 control modules:For being communicated with control extension module and decryption control module, sent out to control extension module
The order of row message encryption is sent into, the order for carrying out message decryption is sent to decryption control module, while receive control extension mould
The ciphertext returned after block encryption success, the error information returned after failed encryption, return after receiving and deciphering control module successful decryption
The plaintext returned, the error information returned after decryption failure.
Control extension module:For receive SM2 control modules transmission progress message encryption order after, with random number
Generation module, point multiplication operation module, Bit String modular converter, key derivation module, XOR module, cryptographic Hash module are entered
Row communication:The length that user A receives the message M, M to be encrypted is klen bits;Send and order to random number generation module,
Notify random number generation module generation random number k ∈ [1, n-1];By point multiplication operation module, first elliptic curve equation is changed
For the equation under standard projection coordinate, then basic point G and k using Montgomery (Montgomery) Algorithm for Scalar Multiplication to elliptic curve
Point multiplication operation is carried out, obtains elliptic curve point C1=[k] G=(x1, y1);Will point C by Bit String modular converter1Be converted to ratio
Spy's string C1;By point multiplication operation module, elliptic curve equation is first converted into the equation under standard projection coordinate, then using illiteracy brother
Public key P of Ma Li (Montgomery) Algorithm for Scalar Multiplication to basic point G rank n cofactor h and user BBPoint multiplication operation is carried out, is obtained
Elliptic curve point S=[h] PB;Whether check point S is infinite point, if S is infinite point, reports an error and exits, if S is not nothing
Poor far point, then by point multiplication operation module, elliptic curve equation is first converted into the equation under standard projection coordinate, then using illiteracy
Montgomery (Montgomery) Algorithm for Scalar Multiplication is to random number k and user B public key PBPoint multiplication operation is carried out, obtains elliptic curve point
[k]PB=(x2, y2);By Bit String modular converter by point (x2, y2) be converted to Bit String;Splice Bit String x2And y2, obtain
Bit String x2||y2;By Bit String x2||y2Key derivation module is input to integer k len, obtains the cipher key number that length is klen
According to Bit String t;Examine t whether be all 0 Bit String;If t be all 0 Bit String, notify random number generation module weight
It is new to produce random number k ∈ [1, n-1];If t be not be all 0 Bit String, calculated by XOR module Splicing
Bit String x2, M and y2, obtain Bit String x2||M||y2;By cryptographic Hash module to Bit String x2||M||y2It is miscellaneous to carry out password
Gather computing, obtain Hash Value C3;Splice Bit String C1、C2And C3, obtain ciphertext C=C1||C2||C3。
Decrypt control module:For after the order of carry out message decryption of SM2 control modules transmission is received, being transported with dot product
Module, Bit String modular converter, key derivation module, XOR module, cryptographic Hash module is calculated to be communicated:Receive user
A encrypts successful ciphertext C=C1||C2||C3, Bit String C1 is taken out from C;By Bit String modular converter by Bit String C1Turn
It is changed to point C1, check point C1Whether elliptic curve equation is met;If C1Elliptic curve equation is unsatisfactory for, then reports an error and exits;If C1
Meet elliptic curve equation, then by point multiplication operation module, elliptic curve equation is first converted into the side under standard projection coordinate
Journey, then cofactor h and C using Montgomery (Montgomery) Algorithm for Scalar Multiplication to basic point G rank n1Point multiplication operation is carried out, is obtained
To elliptic curve point S '=[h] C1;Whether check point S ' is infinite point, if S ' is infinite point, reports an error and exits, if S '
It is not infinite point, then by point multiplication operation module, elliptic curve equation is first converted into the equation under standard projection coordinate, then
Private key d using Montgomery (Montgomery) Algorithm for Scalar Multiplication to user BBAnd C1Point multiplication operation is carried out, obtains elliptic curve point
[dB]C1=(x2', y2’);By Bit String modular converter by point (x2', y2') be converted to Bit String;Splice Bit String x2' and
y2', obtain Bit String x2’||y2’;By Bit String x2’||y2' and integer k len be input to key derivation module, obtaining length is
Klen key data Bit String t ';Examine t ' whether be all 0 Bit String;If t ' reports an error simultaneously to be all 0 Bit String
Exit;If t ' be not be all 0 Bit String, Bit String C is taken out from ciphertext C2;Calculated by XOR moduleSplice Bit String x2', M ' and y2', obtain Bit String x2’||M’||y2’;By cryptographic Hash module to Bit String
x2’||M’||y2' cryptographic Hash computing is carried out, obtain Hash Value u;Bit String C is taken out from ciphertext C3;Examine u=C3Whether into
It is vertical;If u ≠ C3, then report an error and exit;If u=C3, then the plaintext M after output is decrypted '.
Random number generation module:For generating the random number k in the range of 1 to (n-1);
Point multiplication operation module:For calculating C1=[k] G=(x1, y1);Calculate S=[h] PB;Calculate [k] PB=(x2, y2);
Calculate S '=[h] C1;Calculate [dB]C1=(x2', y2’).Point multiplication operation is sat for elliptic curve equation first is converted into standard projection
Equation under mark, then point multiplication operation is carried out using Montgomery (Montgomery) Algorithm for Scalar Multiplication.
Bit String modular converter:For the point on elliptic curve to be converted into corresponding Bit String, by Bit String
Be converted to corresponding point on elliptic curve.
Key derivation module:For to Bit String x2||y2Key derivation computing is carried out with integer k len, obtaining length is
Klen key data Bit String t;To Bit String x2’||y2' and integer k len progress key derivation computings, obtaining length is
Klen key data Bit String t '.
Cryptographic Hash module:For by using SM3 cryptographic Hash algorithms, trying to achieve Bit String x2||M||y2Hash Value
C3, try to achieve Bit String x2’||M’||y2' Hash Value u.
XOR module:For calculating
Fig. 2 is to be encrypted in the SM2 ellipse curve public key cipher algorithms under binary field F2m using public key encryption algorithm
The flow chart of message.In order to accelerate arithmetic speed, reduce memory space shared during computing, enhance the system attack time
The ability of analytical attack and power analysis, the security of system is improved, when carrying out point multiplication operation, first turned elliptic curve
After being changed to the elliptic curve under standard projection coordinate, then with Montgomery (Montgomery) Algorithm for Scalar Multiplication progress dot product fortune
Calculate.As shown in Fig. 2 the public key encryption algorithm comprises the steps of:
Step 1:User A initial data is inputted, including:Systematic parameter a, b of elliptic curve, basic point G, public key PB, base
Point G rank n, n cofactor h, message M to be encrypted (M length is klen bits);
Step 2:Pass through random number generation module generation 1 to the random number k in the range of (n-1);
Step 3:Elliptic curve point C is calculated by point multiplication operation module1=[k] G=(x1, y1);
Step 4:By Bit String modular converter by elliptic curve point C1Be converted to Bit String C1;
Step 5:Elliptic curve point S=[h] P is calculated by point multiplication operation moduleB;
Step 6:Examine whether S=O sets up, report an error and exit if setting up, step 7 is performed if invalid;
Step 7:[k] P is calculated by point multiplication operation moduleB=(x2, y2);
Step 8:By Bit String modular converter by point (x2, y2) be converted to corresponding Bit String;
Step 9:Splice Bit String x2And y2, obtain Bit String x2||y2;
Step 10:By Bit String x2||y2Key derivation module is input to integer k len, obtains the key that length is klen
Data bit string t;
Step 11:Examine t whether be all 0 Bit String, if then return to step two, if otherwise performing step 10
Two;
Step 12:Calculated by XOR module
Step 13:Splice Bit String x2, M and y2, obtain Bit String x2||M||y2;
Step 14:By cryptographic Hash computing module to Bit String x2 | | M | | y2 carries out cryptographic Hash computing, obtains hash
Value C3;
Step 15:Splice Bit String C1、C2And C3, obtain ciphertext C=C1||C2||C3。
Fig. 3 is to be decrypted in the SM2 ellipse curve public key cipher algorithms under binary field F2m using public key encryption algorithm
The flow chart of ciphertext.In order to accelerate arithmetic speed, reduce memory space shared during computing, enhance the system attack time
The ability of analytical attack and power analysis, the security of system is improved, when carrying out point multiplication operation, first turned elliptic curve
After being changed to the elliptic curve under standard projection coordinate, then with Montgomery (Montgomery) Algorithm for Scalar Multiplication progress dot product fortune
Calculate.As shown in figure 3, the decryption ciphertext algorithm comprises the steps of:
Step 1:User B initial data is inputted, including:Systematic parameter a, b of elliptic curve, basic point G, private key dB, base
Point G rank n, n cofactor h, ciphertext C=C to be decrypted1||C2||C3(C length is klen bits);
Step 2:Bit String C is taken out from ciphertext C1;
Step 3:By Bit String modular converter by Bit String C1Be converted to point C1;
Step 4:Check point C1Whether meet elliptic curve equation, report an error and exit if being unsatisfactory for, performed if meeting
Step 5;
Step 5:Elliptic curve point S '=[h] C1 is calculated by point multiplication operation module;
Step 6:Examine whether S '=0 sets up, report an error and exit if setting up, step 7 is performed if invalid;
Step 7:[d is calculated by point multiplication operation moduleB]C1=(x2', y2’);
Step 8:By Bit String modular converter by coordinate x2' and y2' be converted to corresponding Bit String;
Step 9:Splice Bit String x2' and y2', obtain Bit String x2’||y2’;
Step 10:By Bit String x2’||y2' and integer k len be input to key derivation module, obtain length be klen it is close
Key data bit string t ';
Step 11:Examine t ' whether be all 0 Bit String, if then reporting an error and exiting, if otherwise performing step 10
Two;
Step 12:Bit String C is taken out from ciphertext C2, calculated by XOR module
Step 13:Splice Bit String x2', M ' and y2', obtain Bit String x2 ' | | M ' | | y2 ';
Step 14:By cryptographic Hash module to Bit String x2’||M’||y2' cryptographic Hash computing is carried out, obtain hash
Value u;
Step 15:Bit String C3 is taken out from ciphertext C;
Step 10 six:Examine u=C3Whether set up, report an error and exit if invalid, step 10 seven is performed if setting up;
Step 10 seven:Plaintext M after output decryption '.
Fig. 4 is that elliptic curve equation first is converted into the equation under standard projection coordinate, then using Montgomery
(Montgomery) Algorithm for Scalar Multiplication carries out the flow chart of point multiplication operation.As shown in figure 4, comprise the following steps that:
Step 1:Input k=(kl-1... k1, k0)2, wherein kl-1=1, P=(x, y) ∈ E (F2m);
Step 2:By the non-supersingular elliptic curve equation y under binary field F2m2+ xy=x3+ax2+ b is converted to standard
Equation Y under projection coordinate2Z+XYZ=X3+aX2Z+bZ3;
Step 3:X1=x, Z1=1, (X1, Z1) is point P coordinate;
Step 4:X2=x4+ b, Z2=x2, (X2, Z2) are point 2P coordinate
Step 5:For i from 1-2 to 0, repeat:
Step 6:If ki=1, T=Z1, Z1=(X1Z2+X2Z1) 2, X1=xZ1+X1X2TZ2
T=X2, X2=X2 4+bZ2 4, Z2=T2Z2 2;
Step 7:If ki=0, T=Z2, Z2=(X1Z2+X2Z1) 2, X2=xZ2+X1X2TZ1;
T=X1, X1=X1 4+bZ1 4, Z1=T2Z1 2;
Step 8:x3=X1/Z1;
Step 9:y3=(x+X1/Z1)[(X1+xZ1)(X2+xZ2)+(x2+y)(Z1Z2)](xZ1Z2)-1+y;
Step 10:Return to [k] P=(x3, y3)。
Above-described embodiment is the preferable embodiment of the present invention, but embodiments of the present invention are not by above-described embodiment
Limitation, other any Spirit Essences without departing from the present invention with made under principle change, modification, replacement, combine, simplification,
Equivalent substitute mode is should be, is included within protection scope of the present invention.
Claims (6)
1. a kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system, it is characterised in that:Including SM2
Control module, control extension module, decryption control module, random number generation module, point multiplication operation module, Bit String modulus of conversion
Block, key derivation module, cryptographic Hash module, XOR module;
The SM2 control modules:For being communicated with control extension module and decryption control module, sent out to control extension module
The order of row message encryption is sent into, the order for carrying out message decryption is sent to decryption control module, while receive control extension mould
The ciphertext returned after block encryption success, the error information returned after failed encryption, return after receiving and deciphering control module successful decryption
The plaintext returned, the error information returned after decryption failure;
The control extension module:For receive SM2 control modules transmission progress message encryption order after, with random number
Generation module, point multiplication operation module, Bit String modular converter, key derivation module, XOR module, cryptographic Hash module are entered
Row communication;The length that user A receives the message M, M to be encrypted is klen bits;Send and order to random number generation module,
Notify random number generation module generation random number k ∈ [1, n-1];By point multiplication operation module, first elliptic curve equation is changed
For the equation under standard projection coordinate, then basic point G and k using Montgomery (Montgomery) Algorithm for Scalar Multiplication to elliptic curve
Point multiplication operation is carried out, obtains elliptic curve point C1=[k] G=(x1, y1);Will point C by Bit String modular converter1Be converted to ratio
Spy's string C1;By point multiplication operation module, elliptic curve equation is first converted into the equation under standard projection coordinate, then using illiteracy brother
Public key P of Ma Li (Montgomery) Algorithm for Scalar Multiplication to basic point G rank n cofactor h and user BBPoint multiplication operation is carried out, is obtained
Elliptic curve point S=[h] PB;Whether check point S is infinite point, if S is infinite point, reports an error and exits, if S is not nothing
Poor far point, then by point multiplication operation module, elliptic curve equation is first converted into the equation under standard projection coordinate, then using illiteracy
Montgomery (Montgomery) Algorithm for Scalar Multiplication is to random number k and user B public key PBPoint multiplication operation is carried out, obtains elliptic curve point
[k]PB=(x2, y2);By Bit String modular converter by point (x2, y2) be converted to Bit String;Splice Bit String x2And y2, obtain
Bit String x2||y2;By Bit String x2||y2Key derivation module is input to integer k len, obtains the cipher key number that length is klen
According to Bit String t;Examine t whether be all 0 Bit String;If t be all 0 Bit String, notify random number generation module weight
It is new to produce random number k ∈ [1, n-1];If t be not be all 0 Bit String, calculated by XOR moduleSplicing
Bit String x2, M and y2, obtain Bit String x2||M||y2;By cryptographic Hash module to Bit String x2 | | M | | it is miscellaneous that y2 carries out password
Gather computing, obtain Hash Value C3;Splice Bit String C1, C2 and C3, obtain ciphertext C=C1 | | C2 | | C3;
The decryption control module:For after the order of carry out message decryption of SM2 control modules transmission is received, being transported with dot product
Module, Bit String modular converter, key derivation module, XOR module, cryptographic Hash module is calculated to be communicated:Receive user
A encrypts successful ciphertext C=C1 | | C2 | | C3, Bit String C1 is taken out from C;Bit String C1 is turned by Bit String modular converter
It is changed to whether point C1, check point C1 meet elliptic curve equation;If C1 is unsatisfactory for elliptic curve equation, reports an error and exit;If
C1 meets elliptic curve equation, then by point multiplication operation module, is first converted to elliptic curve equation under standard projection coordinate
Equation, then point multiplication operation is carried out to basic point G rank n cofactor h and C1 using Montgomery (Montgomery) Algorithm for Scalar Multiplication,
Obtain elliptic curve point S '=[h] C1;Whether check point S ' is infinite point, if S ' is infinite point, reports an error and exits, if
S ' is not infinite point, then by point multiplication operation module, elliptic curve equation first is converted into the equation under standard projection coordinate,
Point multiplication operation is carried out to user B private key dR and C1 using Montgomery (Montgomery) Algorithm for Scalar Multiplication again, obtains oval song
Line point [dB] C1=(x2 ', y2 ');Point (x2 ', y2 ') is converted to by Bit String by Bit String modular converter;Splice Bit String
X2 ' and y2 ', obtain Bit String x2 ' | | y2 ';By Bit String x2 ' | | y2 ' and integer k len are input to key derivation module, obtain
Length is klen key data Bit String t ';Examine t ' whether be all 0 Bit String;If t ' be all 0 Bit String,
Report an error and exit;If t ' be not be all 0 Bit String, Bit String C2 is taken out from ciphertext C;Calculated by XOR moduleSplice Bit String x2 ', M ' and y2 ', obtain Bit String x2 ' | | M ' | | y2 ';By cryptographic Hash module to bit
String x2 ' | | M ' | | y2 ' carries out cryptographic Hash computing, obtains Hash Value u;Bit String C3 is taken out from ciphertext C;Examining u=C3 is
No establishment;If u ≠ C3, report an error and exit;If u=C3, the plaintext M after output decryption ';
The random number generation module:For generating the random number k in the range of 1 to (n-1);
The point multiplication operation module:For calculating C1=[k] G=(x1, y1);Calculate S=[h] PB;Calculate [k] PB=(x2, y2);
Calculate S '=[h] C1;Calculate [dB] C1=(x2', y2’);Point multiplication operation is sat for elliptic curve equation first is converted into standard projection
Equation under mark, then point multiplication operation is carried out using Montgomery (Montgomery) Algorithm for Scalar Multiplication;
The Bit String modular converter:For the point on elliptic curve to be converted into corresponding Bit String, by Bit String
Be converted to corresponding point on elliptic curve;
The key derivation module:For to Bit String x2||y2Key derivation computing is carried out with integer k len, obtaining length is
Klen key data Bit String t;To Bit String x2’||y2' and integer k len progress key derivation computings, obtaining length is
Klen key data Bit String t ';
The cryptographic Hash module:For by using SM3 cryptographic Hash algorithms, trying to achieve Bit String x2||M||y2Hash Value
C3, try to achieve Bit String x2’||M’||y2' Hash Value u;
The XOR module:For calculating
2. the system as claimed in claim 1, it is characterised in that:The point multiplication operation is that elliptic curve first is converted into standard to throw
After elliptic curve under shadow coordinate, then with Montgomery (Montgomery) Algorithm for Scalar Multiplication progress point multiplication operation, specific steps
It is as follows:
Step 1:Input k=(kl-1... k1, k0)2, wherein kl-1=1, P=(x, y) ∈ E (F2m);
Step 2:By the non-supersingular elliptic curve equation y under binary field F2m2+ xy=x3+ax2+ b is converted to standard projection
Equation Y under coordinate2Z+XYZ=X3+aX2Z+bZ3;
Step 3:X1=x, Z1=1, (X1, Z1) be point P coordinate;
Step 4:X2=x4+ b, Z2=x2, (X2, Z2) be point 2P coordinate
Step 5:For i from 1-2 to 0, repeat:
Step 6:If ki=1, then T=Z1, Z1=(X1Z2+X2Z1)2, X1=xZ1+X1X2TZ2
T=X2, X2=X2 4+bZ2 4, Z2=T2Z2 2;
Step 7:If ki=0, then T=Z2, Z2=(X1Z2+X2Z1)2, X2=xZ2+X1X2TZ1;
T=X1, X1=X1 4+bZ1 4, Z1=T2Z1 2;
Step 8:x3=X1/Z1;
Step 9:y3=(x+X1/Z1)[(X1+xZ1)(X2+xZ2)+(x2+y)(Z1Z2)](xZ1Z2)-1+y;
Step 10:Return to [k] P=(x3, y3)。
3. encrypt message using public key encryption algorithm in the SM2 ellipse curve public key cipher algorithms under a kind of binary field F2m
Implementation method, it is characterised in that comprise the following steps:
Step 1:User A initial data is inputted, including:Systematic parameter a, b of elliptic curve, basic point G, public key PB, basic point G's
Rank n, n cofactor h, message M to be encrypted (M length is klen bits);
Step 2:Pass through random number generation module generation 1 to the random number k in the range of (n-1);
Step 3:Elliptic curve point C is calculated by point multiplication operation module1=[k] G=(x1, y1);
Step 4:By Bit String modular converter by elliptic curve point C1Be converted to Bit String C1;
Step 5:Elliptic curve point S=[h] P is calculated by point multiplication operation moduleB;
Step 6:Examine whether S=0 sets up, report an error and exit if setting up, step 7 is performed if invalid;
Step 7:[k] P is calculated by point multiplication operation moduleB=(x2, y2);
Step 8:By Bit String modular converter by point (x2, y2) be converted to corresponding Bit String;
Step 9:Splice Bit String x2And y2, obtain Bit String x2||y2;
Step 10:By Bit String x2||y2Key derivation module is input to integer k len, obtains the key data that length is klen
Bit String t;
Step 11:Examine t whether be all 0 Bit String, if then return to step two, if otherwise performing step 12;
Step 12:Calculated by XOR module
Step 13:Splice Bit String x2, M and y2, obtain Bit String x2||M||y2;
Step 14:By cryptographic Hash computing module to Bit String x2||M||y2Cryptographic Hash computing is carried out, obtains Hash Value C3;
Step 15:Splice Bit String C1、C2And C3, obtain ciphertext C=C1||C2||C3。
4. implementation method as claimed in claim 3, it is characterised in that:The point multiplication operation is that elliptic curve first is converted into mark
After elliptic curve under quasi- projection coordinate, then with Montgomery (Montgomery) Algorithm for Scalar Multiplication carry out point multiplication operation, specifically
Step is as follows:
Step 1:Input k=(kl-1... k1, k0)2, wherein kl-1=1, P=(x, y) ∈ E (F2m);
Step 2:By the non-supersingular elliptic curve equation y under binary field F2m2+ xy=x3+ax2+ b is converted to standard projection
Equation Y under coordinate2Z+XYZ=X3+aX2Z+bZ3;
Step 3:X1=x, Z1=1, (X1, Z1) be point P coordinate;
Step 4:X2=x4+ b, Z2=x2, (X2, Z2) be point 2P coordinate
Step 5:For i from 1-2 to 0, repeat:
Step 6:If ki=1, then T=Z1, Z1=(X1Z2+X2Z1)2, X1=xZ1+X1X2TZ2
T=X2, X2=X2 4+bZ2 4, Z2=T2Z2 2;
Step 7:If ki=0, then T=Z2, Z2=(X1Z2+X2Z1)2, X2=xZ2+X1X2TZ1;
T=X1, X1=X1 4+bZ1 4, Z1=T2Z1 2;
Step 8:x3=X1/Z1;
Step 9:y3=(x+X1/Z1)[(X1+xZ1)(X2+xZ2)+(x2+y)(Z1Z2)](xZ1Z2)-1+y;
Step 10:Return to [k] P=(x3, y3)。
5. decrypt ciphertext using public key encryption algorithm in the SM2 ellipse curve public key cipher algorithms under a kind of binary field F2m
Implementation method, it is characterised in that comprise the following steps:
Step 1:User B initial data is inputted, including:Systematic parameter a, b of elliptic curve, basic point G, private key dB, basic point G's
Rank n, n cofactor h, ciphertext C=C to be decrypted1||C2||C3, C length is klen bits;
Step 2:Bit String C is taken out from ciphertext C1;
Step 3:By Bit String modular converter by Bit String C1Be converted to point C1;
Step 4:Check point C1Whether meet elliptic curve equation, report an error and exit if being unsatisfactory for, step is performed if meeting
Five;
Step 5:Elliptic curve point S '=[h] C is calculated by point multiplication operation module1;
Step 6:Examine whether S '=0 sets up, report an error and exit if setting up, step 7 is performed if invalid;
Step 7:[d is calculated by point multiplication operation moduleB]C1=(x2', y2’);
Step 8:By Bit String modular converter by coordinate x2' and y2' be converted to corresponding Bit String;
Step 9:Splice Bit String x2' and y2', obtain Bit String x2’||y2’;
Step 10:By Bit String x2’||y2' and integer k len be input to key derivation module, obtain length be klen cipher key number
According to Bit String t ';
Step 11:Examine t ' whether be all 0 Bit String, if then reporting an error and exiting, if otherwise performing step 12;
Step 12:Bit String C is taken out from ciphertext C2, calculated by XOR module
Step 13:Splice Bit String x2', M ' and y2', obtain Bit String x2’||M’||y2’;
Step 14:By cryptographic Hash module to Bit String x2’||M’||y2' cryptographic Hash computing is carried out, obtain Hash Value u;
Step 15:Bit String C is taken out from ciphertext C3;
Step 10 six:Examine u=C3Whether set up, report an error and exit if invalid, step 10 seven is performed if setting up;
Step 10 seven:Plaintext M after output decryption '.
6. implementation method as claimed in claim 5, it is characterised in that:The point multiplication operation is that elliptic curve first is converted into mark
After elliptic curve under quasi- projection coordinate, then with Montgomery (Montgomery) Algorithm for Scalar Multiplication carry out point multiplication operation, specifically
Step is as follows:
Step 1:Input k=(kl-1... k1, k0)2, wherein kl-1=1, P=(x, y) ∈ E (F2m);
Step 2:By the non-supersingular elliptic curve equation y under binary field F2m2+ xy=x3+ax2+ b is converted to standard projection
Equation Y under coordinate2Z+XYZ=X3+aX2Z+bZ3;
Step 3:X1=x, Z1=1, (X1, Z1) be point P coordinate;
Step 4:X2=x4+ b, Z2=x2, (X2, Z2) be point 2P coordinate
Step 5:For i from 1-2 to 0, repeat:
Step 6:If ki=1, then T=Z1, Z1=(X1Z2+X2Z1)2, X1=xZ1+X1X2TZ2
T=X2, X2=X2 4+bZ2 4, Z2=T2Z2 2;
Step 7:If ki=0, then T=Z2, Z2=(X1Z2+X2Z1)2, X2=xZ2+X1X2TZ1;
T=X1, X1=X1 4+bZ1 4, Z1=T2Z1 2;
Step 8:x3=X1/Z1;
Step 9:y3=(x+X1/Z1)[(X1+xZ1)(X2+xZ2)+(x2+y)(Z1Z2)](xZ1Z2)-1+y;
Step 10:Return to [k] P=(x3, y3)。
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710481583.8A CN107425968A (en) | 2017-06-22 | 2017-06-22 | A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710481583.8A CN107425968A (en) | 2017-06-22 | 2017-06-22 | A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107425968A true CN107425968A (en) | 2017-12-01 |
Family
ID=60426066
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710481583.8A Pending CN107425968A (en) | 2017-06-22 | 2017-06-22 | A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107425968A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108667623A (en) * | 2018-05-28 | 2018-10-16 | 广东工业大学 | A kind of SM2 ellipse curve signatures verification algorithm |
| CN110752931A (en) * | 2019-10-16 | 2020-02-04 | 浙江双成电气有限公司 | SM2 elliptic curve public key cryptosystem optimization method |
| CN111274613A (en) * | 2020-01-20 | 2020-06-12 | 广州安研信息科技有限公司 | Iterative SM2 digital signature generation method, system, medium, and apparatus |
| CN111614465A (en) * | 2020-05-15 | 2020-09-01 | 南京大学 | Public key generation method and device based on super-singular homologous secret key encapsulation protocol |
| CN113141247A (en) * | 2021-04-25 | 2021-07-20 | 重庆都会信息科技有限公司 | Homomorphic encryption method, device and system and readable storage medium |
| CN113489721A (en) * | 2021-07-05 | 2021-10-08 | 北京理工大学 | Encryption and decryption method and encryption and decryption system based on diesel engine data |
| CN114465735A (en) * | 2022-04-12 | 2022-05-10 | 北京象帝先计算技术有限公司 | Signature checking system, electronic device, electronic equipment and signature checking method |
| CN114531241A (en) * | 2022-04-22 | 2022-05-24 | 北京智芯微电子科技有限公司 | Data encryption method and device, electronic equipment using data encryption method and storage medium |
| CN114895870A (en) * | 2022-04-29 | 2022-08-12 | 中国人民解放军93216部队 | Efficient reconfigurable SM2 dot product method and system based on FPGA |
| CN117196653A (en) * | 2023-08-29 | 2023-12-08 | 中山大学 | Provider evaluation traceable collaborative management method and device based on alliance chain |
| CN117811737A (en) * | 2023-12-29 | 2024-04-02 | 北京海泰方圆科技股份有限公司 | Data processing method and device and electronic equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060045262A1 (en) * | 2004-08-24 | 2006-03-02 | Gerardo Orlando | Reliable elliptic curve cryptography computation |
| CN102306091A (en) * | 2011-07-08 | 2012-01-04 | 西安电子科技大学 | Method for rapidly implementing elliptic curve point multiplication hardware |
| CN103903047A (en) * | 2014-03-27 | 2014-07-02 | 华中科技大学 | Elliptic curve encryption coprocessor suitable for RFID security communication |
| CN103929305A (en) * | 2013-01-16 | 2014-07-16 | 上海华虹集成电路有限责任公司 | SM2 signature algorithm implementation method |
| US9449198B1 (en) * | 2009-03-05 | 2016-09-20 | Marvell International Ltd. | Prime field elliptic cryptography processor |
-
2017
- 2017-06-22 CN CN201710481583.8A patent/CN107425968A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060045262A1 (en) * | 2004-08-24 | 2006-03-02 | Gerardo Orlando | Reliable elliptic curve cryptography computation |
| US9449198B1 (en) * | 2009-03-05 | 2016-09-20 | Marvell International Ltd. | Prime field elliptic cryptography processor |
| CN102306091A (en) * | 2011-07-08 | 2012-01-04 | 西安电子科技大学 | Method for rapidly implementing elliptic curve point multiplication hardware |
| CN103929305A (en) * | 2013-01-16 | 2014-07-16 | 上海华虹集成电路有限责任公司 | SM2 signature algorithm implementation method |
| CN103903047A (en) * | 2014-03-27 | 2014-07-02 | 华中科技大学 | Elliptic curve encryption coprocessor suitable for RFID security communication |
Non-Patent Citations (2)
| Title |
|---|
| JULIO LÓPEZ和RICARDO DAHAB: "Fast Multiplication on Elliptic Curves over GF(2m) without Precomputation", 《CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS. CHES 1999. LECTURE NOTES IN COMPUTER SCIENCE》 * |
| 国密局: "SM2椭圆曲线公钥密码算法", 《国密局公告21号》 * |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108667623B (en) * | 2018-05-28 | 2021-10-19 | 广东工业大学 | SM2 elliptic curve signature verification algorithm |
| CN108667623A (en) * | 2018-05-28 | 2018-10-16 | 广东工业大学 | A kind of SM2 ellipse curve signatures verification algorithm |
| CN110752931A (en) * | 2019-10-16 | 2020-02-04 | 浙江双成电气有限公司 | SM2 elliptic curve public key cryptosystem optimization method |
| CN110752931B (en) * | 2019-10-16 | 2022-10-14 | 浙江双成电气有限公司 | SM2 elliptic curve public key cryptosystem optimization method |
| CN111274613A (en) * | 2020-01-20 | 2020-06-12 | 广州安研信息科技有限公司 | Iterative SM2 digital signature generation method, system, medium, and apparatus |
| CN111614465A (en) * | 2020-05-15 | 2020-09-01 | 南京大学 | Public key generation method and device based on super-singular homologous secret key encapsulation protocol |
| CN113141247A (en) * | 2021-04-25 | 2021-07-20 | 重庆都会信息科技有限公司 | Homomorphic encryption method, device and system and readable storage medium |
| CN113141247B (en) * | 2021-04-25 | 2023-07-04 | 重庆都会信息科技有限公司 | Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium |
| CN113489721A (en) * | 2021-07-05 | 2021-10-08 | 北京理工大学 | Encryption and decryption method and encryption and decryption system based on diesel engine data |
| CN114465735A (en) * | 2022-04-12 | 2022-05-10 | 北京象帝先计算技术有限公司 | Signature checking system, electronic device, electronic equipment and signature checking method |
| CN114465735B (en) * | 2022-04-12 | 2022-06-17 | 北京象帝先计算技术有限公司 | Signature checking system, electronic device, electronic equipment and signature checking method |
| CN114531241A (en) * | 2022-04-22 | 2022-05-24 | 北京智芯微电子科技有限公司 | Data encryption method and device, electronic equipment using data encryption method and storage medium |
| CN114531241B (en) * | 2022-04-22 | 2022-08-30 | 北京智芯微电子科技有限公司 | Data encryption method and device, electronic equipment using data encryption method and storage medium |
| CN114895870A (en) * | 2022-04-29 | 2022-08-12 | 中国人民解放军93216部队 | Efficient reconfigurable SM2 dot product method and system based on FPGA |
| CN114895870B (en) * | 2022-04-29 | 2022-11-25 | 中国人民解放军93216部队 | Efficient reconfigurable SM2 dot multiplication method and system based on FPGA |
| CN117196653A (en) * | 2023-08-29 | 2023-12-08 | 中山大学 | Provider evaluation traceable collaborative management method and device based on alliance chain |
| CN117811737A (en) * | 2023-12-29 | 2024-04-02 | 北京海泰方圆科技股份有限公司 | Data processing method and device and electronic equipment |
| CN117811737B (en) * | 2023-12-29 | 2024-09-17 | 北京海泰方圆科技股份有限公司 | Data processing method and device and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107425968A (en) | A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system | |
| CN101420300B (en) | Double factor combined public key generating and authenticating method | |
| CN109088726B (en) | SM2 algorithm-based collaborative signing and decrypting method and system for two communication parties | |
| CN111314089B (en) | SM 2-based two-party collaborative signature method and decryption method | |
| CN102761413B (en) | Implementation system of p-element domain SM2 elliptic curve public key cryptographic algorithm | |
| CN104270247B (en) | Suitable for the efficient general Hash functions authentication method of quantum cryptography system | |
| CN111106936A (en) | SM 9-based attribute encryption method and system | |
| CN101262341A (en) | A mixed encryption method in session system | |
| CN113297633B (en) | Quantum digital signature method | |
| CN113711564A (en) | Computer-implemented method and system for encrypting data | |
| CN113141247B (en) | Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium | |
| CN113285959A (en) | Mail encryption method, decryption method and encryption and decryption system | |
| CN114172651B (en) | SM9 public key encryption algorithm and decryption algorithm GPU acceleration implementation method | |
| CN112187461A (en) | Weapon equipment data hybrid encryption method based on encryption algorithm | |
| CN102761412A (en) | P-element domain SM2 elliptic curve public key encryption, decryption and encryption-decryption hybrid system | |
| CN113300856A (en) | Heterogeneous mixed signcryption method capable of proving safety | |
| CN107294720A (en) | A kind of system for implementing hardware of SM2 elliptic curve public key cryptographic algorithms under prime field Fp | |
| WO2014030706A1 (en) | Encrypted database system, client device and server, method and program for adding encrypted data | |
| CN107465508A (en) | A kind of method, system and the equipment of software and hardware combining construction true random number | |
| Rajasekar et al. | Introduction to classical cryptography | |
| Choudhary et al. | A comparative analysis of cryptographic keys and security | |
| CN107896149A (en) | 128 symmetric encryption methods based on three group operationes | |
| US20040039918A1 (en) | Secure approach to send data from one system to another | |
| CN108494556A (en) | A kind of method of efficient RSA Algorithm encrypting metadata file | |
| JP2004246350A (en) | Enciphering device, deciphering device, enciphering system equipped with the same, enciphering method, and deciphering method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171201 |
|
| RJ01 | Rejection of invention patent application after publication |