CN112926075B - SM9 key generation method, device, equipment and storage medium - Google Patents

SM9 key generation method, device, equipment and storage medium Download PDF

Info

Publication number
CN112926075B
CN112926075B CN202110326135.7A CN202110326135A CN112926075B CN 112926075 B CN112926075 B CN 112926075B CN 202110326135 A CN202110326135 A CN 202110326135A CN 112926075 B CN112926075 B CN 112926075B
Authority
CN
China
Prior art keywords
key
management
process data
fragment
matrix
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110326135.7A
Other languages
Chinese (zh)
Other versions
CN112926075A (en
Inventor
王现方
涂彬彬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Electronics Technology Network Security Technology Co ltd
Original Assignee
Chengdu Westone Information Industry Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Westone Information Industry Inc filed Critical Chengdu Westone Information Industry Inc
Priority to CN202110326135.7A priority Critical patent/CN112926075B/en
Publication of CN112926075A publication Critical patent/CN112926075A/en
Application granted granted Critical
Publication of CN112926075B publication Critical patent/CN112926075B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Abstract

The disclosure discloses an SM9 key generation method, device, equipment and storage medium. The method is applied to a key using end and comprises the following steps: obtaining key fragment generation parameters; calculating a using end key fragment according to the key fragment generation parameters; acquiring a management terminal key fragment generated by a key management terminal; a resulting key satisfying the SM9 criteria is generated based on the use side key fragment and the management side key fragment. The result key used by the key using end is generated by the key fragments of the key using end and the key management end, so the key management end can not recover the key of the key using end only through the key fragment of the management end, and the method relatively ensures the safety of the result key used by the key using end. In addition, the disclosure also provides an SM9 key generation device, an apparatus and a storage medium, and the beneficial effects are the same as described above.

Description

SM9 key generation method, device, equipment and storage medium
Technical Field
The present disclosure relates to the field of cryptography, and in particular, to an SM9 key generation method, apparatus, device, and storage medium.
Background
The design idea of modern cryptography generally attributes the security of data to the key used for encrypting the data, and cryptographic algorithms are often open, so how to generate the key safely and effectively is a key concern in the field of data security at present.
In the process of generating the key based on the cryptographic algorithm by the current cryptographic SM9, the key used by the key using end is usually generated and distributed by the key managing end, and therefore, the key using end cannot participate in the key generating process, and therefore, the key generation cannot be autonomously restricted, and it is difficult to ensure the security of the key. In the existing solutions, a key is often generated in a manner of combining two or more key management ends, but such solutions still may have a problem of generating a key through collusion between the key management ends, that is, a plurality of key management ends can recover a user's key through collusion, and it is still difficult to ensure the security of the key.
It can be seen that providing an SM9 key generation method to ensure the security of the generated keys is a problem that needs to be solved by those skilled in the art.
Disclosure of Invention
An object of the present disclosure is to provide an SM9 key generation method, apparatus, device, and storage medium to ensure security of a generated key.
In order to solve the above technical problem, the present disclosure provides an SM9 key generation method, applied to a key using end, including:
obtaining key fragment generation parameters;
calculating a using end key fragment according to the key fragment generation parameters;
acquiring a management terminal key fragment generated by a key management terminal;
a resulting key satisfying the SM9 criteria is generated based on the use side key fragment and the management side key fragment.
Preferably, obtaining the key fragment generation parameter includes:
acquiring a private key of a user side and a random number of the user side;
correspondingly, the method for calculating the using end key fragment according to the key fragment generation parameters comprises the following steps:
based on an accidental transmission protocol, using a private key of a user side and a random number of the user side to jointly generate process data of the user side, and transmitting the process data to a key management side;
acquiring management end process data which is transmitted by a key management end and generated based on a management end private key and a management end random number;
generating a using end key fragment based on using end process data, management end process data and using end random numbers;
correspondingly, acquiring the management terminal key fragment generated by the key management terminal comprises the following steps:
sending the key fragment of the user end to a key management end;
and acquiring a management terminal key fragment generated by the key management terminal based on the using terminal key fragment, the using terminal process data, the management terminal process data and the management terminal random number.
Preferably, based on the oblivious transmission protocol, the process data of the user terminal is generated by using the private key of the user terminal and the random number of the user terminal together and transmitted to the key management terminal, which comprises:
randomly generating a first matrix;
generating a second matrix based on the first matrix, the private key of the using end and the random number of the using end;
taking the column vectors of the first matrix and the second matrix as input data of an accidental transmission protocol to obtain process data of a using end;
and transmitting the process data of the user end to the key management end.
Preferably, before randomly generating the first matrix, the method further comprises:
respectively converting a private key of a user end and a random number of the user end into binary forms;
accordingly, the first matrix comprises a first bit matrix and the second matrix comprises a second bit matrix.
Preferably, generating the result key satisfying the SM9 standard based on the using side key fragment and the managing side key fragment includes:
a resulting private key satisfying the SM9 standard is generated based on the use side key fragment and the management side key fragment.
In addition, the present disclosure also provides an SM9 key generation apparatus, applied to a key using end, including:
the parameter acquisition module is used for acquiring key fragment generation parameters;
the first segment acquisition module is used for calculating a using end key segment according to the key segment generation parameters;
the second fragment acquisition module is used for acquiring a management terminal key fragment generated by a key management terminal;
and the key generation module is used for generating a result key meeting the SM9 standard based on the using side key segment and the management side key segment.
Preferably, the parameter obtaining module includes:
the parameter acquisition submodule is used for acquiring a private key of a user terminal and a random number of the user terminal;
accordingly, a first segment acquisition module, comprising:
the protocol transmission module is used for generating process data of the using end by using a private key of the using end and a random number of the using end based on an accidental transmission protocol and transmitting the process data to the key management end;
the process data acquisition module is used for acquiring management end process data which is transmitted by the key management end and generated based on a management end private key and a management end random number;
the using end segment generating module is used for generating using end key segments based on the using end process data, the management end process data and the using end random numbers;
correspondingly, the second segment obtaining module includes:
the using end fragment sending module is used for sending the using end key fragment to the key management end;
and the management end fragment acquisition module is used for acquiring a management end key fragment generated by the key management end based on the using end key fragment, the using end process data, the management end process data and the management end random number.
Preferably, the protocol transmission module includes:
the first matrix generation module is used for randomly generating a first matrix;
the second matrix generation module is used for generating a second matrix based on the first matrix, the private key of the using end and the random number of the using end;
the matrix processing module is used for taking the column vectors of the first matrix and the second matrix as input data of an inadvertent transmission protocol to obtain process data of a using end;
and the process data transmission module is used for transmitting the process data of the user end to the key management end.
In addition, the present disclosure also provides a key using end device, including:
a memory for storing a computer program;
a processor for implementing the steps of the SM9 key generation method as described above when executing the computer program.
Furthermore, the present disclosure also provides a computer-readable storage medium having stored thereon a computer program, which when executed by a processor implements the steps of the key generation method as described above.
The SM9 key generation method provided by the disclosure is applied to a key using end, firstly, key segment generation parameters are obtained, a key segment of the using end is calculated according to the key segment generation parameters, then, a key segment of a management end generated by a key management end is obtained, and a result key meeting SM9 standards is generated based on the key segment of the using end and the key segment of the management end. The result key used by the key using end is generated by the key fragments of the key using end and the key management end, so that the key management end can not recover the key of the key using end only through the key fragment of the management end, and the safety of the result key used by the key using end is relatively ensured. In addition, the disclosure also provides an SM9 key generation device, an apparatus and a storage medium, and the beneficial effects are the same as above.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure, the drawings needed for the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present disclosure, and that other drawings can be obtained by those skilled in the art without inventive effort.
Fig. 1 is a flowchart of an SM9 key generation method disclosed in an embodiment of the present disclosure;
fig. 2 is a schematic structural diagram of an SM9 key generation apparatus disclosed in the embodiment of the present disclosure;
fig. 3 is a block diagram of a key consumer disclosed in an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present disclosure without any creative effort belong to the protection scope of the present disclosure.
In the process of generating the key based on the cryptographic algorithm by the current cryptographic SM9, the key used by the key using end is usually generated and distributed by the key managing end, and therefore, the key using end cannot participate in the key generating process, and therefore, the key generation cannot be autonomously restricted, and it is difficult to ensure the security of the key. In the existing solutions, a key is often generated in a manner of combining two or more key management ends, but such solutions still may have a problem of generating a key through collusion between the key management ends, that is, a plurality of key management ends can recover a user's key through collusion, and it is still difficult to ensure the security of the key.
To this end, the core of the present disclosure is to provide an SM9 key generation method to ensure the security of the generated key.
The present disclosure is described in further detail below with reference to the accompanying drawings and detailed description, in order to enable those skilled in the art to better understand the disclosure.
Referring to fig. 1, an embodiment of the present disclosure discloses an SM9 key generation method, applied to a key using end, including:
step S10: and acquiring key fragment generation parameters.
It should be noted that the key fragment generation parameters obtained in this step refer to parameters required for generating a key fragment corresponding to a key using end in a subsequent step, that is, a key fragment at the using end, and the key fragment generation parameters include, but are not limited to, a cyclic group, a generator parameter, a random number, and the like.
Step S11: and calculating the using end key fragment according to the key fragment generation parameters.
After the key fragment generation parameters are obtained, the user-side key fragment is further calculated according to the key fragment generation parameters, and the user-side key fragment is used for further generating a result key according to the user-side key fragment and the management-side key fragment transmitted by the key management side in the subsequent steps.
Step S12: and acquiring a management terminal key fragment generated by a key management terminal.
In the step, the generated management terminal key fragment is obtained in the key management terminal and is used for generating a result key based on the using terminal key fragment and the management terminal key fragment in the subsequent steps. The number of the key management terminals may be 1 or more, and is determined according to the actual situation, and is not specifically limited herein.
Step S13: and generating a result key meeting the SM9 standard based on the using side key segment and the management side key segment.
It should be noted that SM9 (quotient password No. 9 algorithm) is an identification password standard, and in a commercial password system, SM9 is applicable to security guarantee of various emerging applications of internet applications. Such as password service based on cloud technology, e-mail security, intelligent terminal protection, internet of things security, cloud storage security, and the like. The embodiment further improves the security of generating the key based on the SM standard.
After the key segment at the using end is obtained through calculation according to the key segment generation parameters and the key segment at the management end generated by the key management end is obtained, the key segment at the using end and the key segment at the management end are further used for generating a result key meeting the SM9 standard, so that the purpose that the result key is generated by the key management end and the key using end together is achieved.
The SM9 key generation method provided by the disclosure is applied to a key using end, firstly, key segment generation parameters are obtained, a key segment of the using end is calculated according to the key segment generation parameters, then, a key segment of a management end generated by a key management end is obtained, and a result key meeting SM9 standards is generated based on the key segment of the using end and the key segment of the management end. The result key used by the key using end is generated by the key fragments of the key using end and the key management end, so that the key management end can not recover the key of the key using end only through the key fragment of the management end, and the safety of the result key used by the key using end is relatively ensured.
On the basis of the foregoing embodiment, as a preferred implementation, generating a result key that satisfies the SM9 standard based on the use side key fragment and the management side key fragment includes:
a resulting private key satisfying the SM9 standard is generated based on the use side key fragment and the management side key fragment.
It should be noted that the key usage end generates a result key meeting the SM9 standard, specifically, a private key of the key usage end, that is, a result private key, based on the key fragment of the usage end and the key fragment of the management end, where the result private key is a key used by the key usage end to decrypt or sign data, and on this basis, a public key corresponding to the result private key should exist, and the user decrypts the data encrypted by the result private key or verifies the data signed by the result private key. The embodiment further improves the reliability of the mechanism for encrypting and signing based on the sub-symmetric key.
On the basis of the foregoing embodiment, as a preferred implementation manner, obtaining the key fragment generation parameter includes:
acquiring a private key of a user side and a random number of the user side;
correspondingly, the method for calculating the using end key fragment according to the key fragment generation parameters comprises the following steps:
based on an accidental transmission protocol, using a private key of a user terminal and a random number of the user terminal to jointly generate process data of the user terminal, and transmitting the process data to a key management terminal;
acquiring management end process data which is transmitted by a key management end and generated based on a management end private key and a management end random number;
generating a using end key fragment based on using end process data, management end process data and using end random numbers;
correspondingly, acquiring the management terminal key fragment generated by the key management terminal comprises the following steps:
sending the key fragment of the user end to a key management end;
and acquiring a management terminal key fragment generated by the key management terminal based on the using terminal key fragment, the using terminal process data, the management terminal process data and the management terminal random number.
In this embodiment, the key fragment generation parameters acquired by the key using end are specifically a private key of the using end and a random number of the using end. The private key of the user side can be a private key generated by the key user side based on a specific logic in advance, and can uniquely characterize the identity of the key user side.
When the user-side key fragment is calculated according to the key fragment generation parameters, specifically, based on an accidental transmission protocol, user-side process data is generated by using a user-side private key and a user-side random number together and transmitted to the key management side, so that management-side process data which is transmitted by the key management side and generated based on the management-side private key and the management-side random number is further obtained, and the user-side key fragment is generated based on the user-side process data, the management-side process data and the user-side random number. The inadvertent transmission protocol is a two-party communication protocol capable of protecting privacy, and enables two communication parties to transmit messages in a selective fuzzification mode. Inadvertent transmission protocol is a basic protocol of cryptography that allows the recipient of a service to obtain certain messages entered by the sender of the service in an inadvertent manner, thus protecting the privacy of the recipient from the sender's knowledge. That is to say, in the present embodiment, the key user performs hidden transmission on the private key of the key user by using the random number of the key user based on the careless transmission protocol, so as to ensure that the key management user cannot learn the private key of the key user. In addition, the management-side process data is generated by the key management side based on the management-side private key and the management-side random number, and the meaning of generating the management-side process data is to hide the management-side private key based on the management-side random number, wherein the management-side private key can be a private key generated by the key management side based on specific logic in advance.
Furthermore, when acquiring the management-side key fragment generated by the key management side, the embodiment specifically sends the user-side key fragment to the key management side, and then acquires the management-side key fragment generated by the key management side based on the user-side key fragment, the user-side process data, the management-side process data, and the management-side random number.
The implementation manner is essentially that on the premise that the private key of the key using end cannot obtain the private key of the management end of the key management end, and the private key of the key using end cannot be obtained by the key management end, the key using end and the key management end commonly operate on the basis of the key fragment of the using end derived from the private key of the using end and the key fragment of the management end derived from the private key of the management end to obtain the result key. The reliability of the process of generating the resulting key is further improved.
On the basis of the above embodiment, as a preferred embodiment, based on an inadvertent transmission protocol, generating and transmitting using-side process data by using a using-side private key and a using-side random number together to a key management side includes:
randomly generating a first matrix;
generating a second matrix based on the first matrix, the private key of the using end and the random number of the using end;
taking the column vectors of the first matrix and the second matrix as input data of an accidental transmission protocol to obtain process data of a using end;
and transmitting the process data of the user end to the key management end.
It should be noted that the key point of the present embodiment is that, in the process of jointly generating the using-side process data by using the using-side private key and the using-side random number based on the oblivious transmission protocol and transmitting the using-side process data to the key management side, first, a first matrix is generated in a random manner, that is, the value of each element in the first matrix is a random value, and on this basis, a second matrix is further generated based on the first matrix, the using-side private key and the using-side random number, so as to further establish the association relationship among the first matrix, the using-side private key and the using-side random number through the second matrix.
On the basis of the foregoing embodiment, as a preferred embodiment, before randomly generating the first matrix, the method further includes:
respectively converting a private key of a user end and a random number of the user end into a binary form;
accordingly, the first matrix comprises a first bit matrix and the second matrix comprises a second bit matrix.
It should be noted that, in this embodiment, before the first matrix is randomly generated, the user-side private key and the user-side random number are respectively converted into binary forms, a first bit matrix whose elements are random binary numbers is further generated, a second bit matrix is further generated based on the first bit matrix, the user-side private key and the user-side random number, column vectors of the first bit matrix and the second bit matrix are used as input data of an accidental transmission protocol to obtain user-side process data, and finally the user-side process data is transmitted to the key management side. In the present embodiment, the first matrix is a first bit matrix composed of binary number elements, and the second matrix is a second bit matrix composed of binary number elements, so that it is possible to ensure that the column vectors of the first bit matrix and the second bit matrix are used as input data of an inadvertent transmission protocol, and the overall operation efficiency and operation result reliability of the process data process of the user terminal are obtained. Thereby ensuring the reliability of the resulting key generated.
In order to further improve understanding of some of the above embodiments, the present disclosure further provides a scenario embodiment in a specific application scenario for further explanation.
The technical scheme has the idea that the generation of the private key of the key using end is generated by the joint calculation of the key using end and the key management end, and the finally generated private key is only mastered by the key using end through interactive communication and meets the standard format of the SM9 private key.
In the SM9 standard, the generation of the key using end private key is as follows: g1 and G2 are both N-order cyclic groups, and N is a prime number; p1 and P2 are generators of G1 and G2, respectively. The key management end generates a random number ks E [1, N-1 ∈ ]]As the system master private key, P pub =[ks]P 2 As the master public key. hid represents a private key generating function identifier, H is a cryptographic function derived from a hash function, and the image set is [1, N-1 ]]Let the ID be the ID of the key user end A The key management side calculates t 1 =H(ID A ||hid,N)+ks,t 2 =ks t 1 -1 mod N, the private key at the key using end is ds A =[t 2 ]P 1
Order to
Figure BDA0002994733850000091
Representing a modulo-2 addition of bits in a bit vector. In the process of jointly generating the private key by the key using end and the key management end, the private key of the key using end is assumed to be ks 1 ∈[1,N-1]The main private key of the key management end is ks 2 ∈[1,N-1]The specific process is as follows:
1. key user ID A Generating a random number R 1 ∈[1,N-1]The key management end generates a random number R 2 ∈[1,N-1];
2. Key management end generates random number a i ,b i ∈[1,N-1]I is more than or equal to 0 and less than or equal to 255, let
Figure BDA0002994733850000092
Order to
Figure BDA0002994733850000093
3. Ks of key user 1 Is denoted as alpha 0 α 1 ...α 255 ,R 1 Is denoted as beta 0 β 1 ...β 255 (ii) a Let r = (r) 1 ,r 2 ,......r 512 )=(α 0 α 1 ...α 255 β 0 β 1 ...β 255 );
4. The key using end generates two bit matrixes T 512×k =(t ij ),U 512×k =(u ij ) Let us order
Figure BDA0002994733850000094
Respectively, the ith row of the matrix is represented,
Figure BDA0002994733850000095
representing the jth column of the matrix. These two matricesHas the following properties if r i If not =0, then
Figure BDA0002994733850000096
Figure BDA0002994733850000097
If r i =1, then
Figure BDA0002994733850000098
Wherein 1 is k Representing a full 1 column vector of k length. k is a positive integer, and is related to the safety level, and the selectable range is 128-256.
5. The key using end will
Figure BDA0002994733850000099
As message inputs for k oblivious transport protocols; a key management end generates a k-length random bit vector s, and the s is used as the selection input of an accidental transmission protocol; finally, the key management end obtains a matrix Q = (Q) ij ) In this case, Q has the following properties: if r is i If not =0, then there is
Figure BDA0002994733850000101
If r i If not 1, then
Figure BDA0002994733850000102
The k protocols can be performed in parallel;
6. the key management end is to
Figure BDA0002994733850000103
Sending the key to a key using end, wherein i is more than or equal to 0 and less than or equal to 511;
7. key consumer computation H (q) i ) If r is i Calculating if 0
Figure BDA0002994733850000104
If r i =1 then calculate
Figure BDA0002994733850000105
The final effect is thus: key using end from
Figure BDA0002994733850000106
In selection
Figure BDA0002994733850000107
From
Figure BDA0002994733850000108
In selection
Figure BDA0002994733850000109
Key using end note
Figure BDA00029947338500001010
Figure BDA00029947338500001011
Key management terminal note
Figure BDA00029947338500001012
In fact, x 1 +x 2 =ks 1 R 2 ,y 1 +y 2 =(ks 2 +H(ID A ||hid,N))R 1
8. Key using end delta 1 =ks 1 R 1 +x 1 +y 1 Sending the data to a key management end, and sending delta to the key management end 2 =(ks 2 +H(ID A ||hid,N))R 2 +x 2 +y 2 Sending the key to a key using end;
9. calculation of T at key user end 1 =(δ 12 ) -1 R 1 Will [ T ] 1 ]P 2 Sending the key information to a key management end;
10. key management side calculates T 2 =(δ 12 ) -1 R 2 Will [ T ] 2 ]P 2 And ks 2 ([T 1 ]P 2 +[T 2 ]P 2 ) Sending to the key user
11. Key usage side calculation ds A =ks 1 ([T 1 ]P 2 +[T 2 ]P 2 )+ks 2 ([T 1 ]P 2 +[T 2 ]P 2 ) The final calculated private key of the key using end after the process is used as the private key is as follows:
ds A =ks 1 ([T 1 ]P 2 +[T 2 ]P 2 )+ks 2 ([T 1 ]P 2 +[T 2 ]P 2 )=[(ks 1 +ks 2 )(ks 1 +ks 2 +H(ID A ||hid,N)) -1 ]P 2
this is consistent with the private key format of SM9, and the public key corresponding to the private key of the key user is P pub =[ks 1 ]P 1 +[ks 2 ]P 2
Referring to fig. 2, an embodiment of the present disclosure provides an SM9 key generation apparatus 200, applied to a key using end, including:
a parameter obtaining module 210, configured to obtain a key fragment generation parameter;
a first segment obtaining module 220, configured to calculate a user-side key segment according to the key segment generation parameter;
a second fragment obtaining module 230, configured to obtain a management-side key fragment generated by a key management side;
a key generating module 240, configured to generate a result key that meets the SM9 standard based on the using-side key segment and the managing-side key segment.
As a preferred embodiment, the parameter obtaining module 210 includes:
the parameter acquisition submodule is used for acquiring a private key of a user terminal and a random number of the user terminal;
accordingly, the first segment obtaining module 220 includes:
the protocol transmission module is used for generating process data of the using end by using a private key of the using end and a random number of the using end based on an accidental transmission protocol and transmitting the process data to the key management end;
the process data acquisition module is used for acquiring management end process data which is transmitted by the key management end and generated based on a management end private key and a management end random number;
the using end segment generating module is used for generating using end key segments based on the using end process data, the management end process data and the using end random numbers;
accordingly, the second segment obtaining module 230 includes:
the using end fragment sending module is used for sending the using end key fragment to the key management end;
and the management terminal fragment acquisition module is used for acquiring a management terminal key fragment generated by the key management terminal based on the using terminal key fragment, the using terminal process data, the management terminal process data and the management terminal random number.
As a preferred embodiment, the protocol transmission module includes:
the first matrix generation module is used for randomly generating a first matrix;
the second matrix generation module is used for generating a second matrix based on the first matrix, the private key of the using end and the random number of the using end;
the matrix processing module is used for taking the column vectors of the first matrix and the second matrix as input data of an inadvertent transmission protocol to obtain process data of a using end;
and the process data transmission module is used for transmitting the process data of the user end to the key management end.
The SM9 key generation device provided by the disclosure is applied to a key using end, firstly, key segment generation parameters are obtained, a key segment of the using end is calculated according to the key segment generation parameters, then, a key segment of a management end generated by a key management end is obtained, and a result key meeting SM9 standards is generated based on the key segment of the using end and the key segment of the management end. The result key used by the key using end is generated by the key fragments of the key using end and the key management end, so that the key management end can not recover the key of the key using end only through the key fragment of the management end, and the safety of the result key used by the key using end is relatively ensured.
Fig. 3 is a block diagram illustrating a key consumer 300 according to an example embodiment. As shown in fig. 3, the key consumer 300 may include: a processor 301 and a memory 302. The key consumer 300 may further comprise one or more of a multimedia component 303, an input/output (I/O) interface 304, and a communication component 305.
The processor 301 is configured to control the overall operation of the key client 300, so as to complete all or part of the steps in the SM9 key generation method. The memory 302 is used to store various types of data to support the operation of the key consumer 300, such data may include, for example, instructions for any application or method operating on the key consumer 300, as well as application-related data, such as contact data, messaging, pictures, audio, video, and so forth. The Memory 302 may be implemented by any type of volatile or non-volatile Memory device or combination thereof, such as Static Random Access Memory (SRAM), electrically Erasable Programmable Read-Only Memory (EEPROM), erasable Programmable Read-Only Memory (EPROM), programmable Read-Only Memory (PROM), read-Only Memory (ROM), magnetic Memory, flash Memory, magnetic disk or optical disk. The multimedia components 303 may include a screen and an audio component. Wherein the screen may be, for example, a touch screen and the audio component is used for outputting and/or inputting audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signal may further be stored in the memory 302 or transmitted through the communication component 305. The audio assembly also includes at least one speaker for outputting audio signals. The I/O interface 304 provides an interface between the processor 301 and other interface modules, such as a keyboard, mouse, buttons, and the like. These buttons may be virtual buttons or physical buttons. The communication component 305 is used for wired or wireless communication between the key consumer 300 and other devices. Wireless Communication, such as Wi-Fi, bluetooth, near Field Communication (NFC), 2G, 3G or 4G, or a combination of one or more of them, so that the corresponding Communication component 305 may include: wi-Fi module, bluetooth module, NFC module.
In an exemplary embodiment, the key usage Device 300 may be implemented by one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital Signal Processing Devices (DSPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), controllers, microcontrollers, microprocessors, or other electronic components, for executing the SM9 key generation method.
In another exemplary embodiment, there is also provided a computer readable storage medium including program instructions which, when executed by a processor, implement the steps of the SM9 key generation method described above. For example, the computer readable storage medium may be the above-mentioned memory 302 including program instructions executable by the processor 301 of the key client device 300 to perform the above-mentioned SM9 key generation method.
Furthermore, the present disclosure also provides a computer-readable storage medium having stored thereon a computer program, which when executed by a processor implements the steps of the key generation method as described above.
The computer-readable storage medium provided by the disclosure is applied to a key using end, and first obtains a key fragment generation parameter, calculates a key fragment of the using end according to the key fragment generation parameter, further obtains a key fragment of a management end generated by a key management end, and generates a result key meeting the SM9 standard based on the key fragment of the using end and the key fragment of the management end. Because the result key used by the key using end is generated by the respective key segments of the key using end and the key management end, the key management end can not recover the key of the key using end only through the key segment of the management end, and the safety of the result key used by the key using end is relatively ensured.
The SM9 key generation method, apparatus, device and storage medium provided by the present disclosure are described in detail above. The embodiments are described in a progressive mode in the specification, the emphasis of each embodiment is on the difference from the other embodiments, and the same and similar parts among the embodiments can be referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present disclosure without departing from the principle of the present disclosure, and such improvements and modifications also fall within the scope of the claims of the present disclosure.
It is further noted that, in the present specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising one of 8230; \8230;" 8230; "does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The preferred embodiments of the present disclosure are described in detail with reference to the accompanying drawings, however, the present disclosure is not limited to the specific details of the above embodiments, and various simple modifications may be made to the technical solution of the present disclosure within the technical idea of the present disclosure, and these simple modifications all belong to the protection scope of the present disclosure.
It should be noted that, in the foregoing embodiments, various features described in the above embodiments may be combined in any suitable manner, and in order to avoid unnecessary repetition, various combinations that are possible in the present disclosure are not described again.
In addition, any combination of various embodiments of the present disclosure may be made, and the same should be considered as the disclosure of the present disclosure, as long as it does not depart from the spirit of the present disclosure.

Claims (10)

1. An SM9 key generation method applied to a key using end comprises the following steps:
acquiring key fragment generation parameters;
calculating a using end key fragment according to the key fragment generation parameters; based on a transmission protocol, generating process data of a using end by using the key fragment generation parameters, and transmitting the process data to a key management end;
acquiring process data of the management end, which is transmitted by the key management end and generated based on key fragment generation parameters;
generating the using end key fragment based on the using end process data, the management end process data and key fragment generation parameters;
acquiring a management terminal key fragment generated by a key management terminal; sending the key fragment of the user end to the key management end;
acquiring the management terminal key fragment generated by the key management terminal based on the using terminal key fragment, the using terminal process data, the management terminal process data and the key fragment generation parameter;
and generating a result key meeting SM9 standards based on the using end key segment and the management end key segment.
2. The SM9 key generation method of claim 1, wherein obtaining key fragment generation parameters comprises:
acquiring a private key of a user end and a random number of the user end;
correspondingly, the calculating a user terminal key fragment according to the key fragment generation parameter includes:
based on an accidental transmission protocol, using the private key of the user terminal and the random number of the user terminal to jointly generate process data of the user terminal, and transmitting the process data to the key management terminal;
acquiring management end process data which is transmitted by the key management end and generated based on a management end private key and a management end random number;
generating the using-side key fragment based on the using-side process data, the management-side process data and the using-side random number;
correspondingly, the acquiring the management-side key fragment generated by the key management side includes:
sending the key fragment of the user end to the key management end;
and acquiring the management terminal key fragment generated by the key management terminal based on the using terminal key fragment, the using terminal process data, the management terminal process data and the management terminal random number.
3. The SM9 key generation method of claim 2, wherein the generating and transmitting, to the key management side, the user process data using the user private key and the user random number together based on the oblivious transmission protocol comprises:
randomly generating a first matrix;
generating a second matrix based on the first matrix, the using-side private key and the using-side random number;
taking the column vectors of the first matrix and the second matrix as input data of the protocol which is transmitted carelessly, and obtaining process data of the using end;
and transmitting the process data of the user end to the key management end.
4. The SM9 key generation method of claim 3, wherein prior to the randomly generating the first matrix, the method further comprises:
respectively converting the private key of the using end and the random number of the using end into a binary form;
correspondingly, the first matrix comprises a first bit matrix and the second matrix comprises a second bit matrix.
5. The SM9 key generation method according to any one of claims 1 to 4, wherein the generating a result key that satisfies SM9 criteria based on the using-side key segment and the managing-side key segment includes:
and generating a result private key meeting SM9 standards based on the using end key segment and the management end key segment.
6. An SM9 key generation device applied to a key using end comprises:
the parameter acquisition module is used for acquiring key fragment generation parameters;
the first segment acquisition module is used for calculating a using end key segment according to the key segment generation parameters; based on a transmission protocol, generating process data of a using end by using the key fragment generation parameters, and transmitting the process data to a key management end;
acquiring process data of a management end, which is transmitted by the key management end and generated based on key fragment generation parameters;
generating the using end key fragment based on the using end process data, the management end process data and the key fragment generation parameter;
sending the key fragment of the using end to the key management end;
acquiring the key fragment of the management end generated by the key management end based on the key fragment of the using end, the process data of the management end and the key fragment generation parameters;
the second fragment acquisition module is used for acquiring a management terminal key fragment generated by a key management terminal;
and the key generation module is used for generating a result key meeting the SM9 standard based on the using end key segment and the management end key segment.
7. The SM9 key generation apparatus of claim 6, wherein the parameter acquisition module comprises:
the parameter acquisition submodule is used for acquiring a private key of a user terminal and a random number of the user terminal;
correspondingly, the first segment obtaining module includes:
the protocol transmission module is used for generating using end process data by using the using end private key and the using end random number together based on an accidental transmission protocol and transmitting the using end process data to the key management end;
the process data acquisition module is used for acquiring management end process data which is transmitted by the key management end and generated based on a management end private key and a management end random number;
a using end segment generating module, configured to generate the using end key segment based on the using end process data, the managing end process data, and the using end random number;
correspondingly, the second segment obtaining module includes:
a using end segment sending module, configured to send the using end key segment to the key management end;
a management side segment obtaining module, configured to obtain the management side key segment generated by the key management side based on the user side key segment, the user side process data, the management side process data, and the management side random number.
8. The SM9 key generation apparatus of claim 7, wherein the protocol transport module comprises:
the first matrix generation module is used for randomly generating a first matrix;
a second matrix generation module, configured to generate a second matrix based on the first matrix, the user-side private key, and the user-side random number;
the matrix processing module is used for taking the column vectors of the first matrix and the second matrix as input data of the inadvertent transmission protocol to obtain process data of the using end;
and the process data transmission module is used for transmitting the process data of the user end to the key management end.
9. A key consumer device, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the SM9 key generation method according to any of claims 1 to 5 when executing the computer program.
10. A computer-readable storage medium, characterized in that a computer program is stored thereon, which computer program, when being executed by a processor, carries out the steps of a key generation method according to any one of claims 1 to 5.
CN202110326135.7A 2021-03-26 2021-03-26 SM9 key generation method, device, equipment and storage medium Active CN112926075B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110326135.7A CN112926075B (en) 2021-03-26 2021-03-26 SM9 key generation method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110326135.7A CN112926075B (en) 2021-03-26 2021-03-26 SM9 key generation method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN112926075A CN112926075A (en) 2021-06-08
CN112926075B true CN112926075B (en) 2023-01-24

Family

ID=76176164

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110326135.7A Active CN112926075B (en) 2021-03-26 2021-03-26 SM9 key generation method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112926075B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113329386B (en) * 2021-06-11 2023-03-31 北京智芯微电子科技有限公司 Bluetooth pairing method supporting identity authentication, security chip and Bluetooth module
CN113297608B (en) * 2021-07-27 2021-11-02 北京理工大学 Identity anonymous searchable encryption method, device and equipment based on commercial password

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20070067588A (en) * 2005-12-24 2007-06-28 중앙대학교 산학협력단 Authenticated identity-based key agreement protocols in a multiple independent pkg environment
CN101340282B (en) * 2008-05-28 2011-05-11 北京易恒信认证科技有限公司 Generation method of composite public key
JP2010272899A (en) * 2009-05-19 2010-12-02 Mitsubishi Electric Corp Key generating system, key generating method, blind server device, and program
CN103812650B (en) * 2012-11-12 2017-05-31 华为技术有限公司 Information processing method, user equipment and encryption device
DE102015210734B4 (en) * 2014-10-31 2021-03-04 Hewlett Packard Enterprise Development Lp MANAGEMENT OF CRYPTOGRAPHIC KEYS
CN108418686B (en) * 2017-11-23 2021-03-19 矩阵元技术(深圳)有限公司 Multi-distributed SM9 decryption method and medium, and key generation method and medium
CN109067545A (en) * 2018-08-10 2018-12-21 航天信息股份有限公司 Key management method, device and storage medium
CN109698745A (en) * 2018-12-25 2019-04-30 歌尔科技有限公司 A kind of key management method, system and earphone and storage medium
CN110166239B (en) * 2019-06-04 2023-01-06 成都卫士通信息产业股份有限公司 User private key generation method and system, readable storage medium and electronic device
CN111010276A (en) * 2019-10-25 2020-04-14 武汉大学 Multi-party combined SM9 key generation and ciphertext decryption method and medium
CN111740828B (en) * 2020-07-29 2021-02-12 北京信安世纪科技股份有限公司 Key generation method, device and equipment and encryption and decryption method
CN111901111B (en) * 2020-08-06 2023-07-25 成都卫士通信息产业股份有限公司 SM9 key generation method, device and system and readable storage medium
CN112003696B (en) * 2020-08-25 2023-03-31 成都卫士通信息产业股份有限公司 SM9 key generation method, system, electronic equipment, device and storage medium
CN112241527B (en) * 2020-12-15 2021-04-27 杭州海康威视数字技术股份有限公司 Secret key generation method and system of terminal equipment of Internet of things and electronic equipment
CN112511566B (en) * 2021-02-02 2022-08-26 北京信安世纪科技股份有限公司 SM9 algorithm certificateless mechanism signature key generation method, equipment and storage medium

Also Published As

Publication number Publication date
CN112926075A (en) 2021-06-08

Similar Documents

Publication Publication Date Title
CN107196763B (en) SM2 algorithm collaborative signature and decryption method, device and system
CN112003696B (en) SM9 key generation method, system, electronic equipment, device and storage medium
US10511581B2 (en) Parallelizable encryption using keyless random permutations and authentication using same
CN112906038B (en) Thresholding processing method, device and equipment based on SM9 key and storage medium
CN109450640B (en) SM 2-based two-party signature method and system
CN112906039B (en) Certificateless distributed signature method, certificateless distributed signature device, certificateless distributed signature medium and electronic equipment
CN112926075B (en) SM9 key generation method, device, equipment and storage medium
US20220006615A1 (en) Computer-implemented system and method for distributing shares of digitally signed data
US20180302220A1 (en) User attribute matching method and terminal
CN108833095B (en) Behavior verification method, node, system and electronic equipment in block chain
CN111404952B (en) Transformer substation data encryption transmission method and device, computer equipment and storage medium
Sengupta et al. Message mapping and reverse mapping in elliptic curve cryptosystem
US20210367772A1 (en) Computer implemented system and method for sharing a common secret
CN113300999B (en) Information processing method, electronic device, and readable storage medium
KR20120013415A (en) A method of efficient secure function evaluation using resettable tamper-resistant hardware tokens
CN112398646B (en) Identity-based encryption method and system with short public parameters on ideal lattice
CN112926074B (en) SM9 key thresholding generation method, device, equipment and storage medium
US11727125B2 (en) Emergent language based data encryption
Liu et al. Quantum‐resistant anonymous identity‐based encryption with trable identities
CN107872312A (en) Symmetric key dynamic creation method, device, equipment and system
CN113381850B (en) SM9 user key generation method, device, equipment and storage medium
AlDerai et al. A Study of Image Encryption/Decryption by Using Elliptic Curve Cryptography ECC
CN115001741B (en) Data encryption method and related components
CN110958115B (en) Digital signature device, method, storage medium and equipment based on SM9 white box
CN117118618B (en) Data sharing method and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: No. 333, Yunhua Road, high tech Zone, Chengdu, Sichuan 610041

Patentee after: China Electronics Technology Network Security Technology Co.,Ltd.

Address before: No. 333, Yunhua Road, high tech Zone, Chengdu, Sichuan 610041

Patentee before: CHENGDU WESTONE INFORMATION INDUSTRY Inc.