CN114499860A - Signature public key compression method and device, computer equipment and storage medium - Google Patents
Signature public key compression method and device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN114499860A CN114499860A CN202210283096.1A CN202210283096A CN114499860A CN 114499860 A CN114499860 A CN 114499860A CN 202210283096 A CN202210283096 A CN 202210283096A CN 114499860 A CN114499860 A CN 114499860A
- Authority
- CN
- China
- Prior art keywords
- public key
- signature
- value
- bit
- key compression
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000006835 compression Effects 0.000 title claims abstract description 119
- 238000007906 compression Methods 0.000 title claims abstract description 119
- 238000000034 method Methods 0.000 title claims abstract description 71
- 238000004422 calculation algorithm Methods 0.000 claims description 68
- 230000006837 decompression Effects 0.000 claims description 35
- 238000004364 calculation method Methods 0.000 claims description 29
- 238000007781 pre-processing Methods 0.000 claims description 8
- 238000004590 computer program Methods 0.000 claims description 4
- 238000012545 processing Methods 0.000 abstract description 5
- 238000010586 diagram Methods 0.000 description 8
- 238000012795 verification Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 230000001360 synchronised effect Effects 0.000 description 2
- PXFBZOLANLWPMH-UHFFFAOYSA-N 16-Epiaffinine Natural products C1C(C2=CC=CC=C2N2)=C2C(=O)CC2C(=CC)CN(C)C1C2CO PXFBZOLANLWPMH-UHFFFAOYSA-N 0.000 description 1
- 235000006719 Cassia obtusifolia Nutrition 0.000 description 1
- 235000014552 Cassia tora Nutrition 0.000 description 1
- 244000201986 Cassia tora Species 0.000 description 1
- 229910002056 binary alloy Inorganic materials 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of data processing, and provides a signature public key compression method, a device, computer equipment and a storage medium.
Description
Technical Field
The invention relates to the technical field of data processing, in particular to a signature public key compression method and device based on a cryptographic algorithm, computer equipment and a storage medium.
Background
With the development of computers and the internet, network and information security become a focus of current people. The digital signature technology is an important component in the field of information security, and plays an important role in identity authentication, data integrity, anonymity and the like. The digital signature technology is a method for identifying digital information, two complementary operations are required in the digital signature technology, one is used for signature and the other is used for verification, when the digital signature is verified, a public key is used for verifying the digital signature, whether the digital signature is valid or not is judged, but the public key usually occupies more than one thousand bits of storage space, pressure is caused on an application system, and the digital signature technology is not beneficial to verification of digital signature information.
Disclosure of Invention
Therefore, it is necessary to provide a signature public key compression method based on the cryptographic algorithm, a signature public key decompression method based on the cryptographic algorithm, a signature public key compression method apparatus based on the cryptographic algorithm, a signature public key decompression method apparatus based on the cryptographic algorithm, a computer device and a storage medium, so as to solve the problem that the storage public key of the application system is under high pressure.
A first aspect of the embodiments of the present application provides a signature public key compression method based on a cryptographic algorithm, including:
calculating to obtain a curve point coordinate based on a base point coordinate in digital signature request information sent by a user side;
according to a preset assignment rule, based on numerical information in the curve point coordinates, assigning a preset public key compression template to construct a public key compression signature value;
outputting the public key compressed signature value and a group of original signature values obtained in advance as a compression result; the public key compressed signature value is used for verifying the digital signature request information.
Further, the obtaining of the curve point coordinate by calculation based on the base point coordinate in the digital signature request information sent by the user side includes:
performing dot product value preprocessing on the coordinates of a base point in digital signature request information sent by a user side to obtain a first dot product value set;
and calculating to obtain the coordinates of the curve points based on the first point multiplication value set and any numerical value generated by the random number generator.
Further, the assigning a preset public key compression template based on the numerical information in the curve point coordinates according to a preset assignment rule to construct a public key compression signature value includes:
assigning different values to the first bit in the preset public key compression template based on the parity of the ordinate in the curve point coordinate to obtain the first bit value of the public key compression signature value;
assigning different values to a second bit in the preset public key compression template based on the size of the abstract of the digital signature request information obtained in advance and the abscissa in the curve point coordinates to obtain a second bit value of the public key compression signature value;
and constructing the public key compressed signature value based on the first digit value of the public key compressed signature value and the second digit value of the public key compressed signature value.
Further, the assigning different values to the first bit in the preset public key compression template based on the parity of the ordinate in the curve point coordinate to obtain the first bit value of the public key compression signature value includes:
when the ordinate in the curve point coordinate is an odd number, assigning a value of 0 to the first bit in the public key compression template;
and when the ordinate in the curve point coordinate is an even number, assigning a value of 1 to the first bit in the public key compression template.
Further, the assigning a different value to a second bit in the preset public key compression template based on the size of the obtained abstract of the digital signature request information and the abscissa in the coordinates of the curve point to obtain a second bit value of the public key compression signature value includes:
when the sum of the abstract of the digital signature request information and the abscissa in the coordinates of the curve points is larger than the order value of the base point, assigning a value of 1 to a second bit in the public key compression template;
and when the sum of the abstract of the digital signature request information and the abscissa in the coordinates of the curve point is not more than the order value of the base point, assigning a value of 0 to a second bit in the public key compression template.
A second aspect of the embodiments of the present application provides a signature public key decompression method based on a cryptographic algorithm, including:
based on the input public key compression signature value and a group of original signature values obtained in advance, obtaining a curve point coordinate through calculation;
and obtaining the public key through calculation based on the curve point coordinate according to a preset public key decompression formula.
A third aspect of the embodiments of the present application provides a signature public key compression method apparatus based on a cryptographic algorithm, including:
a calculation unit: calculating to obtain a curve point coordinate based on a base point coordinate in digital signature request information sent by a user side;
an assignment unit: according to a preset assignment rule, based on numerical information in the curve point coordinates, assigning a preset public key compression template to construct a public key compression signature value;
an output unit: outputting the public key compressed signature value and a group of original signature values obtained in advance as a compression result; the public key compressed signature value is used for verifying the digital signature request information.
A fourth aspect of the present invention provides a signature public key decompression method and apparatus based on a cryptographic algorithm, including:
an input unit: based on the input public key compression signature value and a group of original signature values obtained in advance, obtaining a curve point coordinate through calculation;
a decompression unit: and obtaining the public key through calculation based on the curve point coordinate according to a preset public key decompression formula.
A fifth aspect of an embodiment of the present application provides a computer device, including: the computer-readable instructions may be configured to cause the computer to perform the steps of a cryptographic algorithm based public signature key compression method, a cryptographic algorithm based public signature key decompression method, and a computer-readable medium stored in the memory and executable on the processor.
A sixth aspect of the embodiments of the present application provides a computer-readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the computer program implements the steps of the signature public key compression method based on the cryptographic algorithm and the signature public key decompression method based on the cryptographic algorithm.
The implementation of the signature public key compression method based on the national cryptographic algorithm provided by the embodiment of the application has the following beneficial effects:
the invention relates to the technical field of data processing, and provides a signature public key compression method based on a national cryptographic algorithm.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive labor.
FIG. 1 is a flowchart illustrating an implementation of a public signature key compression method based on a cryptographic algorithm according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating an implementation of a public signature key decompression method based on a cryptographic algorithm according to an embodiment of the present invention;
fig. 3 is a block diagram of a signature public key compression method apparatus based on a cryptographic algorithm according to an embodiment of the present application;
fig. 4 is a block diagram of a structure of a signature public key decompression method device based on a cryptographic algorithm according to an embodiment of the present application;
fig. 5 is a block diagram of a server-side device according to an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The signature public key compression method based on the national cryptographic algorithm and the signature public key decompression method based on the national cryptographic algorithm related by the embodiment of the application can be executed by a server side.
The signature public key compression method based on the state-secret algorithm and the signature public key decompression method based on the state-secret algorithm are applied to the technical field of data processing, so that data input by a user can be protected more safely.
Referring to fig. 1, fig. 1 is a flowchart illustrating an implementation of a public signature key compression method based on a cryptographic algorithm according to an embodiment of the present application.
As shown in fig. 1, a signature public key compression method based on a cryptographic algorithm includes:
s11: calculating to obtain a curve point coordinate based on a base point coordinate in digital signature request information sent by a user side;
in step S11, the digital signature request information sent by the user includes data to be signed and a digital signature based on a cryptographic algorithm, where the data to be signed includes parameters in an elliptic curve, an infinite base point and a base point order on the elliptic curve, and a pair of public and private keys, and a curve point coordinate is obtained by calculation based on an infinite base point coordinate on the elliptic curve.
In this embodiment, the digital signature algorithm is implemented by a signer, i.e., a message sender, to digitally sign data and then send the data to a verifier, and the verifier, i.e., a receiver, verifies the reliability of the signature, thereby performing identity authentication on the signer or determining the integrity of the received message data. When the user sends the digital signature request information, the user calculates the coordinates of the curve point according to the coordinates of the base point in the digital signature request information, where the coordinates of the curve point are in a multiple relation with the coordinates of the base point, so when obtaining the coordinates of the curve point, first of all, a numerical value is randomly selected, and the numerical value is an integer smaller than the order of the base point.
As an embodiment of the present application, step S11 includes:
performing dot product value preprocessing on the coordinates of a base point in digital signature request information sent by a user side to obtain a first dot product value set; and calculating to obtain the coordinates of the curve points based on the first point multiplication value set and any numerical value generated by the random number generator.
In this embodiment, when the curve point coordinates are calculated, the multiplication and addition operations in the number multiplication algorithm are applied, and the calculation complexity is high, so that the point multiplication value preprocessing is performed on the base point coordinates to obtain a first point multiplication value set, the point multiplication values of the base points from 1 to 255 in the first point multiplication value set are included, and when the multiplication operations are performed, the corresponding point multiplication values are directly selected from the first point multiplication value set and are directly calculated, so that the time for obtaining the curve point coordinates is saved.
It should be noted that, when preprocessing is performed on the base point coordinates, for any number value from 1 to 255, the any number value is converted into a binary number value, the point-by-point coordinates on the elliptic curve are calculated by using a binary expansion method, the binary length after binary expansion of the any number value is 256 bits at most, and in the preprocessing process, if the numbers of 0 and 1 in a binary of 256 bits are equal, the double-point operation will be run for 256 times, and the point-addition operation will be run for 128 times, so when the binary expansion number of the any number value is 256 bits, multiple times of double-point operation and multiple times of point-addition operation need to be performed. Therefore, all possible multiple point value sets are obtained in advance and used as a first point multiplication value set, and when the multiple points are calculated, corresponding results are selected from the first point multiplication value set.
For example, any number value generated by the random number generator is smaller than any number value of the order of the base point, the any number value is expanded into a binary number value, the coordinates of the curve point are calculated through a binary expansion method, in the circulating process, when a result of doubling the point is required to be obtained, the corresponding result is directly selected from the first point multiplication value set, and the circulation is continued until all binary systems are circulated.
It should be noted that, only the set of point multiplication values from 1 to 255 is included in the first set of point multiplication values, and when the coefficient of a point multiplication is greater than 255 in the process of circulation, the coefficient of a point multiplication is circulated again, for example, when the coefficient of a point multiplication is 128, when the next circulation is performed, the coefficient in the point multiplication operation becomes 256, and 256 is greater than the largest coefficient in the first set of point multiplication values, so that the point multiplication value with a coefficient of 1 is assigned to the point multiplication value with a coefficient of 256. And by analogy, obtaining a point doubling value of the last cycle, thereby obtaining a single coordinate of the curve.
It should be noted that, in the process of performing the number multiplication operation, the preprocessed value set of the point multiplication can also be obtained through the NAF point multiplication algorithm, and unlike the binary representation, the NAF representation has two characteristics: one may use-1 as the expansion coefficient; values where two are non-zero cannot be adjacent. In the calculation of the number multiplication on the elliptic curve, NAF form is used for expanding any numerical value, and the expanded Hamming weight can be reduced when the digits are close, so that the point addition calculation in the operation is reduced, and the calculation efficiency of the number multiplication is improved. For example: the binary representation of decimal number 123 is: 1111011. NAF is expressed as: 10000101Wherein1Represents-1.
In the process of carrying out the number multiplication operation, the preprocessed point multiplication value set can also be obtained by a multi-base chain method, the multi-base chain is an extension of the double-base chain, and the redundancy is relatively higher in the representation of the multi-base chain. Compared with other integer representation methods, the representation of the multi-radix chain has two characteristics: firstly, the length represented by the multi-base number chain is shorter; and secondly, the number of non-zero bits represented by the multi-base chain is less, namely the Hamming weight is smaller, so that the calculation times of point addition are reduced, the calculation complexity of the algorithm is reduced, the operation amount of the scalar multiplication algorithm is reduced, and the operation efficiency of the algorithm is improved. Greedy algorithms are typically employed in constructing a multi-base representation of an arbitrary number.
It should be noted that, when an elliptic curve equation is selected, different coordinate systems can be used to represent elliptic curve coordinates, which generally include affine coordinates, standard projective coordinates and jacobian coordinates, and the complexity of the point doubling operation and the point adding operation is different in different coordinate systems.
S12: according to a preset assignment rule, based on numerical information in the curve point coordinates, assigning a preset public key compression template to construct a public key compression signature value;
in step S12, the public key is compressed into the public key compression template, and the length of the public key compression template is much smaller than that of the public key, so as to perform a function of compressing the public key, and when the public key compression template is assigned, the public key compression template needs to be assigned according to a preset assignment rule, so as to facilitate decompression of the subsequent compressed public key, and after assignment of the public key compression template is completed, a public key compression signature value is obtained.
In this embodiment, a public key and a corresponding private key are generated based on the SM2 algorithm, where the public key is a coordinate in an elliptic curve, and is generally stored in a 16-ary manner at a server. The SM2 algorithm is an asymmetric encryption algorithm, the public key being public and the private key being secret. When the digital signature is verified, the generated signature information needs to be verified according to the public key, and due to the complexity of the public key, the public key needs to occupy a large storage space when being stored, which is not beneficial to the verification of the subsequent signature information. According to the compression of the public key, in the embodiment, the public key compression template is a binary template with two bits, the binary template is assigned according to a certain assignment rule to obtain a public key compression signature value, and most of 16-system public keys are compressed into two bits.
It should be noted that, the public key and the private key are generated simultaneously, an elliptic curve is determined first to generate a pair of keys, the public key is a point on the elliptic curve obtained by multiplying the private key by a base point, and when generating a public-private key pair, SM2KeyPair is represented as a JavaBean class of the SM2key pair. Within this class is the private member variable privateKey, which represents the private key of SM 2; there is also a private member variable publicKey, representing the public key of SM 2. The SM2KeyPair class object can obtain the private key and the public key respectively through a get method. In this interface, the generation of a key pair is achieved.
As an embodiment of the present application, step S12 includes:
assigning different values to the first bit in the preset public key compression template based on the parity of the ordinate in the curve point coordinate to obtain the first bit value of the public key compression signature value; assigning different values to a second bit in the preset public key compression template based on the size of the abstract of the digital signature request information obtained in advance and the abscissa in the curvilinear point coordinates to obtain a second bit value of the public key compression signature value; and constructing the public key compressed signature value based on the first digit value of the public key compressed signature value and the second digit value of the public key compressed signature value.
In this embodiment, the public key compression template is a two-bit binary template, and each bit in the binary template is assigned according to the corresponding assignment rule. When assigning a first bit, assigning the first bit according to the parity of a vertical coordinate in a curve point coordinate, and when the vertical coordinate in the curve point coordinate is an odd number, assigning a value of 0 to the first bit in the public key compression template; and when the ordinate in the curve point coordinate is an even number, assigning a value of 1 to the first bit in the public key compression template. Thereby obtaining the first bit value of the public key compression template.
When constructing the second digit value of the public key compression signature value, calculating to obtain the abstract of the request information according to the signature request information, then obtaining the second digit value of the public key compression signature value according to the abstract information, and when the sum of the abstract of the digital signature request information and the abscissa in the coordinates of the curve point is larger than the order value of the base point, assigning a value of 1 to the second digit in the public key compression template; and when the sum of the abstract of the digital signature request information and the abscissa in the coordinates of the curve point is not more than the order value of the base point, assigning a value of 0 to the second bit in the public key compression template.
When calculating the abstract, the SM3 algorithm is used, the SM3 algorithm structure is the Merkle-Da mgard structure, if the message is too long, the message is grouped into 512-bit slice with abstract length of 256 bits. The function state is compressed for 256 bits, for 64 operation steps.
In the aspect of message padding of the SM3 algorithm, the length of the original message (including the key and the initial message) is also smaller than 264 bits, and the padding method is to add a bit "1" to the last of the original message, then add k "0" s, and finally divide l +1+ k by 512 to obtain the remainder 448, which is the smallest non-negative integer. The length l of the original message is then identified by a 64-bit string. The padded message M is exactly a multiple of 512 bits. An example of SM3 hash algorithm message stuffing without keys is presented below to aid understanding. As an original message (without a key in this example, the "original message" is also the previous "initial message") is: 010101011110101111010100001 share a common 27-position, i.e., l-24. Firstly adding a bit 1 at the last of the original, wherein the total number of the bits is 28; 448-28 are reused to obtain '0' which needs to add 420 bits after the remake; then, the original message length "27" is represented by 64 bits, and the 64-bit value for identifying the original message length is obtained as follows: 000.. 00 (the former 59 bits "0") 11011. The entire message used to generate the digest after padding is 512 bits. Iterative compression is the key of the SM3 algorithm, and a first 512-bit message block is compressed into a bit string with a certain fixed length by using a corresponding compression function; then, the first 512-bit message block compressed fixed-length bit string (the specific length is related to the 512-bit block divided by the whole message), and the second 512-bit message block are compressed into a bit string with a certain fixed length by using a compression function; then the bit string is used as the input of the compression operation of the third 512-bit message block, and is compressed into a bit string with a certain fixed length by utilizing a compression function together with the third 512-bit message block, and so on; until the last 512-bit message is also compressed into a bit string of the same fixed length. Finally, all the fixed-length bit strings after the 512-bit message blocks are compressed are connected in series in sequence, namely the final abstract value
The abstract algorithm is also called as a hash algorithm and is based on the principle that data information with random length is imported, data information with determined length is exported, the same input signature request information always obtains the same output, and different imported data information obtains different exports as much as possible.
S13: and outputting the public key compressed signature value and a group of original signature values obtained in advance as a compression result.
In step S13, the compressed signature value and the original set of signature values obtained in advance are output as a compressed result, the original set of signature values obtained in advance is obtained by an original signature formula, the original set of signature values includes two pieces of signature information, the first piece of signature information is obtained by a signature calculation formula including digest information, curve point coordinate information, and the order of the base point, and the second piece of signature information is obtained by a signature calculation formula including a private key, an arbitrary value, the first piece of signature information, and the order of the base point. And after obtaining a group of original signature information, compressing the signature value with the public key to serve as new signature value information and outputting the new signature value information.
In this embodiment, when the first signature information in the original set of signature values is calculated, the sum of the digest value and the abscissa in the coordinates of the curve point is calculated first, then the sum of the digest value and the abscissa in the coordinates of the curve point is calculated, and the order value of the base point is complemented to obtain the first signature information in the original set of signature values.
It should be noted that, when calculating the original set of signature values, it is performed in the integer domain, so the addition in this step is carried out with carry, and the remainder operation is also performed in the integer domain.
When the second signature information in the original set of signature values is calculated, the second signature information is obtained through a signature formula containing a private key, any numerical value, the first signature information and the order of a base point, the signature formula comprises an inverse operation and a remainder operation, and the step is also carried out on an integer domain, namely the subtraction is normal subtraction, unlike the finite domain which can be used as an addition without carry, the inversion operation can be realized through a power exponent operation on the finite domain.
The original group of signature values and the public key compressed signature values obtained through calculation are output as new signature value information, and compared with the original group of signature values, the compressed value of the public key is increased, so that the purpose of public key compression is achieved.
Referring to fig. 2, fig. 2 is a flowchart illustrating an implementation of a public signature key decompression method based on a cryptographic algorithm according to an embodiment of the present application.
As shown in fig. 2, a signature public key decompression method based on a cryptographic algorithm includes:
s21: based on the input public key compression signature value and a group of original signature values obtained in advance, obtaining a curve point coordinate through calculation;
in step S21, the input public key compressed signature value is equal to the signature value output by the signature request information obtained in advance as the original set of signature values, and the curve point coordinates are obtained from the input public key compressed signature value and the original set of signature values obtained in advance.
In this embodiment, during the process of decompressing the public key, a curve point coordinate is obtained first, an abscissa of the curve point coordinate is obtained according to the public key compressed signature value and first signature information in the original set of signature values obtained first, and an ordinate of the curve point coordinate is obtained by bringing the abscissa of the curve point coordinate into an elliptic curve equation. And according to the obtained curve point coordinates, obtaining the number multiplication of any numerical value and the base point coordinates.
S22: and obtaining the public key through calculation based on the curve point coordinate according to a preset public key decompression formula.
In step S22, the parameter factors in the public key decompression formula are the input original set of signature values obtained in advance, and the coordinates of the curve points, the public key is split into formulas containing these parameters, and the decompressed value of the public key is obtained according to these parameters.
In this embodiment, the decompression formula of the public key is split into a parameter form with input known data, and the decompression formula of the public key is as follows (1):
P=dG=(s+r)^-1(kG+rG)-G (1)
wherein, P is a public key, d is a private key, G is a base point coordinate of an elliptic curve, ^ is an inverse operation, k is an arbitrary value smaller than the order of the base point, kG is a curve point coordinate, r is first signature information in an original set of signature values, and s is second signature information in the original set of signature values. kG is the coordinates of the curve point, which has been obtained by step S21, and r, S, G are data of known input, so the value of the public key can be obtained.
It should be noted that, when calculating the value of rG, similar to the step of multiplying a large number by the base point coordinate, as well as the step of multiplying any number value by the base point coordinate, the multiplication and addition operations in the applied multiplication algorithm have high calculation complexity, so that the base point coordinate is subjected to point multiplication value preprocessing to obtain a point multiplication value set equal to the value in the first point multiplication value set, and the point multiplication value set includes the base point multiplication values from 1 to 255.
When the public key is obtained through decompression, an original set of signature values obtained in advance is verified based on the value of the public key, if the verification result is equal to the generated original set of signature values, the verification is passed, and if the verification result is not equal to the generated original set of signature values, the verification is not passed, which indicates that the digital signature is not the digital signature request information sent by the appointed user side.
The invention relates to the technical field of data processing, and provides a signature public key compression method based on a national cryptographic algorithm.
Referring to fig. 3, fig. 3 is a block diagram of a device structure of a public signature key compression method based on a cryptographic algorithm according to an embodiment of the present disclosure. In this embodiment, the signature public key compression method apparatus based on the cryptographic algorithm includes 3 units for executing the steps in the embodiment corresponding to fig. 1, and refer to fig. 1 and the related description in the embodiment corresponding to fig. 1 specifically. For convenience of explanation, only the portions related to the present embodiment are shown. Referring to fig. 3, the signature public key compression method apparatus 30 based on the cryptographic algorithm includes: a calculation unit 31, an assignment unit 32, an output unit 33, wherein:
a calculating unit 31, configured to obtain a curve point coordinate through calculation based on a base point coordinate in the digital signature request information sent by the user end;
the assignment unit 32 is configured to assign a preset public key compression template based on the numerical information in the curve point coordinates according to a preset assignment rule, and construct a public key compression signature value;
and an output unit 33, configured to output the public key compressed signature value and a set of original signature values obtained in advance as a compression result.
As an embodiment of the present application, the calculating unit 31 is specifically configured to perform point-by-point value preprocessing on the coordinates of a base point in the digital signature request information sent by the user end to obtain a first point-by-point value set; and calculating to obtain the coordinates of the curve points based on the first point multiplication value set and any numerical value generated by the random number generator.
As an embodiment of the present application, the assigning unit 32 is specifically configured to assign different values to a first bit in the preset public key compression template based on parity of a vertical coordinate in the curve point coordinate, so as to obtain a first bit value of the public key compression signature value; assigning different values to a second bit in the preset public key compression template based on the size of the abstract of the digital signature request information obtained in advance and the abscissa in the curve point coordinates to obtain a second bit value of the public key compression signature value; constructing the public key compressed signature value based on the first digit value of the public key compressed signature value and the second digit value of the public key compressed signature value
As an embodiment of the present application, a signature public key compression method device 30 based on a cryptographic algorithm further includes:
the first execution unit 34: the public key compression template is used for assigning a value of 0 to the first bit in the public key compression template when the ordinate in the curve point coordinate is an odd number; and when the ordinate in the curve point coordinate is an even number, assigning a value of 1 to the first bit in the public key compression template.
The second execution unit 35: when the sum of the abstract of the digital signature request information and the abscissa in the coordinates of the curve point is larger than the order value of the base point, assigning a value of 1 to a second bit in the public key compression template; and when the sum of the abstract of the digital signature request information and the abscissa in the coordinates of the curve point is not more than the order value of the base point, assigning a value of 0 to a second bit in the public key compression template.
It should be understood that, in the structural block diagram of the signature public key compression method apparatus based on the cryptographic algorithm shown in fig. 3, each unit is used to execute each step in the embodiment corresponding to fig. 1, and for each step in the embodiment corresponding to fig. 1, the detailed explanation is already made in the above embodiment, and specific reference is made to fig. 1 and the related description in the embodiment corresponding to fig. 1, and details are not repeated here.
Referring to fig. 4, fig. 4 is a block diagram of a structure of a public signature key decompression method based on a cryptographic algorithm according to an embodiment of the present disclosure. In this embodiment, the decryption apparatus includes 2 units for executing the steps in the embodiment corresponding to fig. 2, and refer to fig. 2 and the related description in the embodiment corresponding to fig. 2. For convenience of explanation, only the portions related to the present embodiment are shown. Referring to fig. 4, the signature public key decompression method apparatus 40 based on the cryptographic algorithm includes: an input unit 41, a decompression unit 42, wherein:
an input unit 41, configured to obtain a curve point coordinate through calculation based on an input public key compression signature value and a set of original signature values obtained in advance;
and the decompression unit 42 is configured to obtain a public key through calculation based on the curve point coordinate according to a preset public key decompression formula.
It should be understood that, in the structural block diagram of the signature public key decompression method apparatus based on the cryptographic algorithm shown in fig. 4, each unit is used to execute each step in the embodiment corresponding to fig. 2, and for each step in the embodiment corresponding to fig. 2, the above embodiment is explained in detail, specifically please refer to fig. 2 and the related description in the embodiment corresponding to fig. 2, which is not described herein again.
In one embodiment, a computer device is provided, the computer device is a server, and the internal structure diagram of the computer device can be as shown in fig. 5. The computer device 50 includes a processor 51, an internal memory 53, and a network interface 54 connected by a system bus 52. Wherein the processor 51 of the computer device is used to provide computing and control capabilities. The memory of the computer device 50 includes a readable storage medium 55, an internal memory 53. The readable storage medium 55 stores an operating system 56, computer readable instructions 57, and a database 58. The internal memory 53 provides an environment for the operation of an operating system 56 and computer readable instructions 57 in the readable storage medium 55. The network interface 54 of the computer device 50 is used for communication with an external terminal through a network connection. The computer readable instructions 57, when executed by the processor 51, implement a public signature key compression and decompression method based on a cryptographic algorithm. The readable storage medium 55 provided by the present embodiment includes a nonvolatile readable storage medium and a volatile readable storage medium.
It will be understood by those of ordinary skill in the art that all or part of the processes of the methods of the above embodiments may be implemented by hardware related to computer readable instructions, which may be stored in a non-volatile readable storage medium or a volatile readable storage medium, and when executed, the computer readable instructions may include processes of the above embodiments of the methods. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not depart from the spirit and scope of the embodiments of the present invention, and they should be construed as being included therein.
Claims (10)
1. A signature public key compression method based on a national cryptographic algorithm is characterized by comprising the following steps:
calculating to obtain a curve point coordinate based on a base point coordinate in digital signature request information sent by a user side;
according to a preset assignment rule, based on numerical information in the curve point coordinates, assigning a preset public key compression template to construct a public key compression signature value; the public key compressed signature value is used for verifying the digital signature request information;
and outputting the public key compressed signature value and a group of original signature values obtained in advance as a compression result.
2. The public signature key compression method based on the cryptographic algorithm of claim 1, wherein the obtaining of the coordinates of the curve point by calculation based on the coordinates of the base point in the digital signature request message sent by the user side comprises:
performing dot product value preprocessing on the coordinates of a base point in digital signature request information sent by a user side to obtain a first dot product value set;
and calculating to obtain the coordinates of the curve points based on the first point multiplication value set and any numerical value generated by the random number generator.
3. The public signature key compression method based on the cryptographic algorithm of claim 1, wherein the step of assigning a preset public key compression template based on numerical information in coordinates of the curve points according to a preset assignment rule to construct a public key compression signature value comprises the steps of:
assigning different values to the first bit in the preset public key compression template based on the parity of the ordinate in the curve point coordinate to obtain the first bit value of the public key compression signature value;
assigning different values to a second bit in the preset public key compression template based on the size of the abstract of the digital signature request information obtained in advance and the abscissa in the curvilinear point coordinates to obtain a second bit value of the public key compression signature value;
and constructing the public key compressed signature value based on the first digit value of the public key compressed signature value and the second digit value of the public key compressed signature value.
4. The public signature key compression method based on the cryptographic algorithm of claim 3, wherein the step of assigning different values to the first bit in the preset public key compression template based on the parity of the ordinate in the coordinates of the curve point to obtain the first bit value of the public key compression signature value comprises the steps of:
when the ordinate in the curve point coordinate is an odd number, assigning a value of 0 to the first bit in the public key compression template;
and when the ordinate in the curve point coordinate is an even number, assigning a value of 1 to the first bit in the public key compression template.
5. The public signature key compression method based on the cryptographic algorithm of claim 3, wherein the obtaining of the second bit value of the public key compressed signature value by assigning a different value to the second bit in the preset public key compressed template based on the obtained digest of the digital signature request message and the size of the abscissa in the coordinates of the curve point comprises:
when the sum of the abstract of the digital signature request information and the abscissa in the coordinates of the curve points is larger than the order value of the base point, assigning a value of 1 to a second bit in the public key compression template;
and when the sum of the abstract of the digital signature request information and the abscissa in the coordinates of the curve point is not more than the order value of the base point, assigning a value of 0 to a second bit in the public key compression template.
6. A signature public key decompression method based on a national cryptographic algorithm is characterized by comprising the following steps:
based on the input public key compression signature value and a group of original signature values obtained in advance, obtaining a curve point coordinate through calculation;
and obtaining the public key through calculation based on the curve point coordinate according to a preset public key decompression formula.
7. A signature public key compression method device based on a national cryptographic algorithm is characterized in that,
a calculation unit: calculating to obtain a curve point coordinate based on a base point coordinate in digital signature request information sent by a user side;
an assignment unit: according to a preset assignment rule, based on numerical information in the curve point coordinates, assigning a preset public key compression template to construct a public key compression signature value;
an output unit: and outputting the public key compressed signature value and a group of original signature values obtained in advance as a compression result.
8. A signature public key decompression method device based on the national cryptographic algorithm is characterized in that,
an input unit: based on the input public key compression signature value and a group of original signature values obtained in advance, obtaining a curve point coordinate through calculation;
a decompression unit: and obtaining the public key through calculation based on the curve point coordinate according to a preset public key decompression formula.
9. A computer device comprising a memory, a processor and computer readable instructions stored in the memory and executable on the processor, wherein the processor when executing the computer readable instructions implements the steps of the cryptographic algorithm based public signature key compression method according to any one of claims 1-5 or implements the cryptographic algorithm based public signature key decompression method according to claim 6.
10. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, carries out the steps of the cryptographic algorithm based public signature key compression method according to any one of claims 1 to 5, or carries out the steps of the cryptographic algorithm based public signature key decompression method according to claim 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210283096.1A CN114499860A (en) | 2022-03-22 | 2022-03-22 | Signature public key compression method and device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210283096.1A CN114499860A (en) | 2022-03-22 | 2022-03-22 | Signature public key compression method and device, computer equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114499860A true CN114499860A (en) | 2022-05-13 |
Family
ID=81488955
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210283096.1A Pending CN114499860A (en) | 2022-03-22 | 2022-03-22 | Signature public key compression method and device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114499860A (en) |
Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2002072875A (en) * | 2000-08-28 | 2002-03-12 | Sangikyou:Kk | Digital signature method |
| CN1669266A (en) * | 2002-06-05 | 2005-09-14 | 法国电信公司 | Method and system for verifying electronic signatures and microcircuit card for carrying out said method |
| US20140211938A1 (en) * | 2013-01-29 | 2014-07-31 | Certicom Corp. | Modified elliptic curve signature algorithm for message recovery |
| CN104852805A (en) * | 2015-05-11 | 2015-08-19 | 中国科学院软件研究所 | SM2 signature algorithm protection method for resisting error attack based on lattice |
| CN105933101A (en) * | 2016-03-31 | 2016-09-07 | 东南大学 | Fully homomorphic encryption public key compression method based on parameter high power offset |
| KR20180046492A (en) * | 2016-10-28 | 2018-05-09 | (주)토탈소프트뱅크 | Security system for selling and using e-training contents |
| CN109905241A (en) * | 2019-01-24 | 2019-06-18 | 中国科学院信息工程研究所 | A kind of short encoding of chinese characters of curve public key, coding/decoding method |
| CN110086630A (en) * | 2019-04-23 | 2019-08-02 | 陕西师范大学 | Generation method based on Margaret Edwards Curve Digital Signature |
| CN110391900A (en) * | 2019-07-04 | 2019-10-29 | 晋商博创(北京)科技有限公司 | Private key processing method, terminal and cipher key center based on SM2 algorithm |
| US20200266999A1 (en) * | 2019-02-15 | 2020-08-20 | International Business Machines Corporation | Compute digital signature authentication sign with encrypted key instruction |
| CN111614469A (en) * | 2020-05-27 | 2020-09-01 | 深圳壹账通智能科技有限公司 | Digital signature generation method, device, equipment and storage medium |
| US10778428B1 (en) * | 2019-05-31 | 2020-09-15 | Allibaba Group Holding Limited | Method for restoring public key based on SM2 signature |
| CN111835518A (en) * | 2020-07-10 | 2020-10-27 | 中金金融认证中心有限公司 | Error injection method and system in security evaluation of elliptic curve public key cryptographic algorithm |
| CN112118100A (en) * | 2020-09-16 | 2020-12-22 | 建信金融科技有限责任公司 | Improved linkable ring signature method, verification method and device |
| CN112367175A (en) * | 2020-11-12 | 2021-02-12 | 西安电子科技大学 | Implicit certificate key generation method based on SM2 digital signature |
| CN113158176A (en) * | 2021-06-02 | 2021-07-23 | 工业信息安全(四川)创新中心有限公司 | Public key analysis method, device, equipment and storage medium based on SM2 signature |
-
2022
- 2022-03-22 CN CN202210283096.1A patent/CN114499860A/en active Pending
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2002072875A (en) * | 2000-08-28 | 2002-03-12 | Sangikyou:Kk | Digital signature method |
| CN1669266A (en) * | 2002-06-05 | 2005-09-14 | 法国电信公司 | Method and system for verifying electronic signatures and microcircuit card for carrying out said method |
| US20140211938A1 (en) * | 2013-01-29 | 2014-07-31 | Certicom Corp. | Modified elliptic curve signature algorithm for message recovery |
| CN104852805A (en) * | 2015-05-11 | 2015-08-19 | 中国科学院软件研究所 | SM2 signature algorithm protection method for resisting error attack based on lattice |
| CN105933101A (en) * | 2016-03-31 | 2016-09-07 | 东南大学 | Fully homomorphic encryption public key compression method based on parameter high power offset |
| KR20180046492A (en) * | 2016-10-28 | 2018-05-09 | (주)토탈소프트뱅크 | Security system for selling and using e-training contents |
| CN109905241A (en) * | 2019-01-24 | 2019-06-18 | 中国科学院信息工程研究所 | A kind of short encoding of chinese characters of curve public key, coding/decoding method |
| US20200266999A1 (en) * | 2019-02-15 | 2020-08-20 | International Business Machines Corporation | Compute digital signature authentication sign with encrypted key instruction |
| CN110086630A (en) * | 2019-04-23 | 2019-08-02 | 陕西师范大学 | Generation method based on Margaret Edwards Curve Digital Signature |
| US10778428B1 (en) * | 2019-05-31 | 2020-09-15 | Allibaba Group Holding Limited | Method for restoring public key based on SM2 signature |
| CN110391900A (en) * | 2019-07-04 | 2019-10-29 | 晋商博创(北京)科技有限公司 | Private key processing method, terminal and cipher key center based on SM2 algorithm |
| CN111614469A (en) * | 2020-05-27 | 2020-09-01 | 深圳壹账通智能科技有限公司 | Digital signature generation method, device, equipment and storage medium |
| CN111835518A (en) * | 2020-07-10 | 2020-10-27 | 中金金融认证中心有限公司 | Error injection method and system in security evaluation of elliptic curve public key cryptographic algorithm |
| CN112118100A (en) * | 2020-09-16 | 2020-12-22 | 建信金融科技有限责任公司 | Improved linkable ring signature method, verification method and device |
| CN112367175A (en) * | 2020-11-12 | 2021-02-12 | 西安电子科技大学 | Implicit certificate key generation method based on SM2 digital signature |
| CN113158176A (en) * | 2021-06-02 | 2021-07-23 | 工业信息安全(四川)创新中心有限公司 | Public key analysis method, device, equipment and storage medium based on SM2 signature |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111628868B (en) | Digital signature generation method and device, computer equipment and storage medium | |
| JP5373026B2 (en) | Enhanced verification of digital signatures and public keys | |
| US8184803B2 (en) | Hash functions using elliptic curve cryptography | |
| KR970064059A (en) | Data encryption method and device | |
| KR101768605B1 (en) | Data transmission apparatus and method for non-repudiation of the transmission message | |
| JP6884284B2 (en) | White box calculation of keyed message authentication code | |
| CN113407976B (en) | Digital signature method, signature information verification method, related device and electronic equipment | |
| EP2991264B1 (en) | Encrypted text matching system, method and program | |
| JP6044738B2 (en) | Information processing apparatus, program, and storage medium | |
| US12074985B2 (en) | Method and system for digital signatures utilizing multiplicative semigroups | |
| CN112184441A (en) | Data processing method, data processing device, node equipment and storage medium | |
| CN116318660A (en) | Message expansion and compression method and related device | |
| CN114629622B (en) | FPGA-based national cryptographic algorithm accelerated operation control method and device | |
| Kampanakis et al. | LMS vs XMSS: Comparion of two hash-based signature standards | |
| EP2991265B1 (en) | Encrypted text matching system, method and program | |
| CN111404892A (en) | Data supervision method and device and server | |
| US9900146B2 (en) | Encrypted text matching system, method, and computer readable medium | |
| JP2017126970A (en) | Shared key generation program, shared key generation method and information processing terminal | |
| CN111967026A (en) | Method and device for encrypting and decrypting redemption code and computer equipment | |
| CN111931204A (en) | Encryption and de-duplication storage method and terminal equipment for distributed system | |
| CN114499860A (en) | Signature public key compression method and device, computer equipment and storage medium | |
| CN115834058A (en) | Communication encryption method and device and computer equipment | |
| JPH06130897A (en) | Digital data compression equipment | |
| CN112084523A (en) | Text encryption method and device, terminal equipment and storage medium | |
| CN112634092A (en) | Contract authentication method and device based on block chain and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |