CN101931529A - Data encryption method, data decryption method and nodes - Google Patents

Data encryption method, data decryption method and nodes Download PDF

Info

Publication number
CN101931529A
CN101931529A CN2010102490897A CN201010249089A CN101931529A CN 101931529 A CN101931529 A CN 101931529A CN 2010102490897 A CN2010102490897 A CN 2010102490897A CN 201010249089 A CN201010249089 A CN 201010249089A CN 101931529 A CN101931529 A CN 101931529A
Authority
CN
China
Prior art keywords
elliptic curve
coordinate system
sending node
information
point
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2010102490897A
Other languages
Chinese (zh)
Other versions
CN101931529B (en
Inventor
何军
张震玮
张弥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201010249089.7A priority Critical patent/CN101931529B/en
Priority to PCT/CN2010/079823 priority patent/WO2012019407A1/en
Publication of CN101931529A publication Critical patent/CN101931529A/en
Application granted granted Critical
Publication of CN101931529B publication Critical patent/CN101931529B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Abstract

The invention provides a data encryption method, a data decryption method and nodes. The data encryption method comprises that: a transmitting node acquires a parameter group, a key and data information of a preset elliptic curve; and the transmitting node calculates data encryption information by using the parameter group, the key and the data information of the elliptic curve, and transmits the data encryption information to a receiving node, wherein in the process of calculating the data encryption information, the transmitting node converts the elliptic curve into an equation under a projection coordinate system, operates multiple points on the elliptic curve by using the corresponding relationship between an affine point on the elliptic curve and a projection point on the equation, and converts the multiple points under the projection coordinate system to perform operation. The method can reduce the operation amount of data encryption and decryption of an elliptic curve public key password system so that the elliptic curve public key password system can be applied in a wireless sensing node of a wireless sensing network.

Description

A kind of data ciphering method, data decryption method and node
Technical field
The present invention relates to elliptic curve cipher (ECC, Elliptic Curve Cryptography) technical field, be specifically related to a kind of data encryption, data decryption method, sending node and receiving node based on the ellipse curve public key cipher system.
Background technology
Cryptographic system generally can be divided into two types: DSE arithmetic and public-key cryptosystem.Wherein, public-key cryptosystem is by Diffie-Hellman and the independent respectively proposition of Merkle, first piece of National Computer Conference of submitting to the U.S. about the paper multiuser cryptographic techniques of public key cryptography in June, 1976.Public-key cryptosystem comparatively commonly used now has RSA public-key cryptosystem, elliptic curve cryptosystem etc.In existing public-key cryptosystem, elliptic curve cryptosystem is every the highest grade of bit encryption a kind of in the at present known public-key cryptosystem.
Digital signature technology is the main application to public key encryption algorithm, and its major function is to be used to provide data source authentication, data integrity and non-repudiation authentication.The digital signature of elliptic curve technology is the elliptic curve version of digital signature.It utilizes stronger security intensity of elliptic curve cryptosystem and relative short key length to realize authentication to data source and data integrity.The application of public key encryption algorithm also comprises and utilizes the ellipse curve public key cipher system to encrypt and cipher-text information is decrypted to sent information.
In the existing ellipse curve public key cipher system, need carry out the point doubling on the elliptic curve, and the operand of the inversion operation in the point doubling is very big, can expend a large amount of calculation resources, this hardware to the node device of support ellipse curve public key cipher system has very high requirement, has limited the application of ellipse curve public key cipher system on the limited nodal terminal of some functions (as wireless sensing node).
Summary of the invention
Technical problem to be solved by this invention provides a kind of data ciphering method, data decryption method and node, in order to the operand of the digital signature identification that reduces the ellipse curve public key cipher system.
For solving the problems of the technologies described above, it is as follows to the invention provides scheme:
A kind of data ciphering method based on the ellipse curve public key cipher system comprises:
Sending node obtains parameter group, key and the data message of the elliptic curve that sets in advance;
Sending node utilizes parameter group, key and the data message of elliptic curve, calculates data encryption information, and described data encryption information is sent to receiving node;
Wherein, in the process of calculating described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
Preferably, in the above-mentioned data ciphering method, wherein,, be transformed under the projected coordinate system and calculate, specifically comprise the point doubling on the described elliptic curve:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to equation under the projected coordinate system, and determine affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
According to described corresponding relation, replace with the coordinate of subpoint by coordinate with the affine point in the point doubling formula of described elliptic curve, be converted to the computing formula of point doubling under projected coordinate system of described elliptic curve;
Utilize described corresponding relation and described computing formula,, be transformed under the described projected coordinate system and calculate the point doubling on the described elliptic curve.
Preferably, in the above-mentioned data ciphering method,
Described key is the PKI of receiving node, and described data message is a cleartext information, and described data encryption information is described cleartext information corresponding ciphertext information.
Preferably, in the above-mentioned data ciphering method,
Described key is the private key of sending node, and described data message is the identification information of sending node, and described data encryption information is the digital signature information of sending node;
And sending node sends to receiving node with described identification information simultaneously when described digital signature information is sent to receiving node.
Preferably, in the above-mentioned data ciphering method,
The calculating of the digital signature information of described sending node comprises:
Choose an integer k arbitrarily from 1 to n-1, wherein n is the Prime Orders of the basic point of elliptic curve;
Calculate kP, then with the x coordinate x of kP 3Be converted to integer
Figure BSA00000222797700031
And to integer
Figure BSA00000222797700032
Delivery n computing obtains r, wherein P=(P x, P y), represent the basic point of described elliptic curve;
The hash function that use is preset is carried out the hash computing to the identification information of sending node, obtains Hash Value e, and to k -1(e+dr) delivery n computing obtains s, and wherein d is described private key;
All be not equal at 0 o'clock at r and s, obtain described digital signature information (r, s).
Preferably, in the above-mentioned data ciphering method,
Described projection coordinate is Jacobi's projected coordinate system;
In the process of calculating described kP, carry out in such a way for the calculating of 2P:
According to described corresponding relation, obtain the subpoint G=(X of affine some P correspondence 1: Y 1: Z 1);
According to formula
Figure BSA00000222797700033
Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P.
The present invention also provides a kind of sending node, comprising:
Acquiring unit is used to obtain parameter group, key and the data message of the elliptic curve that sets in advance;
Ciphering unit is used to utilize parameter group, key and the data message of elliptic curve, calculates data encryption information;
Transmitting element also is used for described data encryption information is sent to receiving node;
Wherein, described ciphering unit is in the process of calculating described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
Preferably, in the above-mentioned sending node, described ciphering unit comprises:
Projecting cell is used for described elliptic curve is projected to projected coordinate system, and described elliptic curve is converted to equation under the projected coordinate system, and determines affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
Converting unit is used for according to described corresponding relation, replaces with the coordinate of subpoint by the coordinate with the affine point in the point doubling formula of described elliptic curve, is converted to the computing formula of point doubling under projected coordinate system of described elliptic curve;
Computing unit is used to utilize described corresponding relation and described computing formula, with the point doubling on the described elliptic curve, is transformed under the described projected coordinate system and calculates.
Preferably, in the above-mentioned sending node,
Described key is the private key of sending node, and described data message is the identification information of sending node, and described data encryption information is the digital signature information of sending node;
Described transmitting element also is used for simultaneously described identification information being sent to receiving node when described digital signature information is sent to receiving node.
Preferably, in the above-mentioned sending node,
Described ciphering unit comprises:
Selected cell is used for choosing an integer k arbitrarily from 1 to n-1, and wherein n is the Prime Orders of the basic point of described elliptic curve;
First computing unit is used to calculate kP, then with the x coordinate x of kP 3Be converted to integer And to integer
Figure BSA00000222797700042
Delivery n computing obtains r, wherein P=(P x, P y), represent the basic point of described elliptic curve;
Second computing unit is used to use hash function that the identification information of sending node is carried out the hash computing, obtains Hash Value e, and to k -1(e+dr) delivery n computing obtains s, and wherein d is described private key;
Output unit is used for all being not equal at 0 o'clock at r and s, obtain described digital signature information (r, s).
Preferably, in the above-mentioned sending node, described projection coordinate is Jacobi's projected coordinate system, and described first computing unit is further used for carrying out in such a way for the calculating of 2P in the process of calculating described kP:
According to described corresponding relation, obtain the subpoint G=(X of affine some P correspondence 1: Y 1: Z 1);
According to formula Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P.
The present invention also provides a kind of data decryption method based on the ellipse curve public key cipher system, comprising:
Receiving node receives the data encryption information of sending node, and described data encryption information is that parameter group, first key and the data message of the default elliptic curve of sending node utilization calculates;
Receiving node utilizes second key of the parameter group and the described first key correspondence of described elliptic curve, and described data encryption information is decrypted;
Wherein, in the decrypting process of described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
Preferably, in the above-mentioned data decryption method, wherein,, be transformed under the projected coordinate system and calculate, specifically comprise the point doubling on the described elliptic curve:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to equation under the projected coordinate system, and determine affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
According to described corresponding relation, replace with the coordinate of subpoint by coordinate with the affine point in the point doubling formula of described elliptic curve, be converted to the computing formula of point doubling under projected coordinate system of described elliptic curve;
Utilize described corresponding relation and described first computing formula,, be transformed under the described projected coordinate system and calculate the point doubling on the described elliptic curve.
Preferably, in the above-mentioned data decryption method,
Described first key is the PKI of receiving node, and described second key is the private key of receiving node, and described data message is a cleartext information, and described data encryption information is described cleartext information corresponding ciphertext information.
Preferably, in the above-mentioned data decryption method,
Described first key is the private key of sending node, and described second key is the PKI of sending node, and described data message is the identification information of sending node, and described data encryption information is the digital signature information of sending node;
Receiving node further receives the identification information of sending node, and in the decrypting process of described data encryption information, utilize the parameter group of described elliptic curve, the identification information of sending node and the PKI of described sending node, described digital signature information is carried out signature authentication.
Preferably, in the above-mentioned data decryption method,
Described described digital signature information is carried out signature authentication, comprising:
Described digital signature information (r, when s) any does not belong to interval [1, n-1] among the r in or the s, determination number word signature authentification failure, wherein n is the Prime Orders of the basic point of described elliptic curve;
When r and s all belong to interval [1, n-1], use default hash function that the identification information m of sending node is carried out the hash computing, obtain Hash Value e, and to s -1Delivery n computing obtains w;
Calculate u 1P and u 2Q, and calculate u 1P+u 2Q obtains T, wherein, and u 1=ew mod n, u 2=rw mod n, P=(P x, P y), representing the basic point of described elliptic curve, Q represents described PKI;
When T=∞, judge the signature authentication failure;
When T ≠ ∞, with the x coordinate x of T 4Be converted to integer
Figure BSA00000222797700061
And it is right
Figure BSA00000222797700062
Delivery n computing obtains v, and judges whether v=r sets up: if set up, then digital signature identification passes through; Otherwise digital signature identification failure.
Preferably, in the above-mentioned data decryption method,
Described projection coordinate is Jacobi's projected coordinate system;
Calculating described u 1P or u 2In the process of Q, carry out in such a way for the calculating of 2F, wherein F represents P or Q:
According to described corresponding relation, obtain the subpoint G=(X of affine some F correspondence 1: Y 1: Z 1);
According to formula
Figure BSA00000222797700063
Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2F.
The present invention also provides a kind of receiving node, comprising:
Receiving element is used to receive the data encryption information of sending node, and described data encryption information is that parameter group, first key and the data message of the default elliptic curve of sending node utilization calculates;
Decrypting device is used to utilize second key of the parameter group and the described first key correspondence of described elliptic curve, and described data encryption information is decrypted;
Wherein, described decrypting device is in the decrypting process of described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
Preferably, in the above-mentioned receiving node, described decrypting device comprises:
Projecting cell is used for described elliptic curve is projected to projected coordinate system, and described elliptic curve is converted to equation under the projected coordinate system, and determines affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
Converting unit is used for according to described corresponding relation, replaces with the coordinate of subpoint by the coordinate with the affine point in the point doubling formula of described elliptic curve, is converted to the computing formula of point doubling under projected coordinate system of described elliptic curve;
Computing unit is used to utilize described corresponding relation and described computing formula, with the point doubling on the described elliptic curve, is transformed under the described projected coordinate system and calculates.
Preferably, in the above-mentioned receiving node,
Described first key is the private key of sending node, and described second key is the PKI of sending node, and described data message is the identification information of sending node, and described data encryption information is the digital signature information of sending node;
Described receiving element also is used to receive the identification information of sending node;
Described decrypting device also is used for the decrypting process in described data encryption information, utilizes the parameter group of described elliptic curve, the identification information of sending node and the PKI of described sending node, and described digital signature information is carried out signature authentication.
Preferably, in the above-mentioned receiving node,
Described decrypting device comprises:
First judging unit, be used for described digital signature information (r, when s) any does not belong to interval [1, n-1] among the r in or the s, determination number word signature authentification failure, wherein n is the Prime Orders of the basic point of described elliptic curve;
First computing unit is used for when r and s all belong to interval [1, n-1], uses default hash function that the identification information m of sending node is carried out the hash computing, obtains Hash Value e, and to s -1Delivery n computing obtains w;
Second computing unit is used to calculate u 1P, wherein P=(P x, P y), represent the basic point of described elliptic curve;
The 3rd computing unit is used to calculate u 2Q, wherein Q represents described PKI;
The 3rd computing unit is used to calculate u 1P+u 2Q obtains T, wherein, and u 1=ew mod n, u 2=rw mod n;
Second judging unit is used for when T=∞, judges the signature authentication failure;
The 3rd judging unit is used for when T ≠ ∞, with the x coordinate x of T 4Be converted to integer
Figure BSA00000222797700071
And it is right Delivery n computing obtains v, and judges whether v=r sets up: if set up, then digital signature identification passes through; Otherwise digital signature identification failure.
Preferably, in the above-mentioned receiving node,
Described projection coordinate is Jacobi's projected coordinate system;
Described second computing unit is further used for calculating described u 1P or u 2In the process of Q, carry out in such a way for the calculating of 2F, wherein F represents P or Q:
According to described corresponding relation, obtain the subpoint G=(X of affine some F correspondence 1: Y 1: Z 1);
According to formula
Figure BSA00000222797700081
Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2F.
From the above as can be seen, data ciphering method provided by the invention, data decryption method and node, utilizing the ellipse curve public key cipher system to generate data encryption information and enciphered message is being decrypted in the process of (for example calculate digital signature information and digital signature information is being carried out signature authentication), by elliptic curve is projected to projected coordinate system by original coordinate system, elliptic curve is converted to equation under the projected coordinate system, and then with the point doubling of described elliptic curve, be converted to the computing under the projected coordinate system, because the computing under the projected coordinate system only need be calculated the multiplication between the coordinate figure under the projected coordinate system, additional calculation, thereby avoided the inversion operation in the elliptic curve point doubling, and inversion operation can expend a large amount of system resource, therefore the present invention can significantly reduce operand, has improved computational efficiency.And, because the present invention greatly reduces the operand in data encryption and the decrypting process, make and also can use the ellipse curve public key cipher system under the situation of node system resource-constrained, enlarged the range of application of ellipse curve public key cipher system, for example, make ellipse curve signature algorithm can be applied to the wireless sensing node in the radio sensing network, both improved the fail safe of radio sensing network, needn't increase the hardware cost of node again.
Description of drawings
Fig. 1 is the schematic flow sheet of the described data ciphering method based on the ellipse curve public key cipher system of the embodiment of the invention;
Fig. 2 is the schematic flow sheet of the described data decryption method based on the ellipse curve public key cipher system of the embodiment of the invention;
Fig. 3 is the example schematic of the generative process of digital signature of elliptic curve in the embodiment of the invention;
Fig. 4 is the example schematic of the proof procedure of digital signature of elliptic curve in the embodiment of the invention;
Fig. 5 is the structural representation of the described sending node of the embodiment of the invention;
Fig. 6 is the structural representation of the described receiving node of the embodiment of the invention.
Embodiment
The present invention is directed in the existing ellipse curve public key cipher system add, deficiency that the decrypt operation amount is big, by elliptic curve being carried out the coordinate system conversion, the point doubling of elliptic curve is transformed under the projected coordinate system carries out, reduce the operand of signature authentication algorithm, enlarged the range of application of ellipse curve public key cipher system.Below with reference to accompanying drawing, the present invention is described further by specific embodiment.
The embodiment of the invention provides a kind of data ciphering method based on the ellipse curve public key cipher system.Please refer to Fig. 1, the described data ciphering method of the embodiment of the invention specifically may further comprise the steps:
Step 11, sending node obtain the elliptic curve that sets in advance parameter group,, key and cleartext information.
Step 12, sending node are utilized parameter group, key and the cleartext information of elliptic curve, calculate data encryption information, and described data encryption information is sent to receiving node; Wherein, in the process of calculating described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
Here, when the described data ciphering method of application present embodiment is encrypted plaintext, key described in the above-mentioned steps 11 is the PKI of receiving node, and described data message is a cleartext information, and the data encryption information described in the above-mentioned steps 12 is described cleartext information corresponding ciphertext information.
Here, when the described data ciphering method of application present embodiment carries out digital signature to sending node, key described in the above-mentioned steps 11 is the private key of sending node, described data message is the identification information of sending node, data encryption information described in the above-mentioned steps 12 is the digital signature information of sending node, and sending node sends to receiving node with described identification information simultaneously when described digital signature information is sent to receiving node.
Utilizing the ellipse curve public key cipher system to generate digital signature or, all can relate to the point doubling on the elliptic curve expressly carrying out in the encrypted process.Present embodiment with the point doubling on the described elliptic curve, is transformed under the projected coordinate system and calculates in above-mentioned steps 12, specifically comprises:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to equation under the projected coordinate system, and determine affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
According to described corresponding relation, replace with the coordinate of subpoint by coordinate with the affine point in the point doubling formula of described elliptic curve, be converted to the computing formula of point doubling under projected coordinate system of described elliptic curve, in the expression formula of described computing formula cancellation denominator;
Utilize described corresponding relation and described computing formula,, be transformed under the described projected coordinate system and calculate the point doubling on the described elliptic curve.
From the above as can be seen, present embodiment is when utilizing ellipse curve public key cipher system calculated data enciphered message, by elliptic curve is projected to projected coordinate system by original coordinate system, elliptic curve is converted to equation under the projected coordinate system, the every bit of elliptic curve (subpoint) under the original coordinate system all has a corresponding with it point (affine point) under projected coordinate system; And then present embodiment is with the point doubling of described elliptic curve, be converted to the computing under the projected coordinate system, because the computing under the projected coordinate system only need be calculated the multiplication between the coordinate figure, additional calculation under the projected coordinate system, thereby avoided the inversion operation in the elliptic curve point doubling, and inversion operation can expend a large amount of system resource, therefore present embodiment can significantly reduce operand, has improved computational efficiency.
Preferably, the described sending node of present embodiment is the wireless sensing node in the radio sensing network.
Radio sensing network is a kind of network that is made of sensor node, its various monitoring target information in monitoring, perception and the collection network distributed areas of can cooperating, and these information are handled, be distributed to the observer.Because radio sensing network node mostly needs to be deployed in relative risk or the comparatively abominable area of environment, and in the ordinary course of things, wireless sensing node is under the situation of no supervision and maintenance, so wireless sensing node very easily is subjected to various malicious attacks, thereby threaten the safety of whole radio sensing network.So must guarantee the legal identity of node communication in radio sensing network.On the other hand because wireless sensing node memory capacity and computing capability are all very limited, this makes and is to use comparatively complicated cryptographic algorithm very difficult at wireless sensing node, therefore the arithmetical operation of the elliptic curve key length of prior art is not suitable for being applied in hardware resource limited wireless sensing node, so the wireless sensing node of prior art does not all adopt the very high ellipse curve signature algorithm of fail safe.And present embodiment is changed by coordinate system, avoided the inversion operation in the point doubling of elliptic curve, greatly reduce the operand in the signature process, make the ellipse curve public key cipher system can be applied to wireless sensing node, both improve the fail safe of node, needn't increase the hardware cost of node again.
Corresponding with above-mentioned digital signature method, present embodiment also provides a kind of data decryption method based on the ellipse curve public key cipher system, and as shown in Figure 2, this authentication method specifically comprises:
Step 21, receiving node receives the data encryption information of sending node, and described data encryption information is that parameter group, first key and the data message of the default elliptic curve of sending node utilization calculates;
Step 22, receiving node are utilized second key of the parameter group and the described first key correspondence of described elliptic curve, and described data encryption information is decrypted; Wherein, in the deciphering of described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
Here, when the described data decryption method of application present embodiment is decrypted ciphertext, first key described in the above-mentioned steps 21 is the PKI of receiving node, described second key is the private key of receiving node, described data message is a cleartext information, and described data encryption information is described cleartext information corresponding ciphertext information.
Here, when the described data ciphering method of application present embodiment carries out signature authentication to the digital signature of sending node, first key described in the above-mentioned steps 21 is the private key of sending node, described second key is the PKI of sending node, described data message is the identification information of sending node, and described data encryption information is the digital signature information of sending node; And in step 21, receiving node further receives the identification information of sending node, and in the decrypting process of the information of data encryption described in the step 22, utilize the parameter group of described elliptic curve, the identification information of sending node and the PKI of described sending node, described digital signature information is carried out signature authentication.
Here, in the above-mentioned steps 22,, be transformed under the projected coordinate system and calculate, specifically comprise the point doubling on the described elliptic curve:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to equation under the projected coordinate system, and determine affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
According to described corresponding relation, replace with the coordinate of subpoint by coordinate with the affine point in the point doubling formula of described elliptic curve, be converted to the computing formula of point doubling under projected coordinate system of described elliptic curve, in the expression formula of described computing formula cancellation denominator;
Utilize described corresponding relation and described computing formula,, be transformed under the described projected coordinate system and calculate the point doubling on the described elliptic curve.
Preferably, described receiving node is the wireless sensing node in the radio sensing network.
From the above as can be seen, present embodiment is when being decrypted the data enciphered message, by elliptic curve is projected to projected coordinate system by original coordinate system, elliptic curve is converted to equation under the projected coordinate system, the every bit of elliptic curve (subpoint) under the original coordinate system all has a corresponding with it point (affine point) under projected coordinate system; And then present embodiment is with the point doubling of described elliptic curve, be converted to the computing under the projected coordinate system, because the computing under the projected coordinate system only need be calculated the multiplication between the coordinate figure, additional calculation under the projected coordinate system, thereby avoided the inversion operation in the elliptic curve point doubling, significantly reduce operand, improved computational efficiency.
In order to be more readily understood the said method of present embodiment, present embodiment is an example with Jacobi's projected coordinate system and digital signature and signature authentication further, by concrete example said method is described further.This concrete example is not limited to the present invention, the present invention can be applied to other projected coordinate system equally, in the standard projection coordinate system, the present invention can be applied in based on the various encrypting and decrypting algorithms of existing ellipse curve public key cipher system equally in the process of expressly encrypting and ciphertext being decrypted.
How the point doubling that elliptic curve at first is described is realized by the calculating under Jacobi's elliptic coordinates.
Suppose to provide elliptic curve parameter group D=(p, a, b, P, n, h), this parameter group can define an elliptic curve equation E:y 2=x 3+ ax+b.Wherein, p be one greater than 3 prime number, its binary system length can be the prime number of being recommended by USA National Institute of Standard and Technology (NIST), thereby can obtain corresponding prime field greater than 160 bit usually.A, b are elliptic curve E:y 2=x 3The coefficient of+ax+b.P=(P x, P y) be the basic point on the elliptic curve E.H is a cofactor, and n is the Prime Orders of basic point P.The key of supposing the digital signature that adopts in the present embodiment to (d, Q), wherein d is a private key, is arbitrary integer between 1 to n-1 (be d ∈ R[1, n-1]), for sending node all; Q=dP is a PKI, for receiving node owns.
Here, elliptic curve is converted to equation under Jacobi's projected coordinate system, and determines affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, specifically: elliptic curve E:y 2=x 3+ ax+b converts the equation form Y under Jacobi's projected coordinate system to 2=X 3+ aXZ 4+ bZ 6, the following subpoint of Jacobi projected coordinate system this moment (X: Y: Z), the affine point (X/Z under Z ≠ 0 and the elliptic curve place original coordinate system 2, Y/Z 3) correspondence.
Suppose W=(x 1, y 1) be a point in the elliptic curve, the point doubling formula 2W=(x of elliptic curve then 2, y 2) be:
x 2=λ 2-2x 1?mod?p
y 2=λ(x 1-x 2)-y 1?mod?p
Wherein, λ=(3x 1 2+ a)/2y 1The mod p here be the expression to delivery p computing, for example in the following formula respectively to λ 2-2x 1And λ (x 1-x 2)-y 1Delivery p computing.
According to the corresponding relation between affine point and the subpoint, for affine point: W=(x 1, y 1)=(X/Z 2, Y/Z 3), there is subpoint G=(X 1: Y 1: Z 1) corresponding with it, therefore, make G=(X 1: Y 1: Z 1), then 2G=(X ' 3: Y ' 3: 1), with x 1, y 1Replace with the coordinate under Jacobi's projected coordinate system, the point doubling formula of the above-mentioned elliptic curve of substitution obtains:
X 3 ′ = ( 3 X 1 2 + aZ 1 4 ) 2 - 8 X 1 Y 1 2 4 Y 1 2 Z 1 2
Y 3 ′ = 3 X 1 2 + aZ 1 4 2 Y 1 Z 1 ( X 1 Z 1 2 - X 3 ′ ) - Y 1 Z 1 3
In expression formula, cancel denominator, then 2G=(X 3: Y 3: Z 3), wherein
X 3 = ( 3 X 1 2 + aZ 1 4 ) 2 - 8 X 1 Y 1 2 Y 3 = ( 3 X 1 2 + aZ 1 4 ) ( 4 X 1 Y 1 2 - X 3 ) - 8 Y 1 4 Z 3 = 2 Y 1 Z 1 - - - ( 1 )
Above-mentioned formula (1) is the computing formula of point doubling under Jacobi's projected coordinate system of elliptic curve.All do not had denominator in the expression formula of above-mentioned formula (1), thereby avoided inversion operation.Simultaneously, because
Figure BSA00000222797700135
Can reuse etc. result of calculation, with further minimizing operand.
By above conversion, affine some W=(x on the elliptic curve 1, y 1)=(X/Z 2, Y/Z 3), the some 2W that its point doubling obtains is corresponding to the 2G=(X under the Jacobi projection coordinate 3: Y 3: Z 3), therefore, when calculating the point doubling of elliptic curve, only need utilize corresponding relation and above-mentioned formula (1) between affine point and the subpoint, point doubling on the elliptic curve is converted to calculating under Jacobi's projected coordinate system, and then, the result of calculation under Jacobi's projected coordinate system is changed back the original coordinate system at elliptic curve place according to above-mentioned corresponding relation, what can obtain elliptic curve doubly puts result of calculation.
In this example, as the wireless sensing node of sending node, when communication takes place, at first produce this sending node digital signature information (r, s), and with this digital signature information (r s) sends to receiving node, and its detailed process comprises as shown in Figure 3:
Step 300, the identification information m of derivation sending node, here, this identification information can be terminal number, terminal MAC Address or other this terminal information of energy unique identification.
Step 301, derive the parameter group D=be preset at the elliptic curve in the sending node (p, a, b, P, n, h) and the private key d of sending node.
Arbitrary integer k between step 302, sending node choose 1 to n-1 (be k ∈ R[1, n-1]), and calculate kP=(x 3, y 3), then with field parameter x 3Be converted to integer
Figure BSA00000222797700141
Concrete conversion can be carried out x according to American National Standards Institute's ANSI X9.62 standard 3Be converted to integer
Here, in step 302, kP=(x can calculated 3, y 3) process in use above-mentioned formula (1), the point doubling of elliptic curve is optimized, to reduce operand, improve operation efficiency.According to many point doublings in the elliptic curve, as follows for the computational process of N=kP:
At first, k is expressed as binary form k=(k I-1..., k 2, k 1) 2, and make N=0:
Then, from 0 to t-1, repeat the computing of following A, B for i successively:
A) if k i=1, the result who then N is updated to N+P (is N ← N+P); If k i=0, then keeping N constant (is N ← N);
B) calculate 2P, and P is updated to 2P (is P ← 2P);
At last, export the value of N, obtain the result of calculation of N=kP.
Wherein, calculating 2P among the described step B specifically comprises:
According to the corresponding relation between described affine point and the subpoint, obtain the subpoint G=(X of affine some P correspondence 1: Y 1: Z 1);
According to formula
Figure BSA00000222797700143
Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P, thereby is doubly put the operation result of 2P.
As can be seen calculated from the above process, in carrying out elliptic curve during many point doublings, need carry out the point doubling (being the 2P among the step B) of elliptic curve repeatedly, therefore, this example is when calculating 2P, elliptic curve is projected under Jacobi's projected coordinate system, utilize the corresponding relation and the above-mentioned formula (1) of affine point and subpoint, point doubling is converted to calculating under the Jacobi projection coordinate, then according to above-mentioned corresponding relation, result of calculation is changed back original coordinate system under the elliptic curve, can obtain the point doubling result, thereby avoided the inversion calculation in the elliptic curve point doubling, significantly reduced operand.
Step 303 is calculated
Figure BSA00000222797700151
Step 304 judges whether r=0 sets up: if set up, then return step 302, calculate to reselect k; If be false, then obtain the value of r and enter step 305.
Step 305, the hash function that use is preset is carried out the hash computing to the identification information m of node, obtains Hash Value e.Hash algorithm SHA1 for example safe in utilization carries out the hash computing to m, is fixed 160 Hash Value of length.
Step 306 is calculated s=k -1(e+dr) mod n is promptly to k -1(e+dr) delivery n computing.
Step 307 judges whether s=0 sets up, if set up, then returns step 302; If be false, obtain the value of s and enter step 308.
Step 308, obtain the elliptic curve of sending node digital signature information (r, s), and with digital signature information (r, s) and self identification information send to receiving node.Here, preferably, sending node and receiving node all are the wireless sensing nodes in the radio sensing network.
In this example, receiving node receives the digital digital signature information (r that sending node sends, s) after, the PKI that utilization is preset is verified it, thereby the legitimacy to sending node when the sending node access network authenticates, guarantee the secure communication of network, concrete verification process comprises as shown in Figure 4:
Step 400, after communication process begins, receiving node receive sending node digital signature information (r, s) and the terminal identification information m of sending node;
Step 401, receiving node extract the parameter D=be preset at local elliptic curve (p, a, b, P, n, h) and PKI Q.
Step 402, whether receiving node check r and s all are interval [1, n-1] interior integers: if any one check failure then enters step 410; R and s are the integers in interval [1, n-1], then enter step 403.
Step 403, the hash function (as SHA1, identical with sending node) that use is preset is carried out the hash computing to the terminal identification information m of sending node, is fixed 160 Hash Value e of length.
Step 404 is calculated w=s -1Mod n is (promptly to s -1Delivery n computing obtains w).
Step 405 is calculated u 1=ew mod n and u 2(promptly computing obtains u to=rw mod n to ew delivery n 1, computing obtains u to rw delivery n 2); Then, calculate u 1P and u 2Q, and calculate u 1P+u 2Q obtains T, T=u 1P+u 2Q.
Step 406 judges whether T=∞ is true: in this way, then enter step 410; Otherwise enter step 407.
Step 407 is according to ANSI X9.62 standard, with the x coordinate x of field parameter T 4Be converted to integer
Figure BSA00000222797700161
And calculate
Figure BSA00000222797700162
Step 408 is because s=k -1(e+dr) mod n, rearrangement can get:
K=s -1(e+dr)=s -1E+s -1Rd=we+wrd=u 1+ u 2D (mod n), that is:
X=u 1P+u 2Q=u 1P+u 2DP=(u 1+ u 2D) P=kP so there is v=r to set up, therefore judges whether v=r sets up: if set up, then enter step 409; Otherwise enter step 410.
Step 409, digital signature identification passes through, and returns the indication of (" accepting this signature ").
Step 410, the indication of (" refusing this signature ") is returned in the digital signature identification failure.
Here, in above-mentioned steps 405, u can calculated 1P and u 2Use above-mentioned formula (1) in the process of Q, the point doubling of elliptic curve be optimized,, improve operation efficiency, specify as follows to reduce operand:
Wherein calculate u 1P comprises:
With u 1Be converted to binary form u 1=(f H-1..., f 2, f 1) 2, and to make the initial value of N be 0;
From 0 to h-1, repeat the computing of following steps A, B for i successively:
Steps A) if f i=1, then N is updated to the result of N+P; If f i=0, then keep N constant;
Step B) calculates 2P, and P is updated to 2P;
Computing finishes the value of back output N, obtains N=u 1The result of calculation of P;
Wherein, calculating 2P among the described step B comprises:
According to the corresponding relation between described affine point and the subpoint, obtain the subpoint G=(X of affine some P correspondence 1: Y 1: Z 1);
According to formula
Figure BSA00000222797700163
Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P again, thereby is doubly put the operation result of 2P.
And calculating u 2Q specifically comprises again:
With u 2Be converted to binary form u 2=(j I-1..., j 2, j 1) 2, and to make the initial value of M be 0;
From 0 to l-1, repeat the computing of following steps A ', B ' for i successively:
Steps A ') if j i=1, then M is updated to the result of M+Q; If j i=0, then keep M constant;
Step B ') calculates 2Q, and Q is updated to 2Q;
Computing finishes the value of back output M, obtains M=u 2The result of calculation of Q;
Wherein, calculating 2Q among the described step B ' comprises:
According to described corresponding relation, obtain the subpoint B=(X of affine some Q correspondence 2: Y 2: Z 2);
According to formula Find the solution and obtain 2B=(X 4: Y 4: Z 4);
According to described corresponding relation, subpoint 2B is converted to affine some 2Q again, thereby is doubly put the operation result of 2Q.
In the above process, sending node is in generating the digital signature information process, receiving node all can utilize above-mentioned formula (1) that the point doubling of elliptic curve is simplified in the certifying digital signature information process, avoided the inversion operation in the point doubling, reduced the system resource that point doubling consumed, reduced requirement, improved operation efficiency node hardware.
At last, list the wireless sensing node that adopts the described method of present embodiment to be optimized front and back by following table and generated PKI, needed time when digital signature information and certifying digital signature, from following table as can be seen, after adopting the present embodiment method, under same hardware condition, wireless sensing node can significantly reduce the computing required time, the described method of present embodiment can improve operation efficiency to a great extent, make the ellipse curve public key cipher system can be applied to the less wireless sensing node of system resource, and needn't improve the hardware configuration of wireless sensing node, have good economic benefits, can improve the fail safe of radio sensing network again
Time of implementation of You Huaing (S) not Time of implementation after the optimization (S)
Produce PKI 30.12 8.23
Generate signature 30.05 8.33
Certifying signature 60.55 16.95
At last, present embodiment also provides respectively in order to realize the node device of above-mentioned data ciphering method and data decryption method.
Wherein, as shown in Figure 5, a kind of sending node that present embodiment provides specifically comprises:
Acquiring unit is used to obtain parameter group, key and the data message of the elliptic curve that sets in advance;
Ciphering unit is used to utilize parameter group, key and the data message of elliptic curve, calculates data encryption information;
Transmitting element also is used for described data encryption information is sent to receiving node;
Wherein, described ciphering unit is in the process of calculating described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
As a preferred embodiment, described ciphering unit comprises:
Projecting cell is used for described elliptic curve is projected to projected coordinate system, and described elliptic curve is converted to equation under the projected coordinate system, and determines affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
Converting unit is used for according to described corresponding relation, replaces with the coordinate of subpoint by the coordinate with the affine point in the point doubling formula of described elliptic curve, is converted to the computing formula of point doubling under projected coordinate system of described elliptic curve;
Computing unit is used to utilize described corresponding relation and described computing formula, with the point doubling on the described elliptic curve, is transformed under the described projected coordinate system and calculates.
As a preferred embodiment, described key is the PKI of receiving node, and described data message is a cleartext information, and described data encryption information is described cleartext information corresponding ciphertext information.
As a preferred embodiment, described key is the private key of sending node, and described data message is the identification information of sending node, and described data encryption information is the digital signature information of sending node; And described transmitting element also is used for simultaneously described identification information being sent to receiving node when described digital signature information is sent to receiving node.
Preferably, described sending node is the wireless sensing node in the radio sensing network.
As a preferred embodiment, described ciphering unit comprises:
Selected cell is used for choosing an integer k arbitrarily from 1 to n-1, and wherein n is the Prime Orders of the basic point of described elliptic curve;
First computing unit is used to calculate kP, then with the x coordinate x of kP 3Be converted to integer
Figure BSA00000222797700191
, and to integer
Figure BSA00000222797700192
Delivery n computing obtains r, wherein P=(P x, P y), represent the basic point of described elliptic curve;
Second computing unit is used to use hash function that the identification information of sending node is carried out the hash computing, obtains Hash Value e, and to k -1(e+dr) delivery n computing obtains s, and wherein d is described private key;
Output unit is used for all being not equal at 0 o'clock at r and s, obtain described digital signature information (r, s).
As a preferred embodiment, described projection coordinate is Jacobi's projected coordinate system, and described first computing unit is further used for carrying out in such a way for the calculating of 2P in the process of calculating described kP:
According to described corresponding relation, obtain the subpoint G=(X of affine some P correspondence 1: Y 1: Z 1);
According to formula Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P.
Please refer to shown in Figure 6ly again, present embodiment also provides a kind of receiving node, specifically comprises:
Receiving element is used to receive the data encryption information of sending node, and described data encryption information is that parameter group, first key and the data message of the default elliptic curve of sending node utilization calculates;
Decrypting device is used to utilize second key of the parameter group and the described first key correspondence of described elliptic curve, and described data encryption information is decrypted;
Wherein, described decrypting device is in the decrypting process of described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
As a preferred embodiment, described decrypting device comprises:
Projecting cell is used for described elliptic curve is projected to projected coordinate system, and described elliptic curve is converted to equation under the projected coordinate system, and determines affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
Converting unit is used for according to described corresponding relation, replaces with the coordinate of subpoint by the coordinate with the affine point in the point doubling formula of described elliptic curve, is converted to the computing formula of point doubling under projected coordinate system of described elliptic curve;
Computing unit is used to utilize described corresponding relation and described computing formula, with the point doubling on the described elliptic curve, is transformed under the described projected coordinate system and calculates.
Preferably, described sending node is the wireless sensing node in the radio sensing network.
As a preferred embodiment, described first key is the PKI of receiving node, and described second key is the private key of receiving node, and described data message is a cleartext information, and described data encryption information is described cleartext information corresponding ciphertext information.
As a preferred embodiment, described first key is the private key of sending node, and described second key is the PKI of sending node, and described data message is the identification information of sending node, and described data encryption information is the digital signature information of sending node;
Described receiving element also is used to receive the identification information of sending node;
Described decrypting device also is used for the decrypting process in described data encryption information, utilizes the parameter group of described elliptic curve, the identification information of sending node and the PKI of described sending node, and described digital signature information is carried out signature authentication.
Preferably, described decrypting device comprises:
First judging unit, be used for described digital signature information (r, when s) any does not belong to interval [1, n-1] among the r in or the s, determination number word signature authentification failure, wherein n is the Prime Orders of the basic point of described elliptic curve;
First computing unit is used for when r and s all belong to interval [1, n-1], uses default hash function that the identification information m of sending node is carried out the hash computing, obtains Hash Value e, and to s -1Delivery n computing obtains w;
Second computing unit is used to calculate u 1P, wherein P=(P x, P y), represent the basic point of described elliptic curve;
The 3rd computing unit is used to calculate u 2Q, wherein Q represents described PKI;
The 3rd computing unit is used to calculate u 1P+u 2Q obtains T, wherein, and u 1=ew mod n, u 2=rw mod n;
Second judging unit is used for when T=∞, judges the signature authentication failure;
The 3rd judging unit is used for when T ≠ ∞, with the x coordinate x of T 4Be converted to integer
Figure BSA00000222797700211
And it is right
Figure BSA00000222797700212
Delivery n computing obtains v, and judges whether v=r sets up: if set up, then digital signature identification passes through; Otherwise digital signature identification failure.
As a preferred embodiment, described projection coordinate is Jacobi's projected coordinate system, and described second computing unit is further used for calculating described u 1P or u 2In the process of Q, carry out in such a way for the calculating of 2F, wherein F represents P or Q:
According to described corresponding relation, obtain the subpoint G=(X of affine some F correspondence 1: Y 1: Z 1);
According to formula
Figure BSA00000222797700213
Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2F.
The above only is embodiments of the present invention; should be pointed out that for those skilled in the art, under the prerequisite that does not break away from the principle of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.

Claims (22)

1. the data ciphering method based on the ellipse curve public key cipher system is characterized in that, comprising:
Sending node obtains parameter group, key and the data message of the elliptic curve that sets in advance;
Sending node utilizes parameter group, key and the data message of elliptic curve, calculates data encryption information, and described data encryption information is sent to receiving node;
Wherein, in the process of calculating described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
2. data ciphering method as claimed in claim 1 is characterized in that, wherein, with the point doubling on the described elliptic curve, is transformed under the projected coordinate system and calculates, and specifically comprises:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to equation under the projected coordinate system, and determine affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
According to described corresponding relation, replace with the coordinate of subpoint by coordinate with the affine point in the point doubling formula of described elliptic curve, be converted to the computing formula of point doubling under projected coordinate system of described elliptic curve;
Utilize described corresponding relation and described computing formula,, be transformed under the described projected coordinate system and calculate the point doubling on the described elliptic curve.
3. data ciphering method as claimed in claim 1 is characterized in that,
Described key is the PKI of receiving node, and described data message is a cleartext information, and described data encryption information is described cleartext information corresponding ciphertext information.
4. data ciphering method as claimed in claim 1 is characterized in that,
Described key is the private key of sending node, and described data message is the identification information of sending node, and described data encryption information is the digital signature information of sending node;
And sending node sends to receiving node with described identification information simultaneously when described digital signature information is sent to receiving node.
5. data ciphering method as claimed in claim 4 is characterized in that,
The calculating of the digital signature information of described sending node comprises:
Choose an integer k arbitrarily from 1 to n-1, wherein n is the Prime Orders of the basic point of elliptic curve;
Calculate kP, then with the x coordinate x of kP 3Be converted to integer
Figure FSA00000222797600021
And to integer
Figure FSA00000222797600022
Delivery n computing obtains r, wherein P=(P x, P y), represent the basic point of described elliptic curve;
The hash function that use is preset is carried out the hash computing to the identification information of sending node, obtains Hash Value e, and to k -1(e+dr) delivery n computing obtains s, and wherein d is described private key;
All be not equal at 0 o'clock at r and s, obtain described digital signature information (r, s).
6. data ciphering method as claimed in claim 5 is characterized in that,
Described projection coordinate is Jacobi's projected coordinate system;
In the process of calculating described kP, carry out in such a way for the calculating of 2P:
According to described corresponding relation, obtain the subpoint G=(X of affine some P correspondence 1: Y 1: Z 1);
According to formula
Figure FSA00000222797600023
Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P.
7. a sending node is characterized in that, comprising:
Acquiring unit is used to obtain parameter group, key and the data message of the elliptic curve that sets in advance;
Ciphering unit is used to utilize parameter group, key and the data message of elliptic curve, calculates data encryption information;
Transmitting element also is used for described data encryption information is sent to receiving node;
Wherein, described ciphering unit is in the process of calculating described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
8. sending node as claimed in claim 7 is characterized in that, described ciphering unit comprises:
Projecting cell is used for described elliptic curve is projected to projected coordinate system, and described elliptic curve is converted to equation under the projected coordinate system, and determines affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
Converting unit is used for according to described corresponding relation, replaces with the coordinate of subpoint by the coordinate with the affine point in the point doubling formula of described elliptic curve, is converted to the computing formula of point doubling under projected coordinate system of described elliptic curve;
Computing unit is used to utilize described corresponding relation and described computing formula, with the point doubling on the described elliptic curve, is transformed under the described projected coordinate system and calculates.
9. sending node as claimed in claim 7 is characterized in that,
Described key is the private key of sending node, and described data message is the identification information of sending node, and described data encryption information is the digital signature information of sending node;
Described transmitting element also is used for simultaneously described identification information being sent to receiving node when described digital signature information is sent to receiving node.
10. sending node as claimed in claim 9 is characterized in that,
Described ciphering unit comprises:
Selected cell is used for choosing an integer k arbitrarily from 1 to n-1, and wherein n is the Prime Orders of the basic point of described elliptic curve;
First computing unit is used to calculate kP, then with the x coordinate x of kP 3Be converted to integer
Figure FSA00000222797600031
And to integer
Figure FSA00000222797600032
Delivery n computing obtains r, wherein P=(P x, P y), represent the basic point of described elliptic curve;
Second computing unit is used to use hash function that the identification information of sending node is carried out the hash computing, obtains Hash Value e, and to k -1(e+dr) delivery n computing obtains s, and wherein d is described private key;
Output unit is used for all being not equal at 0 o'clock at r and s, obtain described digital signature information (r, s).
11. sending node as claimed in claim 10 is characterized in that, described projection coordinate is Jacobi's projected coordinate system, and described first computing unit is further used for carrying out in such a way for the calculating of 2P in the process of calculating described kP:
According to described corresponding relation, obtain the subpoint G=(X of affine some P correspondence 1: Y 1: Z 1);
According to formula
Figure FSA00000222797600033
Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P.
12. data decryption method based on the ellipse curve public key cipher system, it is characterized in that, comprise: receiving node receives the data encryption information of sending node, and described data encryption information is that parameter group, first key and the data message of the default elliptic curve of sending node utilization calculates;
Receiving node utilizes second key of the parameter group and the described first key correspondence of described elliptic curve, and described data encryption information is decrypted;
Wherein, in the decrypting process of described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
13. data decryption method as claimed in claim 12 is characterized in that, wherein, with the point doubling on the described elliptic curve, is transformed under the projected coordinate system and calculates, and specifically comprises:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to equation under the projected coordinate system, and determine affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
According to described corresponding relation, replace with the coordinate of subpoint by coordinate with the affine point in the point doubling formula of described elliptic curve, be converted to the computing formula of point doubling under projected coordinate system of described elliptic curve;
Utilize described corresponding relation and described first computing formula,, be transformed under the described projected coordinate system and calculate the point doubling on the described elliptic curve.
14. data decryption method as claimed in claim 12 is characterized in that,
Described first key is the PKI of receiving node, and described second key is the private key of receiving node, and described data message is a cleartext information, and described data encryption information is described cleartext information corresponding ciphertext information.
15. data decryption method as claimed in claim 12 is characterized in that,
Described first key is the private key of sending node, and described second key is the PKI of sending node, and described data message is the identification information of sending node, and described data encryption information is the digital signature information of sending node;
Receiving node further receives the identification information of sending node, and in the decrypting process of described data encryption information, utilize the parameter group of described elliptic curve, the identification information of sending node and the PKI of described sending node, described digital signature information is carried out signature authentication.
16. data decryption method as claimed in claim 15 is characterized in that,
Described described digital signature information is carried out signature authentication, comprising:
Described digital signature information (r, when s) any does not belong to interval [1, n-1] among the r in or the s, determination number word signature authentification failure, wherein n is the Prime Orders of the basic point of described elliptic curve;
When r and s all belong to interval [1, n-1], use default hash function that the identification information m of sending node is carried out the hash computing, obtain Hash Value e, and to s -1Delivery n computing obtains w;
Calculate u 1P and u 2Q, and calculate u 1P+u 2Q obtains T, wherein, and u 1=ew mod n, u 2=rw mod n, P=(P x, P y), representing the basic point of described elliptic curve, Q represents described PKI;
When T=∞, judge the signature authentication failure;
When T ≠ ∞, with the x coordinate x of T 4Be converted to integer
Figure FSA00000222797600051
, and right
Figure FSA00000222797600052
Delivery n computing obtains v, and judges whether v=r sets up: if set up, then digital signature identification passes through; Otherwise digital signature identification failure.
17. data decryption method as claimed in claim 16 is characterized in that,
Described projection coordinate is Jacobi's projected coordinate system;
Calculating described u 1P or u 2In the process of Q, carry out in such a way for the calculating of 2F, wherein F represents P or Q:
According to described corresponding relation, obtain the subpoint G=(X of affine some F correspondence 1: Y 1: Z 1);
According to formula
Figure FSA00000222797600053
Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2F.
18. a receiving node is characterized in that, comprising:
Receiving element is used to receive the data encryption information of sending node, and described data encryption information is that parameter group, first key and the data message of the default elliptic curve of sending node utilization calculates;
Decrypting device is used to utilize second key of the parameter group and the described first key correspondence of described elliptic curve, and described data encryption information is decrypted;
Wherein, described decrypting device is in the decrypting process of described data encryption information, described elliptic curve is converted to equation under the projected coordinate system, and utilize affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation, with the point doubling on the described elliptic curve, be transformed under the projected coordinate system and calculate.
19. receiving node as claimed in claim 18 is characterized in that, described decrypting device comprises:
Projecting cell is used for described elliptic curve is projected to projected coordinate system, and described elliptic curve is converted to equation under the projected coordinate system, and determines affine point on the described elliptic curve and the corresponding relation between the subpoint on the described equation;
Converting unit is used for according to described corresponding relation, replaces with the coordinate of subpoint by the coordinate with the affine point in the point doubling formula of described elliptic curve, is converted to the computing formula of point doubling under projected coordinate system of described elliptic curve;
Computing unit is used to utilize described corresponding relation and described computing formula, with the point doubling on the described elliptic curve, is transformed under the described projected coordinate system and calculates.
20. receiving node as claimed in claim 18 is characterized in that,
Described first key is the private key of sending node, and described second key is the PKI of sending node, and described data message is the identification information of sending node, and described data encryption information is the digital signature information of sending node;
Described receiving element also is used to receive the identification information of sending node;
Described decrypting device also is used for the decrypting process in described data encryption information, utilizes the parameter group of described elliptic curve, the identification information of sending node and the PKI of described sending node, and described digital signature information is carried out signature authentication.
21. receiving node as claimed in claim 20 is characterized in that,
Described decrypting device comprises:
First judging unit, be used for described digital signature information (r, when s) any does not belong to interval [1, n-1] among the r in or the s, determination number word signature authentification failure, wherein n is the Prime Orders of the basic point of described elliptic curve;
First computing unit is used for when r and s all belong to interval [1, n-1], uses default hash function that the identification information m of sending node is carried out the hash computing, obtains Hash Value e, and to s -1Delivery n computing obtains w;
Second computing unit is used to calculate u 1P, wherein P=(P x, P y), represent the basic point of described elliptic curve;
The 3rd computing unit is used to calculate u 2Q, wherein Q represents described PKI;
The 3rd computing unit is used to calculate u 1P+u 2Q obtains T, wherein, and u 1=ew mod n, u 2=rw mod n;
Second judging unit is used for when T=∞, judges the signature authentication failure;
The 3rd judging unit is used for when T ≠ ∞, with the x coordinate x of T 4Be converted to integer
Figure FSA00000222797600061
And it is right
Figure FSA00000222797600062
Delivery n computing obtains v, and judges whether v=r sets up: if set up, then digital signature identification passes through; Otherwise digital signature identification failure.
22. receiving node as claimed in claim 21 is characterized in that,
Described projection coordinate is Jacobi's projected coordinate system;
Described second computing unit is further used for calculating described u 1P or u 2In the process of Q, carry out in such a way for the calculating of 2F, wherein F represents P or Q:
According to described corresponding relation, obtain the subpoint G=(X of affine some F correspondence 1: Y 1: Z 1);
According to formula
Figure FSA00000222797600071
Find the solution and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2F.
CN201010249089.7A 2010-08-09 2010-08-09 Data encryption method, data decryption method and nodes Expired - Fee Related CN101931529B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201010249089.7A CN101931529B (en) 2010-08-09 2010-08-09 Data encryption method, data decryption method and nodes
PCT/CN2010/079823 WO2012019407A1 (en) 2010-08-09 2010-12-15 Data encryption method, data decryption method, transmitting node and receiving node

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010249089.7A CN101931529B (en) 2010-08-09 2010-08-09 Data encryption method, data decryption method and nodes

Publications (2)

Publication Number Publication Date
CN101931529A true CN101931529A (en) 2010-12-29
CN101931529B CN101931529B (en) 2014-07-16

Family

ID=43370466

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010249089.7A Expired - Fee Related CN101931529B (en) 2010-08-09 2010-08-09 Data encryption method, data decryption method and nodes

Country Status (2)

Country Link
CN (1) CN101931529B (en)
WO (1) WO2012019407A1 (en)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102255729A (en) * 2011-07-07 2011-11-23 武汉理工大学 IBE (Internet Booking Engine) data encryption system based on medium digital certificate
CN102761415A (en) * 2011-04-27 2012-10-31 航天信息股份有限公司 System for generating, verifying and mixing digital signatures of p-element domain SM2 elliptic curves
CN102761412A (en) * 2011-04-27 2012-10-31 航天信息股份有限公司 P-element domain SM2 elliptic curve public key encryption, decryption and encryption-decryption hybrid system
CN104915179A (en) * 2015-04-28 2015-09-16 南京邮电大学 Human physiology data privacy protection method
CN105025474A (en) * 2015-06-26 2015-11-04 安徽大学 Lightweight digital signature method facing wireless sensing network
CN106712965A (en) * 2017-01-17 2017-05-24 数安时代科技股份有限公司 Digital signature method, device and cipher device
CN106972924A (en) * 2017-03-23 2017-07-21 联想(北京)有限公司 Encryption, decryption, Electronic Signature, the method and device for verifying stamped signature
CN108933670A (en) * 2018-10-18 2018-12-04 北京云测信息技术有限公司 A kind of digital signature method, device, mobile device and storage medium
CN112995784A (en) * 2021-05-19 2021-06-18 杭州海康威视数字技术股份有限公司 Video data slice encryption method, device and system
CN113254968A (en) * 2021-06-04 2021-08-13 晶澄微电子(宁波)有限公司 ECC (error correction code) key exchange method, system, network equipment and storage medium for reducing modular inverse computation
CN113364585A (en) * 2021-06-04 2021-09-07 晶澄微电子(宁波)有限公司 ECC authentication method and system for reducing modular inverse computation
CN114001650A (en) * 2021-09-16 2022-02-01 北京市测绘设计研究院 Method for encrypting conversion parameters of earth coordinate system and arbitrary plane coordinate system
CN114065171A (en) * 2021-11-11 2022-02-18 北京海泰方圆科技股份有限公司 Identity authentication method, device, system, equipment and medium
CN114244552A (en) * 2021-10-27 2022-03-25 中国银行股份有限公司 Data encryption transmission method and device based on block chain
CN115001685A (en) * 2022-07-22 2022-09-02 北京信安世纪科技股份有限公司 Method, device, equipment and storage medium for inadvertent transmission
CN115378588A (en) * 2022-10-25 2022-11-22 北京信安世纪科技股份有限公司 Method, apparatus and storage medium for inadvertent transmission
CN114244552B (en) * 2021-10-27 2024-04-19 中国银行股份有限公司 Data encryption transmission method and device based on block chain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1444168A (en) * 2003-04-23 2003-09-24 浙江大学 Probability type asymmetric encipherment method based on public key certificate on ellipse curve
CN1890916A (en) * 2003-10-03 2007-01-03 松下电器产业株式会社 Information transfer system, encryption device, and decryption device using elliptic curve cryptography
US20080104417A1 (en) * 2006-10-25 2008-05-01 Nachtigall Ernest H System and method for file encryption and decryption
CN101262345A (en) * 2008-01-04 2008-09-10 清华大学 Time point system for ellipse curve password system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5850443A (en) * 1996-08-15 1998-12-15 Entrust Technologies, Ltd. Key management system for mixed-trust environments
CN101018125B (en) * 2007-03-02 2010-06-16 中兴通讯股份有限公司 Radio terminal security network and card locking method based on the ellipse curve public key cipher
CN101697513A (en) * 2009-10-26 2010-04-21 深圳华为通信技术有限公司 Digital signature method, device and system as well as digital signature verification method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1444168A (en) * 2003-04-23 2003-09-24 浙江大学 Probability type asymmetric encipherment method based on public key certificate on ellipse curve
CN1890916A (en) * 2003-10-03 2007-01-03 松下电器产业株式会社 Information transfer system, encryption device, and decryption device using elliptic curve cryptography
US20080104417A1 (en) * 2006-10-25 2008-05-01 Nachtigall Ernest H System and method for file encryption and decryption
CN101262345A (en) * 2008-01-04 2008-09-10 清华大学 Time point system for ellipse curve password system

Cited By (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102761415A (en) * 2011-04-27 2012-10-31 航天信息股份有限公司 System for generating, verifying and mixing digital signatures of p-element domain SM2 elliptic curves
CN102761412A (en) * 2011-04-27 2012-10-31 航天信息股份有限公司 P-element domain SM2 elliptic curve public key encryption, decryption and encryption-decryption hybrid system
CN102761415B (en) * 2011-04-27 2015-04-08 航天信息股份有限公司 System for generating, verifying and mixing digital signatures of p-element domain SM2 elliptic curves
CN102255729B (en) * 2011-07-07 2013-07-10 武汉理工大学 IBE (Internet Booking Engine) data encryption system based on medium digital certificate
CN102255729A (en) * 2011-07-07 2011-11-23 武汉理工大学 IBE (Internet Booking Engine) data encryption system based on medium digital certificate
CN104915179B (en) * 2015-04-28 2018-07-17 南京邮电大学 A kind of method of human body physiological data secret protection
CN104915179A (en) * 2015-04-28 2015-09-16 南京邮电大学 Human physiology data privacy protection method
CN105025474A (en) * 2015-06-26 2015-11-04 安徽大学 Lightweight digital signature method facing wireless sensing network
CN105025474B (en) * 2015-06-26 2018-04-13 安徽大学 A kind of light weight digital signature method towards wireless sense network
CN106712965A (en) * 2017-01-17 2017-05-24 数安时代科技股份有限公司 Digital signature method, device and cipher device
CN106712965B (en) * 2017-01-17 2020-02-18 数安时代科技股份有限公司 Digital signature method and device and password equipment
CN106972924A (en) * 2017-03-23 2017-07-21 联想(北京)有限公司 Encryption, decryption, Electronic Signature, the method and device for verifying stamped signature
CN106972924B (en) * 2017-03-23 2020-06-23 联想(北京)有限公司 Method and device for encryption, decryption, electronic signature and verification signature
CN108933670B (en) * 2018-10-18 2021-02-26 北京云测信息技术有限公司 Digital signature method and device, mobile device and storage medium
CN108933670A (en) * 2018-10-18 2018-12-04 北京云测信息技术有限公司 A kind of digital signature method, device, mobile device and storage medium
CN112995784A (en) * 2021-05-19 2021-06-18 杭州海康威视数字技术股份有限公司 Video data slice encryption method, device and system
CN112995784B (en) * 2021-05-19 2021-09-21 杭州海康威视数字技术股份有限公司 Video data slice encryption method, device and system
CN113254968A (en) * 2021-06-04 2021-08-13 晶澄微电子(宁波)有限公司 ECC (error correction code) key exchange method, system, network equipment and storage medium for reducing modular inverse computation
CN113364585A (en) * 2021-06-04 2021-09-07 晶澄微电子(宁波)有限公司 ECC authentication method and system for reducing modular inverse computation
CN114001650B (en) * 2021-09-16 2023-09-29 北京市测绘设计研究院 Encryption method for conversion parameters of local coordinate system and arbitrary plane coordinate system
CN114001650A (en) * 2021-09-16 2022-02-01 北京市测绘设计研究院 Method for encrypting conversion parameters of earth coordinate system and arbitrary plane coordinate system
CN114244552A (en) * 2021-10-27 2022-03-25 中国银行股份有限公司 Data encryption transmission method and device based on block chain
CN114244552B (en) * 2021-10-27 2024-04-19 中国银行股份有限公司 Data encryption transmission method and device based on block chain
CN114065171A (en) * 2021-11-11 2022-02-18 北京海泰方圆科技股份有限公司 Identity authentication method, device, system, equipment and medium
CN114065171B (en) * 2021-11-11 2022-07-08 北京海泰方圆科技股份有限公司 Identity authentication method, device, system, equipment and medium
CN115001685A (en) * 2022-07-22 2022-09-02 北京信安世纪科技股份有限公司 Method, device, equipment and storage medium for inadvertent transmission
CN115378588A (en) * 2022-10-25 2022-11-22 北京信安世纪科技股份有限公司 Method, apparatus and storage medium for inadvertent transmission
CN115378588B (en) * 2022-10-25 2023-05-26 北京信安世纪科技股份有限公司 Method, apparatus and storage medium for inadvertent transmission

Also Published As

Publication number Publication date
CN101931529B (en) 2014-07-16
WO2012019407A1 (en) 2012-02-16

Similar Documents

Publication Publication Date Title
CN101931529B (en) Data encryption method, data decryption method and nodes
US6298153B1 (en) Digital signature method and information communication system and apparatus using such method
CN110545279A (en) block chain transaction method, device and system with privacy and supervision functions
CN101296075B (en) Identity authentication system based on elliptic curve
US9800418B2 (en) Signature protocol
CN101129018A (en) Small public-key based digital signatures for authentication
CN102946602A (en) Mobile information system based privacy protection and encryption method
US11870891B2 (en) Certificateless public key encryption using pairings
CN101401141A (en) Information processing system, information processing method, and information processing program
CN101296072B (en) Sharing cryptographic key generation method of elliptic curve
Bai et al. Elliptic curve cryptography based security framework for Internet of Things (IoT) enabled smart card
CN102523093A (en) Encapsulation method and encapsulation system for certificate-based key with label
CN110545169B (en) Block chain method and system based on asymmetric key pool and implicit certificate
US9544144B2 (en) Data encryption
US20150006900A1 (en) Signature protocol
US7424114B2 (en) Method for enhancing security of public key encryption schemas
CN102291396A (en) Anonymous authentication algorithm for remote authentication between credible platforms
Saho et al. Securing document by digital signature through RSA and elliptic curve cryptosystems
US20220038267A1 (en) Methods and devices for secured identity-based encryption systems with two trusted centers
CN116743358A (en) Repudiation multi-receiver authentication method and system
Li et al. Privacy-preserving large-scale systems of linear equations in outsourcing storage and computation
Fei et al. A secure digital signature algorithm based on elliptic curve and chaotic mappings
WO2016187689A1 (en) Signature protocol
Mohapatra Signcryption schemes with forward secrecy based on elliptic curve cryptography
Thadvai et al. A novel authenticated encryption scheme with convertibility

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20140716

Termination date: 20170809

CF01 Termination of patent right due to non-payment of annual fee