CN113343259A - Joint signature realization method and device based on SM2, electronic equipment and storage medium - Google Patents

Joint signature realization method and device based on SM2, electronic equipment and storage medium Download PDF

Info

Publication number
CN113343259A
CN113343259A CN202110673626.9A CN202110673626A CN113343259A CN 113343259 A CN113343259 A CN 113343259A CN 202110673626 A CN202110673626 A CN 202110673626A CN 113343259 A CN113343259 A CN 113343259A
Authority
CN
China
Prior art keywords
register
data
random number
coprocessor
operation according
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110673626.9A
Other languages
Chinese (zh)
Other versions
CN113343259B (en
Inventor
王亚伟
李会同
唐艳明
张文婧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Hongsi Electronic Technology Co ltd
Original Assignee
Beijing Hongsi Electronic Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Hongsi Electronic Technology Co ltd filed Critical Beijing Hongsi Electronic Technology Co ltd
Priority to CN202110673626.9A priority Critical patent/CN113343259B/en
Publication of CN113343259A publication Critical patent/CN113343259A/en
Application granted granted Critical
Publication of CN113343259B publication Critical patent/CN113343259B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The present application relates to the field of information security technologies, and in particular, to a method and an apparatus for implementing a joint signature based on SM2, an electronic device, and a storage medium. In the application, the joint signature based on the SM2 protocol is realized, and the devices at two ends do not need to disclose any private key to the device at the opposite end, so that the safety of the joint signature is improved.

Description

Joint signature realization method and device based on SM2, electronic equipment and storage medium
Technical Field
The present application relates to the field of information security technologies, and in particular, to a method and an apparatus for implementing a joint signature based on SM2, an electronic device, and a storage medium.
Background
Currently, with the development of science and technology, the internet and 5G technology are also in rapid development, and the traditional single device for signing data is ubiquitous. However, as a large number of internet of things devices exist in the internet, the existing way of performing data signature by a single device cannot meet certain specific scene requirements, and therefore how to implement simultaneous authorization of multiple devices to complete data signature becomes a technical problem which needs to be solved at present.
Disclosure of Invention
The application provides a joint signature realization method and device based on SM2, an electronic device and a storage medium, so as to realize joint signature of at least two devices.
In a first aspect, a joint signature implementation method based on SM2 is provided, which is applied to a coprocessor including a first coprocessor and a second coprocessor, and includes the following steps:
step S1, the first coprocessor generates a first random number, performs dot product operation according to the first random number to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
the second coprocessor generates a second random number, performs dot product operation according to the second random number to obtain second coordinate data, and stores the second random number and the second coordinate data into a second register;
step S2, the first coprocessor receives the data in the second register sent by the second coprocessor, performs a dot-and-add operation according to the data in the first register and the data in the second register, and stores an obtained operation result in a third register;
the second coprocessor receives the data in the first register sent by the first coprocessor, performs point addition operation according to the data in the first register and the data in the second register, and stores an obtained operation result in a fourth register;
step S3, the first coprocessor performs an operation according to the data in the third register and the data to be signed to obtain a first part of a signature value, and stores the obtained first part of the signature value in a fifth register;
the second coprocessor carries out operation according to the data in the fourth register and the data to be signed to obtain a first part of a signature value, and the obtained first part of the signature value is stored in a sixth register;
step S4, the first coprocessor performs an operation according to the third random number in the thirteenth register, and data in the first register and the fifth register, and stores an obtained operation result in the seventh register;
the second coprocessor carries out operation according to a fourth random number in the fourteenth register and data in the second register and the sixth register, and stores an obtained operation result into the eighth register;
step S5, the first coprocessor receives the data in the eighth register sent by the second coprocessor, performs an operation according to the third random number in the thirteenth register and the data in the eighth register, and stores an obtained operation result in a ninth register;
the second coprocessor receives the data in the seventh register sent by the first coprocessor, performs operation according to a fourth random number in the fourteenth register and the data in the seventh register, and stores an obtained operation result in a tenth register;
step S6, the first coprocessor receives the data in the tenth register sent by the second coprocessor, performs an operation according to the data in the fifth register, the ninth register, and the tenth register, and stores an obtained operation result in an eleventh register; calculating according to the data in the eleventh register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a fifth register; outputting the signature value in the fifth register; or the like, or, alternatively,
the second coprocessor receives the data in the ninth register sent by the first coprocessor, performs operation according to the data in the sixth register, the ninth register and the tenth register, and stores an obtained operation result in a twelfth register; calculating according to the data in the twelfth register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a sixth register; outputting the signature value in the sixth register.
In one possible implementation, the step S1 includes:
the first coprocessor generates a first random number, performs dot product operation according to the first random number and preset third coordinate data to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
and the second coprocessor generates a second random number, performs dot product operation according to the second random number and preset third coordinate data to obtain second coordinate data, and stores the second random number and the second coordinate data into a second register.
In one possible implementation, the step S2 includes:
the first coprocessor receives data in the second register sent by the second coprocessor, performs point addition operation according to first coordinate data in the first register and second coordinate data in the second register, and stores obtained fourth coordinate data in a third register;
and the second coprocessor receives the data in the first register sent by the first coprocessor, performs point addition operation according to the data in the first register and the data in the second register, and stores an obtained operation result in a fourth register.
In one possible implementation manner, before the step S1, the method further includes:
step S10, the first coprocessor generates a third random number, and stores the third random number in the thirteenth register;
the second coprocessor generates a fourth random number and stores the fourth random number into the fourteenth register;
step S11, the first coprocessor receives the fourth random number sent by the second coprocessor, performs an operation according to the third random number, the fourth random number, and preset third coordinate data to obtain a public key, and stores the obtained public key in the thirteenth register, so as to perform signature verification processing on a signature value according to the public key; or the like, or, alternatively,
and the second coprocessor receives the third random number sent by the first coprocessor, performs operation according to the third random number, the fourth random number and preset third coordinate data to obtain a public key, and stores the obtained public key into a fourteenth register so as to perform signature verification processing on a signature value according to the public key.
In a second aspect, an apparatus for implementing joint signature based on SM2 is provided, including:
the first processing module is used for generating a first random number, performing dot product operation according to the first random number to obtain first coordinate data, and storing the first random number and the first coordinate data into a first register;
the second processing module is used for generating a second random number, performing dot product operation according to the second random number to obtain second coordinate data, and storing the second random number and the second coordinate data into a second register;
the third processing module is used for receiving the data in the second register sent by the second processing module, performing point addition operation according to the data in the first register and the data in the second register, and storing an obtained operation result into a third register;
the fourth processing module is used for receiving the data in the first register sent by the first processing module, performing point addition operation according to the data in the first register and the data in the second register, and storing an obtained operation result into a fourth register;
the fifth processing module is used for carrying out operation according to the data in the third register and the data to be signed to obtain a first part of a signature value and storing the obtained first part of the signature value into a fifth register;
the sixth processing module is used for performing operation according to the data in the fourth register and the data to be signed to obtain a first part of a signature value and storing the obtained first part of the signature value into the sixth register;
the seventh processing module is used for performing operation according to the third random number in the thirteenth register and the data in the first register and the fifth register, and storing an obtained operation result into the seventh register;
the eighth processing module is used for performing operation according to a fourth random number in the fourteenth register, the data in the second register and the data in the sixth register, and storing an obtained operation result into the eighth register;
a ninth processing module, configured to receive the data in the eighth register sent by the eighth processing module, perform an operation according to the third random number in the thirteenth register and the data in the eighth register, and store an obtained operation result in a ninth register;
a tenth processing module, configured to receive the data in the seventh register sent by the seventh processing module, perform an operation according to a fourth random number in the fourteenth register and the data in the seventh register, and store an obtained operation result in a tenth register;
the eleventh processing module is configured to receive the data in the tenth register sent by the tenth processing module, perform operation according to the data in the fifth register, the ninth register, and the tenth register, and store an obtained operation result in the eleventh register; calculating according to the data in the eleventh register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a fifth register; outputting the signature value in the fifth register; or, receiving the data in the ninth register sent by the ninth processing module, performing operation according to the data in the sixth register, the ninth register and the tenth register, and storing an obtained operation result in a twelfth register; calculating according to the data in the twelfth register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a sixth register; and outputting the signature value in the sixth register.
In one possible implementation of the method of the invention,
the first processing module is used for generating a first random number, performing dot product operation according to the first random number and preset third coordinate data to obtain first coordinate data, and storing the first random number and the first coordinate data into a first register;
the second processing module is configured to generate a second random number, perform a dot product operation according to the second random number and preset third coordinate data to obtain second coordinate data, and store the second random number and the second coordinate data in a second register.
In one possible implementation of the method of the invention,
the third processing module is configured to receive the data in the second register sent by the second processing module, perform a dot-and-add operation according to the first coordinate data in the first register and the second coordinate data in the second register, and store the obtained fourth coordinate data in a third register;
and the fourth processing module is configured to receive the data in the first register sent by the first processing module, perform a dot-and-add operation according to the first coordinate data in the first register and the second coordinate data in the second register, and store the obtained fourth coordinate data in a fourth register.
In one possible implementation, the method further includes:
a twelfth processing module, configured to generate a third random number, and store the third random number in the thirteenth register;
a thirteenth processing module, configured to generate a fourth random number, and store the fourth random number in the fourteenth register;
a fourteenth processing module, configured to receive the fourth random number sent by the thirteenth processing module, perform operation according to the third random number, the fourth random number, and preset third coordinate data to obtain a public key, store the obtained public key in the thirteenth register, and perform signature verification processing on a signature value according to the public key; or, receiving a third random number sent by the twelfth processing module, performing operation according to the third random number, the fourth random number and preset third coordinate data to obtain a public key, and storing the obtained public key in a fourteenth register so as to perform signature verification processing on a signature value according to the public key.
In a third aspect, an electronic device is provided, including: a processor and a memory;
the memory for storing a computer program;
the processor is configured to execute the function of the first coprocessor in the above joint signature implementation method based on SM2 by calling the computer program.
In a fourth aspect, an electronic device is provided, comprising: a processor and a memory;
the memory for storing a computer program;
the processor is configured to execute the function of the second coprocessor in the above joint signature implementation method based on SM2 by calling the computer program.
In a fifth aspect, a computer-readable storage medium is provided, which is used for storing a computer program, which when run on a computer, enables the computer to perform the functions of the first coprocessor or the second coprocessor in the above-mentioned joint signature implementation method based on SM 2.
By means of the technical scheme, the technical scheme provided by the application at least has the following advantages:
in the application, through the scheme, the combined signature based on the SM2 protocol is realized, and the devices at two ends do not need to disclose any private key to the device at the opposite end, so that the safety of the combined signature is improved, and the corresponding signature verification processing can be realized for any party acquiring the public key.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the embodiments of the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a schematic flowchart of a joint signature implementation method based on SM2 provided in the present application;
fig. 2 is a schematic processing flow diagram of one possible implementation manner of the joint signature implementation method based on SM2 provided in the present application;
fig. 3 is a schematic structural diagram of a joint signature implementation apparatus based on SM2 provided in the present application;
fig. 4 is a schematic structural diagram of an electronic device of the joint signature implementation method based on SM2 provided in the present application.
Detailed Description
The present application provides a method, an apparatus, an electronic device, and a storage medium for implementing a joint signature based on SM2, and the following describes in detail embodiments of the present application with reference to the accompanying drawings.
Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present application.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
It will be understood by those within the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments.
As for the joint signature process based on the SM2 protocol in the technical solution of the present application, as the name implies, joint signature of at least two devices is performed, and therefore, the signature value output process in the technical solution needs to be participated in by the at least two devices together; in the present application, two devices, a device and B device, are explained. Of course, the signature process that at least two devices participate together may be the device a to perform the signature process, and the device B provides corresponding data support; or B device to make signature process, A device provides corresponding data support; it is also possible that the a device and the B device participate together and perform the entire signing process together.
In the following application, the elliptic curve parameters of SM2 are involved in the process of performing joint signature based on SM2 protocol, including: third coordinate data G (G)x,Gy) A first preset value n and first coordinate data Q1Second coordinate data Q2And fourth coordinate data Q4And a first random number k generated in the signature process1A second random number k2A third random number d1And a fourth random number d2Data e is yet to be signed.
Based on the above parameters, as shown in fig. 1, a flowchart of a method for implementing a joint signature based on SM2 provided by the present application is applied to a coprocessor including a first coprocessor and a second coprocessor, and includes the following steps:
step S1, the first coprocessor generates a first random number, performs dot product operation according to the first random number to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
the second coprocessor generates a second random number, performs dot product operation according to the second random number to obtain second coordinate data, and stores the second random number and the second coordinate data into a second register;
step S2, the first coprocessor receives the data in the second register sent by the second coprocessor, performs a dot-and-add operation according to the data in the first register and the data in the second register, and stores an obtained operation result in a third register;
the second coprocessor receives the data in the first register sent by the first coprocessor, performs point addition operation according to the data in the first register and the data in the second register, and stores an obtained operation result in a fourth register;
step S3, the first coprocessor performs an operation according to the data in the third register and the data to be signed to obtain a first part of a signature value, and stores the obtained first part of the signature value in a fifth register;
the second coprocessor carries out operation according to the data in the fourth register and the data to be signed to obtain a first part of a signature value, and the obtained first part of the signature value is stored in a sixth register;
step S4, the first coprocessor performs an operation according to the third random number in the thirteenth register, and data in the first register and the fifth register, and stores an obtained operation result in the seventh register;
the second coprocessor carries out operation according to a fourth random number in the fourteenth register and data in the second register and the sixth register, and stores an obtained operation result into the eighth register;
step S5, the first coprocessor receives the data in the eighth register sent by the second coprocessor, performs an operation according to the third random number in the thirteenth register and the data in the eighth register, and stores an obtained operation result in a ninth register;
the second coprocessor receives the data in the seventh register sent by the first coprocessor, performs operation according to a fourth random number in the fourteenth register and the data in the seventh register, and stores an obtained operation result in a tenth register;
step S6, the first coprocessor receives the data in the tenth register sent by the second coprocessor, performs an operation according to the data in the fifth register, the ninth register, and the tenth register, and stores an obtained operation result in an eleventh register; calculating according to the data in the eleventh register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a fifth register; outputting the signature value in the fifth register; or the like, or, alternatively,
the second coprocessor receives the data in the ninth register sent by the first coprocessor, performs operation according to the data in the sixth register, the ninth register and the tenth register, and stores an obtained operation result in a twelfth register; calculating according to the data in the twelfth register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a sixth register; outputting the signature value in the sixth register.
In the application, through the scheme, the combined signature based on the SM2 protocol is realized, and the devices at two ends do not need to disclose any private key to the device at the opposite end, so that the safety of the combined signature is improved, and the corresponding signature verification processing can be realized for any party acquiring the public key.
Based on the above technical solution provided by the present application, the following explains the technical solution in detail, as shown in fig. 2, which is a processing flow chart of one possible implementation manner of the joint signature implementation method based on SM2 provided by the present application.
Step S21, the coprocessor generates a first random number and a second random number, performs a dot-product operation according to the first random number to obtain first coordinate data, performs a dot-product operation according to the second random number to obtain second coordinate data, and stores the first random number and the first coordinate data in the first register and the second random number and the second coordinate data in the second register.
In one possible implementation, the step S21 includes:
the coprocessor generates a first random number, performs dot product operation according to the first random number and preset third coordinate data to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
in a specific embodiment, since processing at the corresponding of the a device and the B device is involved, in this specific embodiment, the coprocessors are divided into a first coprocessor and a second coprocessor, and processing at the a device is performed by using the first coprocessor, and processing at the B device is performed by using the second coprocessor.
Specifically, the first coprocessor generates a first random number k at the A device1According to k1And third coordinate data G (G)x,Gy) Performing dot product operation to obtain first coordinate data Q1The first random number k1And first coordinate data Q1Storing the data into a first register;
the coprocessor generates a second random number, performs point multiplication operation according to the second random number and preset third coordinate data to obtain second coordinate data, and stores the second random number and the second coordinate data into a second register;
in particular, the second coprocessor generates a second random number k at the B device2According to k2And third coordinate data G (G)x,Gy) Performing dot product operation to obtain second coordinate data Q2Second random number k2And second coordinate data Q2And storing the data in a second register.
And step S22, the coprocessor performs a dot-and-add operation according to the data in the first register and the data in the second register, and stores the obtained operation result into the third register and the fourth register.
In one possible implementation, step S22 includes:
and the coprocessor performs point addition operation according to the first coordinate data in the first register and the second coordinate data in the second register to obtain fourth coordinate data, and stores the fourth coordinate data into the third register and the fourth register.
Specifically, the first coprocessor obtains second coordinate data Q of the B device at the A device2Based on the first coordinate data Q in the first register1And the obtained second coordinate data Q2Performing a dot-and-add operation to obtain fourth coordinate data Q (x, y), and storing the fourth coordinate data Q (x, y) into a third register;
the second coprocessor obtains the first coordinate data Q of the A device at the B device1Based on the second coordinate data Q in the second register2And the obtained first coordinate data Q1And performing dot addition operation to obtain fourth coordinate data Q (x, y), and storing the fourth coordinate data Q (x, y) into a fourth register.
And step S23, the coprocessor carries out operation according to the data in the third register and the fourth register and the data to be signed to obtain a first part of the signature value, and the obtained first part of the signature value is stored in the fifth register and the sixth register.
In one possible implementation, step S23 includes:
the coprocessor performs point addition operation according to the data in the third register and the data to be signed, and stores the first part of the obtained signature value into a fifth register;
and the coprocessor performs point addition operation according to the data in the fourth register and the data to be signed, and stores the first part of the obtained signature value into the sixth register.
Specifically, the first coprocessor performs a point addition operation on the device A according to an x coordinate value of fourth coordinate data Q in the third register and data e to be signed to obtain a first signature value part r, and stores the first signature value part r in the fifth register;
performing point addition operation on the B equipment by the second coprocessor according to an x coordinate value of fourth coordinate data Q in a fourth register and the data e to be signed to obtain a first signature value part r, and storing the first signature value part r into a sixth register;
if r is 0, the signature fails, and an error notification message is returned; the signature value first part r stored in the fifth register and the sixth register is the same.
Step S24, the coprocessor performs an operation according to the third random number in the thirteenth register, the fourth random number in the fourteenth register, and data in the first register, the second register, the fifth register, and the sixth register, and stores the obtained operation result in the seventh register and the eighth register.
In one possible implementation, step S4 includes:
the coprocessor carries out operation according to the third random number in the thirteenth register, the data in the first register and the data in the fifth register, and stores an obtained operation result into the seventh register;
and the coprocessor carries out operation according to the fourth random number in the fourteenth register, the data in the second register and the data in the sixth register, and stores the obtained operation result into the eighth register.
In particular, the first coprocessor is in the a device dependent on the third random number d in the thirteenth register1A first random number k in a first register1And a first part r of the signature value in a fifth register to obtain a first calculation value S'1The obtained first calculation value S'1And storing the data into a seventh register, specifically:
S′1=2(1+d1)-1*k1+(1+d1)-1*r
the second coprocessor is in B device according to the fourth random number d in the fourteenth register2A second random number k in a second register2And the first part r of the signature value in the sixth register are calculated to obtain a second calculation value S'2And obtaining a second calculation value S'2And storing the data into an eighth register, specifically:
S′2=2(1+d2)-1*k2+(1+d2)-1*r
step S25, the coprocessor performs an operation according to the third random number in the thirteenth register, the fourth random number in the fourteenth register, and the data in the seventh register and the eighth register, and stores the obtained operation result in the ninth register and the tenth register.
In one possible implementation, the first coprocessor obtains the second operation value S 'of the device B in the eighth register at the device a'2From the second calculated value S'2And a third random number d1Operating to obtain a third operation value S ″1The obtained third operation value S ″, then1And storing the data into a ninth register, specifically:
S″1=S′2*(1+d1)-1=2(1+d2)-1*(1+d1)-1*k2+(1+d1)-1*(1+d2)-1*r
=2(1+d)-1*k2+(1+d)-1*r
the second coprocessor obtains a first operation value S 'of the device A in a seventh register in the device B'1From the first calculated value S'1And the fourth random number d2 to obtain a fourth operation value S ″2The fourth operation value S ″, which is obtained2And storing the data into a tenth register, specifically:
S″2=S′1*(1+d2)-1=2(1+d2)-1*(1+d1)-1*k1+(1+d1)-1*(1+d2)-1*r=2(1+d)-1*k1+(1+d)-1*r
wherein d ═ d1+d2+d1d2
In one possible implementation, the third calculation value S ″ is performed1And a fourth arithmetic value S ″2After the operation of (1), the first coprocessor obtains a fourth operation value S' of the B device in the tenth register at the A device2The second coprocessor obtains a third operation value S' of the device A in the ninth register in the device B1
And step S26, the coprocessor carries out operation according to the data in the ninth register and the tenth register, and stores the obtained operation result into the eleventh register and the twelfth register.
In one possible implementation, step S26 includes:
the coprocessor carries out operation according to the first parts of the signature values in the ninth register, the tenth register and the fifth register and stores the obtained operation result into the eleventh register;
and the coprocessor performs operation according to the first parts of the signature values in the ninth register, the tenth register and the sixth register and stores the obtained operation result in the twelfth register.
Specifically, the fifth operation value S ″, is operated1And a sixth calculated value S ″2In the process, since the two calculation processes are the same and the result is the same, it is enough that one of the two can be arbitrarily calculated by the first coprocessor or the second coprocessor, and then:
the first coprocessor calculates the value S' according to the third operation value in the ninth register1Fourth operation value S' in tenth register2And calculating the first part r of the signature value in the fifth register to obtain a fifth calculated value S'1And obtaining a fifth calculation value S'1Storing the data into an eleventh register; alternatively, the first and second electrodes may be,
the second coprocessor calculates the value S' according to the third operation value in the ninth register1Fourth operation value S' in tenth register2And a sixth calculated value S 'is obtained by calculating the first part r of the signature value in the sixth register'2And the sixth calculated value S'2Storing the data into a twelfth register;
the method specifically comprises the following steps:
S″′2=S″′1=S″1+S″2-2r=2(1+d)-1*(k1+k2)+2(1+d)-1*r-2r=2(1+d)-1[k+r-(1+d)*r]
=2(1+d)-1*(k-dr)
and step S27, the coprocessor carries out operation according to the data in the eleventh register or the twelfth register and the first preset value to obtain a second part of the signature value, and the obtained second part of the signature value is stored in the fifth register and the sixth register.
In one possible implementation, step S27 includes:
the coprocessor carries out operation according to the data in the eleventh register and the first preset value to obtain a second part of the signature value, and the obtained second part of the signature value is stored in the fifth register;
and the coprocessor carries out operation according to the data in the twelfth register and the first preset value to obtain a second part of the signature value, and the obtained second part of the signature value is stored in the sixth register.
Specifically, the first coprocessor calculates the value S'1Calculating a first preset value n to obtain a second part s of the signature value, and storing the obtained second part of the signature value into a fifth register;
the method specifically comprises the following steps:
s=(s″′+n)/2
the operation of the second part S of the signature value is based on the fifth operation value S'1Or a sixth calculation value S'2Is the fifth operation value S 'calculated by the first coprocessor'1If yes, the first coprocessor continues to operate the second part s of the signature value; similarly, if the value is the sixth calculated value S 'calculated by the second coprocessor'2This step continues with the second coprocessor computing the second part s of the signature value.
In step S28, the coprocessor outputs the signature values in the fifth register and the sixth register to perform signature processing.
In one possible implementation, the first part r of the signature value and the second part s of the signature value resulting from the aforementioned operation are output by the first coprocessor or the second coprocessor for respective signature processing.
In this application, in one possible implementation manner, for the obtained signature value, if the signature is to be verified, a corresponding public key is also required, and the generation of the public key may be performed by the coprocessor on the device a or the device B, as in the generation of the signature value, and of course, the joint generation of the device a and the device B is required regardless of which device is used. Specifically, the generation of the public key occurs before the generation of the signature value, that is, the processing occurs before step S1, as described in step S10 to step S14 below.
In one possible implementation manner, in step S10, the coprocessor generates a third random number and a fourth random number, performs an operation according to the third random number, the fourth random number and preset third coordinate data to obtain a public key, stores the generated third random number and the obtained public key in a thirteenth register, and stores the generated fourth random number and the obtained public key in a fourteenth register, so as to perform signature verification processing on a signature value according to the public key.
In one possible implementation, the processing of step S10 may include the following processing of steps S111 to S114, specifically:
step S111, the coprocessor calculates a seventh calculation value and an eighth calculation value according to the generated third random number and the fourth random number, stores the seventh calculation value and the third random number into a thirteenth register, and stores the eighth calculation value and the fourth random number into a fourteenth register;
in particular, the first coprocessor generates a third random number d at the a device1According to the third random number d1And third coordinate data G (G)x,Gy) Calculating to obtain a seventh calculated value S1A seventh calculated value S obtained by the calculation1And a third random number d1The storage into the thirteenth register specifically includes:
S1=(d1+1)*G
the second coprocessor generates a fourth random number d in the B device2According to a fourth random number d2And third coordinate data G (G)x,Gy) Performing operation to obtain an eighth operation value S2The eighth operation value S obtained by the operation2And a fourth random number d2Is stored in the fourteenthThe register specifically includes:
S2=(d2+1)*G
in step S112, the coprocessor determines whether the calculated seventh operation value and the eighth operation value satisfy the curve equation.
Specifically, the first coprocessor obtains the eighth operation value S of the device B in the fourteenth register in the device a2And determining the eighth calculation value S2Whether the curve equation is satisfied, if so, turning to step S113; otherwise, the flow ends.
Similarly, the second coprocessor obtains the seventh operation value S of the device A in the thirteenth register at the device B1And determining the seventh calculation value S1Whether the curve equation is satisfied, if so, turning to step S113; otherwise, the flow ends.
In step S113, the coprocessor performs public key operation according to the obtained operation value.
Specifically, the first coprocessor obtains the eighth operation value S in the fourteenth register in the device a according to the obtained value2A third random number d in a thirteenth register1And third coordinate data G (G)x,Gy) Performing operation to obtain a public key pubkey (x, y), and storing the public key pubkey (x, y) in a thirteenth register, specifically:
pubkey(x,y)=(d1+1)*S2-G=[(d1+1)*(d2+1)-1]*G=(d1+d2+d1d2)*G
alternatively, the first and second electrodes may be,
the second coprocessor obtains a seventh operation value S in a thirteenth register in the B device1A fourth random number d in a fourteenth register2And third coordinate data G (G)x,Gy) Performing operation to obtain a public key pubkey (x, y), and storing the public key pubkey (x, y) in a fourteenth register, specifically:
pubkey(x,y)=(d2+1)*S1-G=[(d1+1)*(d2+1)-1]*G=(d1+d2+d1d2)*G
step S114, the coprocessor determines whether the coordinate value corresponding to the public key is an infinity point.
In one possible implementation, the first coprocessor determines, on the a device, whether the public key pubkey (x, y) in the thirteenth register is an infinity point, and if so, the public key generation fails; otherwise, the public key is successfully generated; alternatively, the first and second electrodes may be,
the second coprocessor determines whether a public key pubkey (x, y) in the fourteenth register is an infinite point on the B device, and if so, the public key is failed to generate; otherwise, the public key generation is successful.
In one possible implementation, after obtaining the public key and the signature value, the coprocessor may perform signature verification processing on the signature value at any one of the a device and the B device.
In the application, through the scheme, the combined signature based on the SM2 protocol is realized, and the devices at two ends do not need to disclose any private key to the device at the opposite end, so that the safety of the combined signature is improved, and the corresponding signature verification processing can be realized for any party acquiring the public key.
Based on the above technical solution of the joint signature implementation method based on SM2 provided by the present application, the present application correspondingly provides a schematic structural diagram of a joint signature implementation apparatus based on SM2, as shown in fig. 3, the joint signature implementation apparatus 300 based on SM2 of the present application may include:
the first processing module 301 is configured to generate a first random number, perform a dot product operation according to the first random number to obtain first coordinate data, and store the first random number and the first coordinate data in a first register;
a second processing module 302, configured to generate a second random number, perform a dot product operation according to the second random number to obtain second coordinate data, and store the second random number and the second coordinate data in a second register;
a third processing module 303, configured to receive the data in the second register sent by the second processing module 302, perform a dot-and-add operation according to the data in the first register and the data in the second register, and store an obtained operation result in a third register;
a fourth processing module 304, configured to receive the data in the first register sent by the first processing module 301, perform a dot-and-add operation according to the data in the first register and the data in the second register, and store an obtained operation result in a fourth register;
a fifth processing module 305, configured to perform an operation according to the data in the third register and the data to be signed to obtain a first part of a signature value, and store the obtained first part of the signature value in a fifth register;
a sixth processing module 306, configured to perform an operation according to the data in the fourth register and the data to be signed to obtain a first part of a signature value, and store the obtained first part of the signature value in a sixth register;
a seventh processing module 307, configured to perform an operation according to the third random number in the thirteenth register and the data in the first register and the fifth register, and store an obtained operation result in the seventh register;
an eighth processing module 308, configured to perform an operation according to a fourth random number in the fourteenth register, the data in the second register, and the data in the sixth register, and store an obtained operation result in the eighth register;
a ninth processing module 309, configured to receive the data in the eighth register sent by the eighth processing module 308, perform an operation according to the third random number in the thirteenth register and the data in the eighth register, and store an obtained operation result in the ninth register;
a tenth processing module 310, configured to receive the data in the seventh register sent by the seventh processing module 307, perform an operation according to a fourth random number in the fourteenth register and the data in the seventh register, and store an obtained operation result in a tenth register;
an eleventh processing module 311, configured to receive the data in the tenth register sent by the tenth processing module 310, perform an operation according to the data in the fifth register, the ninth register, and the tenth register, and store an obtained operation result in the eleventh register; calculating according to the data in the eleventh register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a fifth register; outputting the signature value in the fifth register; or, receiving the data in the ninth register sent by the ninth processing module, performing operation according to the data in the sixth register, the ninth register and the tenth register, and storing an obtained operation result in a twelfth register; calculating according to the data in the twelfth register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a sixth register; and outputting the signature value in the sixth register.
In one possible implementation of the method of the invention,
the first processing module 301 is configured to generate a first random number, perform a dot product operation according to the first random number and preset third coordinate data to obtain first coordinate data, and store the first random number and the first coordinate data in a first register;
the second processing module 302 is configured to generate a second random number, perform a dot product operation according to the second random number and preset third coordinate data to obtain second coordinate data, and store the second random number and the second coordinate data in a second register.
In one possible implementation of the method of the invention,
the third processing module 303 is configured to receive the data in the second register sent by the second processing module 302, perform a dot-and-add operation according to the first coordinate data in the first register and the second coordinate data in the second register, and store the obtained fourth coordinate data in a third register;
the fourth processing module 304 is configured to receive the data in the first register sent by the first processing module 301, perform a dot-and-add operation according to the first coordinate data in the first register and the second coordinate data in the second register, and store the obtained fourth coordinate data in a fourth register.
In one possible implementation of the method of the invention,
in one possible implementation, the method further includes:
a twelfth processing module 312, configured to generate a third random number, and store the third random number in the thirteenth register;
a thirteenth processing module 313, configured to generate a fourth random number, and store the fourth random number in the fourteenth register;
a fourteenth processing module 314, configured to receive the fourth random number sent by the thirteenth processing module 313, perform operation according to the third random number, the fourth random number, and preset third coordinate data to obtain a public key, and store the obtained public key in the thirteenth register, so as to perform signature verification processing on a signature value according to the public key; or, receiving the third random number sent by the twelfth processing module 312, performing an operation according to the third random number, the fourth random number, and preset third coordinate data to obtain a public key, and storing the obtained public key in a fourteenth register, so as to perform signature verification processing on the signature value according to the public key.
In the application, through the scheme, the combined signature based on the SM2 protocol is realized, and the devices at two ends do not need to disclose any private key to the device at the opposite end, so that the safety of the combined signature is improved, and the corresponding signature verification processing can be realized for any party acquiring the public key.
Referring now to FIG. 4, shown is a schematic diagram of an electronic device 400 suitable for use in implementing embodiments of the present application. The electronic device may include, but is not limited to, a mobile terminal such as a mobile phone, a notebook computer, a digital broadcast receiver, a PDA (personal digital assistant), a PAD (tablet), a PMP (portable multimedia player), a vehicle-mounted terminal (e.g., a car navigation terminal), etc., and a stationary terminal such as a digital TV, a desktop computer, etc. The electronic device shown in fig. 4 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 4, electronic device 400 may include a processing device (e.g., central processing unit, graphics processor, etc.) 401 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)402 or a program loaded from a storage device 408 into a Random Access Memory (RAM) 403. In the RAM 403, various programs and data necessary for the operation of the electronic apparatus 400 are also stored. The processing device 401, the ROM 402, and the RAM 403 are connected to each other via a bus 404. An input/output (I/O) interface 405 is also connected to bus 404.
Generally, the following devices may be connected to the I/O interface 405: input devices 406 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; an output device 407 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 408 including, for example, tape, hard disk, etc.; and a communication device 409. The communication means 409 may allow the electronic device 400 to communicate wirelessly or by wire with other devices to exchange data. While fig. 4 illustrates an electronic device 400 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided.
In particular, according to embodiments of the application, the processes described above with reference to the flow diagrams may be implemented as computer software programs. For example, embodiments of the present application include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication device 409, or from the storage device 408, or from the ROM 402. The computer program, when executed by the processing device 401, performs the above-described functions defined in the methods of the embodiments of the present application.
It should be noted that the computer readable medium mentioned above in the present application may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device.
The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: acquiring at least two internet protocol addresses; sending a node evaluation request comprising the at least two internet protocol addresses to node evaluation equipment, wherein the node evaluation equipment selects the internet protocol addresses from the at least two internet protocol addresses and returns the internet protocol addresses; receiving an internet protocol address returned by the node evaluation equipment; wherein the obtained internet protocol address indicates an edge node in the content distribution network.
Alternatively, the computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: receiving a node evaluation request comprising at least two internet protocol addresses; selecting an internet protocol address from the at least two internet protocol addresses; returning the selected internet protocol address; wherein the received internet protocol address indicates an edge node in the content distribution network.
Computer program code for carrying out operations for aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present application may be implemented by software or hardware. Where the name of a unit does not in some cases constitute a limitation of the unit itself, for example, the first retrieving unit may also be described as a "unit for retrieving at least two internet protocol addresses".
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the disclosure herein is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the disclosure. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.
The electronic device provided by the application is applicable to any embodiment of the joint signature implementation method based on the SM2, and is not described herein again.
In the application, through the scheme, the combined signature based on the SM2 protocol is realized, and the devices at two ends do not need to disclose any private key to the device at the opposite end, so that the safety of the combined signature is improved, and the corresponding signature verification processing can be realized for any party acquiring the public key.
The present application provides a computer-readable storage medium storing a computer program that causes a computer to execute the joint signature implementation method based on SM2 shown in the above embodiments.
The computer-readable storage medium provided in the present application is applicable to any embodiment of the bluetooth device connection method, and is not described herein again.
In the application, through the scheme, the combined signature based on the SM2 protocol is realized, and the devices at two ends do not need to disclose any private key to the device at the opposite end, so that the safety of the combined signature is improved, and the corresponding signature verification processing can be realized for any party acquiring the public key.
It will be understood by those within the art that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. Those skilled in the art will appreciate that the computer program instructions may be implemented by a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, implement the aspects specified in the block or blocks of the block diagrams and/or flowchart illustrations disclosed herein.
The modules of the device can be integrated into a whole or can be separately deployed. The modules can be combined into one module, and can also be further split into a plurality of sub-modules.
Those skilled in the art will appreciate that the drawings are merely schematic representations of one preferred embodiment and that the blocks or flow diagrams in the drawings are not necessarily required to practice the present application.
Those skilled in the art will appreciate that the modules in the devices in the embodiments may be distributed in the devices in the embodiments according to the description of the embodiments, and may be correspondingly changed in one or more devices different from the embodiments. The modules of the above embodiments may be combined into one module, or further split into multiple sub-modules.
The above application serial numbers are for descriptive purposes only and do not represent the merits of the embodiments.
The disclosure of the present application is only a few specific embodiments, but the present application is not limited to these, and any variations that can be made by those skilled in the art are intended to fall within the scope of the present application.

Claims (8)

1. A joint signature implementation method based on SM2 is characterized by comprising the following steps:
step S1, the first coprocessor generates a first random number, performs dot product operation according to the first random number to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
the second coprocessor generates a second random number, performs dot product operation according to the second random number to obtain second coordinate data, and stores the second random number and the second coordinate data into a second register;
step S2, the first coprocessor receives the data in the second register sent by the second coprocessor, performs a dot-and-add operation according to the data in the first register and the data in the second register, and stores an obtained operation result in a third register;
the second coprocessor receives the data in the first register sent by the first coprocessor, performs point addition operation according to the data in the first register and the data in the second register, and stores an obtained operation result in a fourth register;
step S3, the first coprocessor performs an operation according to the data in the third register and the data to be signed to obtain a first part of a signature value, and stores the obtained first part of the signature value in a fifth register;
the second coprocessor carries out operation according to the data in the fourth register and the data to be signed to obtain a first part of a signature value, and the obtained first part of the signature value is stored in a sixth register;
step S4, the first coprocessor performs an operation according to the third random number in the thirteenth register, and data in the first register and the fifth register, and stores an obtained operation result in the seventh register;
the second coprocessor carries out operation according to a fourth random number in the fourteenth register and data in the second register and the sixth register, and stores an obtained operation result into the eighth register;
step S5, the first coprocessor receives the data in the eighth register sent by the second coprocessor, performs an operation according to the third random number in the thirteenth register and the data in the eighth register, and stores an obtained operation result in a ninth register;
the second coprocessor receives the data in the seventh register sent by the first coprocessor, performs operation according to a fourth random number in the fourteenth register and the data in the seventh register, and stores an obtained operation result in a tenth register;
step S6, the first coprocessor receives the data in the tenth register sent by the second coprocessor, performs an operation according to the data in the fifth register, the ninth register, and the tenth register, and stores an obtained operation result in an eleventh register; calculating according to the data in the eleventh register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a fifth register; outputting the signature value in the fifth register; or the like, or, alternatively,
the second coprocessor receives the data in the ninth register sent by the first coprocessor, performs operation according to the data in the sixth register, the ninth register and the tenth register, and stores an obtained operation result in a twelfth register; calculating according to the data in the twelfth register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a sixth register; outputting the signature value in the sixth register.
2. The method according to claim 1, wherein the step S1 includes:
the first coprocessor generates a first random number, performs dot product operation according to the first random number and preset third coordinate data to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
and the second coprocessor generates a second random number, performs dot product operation according to the second random number and preset third coordinate data to obtain second coordinate data, and stores the second random number and the second coordinate data into a second register.
3. The method according to claim 1, wherein the step S2 includes:
the first coprocessor receives data in the second register sent by the second coprocessor, performs point addition operation according to first coordinate data in the first register and second coordinate data in the second register, and stores obtained fourth coordinate data in a third register;
and the second coprocessor receives the data in the first register sent by the first coprocessor, performs point addition operation according to the first coordinate data in the first register and the second coordinate data in the second register, and stores the obtained fourth coordinate data in a fourth register.
4. The method of claim 1, wherein step S1 is preceded by:
step S10, the first coprocessor generates a third random number, and stores the third random number in the thirteenth register;
the second coprocessor generates a fourth random number and stores the fourth random number into the fourteenth register;
step S11, the first coprocessor receives the fourth random number sent by the second coprocessor, performs an operation according to the third random number, the fourth random number, and preset third coordinate data to obtain a public key, and stores the obtained public key in the thirteenth register, so as to perform signature verification processing on a signature value according to the public key; or the like, or, alternatively,
and the second coprocessor receives the third random number sent by the first coprocessor, performs operation according to the third random number, the fourth random number and preset third coordinate data to obtain a public key, and stores the obtained public key into a fourteenth register so as to perform signature verification processing on a signature value according to the public key.
5. An SM 2-based joint signature implementation device, comprising:
the first processing module is used for generating a first random number, performing dot product operation according to the first random number to obtain first coordinate data, and storing the first random number and the first coordinate data into a first register;
the second processing module is used for generating a second random number, performing dot product operation according to the second random number to obtain second coordinate data, and storing the second random number and the second coordinate data into a second register;
the third processing module is used for receiving the data in the second register sent by the second processing module, performing point addition operation according to the data in the first register and the data in the second register, and storing an obtained operation result into a third register;
the fourth processing module is used for receiving the data in the first register sent by the first processing module, performing point addition operation according to the data in the first register and the data in the second register, and storing an obtained operation result into a fourth register;
the fifth processing module is used for carrying out operation according to the data in the third register and the data to be signed to obtain a first part of a signature value and storing the obtained first part of the signature value into a fifth register;
the sixth processing module is used for performing operation according to the data in the fourth register and the data to be signed to obtain a first part of a signature value and storing the obtained first part of the signature value into the sixth register;
the seventh processing module is used for performing operation according to the third random number in the thirteenth register and the data in the first register and the fifth register, and storing an obtained operation result into the seventh register;
the eighth processing module is used for performing operation according to a fourth random number in the fourteenth register, the data in the second register and the data in the sixth register, and storing an obtained operation result into the eighth register;
a ninth processing module, configured to receive the data in the eighth register sent by the eighth processing module, perform an operation according to the third random number in the thirteenth register and the data in the eighth register, and store an obtained operation result in a ninth register;
a tenth processing module, configured to receive the data in the seventh register sent by the seventh processing module, perform an operation according to a fourth random number in the fourteenth register and the data in the seventh register, and store an obtained operation result in a tenth register;
the eleventh processing module is configured to receive the data in the tenth register sent by the tenth processing module, perform operation according to the data in the fifth register, the ninth register, and the tenth register, and store an obtained operation result in the eleventh register; calculating according to the data in the eleventh register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a fifth register; outputting the signature value in the fifth register; or, receiving the data in the ninth register sent by the ninth processing module, performing operation according to the data in the sixth register, the ninth register and the tenth register, and storing an obtained operation result in a twelfth register; calculating according to the data in the twelfth register and the first preset value to obtain a second part of the signature value, and storing the obtained second part of the signature value into a sixth register; and outputting the signature value in the sixth register.
6. An electronic device, comprising: a processor and a memory;
the memory for storing a computer program;
the processor is configured to execute the function of the first coprocessor in the SM 2-based joint signature implementation method according to any one of the above claims 1 to 4 by calling the computer program.
7. An electronic device, comprising: a processor and a memory;
the memory for storing a computer program;
the processor is configured to execute the function of the second coprocessor in the SM 2-based joint signature implementation method according to any one of the above claims 1 to 4 by calling the computer program.
8. A computer-readable storage medium for storing a computer program which, when run on a computer, causes the computer to perform the functions of the first coprocessor or the second coprocessor in the SM 2-based joint signature implementation method of any one of the above claims 1 to 4.
CN202110673626.9A 2021-06-17 2021-06-17 SM 2-based joint signature realization method and device, electronic equipment and storage medium Active CN113343259B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110673626.9A CN113343259B (en) 2021-06-17 2021-06-17 SM 2-based joint signature realization method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110673626.9A CN113343259B (en) 2021-06-17 2021-06-17 SM 2-based joint signature realization method and device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113343259A true CN113343259A (en) 2021-09-03
CN113343259B CN113343259B (en) 2023-09-29

Family

ID=77475986

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110673626.9A Active CN113343259B (en) 2021-06-17 2021-06-17 SM 2-based joint signature realization method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113343259B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113676335A (en) * 2021-10-21 2021-11-19 飞天诚信科技股份有限公司 Method and device for realizing signature in security chip

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104243456A (en) * 2014-08-29 2014-12-24 中国科学院信息工程研究所 Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm
US20150229480A1 (en) * 2014-02-10 2015-08-13 Thomson Licensing Signing method delivering a partial signature associated with a message, threshold signing method, signature verification method, and corresponding computer program and electronic devices
CN108055136A (en) * 2017-12-22 2018-05-18 上海众人网络安全技术有限公司 Endorsement method, device, computer equipment and storage medium based on elliptic curve
CN109309569A (en) * 2018-09-29 2019-02-05 北京信安世纪科技股份有限公司 The method, apparatus and storage medium of collaboration signature based on SM2 algorithm
US20190370792A1 (en) * 2018-06-03 2019-12-05 VVOW Company Limited Peer-to-peer cryptocurrency and crypto asset trading platform
CN111064583A (en) * 2020-03-17 2020-04-24 北京信安世纪科技股份有限公司 Threshold SM2 digital signature method and device, electronic equipment and storage medium
CN111130791A (en) * 2019-12-09 2020-05-08 飞天诚信科技股份有限公司 Data signature method, electronic device and computer readable storage medium
CN111901123A (en) * 2020-07-15 2020-11-06 浙江军盾信息科技有限公司 SM2 signature generation method, storage medium and terminal
WO2021012574A1 (en) * 2019-07-24 2021-01-28 深圳壹账通智能科技有限公司 Multisignature method, signature center, medium and electronic device
CN112632630A (en) * 2019-10-08 2021-04-09 航天信息股份有限公司 SM 2-based collaborative signature calculation method and device
CN112887097A (en) * 2019-11-29 2021-06-01 航天信息股份有限公司 Signature method based on SM2 elliptic curve, related device and storage medium

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150229480A1 (en) * 2014-02-10 2015-08-13 Thomson Licensing Signing method delivering a partial signature associated with a message, threshold signing method, signature verification method, and corresponding computer program and electronic devices
CN104243456A (en) * 2014-08-29 2014-12-24 中国科学院信息工程研究所 Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm
CN108055136A (en) * 2017-12-22 2018-05-18 上海众人网络安全技术有限公司 Endorsement method, device, computer equipment and storage medium based on elliptic curve
US20190370792A1 (en) * 2018-06-03 2019-12-05 VVOW Company Limited Peer-to-peer cryptocurrency and crypto asset trading platform
CN109309569A (en) * 2018-09-29 2019-02-05 北京信安世纪科技股份有限公司 The method, apparatus and storage medium of collaboration signature based on SM2 algorithm
WO2021012574A1 (en) * 2019-07-24 2021-01-28 深圳壹账通智能科技有限公司 Multisignature method, signature center, medium and electronic device
CN112632630A (en) * 2019-10-08 2021-04-09 航天信息股份有限公司 SM 2-based collaborative signature calculation method and device
CN112887097A (en) * 2019-11-29 2021-06-01 航天信息股份有限公司 Signature method based on SM2 elliptic curve, related device and storage medium
CN111130791A (en) * 2019-12-09 2020-05-08 飞天诚信科技股份有限公司 Data signature method, electronic device and computer readable storage medium
CN111064583A (en) * 2020-03-17 2020-04-24 北京信安世纪科技股份有限公司 Threshold SM2 digital signature method and device, electronic equipment and storage medium
CN111901123A (en) * 2020-07-15 2020-11-06 浙江军盾信息科技有限公司 SM2 signature generation method, storage medium and terminal

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
YIHONG LONG 等: "Secret Sharing Based SM2 Digital Signature Generation using Homomorphic Encryption", 2019 15TH INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE AND SECURITY (CIS) *
侯红霞;杨波;张丽娜;张明瑞;: "安全的两方协作SM2签名算法", 电子学报, no. 01 *
苏吟雪;田海博;: "基于SM2的双方共同签名协议及其应用", 计算机学报, no. 04 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113676335A (en) * 2021-10-21 2021-11-19 飞天诚信科技股份有限公司 Method and device for realizing signature in security chip
CN113676335B (en) * 2021-10-21 2021-12-28 飞天诚信科技股份有限公司 Method and device for realizing signature in security chip

Also Published As

Publication number Publication date
CN113343259B (en) 2023-09-29

Similar Documents

Publication Publication Date Title
CN111931962B (en) Information display method and device and electronic equipment
CN111459364B (en) Icon updating method and device and electronic equipment
CN110390493B (en) Task management method and device, storage medium and electronic equipment
WO2023078072A1 (en) Byzantine fault tolerance-based asynchronous consensus method and apparatus, server and medium
CN111309304B (en) Method, device, medium and electronic equipment for generating IDL file
CN111130791B (en) Data signature method, electronic device and computer readable storage medium
CN113343259B (en) SM 2-based joint signature realization method and device, electronic equipment and storage medium
EP4134904A1 (en) Image special effect configuration method, image recognition method, apparatuses, and electronic device
CN111130805B (en) Secure transmission method, electronic device, and computer-readable storage medium
CN110602700B (en) Seed key processing method and device and electronic equipment
CN111752644A (en) Interface simulation method, device, equipment and storage medium
CN113904773B (en) SSL connection establishment method, SSL connection establishment device, electronic equipment and computer readable storage medium
CN113138707B (en) Interaction method, interaction device, electronic equipment and computer-readable storage medium
CN112764629B (en) Augmented reality interface display method, device, equipment and computer readable medium
CN111258582B (en) Window rendering method and device, computer equipment and storage medium
CN111338822B (en) Message processing method and device
CN114428925A (en) Page rendering method and device, electronic equipment and computer readable medium
CN113518183A (en) Camera calling method and device and electronic equipment
CN111753238A (en) Data mapping method and device and electronic equipment
CN113742774B (en) Data processing method and device, readable medium and electronic equipment
CN116226888B (en) Power data interactive encryption method, system and equipment based on privacy protection
CN112214549B (en) File feature code generation method and device and electronic equipment
CN110619218B (en) Method and apparatus for generating information
CN111835846B (en) Information updating method and device and electronic equipment
CN116455652A (en) Processing method, device, equipment and medium based on authentication routing rule

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant