CN112994889B - SM 2-based data processing method and system and electronic equipment - Google Patents

SM 2-based data processing method and system and electronic equipment Download PDF

Info

Publication number
CN112994889B
CN112994889B CN202110470588.7A CN202110470588A CN112994889B CN 112994889 B CN112994889 B CN 112994889B CN 202110470588 A CN202110470588 A CN 202110470588A CN 112994889 B CN112994889 B CN 112994889B
Authority
CN
China
Prior art keywords
information
result
target
determining
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110470588.7A
Other languages
Chinese (zh)
Other versions
CN112994889A (en
Inventor
张宇
张庆勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Infosec Technologies Co Ltd
Original Assignee
Beijing Infosec Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Infosec Technologies Co Ltd filed Critical Beijing Infosec Technologies Co Ltd
Priority to CN202110470588.7A priority Critical patent/CN112994889B/en
Publication of CN112994889A publication Critical patent/CN112994889A/en
Application granted granted Critical
Publication of CN112994889B publication Critical patent/CN112994889B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a data processing method, a system and an electronic device based on SM2, wherein the method is suitable for a first device corresponding to a first user, and comprises the following steps: acquiring a message to be signed and a first signature information and a second signature information corresponding to the message to be signed; determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information; acquiring first public key information and a target random value corresponding to a second user; determining first information by using the first target length information, the first public key information and the target random value; encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result; acquiring first elliptic curve point information corresponding to a target random value; and determining a first mesh tag encryption result by using the first initial tag encryption result and the first elliptic curve point information. The technical scheme provided by each embodiment of the application can improve the data processing efficiency in the signcryption process.

Description

SM 2-based data processing method and system and electronic equipment
Technical Field
The present application belongs to the field of information security, and in particular, to a data processing method and system based on SM2, and an electronic device.
Background
The SM2 is an elliptic curve public key cryptographic algorithm, has the advantages of high safety, high calculation efficiency and the like compared with the RSA algorithm, and has wide application prospect, including an SM2 encryption algorithm and an SM2 signature algorithm.
However, in general, a system requires both authentication and confidentiality of information, and a traditional method is implemented by using a method of first signing and then encrypting, and the required cost is the sum of signing and encrypting, so that the data processing amount is large, and the data processing efficiency is low.
Disclosure of Invention
The embodiment of the application provides an implementation scheme different from that in the prior art so as to improve the data processing efficiency in the signcryption process.
Specifically, in an embodiment of the present application, a data processing method based on SM2 is provided, which is applicable to a first device corresponding to a first user, and includes: acquiring a message to be signed and encrypted, and first signature information and second signature information corresponding to the message to be signed and encrypted; determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information; acquiring first public key information and a target random value corresponding to a second user; determining first information by using the first target length information, the first public key information and the target random value; encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result; acquiring first elliptic curve point information corresponding to a target random value; and determining a first mesh tag encryption result by using the first initial tag encryption result and the first elliptic curve point information.
Specifically, in an embodiment of the present application, a data processing method based on SM2 is provided, which is applicable to a second device corresponding to a second user, and includes: acquiring a second target label density result from the first user; the second mesh label density result corresponds to the first mesh label density result; extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result; acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result; determining second information by using the second private key information, the third elliptic curve point information and the second target length information; decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information; and determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decrypting information.
Specifically, in one embodiment of the present application, there is provided an SM 2-based data processing system, comprising: a first device and a second device, wherein: the first device is for: acquiring a message to be signed and encrypted, and first signature information and second signature information corresponding to the message to be signed and encrypted; determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information; acquiring first public key information and a target random value corresponding to a second user; determining first information by using the first target length information, the first public key information and the target random value; encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result; acquiring first elliptic curve point information corresponding to a target random value; determining a first mesh tag encryption result by using the first initial encryption result and the first elliptic curve point information; the second device is for: acquiring a second target label density result, wherein the second target label density result corresponds to the first target label density result; extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result; acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result; determining second information by using the second private key information, the third elliptic curve point information and the second target length information; decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information; determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decryption information; the first user corresponds to the first device, and the second user corresponds to the second device.
Specifically, in one embodiment of the present application, there is provided an electronic device including: a memory and a processor; wherein, the memorizer, is used for storing the procedure; a processor, coupled to the memory, for executing the program stored in the memory to: acquiring a message to be signed and encrypted, and first signature information and second signature information corresponding to the message to be signed and encrypted; determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information; acquiring first public key information and a target random value corresponding to a second user; determining first information by using the first target length information, the first public key information and the target random value; encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result; acquiring first elliptic curve point information corresponding to a target random value; and determining a first mesh tag encryption result by using the first initial tag encryption result and the first elliptic curve point information.
Specifically, in one embodiment of the present application, there is provided an electronic device including: a memory and a processor; wherein, the memorizer, is used for storing the procedure; a processor, coupled to the memory, for executing the program stored in the memory to: acquiring a second target label density result from the first user; extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result; acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result; determining second information by using the second private key information, the third elliptic curve point information and the second target length information; decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information; and determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decrypting information.
Specifically, in an embodiment of the present application, there is provided a computer readable medium having at least one instruction, at least one program, code set, or instruction set stored thereon, which is loaded and executed by a processor to implement the aforementioned SM 2-based data processing method.
Embodiments of the present application provide a new scheme, which is applicable to a first device corresponding to a first user, and includes: acquiring a message to be signed and encrypted, and first signature information and second signature information corresponding to the message to be signed and encrypted; determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information; acquiring first public key information and a target random value corresponding to a second user; determining first information by using the first target length information, the first public key information and the target random value; encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result; acquiring first elliptic curve point information corresponding to a target random value; and determining a first mesh label encryption result by using the first initial encryption result and the first elliptic curve point information, so that the data processing efficiency in the encryption process is improved by a simpler calculation process.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings can be obtained by those skilled in the art without creative efforts. In the drawings:
fig. 1 is a schematic structural diagram of a data processing system based on SM2 according to an embodiment of the present application;
fig. 2 is a schematic flowchart of a data processing method based on SM2 according to an embodiment of the present application;
fig. 3 is a schematic flowchart of a data processing method based on SM2 according to another embodiment of the present application;
fig. 4 is a schematic structural diagram of an electronic device according to another embodiment of the present application;
fig. 5 is a schematic structural diagram of a data processing apparatus based on SM2 according to another embodiment of the present application;
fig. 6 is a schematic structural diagram of a data processing apparatus based on SM2 according to another embodiment of the present application.
Detailed Description
Abbreviations and key terms to which this application relates:
Fp: a prime field comprising p elements;
E(Fp):Fpa set of all rational points of the upper elliptic curve E (including the infinity point O);
(p, a, b, G, n, h): curve parameters of the SM2 algorithm, where p is a prime number of 256 bits in length;
a and b are FpElement of (1) for defining FpAn elliptic curve E above;
g is a base point, and G is expressed by coordinates (x)G,yG);
n is the order of G; h is a cofactor;
Hv(): a cryptographic hash function with a message digest length of v bits, the hash function using SM 3;
IDA: the identity of the user A;
ENTLA:IDAlength of (E), ENTLAIs 2 bytes in length;
mod n: performing modulo n operation;
o: a special point on the elliptic curve, called the infinity point or the zero point, is a unit cell of the elliptic curve addition group;
dA: a private key of user A;
dB: the private key of user B;
PA: public key of user A, expressed in coordinates PA=(xA,yA);
PB: public key of user B, represented by coordinates PB ═ xB,yB);
x | | y: splicing x and y, wherein x and y are bit strings or byte strings;
ZA: the hash value of the identity identifier of the user a, the partial elliptic curve system parameter and the public key of the user a is specifically as follows: zA=H256(ENTLA||IDA||a||b||xG||yG||xA||yA);
[k] P: k times the point P on the elliptic curve, wherein k is a positive integer;
a, B: two users using a public key cryptosystem;
hash () cryptographic Hash algorithm;
KDF () key derivation function;
[ x, y ]: a set of integers greater than or equal to x and less than or equal to y;
e: the cryptographic hash algorithm acts on the output value of the message m;
e': the cryptographic hash algorithm acts on the output value of the message m'.
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application. The terminology used in the embodiments of the present application is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise, and "a" and "an" typically include at least two, but do not preclude the inclusion of at least one. It should be understood that the descriptions of "first," second, "etc. herein are used for distinguishing between different elements, devices, etc., and are not intended to indicate a sequential order, nor is it intended to be construed as limiting the types of" first "and" second. The words "if", as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to a monitoring", depending on the context. Similarly, the phrase "if it is determined" or "if it is monitored (a stated condition or event)" may be interpreted as "when determining" or "in response to determining" or "when monitoring (a stated condition or event)" or "in response to monitoring (a stated condition or event)", depending on the context.
It is also noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a good or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such good or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of additional like elements in the article or system in which the element is included.
The technical solutions provided by the embodiments of the present application will be described in detail below with reference to the accompanying drawings.
Fig. 1 is a schematic structural diagram of a data processing system based on SM2 according to an exemplary embodiment of the present application, where the system includes: the method comprises the following steps: a first device 11 and a second device 12, wherein:
the first device 11 is configured to: acquiring a message to be signed and encrypted, and first signature information and second signature information corresponding to the message to be signed and encrypted; determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information; acquiring first public key information and a target random value corresponding to a second user; determining first information by using the first target length information, the first public key information and the target random value; encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result; acquiring first elliptic curve point information corresponding to a target random value; determining a first mesh tag encryption result by using the first initial encryption result and the first elliptic curve point information;
the second device 12 is for: acquiring a second target label density result from the first user; the second mesh label density result corresponds to the first mesh label density result; extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result; acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result; determining second information by using the second private key information, the third elliptic curve point information and the second target length information; decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information; determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decryption information; the first user corresponds to the first device, and the second user corresponds to the second device.
Specifically, the first device may be different from the second device, or may be the same device, and the applicant does not limit this.
For the constituent elements in the embodiment of the present system, for example, the execution principle and the interaction process of the first device and the second device, reference may be made to the following description of the method embodiments.
Fig. 2 is a flowchart illustrating a data processing method based on SM2 according to an exemplary embodiment of the present application, where an execution subject of the method may be a first device corresponding to a first user, and the method includes:
201. acquiring a message to be signed and encrypted, and first signature information and second signature information corresponding to the message to be signed and encrypted;
202. determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information;
203. acquiring first public key information and a target random value corresponding to a second user;
204. determining first information by using the first target length information, the first public key information and the target random value;
205. encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result;
206. acquiring first elliptic curve point information corresponding to a target random value;
207. and determining a first mesh tag encryption result by using the first initial tag encryption result and the first elliptic curve point information.
Specifically, the message to be signed and encrypted may be plaintext data, and in step 202, "determine the corresponding first target length information based on the message to be signed and encrypted, the first signature information, and the second signature information" may be implemented by the following formula (1):
klen=mlen+rlen+slen (1)
wherein mlen is length information of the message m to be signed, rlen is length information of first signature information, slen is length information of second signature information, and klen is first target length information;
further, the first public key information PB(PB=(xB,yB) Second private key information d) corresponding to the second user B based on the second user BBAnd a target elliptic curve (which may be E (F)q) G (G ═ x) of (c)G,yG) Determined) and the second user B determines the first public key information PBThen, the first public key information P is usedBSending the information to a first user A; specifically, the second user may randomly select the second private key information dB∈ZnFurther byThe first public key information P is determined by the following formula (2)B
PB=[dB]G (2)
Further, the aforementioned target random value k may be generated by the first device, where k ∈ Zn*. Further, in step 204, the determining the first information by using the first target length information, the first public key information, and the target random value includes the following steps:
2041. using the target random value k and the first public key information PBDetermining second elliptic curve point information;
2042. and determining first information by using the second elliptic curve point information, the first target length information and the key derivation function.
Specifically, the determination of the second elliptic curve point information may be realized by the following formula (3):
(x2,y2)=[k]PB (3)
wherein (x)2,y2) For the second elliptic curve point information, the determination of the first information may be implemented by the following equation (4):
t=KDF(x2||y2,klen) (4)
wherein t is first information, and KDF is a key derivation function; here, if the first information t is an all 0-bit string, the target random value k is determined again.
Further, in step 205, the to-be-signed message m is encrypted according to the first information t, the first signature information r, and the second signature information s, so as to obtain a first initial signing result C2This can be achieved by the following equation (5):
C2=t⊕(m||r||s) (5)
further, in step 207, the first initial signcryption result C is utilized2And the first elliptic curve point information C1The determination of the first target secret C can be achieved by the following equation (6):
C=C1||C2 (6)
further, the method further comprises:
acquiring base point information G corresponding to a target elliptic curve;
determining first elliptic curve point information C based on target random value k and base point information G1. Specifically, the first elliptic curve point information C1This can be achieved by the following equation (7):
C1=[k]G (7)
it should be noted that C is determined by the formula (7)1(C1=(x1,y1) After C) is needed1Conversion into bit strings for use of C1And determining a first target secret label result C.
Further, regarding the determination of the first signature information r, the method further includes the steps of:
s1, obtaining the ID of the first userASecond public key information P corresponding to the first userASystem parameter information corresponding to the target elliptic curve;
s2, using the ID of the first userASecond public key information PAAnd determining target hash value information Z according to system parameter information corresponding to the target elliptic curveA
S3, based on the message m to be signed and encrypted, the target hash value information ZAFirst elliptic curve point information C1And determining first signature information according to the order n corresponding to the target elliptic curve.
Wherein, the second public key information P corresponding to the first user AA (PA =(xA,yA) Can be determined by the following equation (8):
PA=[dA]G (8)
wherein, dAThe first private key information corresponding to the first user can be randomly selected by the first userAAnd d isA∈Zn*。
Further, the target hash value informationZADetermined by the following equation (9):
ZA=H256(ENTLA||IDA||a||b||xG||yG||xA||yA) (9)
wherein a and b belong to system parameter information corresponding to the target elliptic curve; with respect to ZAFor details, reference is made to the prior art and no further description is given here.
Further, in the aforementioned step S3, based on the message m to be signed and encrypted and the target hash value information ZAFirst elliptic curve point information C1And determining first signature information according to the order n corresponding to the target elliptic curve comprises the following steps:
s31, the target hash value information ZAAfter the information m is spliced with the information m to be signed and encrypted, a first splicing result is obtained, and the first splicing result is processed by utilizing a first password hash function to obtain first output value information e;
s32, determining first signature information using the first output value information, the first elliptic curve point information, and the order.
Specifically, the first splicing result is ZAObtaining the first output value information e may be implemented by the following equation (10):
e=Hv(ZA||m) (10)
it should be noted that after the first output value information e is determined, e needs to be converted into an integer to further determine the first signature information r.
In the step S32, the first output value information e and the first elliptic curve point information C are used1And the order n determines that the first signature information r can be realized by the following formula (11):
r=(e+x1)modn (11)
if r =0 or r + k = n, the target random value k is newly determined;
further, the method further comprises:
obtaining first private key information d corresponding to a first userA
Using the first private key information dAAnd determining second signature information s by the target random value k, the first signature information r and the order n. Specifically, this can be achieved by the following formula (12):
s=((1+dA)-1(k-rdA))modn (12)
if s =0, re-determining the target random value k, otherwise, converting r and s into character strings to determine length information rlen of r and length information slen of s; and determining a first initial signcryption result.
Further, encrypting the message to be signed and encrypted according to the first information, the first signature information, and the second signature information to obtain a first initial signing result includes:
splicing the message to be signed and encrypted, the first signature information and the second signature information to obtain a corresponding second splicing result;
and determining a first initial signcryption result by using the first information and the second splicing result.
Specifically, the second splicing result is: m | | r | | s, determining a first initial signcryption result by using the first information and the second concatenation result may be determined by the following formula (13):
C2=t⊕(m||r||s) (13)
further, a first initial signcryption result C is utilized2 And the first elliptic curve point information C1Determining the first destination tag density result C may be accomplished by the following equation (14):
C=C1||C2 (14)
in the foregoing scheme, after the first signature information and the second signature information are obtained, the signing of the message to be signed can be achieved only according to the message to be signed, the first signature information, and the first target length information, the first public key information, the target random value, and the first elliptic curve point information determined by the second signature information. For example, the target random value and the first elliptic curve point information may be determined by the first device in the process of determining the first signature information, and after the first signature information and the second signature information are obtained, information repeated in the process of determining the first signature information and/or the second signature information does not need to be generated again, and the information can be directly obtained from the local.
Correspondingly, when the signcryption is released, the method further comprises the following steps:
s01, obtaining a second target label density result, wherein the second target label density result corresponds to the first target label density result;
s02, extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result;
s03, acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result;
s04, determining second information by using the second private key information, the third elliptic curve point information and the second target length information;
s05, decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information;
and S06, determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decrypting information.
Specifically, the second-mesh-label-density result is a signature-density result acquired after the first device starts the signature-density releasing step, if the first-mesh-label-density result passes through the step 207 and a time period before the first device starts the signature-density releasing step changes, the second-mesh-label-density result is different from the first-mesh-label-density result, which will cause failure of signature-density releasing, and if the first-mesh-label-density result does not change within the time period, the second-mesh-label-density result is the same as the first-mesh-label-density result.
In some optional embodiments, in the step S02, the third elliptic curve point information corresponds to the first elliptic curve point information, if the time period from the first elliptic curve point information passing through the step 207 to the first device before the first device starts the de-signcryption step is changed, the third elliptic curve point information is different from the first elliptic curve point information, and if the first elliptic curve point information is not changed in the time period, the third elliptic curve point information is the same as the first elliptic curve point information.
It should be noted that, when the third elliptic curve point information C is extracted from the second target density result12(Here, C12Bit string), C is needed12Converting into points on an elliptic curve, and judging C12And whether the elliptic curve equation is satisfied or not, if not, terminating the signcryption process, and specifically exiting the currently running program.
In some optional embodiments of the present application, the second target length information is the same as the first target length information, and further, in the step S04, the determining the second information by using the second private key information, the third elliptic curve point information, and the second target length information includes:
determining third information by using the second private key information and the third elliptic curve point information;
and determining second information by using the third information, the second target length information and the key derivation function.
Specifically, the aforementioned third information is (x)2´,y2') wherein (x)2´,y2´)=dBC12Determining the second information by using the third information, the second target length information, and the key derivation function may be implemented by the following equation (15):
t´=KDF(x2´||y2´,klen´) (15)
and if the klen ' is the second target length information, and the t ' is the second information, reporting an error and exiting the current program if the t ' is all 0. The second target length information may be determined according to the length information corresponding to the second initial signcryption result, and may specifically be equal to the length information corresponding to the second initial signcryption result.
Further, in the foregoing step S05, the second initial signcryption result is decrypted according to the second information, so as to obtain third signature information and fourth signature information, and the decryption information can be implemented by the following equation (16):
m´||r´||s´=t´⊕C22 (16)
wherein m ' is decryption information, r ' is third signature information, s ' is fourth signature information, and C22Specifically, if the time period from the first initial signcryption result after passing through the step 207 to the time period before the first device starts the signcryption releasing step changes, the second initial signcryption result is different from the first initial signcryption result, and if the first initial signcryption result does not change in the time period, the second initial signcryption result is the same as the first initial signcryption result.
It should be noted that, after the third signature information and the fourth signature information are determined, the third signature information and the fourth signature information need to be converted into integers, and when the third signature information does not belong to ZnOr fourth signature information not belonging to ZnAnd when yes, reporting that the decryption fails and exiting the current program or calculation process or the data processing process.
Further, the step of determining the target de-signing and encrypting result by using the third signature information, the fourth signature information and the decrypting information comprises the following steps:
hashing the target value information ZASplicing with decryption information m' to obtain a third splicing result ZAAnd | m' processing the third splicing result Z by using a second cryptographic hash functionAObtaining second output value information e 'by using the, | m'; wherein the second cryptographic hash function is the same as the first cryptographic hash function.
Determining fourth elliptic curve point information based on the third signature information, the fourth signature information, the order, the base point and the second public key information;
determining information to be checked by using the second output value information e', the fourth elliptic curve point information and the order; and determining a target sign decryption result according to the information to be checked and the third signature information.
Specifically, the second output value information may be determined by the following equation (17):
e´=Hv(ZA||m´) (17)
it should be noted that e' needs to be further converted into an integer, and further, the determining of the fourth elliptic curve point information based on the third signature information, the fourth signature information, the order, the base point, and the second public key information may specifically include:
determining fourth information based on the third signature information, the fourth signature information and the rank;
determining fourth elliptic curve point information by using the fourth information, the fourth signature information, the base point and the second public key information;
wherein determining the fourth information based on the third signature information, the fourth signature information, and the rank may be implemented by the following equation (18):
u´=(r´+s´)modn (18)
if u ″ =0, prompting that the de-signcryption fails and exiting the current program or the calculation process or the data processing process;
further, the determining of the fourth elliptic curve point information using the fourth information, the fourth signature information, the base point, and the second public key information may be implemented by the following equation (19):
(x1´,y1´)=s´G+u´PA (19)
wherein (x)1´,y1') is fourth elliptic curve point information;
further, the determination of the information to be checked using the second output value information, the fourth elliptic curve point information, and the order may be implemented by the following equation (20):
R=(e´+x1´)modn (20)
wherein, R is the information to be checked, and then determining the target decryption result according to the information to be checked and the third signature information comprises the following steps: if the information to be checked is equal to the third signature information, the successful sign decoding and the decryption are determined, and the decryption information is output.
Embodiments of the present application provide a new scheme, which is applicable to a first device corresponding to a first user, and includes: acquiring a message to be signed and encrypted, and first signature information and second signature information corresponding to the message to be signed and encrypted; determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information; acquiring first public key information and a target random value corresponding to a second user; determining first information by using the first target length information, the first public key information and the target random value; encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result; acquiring first elliptic curve point information corresponding to a target random value; and determining a first mesh label encryption result by using the first initial encryption result and the first elliptic curve point information, so that the data processing efficiency in the encryption process is improved by a simpler calculation process.
Fig. 3 is a flowchart of a data processing method based on SM2 according to an exemplary embodiment of the present application, where an execution subject of the method may be a second device corresponding to a second user, and the method includes:
301. acquiring a second target label density result from the first user; the second mesh label density result corresponds to the first mesh label density result;
302. extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result;
303. acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result;
304. determining second information by using the second private key information, the third elliptic curve point information and the second target length information;
305. decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information;
306. and determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decrypting information.
That is, in the embodiment corresponding to fig. 2, the process of decryption may be performed by a second device different from the first device, and the first device needs to send the second target decryption result to the second device. Wherein, in the process of executing the decryption by the second device, the related necessary information can be directly obtained from the first device if the necessary information is determined in the first device.
For the specific implementation of this embodiment, reference is made to the foregoing description, and further description is omitted here.
Fig. 4 is a schematic structural diagram of an electronic device according to an exemplary embodiment of the present application, including: a memory 41 and a processor 42; wherein the content of the first and second substances,
a memory 41 for storing a program;
a processor 42, coupled to the memory, for executing the program stored in the memory 41 for:
acquiring a message to be signed and encrypted, and first signature information and second signature information corresponding to the message to be signed and encrypted;
determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information;
acquiring first public key information and a target random value corresponding to a second user;
determining first information by using the first target length information, the first public key information and the target random value;
encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result;
acquiring first elliptic curve point information corresponding to a target random value;
and determining a first mesh tag encryption result by using the first initial tag encryption result and the first elliptic curve point information.
The memory 41 described above may be configured to store other various data to support operations on the electronic device. Examples of such data include instructions for any application or method operating on the electronic device. The memory 41 may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.
The processor 42 may also implement other functions besides the above functions when executing the program in the memory 41, which may be specifically referred to the description of the foregoing embodiments.
Further, as shown in fig. 4, the electronic device further includes: a display 43, a power supply component 44, a communication component 45, and the like. Only some of the components are schematically shown in fig. 4, and the electronic device is not meant to include the components shown in fig. 4.
Another exemplary embodiment of the present application also provides an electronic device, whose structure is similar to that of the electronic device of fig. 4, and the electronic device in this embodiment includes: a memory and a processor; wherein the content of the first and second substances,
a memory for storing a program;
a processor, coupled to the memory, for executing the program stored in the memory to:
acquiring a second target label density result from the first user;
extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result;
acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result;
determining second information by using the second private key information, the third elliptic curve point information and the second target length information;
decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information;
and determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decrypting information.
For the specific implementation corresponding to this embodiment, reference may be made to the foregoing description, and details are not described herein again.
Fig. 5 is a data processing apparatus based on SM2 according to an exemplary embodiment of the present application, which is adapted to a first device corresponding to a first user, and includes: a first obtaining module 51, a first determining module 52, a second obtaining module 53, a second determining module 54, a third determining module 55, a third obtaining module 56, and a fourth determining module 57, wherein:
a first obtaining module 51, configured to obtain a message to be signed and first signature information and second signature information corresponding to the message to be signed;
a first determining module 52, configured to determine, based on the message to be signed and encrypted, the first signature information, and the second signature information, corresponding first target length information;
a second obtaining module 53, configured to obtain first public key information and a target random value corresponding to a second user;
a second determining module 54, configured to determine the first information by using the first target length information, the first public key information, and the target random value;
a third determining module 55, configured to encrypt the message to be signed according to the first information, the first signature information, and the second signature information, to obtain a first initial signing result;
a third obtaining module 56, configured to obtain first elliptic curve point information corresponding to the target random value;
and a fourth determining module 57, configured to determine the first target signcryption result by using the first initial signcryption result and the first elliptic curve point information.
Optionally, the data processing apparatus is further configured to:
acquiring base point information corresponding to a target elliptic curve;
and determining first elliptic curve point information based on the target random value and the base point information.
Optionally, the data processing apparatus is further configured to:
acquiring an identity of a first user, second public key information corresponding to the first user and system parameter information corresponding to a target elliptic curve;
determining target hash value information by using the identity of the first user, the second public key information and system parameter information corresponding to the target elliptic curve;
and determining first signature information based on the message to be signed, the target hash value information, the first elliptic curve point information and the order corresponding to the target elliptic curve.
Optionally, when the apparatus is configured to determine the first signature information based on the message to be signed and encrypted, the target hash value information, the first elliptic curve point information, and the order corresponding to the target elliptic curve, the apparatus is specifically configured to:
splicing the target hash value information and the message to be signed and encrypted to obtain a first splicing result, and processing the first splicing result by using a first password hash function to obtain first output value information;
and determining first signature information by using the first output value information, the first elliptic curve point information and the order.
Optionally, the data processing apparatus is further configured to:
acquiring first private key information corresponding to a first user;
and determining second signature information by using the first private key information, the target random value, the first signature information and the order.
Optionally, when the second determining module 54 is configured to determine the first information by using the first target length information, the first public key information, and the target random value, specifically:
determining second elliptic curve point information by using the target random value and the first public key information;
and determining first information by using the second elliptic curve point information, the first target length information and the key derivation function.
Optionally, when the third determining module 55 is configured to encrypt the message to be signed and encrypted according to the first information, the first signature information, and the second signature information, and obtain a first initial signing and encrypting result, specifically:
splicing the message to be signed and encrypted, the first signature information and the second signature information to obtain a corresponding second splicing result;
and determining a first initial signcryption result by using the first information and the second splicing result.
Optionally, the data processing apparatus is further configured to:
acquiring a second target label density result, wherein the second target label density result corresponds to the first target label density result;
extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result;
acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result;
determining second information by using the second private key information, the third elliptic curve point information and the second target length information;
decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information;
and determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decrypting information.
Optionally, when the apparatus is configured to determine the second information by using the second private key information, the third elliptic curve point information, and the second target length information, the apparatus is specifically configured to:
determining third information by using the second private key information and the third elliptic curve point information;
and determining second information by using the third information, the second target length information and the key derivation function.
Optionally, when the apparatus is configured to determine the target de-signcryption result by using the third signature information, the fourth signature information, and the decryption information, the apparatus is specifically configured to:
splicing the target hash value information and the decryption information to obtain a third splicing result, and processing the third splicing result by using a second password hash function to obtain second output value information;
determining fourth elliptic curve point information based on the third signature information, the fourth signature information, the order, the base point and the second public key information;
determining information to be checked by using the second output value information, the fourth elliptic curve point information and the order;
and determining a target sign decryption result according to the information to be checked and the third signature information.
For the specific implementation corresponding to this embodiment, reference may be made to the foregoing description, and details are not described herein again.
Fig. 6 is a data processing apparatus based on SM2 according to an exemplary embodiment of the present application, which is adapted to a second device corresponding to a second user, and includes: a first obtaining module 61, an extracting module 62, a second obtaining module 63, a first determining module 64, a second determining module 65, and a third determining module 66; wherein:
a first obtaining module 61, configured to obtain a second target tag density result from the first user;
the extracting module 62 is configured to extract third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result;
a second obtaining module 63, configured to obtain second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result;
a first determining module 64, configured to determine second information by using the second private key information, the third elliptic curve point information, and the second target length information;
a second determining module 65, configured to decrypt the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information, and decryption information;
and a third determining module 66, configured to determine a target de-signcryption result using the third signature information, the fourth signature information, and the decryption information.
For the specific implementation corresponding to this embodiment, reference may be made to the foregoing description, and details are not described herein again.
Accordingly, embodiments of the present application further provide a computer-readable storage medium storing a computer program, where at least one instruction, at least one program, a code set, or a set of instructions is stored, and the at least one instruction, the at least one program, the code set, or the set of instructions is loaded and executed by a processor to implement the foregoing data processing method.
According to the scheme, two functions of signing and encrypting can be completed in one logic step, the SM2 signing scheme in the application simultaneously guarantees confidentiality and authentication of information, compared with the traditional method of signing first and then encrypting, the calculation efficiency is obviously improved, and the technical scheme provided by the embodiment of the application is explained by combining a specific application scene.
The scheme comprises the steps of generating a public and private key pair, signing and decrypting the signing and decrypting operation.
The system disclosure parameters include defining an elliptic curve E (F)q) Two elements of the equation a, b ∈ Fq,E(Fq) Base point G ═ xG,yG) The order n of G. Hv(.) is a hashing algorithm that outputs length v bits (v can take 256).
1. Generating public and private key pair
The user randomly selects d ∈ ZnCalculate public key P = dG. User privacy d, public P;
2. signcryption
User A (ID is identification)APrivate key dAPublic key PA=(xA,yA) Identifier) to send a length mlen plaintext m to user B (identified as ID)BPublic key PB=(xB,yB) To perform the following operations: zA=H256(ENTLA||IDA||a||b||xG||yG||xA||yA)
1) Randomly selecting k to be Zn;
2) calculating C1=[k]G =(x1,y1) Mixing C with1Converting into a bit string;
3) calculation of e = Hv(ZA| m), converting e into an integer;
4) calculation of r = e + x1mod n, if r =0 or r + k = n, returns to the aforementioned 1);
5) calculation of s = ((1+ d)A)-1(k-rdA) Mod n, return 1 if s = 0), otherwise convert r, s into a string,rlen, slen are the converted lengths respectively;
6) calculating (x)2,y2)=[k]PB
7) Calculation klen = mlen + rlen + slen, calculation t = KDF (x)2||y2Klen), if t is a full 0-bit string, 1 is returned);
8) calculating C2=t⊕(m||r||s);
Output ciphertext (i.e., first order tagcrypt result) C = C1||C2
3. De-signcryption
User B receives the ciphertext (i.e., the second target ciphertext) C ″, performs the following operations:
1) extracting a bit string C from C12Mixing C with12Converting into points on an elliptic curve, and judging C12Whether the elliptic curve equation is satisfied or not, and if not, quitting;
2) calculating (x)2´,y2´)=dBC12
3) Calculation klen = mlen + rlen + slen, calculation t ″ =kdf (x)2´||y2Klen ') and if t' is all 0, an error is reported and quit is performed;
4)m´||r´||s´=t´⊕C22
5) extracting the bit string r ', s' and converting the bit string r ', s' into an integer, verifying r 'epsilon Zn, and s' epsilon Zn, if not, reporting the failure of signature decryption and quitting;
6) calculation of e ″ = Hv(ZA| m ″), converting e' into an integer;
7) calculating u = (r ″ + s') modn, and if u ″ =0, reporting failure of de-signcryption and quitting;
8) calculating the point (x) on the elliptic curve1´,y1´)=s´G+u´PA
9) Calculating R = (e + x) =1´)modn;
10) And verifying whether R = R 'is true, if so, outputting m', otherwise, reporting failure of the signcryption and quitting.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods of the various embodiments or some parts of the embodiments.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.

Claims (15)

1. A data processing method based on SM2 is characterized in that, the method is applied to a first device corresponding to a first user, and comprises the following steps:
acquiring a message to be signed and encrypted, and first signature information and second signature information corresponding to the message to be signed and encrypted;
determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information;
acquiring first public key information and a target random value corresponding to a second user;
determining first information by using the first target length information, the first public key information and the target random value;
encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result;
acquiring first elliptic curve point information corresponding to a target random value;
and determining a first mesh tag encryption result by using the first initial tag encryption result and the first elliptic curve point information.
2. The method of claim 1, wherein the method further comprises:
acquiring base point information corresponding to a target elliptic curve;
and determining first elliptic curve point information based on the target random value and the base point information.
3. The method of claim 2, wherein the method further comprises:
acquiring an identity of a first user, second public key information corresponding to the first user and system parameter information corresponding to a target elliptic curve;
determining target hash value information by using the identity of the first user, the second public key information and system parameter information corresponding to the target elliptic curve;
and determining first signature information based on the message to be signed, the target hash value information, the first elliptic curve point information and the order corresponding to the target elliptic curve.
4. The method of claim 3, wherein determining the first signature information based on the message to be signed, the target hash value information, the first elliptic curve point information, and the corresponding order of the target elliptic curve comprises:
splicing the target hash value information and the message to be signed and encrypted to obtain a first splicing result, and processing the first splicing result by using a first password hash function to obtain first output value information;
and determining first signature information by using the first output value information, the first elliptic curve point information and the order.
5. The method of claim 4, wherein the method further comprises:
acquiring first private key information corresponding to a first user;
and determining second signature information by using the first private key information, the target random value, the first signature information and the order.
6. The method of claim 1, wherein determining the first information using the first target length information, the first public key information, and the target random value comprises:
determining second elliptic curve point information by using the target random value and the first public key information;
and determining first information by using the second elliptic curve point information, the first target length information and the key derivation function.
7. The method of claim 6, wherein encrypting the signcryption message based on the first information, the first signature information, and the second signature information to obtain the first initial signcryption result comprises:
splicing the message to be signed and encrypted, the first signature information and the second signature information to obtain a corresponding second splicing result;
and determining a first initial signcryption result by using the first information and the second splicing result.
8. A method according to claim 3, characterized in that the method further comprises:
acquiring a second target label density result, wherein the second target label density result corresponds to the first target label density result;
extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result;
acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result;
determining second information by using the second private key information, the third elliptic curve point information and the second target length information;
decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information;
and determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decrypting information.
9. The method of claim 8, wherein determining the second information using the second private key information, the third elliptic curve point information, and the second target length information comprises:
determining third information by using the second private key information and the third elliptic curve point information;
and determining second information by using the third information, the second target length information and the key derivation function.
10. The method of claim 9, wherein determining the target de-signcryption result using the third signature information, the fourth signature information, and the decryption information comprises:
splicing the target hash value information and the decryption information to obtain a third splicing result, and processing the third splicing result by using a second password hash function to obtain second output value information;
determining fourth elliptic curve point information based on the third signature information, the fourth signature information, the order, the base point and the second public key information;
determining information to be checked by using the second output value information, the fourth elliptic curve point information and the order;
and determining a target sign decryption result according to the information to be checked and the third signature information.
11. A data processing method based on SM2 is characterized in that, the method is applied to a second device corresponding to a second user, and comprises the following steps:
acquiring a second target label density result from the first user;
extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result;
acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result;
determining second information by using the second private key information, the third elliptic curve point information and the second target length information;
decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information;
and determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decrypting information.
12. A SM 2-based data processing system, comprising: a first device and a second device, wherein:
the first device is for: acquiring a message to be signed and encrypted, and first signature information and second signature information corresponding to the message to be signed and encrypted; determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information; acquiring first public key information and a target random value corresponding to a second user; determining first information by using the first target length information, the first public key information and the target random value; encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result; acquiring first elliptic curve point information corresponding to a target random value; determining a first mesh tag encryption result by using the first initial encryption result and the first elliptic curve point information;
the second device is for: acquiring a second target label density result, wherein the second target label density result corresponds to the first target label density result; extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result; acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result; determining second information by using the second private key information, the third elliptic curve point information and the second target length information; decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information; determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decryption information; the first user corresponds to the first device, and the second user corresponds to the second device.
13. An electronic device, comprising: a memory and a processor; wherein the content of the first and second substances,
a memory for storing a program;
a processor, coupled to the memory, for executing the program stored in the memory to:
acquiring a message to be signed and encrypted, and first signature information and second signature information corresponding to the message to be signed and encrypted;
determining corresponding first target length information based on the message to be signed and encrypted, the first signature information and the second signature information;
acquiring first public key information and a target random value corresponding to a second user;
determining first information by using the first target length information, the first public key information and the target random value;
encrypting the message to be signed and encrypted according to the first information, the first signature information and the second signature information to obtain a first initial signing and encrypting result;
acquiring first elliptic curve point information corresponding to a target random value;
and determining a first mesh tag encryption result by using the first initial tag encryption result and the first elliptic curve point information.
14. An electronic device, comprising: a memory and a processor; wherein the content of the first and second substances,
a memory for storing a program;
a processor, coupled to the memory, for executing the program stored in the memory to:
acquiring a second target label density result from the first user;
extracting third elliptic curve point information and a second initial signcryption result from the second mesh signcryption result;
acquiring second private key information corresponding to a second user and second target length information corresponding to a second initial signcryption result;
determining second information by using the second private key information, the third elliptic curve point information and the second target length information;
decrypting the second initial signing and encrypting result according to the second information to obtain third signature information, fourth signature information and decryption information;
and determining a target de-signing and encrypting result by using the third signature information, the fourth signature information and the decrypting information.
15. A computer readable medium having stored thereon at least one instruction, at least one program, set of codes or set of instructions, which is loaded by a processor and which performs the data processing method according to SM2 as claimed in any one of claims 1 to 10 or claim 11.
CN202110470588.7A 2021-04-29 2021-04-29 SM 2-based data processing method and system and electronic equipment Active CN112994889B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110470588.7A CN112994889B (en) 2021-04-29 2021-04-29 SM 2-based data processing method and system and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110470588.7A CN112994889B (en) 2021-04-29 2021-04-29 SM 2-based data processing method and system and electronic equipment

Publications (2)

Publication Number Publication Date
CN112994889A CN112994889A (en) 2021-06-18
CN112994889B true CN112994889B (en) 2021-08-31

Family

ID=76336559

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110470588.7A Active CN112994889B (en) 2021-04-29 2021-04-29 SM 2-based data processing method and system and electronic equipment

Country Status (1)

Country Link
CN (1) CN112994889B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114760114B (en) * 2022-03-29 2024-03-12 微位(深圳)网络科技有限公司 Identity authentication method, device, equipment and medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8971528B2 (en) * 2013-01-29 2015-03-03 Certicom Corp. Modified elliptic curve signature algorithm for message recovery
CN111030823A (en) * 2019-10-24 2020-04-17 梁胤豪 Ultra-lightweight multi-signature data processing method and system and Internet of things platform
CN111314089B (en) * 2020-02-18 2023-08-08 数据通信科学技术研究所 SM 2-based two-party collaborative signature method and decryption method
CN111064583B (en) * 2020-03-17 2020-07-31 北京信安世纪科技股份有限公司 Threshold SM2 digital signature method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN112994889A (en) 2021-06-18

Similar Documents

Publication Publication Date Title
CN112822014B (en) Data processing method and device, electronic equipment and storage medium
CN111740828B (en) Key generation method, device and equipment and encryption and decryption method
CN109495249B (en) Data storage method of block chain system, node and block chain system
CN110391900B (en) Private key processing method based on SM2 algorithm, terminal and key center
US9973334B2 (en) Homomorphically-created symmetric key
KR101493212B1 (en) Method and system for id-based encryption and decryption
US20160149879A1 (en) Method for generating cryptographic "one-time pads" and keys for secure network communications
CN110851845A (en) Light-weight single-user multi-data all-homomorphic data packaging method
Stebila et al. Elliptic curve algorithm integration in the secure shell transport layer
US20070277043A1 (en) Methods for Generating Identification Values for Identifying Electronic Messages
Iavich et al. Comparison and hybrid implementation of blowfish, twofish and rsa cryptosystems
CN112994889B (en) SM 2-based data processing method and system and electronic equipment
CN112995215B (en) Decryption system, method, device, electronic equipment and storage medium
CN116707804B (en) Method and equipment for enhancing FF1 format reserved encryption security
CN114362912A (en) Identification password generation method based on distributed key center, electronic device and medium
EP2395698B1 (en) Implicit certificate generation in the case of weak pseudo-random number generators
CN116318636A (en) SM 2-based threshold signature method
KR102315560B1 (en) A generic transformation technique from public key encryption to public key encryption with equality test in the random oracle model
Kanickam et al. Comparative analysis of hash authentication algorithms and ECC based security algorithms in cloud data
CN107483387A (en) A kind of method of controlling security and device
Mantoro et al. Improving the security guarantees, authenticity and confidentiality in short message service of mobile applications
Kampanakis et al. Practical Challenges with AES-GCM and the need for a new cipher
CN113259094B (en) Universal hierarchical signature encryption system and construction method
Jain Enhancing security in Tokenization using NGE for storage as a service
CN115442102B (en) Equation test method based on SM9 algorithm

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant