[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN115664651B - SM 9-based online and offline encryption and decryption method, system, equipment and medium - Google Patents

SM 9-based online and offline encryption and decryption method, system, equipment and medium Download PDF

Info

Publication number
CN115664651B
CN115664651B CN202211286848.6A CN202211286848A CN115664651B CN 115664651 B CN115664651 B CN 115664651B CN 202211286848 A CN202211286848 A CN 202211286848A CN 115664651 B CN115664651 B CN 115664651B
Authority
CN
China
Prior art keywords
ciphertext
random number
intermediate ciphertext
parameter
algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211286848.6A
Other languages
Chinese (zh)
Other versions
CN115664651A (en
Inventor
陈邦道
雷虹
王庆豪
张永欣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Oxford Hainan Blockchain Research Institute Co ltd
Original Assignee
Oxford Hainan Blockchain Research Institute Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oxford Hainan Blockchain Research Institute Co ltd filed Critical Oxford Hainan Blockchain Research Institute Co ltd
Priority to CN202211286848.6A priority Critical patent/CN115664651B/en
Publication of CN115664651A publication Critical patent/CN115664651A/en
Application granted granted Critical
Publication of CN115664651B publication Critical patent/CN115664651B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Storage Device Security (AREA)

Abstract

The application discloses an on-line and off-line encryption and decryption method, system, equipment and medium based on SM9, which are applied to a data sending end and acquire target data to be encrypted confirmed by a data receiving end; acquiring a first random number and a second random number which are generated in advance; acquiring a first intermediate ciphertext, a ciphertext parameter and an intermediate parameter which are generated in advance; generating a second intermediate ciphertext based on the first random number, the second random number, the prime number, the distinguishable identification of the data transmitting end, the private key generation function identifier and the first cryptographic function; generating a third intermediate ciphertext based on the target data and the ciphertext parameter; generating a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number; the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext and the fourth intermediate ciphertext are used as target ciphertexts of target data, so that the SM9 algorithm online/offline encryption is realized.

Description

SM 9-based online and offline encryption and decryption method, system, equipment and medium
Technical Field
The application relates to the technical field of information security, in particular to an on-line and off-line encryption and decryption method, system, equipment and medium based on SM 9.
Background
The data encryption can effectively convert plaintext data into ciphertext which cannot identify the effective content of the plaintext data, effectively ensures that the data cannot leak data content in the transmission process, protects the confidentiality of the data, and provides strong support for the safe transmission of the data of users.
In a data encryption system, in order to effectively protect confidentiality of data, an encryption process generally needs to perform a series of operations, such as complex operations including bilinear pairing, dot multiplication, and the like, and lightweight operations including modulo addition, and the like. The complex operations such as bilinear pairing and dot multiplication operation require more computing resources, and cannot be applied to devices with limited resources, such as an internet of things sensor, a user terminal device, and the like.
To solve this problem, online/offline encryption techniques have evolved. The online/offline encryption technology divides ciphertext generation algorithm in the data encryption process into two sub-algorithms, namely online encryption and offline encryption. Under the condition that the encrypted data and the identification of the receiver are not required to be known, the sender can calculate partial encryption operation in advance through an offline encryption algorithm, so that most of high-cost operation is completed and an offline ciphertext is generated. After knowing the encrypted data and the receiver identification, the sender utilizes the off-line ciphertext pair through an on-line encryption algorithm, so that the execution efficiency is effectively improved. At present, a plurality of online/offline encryption schemes in different forms are proposed, and are widely studied and applied in the fields of digital signature, attribute-based encryption and other cryptography. However, most of the encryption algorithms are customized for foreign algorithms, and autonomous control on specific algorithms, such as on-line/off-line encryption and decryption of SM9 encryption algorithms, is lacking.
In summary, how to implement on-line/off-line encryption and decryption of the SM9 encryption algorithm is a problem to be solved by those skilled in the art.
Disclosure of Invention
The purpose of the application is to provide an on-line and off-line encryption and decryption method based on SM9, which can solve the technical problem of how to realize on-line/off-line encryption and decryption of an SM9 encryption algorithm to a certain extent. The application also provides an on-line off-line encryption and decryption system, equipment and a computer readable storage medium based on SM 9.
In order to achieve the above object, the present application provides the following technical solutions:
an on-line off-line encryption and decryption method based on SM9 is applied to a data transmitting end and comprises the following steps:
acquiring target data to be encrypted confirmed by a data receiving end;
acquiring prime numbers, a private key generation function identifier, a first password function and a second password function which are determined based on an SM9 algorithm;
acquiring a first random number and a second random number which are generated in advance;
acquiring a first intermediate ciphertext, a ciphertext parameter and an intermediate parameter which are generated in advance; the first intermediate ciphertext is generated based on the first random number, the second random number, an encryption master public key determined by the SM9 algorithm and a generator of a first addition cycle group in the SM9 algorithm; the ciphertext parameter is generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and a third cryptographic function determined by the SM9 algorithm; the intermediate parameter is generated based on the second random number, the encryption master public key, a generator of a second addition loop group in the SM9 algorithm and bilinear pair mapping in the SM9 algorithm;
Generating a second intermediate ciphertext based on the first random number, the second random number, the prime number, the discernable identity of the data transmitting end, the private key generation function identifier, and the first cryptographic function;
generating a third intermediate ciphertext based on the target data and the ciphertext parameter;
generating a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number;
and taking the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext and the fourth intermediate ciphertext as target ciphertexts of the target data.
Preferably, before the obtaining the target data to be encrypted, which is confirmed by the data receiving end, the method further includes:
generating the first random number and the second random number in an offline stage;
in the offline stage, generating the first intermediate ciphertext based on the first random number, the second random number, the encryption master public key determined by the SM9 algorithm, and the generator of the first addition cycle group in the SM9 algorithm;
generating the ciphertext parameter based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and the third cryptographic function determined by the SM9 algorithm in the offline stage;
In the offline stage, the intermediate parameters are generated based on the second random number, the encrypted master public key, the generator of the second addition loop group in the SM9 algorithm, and the bilinear pair mapping in the SM9 algorithm.
Preferably, the generating unit configured to generate the first intermediate ciphertext based on the first random number, the second random number, the encrypted master public key determined by the SM9 algorithm, and the generating unit of the first addition loop group in the SM9 algorithm includes:
generating the first intermediate ciphertext based on the first random number, the second random number, the encryption master public key determined by the SM9 algorithm and the generator of the first addition cycle group in the SM9 algorithm through a first operation formula;
the first operation formula includes:
C 1 =[r](P pub +[s]P 1 );
wherein C is 1 Representing the first intermediate ciphertext; r represents the second random number; p (P) pub Representing the encrypted primary public key, P pub =[ke]P 1 Ke represents the encrypted master private key determined by the SM9 algorithm; s represents the first random number; p (P) 1 Representing the first addition cycle group G 1 Is a generator of (1);
the generating the ciphertext parameter based on the first intermediate ciphertext, the intermediate parameter, and the discernable identifier of the data receiving end includes:
Generating the ciphertext parameter based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and the third cryptographic function determined by the SM9 algorithm through a second operation formula;
the second operation formula includes:
t=H 3 (C 1 ||w||ID B );
wherein t represents the ciphertext parameter; h 3 Representing the third cryptographic function; w represents the intermediate parameter; ID (identity) B A discernable identity representing the data receiving end; the I represents stitching;
the generating the intermediate parameter based on the second random number, the encrypted master public key, the generator of the second addition loop group in the SM9 algorithm, and the bilinear pair mapping in the SM9 algorithm includes:
generating the intermediate parameter based on the second random number, the encryption master public key, the generator of the second addition loop group in the SM9 algorithm, and the bilinear pair mapping in the SM9 algorithm by a third operation formula;
the third operation formula includes:
w=g r ;g=e(P pub ,P 2 );
wherein e represents the bilinear pair mapping; p (P) 2 Representing the second addition cycle group G 2 Is a generator of (1).
Preferably, the generating the second intermediate ciphertext based on the first random number, the second random number, the prime number, the distinguishable identification of the data transmitting end, the private key generating function identifier, and the first cryptographic function includes:
Generating a second intermediate ciphertext based on the first random number, the second random number, the prime number, the distinguishable identification of the data transmitting end, the private key generation function identifier and the first cryptographic function through a fourth operation formula;
the fourth operation formula includes:
C 2 =r·(H 1 (ID A ||hid,q)-s)mod q;
wherein C is 2 Representing the second intermediate ciphertext; h 1 Representing the first cryptographic function; ID (identity) A Representation houseA discernable identification of the data transmitting end; his represents the private key generation function identifier; q represents the prime number;
the generating a third intermediate ciphertext based on the target data and the ciphertext parameter includes:
generating the third intermediate ciphertext based on the target data and the ciphertext parameter by a fifth operation formula;
the fifth operation formula includes:
wherein C is 3 Representing the third intermediate ciphertext; m represents the target data; the one represents an exclusive-or operation;
the generating a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, the prime number, comprises:
generating the fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number by a sixth operation formula;
The sixth operational formula includes:
C 4 =(r+H 2 (m||w||C 1 ||C 2 ))mod q;
wherein C is 4 Representing the fourth intermediate ciphertext; h 2 Representing the second cryptographic function.
Preferably, after the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext, and the fourth intermediate ciphertext are used as the target ciphertext of the target data, the method further includes:
and sending the target ciphertext to the data receiving end.
An on-line off-line encryption and decryption method based on SM9 is applied to a data receiving end and comprises the following steps:
acquiring bilinear pair mapping, a generating element of a first addition cyclic group, a first cryptographic function, a second cryptographic function, prime numbers, a private key generating function identifier, a generating element of a second addition cyclic group and an encryption master public key which are determined based on an SM9 algorithm;
receiving a target ciphertext transmitted by a data transmitting end, wherein the target ciphertext comprises a first intermediate ciphertext, a second intermediate ciphertext, a third intermediate ciphertext and a fourth intermediate ciphertext;
generating a verification intermediate parameter based on the bilinear pair mapping, the first intermediate ciphertext, the second intermediate ciphertext, the generator of the first addition cycle group and the private key of the data receiving end;
generating verification data based on the verification intermediate parameter and the third intermediate parameter;
Generating a check second random number based on the fourth intermediate ciphertext, the second cryptographic function, the check data, the check intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number;
generating a first verification random number based on the first cryptographic function, the distinguishable identification of the data transmitting end, the private key generation function identifier, the prime number, the second verification random number and the second intermediate ciphertext;
verifying whether the first intermediate ciphertext is correct or not based on the first verification random number, the encryption master public key, the second verification random number and the generation element of the second addition cycle group, and if so, taking the verification data as target data transmitted by the data transmitting end;
the first intermediate ciphertext is generated based on a first random number, a second random number, the encryption master public key and a generator of the first addition cycle group; the second intermediate ciphertext is generated based on the first random number, the second random number, the prime number, the discernable identifier of the data transmitting end, the private key generation function identifier and the first cryptographic function; the third intermediate ciphertext is generated based on the target data and the ciphertext parameters; the fourth intermediate ciphertext is generated based on the second random number, the second cryptographic function, the target data, an intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, the prime number; the ciphertext parameter is generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and a third cryptographic function determined by the SM9 algorithm; the intermediate parameter is generated based on the second random number, the encrypted master public key, the generator of the second addition loop group, and the bilinear pair mapping.
Preferably, the generating a check intermediate parameter based on the bilinear pair mapping, the first intermediate ciphertext, the second intermediate ciphertext, the generating element of the first addition cycle group, and the private key of the data receiving end includes:
generating the verification intermediate parameter based on the bilinear pair mapping, the first intermediate ciphertext, the second intermediate ciphertext, the generator of the first addition cycle group and the private key of the data receiving end through a first generation formula;
the first generation formula includes:
w'=e((C 1 +[C 2 ]P 1 ),de B );
wherein w' represents the verification intermediate parameter; e represents the bilinear pair mapping; c (C) 1 Representing the first intermediate ciphertext; c (C) 2 Representing the second intermediate ciphertext; p (P) 1 Representing the first addition cycle group G 1 Is a generator of (1); de B A private key, de, representing the data receiving end B =[ke·(H 1 (ID B )+ke) -1 mod q]P 2 Ke represents the encryption master private key, H, determined by the SM9 algorithm 1 Representing the first cryptographic function, ID B Representing the discernable identity of the data receiving end, P 2 Representing the second addition cycle group G 2 Is a generator of (1);
the generating the check data based on the check intermediate parameter and the third intermediate parameter includes:
generating the verification data based on the verification intermediate parameter and the third intermediate parameter through a second generation formula;
The second generation formula includes:
wherein m' represents the check data; c (C) 3 Representing the third intermediate ciphertext; the one represents an exclusive-or operation;
and generating a second random number based on the fourth intermediate ciphertext, the second cryptographic function, the verification data, the verification intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number, including:
generating the second check random number based on the fourth intermediate ciphertext, the second cryptographic function, the check data, the check intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number by a third generation formula;
the third generation formula includes;
r'=(C 4 -H 2 (m'||w'||C 1 ||C 2 ))mod q;
wherein r' represents the check second random number; c (C) 4 Representing the fourth intermediate ciphertext;
the generating a first random number based on the first cryptographic function, the distinguishable identification of the data transmitting end, the private key generating function identifier, the prime number, the second random number, and the second intermediate ciphertext includes:
generating the first verification random number based on the first cryptographic function, the discernable identifier of the data transmitting end, the private key generation function identifier, the prime number, the second verification random number and the second intermediate ciphertext through a fourth generation formula;
The fourth generation formula includes:
s′=(H 1 (ID A ||hid,q)-r' -1 ·C 2 );
wherein s' representsThe first random number is checked; ID (identity) A A discernable identity representing the data transmitting end;
the verifying whether the first intermediate ciphertext is correct based on the verifying the first random number, the encrypted master public key, the verifying the second random number, and the generating element of the second addition cycle group includes:
verifying whether a first equation is established, if so, determining whether the first intermediate ciphertext is correct based on the check first random number, the encryption master public key, the check second random number and the generator of the second addition cycle group; if the first equation is not satisfied, determining that the first intermediate ciphertext is incorrect based on the check first random number, the encrypted master public key, the check second random number, and the generator of the second addition cycle group;
the first equation includes:
C 1 =[r'](P pub +[s']P 2 );
wherein P is pub Representing the encrypted primary public key, P pub =[ke]P 1
An on-line off-line encryption and decryption system based on SM9 is applied to a data transmitting end and comprises:
the first acquisition module is used for acquiring target data to be encrypted, which is confirmed by the data receiving end;
the second acquisition module is used for acquiring prime numbers, a private key generation function identifier, a first password function and a second password function which are determined based on an SM9 algorithm;
The third acquisition module is used for acquiring a first random number and a second random number which are generated in advance;
the fourth acquisition module is used for acquiring a first intermediate ciphertext, a ciphertext parameter and an intermediate parameter which are generated in advance; the first intermediate ciphertext is generated based on the first random number, the second random number, an encryption master public key determined by the SM9 algorithm and a generator of a first addition cycle group in the SM9 algorithm; the ciphertext parameter is generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and a third cryptographic function determined by the SM9 algorithm; the intermediate parameter is generated based on the second random number, the encryption master public key, a generator of a second addition loop group in the SM9 algorithm and bilinear pair mapping in the SM9 algorithm;
the first generation module is used for generating a second intermediate ciphertext based on the first random number, the second random number, the prime number, the distinguishable identification of the data transmitting end, the private key generation function identifier and the first password function;
the second generation module is used for generating a third intermediate ciphertext based on the target data and the ciphertext parameter;
A third generation module, configured to generate a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number;
the first processing module is configured to use the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext, and the fourth intermediate ciphertext as target ciphertexts of the target data.
An SM 9-based online offline encryption and decryption system, comprising:
a memory for storing a computer program;
and the processor is used for realizing the steps of the SM 9-based online and offline encryption and decryption method when executing the computer program.
A computer readable storage medium having stored therein a computer program which, when executed by a processor, performs the steps of any of the SM 9-based online offline encryption and decryption methods described above.
The online and offline encryption and decryption method based on SM9 is applied to a data sending end and used for obtaining target data to be encrypted, which is confirmed by a data receiving end; acquiring prime numbers, a private key generation function identifier, a first password function and a second password function which are determined based on an SM9 algorithm; acquiring a first random number and a second random number which are generated in advance; acquiring a first intermediate ciphertext, a ciphertext parameter and an intermediate parameter which are generated in advance; the first intermediate ciphertext is generated based on the first random number, the second random number, an encryption master public key determined by an SM9 algorithm and a generator of a first addition cycle group in the SM9 algorithm; the ciphertext parameter is generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and a third password function determined by an SM9 algorithm; the intermediate parameter is generated based on the second random number, the encryption main public key, a generating element of a second addition cycle group in the SM9 algorithm and bilinear pair mapping in the SM9 algorithm; generating a second intermediate ciphertext based on the first random number, the second random number, the prime number, the distinguishable identification of the data transmitting end, the private key generation function identifier and the first cryptographic function; generating a third intermediate ciphertext based on the target data and the ciphertext parameter; generating a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number; and taking the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext and the fourth intermediate ciphertext as target ciphertext of the target data. According to the method and the device, on-line encryption is realized based on corresponding parameters of the SM9 algorithm, and as the first intermediate ciphertext, the ciphertext parameters and the intermediate parameters can be generated by the data transmitting end in advance in an off-line mode, the on-line/off-line encryption of the SM9 algorithm is realized, the existing on-line/off-line encryption mode is expanded, and the applicability is good. The online and offline encryption and decryption system, the online and offline encryption and decryption equipment and the computer readable storage medium based on SM9 also solve the corresponding technical problems.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present application, and that other drawings may be obtained according to the provided drawings without inventive effort to a person skilled in the art.
Fig. 1 is a first flowchart of an online offline encryption and decryption method based on SM9 according to an embodiment of the present application;
fig. 2 is a second flowchart of an online offline encryption and decryption method based on SM9 according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an online offline encryption and decryption system based on SM9 according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an online offline encryption and decryption device based on SM9 according to an embodiment of the present application;
fig. 5 is another schematic structural diagram of an online offline encryption and decryption device based on SM9 according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
In order to facilitate understanding of the data encryption and decryption method provided by the present application, parameters in the SM9 algorithm related to the present application are described:
q: a large prime number.
An integer set consisting of 1, 2.
G 1 ,G 2 : the addition loop group with order N.
G T : the multiplication loop group with the order of N.
P 1 ,P 2 : respectively group G 1 And G 2 Is a generator of (1).
g u : multiplication group G T The u power of the element g.
[k] And P is a k times point of a point P on the elliptic curve, and k is a positive integer.
his private key generation function identifier.
e: from G 1 ×G 2 To G T Is a bilinear pair mapping of (1).
H 1 (·),H 2 (. Cndot.): the cryptographic functions derived from the cryptographic hash function are all
H 3 (. Cndot.): a cryptographic function derived from the cryptographic hash function, being {0,1} → {0,1} n Where n is the length of the message data.
And (4) ke: an encrypted master private key held by the KGC secret.
P pub : the encryption main public key disclosed by KGC has a calculation formula of P pub =[ke]P 1
ID: a discernible identity that is disclosed by the user.
de A : user a's private key.
m: a message to be encrypted.
mod q-modulo q operation. For example, 23mod 7≡2.
x||y: x and y, where x and y are either bit strings or byte strings.
The exclusive or operation of x and y, i.e. the modulo 2 addition of two bit strings of x and y, is performed.
C 1 The intermediate auxiliary parameter 1 is calculated by the password, and the method has no practical significance.
C 2 The intermediate auxiliary parameter 2 is calculated by the password, and the method has no practical significance.
C 3 The intermediate auxiliary parameter 3 is calculated by the password, and the method has no practical significance.
C 4 The intermediate auxiliary parameter 4 is calculated by the password, and the method has no practical significance.
Referring to fig. 1, fig. 1 is a first flowchart of an online-offline encryption and decryption method based on SM9 according to an embodiment of the present application.
The online offline encryption and decryption method based on SM9, provided by the embodiment of the application, is applied to a data transmitting end and can comprise the following steps:
step S101: and acquiring target data to be encrypted, which is confirmed by a data receiving end.
In practical application, the target data to be encrypted, which is confirmed by the data receiving end, may be acquired first, and the type of the target data may be determined according to practical needs, for example, the target data may be image data, audio data, a short message, a number, etc., which is not specifically limited herein.
In a specific application scenario, before the data transmitting end obtains the target data to be encrypted confirmed by the data receiving end, a key generating center may be further provided to generate data required by the application scheme, for example, the key generating center generates a random numberAs a master private key and stored, a master public key P is calculated pub =[ke]P 1 And is disclosed; the key generation center selects and discloses an encryption private key generation function identifier hid expressed in one byte; the key generation center uses the discernable identification ID of the data receiving end B Generating a corresponding private key de B =[ke·(H 1 (ID B )+ke) -1 mod q]P 2 And the like, and the present application is not particularly limited herein.
Step S102: the prime numbers, the private key generation function identifiers, the first cryptographic function and the second cryptographic function determined based on the SM9 algorithm are acquired.
In practical application, after target data to be encrypted confirmed by a data receiving end is obtained, prime numbers, a private key generation function identifier, a first password function and a second password function determined based on an SM9 algorithm can be obtained.
Step S103: a first random number and a second random number which are generated in advance are obtained.
In practical application, after obtaining the prime number, the private key generation function identifier, the first cryptographic function and the second cryptographic function determined based on the SM9 algorithm, the first random number and the second random number which are generated in advance can be obtained.
Step S104: acquiring a first intermediate ciphertext, a ciphertext parameter and an intermediate parameter which are generated in advance; the first intermediate ciphertext is generated based on the first random number, the second random number, an encryption master public key determined by the SM9 algorithm and a generator of a first addition cycle group in the SM9 algorithm; the ciphertext parameter is generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and a third cryptographic function determined by the SM9 algorithm; the intermediate parameter is generated based on the second random number, the encryption master public key, a generator of a second addition loop group in the SM9 algorithm, and a bilinear pair mapping in the SM9 algorithm.
In practical application, after the first random number and the second random number which are generated in advance are obtained, a first intermediate ciphertext, a ciphertext parameter and an intermediate parameter which are generated in advance can be obtained; the first intermediate ciphertext is generated based on the first random number, the second random number, an encryption master public key determined by the SM9 algorithm and a generator of a first addition cycle group in the SM9 algorithm; the ciphertext parameter is generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and a third cryptographic function determined by the SM9 algorithm; the intermediate parameter is generated based on the second random number, the encryption master public key, a generator of a second addition loop group in the SM9 algorithm, and a bilinear pair mapping in the SM9 algorithm.
In a specific application scenario, before the target data to be encrypted, which is confirmed by the data receiving end, is obtained, the first random number and the second random number may be generated in an offline stage; in the offline stage, generating the first intermediate ciphertext based on the first random number, the second random number, the encryption master public key determined by the SM9 algorithm, and the generator of the first addition cycle group in the SM9 algorithm; generating the ciphertext parameter based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and the third cryptographic function determined by the SM9 algorithm in the offline stage; in the offline stage, the intermediate parameters are generated based on the second random number, the encrypted master public key, the generator of the second addition loop group in the SM9 algorithm, and the bilinear pair mapping in the SM9 algorithm.
In a specific application scenario, in the process of generating the first intermediate ciphertext based on the first random number, the second random number, the encryption master public key determined by the SM9 algorithm, and the generator of the first addition cycle group in the SM9 algorithm, the first intermediate ciphertext may be generated based on the first random number, the second random number, and the generator of the first addition cycle group in the SM9 algorithm through a first operation formula;
the first operation formula includes:
C 1 =[r](P pub +[s]P 1 );
wherein C is 1 Representing the first intermediate ciphertext; r represents the second random number; p (P) pub Representing the encrypted primary public key, P pub =[ke]P 1 Ke represents the encrypted master private key determined by the SM9 algorithm; s represents the first random number; p (P) 1 Representing the first addition cycle group G 1 Is a generator of (1);
in the process of generating the ciphertext parameter based on the first intermediate ciphertext, the intermediate parameter and the discernable identifier of the data receiving end, the ciphertext parameter can be generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and the third cryptographic function determined by the SM9 algorithm through a second operation formula;
The second operation formula includes:
t=H 3 (C 1 ||w||ID B );
wherein t represents the ciphertext parameter; h 3 Representing the third cryptographic function; w represents the intermediate parameter; ID (identity) B A discernable identity representing the data receiving end; the I represents stitching;
in the process of generating the intermediate parameter based on the second random number, the encryption master public key, the generator of the second addition loop group in the SM9 algorithm, and the bilinear pair mapping in the SM9 algorithm, the intermediate parameter may be generated based on the second random number, the encryption master public key, the generator of the second addition loop group in the SM9 algorithm, and the bilinear pair mapping in the SM9 algorithm through a third operation formula;
the third operation formula includes:
w=g r ;g=e(P pub ,P 2 );
wherein e represents the bilinear pair mapping; p (P) 2 Representing the second addition cycle group G 2 Is a generator of (1).
Step S105: and generating a second intermediate ciphertext based on the first random number, the second random number, the prime number, the discernable identifier of the data transmitting end, the private key generation function identifier and the first cryptographic function.
In practical application, after the first intermediate ciphertext, the ciphertext parameter and the intermediate parameter which are generated in advance are obtained, the second intermediate ciphertext can be generated based on the first random number, the second random number, the prime number, the discernable identifier of the data transmitting end, the private key generation function identifier and the first cryptographic function.
In a specific application scenario, in the process of generating the second intermediate ciphertext based on the first random number, the second random number, the prime number, the distinguishable identification of the data transmitting end, the private key generation function identifier and the first cryptographic function, the second intermediate ciphertext may be generated based on the first random number, the second random number, the prime number, the distinguishable identification of the data transmitting end, the private key generation function identifier and the first cryptographic function through a fourth operation formula;
the fourth operation formula includes:
C 2 =r·(H 1 (ID A ||hid,q)-s)mod q;
wherein C is 2 Representing the second intermediate ciphertext; h 1 Representing the first cryptographic function; ID (identity) A A discernable identity representing the data transmitting end; his represents the private key generation function identifier; q represents the prime number;
step S106: and generating a third intermediate ciphertext based on the target data and the ciphertext parameter.
In practical applications, after the second intermediate ciphertext is generated based on the first random number, the second random number, the prime number, the distinguishable identifier of the data transmitting end, the private key generating function identifier, and the first cryptographic function, a third intermediate ciphertext may be generated based on the target data and the ciphertext parameters.
In the specific application scenario, in the process of generating the third intermediate ciphertext based on the target data and the ciphertext parameter, the third intermediate ciphertext may be generated based on the target data and the ciphertext parameter by using a fifth operation formula;
the fifth operation formula includes:
wherein C is 3 Representing the third intermediate ciphertext; m represents the target data; the one represents an exclusive-or operation;
step S107: a fourth intermediate ciphertext is generated based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number.
In practical applications, after the third intermediate ciphertext is generated based on the target data and the ciphertext parameter, a fourth intermediate ciphertext may be generated based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number.
In a specific application scenario, in the process of generating a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number, the fourth intermediate ciphertext may be generated based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number through a sixth operation formula;
The sixth operational formula includes:
C 4 =(r+H 2 (m||w||C 1 ||C 2 ))mod q;
wherein C is 4 Representing the fourth intermediate ciphertext; h 2 Representing the second cryptographic function.
Step S108: and taking the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext and the fourth intermediate ciphertext as target ciphertexts of the target data.
In practical applications, after generating a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number, the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext, and the fourth intermediate ciphertext may be used as target ciphertexts of the target data.
In a specific application scenario, after the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext, and the fourth intermediate ciphertext are used as the target ciphertext of the target data, the target ciphertext may be further sent to the data receiving end, and the application is not specifically limited herein.
The online and offline encryption and decryption method based on SM9 is applied to a data sending end and used for obtaining target data to be encrypted, which is confirmed by a data receiving end; acquiring prime numbers, a private key generation function identifier, a first password function and a second password function which are determined based on an SM9 algorithm; acquiring a first random number and a second random number which are generated in advance; acquiring a first intermediate ciphertext, a ciphertext parameter and an intermediate parameter which are generated in advance; the first intermediate ciphertext is generated based on the first random number, the second random number, an encryption master public key determined by an SM9 algorithm and a generator of a first addition cycle group in the SM9 algorithm; the ciphertext parameter is generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and a third password function determined by an SM9 algorithm; the intermediate parameter is generated based on the second random number, the encryption main public key, a generating element of a second addition cycle group in the SM9 algorithm and bilinear pair mapping in the SM9 algorithm; generating a second intermediate ciphertext based on the first random number, the second random number, the prime number, the distinguishable identification of the data transmitting end, the private key generation function identifier and the first cryptographic function; generating a third intermediate ciphertext based on the target data and the ciphertext parameter; generating a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number; and taking the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext and the fourth intermediate ciphertext as target ciphertext of the target data. According to the method and the device, on-line encryption is realized based on corresponding parameters of the SM9 algorithm, and as the first intermediate ciphertext, the ciphertext parameters and the intermediate parameters can be generated by the data transmitting end in advance in an off-line mode, the on-line/off-line encryption of the SM9 algorithm is realized, the existing on-line/off-line encryption mode is expanded, and the applicability is good.
In addition, the method for online/offline encryption based on SM9 algorithm is realized, the data transmitting end divides the data encryption process into two sub-processes of online encryption and offline encryption, and under the condition that encrypted data and data receiving end identification are not needed to be known, the data transmitting end can calculate partial encryption operation in advance through the offline encryption algorithm, so that most of overhead operation is completed and offline ciphertext is generated, and after the encrypted data and the data receiving end identification are known, the data transmitting end can execute the online encryption algorithm to complete the encryption process by utilizing offline ciphertext pairs, so that execution efficiency is effectively improved.
Referring to fig. 2, fig. 2 is a second flowchart of an online-offline encryption and decryption method based on SM9 according to an embodiment of the present application.
The on-line off-line encryption and decryption method based on SM9 is applied to a data receiving end, and the process of decrypting the data receiving end to obtain target data can comprise the following steps:
step S201: the method comprises the steps of obtaining bilinear pair mapping determined based on an SM9 algorithm, a generator of a first addition loop group, a first cryptographic function, a second cryptographic function, prime numbers, a private key generation function identifier, a generator of a second addition loop group and an encryption master public key.
Step S202: and receiving a target ciphertext transmitted by the data transmitting end, wherein the target ciphertext comprises a first intermediate ciphertext, a second intermediate ciphertext, a third intermediate ciphertext and a fourth intermediate ciphertext.
Step S203: and generating a verification intermediate parameter based on the bilinear pair mapping, the first intermediate ciphertext, the second intermediate ciphertext, the generating element of the first addition cycle group and the private key of the data receiving end.
In a specific application scenario, in the process of generating the verification intermediate parameter based on the bilinear pair mapping, the first intermediate ciphertext, the second intermediate ciphertext, the generating element of the first addition cycle group, and the private key of the data receiving end, the verification intermediate parameter may be generated based on the bilinear pair mapping, the first intermediate ciphertext, the second intermediate ciphertext, the generating element of the first addition cycle group, and the private key of the data receiving end through a first generation formula;
the first generation formula includes:
w'=e((C 1 +[C 2 ]P 1 ),de B );
wherein w' represents the verification intermediate parameter; e represents the bilinear pair mapping; c (C) 1 Representing the first intermediate ciphertext; c (C) 2 Representing the second intermediate ciphertext; p (P) 1 Representing the first addition cycle group G 1 Is a generator of (1); de B A private key, de, representing the data receiving end B =[ke·(H 1 (ID B )+ke) -1 mod q]P 2 Ke represents the encryption master private key, H, determined by the SM9 algorithm 1 Representing the first cryptographic function, ID B Representing the discernable identity of the data receiving end, P 2 Representing the second addition cycle group G 2 Is a generator of (1);
step S204: and generating check data based on the check intermediate parameter and the third intermediate parameter.
In practical application, in the process of generating the check data based on the check intermediate parameter and the third intermediate parameter, the check data may be generated based on the check intermediate parameter and the third intermediate parameter through a second generation formula;
the second generation formula includes:
wherein m' represents the check data; c (C) 3 Representing the third intermediate ciphertext;representing an exclusive-or operation; .
Step S205: and generating a second random number based on the fourth intermediate ciphertext, the second cryptographic function, the verification data, the verification intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext and the prime number.
In practical application, in the process of generating the second random number based on the fourth intermediate ciphertext, the second cryptographic function, the verification data, the verification intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number, the second random number may be generated based on the fourth intermediate ciphertext, the second cryptographic function, the verification data, the verification intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number through a third generation formula;
The third generation formula includes;
r'=(C 4 -H 2 (m'||w'||C 1 ||C 2 ))mod q;
wherein r' represents the check second random number; c (C) 4 Representing the fourth intermediate ciphertext.
Step S206: and generating a first verification random number based on the first cryptographic function, the distinguishable identification of the data transmitting end, the private key generation function identifier, the prime number, the second verification random number and the second intermediate ciphertext.
In practical application, in the process of generating the first random number based on the first cryptographic function, the discernable identifier of the data transmitting end, the private key generation function identifier, the prime number, the second random number and the second intermediate ciphertext, the first random number can be generated based on the first cryptographic function, the discernable identifier of the data transmitting end, the private key generation function identifier, the prime number, the second random number and the second intermediate ciphertext through a fourth generation formula;
the fourth generation formula includes:
s′=(H 1 (ID A ||hid,q)-r' -1 ·C 2 );
wherein s' represents the check first random number; ID (identity) A Representing a discernable identity of the data sender.
Step S207: and verifying whether the first intermediate ciphertext is correct or not based on the first random number, the encryption master public key, the second random number and the generation element of the second addition cycle group, and if so, taking the verification data as target data transmitted by the data transmitting end.
In practical application, in the process of verifying whether the first intermediate ciphertext is correct based on the first random number, the encryption master public key, the second random number and the generating element of the second addition cycle group, whether a first equation is true or not can be verified, if the first equation is true, the generating element based on the first random number, the encryption master public key, the second random number and the second addition cycle group is determined to be correct; if the first equation is not satisfied, determining that the first intermediate ciphertext is incorrect based on the check first random number, the encrypted master public key, the check second random number, and the generator of the second addition cycle group;
the first equation includes:
C 1 =[r'](P pub +[s']P 2 );
wherein P is pub Representing the encrypted primary public key, P pub =[ke]P 1
Referring to fig. 3, fig. 3 is a schematic structural diagram of an online-offline encryption and decryption system based on SM9 according to an embodiment of the present application.
The online offline encryption and decryption system based on SM9, provided by the embodiment of the application, is applied to a data transmitting end and can comprise:
a first obtaining module 101, configured to obtain target data to be encrypted, which is confirmed by a data receiving end;
A second obtaining module 102, configured to obtain the prime number, the private key generating function identifier, the first cryptographic function, and the second cryptographic function determined based on the SM9 algorithm;
a third obtaining module 103, configured to obtain a first random number and a second random number that are generated in advance;
a fourth obtaining module 104, configured to obtain a first intermediate ciphertext, a ciphertext parameter, and an intermediate parameter that are generated in advance; the first intermediate ciphertext is generated based on the first random number, the second random number, an encryption master public key determined by the SM9 algorithm and a generator of a first addition cycle group in the SM9 algorithm; the ciphertext parameter is generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and a third cryptographic function determined by the SM9 algorithm; the intermediate parameter is generated based on the second random number, the encryption master public key, a generator of a second addition loop group in the SM9 algorithm and bilinear pair mapping in the SM9 algorithm;
a first generating module 105, configured to generate a second intermediate ciphertext based on the first random number, the second random number, the prime number, the discernable identifier of the data transmitting end, the private key generating function identifier, and the first cryptographic function;
A second generation module 106, configured to generate a third intermediate ciphertext based on the target data and the ciphertext parameter;
a third generating module 107, configured to generate a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number;
the first processing module 108 is configured to take the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext, and the fourth intermediate ciphertext as target ciphertexts of the target data.
The online offline encryption and decryption system based on SM9, provided by the embodiment of the application, is applied to a data receiving end and can comprise:
a fifth obtaining module, configured to obtain the bilinear pair mapping determined based on the SM9 algorithm, a generator of the first addition loop group, a first cryptographic function, a second cryptographic function, a prime number, a private key generation function identifier, a generator of the second addition loop group, and an encrypted master public key;
the first receiving module is used for receiving a target ciphertext transmitted by the data transmitting end, wherein the target ciphertext comprises a first intermediate ciphertext, a second intermediate ciphertext, a third intermediate ciphertext and a fourth intermediate ciphertext;
A fourth generation module, configured to generate a verification intermediate parameter based on the bilinear pair mapping, the first intermediate ciphertext, the second intermediate ciphertext, a generator of the first addition cycle group, and a private key of the data receiving end;
a fifth generation module, configured to generate verification data based on the verification intermediate parameter and the third intermediate parameter;
a sixth generation module, configured to generate a second random number based on the fourth intermediate ciphertext, the second cryptographic function, the verification data, the verification intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number;
a seventh generation module, configured to generate a first verification random number based on the first cryptographic function, the discernable identifier of the data transmitting end, the private key generation function identifier, the prime number, the second verification random number, and the second intermediate ciphertext;
and the first verification module is used for verifying whether the first intermediate ciphertext is correct or not based on the first random number, the encryption main public key, the second random number and the generation element of the second addition cycle group, and if so, the verification data is used as target data transmitted by the data transmitting end.
The description of the corresponding modules in the SM 9-based online offline encryption and decryption system provided in the embodiment of the present application may refer to the above embodiment, and will not be repeated here.
The application also provides an on-line off-line encryption and decryption device based on SM9 and a computer readable storage medium, which all have the corresponding effects of the on-line off-line encryption and decryption method based on SM 9. Referring to fig. 4, fig. 4 is a schematic structural diagram of an online and offline encryption and decryption device based on SM9 according to an embodiment of the present application.
The online offline encryption and decryption device based on SM9 provided in this embodiment of the present application includes a memory 201 and a processor 202, where the memory 201 stores a computer program, and the processor 202 implements the steps of the online offline encryption and decryption method based on SM9 described in any embodiment above when executing the computer program.
Referring to fig. 5, another online offline encryption and decryption device based on SM9 provided in the embodiment of the present application may further include: an input port 203 connected to the processor 202 for transmitting an externally input command to the processor 202; a display unit 204 connected to the processor 202, for displaying the processing result of the processor 202 to the outside; and the communication module 205 is connected with the processor 202 and is used for realizing communication between the SM 9-based online and offline encryption and decryption equipment and the outside. The display unit 204 may be a display panel, a laser scanning display, or the like; communication means employed by the communication module 205 include, but are not limited to, mobile high definition link technology (HML), universal Serial Bus (USB), high Definition Multimedia Interface (HDMI), wireless connection: wireless fidelity (WiFi), bluetooth communication, bluetooth low energy communication, ieee802.11s based communication.
The embodiment of the application provides a computer readable storage medium, in which a computer program is stored, and when the computer program is executed by a processor, the steps of the online offline encryption and decryption method based on SM9 described in any embodiment are implemented.
The computer readable storage medium referred to in this application includes Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The description of the related parts in the SM 9-based online offline encryption and decryption system, device and computer readable storage medium provided in the embodiments of the present application refers to the detailed description of the corresponding parts in the SM 9-based online offline encryption and decryption method provided in the embodiments of the present application, and will not be repeated here. In addition, the parts of the above technical solutions provided in the embodiments of the present application, which are consistent with the implementation principles of the corresponding technical solutions in the prior art, are not described in detail, so that redundant descriptions are avoided.
It is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (9)

1. An on-line off-line encryption and decryption method based on SM9 is characterized by being applied to a data transmitting end and comprising the following steps:
acquiring target data to be encrypted confirmed by a data receiving end;
acquiring prime numbers, a private key generation function identifier, a first password function and a second password function which are determined based on an SM9 algorithm;
acquiring a first random number and a second random number which are generated in advance;
acquiring a first intermediate ciphertext, a ciphertext parameter and an intermediate parameter which are generated in advance; the first intermediate ciphertext is generated based on the first random number, the second random number, an encryption master public key determined by the SM9 algorithm and a generator of a first addition cycle group in the SM9 algorithm; the ciphertext parameter is generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and a third cryptographic function determined by the SM9 algorithm; the intermediate parameter is generated based on the second random number, the encryption master public key, a generator of a second addition loop group in the SM9 algorithm and bilinear pair mapping in the SM9 algorithm;
Generating a second intermediate ciphertext based on the first random number, the second random number, the prime number, the discernable identity of the data transmitting end, the private key generation function identifier, and the first cryptographic function;
generating a third intermediate ciphertext based on the target data and the ciphertext parameter;
generating a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number;
taking the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext and the fourth intermediate ciphertext as target ciphertexts of the target data;
before the target data to be encrypted confirmed by the data receiving end is obtained, the method further comprises the following steps:
generating the first random number and the second random number in an offline stage;
in the offline stage, generating the first intermediate ciphertext based on the first random number, the second random number, the encryption master public key determined by the SM9 algorithm, and the generator of the first addition cycle group in the SM9 algorithm;
generating the ciphertext parameter based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and the third cryptographic function determined by the SM9 algorithm in the offline stage;
In the offline stage, the intermediate parameters are generated based on the second random number, the encrypted master public key, the generator of the second addition loop group in the SM9 algorithm, and the bilinear pair mapping in the SM9 algorithm.
2. The method of claim 1, wherein the generating the first intermediate ciphertext based on the first random number, the second random number, the encrypted master public key determined by the SM9 algorithm, and the generator of the first addition cycle group in the SM9 algorithm, comprises:
generating the first intermediate ciphertext based on the first random number, the second random number, the encryption master public key determined by the SM9 algorithm and the generator of the first addition cycle group in the SM9 algorithm through a first operation formula;
the first operation formula includes:
C 1 =[r](P pub +[s]P 1 );
wherein C is 1 Representing the first intermediate ciphertext; r represents the second random number; p (P) pub Representing the encrypted primary public key, P pub =[ke]P 1 Ke represents the encrypted master private key determined by the SM9 algorithm; s represents the first random number; p (P) 1 Representing the first addition cycle group G 1 Is a generator of (1);
the generating the ciphertext parameter based on the first intermediate ciphertext, the intermediate parameter, and the discernable identifier of the data receiving end includes:
Generating the ciphertext parameter based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and the third cryptographic function determined by the SM9 algorithm through a second operation formula;
the second operation formula includes:
t=H 3 (C 1 ||w||ID B );
wherein t represents the ciphertext parameter; h 3 Representing the third cryptographic function; w represents the intermediate parameter; ID (identity) B A discernable identity representing the data receiving end; the I represents stitching;
the generating the intermediate parameter based on the second random number, the encrypted master public key, the generator of the second addition loop group in the SM9 algorithm, and the bilinear pair mapping in the SM9 algorithm includes:
generating the intermediate parameter based on the second random number, the encryption master public key, the generator of the second addition loop group in the SM9 algorithm, and the bilinear pair mapping in the SM9 algorithm by a third operation formula;
the third operation formula includes:
w=g r ;g=e(P pub ,P 2 );
wherein e represents the bilinear pair mapping; p (P) 2 Representing the second addition cycle group G 2 Is a generator of (1).
3. The method of claim 2, wherein the generating the second intermediate ciphertext based on the first random number, the second random number, the prime number, the discernable identity of the data sender, the private key generation function identifier, the first cryptographic function, comprises:
Generating a second intermediate ciphertext based on the first random number, the second random number, the prime number, the distinguishable identification of the data transmitting end, the private key generation function identifier and the first cryptographic function through a fourth operation formula;
the fourth operation formula includes:
C 2 =r·(H 1 (ID A ||hid,q)-s)mod q;
wherein C is 2 Representing the second intermediate ciphertext; h 1 Representing the first cryptographic function; ID (identity) A A discernable identity representing the data transmitting end; his represents the private key generation function identifier; q represents the prime number;
the generating a third intermediate ciphertext based on the target data and the ciphertext parameter includes:
generating the third intermediate ciphertext based on the target data and the ciphertext parameter by a fifth operation formula;
the fifth operation formula includes:
wherein C is 3 Representing the third intermediate ciphertext; m represents the target data; the one represents an exclusive-or operation;
the generating a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, the prime number, comprises:
generating the fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number by a sixth operation formula;
The sixth operational formula includes:
C 4 =(r+H 2 (m||w||C 1 ||C 2 ))mod q;
wherein C is 4 Representation ofThe fourth intermediate ciphertext; h 2 Representing the second cryptographic function.
4. The method of claim 1, wherein after the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext, and the fourth intermediate ciphertext are the target ciphertext of the target data, further comprising:
and sending the target ciphertext to the data receiving end.
5. An on-line off-line encryption and decryption method based on SM9 is characterized by being applied to a data receiving end and comprising the following steps:
acquiring bilinear pair mapping, a generating element of a first addition cyclic group, a first cryptographic function, a second cryptographic function, prime numbers, a private key generating function identifier, a generating element of a second addition cyclic group and an encryption master public key which are determined based on an SM9 algorithm;
receiving a target ciphertext transmitted by a data transmitting end, wherein the target ciphertext comprises a first intermediate ciphertext, a second intermediate ciphertext, a third intermediate ciphertext and a fourth intermediate ciphertext;
generating a verification intermediate parameter based on the bilinear pair mapping, the first intermediate ciphertext, the second intermediate ciphertext, the generator of the first addition cycle group and the private key of the data receiving end;
Generating verification data based on the verification intermediate parameter and the third intermediate ciphertext;
generating a check second random number based on the fourth intermediate ciphertext, the second cryptographic function, the check data, the check intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number;
generating a first verification random number based on the first cryptographic function, the distinguishable identification of the data transmitting end, the private key generation function identifier, the prime number, the second verification random number and the second intermediate ciphertext;
verifying whether the first intermediate ciphertext is correct or not based on the first verification random number, the encryption master public key, the second verification random number and the generation element of the second addition cycle group, and if so, taking the verification data as target data transmitted by the data transmitting end;
the first intermediate ciphertext is generated based on a first random number, a second random number, the encryption master public key and a generator of the first addition cycle group; the second intermediate ciphertext is generated based on the first random number, the second random number, the prime number, the discernable identifier of the data transmitting end, the private key generation function identifier and the first cryptographic function; the third intermediate ciphertext is generated based on the target data and the ciphertext parameters; the fourth intermediate ciphertext is generated based on the second random number, the second cryptographic function, the target data, an intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, the prime number; the ciphertext parameter is generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and a third cryptographic function determined by the SM9 algorithm; the intermediate parameter is generated based on the second random number, the encryption master public key, the generator of the second addition cycle group, and the bilinear pair mapping;
The data transmitting end generates the first random number and the second random number in an off-line stage before acquiring target data to be encrypted confirmed by the data receiving end; in the offline stage, generating the first intermediate ciphertext based on the first random number, the second random number, the encryption master public key determined by the SM9 algorithm, and the generator of the first addition cycle group in the SM9 algorithm; generating the ciphertext parameter based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and the third cryptographic function determined by the SM9 algorithm in the offline stage; in the offline stage, the intermediate parameters are generated based on the second random number, the encrypted master public key, the generator of the second addition loop group in the SM9 algorithm, and the bilinear pair mapping in the SM9 algorithm.
6. The method of claim 5, wherein generating a check intermediate parameter based on the bilinear pair mapping, the first intermediate ciphertext, the second intermediate ciphertext, the generator of the first addition cycle group, and the private key of the data receiving end comprises:
Generating the verification intermediate parameter based on the bilinear pair mapping, the first intermediate ciphertext, the second intermediate ciphertext, the generator of the first addition cycle group and the private key of the data receiving end through a first generation formula;
the first generation formula includes:
w'=e((C 1 +[C 2 ]P 1 ),de B );
wherein w' represents the verification intermediate parameter; e represents the bilinear pair mapping; c (C) 1 Representing the first intermediate ciphertext; c (C) 2 Representing the second intermediate ciphertext; p (P) 1 Representing the first addition cycle group G 1 Is a generator of (1); de B A private key, de, representing the data receiving end B =[ke·(H 1 (ID B )+ke) -1 mod q]P 2 Ke represents the encryption master private key, H, determined by the SM9 algorithm 1 Representing the first cryptographic function, ID B Representing the discernable identity of the data receiving end, P 2 Representing the second addition cycle group G 2 Q represents the prime number;
the generating the check data based on the check intermediate parameter and the third intermediate ciphertext includes:
generating the verification data based on the verification intermediate parameter and the third intermediate ciphertext through a second generation formula;
the second generation formula includes:
wherein m' represents the check data; c (C) 3 Representing the third intermediate ciphertext; the one represents an exclusive-or operation;
And generating a second random number based on the fourth intermediate ciphertext, the second cryptographic function, the verification data, the verification intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number, including:
generating the second check random number based on the fourth intermediate ciphertext, the second cryptographic function, the check data, the check intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number by a third generation formula;
the third generation formula includes;
r'=(C 4 -H 2 (m'||w'||C 1 ||C 2 ))mod q;
wherein r' represents the check second random number; c (C) 4 Representing the fourth intermediate ciphertext; h 2 Representing the second cryptographic function;
the generating a first random number based on the first cryptographic function, the distinguishable identification of the data transmitting end, the private key generating function identifier, the prime number, the second random number, and the second intermediate ciphertext includes:
generating the first verification random number based on the first cryptographic function, the discernable identifier of the data transmitting end, the private key generation function identifier, the prime number, the second verification random number and the second intermediate ciphertext through a fourth generation formula;
The fourth generation formula includes:
s′=(H 1 (ID A ||hid,q)-r' -1 ·C 2 );
wherein s' represents the check first random number; ID (identity) A A discernable identity representing the data transmitting end; his represents the private key generation function identifier;
the verifying whether the first intermediate ciphertext is correct based on the verifying the first random number, the encrypted master public key, the verifying the second random number, and the generating element of the second addition cycle group includes:
verifying whether a first equation is established, if so, determining whether the first intermediate ciphertext is correct based on the check first random number, the encryption master public key, the check second random number and the generator of the second addition cycle group; if the first equation is not satisfied, determining that the first intermediate ciphertext is incorrect based on the check first random number, the encrypted master public key, the check second random number, and the generator of the second addition cycle group;
the first equation includes:
C 1 =[r'](P pub +[s']P 2 );
wherein P is pub Representing the encrypted primary public key, P pub =[ke]P 1
7. An on-line off-line encryption and decryption system based on SM9 is characterized by being applied to a data transmitting end and comprising:
the first acquisition module is used for acquiring target data to be encrypted, which is confirmed by the data receiving end;
The second acquisition module is used for acquiring prime numbers, a private key generation function identifier, a first password function and a second password function which are determined based on an SM9 algorithm;
the third acquisition module is used for acquiring a first random number and a second random number which are generated in advance;
the fourth acquisition module is used for acquiring a first intermediate ciphertext, a ciphertext parameter and an intermediate parameter which are generated in advance; the first intermediate ciphertext is generated based on the first random number, the second random number, an encryption master public key determined by the SM9 algorithm and a generator of a first addition cycle group in the SM9 algorithm; the ciphertext parameter is generated based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and a third cryptographic function determined by the SM9 algorithm; the intermediate parameter is generated based on the second random number, the encryption master public key, a generator of a second addition loop group in the SM9 algorithm and bilinear pair mapping in the SM9 algorithm;
the first generation module is used for generating a second intermediate ciphertext based on the first random number, the second random number, the prime number, the distinguishable identification of the data transmitting end, the private key generation function identifier and the first password function;
The second generation module is used for generating a third intermediate ciphertext based on the target data and the ciphertext parameter;
a third generation module, configured to generate a fourth intermediate ciphertext based on the second random number, the second cryptographic function, the target data, the intermediate parameter, the first intermediate ciphertext, the second intermediate ciphertext, and the prime number;
the first processing module is used for taking the first intermediate ciphertext, the second intermediate ciphertext, the third intermediate ciphertext and the fourth intermediate ciphertext as target ciphertexts of the target data;
wherein the system is further for: before target data to be encrypted, which is confirmed by a data receiving end, is acquired, the first random number and the second random number are generated in an offline stage; in the offline stage, generating the first intermediate ciphertext based on the first random number, the second random number, the encryption master public key determined by the SM9 algorithm, and the generator of the first addition cycle group in the SM9 algorithm; generating the ciphertext parameter based on the first intermediate ciphertext, the intermediate parameter, the discernable identifier of the data receiving end and the third cryptographic function determined by the SM9 algorithm in the offline stage; in the offline stage, the intermediate parameters are generated based on the second random number, the encrypted master public key, the generator of the second addition loop group in the SM9 algorithm, and the bilinear pair mapping in the SM9 algorithm.
8. An on-line and off-line encryption and decryption system based on SM9, which is characterized by comprising:
a memory for storing a computer program;
a processor, configured to implement the steps of the SM 9-based online offline encryption and decryption method according to any one of claims 1 to 6 when executing the computer program.
9. A computer readable storage medium, wherein a computer program is stored in the computer readable storage medium, and when the computer program is executed by a processor, the computer program realizes the steps of the SM 9-based online offline encryption and decryption method according to any one of claims 1 to 6.
CN202211286848.6A 2022-10-20 2022-10-20 SM 9-based online and offline encryption and decryption method, system, equipment and medium Active CN115664651B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211286848.6A CN115664651B (en) 2022-10-20 2022-10-20 SM 9-based online and offline encryption and decryption method, system, equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211286848.6A CN115664651B (en) 2022-10-20 2022-10-20 SM 9-based online and offline encryption and decryption method, system, equipment and medium

Publications (2)

Publication Number Publication Date
CN115664651A CN115664651A (en) 2023-01-31
CN115664651B true CN115664651B (en) 2024-03-08

Family

ID=84989833

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211286848.6A Active CN115664651B (en) 2022-10-20 2022-10-20 SM 9-based online and offline encryption and decryption method, system, equipment and medium

Country Status (1)

Country Link
CN (1) CN115664651B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118200053B (en) * 2024-05-16 2024-08-02 交通运输部水运科学研究所 Ship shore-based navigation control instruction protection method and system based on national density SM9

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113904768A (en) * 2021-11-10 2022-01-07 福建师范大学 Online and offline decryption method based on SM9 key encapsulation mechanism
CN113987558A (en) * 2021-12-24 2022-01-28 杭州电子科技大学 Off-line/on-line lattice-based attribute-based encryption method
CN114285576A (en) * 2021-11-12 2022-04-05 淮阴工学院 Non-pair online and offline signcryption method
CN114826611A (en) * 2022-04-14 2022-07-29 扬州大学 IND-sID-CCA2 security identifier broadcast encryption method based on SM9
CN115102688A (en) * 2022-08-24 2022-09-23 北京信安世纪科技股份有限公司 Data processing method, polynomial calculation method and electronic equipment
CN115174104A (en) * 2022-06-28 2022-10-11 福建师范大学 Attribute-based online/offline signature method and system based on secret SM9

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220141026A1 (en) * 2020-11-02 2022-05-05 Intel Corporation Graphics security with synergistic encryption, content-based and resource management technology

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113904768A (en) * 2021-11-10 2022-01-07 福建师范大学 Online and offline decryption method based on SM9 key encapsulation mechanism
CN114285576A (en) * 2021-11-12 2022-04-05 淮阴工学院 Non-pair online and offline signcryption method
CN113987558A (en) * 2021-12-24 2022-01-28 杭州电子科技大学 Off-line/on-line lattice-based attribute-based encryption method
CN114826611A (en) * 2022-04-14 2022-07-29 扬州大学 IND-sID-CCA2 security identifier broadcast encryption method based on SM9
CN115174104A (en) * 2022-06-28 2022-10-11 福建师范大学 Attribute-based online/offline signature method and system based on secret SM9
CN115102688A (en) * 2022-08-24 2022-09-23 北京信安世纪科技股份有限公司 Data processing method, polynomial calculation method and electronic equipment

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
Provably Secure OnlineOffline Identity-Based Signature Scheme Based on SM9;Jianchang Lai etal.;《The Computer Journal》;第65卷(第7期);全文 *
Reverse Authentication in Financial Transactions and Identity Management;Bangdao Chen etal.;《Mobile Networks and Applications》;第18卷;全文 *
SM9用户私钥在线分发技术;曾勇 等;《通信技术》;第55卷(第8期);全文 *
基于离线/在线加密技术的适应性安全的密文策略属性加密方案;李锋;王光波;刘永庆;;通信技术;20200710(第07期);全文 *

Also Published As

Publication number Publication date
CN115664651A (en) 2023-01-31

Similar Documents

Publication Publication Date Title
US10673631B2 (en) Elliptic curve isogeny-based cryptographic scheme
CN104539423B (en) A kind of implementation method without CertPubKey cipher system of no Bilinear map computing
EP3590224B1 (en) Elliptic curve isogeny based key agreement protocol
JP4809598B2 (en) Use of isojani in the design of cryptographic systems
CN111130804B (en) SM2 algorithm-based collaborative signature method, device, system and medium
US9037623B2 (en) Proxy calculation system, proxy calculation method, proxy calculation requesting apparatus, and proxy calculation program and recording medium therefor
CN110011995B (en) Encryption and decryption method and device in multicast communication
CN107425971B (en) Certificateless data encryption/decryption method and device and terminal
CN111585759B (en) Efficient on-line and off-line encryption method based on SM9 public key encryption algorithm
CN112564907B (en) Key generation method and device, encryption method and device, and decryption method and device
JP2013539295A (en) Authenticated encryption of digital signatures with message recovery
WO2015004286A1 (en) Key agreement device and method
CN111404952B (en) Transformer substation data encryption transmission method and device, computer equipment and storage medium
CN107864037A (en) SM9 Combination with Digital endorsement method and device
CN110784314A (en) Certificateless encrypted information processing method
CN115664651B (en) SM 9-based online and offline encryption and decryption method, system, equipment and medium
CN109618348B (en) Method and device for realizing one-way proxy re-signature
CN114070549B (en) Key generation method, device, equipment and storage medium
CN110868285B (en) Authentication method, server, system, and computer-readable storage medium
CN114362912A (en) Identification password generation method based on distributed key center, electronic device and medium
CN111262709A (en) Trapdoor hash function-based unlicensed bookmark encryption system and method
CN114070550B (en) Information processing method, device, equipment and storage medium
CN110572788B (en) Wireless sensor communication method and system based on asymmetric key pool and implicit certificate
CN115550007A (en) Signcryption method and system with equivalence test function based on heterogeneous system
CN115913649A (en) Efficient attribute base signcryption method and system based on quotient secret SM9

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant