CN112003696B - SM9 key generation method, system, electronic equipment, device and storage medium - Google Patents

SM9 key generation method, system, electronic equipment, device and storage medium Download PDF

Info

Publication number
CN112003696B
CN112003696B CN202010863934.3A CN202010863934A CN112003696B CN 112003696 B CN112003696 B CN 112003696B CN 202010863934 A CN202010863934 A CN 202010863934A CN 112003696 B CN112003696 B CN 112003696B
Authority
CN
China
Prior art keywords
series
random numbers
representing
random
key generation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010863934.3A
Other languages
Chinese (zh)
Other versions
CN112003696A (en
Inventor
涂彬彬
王现方
张立廷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Westone Information Industry Inc
Original Assignee
Chengdu Westone Information Industry Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Westone Information Industry Inc filed Critical Chengdu Westone Information Industry Inc
Priority to CN202010863934.3A priority Critical patent/CN112003696B/en
Publication of CN112003696A publication Critical patent/CN112003696A/en
Application granted granted Critical
Publication of CN112003696B publication Critical patent/CN112003696B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

The present disclosure provides a method, a system, an electronic device, an apparatus, and a computer medium for SM9 key generation, where the apparatus includes a preset number of key generation centers and clients; the preset number of key generation centers are connected with each other, and each key generation center is used for generating a part of private keys of the client according to a preset random number; the client is connected with each key generation center respectively and used for acquiring partial private keys, adding the partial private keys to obtain a target private key and performing SM9 operation based on the target private key. According to the SM9 secret key generation device provided by the disclosure, the target private key of the client does not belong to one secret key generation center, but is generated by negotiation of a plurality of secret key generation centers, so that an attacker can only obtain part of the private key of the client but cannot obtain the target private key, and the safety of an SM9 algorithm is improved. The SM9 key generation method, the SM9 key generation system, the electronic equipment and the computer-readable storage medium provided by the disclosure also solve the corresponding problems.

Description

SM9 key generation method, system, electronic equipment, device and storage medium
Technical Field
The present disclosure relates to the field of information security technologies, and in particular, to an SM9 key generation method, system, electronic device, apparatus, and storage medium.
Background
The national commercial cipher standard algorithm SM9 is a cipher algorithm based on identification, and comprises the following steps: digital signature, key exchange, key encapsulation and public key encryption. In the SM9 algorithm, the user's identity, such as an identification number, a mobile phone number, a mailbox address, etc., can be used as the public key of the user, and a certificate center in a traditional public key cryptosystem is not required to distribute a certificate to the user, so that the binding between the user public key and the user identity is ensured, and a cumbersome certificate management mechanism is reduced, but a private key required by the user needs to be generated by a key generation center.
In the existing SM9 private key generation method, a uniform private key generation center distributes private keys for all users, so that the private keys of all users are concentrated in one private key generation center, if the private key generation center is cracked, the private keys of all users are leaked, and the private keys of the users are not completely held in the hands of the users, so that the security of the private keys of the users is low, and the security of an SM9 algorithm is influenced.
In summary, how to improve the security of the SM9 algorithm is an urgent problem to be solved by those skilled in the art.
Disclosure of Invention
An object of the present disclosure is to provide an SM9 key generation apparatus that can solve, to some extent, a technical problem of how to improve security of an SM9 algorithm. The disclosure also provides an SM9 key generation method, system, device and computer-readable storage medium.
According to a first aspect of the embodiments of the present disclosure, an SM9 key generation apparatus is provided, including a preset number of key generation centers and clients;
the preset number of key generation centers are connected with each other, and each key generation center is used for generating a part of private keys of the client according to a preset random number;
the client is connected with each key generation center respectively and used for acquiring the partial private keys, adding the partial private keys to obtain a target private key and performing SM9 operation based on the target private key.
Preferably, the preset number of key generation centers includes a first key generation center and a second key generation center;
the first key generation center is used for calculating the identification information of the client based on a first private key of the first key generation center, a first preset random number and a generated first random number according to a first private key calculation formula to obtain a first calculation result and publish the first calculation result; acquiring a second operation result published by the second key generation center; generating a first part of private keys based on the first operation result and the second operation result according to a third private key operation formula;
the second key generation center is used for generating and publishing a second operation result based on a second private key of the second key generation center, a second preset random number and a generated second random number according to a second private key operation formula; acquiring the first operation result; generating a second part of private keys based on the first operation result and the second operation result according to a fourth private key operation formula;
the first private key operational formula comprises:
h=Hash(ID A ||hid,N),e 1 =h+ks 1 -a 1 ;d 1 =r 1 -b 1
the second private key operational formula comprises:
e 2 =ks 2 -a 2 ;d 2 =r 2 -b 2
the third private key operation formula includes:
g 1 =c 1 +(e 1 +e 2 )b 1 +(d 1 +d 2 )a 1 +(e 1 +e 2 )(d 1 +d 2 );
T 1 =(g 1 +g 2 ) -1 r 1 ;KS 1 =ks 1 ([T 1 ]P 1 +[T 2 ]P 1 );
the fourth private key operation formula includes:
g 2 =c 2 +(e 1 +e 2 )b 2 +(d 1 +d 2 )a 2 ;T 2 =(g 1 +g 2 ) -1 r 2 ;KS 2 =ks 2 ([T 1 ]P 1 +[T 2 ]P 1 );
wherein, ID A Identification information representing the client; ks is the product of 1 Representing the first private key; a is 1 、b 1 、c 1 Representing the first preset random number; r is 1 Representing the first random number; e.g. of a cylinder 1 ,d 1 Representing a result of the first operation; ks is the product of 2 Representing the second private key; a is 2 、b 2 、c 2 Represents the second predetermined random number, and a 1 、b 1 、c 1 、a 2 、b 2 、c 2 Satisfies (c) 1 +c 2 )=(a 1 +a 2 )*(b 1 +b 2 );r 2 Representing the second random number; e.g. of the type 2 ,d 2 Representing the result of the second operation; KS 1 Representing the first partial private key; KS 2 Representing the second partial private key; hash represents Hash operation; hid, N, P 1 Representing the parameters defined in the SM9 standard document.
Preferably, the first key generation center is further configured to generate a first series of random numbers, perform an operation on the first series of random numbers based on a first encryption algorithm, generate a first series of operation results, and publish the first series of operation results; generating a third series of random numbers and a first group of random numbers, and operating the third series of random numbers, the first group of random numbers and the second series of random numbers based on a second encryption algorithm according to a first random operation formula to obtain a first intermediate operation result; calculating the first series of random numbers, the third series of random numbers, the first group of random numbers and a second intermediate calculation result based on a third random calculation formula to obtain a fifth series of random numbers; determining a preset random number of the user on the basis of the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the second key generation center is further configured to generate the second series of random numbers, perform operation on the second series of random numbers based on the second encryption algorithm, generate and publish the second series of operation results; generating a fourth series of random numbers and a second group of random numbers, and operating the fourth series of random numbers, the second group of random numbers and the first series of random numbers based on the first encryption algorithm according to a second random operation formula to obtain and publish a second intermediate operation result; calculating the second series of random numbers, the fourth series of random numbers, the second group of random numbers and the first intermediate calculation result based on a fourth random calculation formula to obtain a sixth series of random numbers; determining a preset random number of the user based on the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the first random operation formula includes:
D 1 =E 2 (b 1i *a 2i +v 1i ),i=1,...,n;
the second random operation formula includes:
D 2 =E 1 (b 2i *a 1i +v 2i ),i=1,...,n;
the third random operation formula includes:
c 1i =(b 1i +b 2i )*a 1i +v 2i -v 1i ,i=1,...,n;
the fourth random operation formula includes:
c 2i =(b 1i +b 2i )*a 2i +v 1i -v 2i ,i=1,...,n;
wherein, a 1i Representing the first series of random numbers; a is 2i Representing the second series of random numbers; b 1i Representing the third series of random numbers; b 2i Representing the fourth series of random numbers; v. of 1i Representing the first set of random numbers; v. of 2i Representing the second set of random numbers; c. C 1i Representing the fifth series of random numbers; c. C 2i Representing the sixth series of random numbers; e 1 Representing the first encryption algorithm; e 2 Representing the second encryption algorithm; d 1 Representing the result of said first series of operations; d 2 Representing the result of said second series of operations.
Preferably, the first key generation center is further configured to randomly select a first series of random numbers, a third series of random numbers, and a third group of random numbers, and operate the first series of random numbers, the third series of random numbers, and the third group of random numbers based on a preset encryption algorithm, respectively, to obtain a third series of operation results, and publish the third series of operation results; acquiring a fourth series of operation results, and operating the fourth series of operation results, the first series of random numbers, the third series of random numbers and the third group of random numbers based on a preset decryption algorithm according to a fifth random operation formula to obtain and publish a fifth series of operation results; calculating the fifth series of operation results according to a seventh random operation formula to obtain a fifth series of random numbers; determining a preset random number of the user based on the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the second key generation center is further configured to randomly select a second series of random numbers, a fourth group of random numbers, a fifth group of random numbers, and a sixth group of random numbers, obtain a third series of operation results, and operate, according to a sixth random operation formula, the third series of operation results, the second series of random numbers, the fourth group of random numbers, the fifth group of random numbers, and the sixth group of random numbers based on the preset encryption algorithm, obtain a fourth series of operation results, and publish the fourth series of operation results; acquiring the fifth series of operation results, and operating the fifth series of operation results according to an eighth random operation formula to obtain a sixth series of random numbers; determining a preset random number of the user based on the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the fifth random operation formula includes:
D 3 =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ,i=1,...,n;
the sixth random operation formula includes:
D 4 =E((a 1i +a 2i )·v 2i );D 5 =E((b 1i +b 2i )·w 2i );D 6 =E((u 1i +u 2i )·v 2i ·w 2i );
the seventh random operation formula includes:
c 1i =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ·u 1i ,i=1,...,n;
the eighth random operation formula includes:
c 2i =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ·u 2i ,i=1,...,n;
wherein, a 1i Representing the first series of random numbers; a is 2i Representing the second series of random numbers; b 1i Representing the third series of random numbers; b 2i Representing the fourth series of random numbers; u. of 1i Representing the third set of random numbers; u. of 2i Representing the fourth set of random numbers; v 2i Representing the fifth set of random numbers; w 2i Representing the sixth set of random numbers; c. C 1i Representing the fifth series of random numbers; c. C 2i Representing the sixth series of random numbers; e represents the preset encryption algorithm; d 3 Representing the result of said fifth series of operations; d 4 、D 5 、D 6 Representing the result of said fourth series of operations.
Preferably, the first key generation center is further configured to generate a first series of random numbers, and operate the first series of random numbers through a preset encryption algorithm to obtain and publish a sixth series of operation results; acquiring a seventh series of operation results, generating a third series of random numbers and a third group of random numbers, and operating the seventh series of operation results, the third series of random numbers and the third group of random numbers based on the preset encryption algorithm according to a first encryption formula to obtain and publish an eighth series of operation results; acquiring a ninth series of operation results, and decrypting the ninth series of operation results based on a first decryption algorithm of the ninth series of operation results to obtain a first decryption result; acquiring a second decryption result, and determining the plaintext of the ninth series of operation results based on the first decryption result and the second decryption result; according to a ninth random operation formula, operating the plaintext and the third group of random numbers to obtain a fifth series of random numbers; determining a preset random number of the user based on the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the second key generation center is further configured to generate a second series of random numbers, and the second series of random numbers are operated through the preset encryption algorithm to obtain and publish a seventh series of operation results; acquiring the sixth series of operation results and the eighth series of operation results, generating a fourth series of random numbers and a fourth group of random numbers, and operating the sixth series of operation results, the eighth series of operation results, the fourth series of random numbers and the fourth group of random numbers based on the preset encryption algorithm according to a second encryption formula to obtain and publish the ninth series of operation results; decrypting the ninth series of operation results through a second decryption algorithm of the user to obtain and publish the second decryption result; taking the opposite number of the fourth group of random numbers as a sixth series of random numbers; determining a preset random number of the user based on the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the first encryption formula includes:
D 7 =E(b 1i ·(a 1i +a 2i )+u 1i );
the second encryption formula includes:
D 8 =E((a 1i +a 2i )·(b 1i +b 2i )+u 1i +u 2i );
the ninth random operation formula includes:
c 1i =(a 1i +a 2i )·(b 1i +b 2i )+u 1i +u 2i -u 1i =(a 1i +a 2i )·(b 1i +b 2i )+u 2i ,i=1,...,n;
wherein, a 1i Representing the first series of random numbers; a is 2i Representing the second series of random numbers; b 1i Representing the third series of random numbers; b 2i Representing the fourth series of random numbers; u. of 1i Representing the third set of random numbers; u. of 2i Representing the fourth set of random numbers; c. C 1i Representing the fifth series of random numbers; c. C 2i Representing the sixth series of random numbers; e represents the preset encryption algorithm; d 7 Representing the result of said eighth series of operations; d 8 Representing the result of said ninth series of operations.
According to a second aspect of the embodiments of the present disclosure, there is provided an SM9 key generation method applied to the key generation center described in any one of the above, including:
acquiring a preset random number of the user;
generating a first part of private keys of the client based on the preset random number;
and transmitting the first part of private keys to a connected client so that the client generates a target private key of the client based on the first part of private keys and a second part of private keys, wherein the second part of private keys are part of private keys generated by other key generation centers connected with the key generation center based on self preset random numbers.
Preferably, the generating a first part of private keys of the client based on the preset random number includes:
according to a first private key operation formula, based on a first private key of the client, a first preset random number and a generated first random number, operating the identification information of the client to obtain a first operation result and publishing the first operation result;
acquiring a second operation result published by the second key generation center; the second operation result comprises a result generated by a second secret key generation center connected with the secret key generation center according to a second secret key operation formula and based on a second secret key, a second preset random number and a generated second random number of the second secret key generation center;
generating the first part of private keys based on the first operation result and the second operation result according to a third private key operation formula;
the first private key operation formula comprises:
h=Hash(ID A ||hid,N),e 1 =h+ks 1 -a 1 ;d 1 =r 1 -b 1
the second private key operational formula comprises:
e 2 =ks 2 -a 2 ;d 2 =r 2 -b 2
the third private key operation formula includes:
g 1 =c 1 +(e 1 +e 2 )b 1 +(d 1 +d 2 )a 1 +(e 1 +e 2 )(d 1 +d 2 );
T 1 =(g 1 +g 2 ) -1 r 1 ;KS 1 =ks 1 ([T 1 ]P 1 +[T 2 ]P 1 );
wherein, ID A Identification information representing the client; ks is the product of 1 Representing the first private key; a is 1 、b 1 、c 1 Representing the first preset random number; r is 1 Representing the first random number; e.g. of a cylinder 1 ,d 1 Representing the result of the first operation; ks is the product of 2 Representing the second private key; a is 2 、b 2 、c 2 Represents the second predetermined random number, and a 1 、b 1 、c 1 、a 2 、b 2 、c 2 Satisfies (c) 1 +c 2 )=(a 1 +a 2 )*(b 1 +b 2 );r 2 Representing the second random number; e.g. of the type 2 ,d 2 Representing the result of the second operation; KS 1 Representing the first partial private key; hash represents Hash operation; hid, N, P 1 Representing the parameters defined in the SM9 standard document.
According to a third aspect of the embodiments of the present disclosure, there is provided an SM9 key generation system applied to the key generation center described above, including:
the first acquisition module is used for acquiring a preset random number of the first acquisition module;
the first generation module is used for generating a first part of private keys of the client based on the preset random number;
the first transmission module is used for transmitting the first part of private keys to a connected client so as to enable the client to generate a target private key of the client based on the first part of private keys and a second part of private keys, and the second part of private keys are part of private keys generated by other key generation centers connected with the key generation center based on preset random numbers of the second part of private keys.
According to a fourth aspect of the embodiments of the present disclosure, there is provided an electronic device applied to the key generation center as described in any one of the above, including:
a memory for storing a computer program;
a processor for implementing the SM9 key generation method as described above when executing the computer program.
According to a fifth aspect of the embodiments of the present disclosure, there is provided a computer-readable storage medium applied to the key generation center as described in any one of the above, wherein the computer-readable storage medium stores therein a computer program, and the computer program, when executed by a processor, implements the SM9 key generation method as described above.
The SM9 key generation device provided by the disclosure comprises a preset number of key generation centers and clients; the preset number of key generation centers are connected with each other, and each key generation center is used for generating a part of private keys of the client according to a preset random number; the client is connected with each key generation center respectively and used for acquiring partial private keys, adding the partial private keys to obtain a target private key and performing SM9 operation based on the target private key. According to the SM9 secret key generation device, each secret key generation center is only responsible for generating part of private keys of a client, the client generates own target private keys according to the part of private keys generated by each secret key generation center, and then carries out SM9 operation based on the target private keys, so that the target private keys of the client do not belong to one secret key generation center, and therefore after the secret key generation center is attacked, an attacker can only obtain the part of private keys of the client but cannot obtain the target private keys of the client, and the SM9 operation process of the client cannot be cracked. The SM9 key generation method, the SM9 key generation system, the electronic equipment and the computer-readable storage medium provided by the disclosure also solve the corresponding technical problems.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present disclosure, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic diagram illustrating a structure of an SM9 key generation apparatus according to an exemplary embodiment;
FIG. 2 is a schematic diagram of a first key generation center, a second key generation center and a client cooperating with each other to generate a target private key;
FIG. 3 is a first flowchart of the key generation center generating the predetermined random number;
FIG. 4 is a second flowchart of the key generation center generating the predetermined random number;
fig. 5 is a third flowchart of the key generation center generating the predetermined random number;
fig. 6 is a flow diagram illustrating an SM9 key generation method in accordance with an example embodiment;
fig. 7 is a schematic diagram illustrating the structure of an SM9 key generation system according to an exemplary embodiment;
fig. 8 is a block diagram illustrating an electronic device 900 in accordance with an example embodiment.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
Referring to fig. 1, fig. 1 is a schematic structural diagram illustrating an SM9 key generation apparatus according to an exemplary embodiment.
An SM9 key generation apparatus according to the present disclosure may include a preset number of key generation centers 101 and clients 102;
the preset number of key generation centers 101 are connected with each other, and each key generation center 101 is used for generating a part of private keys of the client 102 according to preset random numbers;
the client 102 is connected to each key generation center, and the client 102 is configured to obtain a part of private keys, add the part of private keys to obtain a target private key, and perform SM9 operation based on the target private key.
It will be understood that the number of key generation centers may be determined according to the application scenario, and that only three key generation centers are shown in fig. 1, but it is not meant to imply that only three key generation centers are possible; the process of performing SM9 operation based on the target private key may also be determined according to an application scenario, for example, digital signature, key exchange, key encapsulation, private key decryption, etc. may be performed based on the target private key.
The SM9 key generation device provided by the disclosure comprises a preset number of key generation centers and clients; the preset number of key generation centers are connected with each other, and each key generation center is used for generating a part of private keys of the client according to a preset random number; the client is connected with each key generation center respectively and used for acquiring partial private keys, adding the partial private keys to obtain a target private key and performing SM9 operation based on the target private key. According to the SM9 secret key generation device, each secret key generation center is only responsible for generating part of private keys of a client, the client generates own target private keys according to the part of private keys generated by each secret key generation center, and then carries out SM9 operation based on the target private keys, so that the target private keys of the client do not belong to one secret key generation center, and therefore after the secret key generation center is attacked, an attacker can only obtain the part of private keys of the client but cannot obtain the target private keys of the client, and the SM9 operation process of the client cannot be cracked.
For a specific application scenario, N (2 is equal to or less than N) key generation centers can be preset, even for a threshold structure sharing master private key form, all the key generation centers do not need to perform online negotiation at the same time for target private key generation of a user every time, and only the number of the online key generation centers reaching a threshold value (T is equal to or more than 2 is equal to or less than N) is needed. For convenience of understanding, a process of implementing the SM9 operation by the SM9 key generation apparatus provided in the present disclosure will be described by taking as an example that 2= t = n, and the number of key generation centers is 2, and two key generation centers are a first key generation center and a second key generation center, respectively. Referring to fig. 2, fig. 2 is a schematic diagram illustrating a first key generation center, a second key generation center and a client cooperating with each other to generate a target private key.
In an SM9 key generation apparatus provided by the present disclosure, a preset number of key generation centers include a first key generation center and a second key generation center;
the first key generation center is used for calculating the identification information of the client based on a first private key of the first key generation center, a first preset random number and the generated first random number according to a first private key calculation formula to obtain and publish a first calculation result; acquiring a second operation result published by a second key generation center; generating a first part of private keys based on the first operation result and the second operation result according to a third private key operation formula;
the second key generation center is used for generating and publishing a second operation result based on a second private key of the second key generation center, a second preset random number and the generated second random number according to a second private key operation formula; acquiring a first operation result; generating a second part of private keys based on the first operation result and the second operation result according to a fourth private key operation formula;
the first private key operation formula includes:
h=Hash(ID A ||hid,N),e 1 =h+ks 1 -a 1 ;d 1 =r 1 -b 1
the second private key operation formula includes:
e 2 =ks 2 -a 2 ;d 2 =r 2 -b 2
the third private key operation formula includes:
g 1 =c 1 +(e 1 +e 2 )b 1 +(d 1 +d 2 )a 1 +(e 1 +e 2 )(d 1 +d 2 );
T 1 =(g 1 +g 2 ) -1 r 1 ;KS 1 =ks 1 ([T 1 ]P 1 +[T 2 ]P 1 );
the fourth private key operation formula includes:
g 2 =c 2 +(e 1 +e 2 )b 2 +(d 1 +d 2 )a 2 ;T 2 =(g 1 +g 2 ) -1 r 2 ;KS 2 =ks 2 ([T 1 ]P 1 +[T 2 ]P 1 );
wherein, ID A Identification information representing a client; ks is the product of 1 Representing a first private key; a is 1 、b 1 、c 1 Representing a first preset random number; r is 1 Representing a first random number; e.g. of a cylinder 1 ,d 1 Representing a result of the first operation; ks is the product of 2 Representing a second private key; a is 2 、b 2 、c 2 Represents a second predetermined random number, and a 1 、b 1 、c 1 、a 2 、b 2 、c 2 Satisfies (c) 1 +c 2 )=(a 1 +a 2 )*(b 1 +b 2 );r 2 Represents a second random number; e.g. of a cylinder 2 ,d 2 Representing a second operation result; KS 1 Representing a first portion of a private key; KS 2 Representing a second partial private key; hash represents Hash operation; hid, N, P 1 Representing the parameters defined in the SM9 standard document.
It should be noted that, in the target private key generation schematic diagram shown in fig. 2, the first key generation center and the second key generation center interactively communicate to generate the target private key of the client, so that the target private key can only be grasped by the client itself, and the format of the target private key is consistent with that of the SM9 standard algorithm, and does not affect the use of the digital signature, the key exchange, the key encapsulation and the public key encryption algorithm of the SM9 standard.
In the SM9 key generation apparatus provided by the present disclosure, the key generation center needs to generate a part of private keys of the clients according to the preset random number, that is, the preset random number needs to participate in the generation of the target private key of the clients, then, if the key generation center generates part of private keys for different clients according to the same preset random number, a situation that the part of private keys generated by the key generation center for different clients are the same may occur, in order to avoid such a situation, the key generation center may negotiate to determine the preset random numbers corresponding to the clients, and in this process, in order to improve the generation efficiency of the preset random numbers, the key generation center may generate the preset random numbers in batch. For ease of understanding, the generation process of the preset random number is described by taking the key generation center as the first key generation center and the second key generation center as an example. Referring to fig. 3, fig. 3 is a first flowchart of the key generation center generating the predetermined random number.
In the SM9 key generation apparatus provided by the present disclosure, the first key generation center is further configured to generate a first series of random numbers, perform an operation on the first series of random numbers based on a first encryption algorithm, generate a first series of operation results, and publish the operation results; generating a third series of random numbers and a first group of random numbers, and calculating the third series of random numbers, the first group of random numbers and the second series of random numbers based on a second encryption algorithm according to a first random operation formula to obtain a first intermediate operation result; calculating the first series of random numbers, the third series of random numbers, the first group of random numbers and the second intermediate operation result based on a third random operation formula to obtain a fifth series of random numbers; determining a preset random number of the user based on the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the second key generation center is also used for generating a second series of random numbers, operating the second series of random numbers based on a second encryption algorithm, generating and publishing a second series of operation results; generating a fourth series of random numbers and a second group of random numbers, and calculating the fourth series of random numbers, the second group of random numbers and the first series of random numbers based on a first encryption algorithm according to a second random operation formula to obtain and publish a second intermediate operation result; calculating the second series of random numbers, the fourth series of random numbers, the second group of random numbers and the first intermediate operation result based on a fourth random operation formula to obtain a sixth series of random numbers; determining a preset random number of the user based on the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the first random operation formula includes:
D 1 =E 2 (b 1i *a 2i +v 1i ),i=1,...,n;
the second random operation formula includes:
D 2 =E 1 (b 2i *a 1i +v 2i ),i=1,...,n;
the third random operation formula includes:
c 1i =(b 1i +b 2i )*a 1i +v 2i -v 1i ,i=1,...,n;
the fourth random operation formula includes:
c 2i =(b 1i +b 2i )*a 2i +v 1i -v 2i ,i=1,...,n;
wherein, a 1i Representing a first series of random numbers; a is a 2i Representing a second series of random numbers; b 1i Represents a third series of random numbers; b is a mixture of 2i Represents a fourth series of random numbers; v. of 1i Representing a first set of random numbers; v. of 2i Representing a second set of random numbers; c. C 1i Represents a fifth series of random numbers; c. C 2i Represents a sixth series of random numbers; e 1 Representing a first encryption algorithm; e 2 Representing a second encryption algorithm; d 1 Representing the result of the first series of operations; d 2 Representing the result of the second series of operations; and the first encryption algorithm and the second encryption algorithm may be homomorphic encryption algorithms, such as Paillier algorithm, and at this time, when the first key generation center operates the second series of random numbers, the first key generation center may directly operate the obtained second series of operation results, and other operation processes are the same.
Note that in this process, the value of n is determined by the number of clients, such as 2 for n =2 and 3 for n =3; a. b and c satisfy the following relation:
(c 1i +c 2i +...+c mi )=(a 1i +a 2i +...+a mi )(b 1i +b 2i +...+b mi );
where m represents the number of key generation centers; c. C mi 、a mi 、b mi And the preset random number generated by the mth key generation center for the ith client is represented.
Referring to fig. 4, fig. 4 is a second flowchart of the key generation center generating the predetermined random number.
In the SM9 key generation apparatus provided by the present disclosure, the first key generation center may be further configured to randomly select a first series of random numbers, a third series of random numbers, and a third group of random numbers, and perform operations on the first series of random numbers, the third series of random numbers, and the third group of random numbers based on a preset encryption algorithm, to obtain and publish a third series of operation results; acquiring a fourth series of operation results, and operating the fourth series of operation results, the first series of random numbers, the third series of random numbers and the third group of random numbers based on a preset decryption algorithm according to a fifth random operation formula to obtain and publish a fifth series of operation results; calculating the fifth series of operation results according to a seventh random operation formula to obtain a fifth series of random numbers; determining a preset random number of the user based on the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the second key generation center is also used for randomly selecting a second series of random numbers, a fourth series of random numbers, a fifth set of random numbers and a sixth set of random numbers, obtaining a third series of operation results, and operating the third series of operation results, the second series of random numbers, the fourth set of random numbers, the fifth set of random numbers and the sixth set of random numbers based on a preset encryption algorithm according to a sixth random operation formula to obtain and publish a fourth series of operation results; acquiring a fifth series of operation results, and operating the fifth series of operation results according to an eighth random operation formula to obtain a sixth series of random numbers; determining a preset random number of the user on the basis of the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the fifth random operation formula includes:
D 3 =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ,i=1,...,n;
the sixth random operation formula includes:
D 4 =E((a 1i +a 2i )·v 2i );D 5 =E((b 1i +b 2i )·w 2i );D 6 =E((u 1i +u 2i )·v 2i ·w 2i );
the seventh random operation formula includes:
c 1i =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ·u 1i ,i=1,...,n;
the eighth random operation formula includes:
c 2i =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ·u 2i ,i=1,...,n;
wherein, a 1i Representing a first series of random numbers; a is 2i Representing a second series of random numbers; b 1i Represents a third series of random numbers; b is a mixture of 2i Represents a fourth series of random numbers; u. of 1i Represents a third set of random numbers; u. of 2i Represents a fourth set of random numbers; v 2i Represents a fifth set of random numbers; w 2i Representing a sixth set of random numbers; c. C 1i Represents a fifth series of random numbers; c. C 2i Represents a sixth series of random numbers; e represents a preset encryption algorithm; d 3 Representing the result of the fifth series of operations; d 4 、D 5 、D 6 Representing the result of the fourth series of operations; the preset encryption algorithm may also be an encryption algorithm for encrypting homomorphic public key ciphers, and since the first key generation center and the second key generation center share one encryption algorithm, the first key generation center and the second key generation center may also share one decryption algorithm, and the decryption algorithm may be a decryption algorithm for decrypting homomorphic public key ciphersAnd (4) performing a cryptographic algorithm.
Referring to fig. 5, fig. 5 is a third flowchart of the key generation center generating the predetermined random number.
In the SM9 key generation apparatus provided by the present disclosure, the first key generation center may be further configured to generate a first series of random numbers, and operate the first series of random numbers through a preset encryption algorithm to obtain and publish a sixth series of operation results; acquiring a seventh series of operation results, generating a third series of random numbers and a third group of random numbers, and operating the seventh series of operation results, the third series of random numbers and the third group of random numbers based on a preset encryption algorithm according to a first encryption formula to obtain and publish an eighth series of operation results; acquiring a ninth series of operation results, and decrypting the ninth series of operation results based on the first decryption algorithm of the ninth series of operation results to obtain a first decryption result; acquiring a second decryption result, and determining the plaintext of a ninth series of operation results based on the first decryption result and the second decryption result; according to a ninth random operation formula, a plaintext and the third group of random numbers are operated to obtain a fifth series of random numbers; determining a preset random number of the user based on the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the second key generation center is also used for generating a second series of random numbers, and the second series of random numbers are operated through a preset encryption algorithm to obtain and publish a seventh series of operation results; acquiring a sixth series of operation results and an eighth series of operation results, generating a fourth series of random numbers and a fourth group of random numbers, and operating the sixth series of operation results, the eighth series of operation results, the fourth series of random numbers and the fourth group of random numbers based on a preset encryption algorithm according to a second encryption formula to obtain and publish a ninth series of operation results; decrypting the ninth series of operation results through a second decryption algorithm of the first decryption algorithm to obtain a second decryption result and publishing the second decryption result; taking the opposite number of the fourth group of random numbers as a sixth series of random numbers; determining a preset random number of the user on the basis of the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the first encryption formula includes:
D 7 =E(b 1i ·(a 1i +a 2i )+u 1i );
the second encryption formula includes:
D 8 =E((a 1i +a 2i )·(b 1i +b 2i )+u 1i +u 2i );
the ninth random operation formula includes:
c 1i =(a 1i +a 2i )·(b 1i +b 2i )+u 1i +u 2i -u 1i =(a 1i +a 2i )·(b 1i +b 2i )+u 2i ,i=1,...,n;
wherein, a 1i Representing a first series of random numbers; a is 2i Representing a second series of random numbers; b 1i Represents a third series of random numbers; b 2i Represents a fourth series of random numbers; u. of 1i Represents a third set of random numbers; u. of 2i Represents a fourth set of random numbers; c. C 1i Represents a fifth series of random numbers; c. C 2i Represents a sixth series of random numbers; e represents a preset encryption algorithm; d 7 Representing the result of the eighth series of operations; d 8 Representing the result of the ninth series of operations; the preset encryption algorithm can be an encryption algorithm of a threshold addition homomorphic public key password, and the first decryption algorithm and the second decryption algorithm can be decryption algorithms of the threshold addition homomorphic public key password; when the first key generation center determines the plaintext of the ninth series of operation results based on the first decryption result and the second decryption result, since both the first decryption result and the second decryption result contain part of plaintext information, the first key generation center needs to combine the first decryption result and the second decryption result to obtain the plaintext of the ninth system operation result.
Referring to fig. 6, fig. 6 is a flowchart illustrating an SM9 key generation method according to an exemplary embodiment.
The SM9 key generation method related to the present disclosure is applied to a key generation center, and may include the following steps:
step S101: and acquiring a preset random number of the user.
Step S102: and generating a first part of private key of the client based on a preset random number.
Step S103: and transmitting the first part of private keys to the connected client so that the client generates a target private key of the client based on the first part of private keys and the second part of private keys, wherein the second part of private keys are part of private keys generated by other key generation centers connected with the key generation center based on self preset random numbers.
The SM9 key generation method related to the present disclosure is applied to a key generation center, and a process of generating a first part of private keys of a client based on a preset random number may be: according to a first private key operation formula, based on a first private key of the client, a first preset random number and a generated first random number, operating the identification information of the client to obtain a first operation result and publish the first operation result; acquiring a second operation result published by a second key generation center; the second operation result comprises a result generated by a second secret key generation center connected with the secret key generation center according to a second secret key operation formula and based on a second secret key of the second secret key generation center, a second preset random number and the generated second random number; generating a first part of private keys based on the first operation result and the second operation result according to a third private key operation formula;
the first private key operation formula includes:
h=Hash(ID A ||hid,N),e 1 =h+ks 1 -a 1 ;d 1 =r 1 -b 1
the second private key operation formula includes:
e 2 =ks 2 -a 2 ;d 2 =r 2 -b 2
the third private key operation formula includes:
g 1 =c 1 +(e 1 +e 2 )b 1 +(d 1 +d 2 )a 1 +(e 1 +e 2 )(d 1 +d 2 );
T 1 =(g 1 +g 2 ) -1 r 1 ;KS 1 =ks 1 ([T 1 ]P 1 +[T 2 ]P 1 );
wherein, ID A Identification information representing a client; ks is the product of 1 Representing a first private key; a is a 1 、b 1 、c 1 Representing a first preset random number; r is 1 Representing a first random number; e.g. of the type 1 ,d 1 Representing a result of the first operation; ks is the product of 2 Represents a second private key; a is a 2 、b 2 、c 2 Represents a second predetermined random number, and a 1 、b 1 、c 1 、a 2 、b 2 、c 2 Satisfies (c) 1 +c 2 )=(a 1 +a 2 )*(b 1 +b 2 );r 2 Represents a second random number; e.g. of a cylinder 2 ,d 2 Representing a second operation result; KS 1 Representing a first portion of a private key; hash represents Hash operation; hid, N, P 1 Representing the parameters defined in the SM9 standard document.
The SM9 secret key generation method is applied to a secret key generation center, and can be matched with another secret key generation center to generate a preset random number before the preset random number of the secret key generation center is acquired;
the key generation center is used for generating a first series of random numbers, operating the first series of random numbers based on a first encryption algorithm, generating a first series of operation results and publishing the operation results; generating a third series of random numbers and a first group of random numbers, and operating the third series of random numbers, the first group of random numbers and the second series of random numbers based on a second encryption algorithm according to a first random operation formula to obtain a first intermediate operation result; calculating the first series of random numbers, the third series of random numbers, the first group of random numbers and the second intermediate operation result based on a third random operation formula to obtain a fifth series of random numbers; determining a preset random number of the user based on the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the other key generation center is used for generating a second series of random numbers, operating the second series of random numbers based on a second encryption algorithm, generating and publishing a second series of operation results; generating a fourth series of random numbers and a second group of random numbers, and calculating the fourth series of random numbers, the second group of random numbers and the first series of random numbers based on a first encryption algorithm according to a second random operation formula to obtain and publish a second intermediate operation result; calculating the second series of random numbers, the fourth series of random numbers, the second group of random numbers and the first intermediate operation result based on a fourth random operation formula to obtain a sixth series of random numbers; determining a preset random number of the user based on the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the first random operation formula includes:
D 1 =E 2 (b 1i *a 2i +v 1i ),i=1,...,n;
the second random operation formula includes:
D 2 =E 1 (b 2i *a 1i +v 2i ),i=1,...,n;
the third random operation formula includes:
c 1i =(b 1i +b 2i )*a 1i +v 2i -v 1i ,i=1,...,n;
the fourth random operation formula includes:
c 2i =(b 1i +b 2i )*a 2i +v 1i -v 2i ,i=1,...,n;
wherein, a 1i Representing a first series of random numbers; a is 2i Representing a second series of random numbers; b is a mixture of 1i Represents a third series of random numbers; b is a mixture of 2i Represents a fourth series of random numbers; v. of 1i Representing a first set of random numbers; v. of 2i Representing a second set of random numbers; c. C 1i Represents a fifth series of random numbers; c. C 2i Represents a sixth series of random numbers; e 1 Representing a first encryption algorithm; e 2 Representing a second encryption algorithm; d 1 Representing the result of the first series of operations; d 2 Representing the result of the second series of operations.
In the SM9 key generation method provided by the present disclosure, when generating the preset random number, the key generation center may further be configured to randomly select a first series of random numbers, a third series of random numbers, and a third group of random numbers, and operate the first series of random numbers, the third series of random numbers, and the third group of random numbers based on a preset encryption algorithm, respectively, to obtain and publish a third series of operation results; acquiring a fourth series of operation results, and operating the fourth series of operation results, the first series of random numbers, the third series of random numbers and the third group of random numbers based on a preset decryption algorithm according to a fifth random operation formula to obtain and publish a fifth series of operation results; calculating the fifth series of operation results according to a seventh random operation formula to obtain a fifth series of random numbers; determining a preset random number of the user based on the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the other key generation center is also used for randomly selecting a second series of random numbers, a fourth series of random numbers, a fifth set of random numbers and a sixth set of random numbers, obtaining a third series of operation results, and operating the third series of operation results, the second series of random numbers, the fourth set of random numbers, the fifth set of random numbers and the sixth set of random numbers based on a preset encryption algorithm according to a sixth random operation formula to obtain and publish a fourth series of operation results; acquiring a fifth series of operation results, and operating the fifth series of operation results according to an eighth random operation formula to obtain a sixth series of random numbers; determining a preset random number of the user based on the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the fifth random operation formula includes:
D 3 =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ,i=1,...,n;
the sixth random operation formula includes:
D 4 =E((a 1i +a 2i )·v 2i );D 5 =E((b 1i +b 2i )·w 2i );D 6 =E((u 1i +u 2i )·v 2i ·w 2i );
the seventh random operation formula includes:
c 1i =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ·u 1i ,i=1,...,n;
the eighth random operation formula includes:
c 2i =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ·u 2i ,i=1,...,n;
wherein, a 1i Representing a first series of random numbers; a is 2i Representing a second series of random numbers; b 1i Represents a third series of random numbers; b 2i Represents a fourth series of random numbers; u. u 1i Represents a third set of random numbers; u. of 2i Represents a fourth set of random numbers; v 2i Represents a fifth set of random numbers; w 2i Representing a sixth set of random numbers; c. C 1i Represents a fifth series of random numbers; c. C 2i Represents a sixth series of random numbers; e represents a preset encryption algorithm; d 3 Representing the result of the fifth series of operations; d 4 、D 5 、D 6 The result of the fourth series of operations is shown.
In the SM9 key generation method provided by the present disclosure, when a preset random number is generated, the key generation center may also be used to generate a first series of random numbers, and the first series of random numbers are operated by a preset encryption algorithm to obtain and publish a sixth series of operation results; acquiring a seventh series of operation results, generating a third series of random numbers and a third group of random numbers, and operating the seventh series of operation results, the third series of random numbers and the third group of random numbers based on a preset encryption algorithm according to a first encryption formula to obtain and publish an eighth series of operation results; acquiring a ninth series of operation results, and decrypting the ninth series of operation results based on a first decryption algorithm of the ninth series of operation results to obtain a first decryption result; acquiring a second decryption result, and determining the plaintext of a ninth series of operation results based on the first decryption result and the second decryption result; according to a ninth random operation formula, operating the plaintext and the third group of random numbers to obtain a fifth series of random numbers; determining a preset random number of the user based on the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the other key generation center can also be used for generating a second series of random numbers, and the second series of random numbers are operated through a preset encryption algorithm to obtain and publish a seventh series of operation results; acquiring a sixth series of operation results and an eighth series of operation results, generating a fourth series of random numbers and a fourth group of random numbers, and operating the sixth series of operation results, the eighth series of operation results, the fourth series of random numbers and the fourth group of random numbers based on a preset encryption algorithm according to a second encryption formula to obtain and publish a ninth series of operation results; decrypting the ninth series of operation results through a second decryption algorithm of the first decryption algorithm to obtain a second decryption result and publishing the second decryption result; taking the opposite number of the fourth group of random numbers as a sixth series of random numbers; determining a preset random number of the user on the basis of the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the first encryption formula includes:
D 7 =E(b 1i ·(a 1i +a 2i )+u 1i );
the second encryption formula includes:
D 8 =E((a 1i +a 2i )·(b 1i +b 2i )+u 1i +u 2i );
the ninth random operation formula includes:
c 1i =(a 1i +a 2i )·(b 1i +b 2i )+u 1i +u 2i -u 1i =(a 1i +a 2i )·(b 1i +b 2i )+u 2i ,i=1,...,n;
wherein, a 1i Representing a first series of random numbers; a is 2i Representing a second series of random numbers; b is a mixture of 1i Represents a third series of random numbers; b 2i Represents a fourth series of random numbers; u. of 1i Represents a third set of random numbers; u. u 2i Represents a fourth set of random numbers; c. C 1i Represents a fifth series of random numbers; c. C 2i Represents a sixth series of random numbers; e represents a preset encryption algorithm; d 7 Representing the result of the eighth series of operations; d 8 The ninth series of operations is shown.
Referring to fig. 7, fig. 7 is a schematic structural diagram illustrating an SM9 key generation system according to an exemplary embodiment.
The SM9 key generation system 200 provided by the present disclosure is applied to a key generation center, and may include:
a first obtaining module 210, configured to obtain a preset random number of the first obtaining module;
a first generating module 220, configured to generate a first partial private key of the client based on a preset random number;
the first transmission module 230 is configured to transmit the first part of the private key to the connected client, so that the client generates a target private key of the client based on the first part of the private key and a second part of the private key, where the second part of the private key is a part of private keys generated by other key generation centers connected to the key generation center based on a preset random number of the other key generation centers.
For the specific functions of the SM9 key generation system provided in the present disclosure, please refer to the corresponding contents in the SM9 key generation method provided in the present disclosure, which are not described herein again.
Fig. 8 is a block diagram illustrating an electronic device 900 in accordance with an example embodiment. As shown in fig. 8, the electronic device 900 may include: a processor 901, a memory 902. The electronic device 900 may also include one or more of a multimedia component 903, an input/output (I/O) interface 904, and a communications component 905.
The processor 901 is configured to control the overall operation of the electronic device 900, so as to complete all or part of the steps in the SM9 key generation method described above. The memory 902 is used to store various types of data to support operation of the electronic device 900, such as instructions for any application or method operating on the electronic device 900 and application-related data, such as contact data, transmitted and received messages, pictures, audio, video, and the like. The Memory 902 may be implemented by any type of volatile or non-volatile Memory device or combination thereof, such as Static Random Access Memory (SRAM), electrically Erasable Programmable Read-Only Memory (EEPROM), erasable Programmable Read-Only Memory (EPROM), programmable Read-Only Memory (PROM), read-Only Memory (ROM), magnetic Memory, flash Memory, magnetic disk or optical disk. The multimedia component 903 may include a screen and an audio component. Wherein the screen may be, for example, a touch screen and the audio component is used for outputting and/or inputting audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signal may further be stored in the memory 902 or transmitted through the communication component 905. The audio assembly also includes at least one speaker for outputting audio signals. The I/O interface 904 provides an interface between the processor 901 and other interface modules, such as a keyboard, mouse, buttons, etc. These buttons may be virtual buttons or physical buttons. The communication component 905 is used for wired or wireless communication between the electronic device 900 and other devices. Wireless Communication, such as Wi-Fi, bluetooth, near Field Communication (NFC for short), 2G, 3G or 4G, or a combination of one or more of them, and thus the corresponding Communication component 905 may include: wi-Fi module, bluetooth module, NFC module.
In an exemplary embodiment, the electronic Device 900 may be implemented by one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital Signal Processing Devices (DSPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), controllers, microcontrollers, microprocessors, or other electronic components for performing the SM9 key generation method described above.
In another exemplary embodiment, there is also provided a computer readable storage medium including program instructions which, when executed by a processor, implement the steps of the SM9 key generation method described above. For example, the computer readable storage medium may be the above-mentioned memory 902 comprising program instructions executable by the processor 901 of the electronic device 900 to perform the above-mentioned SM9 key generation method.
For a description of a relevant part in a message encryption and decryption apparatus, an electronic device, and a computer-readable storage medium provided in the embodiments of the present disclosure, reference is made to detailed descriptions of a corresponding part in a message encryption and decryption method provided in the embodiments of the present disclosure, and details are not repeated here. In addition, parts of the above technical solutions provided in the embodiments of the present disclosure that are consistent with the implementation principle of the corresponding technical solutions in the prior art are not described in detail, so as to avoid redundant description.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present disclosure. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the disclosure. Thus, the present disclosure is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. An SM9 key generation device is characterized by comprising a preset number of key generation centers and clients;
the preset number of key generation centers comprise a first key generation center and a second key generation center;
the first key generation center is used for performing first private key operation on the identification information of the client based on a first private key of the first key generation center, a first preset random number and a generated first random number to obtain a first operation result and publish the first operation result; acquiring a second operation result published by the second key generation center; performing a third private key operation based on the first operation result and the second operation result to generate a first partial private key;
the second key generation center is used for performing second private key operation based on a second private key of the second key generation center, a second preset random number and a generated second random number, generating and publishing a second operation result; acquiring the first operation result; performing a fourth private key operation based on the first operation result and the second operation result to generate a second partial private key;
the preset number of key generation centers are connected with each other, and each key generation center is used for generating a part of private keys of the client according to a preset random number;
the client is connected with each key generation center respectively and used for acquiring the partial private keys, adding the partial private keys to obtain a target private key and performing SM9 operation based on the target private key.
2. The apparatus of claim 1, comprising: the first private key operation formula corresponding to the first private key operation comprises:
h=Hash(ID A ||hid,N),e 1 =h+ks 1 -a 1 ;d 1 =r 1 -b 1
the second private key operation formula corresponding to the second private key operation comprises:
e 2 =ks 2 -a 2 ;d 2 =r 2 -b 2
the third private key operation formula corresponding to the third private key operation comprises:
g 1 =c 1 +(e 1 +e 2 )b 1 +(d 1 +d 2 )a 1 +(e 1 +e 2 )(d 1 +d 2 );
T 1 =(g 1 +g 2 ) -1 r 1 ;KS 1 =ks 1 ([T 1 ]P 1 +[T 2 ]P 1 );
a fourth private key operation formula corresponding to the fourth private key operation includes:
g 2 =c 2 +(e 1 +e 2 )b 2 +(d 1 +d 2 )a 2 ;T 2 =(g 1 +g 2 ) -1 r 2 ;KS 2 =ks 2 ([T 1 ]P 1 +[T 2 ]P 1 );
wherein, ID A Identification information representing the client; ks is the product of 1 Representing the first private key; a is 1 、b 1 、c 1 Representing the first preset random number; r is 1 Representing the first random number; e.g. of the type 1 ,d 1 Representing the result of the first operation; ks is the product of 2 Representing the second private key; a is a 2 、b 2 、c 2 Represents the second predetermined random number, and a 1 、b 1 、c 1 、a 2 、b 2 、c 2 Satisfies (c) 1 +c 2 )=(a 1 +a 2 )*(b 1 +b 2 );r 2 Representing the second random number; e.g. of the type 2 ,d 2 Representing the result of the second operation; KS 1 Representing the first partial private key; KS 2 Representing the second partial private key; hash represents Hash operation; hid, N, P 1 Representing the parameters defined in the SM9 standard document.
3. The apparatus of claim 2,
the first key generation center is also used for generating a first series of random numbers, operating the first series of random numbers based on a first encryption algorithm, generating a first series of operation results and publishing the operation results; generating a third series of random numbers and a first group of random numbers, and operating the third series of random numbers, the first group of random numbers and the second series of random numbers based on a second encryption algorithm according to a first random operation formula to obtain a first intermediate operation result; calculating the first series of random numbers, the third series of random numbers, the first group of random numbers and a second intermediate calculation result based on a third random calculation formula to obtain a fifth series of random numbers; determining a preset random number of the user based on the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the second key generation center is further configured to generate the second series of random numbers, perform operation on the second series of random numbers based on the second encryption algorithm, generate and publish the second series of operation results; generating a fourth series of random numbers and a second group of random numbers, and calculating the fourth series of random numbers, the second group of random numbers and the first series of random numbers based on the first encryption algorithm according to a second random operation formula to obtain and publish a second intermediate operation result; calculating the second series of random numbers, the fourth series of random numbers, the second group of random numbers and the first intermediate calculation result based on a fourth random calculation formula to obtain a sixth series of random numbers; determining a preset random number of the user based on the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the first random operation formula includes:
D 1 =E 2 (b 1i *a 2i +v 1i ),i=1,...,n;
the second random operation formula includes:
D 2 =E 1 (b 2i *a 1i +v 2i ),i=1,...,n;
the third random operation formula includes:
c 1i =(b 1i +b 2i )*a 1i +v 2i -v 1i ,i=1,...,n;
the fourth random operation formula includes:
c 2i =(b 1i +b 2i )*a 2i +v 1i -v 2i ,i=1,...,n;
wherein, a 1i Representing the first series of random numbers; a is 2i Representing the second series of random numbers; b 1i Representing the third series of random numbers; b 2i Representing the fourth series of random numbers; v. of 1i Representing the first set of random numbers; v. of 2i Representing the second set of random numbers; c. C 1i Representing the fifth series of random numbers; c. C 2i Representing the sixth series of random numbers; e 1 Representing the first encryption algorithm; e 2 Representing the second encryption algorithm; d 1 Representing the result of said first series of operations; d 2 Representing the result of said second series of operations.
4. The apparatus of claim 1,
the first key generation center is further used for randomly selecting a first series of random numbers, a third series of random numbers and a third group of random numbers, and respectively operating the first series of random numbers, the third series of random numbers and the third group of random numbers based on a preset encryption algorithm to obtain and publish a third series of operation results; acquiring a fourth series of operation results, and operating the fourth series of operation results, the first series of random numbers, the third series of random numbers and the third group of random numbers based on a preset decryption algorithm according to a fifth random operation formula to obtain and publish a fifth series of operation results; calculating the fifth series of operation results according to a seventh random operation formula to obtain a fifth series of random numbers; determining a preset random number of the user based on the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the second key generation center is further configured to randomly select a second series of random numbers, a fourth set of random numbers, a fifth set of random numbers and a sixth set of random numbers, obtain a third series of operation results, and operate the third series of operation results, the second series of random numbers, the fourth set of random numbers, the fifth set of random numbers and the sixth set of random numbers based on the preset encryption algorithm according to a sixth random operation formula to obtain and publish the fourth series of operation results; acquiring the fifth series of operation results, and operating the fifth series of operation results according to an eighth random operation formula to obtain a sixth series of random numbers; determining a preset random number of the user based on the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the fifth random operation formula includes:
D 3 =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ,i=1,...,n;
the sixth random operation formula includes:
D 4 =E((a 1i +a 2i )·v 2i );D 5 =E((b 1i +b 2i )·w 2i );D 6 =E((u 1i +u 2i )·v 2i ·w 2i );
the seventh random operation formula includes:
c 1i =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ·u 1i ,i=1,...,n;
the eighth random operation formula includes:
c 2i =(a 1i +a 2i )·(b 1i +b 2i )·(u 1i +u 2i ) -1 ·u 2i ,i=1,...,n;
wherein, a 1i Representing the first series of random numbers; a is 2i Representing the second series of random numbers; b 1i Representing the third series of random numbers; b 2i Representing the fourth series of random numbers; u. of 1i Representing the third set of random numbers; u. of 2i Representing the fourth set of random numbers; v 2i Representing the fifth set of random numbers; w 2i Representing the sixth set of random numbers; c. C 1i Representing the fifth series of random numbers; c. C 2i Representing the sixth series of random numbers; e represents the preset encryption algorithm; d 3 Representing the result of said fifth series of operations; d 4 、D 5 、D 6 Representing the result of said fourth series of operations.
5. The apparatus of claim 2,
the first key generation center is also used for generating a first series of random numbers, and operating the first series of random numbers through a preset encryption algorithm to obtain and publish a sixth series of operation results; acquiring a seventh series of operation results, generating a third series of random numbers and a third group of random numbers, and operating the seventh series of operation results, the third series of random numbers and the third group of random numbers based on the preset encryption algorithm according to a first encryption formula to obtain and publish an eighth series of operation results; acquiring a ninth series of operation results, and decrypting the ninth series of operation results based on a first decryption algorithm of the ninth series of operation results to obtain a first decryption result; acquiring a second decryption result, and determining the plaintext of the ninth series of operation results based on the first decryption result and the second decryption result; according to a ninth random operation formula, operating the plaintext and the third group of random numbers to obtain a fifth series of random numbers; determining a preset random number of the user based on the first series of random numbers, the third series of random numbers and the fifth series of random numbers;
the second key generation center is further configured to generate a second series of random numbers, and the second series of random numbers are operated through the preset encryption algorithm to obtain and publish a seventh series of operation results; acquiring the sixth series of operation results and the eighth series of operation results, generating a fourth series of random numbers and a fourth group of random numbers, and operating the sixth series of operation results, the eighth series of operation results, the fourth series of random numbers and the fourth group of random numbers based on the preset encryption algorithm according to a second encryption formula to obtain and publish the ninth series of operation results; decrypting the ninth series of operation results through a second decryption algorithm of the user to obtain and publish the second decryption result; taking the opposite number of the fourth group of random numbers as a sixth series of random numbers; determining a preset random number of the user based on the second series of random numbers, the fourth series of random numbers and the sixth series of random numbers;
the first encryption formula includes:
D 7 =E(b 1i ·(a 1i +a 2i )+u 1i );
the second encryption formula includes:
D 8 =E((a 1i +a 2i )·(b 1i +b 2i )+u 1i +u 2i );
the ninth random operation formula includes:
c 1i =(a 1i +a 2i )·(b 1i +b 2i )+u 1i +u 2i -u 1i =(a 1i +a 2i )·(b 1i +b 2i )+u 2i ,i=1,...,n;
wherein, a 1i Representing the first series of random numbers; a is a 2i Representing the second series of random numbers; b 1i Representing the third series of random numbers; b 2i Representing the fourth series of random numbers; u. of 1i Representing the third set of random numbers; u. of 2i Representing the fourth set of random numbers; c. C 1i Representing the fifth series of random numbers; c. C 2i Representing the sixth series of random numbers; e represents the preset encryption algorithm; d 7 Representing the result of said eighth series of operations; d 8 Representing the result of said ninth series of operations.
6. An SM9 key generation method applied to the key generation center of any one of claims 1 to 5, comprising:
according to a first private key operation formula, performing first private key operation on the identification information of the client based on a first private key of the client, a first preset random number and a generated first random number to obtain and publish a first operation result;
acquiring a second operation result published by the second key generation center; the second operation result comprises a result obtained by a second secret key generation center connected with the secret key generation center, performing second secret key operation on the basis of a second secret key of the second secret key generation center and a second preset random number according to a second secret key operation formula and generating a second random number;
according to a third private key operation formula, performing third private key operation based on the first operation result and the second operation result to generate the first part of private keys;
acquiring a preset random number of the user;
generating a first part of private keys of the client based on the preset random number;
and transmitting the first part of private keys to a connected client so that the client generates a target private key of the client based on the first part of private keys and a second part of private keys, wherein the second part of private keys are part of private keys generated by other key generation centers connected with the key generation center based on self preset random numbers.
7. The method of claim 6, wherein generating the first partial private key of the client based on the preset random number comprises:
the first private key operation formula corresponding to the first private key operation comprises:
h=Hash(ID A ||hid,N),e 1 =h+ks 1 -a 1 ;d 1 =r 1 -b 1
the third private key operation formula corresponding to the second private key operation comprises:
e 2 =ks 2 -a 2 ;d 2 =r 2 -b 2
a fourth private key operation formula corresponding to the third private key operation includes:
g 1 =c 1 +(e 1 +e 2 )b 1 +(d 1 +d 2 )a 1 +(e 1 +e 2 )(d 1 +d 2 );
T 1 =(g 1 +g 2 ) -1 r 1 ;KS 1 =ks 1 ([T 1 ]P 1 +[T 2 ]P 1 ) (ii) a Wherein, ID A Identification information representing the client; ks is the product of 1 Representing the first private key; a is 1 、b 1 、c 1 Representing the first preset random number; r is a radical of hydrogen 1 Representing the first random number; e.g. of a cylinder 1 ,d 1 Representing the result of the first operation; ks is the product of 2 Representing the second private key; a is 2 、b 2 、c 2 Represents the second predetermined random number, and a 1 、b 1 、c 1 、a 2 、b 2 、c 2 Satisfy (c) 1 +c 2 )=(a 1 +a 2 )*(b 1 +b 2 );r 2 Representing the second random number; e.g. of the type 2 ,d 2 Representing the result of the second operation; KS 1 Representing the first partial private key; hash represents Hash operation; hid, N, P 1 Representing the parameters defined in the SM9 standard document.
8. An SM9 key generation system applied to the key generation center of any one of claims 1 to 5, comprising:
the first acquisition module is used for acquiring a preset random number of the first acquisition module;
the first generation module is used for generating a first part of private keys of the client based on the preset random number;
the first transmission module is used for transmitting the first part of private keys to a connected client so as to enable the client to generate a target private key of the client based on the first part of private keys and a second part of private keys, wherein the second part of private keys are part of private keys generated by other key generation centers connected with the key generation center based on preset random numbers of the second part of private keys;
the first private key operation formula corresponding to the first private key operation comprises:
h=Hash(ID A ||hid,N),e 1 =h+ks 1 -a 1 ;d 1 =r 1 -b 1
the third private key operation formula corresponding to the second private key operation comprises:
e 2 =ks 2 -a 2 ;d 2 =r 2 -b 2
a fourth private key operation formula corresponding to the third private key operation includes:
g 1 =c 1 +(e 1 +e 2 )b 1 +(d 1 +d 2 )a 1 +(e 1 +e 2 )(d 1 +d 2 );
T 1 =(g 1 +g 2 ) -1 r 1 ;KS 1 =ks 1 ([T 1 ]P 1 +[T 2 ]P 1 );
wherein, ID A Identification information representing the client; ks is the product of 1 Representing the first private key; a is a 1 、b 1 、c 1 Representing the first preset random number; r is a radical of hydrogen 1 Representing the first random number; e.g. of the type 1 ,d 1 Representing the result of the first operation; ks is the product of 2 Representing the second private key; a is 2 、b 2 、c 2 Represents the second predetermined random number, and a 1 、b 1 、c 1 、a 2 、b 2 、c 2 Satisfies (c) 1 +c 2 )=(a 1 +a 2 )*(b 1 +b 2 );r 2 Representing the second random number; e.g. of the type 2 ,d 2 Representing the result of the second operation; KS 1 Representing the first partial private key; hash represents Hash operation; hid, N, P 1 Representing the parameters defined in the SM9 standard document.
9. An electronic device, applied to the key generation center of any one of claims 1 to 5, comprising:
a memory for storing a computer program;
a processor for implementing the SM9 key generation method of claim 6 or 7 when executing the computer program.
10. A computer-readable storage medium, for use in the key generation center of any one of claims 1 to 5, having a computer program stored therein, which, when executed by a processor, implements the SM9 key generation method of claim 6 or 7.
CN202010863934.3A 2020-08-25 2020-08-25 SM9 key generation method, system, electronic equipment, device and storage medium Active CN112003696B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010863934.3A CN112003696B (en) 2020-08-25 2020-08-25 SM9 key generation method, system, electronic equipment, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010863934.3A CN112003696B (en) 2020-08-25 2020-08-25 SM9 key generation method, system, electronic equipment, device and storage medium

Publications (2)

Publication Number Publication Date
CN112003696A CN112003696A (en) 2020-11-27
CN112003696B true CN112003696B (en) 2023-03-31

Family

ID=73471024

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010863934.3A Active CN112003696B (en) 2020-08-25 2020-08-25 SM9 key generation method, system, electronic equipment, device and storage medium

Country Status (1)

Country Link
CN (1) CN112003696B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113067823B (en) * 2021-03-22 2021-11-23 西安电子科技大学 Mail user identity authentication and key distribution method, system, device and medium
CN112906038B (en) * 2021-03-26 2023-04-07 成都卫士通信息产业股份有限公司 Thresholding processing method, device and equipment based on SM9 key and storage medium
CN112926074B (en) * 2021-03-26 2022-08-23 成都卫士通信息产业股份有限公司 SM9 key thresholding generation method, device, equipment and storage medium
CN112926075B (en) * 2021-03-26 2023-01-24 成都卫士通信息产业股份有限公司 SM9 key generation method, device, equipment and storage medium
CN113381850B (en) * 2021-06-25 2023-03-31 成都卫士通信息产业股份有限公司 SM9 user key generation method, device, equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1878060A (en) * 2006-07-07 2006-12-13 上海交通大学 Cryptographic key generation method and system based on identity
CN105743641A (en) * 2016-04-01 2016-07-06 西安电子科技大学 Multi-receiver signcryption method for explicit verification of public key
CN107579819A (en) * 2017-09-13 2018-01-12 何德彪 A kind of SM9 digital signature generation method and system
CN109639412A (en) * 2018-12-05 2019-04-16 成都卫士通信息产业股份有限公司 A kind of communication means, system and electronic equipment and storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010096923A1 (en) * 2009-02-27 2010-09-02 Certicom Corp. System and method for securely communicating with electronic meters
US11310039B2 (en) * 2018-11-20 2022-04-19 Board Of Regents, The University Of Texas System Lightweight distributed signature protocol for mobile computing and IoT devices

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1878060A (en) * 2006-07-07 2006-12-13 上海交通大学 Cryptographic key generation method and system based on identity
CN105743641A (en) * 2016-04-01 2016-07-06 西安电子科技大学 Multi-receiver signcryption method for explicit verification of public key
CN107579819A (en) * 2017-09-13 2018-01-12 何德彪 A kind of SM9 digital signature generation method and system
CN109639412A (en) * 2018-12-05 2019-04-16 成都卫士通信息产业股份有限公司 A kind of communication means, system and electronic equipment and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"An efficient certificateless aggregate signature scheme for vehicular ad-hoc networks";Avleen Kaur Malhi;《Discrete Mathematics & Theoretical Computer Science》;20151231;全文 *
"基于多方共管的IBC改进密钥管理方案";许盛伟;《计算机应用与软件》;20200812;全文 *

Also Published As

Publication number Publication date
CN112003696A (en) 2020-11-27

Similar Documents

Publication Publication Date Title
CN112003696B (en) SM9 key generation method, system, electronic equipment, device and storage medium
US10785019B2 (en) Data transmission method and apparatus
CN107196926B (en) Cloud outsourcing privacy set comparison method and device
CN111130803B (en) Method, system and device for digital signature
US20130028419A1 (en) System and a method for use in a symmetric key cryptographic communications
KR20170057549A (en) Large simultaneous digital signature service system based on hash function and method thereof
CN108199847B (en) Digital security processing method, computer device, and storage medium
CN112906038B (en) Thresholding processing method, device and equipment based on SM9 key and storage medium
CN111901111A (en) SM9 key generation method, device and system and readable storage medium
CN112865957A (en) Data encryption transmission method and device, computer target equipment and storage medium
WO2021098152A1 (en) Blockchain-based data processing method, device, and computer apparatus
CN111181944B (en) Communication system, information distribution method, device, medium, and apparatus
CN114095170A (en) Data processing method, device, system and computer readable storage medium
CN112889240A (en) Server device, communication terminal, communication system, and program
CN112926075B (en) SM9 key generation method, device, equipment and storage medium
CN105530089B (en) Attribute-based encryption method and device
CN111901097B (en) White box implementation method and device, electronic equipment and computer storage medium
US9473471B2 (en) Method, apparatus and system for performing proxy transformation
CN114362912A (en) Identification password generation method based on distributed key center, electronic device and medium
CN111245594A (en) Homomorphic operation-based collaborative signature method and system
WO2020177109A1 (en) Lot-drawing processing method, trusted chip, node, storage medium and electronic device
CN115412246A (en) Method, device, equipment and storage medium for inadvertent transmission
CN114417309A (en) Bidirectional identity authentication method, device, equipment and storage medium
CN109842490B (en) Digital signature generating/transmitting/verifying method, terminal and computer storage medium
CN112927026A (en) Coupon processing method and device, electronic equipment and computer storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant