CN103546288B - SM2 (streaming multiprocessor 2) digital signature generating algorithm realizing method and device - Google Patents
SM2 (streaming multiprocessor 2) digital signature generating algorithm realizing method and device Download PDFInfo
- Publication number
- CN103546288B CN103546288B CN201310445395.1A CN201310445395A CN103546288B CN 103546288 B CN103546288 B CN 103546288B CN 201310445395 A CN201310445395 A CN 201310445395A CN 103546288 B CN103546288 B CN 103546288B
- Authority
- CN
- China
- Prior art keywords
- private key
- user
- digital signature
- cpu
- generating algorithm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention relates to an SM2 (streaming multiprocessor 2) digital signature generating algorithm realizing method and device. The method includes calculating an SM2 digital signature generating algorithm by coordination of a CPU (central processing unit) and a GPU (graphics processing unit), pre-calculating elliptical curve dots in the SM2 digital signature generating algorithm in the GPU to obtain a result and storing the result in a storage unit, pre-calculating one-added inverse calculation of a user private key in the CPU to obtain a result and storing the result in the storage unit, calling the results obtained by pre-calculation and stored in the storage unit when the CPU calculates a to-be-signed message sequence according to the SM2 digital signature generating algorithm calculating step. Accordingly, digital signature calculation time for to-be-signed messages is shortened, and calculation efficiency of the SM2 digital signature generating algorithm is improved. Further, the CPU can perform one-added inverse calculation on different private keys and store results in the storage unit, and calculation efficiency is further improved.
Description
Technical field
The present invention relates to public key algorithm technology, combine central processing unit (cpu) and graphics process particularly to a kind of
The implementation method of sm2 digital signature generating algorithm of device (gpu, graphics processing unit) and device.
Background technology
The important way being an up processor performance is calculated using multi-core parallel concurrent, therefore occurs in that including massively parallel architecture
The gpu of arithmetic element, gpu have developed into for degree of parallelism height, multithreading, calculate high-performance quick and that memory bandwidth is big and lead to
Use processor.Gpu architecture is divided into three layers in composition: ground floor is by several thread processors cluster (tpc, thread
Preocessing cluster) composition, the second layer is by multiple streams multiprocessor (sm, streaming multiprocessor)
Composition, third layer is the stream handle (sp, stream processor) constituting sm it is also possible to referred to as thread processor.Sm makees
A tasks carrying for gpu and scheduling unit, are mainly responsible for the thread instruction of execution gpu distribution, and sp are most basic in gpu
Instruction execution unit, the operation of its execution controls by affiliated sm.
Nvidia company is proposed computer equipment integrating structure (cuda, compute unified device within 2006
Architecture) programmable platform, it is possible to achieve the scheduling of gpu thread.Under cuda programmable platform framework, gpu executes
Least unit be thread (thread), several threads (thread) can form a thread block (block).One block
In thread can access same shared drive and synchronization.The thread of execution same program, composition grid (grid), different
Grid can execute different programs.
With respect to central processing unit (cpu), gpu has powerful data-handling capacity, in floating-point operation and parallel computation
Etc. aspect, improve tens times even performance of hundreds of times of cpu.Gpu has thousand of cores, has very high concurrency, but often
It is weaker that individual sm compares cpu disposal ability.Cpu computing capability is strong, but check figure is fewer.Therefore, using which kind of cpu and gpu
Cooperation mode carries out framework, completes various calculating, to improve system overall calculation ability, is a problem demanding prompt solution.
Ellipse curve public key cipher algorithm (sm2), is the cryptographic algorithm that China national Password Management office issues.Sm2 is clear and definite
Define Digital Signature Algorithm, public key encryption algorithm and the IKE of sm2 algorithm.Wherein, the digital signature of sm2 algorithm
Algorithm includes generating algorithm and verification algorithm, applies the message of reliability in message transmitting procedure to transmit and the conjunction using message
Method person verifies.In the Digital Signature Algorithm of sm2, including one-to-one public key and private key, wherein, private key is used for be signed disappearing
Breath generates digital signature, and public key is used for digital signature is verified.Signer carries out the numeral of message m to be signed using private key
Signature generating algorithm calculates, and obtains the digital signature of message m to be signed;Verifier adopts public key to the message m to be signed receiving
It is digitally signed checking to calculate, verifies whether the digital signature of message m to be signed mates, if it does, confirming that receive treats
Signature information m is correct.
The digital signature generating algorithm detailed process of sm2 algorithm is as follows.
If message to be signed is m, in order to obtain the digital signature (r, s) of message m to be signed, as the user a of signer
Should realize following calculation step:
A1: putza‖ m represents zaSplicing with m;
A2: calculateThe data type conversion of e is integer;
A3: produce random number k ∈ [1, n-1];
A4: calculate elliptic curve point (x, y)=[k] g;
A5: calculate r=(e+x) mod n, if r=0 or r+k=n, return a3;
A6: calculate s=((1+da)-1·(k-r·da)) mod n, if s=0, return a3;
A7: the data type conversion of r, s is byte serial, the signature of message m to be signed is (r, s).
Wherein: za: with regard to the hash of the distinguished mark of user a, part elliptical curve systematic parameter and client public key a
Value;hv(): eap-message digest length is the cryptographic Hash function of v bit;G a: basic point on elliptic curve, its rank is prime number;
N: the rank of basic point g;da: the private key of user a;[k] g: Point on Elliptic Curve g k times of point, i.e. [k] g=g+g ...+g, represents k
G is added on elliptic curve domain.
At present, when realizing sm2 digital signature generating algorithm, it is to be calculated according to above-mentioned steps order by cpu, finally gives
The digital signature of message m to be signed, because in calculating process, amount of calculation ratio is larger, relatively time-consuming, obtain the effect of digital signature
Rate is than relatively low.
Content of the invention
In view of this, the present invention provides a kind of implementation method of the sm2 digital signature generating algorithm of combination cpu and gpu, should
Method can improve the computational efficiency of sm2 digital signature generating algorithm.
The present invention also provides a kind of sm2 digital signature generating algorithm of combination cpu and gpu to realize device, and this device can
Improve the computational efficiency of sm2 digital signature generating algorithm.
For reaching above-mentioned purpose, the technical scheme that the present invention is implemented specifically is achieved in that
A kind of implementation method of sm2 digital signature generating algorithm, the method includes:
Calculating elliptic curve point step in sm2 digital signature generating algorithm is precalculated by graphic process unit gpu, obtains
To elliptic curve point and corresponding random number, and it is stored in the memorizer of setting;
In sm2 digital signature generating algorithm, 1 inversion calculation step will be increased by central processing unit cpu in advance to private key for user
Calculate, increasing 1 reciprocal value obtaining private key for user is stored in the memorizer of setting;
When cpu treats signature information order calculating according to sm2 digital signature generating algorithm calculation procedure, memorizer is called to deposit
The elliptic curve point of storage and corresponding random number, and increasing 1 reciprocal value of private key for user, complete to treat the numeral label of signature information
Name.
The cpu thread to private key for user increasing 1 inversion calculation in described sm2 digital signature generating algorithm and described basis
The cpu thread that sm2 digital signature generating algorithm calculation procedure treats signature information order calculating is identical or different.
Private key for user increasing 1 inversion calculation step is precalculated in cpu in the described digital signature generating algorithm by sm2
For:
For the signature request having prestored private key for user, before receiving the generation request of sm2 digital signature, pre- advanced
Row private key for user increases 1 inversion calculation, and private key for user is expressed as da, private key for user increases 1 and inverts and be expressed as (1+da)-1Mod n, wherein
N is the rank of elliptic curve basic point g.
Private key for user increasing 1 inversion calculation step is precalculated in cpu in the described digital signature generating algorithm by sm2
For:
For the signature request not prestoring private key for user, after cpu receives the generation request of sm2 digital signature,
Before cpu treats signature information order calculating according to sm2 digital signature generating algorithm calculation procedure, get private key for user laggard
Row increases 1 inversion calculation;
The cpu thread of described inversion calculation is with to treat signature information according to sm2 digital signature generating algorithm calculation procedure suitable
The cpu thread that sequence calculates is different.
Described get private key for user and carry out increasing 1 inversion calculation be:
Set the private key for user threshold number of inversion calculation or set the interval moment simultaneously, when reaching inversion calculation simultaneously
During the interval moment of private key for user threshold number or setting, acquired multiple different user private keys are carried out increasing 1 simultaneously and inverts
Increasing 1 reciprocal value of the different user private key obtaining after operation.
Described acquired multiple different user private keys are carried out increasing the different user private key obtaining after 1 inversion operation simultaneously
Increasing 1 reciprocal value is:
Calculate d1=1+da1, d2=1+da2..., di=1+dai;
Calculate d1'=d1,d2'=d1*d2,…,di'=d1*d2*…*di;
Calculate h=(di’)-1mod n;
Calculate (d1)-1=h*d2*…*di, (d2)-1=h*d1*d3* ... * di ..., (di)-1=h*d1*d2*…*di-1;
Wherein, daiFor private key for user, (di)-1Inverse for private key for user, n is the rank of elliptic curve basic point g.
The calculating of the calculating elliptic curve point step in described sm2 digital signature generating algorithm is by a gpu thread order
Complete, or multiple gpu thread calculates for different randoms number simultaneously and completes.
A kind of sm2 digital signature generating algorithm realize device, this device includes: gpu computing unit, cpu computing unit
And memorizer, wherein,
Gpu computing unit, for executing the calculating elliptic curve point step in sm2 digital signature generating algorithm, and will count
The elliptic curve point obtaining and corresponding random number store in memory;
Cpu computing unit, for execute in sm2 digital signature generating algorithm to private key for user increase 1 inversion calculation step,
Increasing 1 reciprocal value obtaining private key for user stores in memory;Disappeared to be signed according to sm2 digital signature generating algorithm calculation procedure
When breath order calculates, call the elliptic curve point prestoring of memory storage and corresponding random number, and private key for user
Increasing 1 reciprocal value, complete to treat the digital signature of signature information.
Memorizer, for storing elliptic curve point and corresponding random number, and increasing 1 reciprocal value of private key for user.
Described cpu computing unit, was additionally operable to before receiving the generation request of sm2 digital signature, be stored with private key for user,
Carry out private key for user in advance to increase 1 inversion calculation and store in memory.
Described cpu computing unit includes multiple cpu computing units, wherein,
One cpu computing unit, is additionally operable to after cpu receives the generation request of sm2 digital signature, cpu is according to sm2 number
Before word signature generating algorithm step treats signature information order calculating, get private key for user increasing 1 and carry out inversion calculation and deposit
Storage is in memory;
Other cpu computing units, are additionally operable to treat signature information order calculating according to sm2 digital signature generating algorithm step
When, call the elliptic curve point prestoring of memory storage and corresponding random number, and increasing 1 reciprocal value of private key for user,
Complete to treat the digital signature of signature information.
Described gpu computing unit is one or more, by sequentially executing based in sm2 digital signature generating algorithm
Calculate elliptic curve point step, or the calculating simultaneously executing for different randoms number in sm2 digital signature generating algorithm is oval
Curve point step.
As can be seen from the above scheme, the present invention carries out sm2 digital signature generating algorithm using cpu and gpu cooperation mode
Calculate, the calculating elliptic curve point step in sm2 digital signature generating algorithm is carried out precalculating obtaining result simultaneously in gpu
It is stored in the memorizer of setting, private key for user will be increased with 1 inversion calculation and carry out precalculating in cpu obtaining result and storing
In the memorizer of setting, then signature information order is treated according to sm2 digital signature generating algorithm calculation procedure by cpu and calculate
When, that calls memory storage precalculates the result obtaining, thus save treating the meter that signature information is digitally signed
Evaluation time, improves the computational efficiency of sm2 digital signature generating algorithm.Further, can be simultaneously to multiple differences in cpu
Private key for user carries out private key for user increasing 1 respectively and inverts and store in memory, improves computational efficiency further.
Brief description
The realization of the sm2 digital signature generating algorithm of combination cpu and gpu that Fig. 1 provides for embodiment of the present invention embodiment
Method flow diagram;
Fig. 2 is that the sm2 digital signature generating algorithm of combination cpu and gpu provided in an embodiment of the present invention realizes apparatus structure
Schematic diagram;
Fig. 3 is elliptic curve point provided in an embodiment of the present invention and the schematic diagram of corresponding random number precomputation and access;
Fig. 4 is a cpu computing unit provided in an embodiment of the present invention to different user private key daIncreasing 1 inversion calculation stream
Cheng Tu.
Specific embodiment
For making the objects, technical solutions and advantages of the present invention become more apparent, develop simultaneously embodiment referring to the drawings, right
The present invention is described in further detail.
The reason background technology computational efficiency when realizing sm2 digital signature generating algorithm is high is: by cpu according to sm2
Digital signature generating algorithm calculation procedure order executes, and 1 inversion calculation that increases therein is complicated with the calculating of elliptic curve point calculating
Property is all higher, than relatively time-consuming.In order to overcome this problem, the present invention carries out sm2 numeral using cpu and gpu cooperation mode and signs
Name generating algorithm calculates, and the calculating elliptic curve point step in sm2 digital signature generating algorithm is precalculated in gpu
Obtain result and be stored in the memorizer of setting, private key for user will be increased with 1 inversion calculation and carry out precalculating obtaining in cpu
Result is simultaneously stored in the memorizer of setting, is then disappeared to be signed according to sm2 digital signature generating algorithm calculation procedure by cpu
When breath order calculates, that calls memory storage precalculates the result obtaining, and enters line number thus saving and treating signature information
The calculating time of word signature, improve the computational efficiency of sm2 digital signature generating algorithm.Further, can be same in cpu
When multiple different user private keys are carried out respectively with private key for user increase 1 inversion calculation and store in memory, improve meter further
Calculate efficiency.
As can be seen that step a3 and step a4 calculate elliptic curve from the sm2 digital signature generating algorithm of background technology
The data that point is related to is unrelated with message to be signed.Therefore, the present invention is using before carrying out sm2 digital signature generating algorithm, by
Gpu execution step a3 and step a4 in advance, is stored in after obtaining result in the memorizer of setting, when cpu signs according to sm2 numeral
When name generating algorithm step is treated signature information and calculated according to sequence of steps, when order execution step a3 and step a4, directly
Read from the memorizer of setting.
It can also be seen that carry out in step a6 is private to user from the sm2 digital signature generating algorithm of background technology
Key increases 1 inversion operation (1+da)-1Computation complexity is larger, and the present invention is then precalculated in this step a6 to private key for user by cpu
Increase 1 inversion process and store result, when cpu disappears to be signed according to sm2 digital signature generating algorithm step in memory
When breath calculates according to sequence of steps, when order execution step a6, from the memorizer of setting, directly read this private key for user increase 1
Result of inverting, then again in execution step a6 other calculating.Being precalculated by cpu in this step a6, private key for user is increased
When 1 inversion process in memory storage result, cpu can obtain multiple different use by executing an inversion calculation
The increasing 1 of family private key is inverse, and stores in memory.
Fig. 1 be provided in an embodiment of the present invention a kind of based on the digital signature generating algorithm realization side in the sm2 algorithm of gpu
Method flow chart, it concretely comprises the following steps:
Step 101, the calculating elliptic curve point step in sm2 digital signature generating algorithm is precalculated by gpu obtain
Result is simultaneously stored in the memorizer of setting;
In this step, result is elliptic curve point and corresponding random number;
Step 102, will in sm2 digital signature generating algorithm to private key for user increase 1 inversion calculation step counted in advance by cpu
Calculate and obtain result and be stored in the memorizer of setting;
In this step, result is inverse for private key for user increasing 1;
When step 103, cpu treat signature information order calculating according to sm2 digital signature generating algorithm calculation procedure, call
The elliptic curve point of memory storage and corresponding random number, and increasing 1 reciprocal value of private key for user, complete to treat signature information
Digital signature.
In FIG, step 101 and step 102 are executed by gpu and cpu respectively, and execution can not be order execution.
In FIG, step 102 and step 103 are all completed by cpu thread, can be same cpu thread it is also possible to
It is different cpu threads.
In FIG, when gpu executes the calculating elliptic curve point step in sm2 digital signature generating algorithm, can be by one
Gpu thread completes to complete it is also possible to be calculated for different randoms number by multiple gpu threads simultaneously.
In step 102 in FIG, two ways is had to carry out:
First kind of way, if having prestored private key for user, generates request receiving sm2 digital signature
Before, increase 1 inversion calculation and store with regard to carrying out private key for user in advance;
The second way, without storage private key for user, then after cpu receives the generation request of sm2 digital signature,
Cpu collects multiple computation requests, before treat signature information order calculating according to sm2 digital signature generating algorithm step, obtains
Get private key for user to carry out increasing 1 inversion calculation and storing.When executing the second way, can be simultaneously to different sm2 numerals
Signature generates the required different user private key increasing 1 of request and carries out inversion calculation simultaneously, such as sets the user of inversion calculation simultaneously
Private key threshold number or setting interval moment, when reaching the interval of the private key for user threshold number of inversion calculation or setting simultaneously
During quarter, acquired multiple different user private keys are carried out different user private key simultaneously and increases the difference use obtaining after 1 inversion operation
The inverse storage of family private key, when invoked, increasing 1 reciprocal value choosing corresponding private key for user calls.
Can be seen that according to known to the private key for user signed or unknown from both the above mode, computational methods are different
's.
Fig. 2 is provided in an embodiment of the present invention one logical to realize dress based on the digital signature generating algorithm in the sm2 algorithm of gpu
Put structural representation, including gpu computing unit, cpu computing unit and memorizer, wherein,
Gpu computing unit, for executing the calculating elliptic curve point step in sm2 digital signature generating algorithm, and will count
The elliptic curve point obtaining and corresponding random number store in memory;
Cpu computing unit, for execute in sm2 digital signature generating algorithm to private key for user increase 1 inversion calculation step,
Increasing 1 reciprocal value obtaining private key for user stores in memory;Disappeared to be signed according to sm2 digital signature generating algorithm calculation procedure
When breath order calculates, call the elliptic curve point prestoring of memory storage and corresponding random number, and private key for user
Increasing 1 reciprocal value, complete to treat the digital signature of signature information.
Memorizer, for storing elliptic curve point and corresponding random number, and increasing 1 reciprocal value of private key for user.
In the present invention, described gpu computing unit can include multiple, for sequentially execute sm2 digital signature generate calculate
Calculating elliptic curve point step in method, or execute in sm2 digital signature generating algorithm for different randoms number simultaneously
Calculate elliptic curve point step.
In the present invention, described cpu computing unit, is additionally operable to before receiving the generation request of sm2 digital signature, storage
There is private key for user, carry out private key for user in advance and increase 1 inversion calculation and store in memory.
In the present invention, described cpu computing unit includes multiple cpu computing units, wherein,
One cpu computing unit, is additionally operable to after cpu receives the generation request of sm2 digital signature, cpu is according to sm2 number
Before word signature generating algorithm step treats signature information order calculating, get private key for user and carry out increasing 1 inversion calculation and depositing
Storage is in memory;
Cpu computing unit, this cpu computing unit can also be able to be other for carrying out the cpu computing unit of inversion calculation
Computing unit, when being additionally operable to treat signature information order calculating according to sm2 digital signature generating algorithm step, calls memorizer to deposit
The elliptic curve point prestoring of storage and corresponding random number, and increasing 1 reciprocal value of private key for user, complete to treat signature information
Digital signature.
Hereinafter the sm2 digital signature generating algorithm with reference to cpu and gpu is described in detail.
When not receiving the generation request of sm2 digital signature, at least one gpu computing unit, this gpu computing unit runs
Gpu thread, execution is following to be operated: obtains random number k ∈ [1, n-1], calculates elliptic curve point (x, y)=[k] g, by k and calculating
Result [k] g accordingly stores in memory.
In this embodiment it is possible to there be multiple gpu computing units to calculate elliptic curve point (x simultaneouslyi,yi)=[k] g (i=
1,2 ..., n), that is, there are multiple gpu computing unit execute instructions identical, the calculating of the different elliptic curve point of operand, improves
The computational efficiency of gpu.
On the premise of gpu precomputation elliptic curve point [k] g, cpu computing unit directly reads oval bent from memorizer
Line point and corresponding random number, execute sm2 digital signature generating algorithm.In sm2 digital signature generating algorithm implementation procedure, cpu
According to the sequence of steps execution of sm2 digital signature generating algorithm, need to calculate s=((1+da)-1·(k-r·da)) mod n, this
Inventive embodiments can be to increasing therein 1 inversion operation (1+da)-1It is optimized.
If before receiving the generation request of sm2 digital signature, having stored private key for user da, then at least one cpu
Computing unit, before receiving the generation request of sm2 digital signature, calculates s '=(1+da)-1, by result of calculation s ' and it is stored in storage
In device.
In this case, the process that at least one cpu computing unit carries out sm2 digital signature generating algorithm is as follows:
A1: putRepresent zaSplicing with m;
A2: calculateThe data type conversion of e is integer;
A3: read elliptic curve point (x, y)=[k] g and k of gpu precomputation storage from memorizer, as shown in figure 3, figure
3 is the elliptic curve point of the embodiment of the present invention and the schematic diagram of corresponding random number precomputation and access;
A4: calculate r=(e+x) mod n, if r=0 or r+k=n, again read elliptic curve point from memorizer;
A5: read (1+d from memorizera)-1Result of calculation s ', and calculate s=(s ' (k-r da)) mod n, if
S=0 then returns a3;
A6: the data type conversion of r, s is byte serial, the signature of message m to be signed is (r, s).
In above-mentioned sm2 digital signature generating algorithm implementation procedure, before receiving the generation request of sm2 digital signature, in advance
First calculate increasing 1 inversion operation (1+da)-1, therefore, from memorizer, directly read (1+da)-1Operation result, it is to avoid consumption
When inversion operation, improve computational efficiency.
If before receiving the generation request of sm2 digital signature, not storing private key for user daIt is impossible to precalculate (1+
da)-1, then can be by receiving multiple different user private key daSm2 signature generating algorithm computation requests, realize simultaneously to multiple
Different user private key daIncrease the optimization of 1 inversion operation.
Specifically, when receiving multiple daDuring different sm2 signature generating algorithm computation requests, a cpu computing unit pair
Different user private key daIncrease 1 inversion calculation flow chart as shown in figure 4, it concretely comprises the following steps:
Step 401, i different sm2 digital signature of reception generate request, its private key for user daIt is respectively da1, da2...,
dai;
In this step, the private key for user threshold number of inversion calculation simultaneously can be set or set the interval moment, when arriving
When reaching threshold number or setting time, confirm the private key for user d obtaininga, execution step 402;
Step 402, calculating d1=1+da1, d2=1+da2..., di=1+dai;
Step 403, calculating d1'=d1,d2'=d1*d2,…,di'=d1*d2*…*di;
Step 404, calculating h=(di’)-1mod n;
Step 405, calculating (d1)-1=h*d2*…*di, (d2)-1=h*d1*d3* ... * di ..., (di)-1=h*d1*
d2*…*di-1;And by (d1)-1,(d2)-1..., (di)-1Storage is on a memory.
In this step, it is possible to use following algorithm is realized:
h’←h
for k from i downto 2do
1.dk -1←h’*dk-1’
2.h’←h’*dk
d1 -1←h’.
In the diagram, step 401 and step 402 can also be replaced with following operation:
Receive i different sm2 digital signature and generate request, its private key for user daIt is respectively da1, da2..., dai;Often receive
To a private key for user dam, just calculate and store corresponding dm=1+dam(m=1,2 ..., i), when m=i, execution step
403.
In this case, for other cpu computing units, the process carrying out sm2 digital signature generating algorithm is as follows:
A1: putRepresent zaSplicing with m;
A2: calculateThe data type conversion of e is integer;
A3: read elliptic curve point (x, y)=[k] g and k of gpu precomputation storage from memorizer;
A4: calculate r=(e+x) mod n, if r=0 or r+k=n, again read elliptic curve point from memorizer;
A5: read d from memorizerm -1, s=(dm -1·(k-r·da)) mod n, if s=0, return a3;
A6: the data type conversion of r, s is byte serial, the signature of message m to be signed is (r, s).
If as can be seen that generating request for i sm2 digital signature, if each request is calculated once inverted
Computing (1+dak)-1(k=1,2 ..., i), then having executed i sm2 digital signature generation request needs to carry out i inversion operation.
And the embodiment of the present invention, when executing i, only need to carry out an inversion operation h=(d ')-1, shorten i sm2 digital signature life
Become request averagely realizes the time, improves computational efficiency.
The present invention is described in detail to lift a specific embodiment
In this specific embodiment, selected the cpu of the model e2 1230 v2 and gpu of model gtx 680.
When not receiving the generation request of sm2 digital signature, start 100 gpu thread loops ground execution and operate as follows: obtain
Take random number k ∈ [1, n-1], calculate elliptic curve point (x, y)=[k] g, and { k, (x, y) } is stored in memory.
Before receiving the generation request of sm2 digital signature, be stored with private key for user daWhen, cpu thread carries out increasing 1 to be asked
Inverse operation s '=(1+da)-1, s ' is preserved in memory.
When receiving the generation request of sm2 digital signature, a cpu thread, this cpu thread can be to private key for user daIncrease
The cpu thread that 1 inverts is not it is also possible to be to private key for user daIncrease the 1 cpu thread inverted.Execution is following to be operated:
A1: putRepresent zaSplicing with m;
A2: calculateThe data type conversion of e is integer;
A3: read elliptic curve point (x, y)=[k] g and k of gpu precomputation storage from memorizer;
A4: calculate r=(e+x) mod n, if r=0 or r+k=n, again read elliptic curve point from memorizer;
A5: read (1+d from memorizera)-1Result of calculation s ', and calculate s=(s ' (k-r da)) mod n, if
S=0 then returns a3;
A6: the data type conversion of r, s is byte serial, the signature of message m to be signed is (r, s).
If before receiving the generation request of sm2 digital signature, not storing private key for user da, receiving multiple differences
When sm2 digital signature generates request, first to corresponding private key for user daCollect, collect 1000 different private key for user da
Afterwards, a cpu thread following algorithm of execution:
Input: the rank n of elliptic curve basic point, private key for user da1, da2..., da1000.
Output: (1+da1) -1, (1+da2)-1..., (1+da1000)-1
for i from 1to 1000do:ai←dai+1.
c1←a1.
for i from 2to 1000do:ci←ci-1*aimod n.
u←c1000 -1mod n.
for i from 1000downto 2do
{ai -1←u*ci-1mod n.
u←u*aimod n.}
a1 -1←u.
return(a1 -1,a2 -1,…,a1000 -1).
The output result of above-mentioned algorithm preserves in memory.
The process that other cpu threads carry out sm2 digital signature generating algorithm is as follows:
A1: putRepresent zaSplicing with m;
A2: calculateThe data type conversion of e is integer;
A3: read elliptic curve point (x, y)=[k] g and k of gpu precomputation storage from memorizer;
A4: calculate r=(e+x) mod n, if r=0 or r+k=n, again read elliptic curve point from memorizer;
A5: read a from memorizeri -1, s=(ai -1·(k-r·da)) mod n, if s=0, return a3;
A6: the data type conversion of r, s is byte serial, the signature of message m to be signed is (r, s).
The sm2 digital signature generating algorithm that the present invention provides can apply in the message transmission field of reliability it is ensured that
The transmission that signature information cannot be treated is distorted, and is that the unique digital signature of message generation to be signed is used for verifying.
The object, technical solutions and advantages of the present invention are further described, institute by above act preferred embodiment
It should be understood that the foregoing is only presently preferred embodiments of the present invention, not in order to limit the present invention, all the present invention's
Spirit and principle within, any modification, equivalent and improvement of being made etc., should be included in protection scope of the present invention it
Interior.
Claims (9)
1. a kind of implementation method of sm2 digital signature generating algorithm is it is characterised in that the method includes:
Calculating elliptic curve point step in sm2 digital signature generating algorithm is precalculated by gpu, obtain elliptic curve point and
Corresponding random number, and be stored in the memorizer of setting;
Precalculated 1 inversion calculation step being increased to private key for user in sm2 digital signature generating algorithm by cpu, obtain user
Private key increasing 1 is inverse to be stored in the memorizer of setting;
When cpu treats signature information order calculating according to sm2 digital signature generating algorithm calculation procedure, call memory storage
Elliptic curve point and corresponding random number, and private key for user increasing 1 is inverse, completes to treat the digital signature of signature information;
Private key for user increasing 1 inversion calculation step is pre-computed as in cpu in the described digital signature generating algorithm by sm2:
For the signature request not prestoring private key for user, after cpu receives the generation request of sm2 digital signature, cpu root
Treat before signature information order calculates according to sm2 digital signature generating algorithm calculation procedure, get private key for user and carry out increasing 1 and ask
Inverse calculating;The described cpu thread carrying out increasing 1 inversion calculation with according to sm2 digital signature generating algorithm calculation procedure to be signed
The cpu thread that message sequence calculates is different;
Described get private key for user and carry out increasing 1 inversion calculation be:
Set the private key for user threshold number simultaneously increasing 1 inversion calculation or set the interval moment, increase 1 inversion calculation when reaching simultaneously
Private key for user threshold number or setting the interval moment when, acquired multiple different user private keys are carried out increasing 1 simultaneously and ask
The increasing 1 of the different user private key obtaining after inverse operation is inverse.
2. implementation method as claimed in claim 1 it is characterised in that in described sm2 digital signature generating algorithm to user
The cpu thread that private key increases 1 inversion calculation treats signature information order with described according to sm2 digital signature generating algorithm calculation procedure
The cpu thread calculating is identical or different.
3. implementation method as claimed in claim 1 it is characterised in that in the described digital signature generating algorithm by sm2 to
Family private key increases 1 inversion calculation step and is pre-computed as in cpu:
For the signature request having prestored private key for user, before receiving the generation request of sm2 digital signature, used in advance
Family private key increases 1 inversion calculation, and private key for user is expressed as da, it is (1+d that private key for user increases 1 reciprocal representationa)-1Mod n, wherein n are ellipse
The rank of circular curve basic point g.
4. implementation method as claimed in claim 3 it is characterised in that described by acquired multiple different user private keys simultaneously
The different user private key that obtains after carrying out increasing 1 inversion operation increases 1:
Calculate d1=1+da1, d2=1+da2..., di=1+dai;
Calculate d1'=d1,d2'=d1*d2,…,di'=d1*d2*…*di;
Calculate h=(di’)-1mod n;
Calculate (d1)-1=h*d2*…*di, (d2)-1=h*d1*d3* ... * di ..., (di)-1=h*d1*d2*…*di-1;
Wherein, daiFor private key for user, (di)-1Inverse for the increasing 1 of private key for user, n is the rank of elliptic curve basic point g.
5. implementation method as claimed in claim 1 is it is characterised in that the calculating in described sm2 digital signature generating algorithm is ellipse
The calculating of circular curve point step is completed by a gpu thread order, or multiple gpu thread calculates for different randoms number simultaneously
Complete.
6. a kind of sm2 digital signature generating algorithm realize device it is characterised in that this device includes: gpu computing unit, cpu
Computing unit and memorizer, wherein,
Gpu computing unit, for executing the calculating elliptic curve point step in sm2 digital signature generating algorithm, and will calculate
The elliptic curve point arriving and corresponding random number store in memory;
Cpu computing unit, for execute in sm2 digital signature generating algorithm to private key for user increase 1 inversion calculation step, obtain
Increasing 1 reciprocal value of private key for user stores in memory;Signature information is treated according to sm2 digital signature generating algorithm calculation procedure suitable
When sequence calculates, call the elliptic curve point prestoring of memory storage and corresponding random number, and private key for user increasing 1 is inverse
Value, completes to treat the digital signature of signature information;
Memorizer, for storing elliptic curve point and corresponding random number, and the increasing 1 of private key for user is inverse;
Private key for user increasing 1 inversion calculation step is calculated as in the described digital signature generating algorithm by sm2:
For the signature request not prestoring private key for user, after cpu receives the generation request of sm2 digital signature, cpu root
Treat before signature information order calculates according to sm2 digital signature generating algorithm calculation procedure, get private key for user and carry out increasing 1 and ask
Inverse calculating;The described cpu thread carrying out increasing 1 inversion calculation with according to sm2 digital signature generating algorithm calculation procedure to be signed
The cpu thread that message sequence calculates is different;
Described get private key for user and carry out increasing 1 inversion calculation be:
Set the private key for user threshold number simultaneously increasing 1 inversion calculation or set the interval moment, increase 1 inversion calculation when reaching simultaneously
Private key for user threshold number or setting the interval moment when, acquired multiple different user private keys are carried out increasing 1 simultaneously and ask
The increasing 1 of the different user private key obtaining after inverse operation is inverse.
7. realize device as claimed in claim 6 it is characterised in that described cpu computing unit, be additionally operable to receiving sm2
Before digital signature generates request, be stored with private key for user, carries out private key for user in advance and increases 1 inversion calculation and be stored in memorizer
In.
8. realize device as claimed in claim 6 it is characterised in that described cpu computing unit includes multiple cpu calculates list
Unit, wherein,
One cpu computing unit, is additionally operable to after cpu receives the generation request of sm2 digital signature, cpu signs according to sm2 numeral
Before name generating algorithm step treats signature information order calculating, get private key for user increasing 1 and carry out inversion calculation and be stored in
In memorizer;
Other cpu computing units, when being additionally operable to treat signature information order calculating according to sm2 digital signature generating algorithm step,
Call the elliptic curve point prestoring of memory storage and corresponding random number, and increasing 1 reciprocal value of private key for user, complete
Treat the digital signature of signature information;
In the described digital signature generating algorithm by sm2 to private key for user increase 1 inversion calculation step be:
For the signature request not prestoring private key for user, after cpu receives the generation request of sm2 digital signature, cpu root
Treat before signature information order calculates according to sm2 digital signature generating algorithm calculation procedure, get private key for user and carry out increasing 1 and ask
Inverse calculating;The described cpu thread carrying out increasing 1 inversion calculation with according to sm2 digital signature generating algorithm calculation procedure to be signed
The cpu thread that message sequence calculates is different;
Described get private key for user and carry out increasing 1 inversion calculation be:
Set the private key for user threshold number simultaneously increasing 1 inversion calculation or set the interval moment, increase 1 inversion calculation when reaching simultaneously
Private key for user threshold number or setting the interval moment when, acquired multiple different user private keys are carried out increasing 1 simultaneously and ask
The increasing 1 of the different user private key obtaining after inverse operation is inverse
9. realize device as claimed in claim 6 it is characterised in that described gpu computing unit is one or more, use
Calculating elliptic curve point step in order execution sm2 digital signature generating algorithm, or for different randoms number simultaneously
Calculating elliptic curve point step in execution sm2 digital signature generating algorithm.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310445395.1A CN103546288B (en) | 2013-09-25 | 2013-09-25 | SM2 (streaming multiprocessor 2) digital signature generating algorithm realizing method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310445395.1A CN103546288B (en) | 2013-09-25 | 2013-09-25 | SM2 (streaming multiprocessor 2) digital signature generating algorithm realizing method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103546288A CN103546288A (en) | 2014-01-29 |
CN103546288B true CN103546288B (en) | 2017-02-01 |
Family
ID=49969368
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310445395.1A Active CN103546288B (en) | 2013-09-25 | 2013-09-25 | SM2 (streaming multiprocessor 2) digital signature generating algorithm realizing method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103546288B (en) |
Families Citing this family (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104243456B (en) * | 2014-08-29 | 2017-11-03 | 中国科学院信息工程研究所 | Suitable for signature of the cloud computing based on SM2 algorithms and decryption method and system |
CN104461469A (en) * | 2014-11-14 | 2015-03-25 | 成都卫士通信息产业股份有限公司 | Method for achieving SM2 algorithm through GPU in parallelization mode |
CN105391736A (en) * | 2015-12-11 | 2016-03-09 | 捷德(中国)信息科技有限公司 | Transaction dynamic data authentication method and system |
CN106712942B (en) * | 2017-01-10 | 2019-08-23 | 武汉理工大学 | SM2 digital signature generation method and system based on privacy sharing |
CN106549770B (en) * | 2017-01-13 | 2019-07-12 | 武汉理工大学 | SM2 digital signature generation method and system |
CN107104793B (en) * | 2017-04-12 | 2019-10-25 | 武汉理工大学 | A kind of digital signature generation method and system |
CN108259184B (en) * | 2018-01-16 | 2021-06-08 | 飞天诚信科技股份有限公司 | Digital signature and signature verification method and device based on user identification |
CN109145644B (en) * | 2018-08-28 | 2021-03-19 | 北京云测信息技术有限公司 | Private key confusion and digital signature generation method and device and intelligent device |
CN109245903B (en) * | 2018-09-29 | 2021-10-01 | 北京信安世纪科技股份有限公司 | Signature method and device for cooperatively generating SM2 algorithm by two parties and storage medium |
CN109660351B (en) * | 2018-11-08 | 2020-09-08 | 北京大学 | Rapid digital signature generation method for SM2 public key password |
CN111917548B (en) * | 2019-05-07 | 2021-06-04 | 北京大学 | Elliptic curve digital signature method based on GPU and CPU heterogeneous structure |
CN111538480B (en) * | 2020-03-26 | 2022-02-11 | 郑州信大捷安信息技术股份有限公司 | Doubling point operation method and system for elliptic curve password |
CN112367175B (en) * | 2020-11-12 | 2021-07-06 | 西安电子科技大学 | Implicit certificate key generation method based on SM2 digital signature |
CN113055189B (en) * | 2021-06-02 | 2021-08-10 | 工业信息安全(四川)创新中心有限公司 | SM2 digital signature verification failure reason judgment method, device, equipment and medium |
JPWO2023275947A1 (en) * | 2021-06-28 | 2023-01-05 | ||
CN114257380A (en) * | 2021-12-20 | 2022-03-29 | 湖南国科微电子股份有限公司 | Digital signature method, system and equipment |
CN115766006A (en) * | 2022-11-17 | 2023-03-07 | 上海芷锐电子科技有限公司 | Key agreement method, device, electronic equipment and computer readable storage medium |
CN116980129B (en) * | 2023-09-22 | 2024-03-26 | 深圳市纽创信安科技开发有限公司 | Digital signature generation method, device, electronic equipment and readable storage medium |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102064940A (en) * | 2009-11-13 | 2011-05-18 | 赵运磊 | High-efficiency on-line/off-line digital signature method |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7991162B2 (en) * | 2007-09-14 | 2011-08-02 | University Of Ottawa | Accelerating scalar multiplication on elliptic curve cryptosystems over prime fields |
CN102446088A (en) * | 2011-09-20 | 2012-05-09 | 中国科学院深圳先进技术研究院 | Method and system for parallel processing of elliptic curve scalar multiplication |
-
2013
- 2013-09-25 CN CN201310445395.1A patent/CN103546288B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102064940A (en) * | 2009-11-13 | 2011-05-18 | 赵运磊 | High-efficiency on-line/off-line digital signature method |
Non-Patent Citations (2)
Title |
---|
《CUDA平台上的CPU/GPU异步计算模式》;姚平;《中国优秀硕士学位论文全文数据库 信息科技辑》;20110115(第01期);第25-34页 * |
基于GPU的椭圆曲线相关算法并行化效率分析;王雷;《中国优秀硕士学位论文全文数据库》;20120315;第46-51页 * |
Also Published As
Publication number | Publication date |
---|---|
CN103546288A (en) | 2014-01-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103546288B (en) | SM2 (streaming multiprocessor 2) digital signature generating algorithm realizing method and device | |
CN103475469A (en) | Method and device for achieving SM2 algorithm with combination of CPU and GPU | |
KR20200086281A (en) | Distributed computing system and method | |
CN111008863B (en) | Lottery drawing method and system based on block chain | |
Jung et al. | Accelerating fully homomorphic encryption through architecture-centric analysis and optimization | |
Frederiksen et al. | Fast and maliciously secure two-party computation using the GPU | |
CN103631660A (en) | Method and device for distributing storage resources in GPU in big integer calculating process | |
CN113628094B (en) | High-throughput SM2 digital signature computing system and method based on GPU | |
Nagendra et al. | Performance improvement of advanced encryption algorithm using parallel computation | |
Fadhil et al. | Parallelizing RSA algorithm on multicore CPU and GPU | |
Gueron et al. | Speeding up R-LWE post-quantum key exchange | |
Fan et al. | Parallelization of RSA algorithm based on compute unified device architecture | |
Sun et al. | Efficient parallelism of post-quantum signature scheme SPHINCS | |
Patel et al. | Blockchain-envisioned trusted random oracles for IoT-enabled probabilistic smart contracts | |
CN112286752A (en) | Algorithm verification method and system for federated learning heterogeneous processing system | |
CN113055431A (en) | Block chain-based industrial big data file efficient chaining method and device | |
Zheng et al. | Parallel small polynomial multiplication for dilithium: A faster design and implementation | |
Pu et al. | Fastplay-a parallelization model and implementation of smc on cuda based gpu cluster architecture | |
Wang et al. | Efficient implementation of Dilithium signature scheme on FPGA SoC platform | |
CN105119929A (en) | Safe mode index outsourcing method and system under single malicious cloud server | |
Park et al. | Pipsea: A practical ipsec gateway on embedded apus | |
Pu et al. | EAGL: An elliptic curve arithmetic GPU-based library for bilinear pairing | |
CN111917548B (en) | Elliptic curve digital signature method based on GPU and CPU heterogeneous structure | |
Wang et al. | Efficient GPU implementations of post-quantum signature XMSS | |
Ono et al. | Automatic parallelism tuning for module learning with errors based post-quantum key exchanges on GPUs |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |