SM2 signature algorithm security verification method based on random number unknown

A verification method and random number technology, applied in the field of information security, which can solve problems such as difficult algorithms and inability to protect and protect

Active Publication Date: 2015-08-12
INST OF SOFTWARE - CHINESE ACAD OF SCI +2
View PDF2 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, the error injection method of the lattice-based error attack method of the signature algorithm is mainly to ignore some point multiplication and point addition operations in the scalar multiplication operation. This error injection method is easy to be protected by algorithm-level signature verification. Therefore, it is urgently needed Some error attack methods based on lattice attacks that cannot be defended or defended against are difficult to reevaluate and define the security of the algorithm

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SM2 signature algorithm security verification method based on random number unknown
  • SM2 signature algorithm security verification method based on random number unknown
  • SM2 signature algorithm security verification method based on random number unknown

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0081] The following describes the present invention in further detail with reference to the accompanying drawings and an example, but the scope of the present invention is not limited in any way. In the embodiment, an experiment in which the error attack method of the present invention performs a lattice attack on the SM2 signature algorithm is used as an example to illustrate the effectiveness of the present invention.

[0082] 1) Injecting an error into the random number k causes the same error in the lower part of the bit. In a 32-bit SM2 signature algorithm chip, a total of 50 signatures are performed. When the random number of machines generated in each signature operation is written into the memory, an error is injected into the EPPROM (store COS instruction) area, and k i = B i 2 l +a i (0≤i≤49) the lower 32 bits a i All are equal to a, where l=32, as shown in the following table, the lower 32 bits of all random numbers are the same, all are a, a=0xf5e333d0, and an incorre...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an SM2 signature algorithm security verification method based on an random number unknown. The method comprises the following steps: (1) signing N+1 messages M respectively by adopting an SM2 signature algorithm, and injecting an error into every SM2 signing in order that identical errors occur in signing results s of identical set bit parts of a random number k used in every signing; (2) subtracting error signing results s in other N signing respectively from the error signing result of first signing with reference to an equation of the error signing result s of first signing to obtain an equation set, namely, a lattice attack model; and (3) solving the lattice attack model, recovering all bits of the random number k used in every signing, substituting the recovered bits into an equation for calculating corresponding signing results s to obtain a private key dA, and judging that the SM2 signature algorithm is unsafe if the private key dA is a correct private key. Through adoption of the method, the security capability of the SM2 signature algorithm in attack resistance can be analyzed more effectively and comprehensively.

Description

Technical field [0001] The invention specifically relates to a method for verifying the security of an SM2 signature algorithm based on an unknown random number, which belongs to the technical field of information security. Background technique [0002] Since Miller and Koblitz introduced elliptic curves into cryptography in the 1980s, and Lenstra proposed the use of elliptic curves for factorization algorithms, elliptic curves have played an increasingly important role in cryptography. ECC is based on the finite field elliptic curve discrete logarithm problem (ECDLP): in a cyclic additive group, G is the generator, and the order of G is n, knowing Q=kG and G, find the value of k, where Q= kG is a scalar multiplication operation on a finite field, specifically an algebraic operation on a finite field. [0003] If F is a finite field, it contains at least two elements, and there is an addition + and a multiplication·operation, and the following conditions are met: [0004] 1) (F, +)...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L9/08H04L9/00
CPCH04L9/002H04L9/0825H04L9/3247
Inventor 陈华曹伟琼郑晓光韩绪仓李大为罗鹏冯婧怡李国友高顺贤朱少峰
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap