SM9标识密码算法综述

摘要/Abstract

摘要： SM9标识密码算法是一种基于双线性对的标识密码算法，它可以把用户的身份标识用以生成用户的公、私密钥对，主要用于数字签名、数据加密、密钥交换以及身份认证等.SM9密码算法的密钥长度为256b.SM9密码算法的应用与管理不需要数字证书、证书库或密钥库.该算法于2015年发布为国家密码行业标准(GMT 0044—2016).总结了SM9密码算法的设计原理、算法描述、软硬件实现和安全性分析.

关键词: SM9算法, 基于标识的密码算法, 双线性对, 数字签名, 数据加密

Abstract: SM9 identitybased cryptographic algorithm is an identitybased cryptosystem with bilinear pairings. In such a system the user s private key and public key may be extracted from user s identity and key generation centers parameters. The most common cryptographic uses of SM9 are with digital signature, data encryption, key exchange protocol and key encapsulation mechanism etc. The application and management of SM9 will not require digital certificate, certificate base, and key base. The key length of the SM9 cipher algorithm is 256b. SM9 cryptographic algorithm was issued as the cryptography standard in 2015. This paper will summarize the design, algorithm, software and hardware implementation and cryptanalysis of SM9 cryptographic algorithm. We also give some concrete examples in appendix.

Key words: SM9 algorithm, identitybased cryptographic algorithm, bilinear pairings, digital signature, data encryption

袁峰. SM9标识密码算法综述[J]. 信息安全研究, 2016, 2(11): 1008-1027.

参考文献

［1］Koblitz N. Introduction to Elliptic Curves and Moduar Forms［M］. Berlin: Springer, 1984: 375384［2］Miller V. Uses of elliptic curves in cryptography［G］ LNCS 218: Advances in Cryptology—CRYPTO85. Berlin: Springer, 1986: 417426［3］Shamir A. Identitybased cryptosystems and signature schemes［G］ LNCS 196: Advances in Cryptology—Crypto84. Berlin: Springer, 1984: 4753［4］Sakai R, Ohgishi K, Kasahara M. Cryptosystems based on pairing［COL］ Proc of the 2000 Symp on Cryptography and Information Security. 2000 ［20161025］. http:link.springer.comchapter10.1007%2F11526018_3［5］Boneh D, Franklin M. Identity based encryption from Weil pairing［G］ LNCS 2139: Advances in Cryptology—Crypto2001. Berlin: Springer, 2001: 213229［6］Barreto M, Naehrig M. Pairingfriendly elliptic curves of prime order［G］  LNCS 3897: Proc of SAC 2005. Berlin: Springer, 2006: 319331［7］Goldwasser S, Micali S. Probabilistic encryption and how to play mental poker keeping secret all partial information［COL］ Proc of the 14th Symp on Theory of Computing. 1982: 365377 ［20161025］. https:www.cs.purdue.eduhomesninghuireadingsQual2GoldwasserMicali82.pdf［8］Cha J C, Cheon J H. An identitybased signature from gap DiffieHellman groups［G］ LNCS 2567: Proc of PKC03. Berlin: Springer, 2003: 1830［9］Boneh D, Franklin M. Identitybased encryption from the Weil pairing［G］ LNCS 2139: Proc of Crypto01. Berlin: Springer, 2001: 213229［10］Bellare M, Rogaway P. Entity authentication and key distribution［G］ LNCS 773: Proc of Crypto93. Berlin: Springer, 1993: 232249［11］Chen L, Kudla C. Identity based authenticated key agreement from pairings［C］ Proc of the 16th IEEE Computer Security Foundations Workshop. Piscataway, NJ: IEEE, 2003: 219233［12］Chen L, Cheng Z, Smart N P. Identitybased key agreement protocols from pairings［J］. International Journal of Information Security, 2007, 6(4): 213241［13］Cheon J H. Security analysis of the strong DiffieHellman problem［G］  LNCS 4004. Berlin: Springer, 2006: 111［14］Galbraith S D, Hess F, Vercauteren F. Aspects of pairing inversion［J］. IEEE Trans on Information Theory, 2008, 54(12): 57195728［15］Galbraith S, Gaudry P. Recent progress on the elliptic curve discrete logarithm problem［J］. Designs, Codes and Cryptography, 2016 (78): 5172［16］Menezes A J, Okamoto T, Vanstone S A. Reducing elliptic curve logarithms to logarithms in a finite field［J］. IEEE Trans on Info Theory, 1993, 39(5): 16391646［17］Gordon D. Discrete logarithms in GF(p) using the number field sieve［J］. SIAM Journal on Discrete Mathematics, 1993, 6(1): 124138［18］Joux A. A new index calculus algorithm with complexity L(14+o(1)) in very small characteristic, IACR ePrint Report 2013095［R］. Berlin: Springer, 2013［19］Barbulescu R, Gaudry P, Joux A, et al. A heuristic quasipolynomial algorithm for discrete logarithm in finite fields of small characteristic［G］ LNCS 8441: Proc of Eurocrypt14. Berlin: Springer, 2014: 116［20］Barbulescu R, Gaudry P, Guillevic A, et al. Improving NFS for the discrete logarithm problem in nonprime finite fields［G］ LNCS 9056: Proc of Eurocrypt15. Berlin: Springer, 2015: 129155［21］Kim T, Barbulescu R. Extended tower number field sieve: A new complexity for the medium prime case［G］ LNCS 9814: Proc of Crypto16. Berlin: Springer, 2016: 543571［22］Jeong J. Extended tower number field sieve with application to finite fields of arbitrary composite extension degree, IACR ePrint Report 2016526［R］. Berlin: Springer, 2016

[1]	王柏华孙长杰李照川王伟兵. 远程办公中基于区块链技术的身份认证方法[J]. 信息安全研究, 2020, 6(4): 317-326.
[2]	齐锋陈庄蔡定雯于溯. 一种基于USB Key的双私钥安全因子身份认证方案[J]. 信息安全研究, 2019, 5(6): 500-506.
[3]	陈亚茹丛培强陈庄. 一种椭圆曲线数字签名的改进方案[J]. 信息安全研究, 2019, 5(3): 217-222.
[4]	包英明. 大数据平台数据安全防护技术[J]. 信息安全研究, 2019, 5(3): 242-247.
[5]	张宇侯健. 适用于电子认证的高效无证书混合签密方案[J]. 信息安全研究, 2019, 5(10): 879-886.
[6]	李向锋. 云端协同密钥保护机制的研究[J]. 信息安全研究, 2019, 5(10): 898-903.
[7]	李兆森杨洋. 基于国产密码算法的物联网应用研究[J]. 信息安全研究, 2019, 5(10): 924-928.
[8]	刘亚敏薛海洋张道德. 公钥密码的实际安全性发展研究[J]. 信息安全研究, 2019, 5(1): 29-38.
[9]	吴宸梓. 基于密码学的车载网安全认证方案研究[J]. 信息安全研究, 2018, 4(9): 836-842.
[10]	陈庄陈亚茹. 一种解决组合公钥密钥碰撞的方案[J]. 信息安全研究, 2018, 4(3): 256-260.
[11]	杨润东李子臣. 基于国密算法的新型电子邮件加密系统研究与实现[J]. 信息安全研究, 2018, 4(11): 1046-1051.
[12]	周传玉王吉伟李明. 物联网中标识密码应用研究[J]. 信息安全研究, 2017, 3(11): 1040-1044.
[13]	邵淼. 可靠电子签名在仲裁领域中的应用研究[J]. 信息安全研究, 2016, 2(6): 519-522.
[14]	王绍刚. 基于USBKey的电子认证在国产操作系统应用技术方法[J]. 信息安全研究, 2016, 2(6): 523-526.
[15]	王新华. 电子认证在可信电子证照中的应用[J]. 信息安全研究, 2016, 2(6): 543-547.