CN112926074B - SM9 key thresholding generation method, device, equipment and storage medium - Google Patents

SM9 key thresholding generation method, device, equipment and storage medium Download PDF

Info

Publication number
CN112926074B
CN112926074B CN202110326127.2A CN202110326127A CN112926074B CN 112926074 B CN112926074 B CN 112926074B CN 202110326127 A CN202110326127 A CN 202110326127A CN 112926074 B CN112926074 B CN 112926074B
Authority
CN
China
Prior art keywords
key
polynomial
key management
result
random
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110326127.2A
Other languages
Chinese (zh)
Other versions
CN112926074A (en
Inventor
王现方
涂彬彬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Electronics Technology Network Security Technology Co ltd
Original Assignee
Chengdu Westone Information Industry Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Westone Information Industry Inc filed Critical Chengdu Westone Information Industry Inc
Priority to CN202110326127.2A priority Critical patent/CN112926074B/en
Publication of CN112926074A publication Critical patent/CN112926074A/en
Application granted granted Critical
Publication of CN112926074B publication Critical patent/CN112926074B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The disclosure discloses a method, a device, equipment and a storage medium for SM9 key thresholding generation. The random polynomial is generated based on the key segment and the threshold value, the constant term of the random polynomial is the key segment, and the highest power of the random polynomial is a value obtained by subtracting one from the threshold value, so that the random polynomial can be restored based on the threshold value number of the random polynomial, and the reliability of the SM9 key thresholding generation process is relatively ensured. In addition, each key management terminal sends the key generation parameters to the key using terminal, and the key using terminal generates the result key meeting the SM9 standard based on the key generation parameters, so that the security of the SM9 key can be ensured, and the overall operation overhead is reduced. In addition, the disclosure also provides an SM9 key thresholding generation device, equipment and storage medium, and the beneficial effects are the same as above.

Description

SM9 key thresholding generation method, device, equipment and storage medium
Technical Field
The present disclosure relates to the field of cryptography, and in particular, to a method, an apparatus, a device, and a storage medium for generating an SM9 key threshold.
Background
The design idea of modern cryptography generally attributes the security of data to the key used for encrypting the data, and cryptographic algorithms are often open, so how to generate the key safely and effectively is a key concern in the field of data security at present.
In the process of generating the key based on the cryptographic algorithm by the current cryptographic SM9, the SM9 key is often generated jointly by a preset number of key management terminals based on their own key fragments, and the SM9 key is issued to the key user terminal for the key user terminal to use. In the process of jointly generating the SM9 key by a plurality of key management terminals, the key management terminal needs to generate the SM9 key first and then send the key to the key using terminal, so that the SM9 key is not only mastered by the key management terminal, and the security of the SM9 key is difficult to ensure. In addition, when there is a key management side in an offline state among a preset number of key management sides, the key management side based on the online state often cannot jointly generate the SM9 key based on its own key fragment, and it is difficult to ensure the reliability of the SM9 key thresholding generation process. In the existing solutions, other cryptographic components are required, such as an encryption algorithm, a homomorphic encryption algorithm, and the like. Such a configuration makes the scheme security dependent on multiple security assumptions, increasing system deployment overhead and computation.
Therefore, it can be seen that the problem to be solved by those skilled in the art is to provide an SM9 key thresholding generation method to ensure the reliability of the SM9 key thresholding generation process and the security of the generated SM9 key, and to ensure that no additional security assumption needs to be added in the SM9 key generation process, and no additional cryptographic component is used in the encryption algorithm to reduce the overall operation overhead.
Disclosure of Invention
The purpose of the present disclosure is to provide an SM9 key thresholding generation method, apparatus, device and storage medium, so as to ensure the reliability of the SM9 key thresholding generation process and the security of the generated SM9 key, and ensure that no additional security assumption needs to be added in the SM9 key generation process, and no additional cryptographic component of the encryption algorithm is adopted, so as to reduce the overall operation overhead.
In order to solve the above technical problem, the present disclosure provides a method for generating a key threshold SM9, which is applied to a key management end, and includes:
generating a random polynomial based on the key fragment and the threshold value; the constant item of the random polynomial is a key segment, the highest power of the random polynomial is a value obtained by subtracting one from a threshold value, the coefficient of the random polynomial is a random number, and the threshold value is smaller than the total amount of the key management end;
generating a local polynomial result corresponding to the local and a target polynomial result corresponding to the other key management terminals based on the random polynomial;
sending the target polynomial result to other corresponding key management terminals, and receiving the opposite-end polynomial result transmitted by other key management terminals;
calculating a key generation parameter according to the local polynomial result and the opposite-end polynomial result;
and sending the key generation parameters to the key using end so that the key using end receives the key generation parameters transmitted by each key management end, and generating a result key meeting the SM9 standard based on the key generation parameters consistent with the number of the threshold values.
Preferably, calculating the key generation parameter according to the local polynomial result and the peer polynomial result includes:
accumulating the local polynomial result and the opposite-end polynomial result to obtain a first process parameter;
acquiring a second process parameter meeting the SM9 standard;
generating a local third process parameter and a target third process parameter corresponding to other key management terminals based on the first process parameter and the second process parameter;
the third process parameter is sent to the corresponding other key management end, and the third process parameter of the opposite end transmitted by the other key management end is received;
and generating a key generation parameter according to the local third process parameter and the opposite-end third process parameter.
Preferably, after accumulating the local polynomial result and the peer polynomial result to obtain the first process parameter, the method further comprises:
the first process parameter is stored locally.
Preferably, the key fragment is a random number within a preset value interval.
Preferably, the result key comprises a result private key.
In addition, the present disclosure also provides an SM9 key thresholding generation apparatus, applied to a key management end, including:
a polynomial generation module for generating a random polynomial based on the key fragment and a threshold value; the constant item of the random polynomial is a key segment, the highest power of the random polynomial is a value obtained by subtracting one from a threshold value, the coefficient of the random polynomial is a random number, and the threshold value is smaller than the total amount of the key management end;
the polynomial result calculation module is used for generating a local polynomial result corresponding to the local and a target polynomial result corresponding to other key management terminals based on the random polynomial;
the polynomial result processing module is used for issuing the target polynomial result to other corresponding key management terminals and receiving the opposite-terminal polynomial result transmitted by other key management terminals;
the generating parameter operation module is used for calculating a key generating parameter according to the local polynomial result and the opposite-end polynomial result;
and the sending and generating module is used for sending the key generation parameters to the key using end so that the key using end receives the key generation parameters transmitted by each key management end, and generating a result key meeting the SM9 standard based on the key generation parameters consistent with the number of the threshold values.
Preferably, the generation parameter operation module includes:
the accumulation module is used for accumulating the local polynomial result and the opposite-end polynomial result to obtain a first process parameter;
the parameter acquisition module is used for acquiring second process parameters meeting the SM9 standard;
the parameter generating module is used for generating a local third process parameter and a target third process parameter corresponding to other key management terminals based on the first process parameter and the second process parameter;
the process parameter transmission module is used for transmitting the third process parameter to other corresponding key management terminals and receiving the opposite terminal third process parameter transmitted by other key management terminals;
and the parameter generation module is used for generating a key generation parameter according to the local third process parameter and the opposite-end third process parameter.
Preferably, the method further comprises the following steps:
and the storage module is used for storing the first process parameter to the local.
In addition, the present disclosure also provides a key management end device, including:
a memory for storing a computer program;
a processor for implementing the steps of the SM9 key thresholding generation method as described above when executing the computer program.
Furthermore, the present disclosure also provides a computer-readable storage medium having stored thereon a computer program, which when executed by a processor, implements the steps of the SM9 key thresholding generation method as described above.
The SM9 key thresholding generation method provided by the disclosure is applied to a key management end, firstly, a random polynomial is generated based on a key segment and a threshold value, a constant term of the random polynomial is the key segment, the highest power of the random polynomial is a value obtained by subtracting one from the threshold value, a coefficient of the random polynomial is a random number, and the threshold value is smaller than the total amount of the key management end; and further generating a local polynomial result corresponding to the local and a target polynomial result corresponding to other key management terminals based on the random polynomial, issuing the target polynomial results to the corresponding other key management terminals, receiving opposite-terminal polynomial results transmitted by other key management terminals, further calculating key generation parameters according to the local polynomial results and the opposite-terminal polynomial results, transmitting the key generation parameters to the key using terminals so that the key using terminals can receive the key generation parameters transmitted by the key management terminals, and generating result keys meeting the SM9 standard based on the key generation parameters consistent with the number of threshold values. The method generates the random polynomial based on the key segment and the threshold value, the constant term of the random polynomial is the key segment, and the highest power of the random polynomial is the value obtained by subtracting one from the threshold value, so that the random polynomial can be restored based on the threshold value number of the random polynomial, and further the polynomial results of the random polynomial are mutually transmitted between the key management ends, so that the result keys meeting the SM9 standard can be generated based on the threshold value number of the key management ends when the key management ends are offline, and the reliability of the SM9 key thresholding generation process is relatively ensured. In addition, each key management end sends the key generation parameters to the key using end, and the key using end generates the result key meeting the SM9 standard based on the key generation parameters, so that the security of the SM9 key can be ensured, no additional security assumption needs to be added in the process of generating the SM9 key, no additional cryptographic component of an encryption algorithm is adopted, and the overall operation overhead is reduced. In addition, the disclosure also provides an SM9 key thresholding generation device, an apparatus and a storage medium, and the beneficial effects are the same as above.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure, the drawings needed for the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present disclosure, and that other drawings can be obtained by those skilled in the art without inventive effort.
Fig. 1 is a flowchart of an SM9 key thresholding generation method disclosed in the embodiment of the present disclosure;
fig. 2 is a timing diagram in a specific application scenario disclosed in the embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of an SM9 key thresholding generating apparatus disclosed in the embodiment of the present disclosure;
fig. 4 is a block diagram of a key management end device disclosed in the embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present disclosure without any creative effort belong to the protection scope of the present disclosure.
In the process of generating the key based on the cryptographic algorithm by the current cryptographic SM9, the SM9 key is often generated jointly by a preset number of key management terminals based on their own key fragments, and the SM9 key is issued to the key user terminal for the key user terminal to use. In the process of jointly generating the SM9 key by a plurality of key management terminals, the key management terminal needs to generate the SM9 key first and then send the key to the key using terminal, so that the SM9 key is not only mastered by the key management terminal, and the security of the SM9 key is difficult to ensure. In addition, when there is a key management side in an offline state among a preset number of key management sides, the key management side based on the online state often cannot jointly generate the SM9 key based on its own key fragment, and it is difficult to ensure the reliability of the SM9 key thresholding generation process.
Therefore, the core of the present disclosure is to provide an SM9 key thresholding generation method, so as to ensure the reliability of the SM9 key thresholding generation process and the security of the generated SM9 key, and ensure that no additional security assumption needs to be added in the SM9 key generation process, and no additional cryptographic component of the encryption algorithm is adopted, so as to reduce the overall operation overhead.
The present disclosure will be described in further detail below with reference to the accompanying drawings and specific embodiments in order to enable those skilled in the art to better understand the disclosure.
Referring to fig. 1, an embodiment of the present disclosure discloses an SM9 key thresholding generation method, which is applied to a key management end, and includes:
step S10: a random polynomial is generated based on the key fragment and the threshold value.
The constant term of the random polynomial is a key segment, the highest power of the random polynomial is a value obtained by subtracting one from a threshold value, the coefficient of the random polynomial is a random number, and the threshold value is smaller than the total amount of the key management end.
It should be noted that the execution subject of this embodiment is any one of a plurality of key management terminals, each key management terminal has its own corresponding key segment, and the finally generated result key that meets the SM9 standard needs to be generated jointly based on the key segment of each key management terminal.
The key segment in this step may be generated by the key management end through a specific key generation logic in advance, and in addition, the threshold value in this step refers to the number of key generation parameters at least required when the result key of the SM9 standard is generated, where the key generation parameters are issued to the key usage end by the key management end in the subsequent steps, and the threshold value should be smaller than the total amount of the key management end.
In generating the random polynomial based on the key segment and the threshold value, a constant term of the random polynomial is the key segment, a highest power of the random polynomial is a value obtained by subtracting one from the threshold value, and a coefficient of the random polynomial is a random number. It can be seen that the random polynomial includes the key fragment, and since the highest power of the random polynomial is a value obtained by subtracting one from the threshold value, the threshold number of polynomial results generated by the random polynomial can restore the random polynomial.
Step S11: and generating a local polynomial result corresponding to the local and a target polynomial result corresponding to the other key management terminals based on the random polynomial.
After generating the random polynomial based on the key fragment and the threshold value, the step further generates a local polynomial result corresponding to the local key management terminal based on the random polynomial, and generates a target polynomial result corresponding to the other key management terminal based on the random polynomial.
Step S12: and sending the target polynomial result to other corresponding key management terminals, and receiving the opposite-end polynomial result transmitted by other key management terminals.
After the key management terminal generates the target polynomial results corresponding to other key management terminals, the target polynomial results are further issued to the corresponding other key management terminals, and opposite terminal polynomial results generated and transmitted by the other key management terminals for the local key management terminals are received. It should be noted that the result of the peer-to-peer polynomial transmitted by the other key management end is further generated by the random polynomial generated by the other key management end based on its own key fragment and the threshold value.
Step S13: and calculating a key generation parameter according to the local polynomial result and the opposite-end polynomial result.
After the key management terminal obtains the local polynomial result and the opposite-terminal polynomial result, the key management terminal further calculates a key generation parameter according to the local polynomial result and the opposite-terminal polynomial result. It should be noted that the key generation parameters generated in this step include the local polynomial result and the peer polynomial result, so that the key fragment of each key management peer can be further obtained by using the key generation parameters generated by each key management peer, and further, the result key generated by the key fragment can be obtained.
In the step, the key generation parameters are calculated according to the local polynomial result and the opposite-end polynomial result, so that the key management end sends the key generation parameters to the key using end in the subsequent steps, and the key using end comprehensively generates keys by using the key generation parameters respectively transmitted by the multi-part key management end.
Step S14: and sending the key generation parameters to the key using end so that the key using end receives the key generation parameters transmitted by each key management end, and generating a result key meeting the SM9 standard based on the key generation parameters consistent with the number of threshold values.
After the key generation parameters are calculated according to the local polynomial results and the opposite-end polynomial results, the key management end further sends the key generation parameters to the key using end, and after the key using end receives the key generation parameters transmitted by each key management end, the key using end can further generate result keys meeting the SM9 standard based on the key generation parameters consistent with the number of the threshold values.
The SM9 key thresholding generation method provided by the disclosure is applied to a key management end, firstly, a random polynomial is generated based on a key segment and a threshold value, a constant term of the random polynomial is the key segment, the highest power of the random polynomial is a value obtained by subtracting one from the threshold value, a coefficient of the random polynomial is a random number, and the threshold value is smaller than the total amount of the key management end; and further generating a local polynomial result corresponding to the local and a target polynomial result corresponding to other key management terminals based on the random polynomial, issuing the target polynomial results to the corresponding other key management terminals, receiving opposite-terminal polynomial results transmitted by other key management terminals, further calculating key generation parameters according to the local polynomial results and the opposite-terminal polynomial results, transmitting the key generation parameters to the key using terminals so that the key using terminals can receive the key generation parameters transmitted by the key management terminals, and generating result keys meeting the SM9 standard based on the key generation parameters consistent with the number of threshold values. The method generates the random polynomial based on the key segment and the threshold value, the constant term of the random polynomial is the key segment, and the highest power of the random polynomial is the value obtained by subtracting one from the threshold value, so that the random polynomial can be restored based on the threshold value number of the random polynomial, and further the polynomial results of the random polynomial are mutually transmitted between the key management ends, so that the result keys meeting the SM9 standard can be generated based on the threshold value number of the key management ends when the key management ends are offline, and the reliability of the SM9 key thresholding generation process is relatively ensured. In addition, each key management end sends the key generation parameters to the key using end, and the key using end generates the result key meeting the SM9 standard based on the key generation parameters, so that the security of the SM9 key can be ensured, no additional security assumption needs to be added in the process of generating the SM9 key, no additional cryptographic component of an encryption algorithm is adopted, and the overall operation overhead is reduced.
On the basis of the foregoing embodiment, as a preferred implementation, calculating a key generation parameter according to a local polynomial result and an opposite-end polynomial result includes:
accumulating the local polynomial result and the opposite-end polynomial result to obtain a first process parameter;
acquiring a second process parameter meeting the SM9 standard;
generating a local third process parameter and a target third process parameter corresponding to other key management terminals based on the first process parameter and the second process parameter;
the third process parameter is sent to the corresponding other key management end, and the third process parameter of the opposite end transmitted by the other key management end is received;
and generating a key generation parameter according to the local third process parameter and the opposite-end third process parameter.
It should be noted that, in this embodiment, when the key management end calculates the key generation parameter according to the local polynomial result and the peer polynomial result, the key management end accumulates the local polynomial result and the peer polynomial result to obtain a first process parameter, and obtains a second process parameter that meets the SM9 standard, and then generates a local third process parameter and a target third process parameter corresponding to another key management end based on the first process parameter and the second process parameter, issues the third process parameter to the other corresponding key management end, receives a peer third process parameter transmitted by the other key management end, and then generates the key generation parameter according to the local third process parameter and the peer third process parameter. The first process parameter includes a local polynomial result and an opposite-end polynomial result, and the second process parameter is generated based on the SM9 standard, so that the generation of the local third process parameter and the target third process parameter based on the first process parameter and the second process parameter can be further used to generate a key generation parameter required for generating a result key satisfying the SM9 key format standard. This embodiment further ensures the reliability of the key generation parameters and, in turn, the reliability of the resulting keys that meet the SM9 standard.
Further, as a preferred embodiment, after accumulating the local polynomial result and the peer polynomial result to obtain the first process parameter, the method further includes:
the first process parameter is stored locally.
It should be noted that, in order to further improve the efficiency of obtaining the first process parameter by the key management end, in the embodiment, after the first process parameter is obtained by accumulating the local polynomial result and the opposite-end polynomial result, the first process parameter is further stored locally, and then the key management end can repeatedly read and use the first process parameter, so that the efficiency of obtaining the first process parameter by the key management end is further improved, and the efficiency of generating the result key by the key usage end is further improved.
On the basis of the foregoing embodiment, as a preferred implementation manner, the key fragment is a random number within a preset value range.
In the present embodiment, the key segment used by the key management end to generate the random polynomial is a random number within a preset value range, so that the randomness of the key segment can be relatively ensured, and the reliability of the resulting key can be ensured.
In addition, on the basis of the series of embodiments described above, as a preferred implementation, the result key includes a result private key.
It should be noted that the key using end of the present embodiment receives the key generation parameters transmitted from each key managing end, and generates the resulting private key that satisfies the SM9 standard based on the key generation parameters that match the number of the threshold values. The result private key is a key used by the key using end for decrypting or signing data, on the basis, a public key corresponding to the result private key should exist, and the key using end is used for decrypting the data encrypted by the result private key or verifying the data signed by the result private key. The embodiment further improves the reliability of the mechanism for encrypting and signing the key using end based on the asymmetric key.
In order to further improve understanding of some of the above embodiments, the present disclosure further provides a scenario embodiment in a specific application scenario for further explanation.
The scheme designs a distributed (t, n) threshold key management end generation mechanism by using a secret sharing idea, and does not increase additional difficult problem security hypothesis. The (t, n) threshold scheme makes t-1 key management terminals unable to collude to recover the private key of the key usage terminal. The scheme calculation process only needs basic operations such as addition, subtraction, multiplication and division, elliptic curve multiple points and the like on a finite field. Through interactive communication, the multi-party key management end respectively issues partial private keys to the key using end, so that the private key of the key using end is obtained by the key using end through self operation, and the standard format of the SM9 private key is met.
In the SM9 standard, the key usage side private key is generated as follows: g1 and G2 are both N-order cyclic groups, and N is a prime number; p1 and P2 are the generation of G1 and G2, respectivelyAnd (5) Yuan. The key management end generates a random number ks E [1, N-1 ∈]As the system master private key, P pub =[ks]P 2 As the master public key. hid denotes a private key generating function identifier, H is a cryptographic function derived from a hash function, and the image set is [1, N-1 ]]Let the ID be the ID of the key user end A The key management side calculates t 1 =H(ID A ||hid,N)+ks,t 2 =ks t 1 -1 mod N, the private key at the key using end is ds A =[t 2 ]P 1
Let n, T, T be positive integers, satisfy 2T-1 ≤ T ≤ n. Suppose n-party key generation centers are key management ends i respectively and the identity is x i ∈[1,N-1]And i is more than or equal to 1 and less than or equal to n. The system main private key of the key management end i is ks i ∈[1,N-1]. Any T-party joint calculation can generate a private key for the key using end, and any T-1 key management ends can not obtain any information of the private key of the key using end in a conspiring manner. The (t, n) threshold key management end distributed key generation mechanism is designed as follows.
The initialization process of the n-party key management terminal is as follows:
1. key management end i generates finite field F N Polynomial of the above formula f i (x)=ks i +a i1 x+…+a i,t-1 x t-1 Calculating f i (x j ) I is more than or equal to 1 and less than or equal to n, and f i (x j ) J is sent to a key management end j, j is more than or equal to 1 and less than or equal to n;
2. key management side i calculates d i =∑ 1≤j≤n f j (x i ) Local storage of d i
Suppose that the key generation centers of the T parties (T is more than or equal to 2T-1) participating in the generation are key management ends i respectively, and i is more than or equal to 1 and less than or equal to T. Order to
Figure BDA0002994723350000101
When the user ID A When applying for the private key, the T side key management end performs the following operations:
1. the key management end 1 generates a polynomial H (x) H (ID) over the finite field FN A ||hid,N)+c 1 x+…+c t-1 x t-1 Calculate h (x) i ) I is more than or equal to 1 and less than or equal to T, and a finite field F is generated N Random onPolynomial g of number i (x)=α i +b i1 x+…+b i,t-1 x t-1 Calculate g i (x j ) J is more than or equal to 1 and less than or equal to T; h (x) j ),g i (x j ) Sending the key information to a key management end j;
2. key management side i calculates D i =d i +h(x i ) Calculate e i =∑ 1≤j≤T g j (x i ) Calculating delta i =D i e i Will delta i Sending the key to another T-1 side key management end;
3. key management end i calculates T i =[(∑ 1≤j≤T l i δ i ) -1 l i e i d i ]P 2 Will T i Sending the data to a user, wherein i is more than or equal to 1 and less than or equal to T;
4. user local computation private key ds A =∑ 1≤i≤T T i
For better understanding of the scheme, the following describes the private key generation mechanism of the threshold (2,3) in detail by taking a three-party key management end as an example.
The timing diagram of the present scenario embodiment is shown in fig. 2.
Suppose the identities of the three-party key management terminal 1, the key management terminal 2 and the key management terminal 3 are x respectively 1 、x 2 、x 3 ∈[1,N-1]The system main private keys are ks respectively 1 、ks 2 And ks 3 . Order to
Figure BDA0002994723350000102
Figure BDA0002994723350000103
The three-party key management terminal initialization process is as follows:
key management end i generating polynomial f i (x)=ks i +a i x,a i ∈[1,N-1]I is more than or equal to 1 and less than or equal to 3; key management side i calculates f i (x j ) I is more than or equal to 1 and less than or equal to 3, j is more than or equal to 1 and less than or equal to 3, f i (x j ) Sending the key information to a key management end j;
key management side i calculates d i =f 1 (x i )+f 2 (x i )+f 3 (x i ) Local storage of d i
When the key using end IDA applies for the private key, the three-party key management end performs the following operations:
the key management terminal 1 generates a polynomial H (x) H (ID) A ||hid,N)+cx,c∈[1,N-1]Calculate h (x) i ) I is more than or equal to 1 and less than or equal to 3; secret key management terminal i generates random number polynomial g i (x)=α i +b i x,α i ,b i ∈[1,N-1]. The key management end i calculates g i (x j ) I is more than or equal to 1 and less than or equal to 3, and j is more than or equal to 1 and less than or equal to 3; h (x) j ),g i (x j ) Sending the key information to a key management end j;
key management side i calculates D i =d i +h(x i ),e i =g 1 (x i )+g 2 (x i )+g 3 (x i ) (ii) a Calculating delta i =D i e i Will delta i Sending the key to the other two party key management terminals; t1, T2, T3
Key management end i calculates T i =[(l 1 δ 1 +l 2 δ 2 +l 3 δ 3 ) -1 l i e i d i ]P 2 Will T i Sending the key to a key using end, wherein i is more than or equal to 1 and less than or equal to 3;
local calculation private key of key using end
ds A =T 1 +T 2 +T 3 =[(ks 1 +ks 2 +ks 3 )(ks 1 +ks 2 +ks 3 +H(ID A ||hid,N)) -1 ]P 2
The final generated private key format of the key using end is consistent with the SM9 standard algorithm.
Referring to fig. 3, an embodiment of the present disclosure provides an SM9 key thresholding generation apparatus 200, applied to a key management side, including:
a polynomial generating module 210 configured to generate a random polynomial based on the key fragment and a threshold value; the constant item of the random polynomial is a key segment, the highest power of the random polynomial is a value obtained by subtracting one from a threshold value, the coefficient of the random polynomial is a random number, and the threshold value is smaller than the total amount of the key management end;
a polynomial result calculating module 220, configured to generate a local polynomial result corresponding to the local and a target polynomial result corresponding to the other key management terminals based on the random polynomial;
a polynomial result processing module 230, configured to issue the target polynomial result to the corresponding other key management terminals, and receive the opposite-end polynomial result transmitted by the other key management terminals;
a generation parameter operation module 240, configured to calculate a key generation parameter according to the local polynomial result and the peer polynomial result;
and the sending and generating module 250 is configured to send the key generation parameters to the key using end, so that the key using end receives the key generation parameters transmitted by each key management end, and generates a result key meeting the SM9 standard based on the key generation parameters consistent with the number of threshold values.
As a preferred embodiment, the generation parameter operation module 240 includes:
the accumulation module is used for accumulating the local polynomial result and the opposite-end polynomial result to obtain a first process parameter;
the parameter acquisition module is used for acquiring second process parameters meeting the SM9 standard;
the parameter generating module is used for generating a local third process parameter and a target third process parameter corresponding to other key management terminals based on the first process parameter and the second process parameter;
the process parameter transmission module is used for transmitting the third process parameter to the corresponding other key management terminals and receiving the opposite terminal third process parameter transmitted by the other key management terminals;
and the parameter generation module is used for generating a key generation parameter according to the local third process parameter and the opposite-end third process parameter.
As a preferred embodiment, the method further comprises:
and the storage module is used for storing the first process parameter to the local.
The SM9 key thresholding generation device provided by the disclosure is applied to a key management end, firstly, a random polynomial is generated based on a key segment and a threshold value, a constant term of the random polynomial is the key segment, the highest power of the random polynomial is a value obtained by subtracting one from the threshold value, a coefficient of the random polynomial is a random number, and the threshold value is smaller than the total amount of the key management end; and then generating a local polynomial result corresponding to the local and a target polynomial result corresponding to other key management terminals based on the random polynomial, issuing the target polynomial results to the corresponding other key management terminals, receiving opposite-end polynomial results transmitted by other key management terminals, further calculating key generation parameters according to the local polynomial results and the opposite-end polynomial results, transmitting the key generation parameters to the key using terminals so that the key using terminals can receive the key generation parameters transmitted by the key management terminals, and generating result keys meeting the SM9 standard based on the key generation parameters consistent with the number of threshold values. The device generates the random polynomial based on the key segment and the threshold value, the constant term of the random polynomial is the key segment, and the highest power of the random polynomial is the value obtained by subtracting one from the threshold value, so that the random polynomial can be restored based on the polynomial results of the threshold value number of the random polynomial, and the polynomial results of the random polynomial are mutually transmitted between the key management ends, so that the device can ensure that when the key management ends are offline, the result keys meeting the SM9 standard can be generated based on the key management ends of the threshold value number, and the reliability of the SM9 key thresholding generation process is relatively ensured. In addition, each key management end sends the key generation parameters to the key using end, and the key using end generates the result key meeting the SM9 standard based on the key generation parameters, so that the security of the SM9 key can be ensured, no additional security assumption needs to be added in the process of generating the SM9 key, no additional cryptographic component of an encryption algorithm is adopted, and the overall operation overhead is reduced.
Fig. 4 is a block diagram illustrating a key management side device 300 according to an example embodiment. As shown in fig. 4, the key management side device 300 may include: a processor 301 and a memory 302. The key consumer 300 may further comprise one or more of a multimedia component 303, an input/output (I/O) interface 304, and a communication component 305.
The processor 301 is configured to control the overall operation of the key end device 300, so as to complete all or part of the steps in the SM9 key thresholding generation method. The memory 302 is used to store various types of data to support the operation of the key consumer 300, such data may include, for example, instructions for any application or method operating on the key consumer 300, as well as application-related data, such as contact data, messaging, pictures, audio, video, and so forth. The Memory 302 may be implemented by any type of volatile or non-volatile Memory device or combination thereof, such as Static Random Access Memory (SRAM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Erasable Programmable Read-Only Memory (EPROM), Programmable Read-Only Memory (PROM), Read-Only Memory (ROM), magnetic Memory, flash Memory, magnetic disk or optical disk. The multimedia components 303 may include a screen and an audio component. Wherein the screen may be, for example, a touch screen and the audio component is used for outputting and/or inputting audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signal may further be stored in the memory 302 or transmitted through the communication component 305. The audio assembly also includes at least one speaker for outputting audio signals. The I/O interface 304 provides an interface between the processor 301 and other interface modules, such as a keyboard, mouse, buttons, etc. These buttons may be virtual buttons or physical buttons. The communication component 305 is used for wired or wireless communication between the key consumer 300 and other devices. Wireless Communication, such as Wi-Fi, bluetooth, Near Field Communication (NFC for short), 2G, 3G or 4G, or a combination of one or more of them, and thus the corresponding Communication component 305 may include: Wi-Fi module, bluetooth module, NFC module.
In an exemplary embodiment, the key user Device 300 may be implemented by one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), controllers, microcontrollers, microprocessors, or other electronic components, and is configured to perform the SM9 key thresholding generation method described above.
In another exemplary embodiment, a computer readable storage medium comprising program instructions which, when executed by a processor, implement the steps of the SM9 key thresholding generation method described above is also provided. For example, the computer readable storage medium may be the memory 302 including program instructions executable by the processor 301 of the key client 300 to perform the SM9 key thresholding generation method described above.
In addition, the present disclosure also provides a computer-readable storage medium, which is applied to a key management terminal, and the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the computer program implements the steps of the SM9 key thresholding generation method as described above.
The computer readable storage medium provided by the present disclosure is applied to a key management end, and first, a random polynomial is generated based on a key fragment and a threshold value, a constant term of the random polynomial is the key fragment, a highest power of the random polynomial is a value obtained by subtracting one from the threshold value, a coefficient of the random polynomial is a random number, and the threshold value is smaller than the total amount of the key management end; and further generating a local polynomial result corresponding to the local and a target polynomial result corresponding to other key management terminals based on the random polynomial, issuing the target polynomial results to the corresponding other key management terminals, receiving opposite-terminal polynomial results transmitted by other key management terminals, further calculating key generation parameters according to the local polynomial results and the opposite-terminal polynomial results, transmitting the key generation parameters to the key using terminals so that the key using terminals can receive the key generation parameters transmitted by the key management terminals, and generating result keys meeting the SM9 standard based on the key generation parameters consistent with the number of threshold values. The computer-readable storage medium generates random polynomials based on the key segments and the threshold values, the constant terms of the random polynomials are the key segments, and the highest power of the random polynomials is a value obtained by subtracting one from the threshold values, so that the polynomial results of the number of the threshold values based on the random polynomials can restore the random polynomials, and further, the polynomial results of the random polynomials are mutually transmitted among the key management terminals, so that when the key management terminals are offline, the result keys meeting the SM9 standard can be generated based on the number of the threshold values based on the key management terminals, and the reliability of the SM9 key thresholding generation process is relatively ensured. In addition, each key management end sends the key generation parameters to the key using end, and the key using end generates the result key meeting the SM9 standard based on the key generation parameters, so that the security of the SM9 key can be ensured, no additional security assumption needs to be added in the process of generating the SM9 key, no additional cryptographic component of an encryption algorithm is adopted, and the overall operation overhead is reduced.
The SM9 key thresholding generating method, apparatus, device and storage medium provided in this disclosure are described in detail above. The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present disclosure without departing from the principle of the present disclosure, and such improvements and modifications also fall within the scope of the claims of the present disclosure.
It should also be noted that, in this specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The preferred embodiments of the present disclosure are described in detail with reference to the accompanying drawings, however, the present disclosure is not limited to the specific details of the above embodiments, and various simple modifications may be made to the technical solution of the present disclosure within the technical idea of the present disclosure, and these simple modifications all belong to the protection scope of the present disclosure.
It should be noted that, in the foregoing embodiments, various features described in the above embodiments may be combined in any suitable manner, and in order to avoid unnecessary repetition, various combinations that are possible in the present disclosure are not described again.
In addition, any combination of various embodiments of the present disclosure may be made, and the same should be considered as the disclosure of the present disclosure, as long as it does not depart from the spirit of the present disclosure.

Claims (8)

1. An SM9 key thresholding generation method is applied to a key management end and comprises the following steps:
generating a random polynomial based on the key fragment and the threshold value; the constant term of the random polynomial is the key fragment, the highest power of the random polynomial is a value obtained by subtracting one from the threshold value, the coefficient of the random polynomial is a random number, and the threshold value is smaller than the total amount of the key management terminal;
generating a local polynomial result corresponding to the local and a target polynomial result corresponding to the other key management terminal based on the random polynomial;
sending the target polynomial result to the other corresponding key management terminals, and receiving opposite-terminal polynomial results transmitted by the other key management terminals; calculating a key generation parameter according to the local polynomial result and the opposite-end polynomial result;
sending the key generation parameters to a key using end, so that the key using end receives the key generation parameters transmitted by each key management end, and generates a result key meeting the SM9 standard based on the key generation parameters with the number consistent with the threshold value; the calculating key generation parameters according to the local polynomial result and the opposite-end polynomial result comprises:
key management end 1 generates finite field F N The above polynomial H (x) is H (ID) A ||hid,N)+c 1 x+…+c t-1 x t-1 The key management end i generates a finite field F N Polynomial g of random number i (x)=α i +b i1 x+…+b i,t-1 x t-1 Calculate h (x) j ) And g i (x j ),1≤i≤T,1≤j≤T;
Wherein the hid represents a private key generating function identifier, the H is a cryptographic function derived from a hash function, and the image set is [1, N-1 ]]Said ID A Using end identification for the key, wherein N is prime number, c 1 ……c t-1 A random number generated by the key management terminal, and (t, n) a threshold key management terminal, i is more than or equal to 1 and less than or equal to n, j is more than or equal to 1 and less than or equal to n, wherein alpha is i ,b i1 ……b i,t-1 The random number generated for the key management terminal; said g is i (x j ) The opposite-end polynomial result transmitted for the other key management ends;
mixing the h (x) j ) And g i (x j ) Sending to a key management terminal j;
key management side i calculates D i =d i +h(x i ) Calculate e i =∑ 1≤j≤T g j (x i ) Calculating delta i =D i e i Will delta i Sending the key to another T-1 party key management end;
wherein, the T represents the joint calculation of the T parties, and the d i =∑ 1≤j≤n f j (x i ) Wherein said f j (x i )=ks j +a j1 x i +…+a j,t-1 x i t-1 The target polynomial results corresponding to other key management ends; ks is as described j ∈[1,N-1]A system master private key; a is a j1 ……a j,t-1 The random number generated for the key management terminal;
the key management terminal i calculates T i =[(∑ 1≤j≤T l i δ i ) -1 l i e i d i ]P 2 Will T i Sending the data to a user, wherein i is more than or equal to 1 and less than or equal to T;
wherein, the
Figure FDA0003663886960000021
Said P is 2 Is G 2 The generator of (A), the G 2 Is an N-order cyclic group.
2. The SM9 key thresholding generation method of claim 1, wherein d is calculated i Thereafter, the method further comprises:
will d is i And storing the data to the local.
3. The SM9 key thresholding generation method of claim 1, wherein the key segment is a random number within a preset value interval.
4. The SM9 key thresholding generation method of claim 1, wherein the result key includes a result private key.
5. An SM9 key thresholding generation apparatus, applied to a key management end, includes:
a polynomial generation module for generating a random polynomial based on the key fragment and a threshold value; the constant term of the random polynomial is the key fragment, the highest power of the random polynomial is a value obtained by subtracting one from the threshold value, the coefficient of the random polynomial is a random number, and the threshold value is smaller than the total amount of the key management terminal;
the polynomial result calculation module is used for generating a local polynomial result corresponding to the local and a target polynomial result corresponding to other key management terminals based on the random polynomial;
a polynomial result processing module, configured to issue the target polynomial result to the corresponding other key management end, and receive an opposite-end polynomial result transmitted by the other key management end;
a generation parameter operation module, configured to calculate a key generation parameter according to the local polynomial result and the opposite-end polynomial result;
a sending and generating module, configured to send the key generation parameters to a key using end, so that the key using end receives the key generation parameters sent by each key management end, and generates a result key that meets an SM9 standard based on the key generation parameters whose numbers are consistent with the number of the threshold values;
wherein the calculating key generation parameters according to the local polynomial result and the opposite-end polynomial result comprises:
key management end 1 generates finite field F N The polynomial H (x) H (ID) A ||hid,N)+c 1 x+…+c t-1 x t-1 The key management end i generates a finite field F N Polynomial g of random number i (x)=α i +b i1 x j +…+b i,t-1 x t-1 Calculate h (x) j ) And g i (x j ),1≤i≤T,1≤j≤T;
Wherein the hid represents a private key generating function identifier, the H is a cryptographic function derived from a hash function, and the image set is [1, N-1 ]]Said ID A For the key using end identification, N is prime number, c 1 ……c t-1 A random number generated by the key management terminal, and (t, n) a threshold key management terminal, i is more than or equal to 1 and less than or equal to n, j is more than or equal to 1 and less than or equal to n, wherein alpha is i ,b i1 ……b i,t-1 The random number generated for the key management terminal; said g is i (x j ) The opposite-end polynomial result transmitted for the other key management ends;
mixing the h (x) j ) And g i (x j ) Sending the key information to a key management end j;
key management side i calculates D i =d i +h(x i ) Calculating e i =∑ 1≤j≤T g j (x i ) Calculating delta i =D i e i Will delta i Sending the key to another T-1 party key management end;
wherein, the T represents the joint calculation of the T parties, and the d i =∑ 1≤j≤n f j (x i ) Said f j (x i )=ks j +a j1 x i +...+a j,t-1 x i t-1 The target polynomial results corresponding to other key management ends; ks is as described i ∈[1,N-1]A system master private key; a is a i1 ……a i,t-1 The random number generated for the key management terminal;
the key management terminal i calculates T i =[(∑ 1≤j≤T l i δ i ) -1 l i e i d i ]P 2 Will T i Sending the data to a user, wherein i is more than or equal to 1 and less than or equal to T;
wherein, the
Figure FDA0003663886960000031
The P is 2 Is G 2 The generator of (A), the G 2 Is an N-order cyclic group.
6. The SM9 key thresholding generating device of claim 5, wherein d is calculated i Afterwards, the device further comprises:
a storage module for storing d i And storing the data to the local.
7. A key management side device, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the SM9 key thresholding generation method of any of claims 1 to 4 when executing said computer program.
8. A computer-readable storage medium, having stored thereon a computer program which, when executed by a processor, carries out the steps of the SM9 key thresholding generation method of any of claims 1-4.
CN202110326127.2A 2021-03-26 2021-03-26 SM9 key thresholding generation method, device, equipment and storage medium Active CN112926074B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110326127.2A CN112926074B (en) 2021-03-26 2021-03-26 SM9 key thresholding generation method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110326127.2A CN112926074B (en) 2021-03-26 2021-03-26 SM9 key thresholding generation method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN112926074A CN112926074A (en) 2021-06-08
CN112926074B true CN112926074B (en) 2022-08-23

Family

ID=76176168

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110326127.2A Active CN112926074B (en) 2021-03-26 2021-03-26 SM9 key thresholding generation method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112926074B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113965325B (en) * 2021-10-20 2023-07-25 成都卫士通信息产业股份有限公司 Data transmission authentication method and device, electronic equipment and computer storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6901145B1 (en) * 1999-04-08 2005-05-31 Lucent Technologies Inc. Generation of repeatable cryptographic key based on varying parameters
WO2008141992A1 (en) * 2007-05-23 2008-11-27 Siemens Aktiengesellschaft Method and apparatus for encrypting and decrypting software
CN102684885A (en) * 2012-05-25 2012-09-19 孙华 Identity-based threshold ring signature method
CN106027240A (en) * 2016-07-01 2016-10-12 南京邮电大学 Key isolation signing method based on attribute
CN109190384A (en) * 2018-07-26 2019-01-11 百色学院 A kind of multicenter block chain fuse protection system and method
CN109962769A (en) * 2019-05-09 2019-07-02 长春理工大学 Data safety De-weight method based on threshold blind signature
WO2020065633A1 (en) * 2018-09-30 2020-04-02 Vechain Global Technology S.A.R.L Method, user device, management device, storage medium and computer program product for key management
CN111106936A (en) * 2019-11-27 2020-05-05 国家电网有限公司 SM 9-based attribute encryption method and system

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7359507B2 (en) * 2000-03-10 2008-04-15 Rsa Security Inc. Server-assisted regeneration of a strong secret from a weak secret
US8050409B2 (en) * 2004-04-02 2011-11-01 University Of Cincinnati Threshold and identity-based key management and authentication for wireless ad hoc networks
JP5582143B2 (en) * 2009-06-19 2014-09-03 日本電気株式会社 Secret information distribution system, secret information distribution method and program
CN106060231A (en) * 2016-04-27 2016-10-26 努比亚技术有限公司 Information processing method and information processing device
JP6300286B1 (en) * 2016-12-27 2018-03-28 株式会社ZenmuTech Access management system, access management method and program
US11552797B2 (en) * 2017-10-30 2023-01-10 Visa International Service Association Multi-party threshold authenticated encryption
US11113408B2 (en) * 2018-08-20 2021-09-07 Hewlett Packard Enterprise Development Lp Providing a secure object store using a hierarchical key system
US12081972B2 (en) * 2019-01-18 2024-09-03 Qualcomm Incorporated Protection of sequence numbers in authentication and key agreement protocol
CN110166239B (en) * 2019-06-04 2023-01-06 成都卫士通信息产业股份有限公司 User private key generation method and system, readable storage medium and electronic device
CN112003696B (en) * 2020-08-25 2023-03-31 成都卫士通信息产业股份有限公司 SM9 key generation method, system, electronic equipment, device and storage medium
CN112118111B (en) * 2020-09-04 2023-10-13 中国科学院大学 SM2 digital signature method suitable for threshold calculation
CN112019335B (en) * 2020-09-18 2023-12-29 上海市数字证书认证中心有限公司 SM2 algorithm-based multiparty collaborative encryption and decryption method, device, system and medium

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6901145B1 (en) * 1999-04-08 2005-05-31 Lucent Technologies Inc. Generation of repeatable cryptographic key based on varying parameters
WO2008141992A1 (en) * 2007-05-23 2008-11-27 Siemens Aktiengesellschaft Method and apparatus for encrypting and decrypting software
CN102684885A (en) * 2012-05-25 2012-09-19 孙华 Identity-based threshold ring signature method
CN106027240A (en) * 2016-07-01 2016-10-12 南京邮电大学 Key isolation signing method based on attribute
CN109190384A (en) * 2018-07-26 2019-01-11 百色学院 A kind of multicenter block chain fuse protection system and method
WO2020065633A1 (en) * 2018-09-30 2020-04-02 Vechain Global Technology S.A.R.L Method, user device, management device, storage medium and computer program product for key management
CN109962769A (en) * 2019-05-09 2019-07-02 长春理工大学 Data safety De-weight method based on threshold blind signature
CN111106936A (en) * 2019-11-27 2020-05-05 国家电网有限公司 SM 9-based attribute encryption method and system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
两种分布式SM2/9算法应用;王现方等;《密码学报》;20201231;第7卷(第6期);第826-838页 *
门限技术在组播密钥管理中的应用;周永恒等;《信息安全与通信保密》;20100710(第07期);第94-96+100页 *

Also Published As

Publication number Publication date
CN112926074A (en) 2021-06-08

Similar Documents

Publication Publication Date Title
CN112906038B (en) Thresholding processing method, device and equipment based on SM9 key and storage medium
CN109450640B (en) SM 2-based two-party signature method and system
CN112926075B (en) SM9 key generation method, device, equipment and storage medium
JP2020509695A (en) Key agreement protocol based on homogenous elliptic curve
CN112003696B (en) SM9 key generation method, system, electronic equipment, device and storage medium
CN109743166B (en) Multiparty signature generation method and security information verification system
CN108833095B (en) Behavior verification method, node, system and electronic equipment in block chain
CN103973439B (en) A kind of multi-variable public key ciphering method
Sengupta et al. Message mapping and reverse mapping in elliptic curve cryptosystem
CN114070556B (en) Threshold ring signature method and device, electronic equipment and readable storage medium
Rawat et al. Tree and elliptic curve based efficient and secure group key agreement protocol
Iwamoto et al. Security notions for information theoretically secure encryptions
CN112100144A (en) Block chain file sharing method and device, storage medium and electronic equipment
CN112926074B (en) SM9 key thresholding generation method, device, equipment and storage medium
Bai et al. NttpFL: Privacy-preserving oriented no trusted third party federated learning system based on blockchain
CN114257366A (en) Information homomorphic processing method, device, equipment and computer readable storage medium
Chande et al. An improvement of a elliptic curve digital signature algorithm
CN112769563A (en) Operating terminal agent authorization method and device based on multi-party calculation
CN112398646A (en) Identity-based encryption method and system with short public parameters on ideal lattice
CN117040764A (en) Secret key share updating method, computer equipment and storage medium
US20110176677A1 (en) Multi-party variance multiplication device, multi-party variance multiplication system and method
Doshi An enhanced approach for CP-ABE with proxy re-encryption in IoT paradigm
Vambol The prospects for group-based knapsack ciphers in the post-quantum era
CN112019335B (en) SM2 algorithm-based multiparty collaborative encryption and decryption method, device, system and medium
Lizama-Perez Non-invertible key exchange protocol

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: No. 333, Yunhua Road, high tech Zone, Chengdu, Sichuan 610041

Patentee after: China Electronics Technology Network Security Technology Co.,Ltd.

Address before: No. 333, Yunhua Road, high tech Zone, Chengdu, Sichuan 610041

Patentee before: CHENGDU WESTONE INFORMATION INDUSTRY Inc.