CN102291240A - Method and system for authenticating SM2 (Smart Media 2) signature - Google Patents
Method and system for authenticating SM2 (Smart Media 2) signature Download PDFInfo
- Publication number
- CN102291240A CN102291240A CN2011102576553A CN201110257655A CN102291240A CN 102291240 A CN102291240 A CN 102291240A CN 2011102576553 A CN2011102576553 A CN 2011102576553A CN 201110257655 A CN201110257655 A CN 201110257655A CN 102291240 A CN102291240 A CN 102291240A
- Authority
- CN
- China
- Prior art keywords
- signature
- ecdsa
- authentication
- mod
- prime
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses a method and system for authenticating an SM2 (Smart Media 2) signature, relating to the technical fields of digital signature and authentication technology. The method for authenticating the SM2 signature is implemented through an ASIC (Application Specific Integrated Circuit) chip in which an ECDSA (Elliptic Curve Digital Signature Algorithm) is adopted. The method comprises the following steps of: 1, converting an SM2 signature waiting to be authenticated into a corresponding ECDSA signature; 2, authenticating the ECDSA signature obtained by conversion by using the ASIC chip in which the ECDSA is adopted; and 3, performing out-chip modular addition operation on an authentication result of the ECDSA signature, authenticating a modular addition operation result to obtain an authentication result of the SM2 signature, and returning a result indicating whether the signature is received. In the method, the SM2 signature is converted into the ECDSA signature, and ECDSA authentication is performed on the ECDSA signature to obtain the authentication result of the SM2 signature, so that an SM2 algorithm can be directly realized by using the conventional ASIC chip for realizing ECDSA signature authentication, a chip design special for SM2 signature authentication is not required, and the developing period is shortened.
Description
Technical field
The present invention relates to digital signature and authentication techniques field, particularly a kind of authentication method and system of SM2 signature.
Background technology
Cryptographic system can be divided into tradition (or symmetry) encryption system and PKI (or asymmetric) encryption system two classes.W.Diffie in 1976 and M.E.Hellman have proposed the notion of public key cryptography, and whole cryptography development has been caused far-reaching influence.The common key cryptosystem of current extensive use is RSA, and its advantage is that principle is simple, and is easy to use.But along with updating and the continuous lifting of computing power of big integer factor decomposition method, guarantee that the needed key figure place of fail safe of RSA constantly increases, it is generally acknowledged that at present the figure place of RSA key just has safety guarantee more than 1024bit.The increase of key figure place has directly caused the increasing of declining to a great extent of encryption/decryption speed and hardware spending.
Elliptic curve cipher (ECC) is to be proposed by N.Koblitz and V.Miller in 1985, and it is to utilize elliptic curve finite group on the finite field to replace a class cryptographic system that obtains behind the finite cyclic group in the discrete logarithm problem.Because elliptic curve cipher has the security performance height, processing speed is fast, and bandwidth requirement hangs down and characteristics such as memory space is little, compares with RSA, and ECC has superiority on key length and arithmetic speed.
Elliptic curve E (F on the prime field
p) define by the Weierstrass equation:
E:y
2=x
3+ax+b(mod?p) (1)
Wherein p is a prime number, a, b be two nonnegative integers less than p (0<a, b<∞), and satisfying:
4a
3+27b
2(mod?p)≠0 (2)
Equation (2) is based on set E
p(a, b) limited Abe1 group of definable.
Ellipse curve signature algorithm (ECDSA) is the elliptic curve version of Digital Signature Algorithm (DSA).The most extensive standardized signature scheme based on elliptic curve comprises ANSIX9.62, FIPS186-2, IEEE 1363-2000 and ISO/IEC 15946-2 standard, and the draft of some standards.
Though equally based on the elliptic curve discrete logarithm problem, the SM2 algorithm is different with the ECDSA algorithm of standard in detail.Can't directly realize the SM2 algorithm according to the asic chip of realizing the ECDSA algorithm, this becomes the obstacle that the SM2 algorithm is promoted the use of.
Summary of the invention
(1) technical problem that will solve
The technical problem to be solved in the present invention is: how directly to realize the SM2 algorithm according to the asic chip of realizing the ECDSA algorithm.
(2) technical scheme
For solving the problems of the technologies described above, the invention provides a kind of authentication method of SM2 signature, realize the authentication method that SM2 signs by the asic chip of ECDSA algorithm, said method comprising the steps of:
S1: SM2 signature to be certified is converted into corresponding ECDSA signature;
S2: the asic chip by described ECDSA algorithm carries out authentication operation to the ECDSA signature that conversion obtains;
S3: the authentication result of ECDSA signature through the outer mould add operation of sheet, and is authenticated the result of mould add operation, obtaining the authentication result of SM2 signature, and return and whether accept signature.
Preferably, among the step S1 by the conversion of signing of following formula:
Wherein, s and r are ECDSA signature, and s ' and r ' are that SM2 signs, and e acts on the output valve of message for the cryptographic Hash function, and n is the rank of a basic point on the elliptic curve, and mod is modular arithmetic.
Preferably, the ECDSA signature that by following formula conversion is obtained among the step S2:
Wherein, u
1, u
2, X is median, (x
1, y
1) be the point on the described elliptic curve.Preferably, step S3 carries out the mould add operation by following formula:
R=(e+x
1)modn
Wherein, R is mould add operation result.
The invention also discloses a kind of Verification System of SM2 signature, realize the Verification System that SM2 signs by the asic chip of ECDSA algorithm, described system comprises:
Conversion module is used for SM2 signature to be certified is converted into corresponding ECDSA signature;
The authentication operation module is used for by the asic chip of described ECDSA algorithm the ECDSA signature that conversion obtains being carried out authentication operation;
The authentication acquisition module is used for the outer mould add operation of authentication result process sheet with the ECDSA signature, and the result of mould add operation is authenticated, and with the authentication result of acquisition SM2 signature, and returns and whether accepts signature.
Preferably, in the described conversion module by the conversion of signing of following formula:
Wherein, s and r are ECDSA signature, and s ' and r ' are that SM2 signs, and e acts on the output valve of message for the cryptographic Hash function, and n is the rank of a basic point on the elliptic curve, and mod is modular arithmetic.
Preferably, the ECDSA signature that by following formula conversion is obtained in the described authentication operation module:
Wherein, u
1, u
2, X is median, (x
1, y
1) be the point on the described elliptic curve.Preferably, described authentication acquisition module carries out the mould add operation by following formula:
R=(e+x
1)modn
Wherein, R is mould add operation result.
(3) beneficial effect
The present invention is by being converted into the ECDSA signature with the SM2 signature, and ECDSA signature carried out the ECDSA authentication, to obtain the authentication result of SM2 signature, make and directly to realize the SM2 algorithm with the asic chip of existing realization ECDSA signature authentication, and need not to come design chips for the SM2 signature authentication specially, reduced the construction cycle.
Description of drawings
Fig. 1 is the flow chart according to the authentication method of the SM2 signature of one embodiment of the present invention.
Embodiment
Below in conjunction with drawings and Examples, the specific embodiment of the present invention is described in further detail.Following examples are used to illustrate the present invention, but are not used for limiting the scope of the invention.
Distinguishing feature of the present invention is application-specific integrated circuit (ASIC) (the Application Specific Integrated Circuit with existing realization ECDSA signature authentication, ASIC) chip is realized the operation of SM2 signature authentication, and need not to come design chips for the SM2 signature authentication specially, reduced the construction cycle, can avoid outside sheet, carrying out the elliptic curve dot product again and put add operation, promptly reduced the expense of sheet external system, the performance of guaranteeing system again depends on the performance of asic chip.
Another characteristics of the present invention are, proposed a kind of SM2 signature to be converted into the changing method of ECDSA signature, the ECDSA signature authentication operation that makes asic chip carry out is equivalent to twice dot product operation having finished in the operation of SM2 signature authentication and once puts add operation.Thereby make each SM2 signature authentication operation only need to transfer the asic chip of once realizing the ECDSA signature authentication, reduced the time that transfer of data consumes, improved the efficient of SM2 signature authentication.
The 3rd characteristics of the present invention are, a kind of system configuration of branch three steps processing has been proposed, separate between every section, constitute the structure of similar three class pipeline, the performance of system is by the performance decision of ECDSA signature, be of the throughput decision of the throughput of system, can realize not second to being the performance of the custom-designed asic chip of SM2 signature authentication by the asic chip of realizing the ECDSA signature authentication.
Introduce the detailed process that realizes the SM2 signature authentication according to signature authentication flow process shown in Figure 1 below:
S1: SM2 signature to be certified is converted into corresponding ECDSA signature;
Because the core operation of the identifying algorithm of ECDSA signature is as follows:
(1) calculates u
1=es
-1Modn
(2) calculate u
2=rs
-1Modn
(3) calculate X=u
1P+u
2Q=(x
1, y
1)
Wherein, s and r are the ECDSA signature, and e is the signature information Hash Value, u
1, u
2, X is median, (x
1, y
1) be the point on the elliptic curve, Q is disclosed key, promptly on the elliptic curve a bit, P is the basic point of elliptic curve, n is the rank of a basic point on the elliptic curve, mod is modular arithmetic.
And the core operation of the identifying algorithm of SM2 signature is as follows:
(1) calculates t=(r '+s ') modn
(2) calculate X=s ' P+tQ=(x
1, y
1)
Wherein, s ' and r ' are the SM2 signature, and e is the signature information Hash Value, and t, X are median, (x
1, y
1) be the point on the elliptic curve, Q is disclosed key, promptly on the elliptic curve a bit, P is the basic point of elliptic curve, n is the rank of a basic point on the elliptic curve, mod is modular arithmetic.
The identifying algorithm of employing ECDSA algorithm is realized the identifying algorithm of SM2 algorithm, needs to satisfy:
u
1=es
-1Mod n=s ' and u
2=rs
-1Modn=t
Therefore, preferably, among the step S1 by the conversion of signing of following formula:
Wherein, s and r are the ECDSA signature, and s ' and r ' are the SM2 signature, and e is the signature information Hash Value, and n is the rank of a basic point on the elliptic curve, and mod is modular arithmetic.Above-mentioned formula is taken advantage of device by mould, and first outer module that mould adds device and the contrary device of mould and four data registers (be shown reg1, reg2, reg3 respectively, reach reg4) composition realizes.The concrete operation process is as follows:
1) SM2 is signed result, mould and signing messages input register:
Reg1 ← s ', reg2 ← n, reg3 ← r ', reg4 ← e (in the formula, " ← " expression assignment symbol, for example, reg1 ← s ' represents that promptly value assignment with s ' is to data register reg1)
2) realize s '
-1The mould inverse operation of modn,, when carrying out the mould inverse operation, can finish the mould add operation of (r '+s ') modn because the time that the mould inverse operation needs is longer:
reg1←s′
-1mod?n,reg3←(r′+s′)modn,reg4←e
3) after the mould inverse operation is finished, realize es ' again
-1Modn and (r '+s ') es '
-1The modular multiplication of modn, finish the conversion of SM2 signature:
reg3←(r′+s′)es′
-1modn,reg4←es′
-1modn
S2: described ECDSA signature is carried out authentication operation; This step operation is finished by the asic chip of realizing the ECDSA signature authentication, is equivalent to two dot products having finished in the SM2 signature authentication in fact and operates and the add operation of a point;
Preferably, the ECDSA signature that by following formula conversion is obtained among the step S2:
Wherein, u
1, u
2, X is median, (x
1, y
1) be the point on the described elliptic curve.
S3: the result to authentication operation carries out the mould add operation, obtains SM2 signature authentication result, and returns and whether accept signature; This step need be carried out the conversion of SM2 authentication result, only need finish the one-off pattern add operation, and the second outer module that is become with two data registers group by an adder realizes that the data input sequence is x
1, e, n, r ', arithmetic operation can be finished in the data input process, and concrete place to go process is as follows:
1) with ECDSA signature authentication result and signing messages input register:
reg1←x
1,reg2←e
2) finish x
1+ e operation, and with the mould input register:
reg1←x
1+e,reg2←n
3) finish (x
1+ e) modn operation, and with the SM2 r ' input register as a result of signing:
reg1←(x
1+e)modn,reg2←r′
4) finish (x
1+ e) modn-r ' operation if the result who finishes behind the last subtraction is 0, is then accepted signature, otherwise the refusal signature:
reg1←(x
1+e)modn-r′
The design carries out behavioral scaling with Verilog, RTL level coding and functional simulation, the correctness of verification system function.Taking advantage of device and adopt the contrary device of mould of Euclidean algorithm with the FIPS algorithm mould that adopts 64 multipliers to realize is example, and based on SMIC0.18 micron technology library, the area of first outer module is 1.04 square millimeters, and the critical path time delay was 5.5 nanoseconds; The area of second outer module is 0.11 square millimeter, and the critical path time delay was 3.7 nanoseconds.The conversion that first outer module finished a SM2 signature on average needs about 1200 cycles, about 6.6 microseconds consuming time; Second outer module finished conversion (comprising the data input and output) 42 cycles of needs of a SM2 authentication, about 155 nanoseconds consuming time.Carry out comprehensively based on Altera FPGA Cyclone III Series FPGA, first outer module takies 11910 arithmetic elements, and the critical path time delay was 30.147 nanoseconds; Second outer module takies 954 arithmetic elements, and the critical path time delay was 12.103 nanoseconds.The conversion that first outer module finished a SM2 signature on average needs about 1200 cycles, about 36.2 microseconds consuming time; Second outer module finished conversion (comprising the data input and output) 42 cycles of needs of a SM2 authentication, about 508.3 nanoseconds consuming time.When the signature authentication speed of the asic chip of the realization ECDSA signature authentication that uses was not higher than 27600 times/second, the speed of this system depended on the speed of asic chip.For the asic chip of low performance, the hardware consumption of the outer module of sheet can further reduce in the system.
Above execution mode only is used to illustrate the present invention; and be not limitation of the present invention; the those of ordinary skill in relevant technologies field; under the situation that does not break away from the spirit and scope of the present invention; can also make various variations and modification; therefore all technical schemes that are equal to also belong to category of the present invention, and scope of patent protection of the present invention should be defined by the claims.
Claims (8)
1. the authentication method of a SM2 signature is characterized in that, realizes the authentication method that SM2 signs by the asic chip of ECDSA algorithm, said method comprising the steps of:
S1: SM2 signature to be certified is converted into corresponding ECDSA signature;
S2: the asic chip by described ECDSA algorithm carries out authentication operation to the ECDSA signature that conversion obtains;
S3: the authentication result of ECDSA signature through the outer mould add operation of sheet, and is authenticated the result of mould add operation, obtaining the authentication result of SM2 signature, and return and whether accept signature.
2. the method for claim 1 is characterized in that, among the step S1 by the conversion of signing of following formula:
Wherein, s and r are the ECDSA signature, and s ' and r ' are the SM2 signature, and e is the signature information Hash Value, and n is the rank of a basic point on the elliptic curve, and mod is modular arithmetic.
3. method as claimed in claim 2 is characterized in that, the ECDSA signature that by following formula conversion is obtained among the step S2:
Wherein, u
1, u
2, X is median, (x
1, y
1) be the point on the described elliptic curve.
4. method as claimed in claim 3 is characterized in that, step S3 carries out the mould add operation by following formula:
R=(e+x
1)modn
Wherein, R is mould add operation result.
5. the Verification System of a SM2 signature is characterized in that, realizes the Verification System that SM2 signs by the asic chip of ECDSA algorithm, and described system comprises:
Conversion module is used for SM2 signature to be certified is converted into corresponding ECDSA signature;
The authentication operation module is used for by the asic chip of described ECDSA algorithm the ECDSA signature that conversion obtains being carried out authentication operation;
The authentication acquisition module is used for the outer mould add operation of authentication result process sheet with the ECDSA signature, and the result of mould add operation is authenticated, and with the authentication result of acquisition SM2 signature, and returns and whether accepts signature.
6. system as claimed in claim 5 is characterized in that, in the described conversion module by the conversion of signing of following formula:
Wherein, s and r are the ECDSA signature, and s ' and r ' are the SM2 signature, and e is the signature information Hash Value, and n is the rank of a basic point on the elliptic curve, and mod is modular arithmetic.
7. system as claimed in claim 6 is characterized in that, the ECDSA signature that by following formula conversion is obtained in the described authentication operation module:
Wherein, u
1, u
2, X is median, (x
1, y
1) be the point on the described elliptic curve.
8. system as claimed in claim 7 is characterized in that, described authentication acquisition module carries out the mould add operation by following formula:
R=(e+x
1)modn
Wherein, R is mould add operation result.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 201110257655 CN102291240B (en) | 2011-09-01 | 2011-09-01 | Method and system for authenticating SM2 (Smart Media 2) signature |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 201110257655 CN102291240B (en) | 2011-09-01 | 2011-09-01 | Method and system for authenticating SM2 (Smart Media 2) signature |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102291240A true CN102291240A (en) | 2011-12-21 |
CN102291240B CN102291240B (en) | 2013-10-02 |
Family
ID=45337364
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 201110257655 Expired - Fee Related CN102291240B (en) | 2011-09-01 | 2011-09-01 | Method and system for authenticating SM2 (Smart Media 2) signature |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102291240B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106685651A (en) * | 2016-12-22 | 2017-05-17 | 北京信安世纪科技有限公司 | Method for creating digital signatures by cooperation of client and server |
CN109586912A (en) * | 2018-11-09 | 2019-04-05 | 天津海泰方圆科技有限公司 | A kind of generation method, system, equipment and the medium of SM2 digital signature |
CN109639439A (en) * | 2019-02-27 | 2019-04-16 | 武汉大学 | A kind of ECDSA digital signature method based on two sides collaboration |
CN110046387A (en) * | 2019-03-14 | 2019-07-23 | 广东工业大学 | A kind of SM2 module verification platform and verification method based on UVM |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080019509A1 (en) * | 2006-07-10 | 2008-01-24 | Al-Gahtani Theeb A | Scalar multiplication method with inherent countermeasures |
WO2008106791A1 (en) * | 2007-03-06 | 2008-09-12 | Research In Motion Limited | Combining interleaving with fixed-sequence windowing in an elliptic curve scalar multiplication |
CN101330385A (en) * | 2007-06-19 | 2008-12-24 | 航天信息股份有限公司 | Method for improving digital signature check velocity of elliptic curve cipher system |
CN101610153A (en) * | 2008-06-20 | 2009-12-23 | 航天信息股份有限公司 | Electronic signature authentication method based on ellipse curve signature algorithm |
CN101826142A (en) * | 2010-04-19 | 2010-09-08 | 中国人民解放军信息工程大学 | Reconfigurable elliptic curve cipher processor |
-
2011
- 2011-09-01 CN CN 201110257655 patent/CN102291240B/en not_active Expired - Fee Related
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080019509A1 (en) * | 2006-07-10 | 2008-01-24 | Al-Gahtani Theeb A | Scalar multiplication method with inherent countermeasures |
WO2008106791A1 (en) * | 2007-03-06 | 2008-09-12 | Research In Motion Limited | Combining interleaving with fixed-sequence windowing in an elliptic curve scalar multiplication |
CN101330385A (en) * | 2007-06-19 | 2008-12-24 | 航天信息股份有限公司 | Method for improving digital signature check velocity of elliptic curve cipher system |
CN101610153A (en) * | 2008-06-20 | 2009-12-23 | 航天信息股份有限公司 | Electronic signature authentication method based on ellipse curve signature algorithm |
CN101826142A (en) * | 2010-04-19 | 2010-09-08 | 中国人民解放军信息工程大学 | Reconfigurable elliptic curve cipher processor |
Non-Patent Citations (1)
Title |
---|
李峥等: "可信密码模块中SM2引擎的系统设计", 《信息安全与通信保密》 * |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106685651A (en) * | 2016-12-22 | 2017-05-17 | 北京信安世纪科技有限公司 | Method for creating digital signatures by cooperation of client and server |
CN109586912A (en) * | 2018-11-09 | 2019-04-05 | 天津海泰方圆科技有限公司 | A kind of generation method, system, equipment and the medium of SM2 digital signature |
CN109639439A (en) * | 2019-02-27 | 2019-04-16 | 武汉大学 | A kind of ECDSA digital signature method based on two sides collaboration |
CN109639439B (en) * | 2019-02-27 | 2020-10-30 | 武汉大学 | ECDSA digital signature method based on two-party cooperation |
CN110046387A (en) * | 2019-03-14 | 2019-07-23 | 广东工业大学 | A kind of SM2 module verification platform and verification method based on UVM |
CN110046387B (en) * | 2019-03-14 | 2022-04-08 | 广东工业大学 | SM2 module verification platform and verification method based on UVM |
Also Published As
Publication number | Publication date |
---|---|
CN102291240B (en) | 2013-10-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Khalique et al. | Implementation of elliptic curve digital signature algorithm | |
Katz et al. | Efficiency improvements for signature schemes with tight security reductions | |
Albrecht et al. | Implementing RLWE-based schemes using an RSA co-processor | |
KR101154695B1 (en) | Encryption computing device | |
CN112202568B (en) | Software and hardware collaborative design SM9 digital signature communication method and system | |
KR20070057882A (en) | Encryption computing method, encryption device, and computer program | |
Ch et al. | Efficient signcryption schemes based on hyperelliptic curve cryptosystem | |
CN102291240B (en) | Method and system for authenticating SM2 (Smart Media 2) signature | |
Ch et al. | Signcryption schemes with forward secrecy based on hyperelliptic curve cryptosystem | |
Liu et al. | Efficient implementation of NIST-compliant elliptic curve cryptography for sensor nodes | |
Yoshioka et al. | Periodic properties of Chebyshev polynomial sequences over the residue ring $\mathbb {Z}/2^{k}\mathbb {Z} $ | |
Vijayakumar et al. | Comparative study of hyperelliptic curve cryptosystem over prime field and its survey | |
Azarderakhsh et al. | A modified low complexity digit-level Gaussian normal basis multiplier | |
Azarderakhsh et al. | Common subexpression algorithms for space-complexity reduction of Gaussian normal basis multiplication | |
Jaiswal et al. | Hardware implementation of text encryption using elliptic curve cryptography over 192 bit prime field | |
Wajih et al. | Low power elliptic curve digital signature design for constrained devices | |
Rashidi et al. | Full‐custom hardware implementation of point multiplication on binary edwards curves for application‐specific integrated circuit elliptic curve cryptosystem applications | |
KR100723863B1 (en) | Methhod for protecting DPA using randomized Frobenius decompositions and apparatus thereof | |
Al Musa et al. | Fast scalar multiplication for elliptic curves over binary fields by efficiently computable formulas | |
Li et al. | A novel algorithm for scalar multiplication in ecdsa | |
Kömürcü et al. | An efficient hardware implementation of the Tate pairing in characteristic three | |
Tamura et al. | Montgomery multiplier design for ECDSA signature generation processor | |
Leca et al. | Combining point operations for efficient elliptic curve cryptography scalar multiplication | |
Awano et al. | Fourℚ on ASIC: Breaking Speed Records for Elliptic Curve Scalar Multiplication | |
Thomas et al. | A survey on various algorithms used for elliptic curve cryptography |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20131002 Termination date: 20140901 |
|
EXPY | Termination of patent right or utility model |