CN113343259B - SM 2-based joint signature realization method and device, electronic equipment and storage medium - Google Patents

SM 2-based joint signature realization method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN113343259B
CN113343259B CN202110673626.9A CN202110673626A CN113343259B CN 113343259 B CN113343259 B CN 113343259B CN 202110673626 A CN202110673626 A CN 202110673626A CN 113343259 B CN113343259 B CN 113343259B
Authority
CN
China
Prior art keywords
register
data
random number
coprocessor
operation according
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110673626.9A
Other languages
Chinese (zh)
Other versions
CN113343259A (en
Inventor
王亚伟
李会同
唐艳明
张文婧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Hongsi Electronic Technology Co ltd
Original Assignee
Beijing Hongsi Electronic Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Hongsi Electronic Technology Co ltd filed Critical Beijing Hongsi Electronic Technology Co ltd
Priority to CN202110673626.9A priority Critical patent/CN113343259B/en
Publication of CN113343259A publication Critical patent/CN113343259A/en
Application granted granted Critical
Publication of CN113343259B publication Critical patent/CN113343259B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Abstract

The present application relates to the field of information security technologies, and in particular, to a method, an apparatus, an electronic device, and a storage medium for implementing a joint signature based on SM 2. In the application, the joint signature based on the SM2 protocol is realized, and the devices at both ends do not need to disclose any private key to the opposite end device, thereby improving the security of the joint signature.

Description

SM 2-based joint signature realization method and device, electronic equipment and storage medium
Technical Field
The present application relates to the field of information security technologies, and in particular, to a method, an apparatus, an electronic device, and a storage medium for implementing a joint signature based on SM 2.
Background
Currently, with the development of technology, internet and 5G technologies are also under rapid development, and it is ubiquitous that a conventional single device signs data. However, as a large number of internet of things devices exist in the internet, the existing way of signing data by a single device cannot meet certain specific scene requirements, so how to realize simultaneous authorization of multiple devices to complete data signing becomes a technical problem to be solved currently.
Disclosure of Invention
The application provides a joint signature realization method, a joint signature realization device, electronic equipment and a storage medium based on SM2, so as to realize joint signature of at least two pieces of equipment.
In a first aspect, a joint signature implementation method based on SM2 is provided, which is applied to a coprocessor including a first coprocessor and a second coprocessor, and includes the following steps:
step S1, a first coprocessor generates a first random number, performs point multiplication operation according to the first random number to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
generating a second random number by a second coprocessor, performing dot multiplication operation according to the second random number to obtain second coordinate data, and storing the second random number and the second coordinate data into a second register;
step S2, the first coprocessor receives the data in the second register sent by the second coprocessor, performs point addition operation according to the data in the first register and the data in the second register, and stores an obtained operation result into a third register;
the second coprocessor receives the data in the first register sent by the first coprocessor, performs point addition operation according to the data in the first register and the data in the second register, and stores an obtained operation result into a fourth register;
Step S3, the first coprocessor calculates according to the data in the third register and the data to be signed to obtain a first part of the signature value, and the first part of the obtained signature value is stored in a fifth register;
the second coprocessor carries out operation according to the data in the fourth register and the data to be signed to obtain a first signature value part, and the first signature value part is stored in a sixth register;
step S4, the first coprocessor performs operation according to the third random number in the thirteenth register and the data in the first register and the fifth register, and the obtained operation result is stored in a seventh register;
the second coprocessor performs operation according to the fourth random number in the fourteenth register and the data in the second register and the sixth register, and the obtained operation result is stored in the eighth register;
step S5, the first coprocessor receives the data in the eighth register sent by the second coprocessor, carries out operation according to the third random number in the thirteenth register and the data in the eighth register, and stores the obtained operation result into a ninth register;
the second coprocessor receives the data in the seventh register sent by the first coprocessor, performs operation according to the fourth random number in the fourteenth register and the data in the seventh register, and stores the obtained operation result into the tenth register;
Step S6, the first coprocessor receives the data in the tenth register sent by the second coprocessor, performs operation according to the data in the fifth register, the ninth register and the tenth register, and stores the obtained operation result into the eleventh register; according to the data in the eleventh register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a fifth register; outputting the signature value in the fifth register; or alternatively, the first and second heat exchangers may be,
the second coprocessor receives the data in the ninth register sent by the first coprocessor, performs operation according to the data in the sixth register, the ninth register and the tenth register, and stores the obtained operation result into the twelfth register; according to the data in the twelfth register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a sixth register; and outputting the signature value in the sixth register.
In one possible implementation manner, the step S1 includes:
the first coprocessor generates a first random number, performs dot multiplication operation according to the first random number and preset third coordinate data to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
And the second coprocessor generates a second random number, performs dot multiplication operation according to the second random number and preset third coordinate data to obtain second coordinate data, and stores the second random number and the second coordinate data into a second register.
In one possible implementation manner, the step S2 includes:
the first coprocessor receives data in the second register sent by the second coprocessor, performs point addition operation according to the first coordinate data in the first register and the second coordinate data in the second register, and stores the obtained fourth coordinate data in a third register;
the second coprocessor receives the data in the first register sent by the first coprocessor, performs point addition operation according to the data in the first register and the data in the second register, and stores an obtained operation result into a fourth register.
In one possible implementation manner, before the step S1, the method further includes:
step S10, the first coprocessor generates a third random number and stores the third random number into the thirteenth register;
the second coprocessor generates a fourth random number and stores the fourth random number into the fourteenth register;
Step S11, the first coprocessor receives a fourth random number sent by the second coprocessor, calculates according to the third random number, the fourth random number and preset third coordinate data to obtain a public key, and stores the obtained public key into the thirteenth register so as to perform signature verification processing on a signature value according to the public key; or alternatively, the first and second heat exchangers may be,
the second coprocessor receives the third random number sent by the first coprocessor, calculates according to the third random number, the fourth random number and preset third coordinate data to obtain a public key, and stores the obtained public key into a fourteenth register so as to carry out signature verification processing on the signature value according to the public key.
In a second aspect, there is provided an SM 2-based joint signature implementation apparatus, including:
the first processing module is used for generating a first random number, performing point multiplication operation according to the first random number to obtain first coordinate data, and storing the first random number and the first coordinate data into a first register;
the second processing module is used for generating a second random number, performing dot multiplication operation according to the second random number to obtain second coordinate data, and storing the second random number and the second coordinate data into a second register;
The third processing module is used for receiving the data in the second register sent by the second processing module, performing point addition operation according to the data in the first register and the data in the second register, and storing the obtained operation result into a third register;
the fourth processing module is used for receiving the data in the first register sent by the first processing module, performing point addition operation according to the data in the first register and the data in the second register, and storing the obtained operation result into a fourth register;
the fifth processing module is used for carrying out operation according to the data in the third register and the data to be signed to obtain a first part of the signature value, and storing the first part of the obtained signature value into a fifth register;
the sixth processing module is used for carrying out operation according to the data in the fourth register and the data to be signed to obtain a first part of the signature value, and storing the first part of the obtained signature value into a sixth register;
a seventh processing module, configured to perform an operation according to the third random number in the thirteenth register, the data in the first register and the fifth register, and store an obtained operation result into the seventh register;
The eighth processing module is used for performing operation according to the fourth random number in the fourteenth register, the second register and the data in the sixth register, and storing the obtained operation result into the eighth register;
a ninth processing module, configured to receive the data in the eighth register sent by the eighth processing module, perform an operation according to the third random number in the thirteenth register and the data in the eighth register, and store an obtained operation result in the ninth register;
a tenth processing module, configured to receive the data in the seventh register sent by the seventh processing module, perform an operation according to the fourth random number in the fourteenth register and the data in the seventh register, and store the obtained operation result in the tenth register;
the eleventh processing module is configured to receive the data in the tenth register sent by the tenth processing module, perform an operation according to the data in the fifth register, the ninth register, and the tenth register, and store an obtained operation result in the eleventh register; according to the data in the eleventh register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a fifth register; outputting the signature value in the fifth register; or, receiving the data in the ninth register sent by the ninth processing module, performing operation according to the data in the sixth register, the ninth register and the tenth register, and storing the obtained operation result in the twelfth register; according to the data in the twelfth register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a sixth register; the signature value in the sixth register is output.
In one possible implementation of this method,
the first processing module is used for generating a first random number, performing point multiplication operation according to the first random number and preset third coordinate data to obtain first coordinate data, and storing the first random number and the first coordinate data into a first register;
the second processing module is configured to generate a second random number, perform a dot product operation according to the second random number and preset third coordinate data to obtain second coordinate data, and store the second random number and the second coordinate data into a second register.
In one possible implementation of this method,
the third processing module is configured to receive the data in the second register sent by the second processing module, perform a point addition operation according to the first coordinate data in the first register and the second coordinate data in the second register, and store the obtained fourth coordinate data in a third register;
the fourth processing module is configured to receive the data in the first register sent by the first processing module, perform a point addition operation according to the first coordinate data in the first register and the second coordinate data in the second register, and store the obtained fourth coordinate data in the fourth register.
In one possible implementation, the method further includes:
a twelfth processing module, configured to generate a third random number, and store the third random number into the thirteenth register;
a thirteenth processing module, configured to generate a fourth random number, and store the fourth random number into the fourteenth register;
a fourteenth processing module, configured to receive the fourth random number sent by the thirteenth processing module, perform an operation according to the third random number, the fourth random number, and preset third coordinate data to obtain a public key, store the obtained public key in the thirteenth register, and perform signature verification processing on a signature value according to the public key; or, receiving the third random number sent by the twelfth processing module, performing operation according to the third random number, the fourth random number and preset third coordinate data to obtain a public key, and storing the obtained public key into a fourteenth register so as to perform signature verification processing on the signature value according to the public key.
In a third aspect, an electronic device is provided, comprising: a processor and a memory;
the memory is used for storing a computer program;
the processor is configured to execute the function of the first coprocessor in the SM 2-based joint signature implementation method by calling the computer program.
In a fourth aspect, there is provided an electronic device comprising: a processor and a memory;
the memory is used for storing a computer program;
the processor is configured to execute the function of the second coprocessor in the SM 2-based joint signature implementation method by calling the computer program.
In a fifth aspect, a computer readable storage medium is provided, where the computer readable storage medium is configured to store a computer program, which when executed on a computer, enables the computer to perform the functions of the first coprocessor or the second coprocessor in the SM 2-based joint signature implementation method.
By means of the technical scheme, the technical scheme provided by the application has at least the following advantages:
according to the method and the device for signing the public key, through the scheme, the joint signature based on the SM2 protocol is achieved, the devices at the two ends do not need to disclose any private key to the device at the opposite end, the security of the joint signature is improved, and corresponding signature verification processing can be achieved for any party acquiring the public key.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the application. Also, like reference numerals are used to designate like parts throughout the figures. In the drawings:
Fig. 1 is a schematic flow chart of a joint signature implementation method based on SM2 provided by the application;
fig. 2 is a schematic process flow diagram of one possible implementation of the SM 2-based joint signature implementation method provided by the present application;
fig. 3 is a schematic structural diagram of an SM 2-based joint signature implementation apparatus provided by the present application;
fig. 4 is a schematic structural diagram of an electronic device of the SM 2-based joint signature implementation method provided by the present application.
Detailed Description
The application provides a joint signature realization method, a joint signature realization device, electronic equipment and a storage medium based on SM2, and a detailed description of a specific embodiment of the application is provided below with reference to the accompanying drawings.
Embodiments of the present application are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are illustrative only and are not to be construed as limiting the application.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless expressly stated otherwise, as understood by those skilled in the art. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. The term "and/or" as used herein includes all or any element and all combination of one or more of the associated listed items.
It will be understood by those skilled in the art that all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs unless defined otherwise. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
For the purpose of making the objects, technical solutions and advantages of the present application more apparent, the embodiments of the present application will be described in further detail with reference to the accompanying drawings. The following embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments.
For the joint signature process based on the SM2 protocol in the technical scheme of the application, as the name implies, joint signature of at least two devices is carried out, so that the joint participation of the at least two devices is required in the signature value output process in the technical scheme; in the present application, both devices, a device and B device, are described. Of course, the signing process in which at least two devices participate together may be that the device a performs the signing process, and the device B provides a corresponding data support; the signature process can also be carried out by the equipment B, and the equipment A provides corresponding data support; it is also possible that the a device and the B device participate together to perform the whole signing process together.
In the following application, in the joint signature process based on the SM2 protocol, elliptic curve parameters of the SM2 are involved, including: third coordinate data G (G x ,G y ) First preset value n, first coordinate data Q 1 Second coordinate data Q 2 And fourth coordinate data Q 4 And a first random number k generated during signing 1 A second random number k 2 Third random number d 1 And a fourth random number d 2 There is also data e to be signed.
Based on the above parameters, as shown in fig. 1, a flow diagram of an SM 2-based joint signature implementation method provided by the present application is applied to a coprocessor including a first coprocessor and a second coprocessor, and includes the following steps:
step S1, a first coprocessor generates a first random number, performs point multiplication operation according to the first random number to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
generating a second random number by a second coprocessor, performing dot multiplication operation according to the second random number to obtain second coordinate data, and storing the second random number and the second coordinate data into a second register;
step S2, the first coprocessor receives the data in the second register sent by the second coprocessor, performs point addition operation according to the data in the first register and the data in the second register, and stores an obtained operation result into a third register;
The second coprocessor receives the data in the first register sent by the first coprocessor, performs point addition operation according to the data in the first register and the data in the second register, and stores an obtained operation result into a fourth register;
step S3, the first coprocessor calculates according to the data in the third register and the data to be signed to obtain a first part of the signature value, and the first part of the obtained signature value is stored in a fifth register;
the second coprocessor carries out operation according to the data in the fourth register and the data to be signed to obtain a first signature value part, and the first signature value part is stored in a sixth register;
step S4, the first coprocessor performs operation according to the third random number in the thirteenth register and the data in the first register and the fifth register, and the obtained operation result is stored in a seventh register;
the second coprocessor performs operation according to the fourth random number in the fourteenth register and the data in the second register and the sixth register, and the obtained operation result is stored in the eighth register;
step S5, the first coprocessor receives the data in the eighth register sent by the second coprocessor, carries out operation according to the third random number in the thirteenth register and the data in the eighth register, and stores the obtained operation result into a ninth register;
The second coprocessor receives the data in the seventh register sent by the first coprocessor, performs operation according to the fourth random number in the fourteenth register and the data in the seventh register, and stores the obtained operation result into the tenth register;
step S6, the first coprocessor receives the data in the tenth register sent by the second coprocessor, performs operation according to the data in the fifth register, the ninth register and the tenth register, and stores the obtained operation result into the eleventh register; according to the data in the eleventh register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a fifth register; outputting the signature value in the fifth register; or alternatively, the first and second heat exchangers may be,
the second coprocessor receives the data in the ninth register sent by the first coprocessor, performs operation according to the data in the sixth register, the ninth register and the tenth register, and stores the obtained operation result into the twelfth register; according to the data in the twelfth register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a sixth register; and outputting the signature value in the sixth register.
According to the method and the device for signing the public key, through the scheme, the joint signature based on the SM2 protocol is achieved, the devices at the two ends do not need to disclose any private key to the device at the opposite end, the security of the joint signature is improved, and corresponding signature verification processing can be achieved for any party acquiring the public key.
Based on the technical solution provided by the present application, the technical solution is explained in detail below, and as shown in fig. 2, a process flow diagram of one possible implementation manner of the SM 2-based joint signature implementation method provided by the present application is shown.
Step S21, the coprocessor generates a first random number and a second random number, performs point multiplication operation according to the first random number to obtain first coordinate data, performs point multiplication operation according to the second random number to obtain second coordinate data, and stores the first random number and the first coordinate data in the first register and the second random number and the second coordinate data in the second register.
In one possible implementation manner, the step S21 includes:
the coprocessor generates a first random number, performs dot multiplication operation according to the first random number and preset third coordinate data to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
In a specific embodiment, the processing at the a device is performed by the first coprocessor and the processing at the B device is performed by the second coprocessor because the processing at the corresponding positions of the a device and the B device are involved.
Specifically, the first coprocessor generates a first random number k at the A device 1 According to k 1 Third coordinate data G (G x ,G y ) Performing point multiplication operation to obtain first coordinate data Q 1 The first random number k 1 And first coordinate data Q 1 Storing the first data into a first register;
the coprocessor generates a second random number, performs dot multiplication operation according to the second random number and preset third coordinate data to obtain second coordinate data, and stores the second random number and the second coordinate data into a second register;
specifically, the second coprocessor generates a second random number k at the B device 2 According to k 2 Third coordinate data G (G x ,G y ) Performing point multiplication operation to obtain second coordinate data Q 2 Second random number k 2 And second coordinate data Q 2 And storing the data in a second register.
And S22, performing point addition operation by the coprocessor according to the data in the first register and the data in the second register, and storing the obtained operation result into the third register and the fourth register.
In one possible implementation, step S22 includes:
and the coprocessor performs point addition operation according to the first coordinate data in the first register and the second coordinate data in the second register to obtain fourth coordinate data, and stores the fourth coordinate data into the third register and the fourth register.
Specifically, the first coprocessor obtains the second coordinate data Q of the B device at the A device 2 According to the first coordinate data Q in the first register 1 The obtained second coordinate data Q 2 Performing point addition operation to obtain fourth coordinate data Q (x, y), and storing the fourth coordinate data Q (x, y) into a third register;
the second coprocessor obtains the first coordinate data Q of the A device at the B device 1 According to the second coordinate data Q in the second register 2 The obtained first coordinate data Q 1 And performing point addition operation to obtain fourth coordinate data Q (x, y), and storing the fourth coordinate data Q (x, y) into a fourth register.
And S23, the coprocessor carries out operation according to the data in the third register and the fourth register and the data to be signed to obtain a first part of the signature value, and the obtained first part of the signature value is stored in the fifth register and the sixth register.
In one possible implementation, step S23 includes:
The coprocessor performs point addition operation according to the data in the third register and the data to be signed, and stores the obtained first part of the signature value into a fifth register;
and the coprocessor performs point addition operation according to the data in the fourth register and the data to be signed, and stores the obtained first part of the signature value into the sixth register.
Specifically, the first coprocessor performs point addition operation on the equipment A according to the x coordinate value of fourth coordinate data Q in the third register and data e to be signed to obtain a first signature value part r, and stores the first signature value part r into a fifth register;
the second coprocessor performs point addition operation on the B equipment according to the x coordinate value of the fourth coordinate data Q in the fourth register and the data e to be signed to obtain a first signature value part r, and stores the first signature value part r into a sixth register;
if r is 0, the signature fails and an error notification message is returned; the signature value first portion r stored in the fifth register and the sixth register are identical.
And step S24, the coprocessor performs operation according to the third random number in the thirteenth register, the fourth random number in the fourteenth register, and the data in the first register, the second register, the fifth register and the sixth register, and stores the obtained operation result into the seventh register and the eighth register.
In one possible implementation, step S4 includes:
the coprocessor performs operation according to the third random number in the thirteenth register, the data in the first register and the data in the fifth register, and stores the obtained operation result into a seventh register;
the coprocessor performs operation according to the fourth random number in the fourteenth register, the data in the second register and the data in the sixth register, and stores the obtained operation result into the eighth register.
Specifically, the first coprocessor generates a third random number d in the thirteenth register in the A device 1 First random number k in first register 1 And the first part r of the signature value in the fifth register is operated to obtain a first operation value S '' 1 The obtained first operation value S' 1 The data is stored in a seventh register, specifically:
S′ 1 =2(1+d 1 ) -1 *k 1 +(1+d 1 ) -1 *r
the second coprocessor generates a fourth random number d in the fourteenth register in the B device 2 Second random number k in second register 2 And the first part r of the signature value in the sixth register is operated to obtain a second operation value S '' 2 The obtained second operation value S' 2 The data is stored in an eighth register, specifically:
S′ 2 =2(1+d 2 ) -1 *k 2 +(1+d 2 ) -1 *r
in step S25, the coprocessor performs an operation according to the third random number in the thirteenth register, the fourth random number in the fourteenth register, and the data in the seventh register and the eighth register, and stores the obtained operation result in the ninth register and the tenth register.
In one possible implementation, the first coprocessor obtains the second of the B device in the eighth register at the a deviceCalculation value S' 2 According to the second operation value S' 2 Third random number d 1 Performing an operation to obtain a third operation value S 1 The obtained third operation value S 1 The data is stored in a ninth register, specifically:
S″ 1 =S′ 2 *(1+d 1 ) -1 =2(1+d 2 ) -1 *(1+d 1 ) -1 *k 2 +(1+d 1 ) -1 *(1+d 2 ) -1 *r
=2(1+d) -1 *k 2 +(1+d) -1 *r
the second coprocessor obtains a first operation value S 'of the A device in the seventh register from the B device' 1 According to the first operation value S' 1 The fourth random number d2 is calculated to obtain a fourth calculation value S' 2 The obtained fourth operation value S 2 The data is stored in a tenth register, specifically:
S″ 2 =S′ 1 *(1+d 2 ) -1 =2(1+d 2 ) -1 *(1+d 1 ) -1 *k 1 +(1+d 1 ) -1 *(1+d 2 ) -1 *r=2(1+d) -1 *k 1 +(1+d) -1 *r
wherein d=d 1 +d 2 +d 1 d 2
In one possible implementation, the third operand S″ is performed 1 And a fourth operation value S 2 After the operation of (2), the first coprocessor obtains a fourth operation value S' of the B device in the tenth register in the A device 2 The second coprocessor obtains a third operation value S' of the A device in the ninth register from the B device 1
In step S26, the coprocessor performs an operation according to the data in the ninth register and the tenth register, and stores the obtained operation result in the eleventh register and the twelfth register.
In one possible implementation, step S26 includes:
The coprocessor performs operation according to the first part of the signature values in the ninth register, the tenth register and the fifth register, and stores the obtained operation result into the eleventh register;
and the coprocessor performs operation according to the first parts of the signature values in the ninth register, the tenth register and the sixth register, and stores the obtained operation result into the twelfth register.
Specifically, the fifth operation value S″ is calculated 1 And a sixth operand S 2 In the process, the two calculation processes are the same, and the result is the same, so that one of the first coprocessor and the second coprocessor can be arbitrarily calculated, and the following steps are adopted:
the first coprocessor uses the third operation value S' in the ninth register 1 Fourth operand S' in tenth register 2 And the first part r of the signature value in the fifth register is operated to obtain a fifth operation value S '' 1 The obtained fifth operation value S '' 1 Storing into an eleventh register; or alternatively, the process may be performed,
the second coprocessor is used for processing the third operation value S' in the ninth register 1 Fourth operand S' in tenth register 2 And the first part r of the signature value in the sixth register is operated to obtain a sixth operation value S '' 2 The obtained sixth operation value S '' 2 Storing into a twelfth register;
the method comprises the following steps:
S″′ 2 =S″′ 1 =S″ 1 +S″ 2 -2r=2(1+d) -1 *(k 1 +k 2 )+2(1+d) -1 *r-2r=2(1+d) -1 [k+r-(1+d)*r]
=2(1+d) -1 *(k-dr)
and step S27, the coprocessor carries out operation according to the data in the eleventh register or the twelfth register and the first preset value to obtain a second part of the signature value, and the obtained second part of the signature value is stored in the fifth register and the sixth register.
In one possible implementation, step S27 includes:
the coprocessor performs operation according to the data in the eleventh register and the first preset value to obtain a second signature value part, and the second signature value part is stored in a fifth register;
and the coprocessor performs operation according to the data in the twelfth register and the first preset value to obtain a second signature value part, and the second signature value part is stored in the sixth register.
Specifically, the first coprocessor is based on the fifth operand S 'in the eleventh register' 1 The first preset value n is operated to obtain a second signature value part s, and the second signature value part s is stored in a fifth register;
the method comprises the following steps:
s=(s″′+n)/2
the second part S of the signature value is calculated based on the fifth calculation value S '' 1 Or a sixth operand S '' 2 Therefore, if the fifth operation value S 'is operated by the first coprocessor' 1 Then the step continues with the operation of the signature value second portion s by the first coprocessor; similarly, if the sixth operand S ' is the sixth operand S ' calculated by the second coprocessor ' 2 The step continues with the second coprocessor operating on the second portion s of the signature value.
In step S28, the coprocessor outputs the signature values in the fifth register and the sixth register to perform signature processing.
In one possible implementation, the first portion r of the signature value and the second portion s of the signature value obtained by the foregoing operation are output by the first coprocessor or the second coprocessor to perform corresponding signature processing.
In one possible implementation manner of the present application, if signature verification is to be performed on the obtained signature value, a corresponding public key is also required, and the generation of the public key may be performed on the a device or the B device by the coprocessor, as in the generation of the signature value, and of course, the co-generation of the a device and the B device is required no matter which device is generated. Specifically, the generation of the public key occurs before the generation of the signature value, that is, the process occurs before step S1, as described in the following steps S10 to S14.
In one possible implementation manner, step S10, the coprocessor generates a third random number and a fourth random number, performs an operation according to the third random number, the fourth random number and preset third coordinate data to obtain a public key, stores the generated third random number and the obtained public key in a thirteenth register, and stores the generated fourth random number and the obtained public key in the fourteenth register, so as to perform signature verification processing on a signature value according to the public key.
In one possible implementation, the processing of step S10 may include the following processing of step S111 to step S114, specifically:
step S111, the coprocessor calculates a seventh operation value and an eighth operation value according to the generated third random number and fourth random number, stores the seventh operation value and the third random number into a thirteenth register, and stores the eighth operation value and the fourth random number into a fourteenth register;
specifically, the first coprocessor generates a third random number d at the A device 1 According to the third random number d 1 And third coordinate data G (G x ,G y ) The seventh operation value S is obtained by operation 1 The seventh operation value S obtained by the operation 1 And a third random number d 1 The data is stored in a thirteenth register, specifically:
S 1 =(d 1 +1)*G
The second coprocessor generates a fourth random number d in the B device 2 According to the fourth random number d 2 And third coordinate data G (G x ,G y ) Performing operation to obtain an eighth operation value S 2 The eighth operation value S obtained by operation 2 And a fourth random number d 2 The data is stored in a fourteenth register, specifically:
S 2 =(d 2 +1)*G
in step S112, the coprocessor determines whether the seventh operation value and the eighth operation value obtained by the operation satisfy the curve equation.
Specifically, the first coprocessor is inThe A device obtains an eighth operation value S of the B device in the fourteenth register 2 And determines the eighth operation value S 2 Whether the curve equation is satisfied, if so, go to step S113; otherwise, the flow ends.
Similarly, the second coprocessor obtains the seventh operation value S of the A device in the thirteenth register from the B device 1 And determines the seventh operation value S 1 Whether the curve equation is satisfied, if so, go to step S113; otherwise, the flow ends.
In step S113, the coprocessor performs public key operation according to the obtained operation value.
Specifically, the first coprocessor generates an eighth operand S in the A device according to the obtained fourteenth operand S in the fourteenth register 2 Third random number d in thirteenth register 1 And third coordinate data G (G x ,G y ) Performing operation to obtain a public key (x, y), and storing the public key (x, y) into a thirteenth register, specifically:
pubkey(x,y)=(d 1 +1)*S 2 -G=[(d 1 +1)*(d 2 +1)-1]*G=(d 1 +d 2 +d 1 d 2 )*G
Or alternatively, the process may be performed,
the second coprocessor generates a seventh operation value S in the thirteenth register according to the obtained operation value S in the B device 1 Fourth random number d in fourteenth register 2 And third coordinate data G (G x ,G y ) Performing operation to obtain a public key (x, y), and storing the public key (x, y) into a fourteenth register, specifically:
pubkey(x,y)=(d 2 +1)*S 1 -G=[(d 1 +1)*(d 2 +1)-1]*G=(d 1 +d 2 +d 1 d 2 )*G
in step S114, the coprocessor determines whether the coordinate value corresponding to the public key is an infinity point.
In one possible implementation, the first coprocessor determines on the a device whether the public key (x, y) in the thirteenth register is an infinity point, and if so, the public key generation fails; otherwise, the public key is successfully generated; or alternatively, the process may be performed,
the second coprocessor determines whether a public key (x, y) in a fourteenth register is an infinity point or not on the B device, and if so, the public key generation fails; otherwise, the public key generation is successful.
In one possible implementation, after obtaining the public key and the signature value, the coprocessor may perform signature verification processing on the signature value on either one of the a device and the B device.
According to the method and the device for signing the public key, through the scheme, the joint signature based on the SM2 protocol is achieved, the devices at the two ends do not need to disclose any private key to the device at the opposite end, the security of the joint signature is improved, and corresponding signature verification processing can be achieved for any party acquiring the public key.
Based on the technical scheme of the SM 2-based joint signature implementation method provided by the present application, the present application correspondingly provides a schematic structural diagram of an SM 2-based joint signature implementation device, as shown in fig. 3, an SM 2-based joint signature implementation device 300 of the present application may include:
the first processing module 301 is configured to generate a first random number, perform a dot product operation according to the first random number to obtain first coordinate data, and store the first random number and the first coordinate data into a first register;
the second processing module 302 is configured to generate a second random number, perform a dot product operation according to the second random number to obtain second coordinate data, and store the second random number and the second coordinate data into a second register;
a third processing module 303, configured to receive the data in the second register sent by the second processing module 302, perform a point addition operation according to the data in the first register and the data in the second register, and store an obtained operation result into a third register;
a fourth processing module 304, configured to receive the data in the first register sent by the first processing module 301, perform a point addition operation according to the data in the first register and the data in the second register, and store an obtained operation result into a fourth register;
A fifth processing module 305, configured to perform an operation according to the data in the third register and the data to be signed to obtain a first portion of the signature value, and store the first portion of the obtained signature value into a fifth register;
a sixth processing module 306, configured to perform an operation according to the data in the fourth register and the data to be signed to obtain a first portion of the signature value, and store the first portion of the obtained signature value into a sixth register;
a seventh processing module 307, configured to perform an operation according to the third random number in the thirteenth register, the data in the first register and the fifth register, and store the obtained operation result into the seventh register;
an eighth processing module 308, configured to perform an operation according to the fourth random number in the fourteenth register, the second register, and the data in the sixth register, and store the obtained operation result into the eighth register;
a ninth processing module 309, configured to receive the data in the eighth register sent by the eighth processing module 308, perform an operation according to the third random number in the thirteenth register and the data in the eighth register, and store the obtained operation result in the ninth register;
a tenth processing module 310, configured to receive the data in the seventh register sent by the seventh processing module 307, perform an operation according to the fourth random number in the fourteenth register and the data in the seventh register, and store the obtained operation result in the tenth register;
An eleventh processing module 311, configured to receive the data in the tenth register sent by the tenth processing module 310, perform an operation according to the data in the fifth register, the ninth register, and the tenth register, and store an obtained operation result in the eleventh register; according to the data in the eleventh register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a fifth register; outputting the signature value in the fifth register; or, receiving the data in the ninth register sent by the ninth processing module, performing operation according to the data in the sixth register, the ninth register and the tenth register, and storing the obtained operation result in the twelfth register; according to the data in the twelfth register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a sixth register; the signature value in the sixth register is output.
In one possible implementation of this method,
the first processing module 301 is configured to generate a first random number, perform a dot product operation according to the first random number and preset third coordinate data to obtain first coordinate data, and store the first random number and the first coordinate data into a first register;
The second processing module 302 is configured to generate a second random number, perform a dot product operation according to the second random number and preset third coordinate data to obtain second coordinate data, and store the second random number and the second coordinate data in a second register.
In one possible implementation of this method,
the third processing module 303 is configured to receive the data in the second register sent by the second processing module 302, perform a point addition operation according to the first coordinate data in the first register and the second coordinate data in the second register, and store the obtained fourth coordinate data in a third register;
the fourth processing module 304 is configured to receive the data in the first register sent by the first processing module 301, perform a dot-add operation according to the first coordinate data in the first register and the second coordinate data in the second register, and store the obtained fourth coordinate data in the fourth register.
In one possible implementation of this method,
in one possible implementation, the method further includes:
a twelfth processing module 312, configured to generate a third random number, and store the third random number into the thirteenth register;
A thirteenth processing module 313 for generating a fourth random number, and storing the fourth random number in the fourteenth register;
a fourteenth processing module 314, configured to receive the fourth random number sent by the thirteenth processing module 313, perform an operation according to the third random number, the fourth random number, and preset third coordinate data to obtain a public key, store the obtained public key in the thirteenth register, and perform signature verification processing on a signature value according to the public key; or, the third random number sent by the twelfth processing module 312 is received, a public key is obtained by performing operation according to the third random number, the fourth random number and preset third coordinate data, and the obtained public key is stored in a fourteenth register, so that signature verification processing is performed on the signature value according to the public key.
According to the method and the device for signing the public key, through the scheme, the joint signature based on the SM2 protocol is achieved, the devices at the two ends do not need to disclose any private key to the device at the opposite end, the security of the joint signature is improved, and corresponding signature verification processing can be achieved for any party acquiring the public key.
Referring now to fig. 4, a schematic diagram of an electronic device 400 suitable for use in implementing embodiments of the present application is shown. The electronic device may include, but is not limited to, a mobile terminal such as a mobile phone, a notebook computer, a digital broadcast receiver, a PDA (personal digital assistant), a PAD (tablet computer), a PMP (portable multimedia player), an in-vehicle terminal (e.g., in-vehicle navigation terminal), etc., and a stationary terminal such as a digital TV, a desktop computer, etc. The electronic device shown in fig. 4 is only an example and should not be construed as limiting the functionality and scope of use of the embodiments of the application.
As shown in fig. 4, the electronic device 400 may include a processing means (e.g., a central processing unit, a graphics processor, etc.) 401, which may perform various suitable actions and processes according to a program stored in a Read Only Memory (ROM) 402 or a program loaded from a storage means 408 into a Random Access Memory (RAM) 403. In the RAM 403, various programs and data necessary for the operation of the electronic device 400 are also stored. The processing device 401, the ROM 402, and the RAM 403 are connected to each other by a bus 404. An input/output (I/O) interface 405 is also connected to bus 404.
In general, the following devices may be connected to the I/O interface 405: input devices 406 including, for example, a touch screen, touchpad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; an output device 407 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 408 including, for example, magnetic tape, hard disk, etc.; and a communication device 409. The communication means 409 may allow the electronic device 400 to communicate with other devices wirelessly or by wire to exchange data. While fig. 4 shows an electronic device 400 having various means, it is to be understood that not all of the illustrated means are required to be implemented or provided. More or fewer devices may be implemented or provided instead.
In particular, according to embodiments of the present application, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present application include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method shown in the flowcharts. In such an embodiment, the computer program may be downloaded and installed from a network via communications device 409, or from storage 408, or from ROM 402. The above-described functions defined in the method of the embodiment of the present application are performed when the computer program is executed by the processing means 401.
The computer readable medium of the present application may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present application, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, fiber optic cables, RF (radio frequency), and the like, or any suitable combination of the foregoing.
The computer readable medium may be contained in the electronic device; or may exist alone without being incorporated into the electronic device.
The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: acquiring at least two internet protocol addresses; sending a node evaluation request comprising the at least two internet protocol addresses to node evaluation equipment, wherein the node evaluation equipment selects an internet protocol address from the at least two internet protocol addresses and returns the internet protocol address; receiving an Internet protocol address returned by the node evaluation equipment; wherein the acquired internet protocol address indicates an edge node in the content distribution network.
Alternatively, the computer-readable medium carries one or more programs that, when executed by the electronic device, cause the electronic device to: receiving a node evaluation request comprising at least two internet protocol addresses; selecting an internet protocol address from the at least two internet protocol addresses; returning the selected internet protocol address; wherein the received internet protocol address indicates an edge node in the content distribution network.
Computer program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (for example, through the Internet using an Internet service provider).
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units involved in the embodiments of the present application may be implemented in software or in hardware. The name of the unit does not in any way constitute a limitation of the unit itself, for example the first acquisition unit may also be described as "unit acquiring at least two internet protocol addresses".
The above description is only illustrative of the preferred embodiments of the present application and of the principles of the technology employed. It will be appreciated by persons skilled in the art that the scope of the disclosure referred to in the present application is not limited to the specific combinations of technical features described above, but also covers other technical features formed by any combination of the technical features described above or their equivalents without departing from the spirit of the disclosure. Such as the above-mentioned features and the technical features disclosed in the present application (but not limited to) having similar functions are replaced with each other.
The electronic device provided by the application is suitable for any embodiment of the joint signature implementation method based on SM2, and is not repeated here.
According to the method and the device for signing the public key, through the scheme, the joint signature based on the SM2 protocol is achieved, the devices at the two ends do not need to disclose any private key to the device at the opposite end, the security of the joint signature is improved, and corresponding signature verification processing can be achieved for any party acquiring the public key.
The present application provides a computer-readable storage medium storing a computer program that causes a computer to execute the SM 2-based joint signature implementation method shown in the above embodiment.
The computer readable storage medium provided by the present application is suitable for any embodiment of the above bluetooth device connection method, and will not be described herein.
According to the method and the device for signing the public key, through the scheme, the joint signature based on the SM2 protocol is achieved, the devices at the two ends do not need to disclose any private key to the device at the opposite end, the security of the joint signature is improved, and corresponding signature verification processing can be achieved for any party acquiring the public key.
It will be understood by those within the art that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. Those skilled in the art will appreciate that the computer program instructions can be implemented in a processor of a general purpose computer, special purpose computer, or other programmable data processing method, such that the blocks of the block diagrams and/or flowchart illustration are implemented by the processor of the computer or other programmable data processing method.
The modules of the device can be integrated into a whole or can be separately deployed. The modules can be combined into one module or further split into a plurality of sub-modules.
Those skilled in the art will appreciate that the drawing is merely a schematic representation of one preferred embodiment and that the modules or processes in the drawing are not necessarily required to practice the application.
Those skilled in the art will appreciate that modules in an apparatus of an embodiment may be distributed in an apparatus of an embodiment as described in the embodiments, and that corresponding changes may be made in one or more apparatuses different from the present embodiment. The modules of the above embodiments may be combined into one module, or may be further split into a plurality of sub-modules.
The above-described inventive sequence numbers are merely for the purpose of description and do not represent the advantages or disadvantages of the embodiments.
The foregoing disclosure is merely illustrative of some embodiments of the present application, and the present application is not limited thereto, as modifications may be made by those skilled in the art without departing from the scope of the present application.

Claims (8)

1. The joint signature implementation method based on SM2 is characterized by comprising the following steps:
step S1, a first coprocessor generates a first random number, performs point multiplication operation according to the first random number to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
Generating a second random number by a second coprocessor, performing dot multiplication operation according to the second random number to obtain second coordinate data, and storing the second random number and the second coordinate data into a second register;
step S2, the first coprocessor receives the data in the second register sent by the second coprocessor, performs point addition operation according to the data in the first register and the data in the second register, and stores an obtained operation result into a third register;
the second coprocessor receives the data in the first register sent by the first coprocessor, performs point addition operation according to the data in the first register and the data in the second register, and stores an obtained operation result into a fourth register;
step S3, the first coprocessor calculates according to the data in the third register and the data to be signed to obtain a first part of the signature value, and the first part of the obtained signature value is stored in a fifth register;
the second coprocessor carries out operation according to the data in the fourth register and the data to be signed to obtain a first signature value part, and the first signature value part is stored in a sixth register;
Step S4, the first coprocessor performs operation according to the third random number in the thirteenth register and the data in the first register and the fifth register, and the obtained operation result is stored in a seventh register;
the second coprocessor performs operation according to the fourth random number in the fourteenth register and the data in the second register and the sixth register, and the obtained operation result is stored in the eighth register;
step S5, the first coprocessor receives the data in the eighth register sent by the second coprocessor, carries out operation according to the third random number in the thirteenth register and the data in the eighth register, and stores the obtained operation result into a ninth register;
the second coprocessor receives the data in the seventh register sent by the first coprocessor, performs operation according to the fourth random number in the fourteenth register and the data in the seventh register, and stores the obtained operation result into the tenth register;
step S6, the first coprocessor receives the data in the tenth register sent by the second coprocessor, performs operation according to the data in the fifth register, the ninth register and the tenth register, and stores the obtained operation result into the eleventh register; according to the data in the eleventh register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a fifth register; outputting the signature value in the fifth register; or alternatively, the first and second heat exchangers may be,
The second coprocessor receives the data in the ninth register sent by the first coprocessor, performs operation according to the data in the sixth register, the ninth register and the tenth register, and stores the obtained operation result into the twelfth register; according to the data in the twelfth register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a sixth register; and outputting the signature value in the sixth register.
2. The method according to claim 1, wherein the step S1 includes:
the first coprocessor generates a first random number, performs dot multiplication operation according to the first random number and preset third coordinate data to obtain first coordinate data, and stores the first random number and the first coordinate data into a first register;
and the second coprocessor generates a second random number, performs dot multiplication operation according to the second random number and preset third coordinate data to obtain second coordinate data, and stores the second random number and the second coordinate data into a second register.
3. The method according to claim 1, wherein the step S2 includes:
The first coprocessor receives data in the second register sent by the second coprocessor, performs point addition operation according to the first coordinate data in the first register and the second coordinate data in the second register, and stores the obtained fourth coordinate data in a third register;
the second coprocessor receives the data in the first register sent by the first coprocessor, performs point addition operation according to the first coordinate data in the first register and the second coordinate data in the second register, and stores the obtained fourth coordinate data into a fourth register.
4. The method according to claim 1, further comprising, prior to step S1:
step S10, the first coprocessor generates a third random number and stores the third random number into the thirteenth register;
the second coprocessor generates a fourth random number and stores the fourth random number into the fourteenth register;
step S11, the first coprocessor receives a fourth random number sent by the second coprocessor, calculates according to the third random number, the fourth random number and preset third coordinate data to obtain a public key, and stores the obtained public key into the thirteenth register so as to perform signature verification processing on a signature value according to the public key; or alternatively, the first and second heat exchangers may be,
The second coprocessor receives the third random number sent by the first coprocessor, calculates according to the third random number, the fourth random number and preset third coordinate data to obtain a public key, and stores the obtained public key into a fourteenth register so as to carry out signature verification processing on the signature value according to the public key.
5. A SM 2-based joint signature realization apparatus, comprising:
the first processing module is used for generating a first random number, performing point multiplication operation according to the first random number to obtain first coordinate data, and storing the first random number and the first coordinate data into a first register;
the second processing module is used for generating a second random number, performing dot multiplication operation according to the second random number to obtain second coordinate data, and storing the second random number and the second coordinate data into a second register;
the third processing module is used for receiving the data in the second register sent by the second processing module, performing point addition operation according to the data in the first register and the data in the second register, and storing the obtained operation result into a third register;
the fourth processing module is used for receiving the data in the first register sent by the first processing module, performing point addition operation according to the data in the first register and the data in the second register, and storing the obtained operation result into a fourth register;
The fifth processing module is used for carrying out operation according to the data in the third register and the data to be signed to obtain a first part of the signature value, and storing the first part of the obtained signature value into a fifth register;
the sixth processing module is used for carrying out operation according to the data in the fourth register and the data to be signed to obtain a first part of the signature value, and storing the first part of the obtained signature value into a sixth register;
a seventh processing module, configured to perform an operation according to the third random number in the thirteenth register, the data in the first register and the fifth register, and store an obtained operation result into the seventh register;
the eighth processing module is used for performing operation according to the fourth random number in the fourteenth register, the second register and the data in the sixth register, and storing the obtained operation result into the eighth register;
a ninth processing module, configured to receive the data in the eighth register sent by the eighth processing module, perform an operation according to the third random number in the thirteenth register and the data in the eighth register, and store an obtained operation result in the ninth register;
a tenth processing module, configured to receive the data in the seventh register sent by the seventh processing module, perform an operation according to the fourth random number in the fourteenth register and the data in the seventh register, and store the obtained operation result in the tenth register;
The eleventh processing module is configured to receive the data in the tenth register sent by the tenth processing module, perform an operation according to the data in the fifth register, the ninth register, and the tenth register, and store an obtained operation result in the eleventh register; according to the data in the eleventh register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a fifth register; outputting the signature value in the fifth register; or, receiving the data in the ninth register sent by the ninth processing module, performing operation according to the data in the sixth register, the ninth register and the tenth register, and storing the obtained operation result in the twelfth register; according to the data in the twelfth register and the first preset value, calculating to obtain a second signature value part, and storing the second signature value part into a sixth register; the signature value in the sixth register is output.
6. An electronic device, comprising: a processor and a memory;
the memory is used for storing a computer program;
the processor is configured to execute the function of the first coprocessor in the SM 2-based joint signature implementation method according to any one of the preceding claims 1 to 4 by invoking the computer program.
7. An electronic device, comprising: a processor and a memory;
the memory is used for storing a computer program;
the processor is configured to execute the function of the second coprocessor in the SM 2-based joint signature implementation method according to any one of claims 1 to 4 by calling the computer program.
8. A computer readable storage medium, characterized in that the computer storage medium is for storing a computer program which, when run on a computer, causes the computer to perform the functions of the first co-processor or the second co-processor in the SM2 based joint signature implementation method as claimed in any one of the preceding claims 1 to 4.
CN202110673626.9A 2021-06-17 2021-06-17 SM 2-based joint signature realization method and device, electronic equipment and storage medium Active CN113343259B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110673626.9A CN113343259B (en) 2021-06-17 2021-06-17 SM 2-based joint signature realization method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110673626.9A CN113343259B (en) 2021-06-17 2021-06-17 SM 2-based joint signature realization method and device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113343259A CN113343259A (en) 2021-09-03
CN113343259B true CN113343259B (en) 2023-09-29

Family

ID=77475986

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110673626.9A Active CN113343259B (en) 2021-06-17 2021-06-17 SM 2-based joint signature realization method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113343259B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113676335B (en) * 2021-10-21 2021-12-28 飞天诚信科技股份有限公司 Method and device for realizing signature in security chip

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104243456A (en) * 2014-08-29 2014-12-24 中国科学院信息工程研究所 Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm
CN108055136A (en) * 2017-12-22 2018-05-18 上海众人网络安全技术有限公司 Endorsement method, device, computer equipment and storage medium based on elliptic curve
CN109309569A (en) * 2018-09-29 2019-02-05 北京信安世纪科技股份有限公司 The method, apparatus and storage medium of collaboration signature based on SM2 algorithm
CN111064583A (en) * 2020-03-17 2020-04-24 北京信安世纪科技股份有限公司 Threshold SM2 digital signature method and device, electronic equipment and storage medium
CN111130791A (en) * 2019-12-09 2020-05-08 飞天诚信科技股份有限公司 Data signature method, electronic device and computer readable storage medium
CN111901123A (en) * 2020-07-15 2020-11-06 浙江军盾信息科技有限公司 SM2 signature generation method, storage medium and terminal
WO2021012574A1 (en) * 2019-07-24 2021-01-28 深圳壹账通智能科技有限公司 Multisignature method, signature center, medium and electronic device
CN112632630A (en) * 2019-10-08 2021-04-09 航天信息股份有限公司 SM 2-based collaborative signature calculation method and device
CN112887097A (en) * 2019-11-29 2021-06-01 航天信息股份有限公司 Signature method based on SM2 elliptic curve, related device and storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2905922A1 (en) * 2014-02-10 2015-08-12 Thomson Licensing Signing method delivering a partial signature associated to a message, threshold signing method, signature verification method, and corresponding computer program and electronic devices
US11481761B2 (en) * 2018-06-03 2022-10-25 VVOW Company Limited Peer-to-peer cryptocurrency and crypto asset trading platform

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104243456A (en) * 2014-08-29 2014-12-24 中国科学院信息工程研究所 Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm
CN108055136A (en) * 2017-12-22 2018-05-18 上海众人网络安全技术有限公司 Endorsement method, device, computer equipment and storage medium based on elliptic curve
CN109309569A (en) * 2018-09-29 2019-02-05 北京信安世纪科技股份有限公司 The method, apparatus and storage medium of collaboration signature based on SM2 algorithm
WO2021012574A1 (en) * 2019-07-24 2021-01-28 深圳壹账通智能科技有限公司 Multisignature method, signature center, medium and electronic device
CN112632630A (en) * 2019-10-08 2021-04-09 航天信息股份有限公司 SM 2-based collaborative signature calculation method and device
CN112887097A (en) * 2019-11-29 2021-06-01 航天信息股份有限公司 Signature method based on SM2 elliptic curve, related device and storage medium
CN111130791A (en) * 2019-12-09 2020-05-08 飞天诚信科技股份有限公司 Data signature method, electronic device and computer readable storage medium
CN111064583A (en) * 2020-03-17 2020-04-24 北京信安世纪科技股份有限公司 Threshold SM2 digital signature method and device, electronic equipment and storage medium
CN111901123A (en) * 2020-07-15 2020-11-06 浙江军盾信息科技有限公司 SM2 signature generation method, storage medium and terminal

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Secret Sharing Based SM2 Digital Signature Generation using Homomorphic Encryption;Yihong Long 等;2019 15th International Conference on Computational Intelligence and Security (CIS);全文 *
基于SM2的双方共同签名协议及其应用;苏吟雪;田海博;;计算机学报(第04期);全文 *
安全的两方协作SM2签名算法;侯红霞;杨波;张丽娜;张明瑞;;电子学报(01);全文 *

Also Published As

Publication number Publication date
CN113343259A (en) 2021-09-03

Similar Documents

Publication Publication Date Title
US11711441B2 (en) Method and apparatus for publishing video synchronously, electronic device, and readable storage medium
CN111931962B (en) Information display method and device and electronic equipment
CN111459364B (en) Icon updating method and device and electronic equipment
CN111309304B (en) Method, device, medium and electronic equipment for generating IDL file
CN113343259B (en) SM 2-based joint signature realization method and device, electronic equipment and storage medium
CN111130791B (en) Data signature method, electronic device and computer readable storage medium
EP4134904A1 (en) Image special effect configuration method, image recognition method, apparatuses, and electronic device
CN111752644A (en) Interface simulation method, device, equipment and storage medium
CN113904773B (en) SSL connection establishment method, SSL connection establishment device, electronic equipment and computer readable storage medium
CN110602700A (en) Seed key processing method and device and electronic equipment
CN110765238A (en) Data encryption query method and device
CN112764629B (en) Augmented reality interface display method, device, equipment and computer readable medium
CN113138707B (en) Interaction method, interaction device, electronic equipment and computer-readable storage medium
CN114428925A (en) Page rendering method and device, electronic equipment and computer readable medium
CN111258582B (en) Window rendering method and device, computer equipment and storage medium
CN112242978B (en) Method and device for processing data
CN113518183A (en) Camera calling method and device and electronic equipment
CN111753238A (en) Data mapping method and device and electronic equipment
CN111596823A (en) Page display method and device and electronic equipment
CN113391860A (en) Service request processing method and device, electronic equipment and computer storage medium
CN116226888B (en) Power data interactive encryption method, system and equipment based on privacy protection
CN113742774B (en) Data processing method and device, readable medium and electronic equipment
CN110619218B (en) Method and apparatus for generating information
CN111290693B (en) Virtual keyboard generation method and device, electronic equipment and computer storage medium
CN111489286B (en) Picture processing method, device, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant