CN116260572B - Data hash processing method, data verification method and electronic equipment - Google Patents
Data hash processing method, data verification method and electronic equipment Download PDFInfo
- Publication number
- CN116260572B CN116260572B CN202310145985.6A CN202310145985A CN116260572B CN 116260572 B CN116260572 B CN 116260572B CN 202310145985 A CN202310145985 A CN 202310145985A CN 116260572 B CN116260572 B CN 116260572B
- Authority
- CN
- China
- Prior art keywords
- word
- data
- message
- round
- words
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 99
- 238000013524 data verification Methods 0.000 title claims abstract description 25
- 238000003672 processing method Methods 0.000 title abstract description 11
- 238000007906 compression Methods 0.000 claims abstract description 111
- 230000006835 compression Effects 0.000 claims abstract description 111
- 230000008569 process Effects 0.000 claims abstract description 45
- 238000012545 processing Methods 0.000 claims abstract description 36
- 238000013144 data compression Methods 0.000 claims abstract description 17
- 230000011218 segmentation Effects 0.000 claims abstract description 10
- 238000004422 calculation algorithm Methods 0.000 claims description 35
- 238000003860 storage Methods 0.000 claims description 20
- 238000004590 computer program Methods 0.000 claims description 13
- 238000013502 data validation Methods 0.000 claims 1
- 230000006870 function Effects 0.000 description 19
- 238000010586 diagram Methods 0.000 description 11
- 238000006467 substitution reaction Methods 0.000 description 8
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 5
- 238000004364 calculation method Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 230000007480 spreading Effects 0.000 description 3
- 238000003892 spreading Methods 0.000 description 3
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Compression, Expansion, Code Conversion, And Decoders (AREA)
Abstract
The application provides a data hash processing method, a data verification method and electronic equipment. The method obtains the appointed number of data segments and the message words corresponding to the data segments by carrying out segmentation processing on the data to be processed. For each data segment, performing multiple rounds of compression operation on the target register value based on the message word of the data segment. And in the compression operation flow of each round, obtaining second register data corresponding to the round by carrying out data compression on the first register value and the message expansion word. And determining the hash value according to the second register value obtained in the last round of each data segment. In the compression operation process, the content of the expansion word sequence stored in the register is updated every specified round number, so that the message expansion words participating in the operation of each round are stored in the register. Compared with the traditional compression operation flow, the method has the advantages that all expansion words participating in the operation do not need to be calculated in advance and stored in a stack, so that the problem that the expansion words can be stolen is avoided.
Description
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a data hash processing method, a data verification method, and an electronic device.
Background
The cryptographic hash algorithm SM3 is a typical hash algorithm, which performs hash operation on data to be processed to obtain a corresponding hash value, and then performs subsequent processing such as digital signature, authentication, integrity protection, and the like on the data to be processed based on the hash value. The algorithm is widely applied to numerous scenes such as cloud storage, edge computing, online banking transaction systems, enterprise data security storage and the like.
After the overall flow of the SM3 algorithm mainly fills the data to be processed to an integer multiple of 512 bits, the filled data are grouped by 512 bits. Splitting every 32 bits for each group of data results in 16 message words corresponding to each group. Next, the 16 message words are expanded by a message expansion algorithm, resulting in 132 message expansion words. And performing 64 rounds of iterative compression operation based on the 132 message expansion words and the initial register value specified by the algorithm to obtain a hash value of the data to be processed.
Since the SM3 algorithm is commonly used for the integrity check function, the bottom layer supports a hash function, the message extension words described above have key information for security check. The conventional SM3 algorithm needs to calculate 132 message extension words in advance in the 64-round compression operation flow, and the message extension words are stored in the stack to take out the message extension words corresponding to the round from the stack for operation in each round. This results in the possibility of theft of the message extension, which in turn leads to the problem of revealing the key.
Disclosure of Invention
The embodiment of the application provides a data hash processing method, a data verification method and electronic equipment. The method is used for optimizing the iterative compression operation flow of the SM3 algorithm, and the problem that the expansion word can be stolen is avoided by updating the expansion word sequence in the compression operation process.
In order to achieve the above purpose, the technical solution of the embodiments of the present application is implemented as follows:
in a first aspect, an embodiment of the present application provides a data hash processing method, where the method includes:
carrying out segmentation processing on data to be processed based on a cryptographic hash algorithm SM3 to obtain a specified number of data segments and message words corresponding to the data segments; the data length of each data segment is the same, and the message word is obtained by performing digital processing on the data segments;
performing multiple rounds of first compression operation on the target register value of the data segment based on the message word; data compression is carried out on the first register value and the message expansion word in the first compression operation process of each round to obtain a second register value corresponding to the round; the method comprises the steps that message expansion words of each round are selected from expansion word sequences stored in a register, the expansion word sequences are obtained by carrying out data expansion on the message words, content updating is carried out on the expansion word sequences every other designated round in the process of multiple rounds of first compression operation, and the word numbers of the expansion word sequences before and after updating are the same;
And determining the hash value of the data to be processed according to the second register value obtained in the last round in the first compression operation process of the data segment.
In the embodiment of the application, the data to be processed is subjected to segmentation processing through an SM3 algorithm to obtain a specified number of data segments and message words corresponding to the data segments. For each data segment, performing multiple rounds of compression operation on the target register value based on the message word of the data segment. The target register value is obtained according to a register initial value specified by an SM3 algorithm, and second register data corresponding to the round is obtained by carrying out data compression on the first register value and the message expansion word in each round of compression operation flow. And determining the hash value according to the second register value obtained in the last round of each data segment. In the compression operation process, the content of the expansion word sequence stored in the register is updated every specified round number, so that the message expansion word participating in the operation in each round is stored in the register. Compared with the traditional compression operation flow, the method has the advantages that all expansion words participating in the operation do not need to be calculated in advance and stored in a stack, so that the problem that the expansion words can be stolen is avoided.
In some possible embodiments, the target register value is determined from a register initial value specified by the SM 3; the first register value of the first round is the target register value, and the first register value of the non-first round is the second register value of the previous round.
In the process of multiple rounds of first compression operation, the first register value of each round of participation operation is determined by the following manner: in the first round of operation, the target register value is taken as the first register value of the round of participation operation. In a non-first round of operation, the second register value of the previous round is taken as the first register value of the round of participation operation.
The second register value of each round is obtained by data compression through the first register value of the current round and the message expansion word, so that the register values participating in operation of each round are different, and the safety of data hashing is improved.
In some possible embodiments, the target register value is obtained by:
performing a plurality of rounds of second compression operation on the initial value of the register based on the message word; data compression is carried out on the third register value and the target message word in the second compression operation process of each round, and a fourth register value corresponding to the round is obtained; wherein the first round of third register values are the initial values of the registers, and the non-first round of third register values are the fourth register values of the previous round; the target message word of each round is selected from the message words, and the target message word of each round is unique;
And taking the fourth register value obtained in the last round in the second compression operation process of the data segment as the target register value.
In the process of the second compression operation of multiple rounds, the register value obtained in the previous round in each round of the second compression operation is subjected to data compression with the target message word corresponding to the round until the last round is finished, and the register value obtained in the last round is used as the target register value. The obtained target register value has higher data security and is convenient for subsequent data hash operation.
In some possible embodiments, the message word corresponding to the data segment is X 0 ~X 15 Sequence number X of any message word n Is determined from the position of the message word in the data segment, n.epsilon.0, 15]Is an integer of (a).
In some possible embodiments, in the multiple rounds of the second compression operation, the sequence number of the target message word of the ith round is X i And X i+4 ,i∈[0,11]Is an integer of (a).
In the embodiment of the application, the number of the message words corresponding to each data segment is 16, and the corresponding serial numbers are arranged on the message words according to the positions in the data segments, so that the unique target message words participating in the second compression operation in each round can be ensured by setting the relation between the second compression operation in each round and the serial numbers of the message words.
In some possible embodiments, the sequence of extension words includes a predetermined number of message extension words, any message extension word corresponds to a unique sequence number, and the sequence number is determined according to a position of the message extension word in the sequence of extension words;
in the process of the first compression operation of the plurality of rounds, the content of the extended word sequence is updated by the following modes:
acquiring words to be processed which participate in updating, and grouping each word to be processed based on a preset grouping rule; the word to be processed which participates in updating for the first time is a message word corresponding to the data segment; the word to be processed which does not participate in updating for the first time is all message extension words in the current extension word sequence;
vector stitching is carried out on each group of words to be processed to obtain a corresponding stitching result of the group, and exclusive-or operation is carried out on each stitching result to obtain a target word vector corresponding to each stitching result;
an updated sequence of expanded words is determined based on the target word vector.
In the embodiment of the present application, a word to be processed is periodically obtained during a plurality of rounds of first compression operation, where sources of the word to be processed are as follows: the word to be processed which participates in updating for the first time is a message word corresponding to the data segment, and the word to be processed which does not participate in updating for the first time is a message extension word in the current extension word sequence. In this way, the word to be processed is grouped and vector splicing is carried out through a preset grouping rule, and a target word vector corresponding to the current round can be obtained. And then determining an extended word sequence corresponding to the current round based on the target word vector, thereby ensuring that the extended word sequence participating in the first compression operation is in a continuously updated state, and the data participating in the operation cannot be repeated.
In some possible embodiments, the method further comprises:
if the word to be processed is all the message extension words in the current extension word sequence, before the content of the extension word sequence is updated, assigning the message extension word with the first sequence number in the message extension word sequence to the message extension word with the second sequence number.
When the current extended word sequence is updated through the word to be processed, if the word to be processed which is currently acquired is all the message extended words in the current extended word sequence, the message extended word sequence is updated for the non-first time, and at the moment, the message extended words with the sequence number of the first sequence number in the message extended word sequence are assigned to the message extended words with the second sequence number, so that the fact that the extended word sequence does not have the message extended words with repeated contents before and after updating is ensured.
In a second aspect, an embodiment of the present application provides a data verification method, where the method includes:
responding to the data verification indication, and acquiring calibration hash values of the data to be processed and the target data;
carrying out hash processing on the data to be processed by any data hash processing method in the first aspect to obtain a hash value corresponding to the data to be processed;
And if the hash value is the same as the calibration hash value, determining the data to be processed as the target data.
In a third aspect, an embodiment of the present application provides a data hash processing apparatus, where the apparatus includes:
the data processing module is configured to perform segmentation processing on data to be processed based on a cryptographic hash algorithm SM3 to obtain a specified number of data segments and message words corresponding to the data segments; the data length of each data segment is the same, and the message word is obtained by performing digital processing on the data segments;
a compression operation module configured to perform a plurality of rounds of first compression operations on the target register value of the data segment based on the message word; data compression is carried out on the first register value and the message expansion word in the first compression operation process of each round to obtain a second register value corresponding to the round; the method comprises the steps that message expansion words of each round are selected from expansion word sequences stored in a register, the expansion word sequences are obtained by carrying out data expansion on the message words, content updating is carried out on the expansion word sequences every other designated round in the process of multiple rounds of first compression operation, and the word numbers of the expansion word sequences before and after updating are the same;
And the hash processing module is configured to determine a hash value of the data to be processed according to the second register value obtained in the last round in the first compression operation process of the data segment.
In some possible embodiments, the target register value is determined from a register initial value specified by the SM 3; the first register value of the first round is the target register value, and the first register value of the non-first round is the second register value of the previous round.
In some possible embodiments, the target register value is obtained by:
performing a plurality of rounds of second compression operation on the initial value of the register based on the message word; data compression is carried out on the third register value and the target message word in the second compression operation process of each round, and a fourth register value corresponding to the round is obtained; wherein the first round of third register values are the initial values of the registers, and the non-first round of third register values are the fourth register values of the previous round; the target message word of each round is selected from the message words, and the target message word of each round is unique;
and taking the fourth register value obtained in the last round in the second compression operation process of the data segment as the target register value.
In some possible embodiments, the message word corresponding to the data segment is X 0 ~X 15 Sequence number X of any message word n Is determined from the position of the message word in the data segment, n.epsilon.0, 15]Is an integer of (a).
In some possible embodiments, in the multiple rounds of the second compression operation, the sequence number of the target message word of the ith round is X i And X i+4 ,i∈[0,11]Is an integer of (a).
In some possible embodiments, the sequence of extension words includes a predetermined number of message extension words, any message extension word corresponds to a unique sequence number, and the sequence number is determined according to a position of the message extension word in the sequence of extension words;
during the multiple rounds of first compression operations, the compression operation module is further configured to:
acquiring words to be processed which participate in updating, and grouping each word to be processed based on a preset grouping rule; the word to be processed which participates in updating for the first time is a message word corresponding to the data segment; the word to be processed which does not participate in updating for the first time is all message extension words in the current extension word sequence;
vector stitching is carried out on each group of words to be processed to obtain a corresponding stitching result of the group, and exclusive-or operation is carried out on each stitching result to obtain a target word vector corresponding to each stitching result;
An updated sequence of expanded words is determined based on the target word vector.
In some possible embodiments, the compression operation module is further configured to:
if the word to be processed is all the message extension words in the current extension word sequence, before the content of the extension word sequence is updated, assigning the message extension word with the first sequence number in the message extension word sequence to the message extension word with the second sequence number.
In a fourth aspect, an embodiment of the present application provides a data verification apparatus, including:
the data acquisition module is configured to respond to the data verification indication and acquire calibration hash values of the data to be processed and the target data;
a data hashing module configured to perform hash processing on the data to be processed by using the data hashing processing device according to any one of the third aspects, so as to obtain a hash value corresponding to the data to be processed;
and the data verification module is configured to determine that the data to be processed is the target data if the hash value is the same as the calibration hash value.
In a fifth aspect, embodiments of the present application further provide an electronic device comprising a memory and a processor, the memory having stored thereon a computer program executable on the processor, which when executed by the processor causes the processor to implement any one of the methods mentioned in the first or second aspects.
In a sixth aspect, embodiments of the present application also provide a computer readable storage medium having stored therein a computer program which, when executed by a processor, implements a method as set forth in any one of the above first or second aspects.
In a seventh aspect, embodiments of the present application provide a computer program product comprising computer instructions stored in a computer readable storage medium; when the processor of the computer device reads the computer instructions from the computer-readable storage medium, the processor executes the computer instructions, causing the computer device to perform the method of any one of the above-mentioned first or second aspects.
Additional features and advantages of the application will be set forth in the description which follows, and in part will be apparent from the description, or may be learned by practice of the disclosure. The objectives and other advantages of the application will be realized and attained by the structure particularly pointed out in the written description and claims thereof as well as the appended drawings.
Drawings
Fig. 1 is an overall flowchart of a data hash processing method according to an embodiment of the present application;
Fig. 2 is a schematic diagram of data filling of data to be processed according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a substitution sequence of each round of register values according to an embodiment of the present disclosure;
fig. 4 is a flowchart of message spreading sequence update provided in an embodiment of the present application;
FIG. 5 is an overall flowchart of a data verification method according to an embodiment of the present application;
fig. 6 is a block diagram of a data hash processing apparatus 600 according to an embodiment of the present application;
fig. 7 is a block diagram of a data verification method 700 according to an embodiment of the present application;
fig. 8 is a block diagram of an electronic device according to an embodiment of the present application.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the present application more apparent, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure. Embodiments and features of embodiments in this application may be combined with each other arbitrarily without conflict. Also, while a logical order of illustration is depicted in the flowchart, in some cases the steps shown or described may be performed in a different order than presented.
The terms first and second in the description and claims of the present application and in the above-described figures are used for distinguishing between different objects and not for describing a particular sequential order. Furthermore, the term "include" and any variations thereof is intended to cover non-exclusive protection. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed steps or elements but may include other steps or elements not listed or inherent to such process, method, article, or apparatus. The term "plurality" in the present application may mean at least two, for example, two, three or more, and embodiments of the present application are not limited.
In order to facilitate understanding of the technical scheme provided in the present application, a conventional SM3 algorithm is first described:
the conventional SM3 algorithm fills the data to be processed to a multiple of 512 bits after acquiring the data to be processed. The padded data is then grouped in 512 bits. Splitting with 32 bits for each group of data to obtain 16 message words corresponding to each group. Next, the 16 message words are expanded by a message expansion algorithm, resulting in 132 expanded words. And performing 64 rounds of iterative compression operation based on the 132 expansion words and the initial register value specified by the algorithm to obtain a hash value of the data to be processed.
In the above-mentioned compression operation flow, it is necessary to split 512-bit data set into 16 message words W by 32 bits 0 ~W 15 . Then, data expansion is performed by the following formula (1) to obtain W 16 ~W 67 And performing data expansion by the following formula (2) to obtain W' 0 ~W' 63 。
Wherein P is 1 A permutation function specified for the SM3 algorithm;is a 32-bit exclusive-or operator;<<<left shift operator for 32 bit loop; and c, assigning operators to the left.
The W is as described above 0 ~W 15 。W 16 ~W 67 W'. 0 ~W' 63 A total of 132 words are used as message extension words.
Then, each round in the 64-round compression operation flow executes the following steps:
step A1: SS (support System) 1 ←((A<<<12)+E+(T j <<<(j mod 32)))<<<7;
Step A2: TT (TT) 1 ←FF j (A,B,C)+D+SS 2 +W' j ;
Step A3: TT (TT) 2 ←GG j (E,F,G)+H+SS 1 +W j ;
Step A4:D←C,C←B<<<9,B←A,A←TT 1 ,H←G,G←F<<<19,F←E,E←P 0 (TT 2 );
wherein A, B, C, D, E, F, G, H is a word register required by SM3 algorithm, and the values of A-H used in the first round in the compression operation flow are the initial values of the word register specified by SM3 algorithm; SS (support System) 1 。SS 2 、TT 1 Sum TT 2 As temporary variable, T j Is constant, mod is modulo, FF j 、GG j Boolean function, P, specified for SM3 algorithm 0 The permutation function specified for the SM3 algorithm.
And taking the register values A-H obtained in the last round as the output of the compression function.
As can be seen from the above flow, the conventional SM3 algorithm needs to calculate 132 message extension words in advance in the 64-round compression operation flow. Since 132 32-bit message extension words cannot be stored in the word register at the same time. The message extension words are stored in the stack so that the message extension words corresponding to each round are fetched from the stack for operation. As mentioned above, SM3 algorithms are commonly used for the integrity check function underlying support hash functions. The message extension word thus stores key information for security verification. Message extension words placed in the stack have the potential to be stolen, and then the problem of key leakage can be caused by the algorithm back-pushing.
To solve the above problems, the inventive concept of the present application is: and carrying out segmentation processing on the data to be processed to obtain a specified number of data segments and message words corresponding to the data segments. For each data segment, performing multiple rounds of compression operation on the target register value based on the message word of the data segment. And in the compression operation flow of each round, obtaining second register data corresponding to the round by carrying out data compression on the first register value and the message expansion word. And determining the hash value according to the second register value obtained in the last round of each data segment. In the compression operation process, the content of the expansion word sequence stored in the register is updated every specified round number, so that the message expansion words participating in the operation of each round are all in the register. Compared with the traditional compression operation flow, the method has the advantages that all expansion words participating in the operation do not need to be calculated in advance and stored in a stack, so that the problem that the expansion words can be stolen is avoided.
Fig. 1 shows an overall flowchart of a data hashing method provided in the present application, specifically as shown in fig. 1, including the following steps:
step 101: carrying out segmentation processing on data to be processed based on a cryptographic hash algorithm SM3 to obtain a specified number of data segments and message words corresponding to the data segments; the data length of each data segment is the same, and the message word is obtained by performing digital processing on the data segments;
In the embodiment of the application, the segmentation processing rule of the SM3 algorithm is adopted, and firstly, the data to be processed is filled to be a multiple of 512 bits. And then grouping the filled data to be processed every 512 bits to obtain at least one 512-bit data segment.
In practice, assuming that the length of the data to be processed is L bits, bit "1" is added to the end of the data to be processed, and then k "0" s are added after "1". The value of k is the smallest non-negative integer of l+1+k=448 mod 512. Finally, 64 bits of data length is added, and the length of the data to be processed after filling is a multiple of 512. As shown in fig. 2 in detail, the data m= "011000001 0110001001100011" to be processed shown in fig. 2. The length L thereof is 24. First, a bit "1" is added after "011000001 0110001001100011", and then L is substituted into the above-described k calculation formula "l+1+k=448 mod512", resulting in k=423. 423 "0" s are added again after the bit "1". Finally, the 64-bit binary representation of ' 011000001 0110001001100011 ' is added at the last to obtain the filled data m ' to be processed.
The filled data m' to be processed is divided into a plurality of data segments B with 512-bit length by taking 512-bit as a unit, and each data segment B is subjected to digital processing by every 32-bit to obtain a message word corresponding to the data segment. I.e. get one message word every 32 bits, thereby splitting the 512 data segment into 16 32 bit message words X 0 ~X 15 Sequence number X of any message word n Based on bits of the message word in the data segmentIs set to be definite, n is E [0,15]Is an integer of (a).
Step 102: performing multiple rounds of first compression operation on the target register value of the data segment based on the message word; data compression is carried out on the first register value and the message expansion word in the first compression operation process of each round to obtain a second register value corresponding to the round; the message expansion words of each round are selected from expansion word sequences stored in a register, the expansion word sequences are obtained by carrying out data expansion on the message words, the expansion word sequences are updated in content every other designated round in the process of multiple rounds of first compression operation, and the word numbers of the expansion word sequences before and after updating are the same.
To facilitate understanding the above-mentioned first compression operation flow, first, the values of the target registers involved in the first compression operation will be described:
the target register value in the embodiment of the present application is determined according to the initial value of the register specified in SM 3. I.e. the initial values of the registers a to H mentioned in the above steps A1 to A4. The target register value in step 102 is determined according to the initial register value specified by SM 3; in addition, in the process of multiple rounds of first compression operation, the first register value of the first round of participation operation is the target register value, and the first register value of the non-first round is the second register value of the previous round.
When the method is implemented, a plurality of rounds of second compression operation is carried out on the initial value of the register based on the message word; data compression is carried out on the third register value and the target message word in the second compression operation process of each round, and a fourth register value corresponding to the round is obtained; wherein the first round of third register value is the initial value of the register, and the non-first round of third register value is the fourth register value of the previous round; the target message word for each round is selected from the message words and is unique for each round.
Specifically, for the data segment B obtained in the foregoing step 101 and the message word X corresponding to the data segment B 0 ~X 15 The second compression operation is performed for 12 rounds, and the compression operation function in the embodiment of the present application is denoted as CR (i, A, B, C, D, E, F, G, H, X) i ,X i+4 ). Which is a kind ofWhere i is the number of iterative rounds. In the 12-round second compression operation, the target message word sequence number of the ith round is X i And X i+4 ,i∈[0,11]Is an integer of (a). A-H are register values of 8 word registers, and correspond to a third register value participating in operation in each round.
CR2 (i, A, B, C, D, E, F, G, H, X) above i ,X i+4 ) Specifically, the steps B1 to B3 are as follows:
step B1: acquiring the values A-H of a third register participating in the operation of the round;
step B2: the temporary variable SS in SM3 is calculated by the following formulas (3) to (6) 1 、SS 2 、TT 1 Sum TT 2 :
SS 1 ←((A<<<12)+E+(T j <<<i))<<<7(3)
TT 2 ←GG j (E,F,G)+H+SS 1 +X i (6)
Step B3: updating the third register value by the temporary variables obtained in the above (3) to (6) to obtain a fourth register value corresponding to the present round: the specific updating flow still adopts the updating flow in the existing SM3 algorithm, namely D+.C, C+.B<<<9,B←A,A←TT 1 ,H←G,G←F<<<19,F←E,E←P 0 (TT 2 )。
Further, in the above 12 rounds of second compression operation, the sequence of substituting the third register values of the previous round of operation may be changed before each round of operation to improve data security, as shown in fig. 3, and fig. 3 shows the substituting sequence of the corresponding third register values of the previous 4 rounds of operation. As can be seen from fig. 3, the order of the first round a to H substitution calculation is "A, B, C, D, E, F, G, H". The substitution sequence of the second round is "D, A, B, C, H, E, F, G", the substitution sequence of the third round is "C, D, A, B, G, H, E, F", and the substitution sequence of the fourth round is "B, C, D, A, F, G, H, E". I.e. each round advances the registers a-H by 4 bits. Whereby the register position returns to the initial position after the end of the 4 rounds. For example, the substitution sequence of the fifth round is the same as the first round, and is "A, B, C, D, E, F, G, H". I.e. the substitution order of the ith round is the same as the (i+4) th round. And finally, taking the fourth register value obtained in the last round in the 12 rounds of second compression operation process as a target register value.
Having described the target register values in this application, the first compression operation in step 102 is explained below.
The number of rounds of the first compression operation in the embodiment of the present application is 52 rounds. The following steps C1 and C2 are performed on the sequence of extension words stored in the register every specified number of rounds (3 rounds):
step C1: updating the extended word sequence to obtain the corresponding message extended word W 0 ~W 18 ;
Step C2: by substituting the register value of the participating operation of the present round (i.e. the first register value) into the first compression function CR1 (i, A, B, C, D, E, F, G, H, W i+12 ,W i+16 ) And obtaining a second register value.
For every 3 rounds, the first round i=0, and the message expansion word of the round participating in the operation is W 12 And W is 16 ;
The second round i=1, the message extension word of the participation operation of the round is W 13 And W is 17 ;
A third round i=2, the message expansion word of the round participation operation is W 14 And W is 18 ;
When the fourth round is reached, the C1 is executed to update the spreading word sequence, for example, in the following three rounds i=3-5, although the sequence number of the message spreading word participating in the calculation is still W 12 ~W 18 However, the content of the message extension word is updated, so that the situation that the message extension word is repeated in any two rounds of participation operation does not occur.
The above procedure is repeated until the last round. The 64 rounds of compression required in SM3 are still used in this application. The second compression operation is performed 12 times, so the first compression operation is performed 64-12=52 times. It should be noted that the first compression function CR1 differs from the second compression function CR2 only in terms of the parameters substituted (W substituted in CR1 i+12 And W is i+16 ", CR2 is substituted as" X i And X i+4 ") and the rest of the operation flows are the same. The specific operation flow is shown in the foregoing steps B1 to B3, and will not be described herein. In addition, the manner shown in fig. 3 can be adopted in the process of the first compression operation in multiple rounds, and the data security is further improved by modifying the sequence of the register value substitution operation in each round.
Next, the flow of updating the extended message sequence in the above step C1 is explained, specifically, as shown in fig. 4, including the following steps:
step 401: acquiring words to be processed which participate in updating, and grouping each word to be processed based on a preset grouping rule;
it has been mentioned above that the sequence of expansion words is updated every third round during the first compression operation. In the embodiment of the application, the word to be processed which participates in updating for the first time is a message word corresponding to the data segment; the word to be processed which does not participate in the update for the first time is all message extension words in the current extension word sequence. In the specific implementation, the word to be processed which participates in updating for the first time can be set as the message word X 0 ~X 15 Instead of the first word to be updated being the first 16 message expansion words in the current expansion word sequence, i.e. the sequence number W 0 ~W 15 Is a message extension of (1).
Step 402: vector stitching is carried out on each group of words to be processed to obtain a group of corresponding stitching results, and exclusive or operation is carried out on each stitching result to obtain a target word vector corresponding to each stitching result;
taking first update as an example, X is calculated as 0 ~X 15 Grouping is performed in units of every three words. Vector stitching is carried out on each group of words to be processed to obtain a corresponding stitching result of the group, thereby obtaining five groupsGroup splicing results: z is Z 1 =(X 0 ,X 1 ,X 2 ),Z 2 =(X 3 ,X 4 ,X 5 ),Z 3 =(X 7 ,X 8 ,x 9 ),Z 4 =(X 10 ,X 11 ,X 12 ),Z 5 =(X 13 ,X 14 ,X 15 ). The target word vector is then determined by the following equation (7):
wherein Z is 1 ~Z 5 For each splicing result, Z 0 For the target word vector, P 1 Is a permutation function in SM3,Is a 32-bit exclusive OR operator,<<<Left shift operators are looped for 32 bits.
Step 403: an updated sequence of expanded words is determined based on the target word vector.
Taking the first update as an example, X is implemented 0 ~X 15 As the first 16 message extension words W in the extension word sequence 0 ~W 15 . Further, by matching the target word vector Z 0 Vector splitting is carried out to obtain a subsequent message expansion word W 16 ~W 18 . Thereby obtaining an extended word sequence W consisting of 19 words 16 ~W 18 . When not updating first time, the word to be processed in the first time updating example is represented by X 0 ~X 15 Replaced by W in the pre-update sequence of extension words 0 ~W 15 And (3) obtaining the product.
In order to further improve data security, in the process of updating the message extension word, if the word to be processed is all message extension words in the current extension word sequence (namely, representing that the current message extension word sequence is not updated for the first time), the message extension word with the sequence number of the first sequence number in the message extension word sequence is assigned to the message extension word with the second sequence number. In particular implementations, extensions are made to each messageWord W 0 ~W 18 Will W a Assignment to W a-3 The method comprises the steps of carrying out a first treatment on the surface of the Wherein a E [3,18 ]]Is an integer of (a). That is, the value of the 16 message extension words with the last sequence number among the 19 message extension words is assigned to the 16 message extension words with the first sequence number.
In this way, in the first compression operation, the sequence of the extension words is updated in the previous three rounds through the steps 401 to 403, and then the first compression operation is performed based on the updated message extension words in the next three rounds. Assignment update of the sequence of extension words after the end of the third round (i.e. W a Assignment to W a-3 ). Thus, in the fourth round, the update of the extension word can be performed on the extension word sequence after the assignment update in the above steps 401 to 403. And repeating the above process every 3 rounds in the subsequent process.
Step 103: and determining the hash value of the data to be processed according to the second register value obtained in the last round in the first compression operation process of the data segment.
In the implementation, the second register values A-H obtained in the last round are obtained, and the hash value y of the data to be processed is determined by the following formula (8):
y←(A‖B‖C‖D‖E‖F‖G‖H)(8)
the extended word sequence in the embodiment of the application is only composed of 19 message extended words, and the extended word sequence can be stored in a register when operation is performed. Thus, each time an extended word sequence is updated, the first compression operation is participated by erasing the pre-update extended word sequence and using the updated extended word sequence. On the basis of ensuring that the message expansion words participating in the operation are different in each round, the expansion words participating in the operation do not need to be calculated in advance and stored in a stack as in the traditional compression operation flow, so that the possibility of stealing the expansion words is avoided, and the data security is improved.
In addition, the conventional SM3 algorithm needs to read and store 84 times, exclusive or 312 times, and cyclically shift 208 times. In this application, the data is read and stored 16 times, exclusive or 108 times, and cyclically shifted 72 times. Therefore, the calculation amount and operation times of the SM3 algorithm can be effectively reduced, and the performance is obviously improved.
Based on the same inventive concept, the embodiment of the present application further provides a data verification method, specifically as shown in fig. 5, including the following steps:
Step 501: responding to the data verification indication, and acquiring calibration hash values of the data to be processed and the target data;
step 502: carrying out hash processing on the data to be processed by a data hash processing method to obtain a hash value corresponding to the data to be processed; the data hash processing method is the data hash processing method mentioned in the foregoing steps 101 to 103.
Step 503: and if the hash value is the same as the calibration hash value, determining the data to be processed as the target data.
In the application scene of software copyright verification, the data to be processed is the software purchased by the user. The target data is the original software, and the calibrated hash value is the hash value representing the original software.
The software provider of the master software may use the data hashing method mentioned in the foregoing steps 101 to 103 as a hashing algorithm for the master verification in advance. When the user performs the original verification on the purchased software, the corresponding hash value is obtained by obtaining a hash algorithm at the software provider to perform hash operation on the purchased software. If the obtained hash value is the same as the calibrated hash value, the user is informed of the fact that the purchased software is the genuine software of the software provider. Otherwise, the user is characterized to purchase pirated software.
Based on the same inventive concept, the embodiment of the present application provides a data hash processing apparatus 600, specifically as shown in fig. 6, including:
the data processing module 601 is configured to perform segmentation processing on data to be processed based on a cryptographic hash algorithm SM3 to obtain a specified number of data segments and message words corresponding to the data segments; the data length of each data segment is the same, and the message word is obtained by performing digital processing on the data segments;
a compression operation module 602 configured to perform a plurality of rounds of first compression operations on the target register value of the data segment based on the message word; data compression is carried out on the first register value and the message expansion word in the first compression operation process of each round to obtain a second register value corresponding to the round; the method comprises the steps that message expansion words of each round are selected from expansion word sequences stored in a register, the expansion word sequences are obtained by carrying out data expansion on the message words, content updating is carried out on the expansion word sequences every other designated round in the process of multiple rounds of first compression operation, and the word numbers of the expansion word sequences before and after updating are the same;
the hash processing module 603 is configured to determine a hash value of the data to be processed according to the second register value obtained in the last round during the first compression operation.
In some possible embodiments, the target register value is determined from a register initial value specified by the SM 3; the first register value of the first round is the target register value, and the first register value of the non-first round is the second register value of the previous round.
In some possible embodiments, the target register value is obtained by:
performing a plurality of rounds of second compression operation on the initial value of the register based on the message word; data compression is carried out on the third register value and the target message word in the second compression operation process of each round, and a fourth register value corresponding to the round is obtained; wherein the first round of third register values are the initial values of the registers, and the non-first round of third register values are the fourth register values of the previous round; the target message word of each round is selected from the message words, and the target message word of each round is unique;
and taking the fourth register value obtained in the last round in the second compression operation process of the data segment as the target register value.
In some possible embodiments, the message word corresponding to the data segment is X 0 ~X 15 Sequence number X of any message word n Is determined from the position of the message word in the data segment,n∈[0,15]Is an integer of (a).
In some possible embodiments, in the multiple rounds of the second compression operation, the sequence number of the target message word of the ith round is X i And X i+4 ,i∈[0,11]Is an integer of (a).
In some possible embodiments, the sequence of extension words includes a predetermined number of message extension words, any message extension word corresponds to a unique sequence number, and the sequence number is determined according to a position of the message extension word in the sequence of extension words;
during the multiple rounds of first compression operations, the compression operation module is further configured to:
acquiring words to be processed which participate in updating, and grouping each word to be processed based on a preset grouping rule; the word to be processed which participates in updating for the first time is a message word corresponding to the data segment; the word to be processed which does not participate in updating for the first time is all message extension words in the current extension word sequence;
vector stitching is carried out on each group of words to be processed to obtain a corresponding stitching result of the group, and exclusive-or operation is carried out on each stitching result to obtain a target word vector corresponding to each stitching result;
an updated sequence of expanded words is determined based on the target word vector.
In some possible embodiments, the compression operation module is further configured to:
if the word to be processed is all the message extension words in the current extension word sequence, before the content of the extension word sequence is updated, assigning the message extension word with the first sequence number in the message extension word sequence to the message extension word with the second sequence number.
Based on the same inventive concept, an embodiment of the present application provides a data verification apparatus 700, specifically as shown in fig. 7, including:
a data acquisition module 701 configured to acquire a calibrated hash value of the data to be processed and the target data in response to the data verification indication;
a data hashing module 702, configured to perform hash processing on the data to be processed by using a data hashing processing device, so as to obtain a hash value corresponding to the data to be processed;
a data verification module 703 configured to determine the data to be processed as the target data if the hash value is the same as the calibration hash value.
An electronic device 130 according to this embodiment of the present application is described below with reference to fig. 8. The electronic device 130 shown in fig. 8 is merely an example and should not be construed to limit the functionality and scope of use of embodiments of the present application in any way.
As shown in fig. 8, the electronic device 130 is in the form of a general-purpose electronic device. Components of electronic device 130 may include, but are not limited to: the at least one processor 131, the at least one memory 132, and a bus 133 connecting the various system components, including the memory 132 and the processor 131.
Bus 133 represents one or more of several types of bus structures, including a memory bus or memory controller, a peripheral bus, a processor, and a local bus using any of a variety of bus architectures.
Memory 132 may include readable media in the form of volatile memory such as Random Access Memory (RAM) 1321 and/or cache memory 1322, and may further include Read Only Memory (ROM) 1323.
Memory 132 may also include a program/utility 1325 having a set (at least one) of program modules 1324, such program modules 1324 include, but are not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment.
The electronic device 130 may also communicate with one or more external devices 134 (e.g., keyboard, pointing device, etc.), one or more devices that enable a user to interact with the electronic device 130, and/or any device (e.g., router, modem, etc.) that enables the electronic device 130 to communicate with one or more other electronic devices. Such communication may occur through an input/output (I/O) interface 135. Also, electronic device 130 may communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet, through network adapter 136. As shown, network adapter 136 communicates with other modules for electronic device 130 over bus 133. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with electronic device 130, including, but not limited to: microcode, device drivers, redundant processors, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
In an exemplary embodiment, a computer readable storage medium is also provided, such as a memory 132, comprising instructions executable by the processor 131 of the apparatus to perform the above-described method. Alternatively, the computer readable storage medium may be ROM, random Access Memory (RAM), CD-ROM, magnetic tape, floppy disk, optical data storage device, etc.
In an exemplary embodiment, a computer program product is also provided, comprising a computer program/instruction which, when executed by the processor 131, implements any one of a data hashing and data verification method as provided herein.
In an exemplary embodiment, aspects of the data hashing method and data verification method provided herein may also be implemented in the form of a program product comprising program code for causing a computer device to perform the steps of a data hashing method and data verification method according to various exemplary embodiments of the present application as described herein above when the program product is run on the computer device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The program product for data hashing and data verification of embodiments of the present application may employ a portable compact disc read-only memory (CD-ROM) and include program code and may be run on an electronic device. However, the program product of the present application is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The readable signal medium may include a data signal propagated in baseband or as part of a carrier wave with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the language or similar programming languages. The program code may execute entirely on the consumer electronic device, partly on the consumer electronic device, as a stand-alone software package, partly on the consumer electronic device, partly on the remote electronic device, or entirely on the remote electronic device or server. In the case of remote electronic devices, the remote electronic device may be connected to the consumer electronic device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external electronic device (e.g., connected through the internet using an internet service provider).
It should be noted that although several units or sub-units of the apparatus are mentioned in the above detailed description, such a division is merely exemplary and not mandatory. Indeed, the features and functions of two or more of the elements described above may be embodied in one element in accordance with embodiments of the present application. Conversely, the features and functions of one unit described above may be further divided into a plurality of units to be embodied.
Furthermore, although the operations of the methods of the present application are depicted in the drawings in a particular order, this is not required to or suggested that these operations must be performed in this particular order or that all of the illustrated operations must be performed in order to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step to perform, and/or one step decomposed into multiple steps to perform.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable image scaling device to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable image scaling device, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable image scaling device to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable image scaling apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various modifications and variations can be made in the present application without departing from the scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims and the equivalents thereof, the present application is intended to cover such modifications and variations.
Claims (16)
1. A method of hashing data, the method comprising:
carrying out segmentation processing on data to be processed based on a cryptographic hash algorithm SM3 to obtain a specified number of data segments and message words corresponding to the data segments; the data length of each data segment is the same, and the message word is obtained by performing digital processing on the data segments;
performing multiple rounds of first compression operation on the target register value of the data segment based on the message word; data compression is carried out on the first register value and the message expansion word in the first compression operation process of each round to obtain a second register value corresponding to the round; the method comprises the steps that message expansion words of each round are selected from expansion word sequences stored in a register, the expansion word sequences are obtained by carrying out data expansion on the message words, content updating is carried out on the expansion word sequences every other designated round in the process of multiple rounds of first compression operation, and the word numbers of the expansion word sequences before and after updating are the same;
Determining a hash value of the data to be processed according to a second register value obtained in the last round in the first compression operation process of the data segment;
the target register value is obtained by the following steps:
performing multiple rounds of second compression operation on the initial value of the register specified by SM3 based on the message word; data compression is carried out on the third register value and the target message word in the second compression operation process of each round, and a fourth register value corresponding to the round is obtained; wherein the first round of third register values are the initial values of the registers, and the non-first round of third register values are the fourth register values of the previous round; the target message word of each round is selected from the message words, and the target message word of each round is unique;
and taking the fourth register value obtained in the last round in the second compression operation process of the data segment as the target register value.
2. The method of claim 1, wherein the first register value of the first round is the target register value and the first register value of the non-first round is the second register value of the previous round.
3. The method of claim 1, wherein the message word corresponding to the data segment is X 0 ~X 15 Sequence number X of any message word n Is determined from the position of the message word in the data segment, n.epsilon.0, 15]Is an integer of (a).
4. A method according to claim 3, wherein the sequence number of the target message word of the i-th round is X during the plurality of rounds of the second compression operation i And X i+4 ,i∈[0,11]Is an integer of (a).
5. The method of claim 1, wherein the sequence of extension words comprises a predetermined number of message extension words, any message extension word corresponds to a unique sequence number, and the sequence number is determined based on the position of the message extension word in the sequence of extension words;
in the process of the first compression operation of the plurality of rounds, the content of the extended word sequence is updated by the following modes:
acquiring words to be processed which participate in updating, and grouping each word to be processed based on a preset grouping rule; the word to be processed which participates in updating for the first time is a message word corresponding to the data segment; the word to be processed which does not participate in updating for the first time is all message extension words in the current extension word sequence;
vector stitching is carried out on each group of words to be processed to obtain a corresponding stitching result of the group, and exclusive-or operation is carried out on each stitching result to obtain a target word vector corresponding to each stitching result;
An updated sequence of expanded words is determined based on the target word vector.
6. The method of claim 5, wherein the method further comprises:
if the word to be processed is all the message extension words in the current extension word sequence, before the content of the extension word sequence is updated, assigning the message extension word with the first sequence number in the message extension word sequence to the message extension word with the second sequence number.
7. A method of data validation, the method comprising:
responding to the data verification indication, and acquiring calibration hash values of the data to be processed and the target data;
hashing the data to be processed by the data hashing method according to any one of claims 1-6 to obtain a hash value corresponding to the data to be processed;
and if the hash value is the same as the calibration hash value, determining the data to be processed as the target data.
8. A data hash processing apparatus, the apparatus comprising:
the data processing module is configured to perform segmentation processing on data to be processed based on a cryptographic hash algorithm SM3 to obtain a specified number of data segments and message words corresponding to the data segments; the data length of each data segment is the same, and the message word is obtained by performing digital processing on the data segments;
A compression operation module configured to perform a plurality of rounds of first compression operations on the target register value of the data segment based on the message word; data compression is carried out on the first register value and the message expansion word in the first compression operation process of each round to obtain a second register value corresponding to the round; the method comprises the steps that message expansion words of each round are selected from expansion word sequences stored in a register, the expansion word sequences are obtained by carrying out data expansion on the message words, content updating is carried out on the expansion word sequences every other designated round in the process of multiple rounds of first compression operation, and the word numbers of the expansion word sequences before and after updating are the same;
the hash processing module is configured to determine a hash value of the data to be processed according to a second register value obtained in the last round in the first compression operation process of the data segment;
the target register value is obtained by the following steps:
performing multiple rounds of second compression operation on the initial value of the register specified by SM3 based on the message word; data compression is carried out on the third register value and the target message word in the second compression operation process of each round, and a fourth register value corresponding to the round is obtained; wherein the first round of third register values are the initial values of the registers, and the non-first round of third register values are the fourth register values of the previous round; the target message word of each round is selected from the message words, and the target message word of each round is unique;
And taking the fourth register value obtained in the last round in the second compression operation process of the data segment as the target register value.
9. The apparatus of claim 8, wherein a first register value of a first round is the target register value and a first register value of a non-first round is a second register value of a previous round.
10. The apparatus of claim 8, wherein the message word corresponding to the data segment is X 0 ~X 15 Sequence number X of any message word n Is determined from the position of the message word in the data segment, n.epsilon.0, 15]Is an integer of (a).
11. The apparatus of claim 10, wherein the number of the target message word of the i-th round is X during the plurality of rounds of the second compression operation i And X i+4 ,i∈[0,11]Is an integer of (a).
12. The apparatus of claim 8, wherein the sequence of extension words comprises a predetermined number of message extension words, wherein any message extension word corresponds to a unique sequence number, and wherein the sequence number is determined based on a position of the message extension word in the sequence of extension words;
during the multiple rounds of first compression operations, the compression operation module is further configured to:
Acquiring words to be processed which participate in updating, and grouping each word to be processed based on a preset grouping rule; the word to be processed which participates in updating for the first time is a message word corresponding to the data segment; the word to be processed which does not participate in updating for the first time is all message extension words in the current extension word sequence;
vector stitching is carried out on each group of words to be processed to obtain a corresponding stitching result of the group, and exclusive-or operation is carried out on each stitching result to obtain a target word vector corresponding to each stitching result;
an updated sequence of expanded words is determined based on the target word vector.
13. The apparatus of claim 12, wherein the compression operation module is further configured to:
if the word to be processed is all the message extension words in the current extension word sequence, before the content of the extension word sequence is updated, assigning the message extension word with the first sequence number in the message extension word sequence to the message extension word with the second sequence number.
14. A data verification device, the device comprising:
the data acquisition module is configured to respond to the data verification indication and acquire calibration hash values of the data to be processed and the target data;
A data hashing module configured to perform hash processing on the data to be processed by using the data hashing processing device of any one of 8-13 to obtain a hash value corresponding to the data to be processed;
and the data verification module is configured to determine that the data to be processed is the target data if the hash value is the same as the calibration hash value.
15. An electronic device, comprising:
a memory for storing program instructions;
a processor for invoking program instructions stored in the memory and for performing the steps comprised in the method according to any of claims 1-7 in accordance with the obtained program instructions.
16. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program comprising program instructions which, when executed by a computer, cause the computer to perform the method of any of claims 1-7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310145985.6A CN116260572B (en) | 2023-02-21 | 2023-02-21 | Data hash processing method, data verification method and electronic equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310145985.6A CN116260572B (en) | 2023-02-21 | 2023-02-21 | Data hash processing method, data verification method and electronic equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116260572A CN116260572A (en) | 2023-06-13 |
CN116260572B true CN116260572B (en) | 2024-01-23 |
Family
ID=86678953
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310145985.6A Active CN116260572B (en) | 2023-02-21 | 2023-02-21 | Data hash processing method, data verification method and electronic equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116260572B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN118074889B (en) * | 2024-03-14 | 2024-08-13 | 杭州金智塔科技有限公司 | Data processing method and device based on SM3 cryptographic algorithm and MAC algorithm |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106301761A (en) * | 2016-08-09 | 2017-01-04 | 北京智芯微电子科技有限公司 | A kind of compression method based on cryptographic Hash algorithm and device |
CN112217646A (en) * | 2020-10-13 | 2021-01-12 | 天津津航计算技术研究所 | Device and method for realizing SM3 password hash algorithm |
CN113300829A (en) * | 2021-05-20 | 2021-08-24 | 深圳智微电子科技有限公司 | Hardware implementation device of SM3 algorithm |
CN113721986A (en) * | 2021-07-23 | 2021-11-30 | 浪潮电子信息产业股份有限公司 | Data compression method and device, electronic equipment and storage medium |
CN114528574A (en) * | 2022-02-18 | 2022-05-24 | 中国平安人寿保险股份有限公司 | Data processing method, device, equipment and medium based on encryption algorithm |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10503510B2 (en) * | 2013-12-27 | 2019-12-10 | Intel Corporation | SM3 hash function message expansion processors, methods, systems, and instructions |
-
2023
- 2023-02-21 CN CN202310145985.6A patent/CN116260572B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106301761A (en) * | 2016-08-09 | 2017-01-04 | 北京智芯微电子科技有限公司 | A kind of compression method based on cryptographic Hash algorithm and device |
CN112217646A (en) * | 2020-10-13 | 2021-01-12 | 天津津航计算技术研究所 | Device and method for realizing SM3 password hash algorithm |
CN113300829A (en) * | 2021-05-20 | 2021-08-24 | 深圳智微电子科技有限公司 | Hardware implementation device of SM3 algorithm |
CN113721986A (en) * | 2021-07-23 | 2021-11-30 | 浪潮电子信息产业股份有限公司 | Data compression method and device, electronic equipment and storage medium |
CN114528574A (en) * | 2022-02-18 | 2022-05-24 | 中国平安人寿保险股份有限公司 | Data processing method, device, equipment and medium based on encryption algorithm |
Non-Patent Citations (2)
Title |
---|
A High Speed SM3 Algorithm Implementation for Security Chip;Shiping Zang等;2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC);915-918 * |
工业互联网密码应用研究;董贵山等;信息安全研究;第8卷(第6期);554-561 * |
Also Published As
Publication number | Publication date |
---|---|
CN116260572A (en) | 2023-06-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4549303B2 (en) | Method and apparatus for providing a message authentication code using a pipeline | |
CN109791517B (en) | Protecting parallel multiplication operations from external monitoring attacks | |
US20100220853A1 (en) | Method and Apparatus for Compound Hashing Via Iteration | |
CN108431819B (en) | Method and system for protecting client access to service of DRM agent of video player | |
CN116318660B (en) | Message expansion and compression method and related device | |
CN116260572B (en) | Data hash processing method, data verification method and electronic equipment | |
CN111523889B (en) | Multiple signature implementation method, device, equipment and storage medium | |
CN112287366A (en) | Data encryption method and device, computer equipment and storage medium | |
KR20210147645A (en) | Homomorphic encryption device and cyphertext operation method thereof | |
CN114095149A (en) | Information encryption method, device, equipment and storage medium | |
US10505739B2 (en) | Prefix fingerprint | |
WO2024086243A1 (en) | Protection of polynomial cryptographic operations against side-channel attacks with change-of-variable transformations | |
CN109951275B (en) | Key generation method and device, computer equipment and storage medium | |
CN111262707A (en) | Digital signature method, verification method, device and storage medium | |
CN116192379A (en) | Key segment storage method, device, computer equipment and storage medium | |
CN113505348B (en) | Watermark embedding method, watermark verifying method and watermark embedding device for data | |
CN108599951A (en) | Encryption method and device | |
JP6881588B2 (en) | Secret calculators, secret calculators, programs, and recording media | |
CN112597456B (en) | Watermark adding and verifying method and device for database | |
CN110032832B (en) | Web application processing method and device | |
CN111949738A (en) | Block chain-based data storage deduplication method, terminal device and storage medium | |
CN113475034A (en) | Circuit compiling apparatus and circuit evaluating apparatus | |
US10628609B2 (en) | Method and apparatus for performing signature verification by offloading values to a server | |
CN112749965B (en) | Information monitoring method, system, equipment and storage medium | |
CN115361237B (en) | Data encryption transmission method and system for cloud terminal interaction |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |