Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A Protection Method for SM2 Signature Algorithm Against Lattice-Based Error Attack

A technology of error attack and algorithm, applied in the field of information security, can solve the problem of not being found, and achieve the effect of protecting the private key from being leaked

Active Publication Date: 2019-03-22
INST OF SOFTWARE - CHINESE ACAD OF SCI +2
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In addition, there is no effective algorithm for solving the ECDLP problem, so the algorithm security is higher than the RSA algorithm

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Protection Method for SM2 Signature Algorithm Against Lattice-Based Error Attack
  • A Protection Method for SM2 Signature Algorithm Against Lattice-Based Error Attack
  • A Protection Method for SM2 Signature Algorithm Against Lattice-Based Error Attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0082] The following describes the present invention in further detail with reference to the accompanying drawings and an example, but does not limit the scope of the present invention in any way. In the embodiment, the validity of the present invention is illustrated by the demonstration and experiment of a lattice attack failure of an SM2 signature algorithm with the protection method of the present invention.

[0083] If the attacker learns N (N=50) random numbers k in the SM2 signature algorithm with protection by injecting wrong means i ,w i ∈[1,n-1] low-order l (l=32) bit a i And c i , And obtained N wrong signature results (r i ,s i ), i∈{1,2,...,N}. k=b i 2 l +a i , W=c i 2 l +d i , Where 0i , D i l .

[0084] Substitute the protected signature algorithm step 6 s=((1+d A ) -1 (k+(k 0 -r)d A )) modn is available:

[0085] 2 -l (r i +s i -c i )d A -2 -l (a i -s i )=b i +d i d A modn

[0086] Let t i = 2 -l (r i +s i -c i )modn, u i = 2 -l (a i -s i ) modn, the above formula can...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention discloses an SM2 signature algorithm protection method for resisting error attack based on lattice. The method comprises the following steps: (1) a signer A carries out Hash operation on an inputted message M to be signed and combines an operation result ZA and the message M to obtain M<->, (2) M<-> is subjected to hashing compression to obtain a pre-processing result e, (3) two random numbers k and w are generated, the scalar multiplication kG of the random number k and a base point G and the scalar multiplication wPA of the random number w and a public key PA are calculated respectively, then the above two scalar multiplications are summed to an elliptic curve point Q, (4) the coordinate x1 mode n add of e and point Q is calculated to obtain an r value, (5) private keys dA, k, w, r are subjected to substitution to obtain a signature result s. By using the method provided by the invention, the lattice attack of an SM2 signature algorithm can be effectively and comprehensively resisted.

Description

Technical field [0001] The present invention specifically relates to an SM2 signature algorithm protection method against lattice-based error attacks, and belongs to the technical field of information security. Background technique [0002] Since Miller and Koblitz introduced elliptic curves into cryptography in the 1980s, and Lenstra proposed the use of elliptic curves for factorization algorithms, elliptic curves have played an increasingly important role in cryptography. ECC is based on the finite field elliptic curve discrete logarithm problem (ECDLP): in a cyclic additive group, G is the generator, and the order of G is n, knowing Q=kG and G, find the value of k, where Q= kG is a scalar multiplication operation on a finite field, specifically an algebraic operation on a finite field. [0003] If F is a finite field, it contains at least two elements, and there is an addition + and a multiplication·operation, and the following conditions are met: [0004] 1) (F, +) is an exchan...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32G06F21/64
Inventor 曹伟琼陈华郑晓光李大为罗鹏冯婧怡吴文玲韩绪仓李国友高顺贤
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products