GM/T 0057-2018 English PDF
Price & Delivery
US$270.00 · In stock · Download in 9 secondsGM/T 0057-2018: Identity authentication specifications based on IBC technology
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid
| Standard ID | USD | BUY PDF | Delivery | Standard Title (Description) | Status |
| GM/T 0057-2018 | 270 | Add to Cart | Auto, 9 seconds. | Identity authentication specifications based on IBC technology | Valid |
Click to Preview this PDF
Similar standards
GM/T 0057-2018: Identity authentication specifications based on IBC technology
---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GMT0057-2018CRYPTOGRAPHY INDUSTRY STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 File No.: 62997-2018 Identity authentication specifications based on IBC technology ISSUED ON: MAY 02, 2018 IMPLEMENTED ON: MAY 02, 2018 Issued by: State Cryptography Administration
Table of Contents
Foreword ... 3 Introduction ... 4 1 Scope ... 5 2 Normative references ... 5 3 Terms and definitions ... 5 4 Abbreviations ... 6 5 Identity structure ... 6 6 User identity authentication specifications ... 7 6.1 Description ... 7 6.2 One-way user identity authentication ... 8 6.2.1 Recipient authenticates the identity of initiator ... 8 6.2.2 Initiator authenticates the identity of recipient ... 11 6.3 Three-pass authentication ... 14 Annex A (Normative) Public parameter query protocols ... 18 Annex B (Normative) Key and signature format ... 27 Bibliography ... 30 Identity authentication specifications based on IBC technology1 Scope
This Standard specifies the requirements for identity authentication using identity-based cryptography technology. This Standard applies to the field of identity authentication using identity-based cryptography technology.2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. GM/T 0044 Identity-based cryptographic algorithms SM93 Terms and definitions
For the purpose of this document, the following terms and definitions apply. 3.1 identity Unique information that identifies an object's identity, such as email address, mobile number, fingerprint data. 3.2 SM9 algorithm An algorithm defined by GM/T 0044. 3.3 public parameter service ibcTypeAlias: A generic alias for identity type, optional. identityData: Identity data is an eight-bit string, a specific description of identity. serial: The unique code inside the system, optional. validStart: The start date of the validity period. validityEnd: The expiration date of the validity period, optional. If this item does not exist, the identity is valid for a long time. idExtensions: Extension item is an Extensions type, identifying information extensions. where extnID represents the OID of an extension element. critical represents whether this extension element is extremely important. extnValue represents the value of this extension element, which is string type.6 User identity authentication specifications
6.1 Description The user identity authentication process includes the flow of authenticating two parties and the specific protocol. When performing identity authentication, both parties can obtain the key parameters of the relevant authentication system by accessing the Public Parameter Service (PPS), such as the public parameters of the IBC; and can also obtain information about the identity of the other party by accessing the PPS, such as the status of the identity information, complete identity data, as shown in Figure 1. See Annex A, A.4 for PPS query protocols. where IDB is the uniqueness identity of verifier B. rA is a time indicating uniqueness or a random number generated by the initiator. signA is the signature of initiator A, of which the format is SM9Signature. Text1 is other information that needs to be passed, which is optional. If there is information that requires encrypted transmission, it shall be encapsulated in a digital envelope. The format of request of being authenticated is as follows: The userSignature token signature SM9Signature type, see Annex B. B: Verify A's authentication information After receiving the message from A containing TokenAB, B performs identity authentication, as shown in Figure 2. The details are as follows: a) B generates A’s public key according to A’s identity. If B does not have the public parameter for generating A’s public key, it shall be obtained from the public parameter service system PPS; b) Verify A’s signature information contained in the token: 1) Verify whether the value of the IDB identity segment in the TokenAB is The submitted data for verification is denoted as a token “Token”, of which the uniqueness/timeliness is controlled by generating and verifying a timestamp or a random number. The details are as follows: A: A sends B a request of obtaining B’s identity authentication information. A sends to B: IDA || rA || Text1, which can also be expressed as {IDA, rA, Text1}. where IDA is the uniqueness identity of initiator B. rA is a time indicating uniqueness or a random number generated by the initiator. Text1 is other information that needs to be passed, which is optional. The format of request of authenticating each other is as follows: B: B returns to A the information of confirming his identity. B sends to A: IDB || TokenBA, which can also be expressed as {IDB, TokenBA}. The token sent by recipient B to initiator A is denoted as TokenBA. TokenBA = IDA || r || Text2 || signB (IDA || r || Text2), which can also be expressed as TokenBA = {IDA, r, Text2, signB (IDA, r, Text2)}. where IDA is the uniqueness identity of initiator A. IDA is optional. Since A is known for this value, B can no longer attach this value when returning to A. r = rA || rB. rB is a random number generated by B. 2) Verify whether the value of IDB identity segment in TokenAB is equal to the identifier of entity A; 3) Verify the correctness of the digital signature; 4) Verify uniqueness/timeliness; 5) Parse Text1. If any of the verification results are incorrect, the communication is stopped, and feedback the information of authentication failure. If the verification is correct, the identity authentication is completed. B: B returns information of confirming A’s identity to A. B sends to A: IDB || TokenBA, which can also be expressed as {IDB, TokenBA}. The token sent by recipient B to initiator A is denoted as TokenBA. TokenBA = IDA || rA || Text2 || signB (IDA || rA || Text2), which can also be expressed as TokenBA = {IDA, rA, Text2, signB (IDA, rA, Text2)}. where IDA is the uniqueness identity of initiator A. rA is a time indicating uniqueness or a random number generated by the initiator. SignB is the signature of recipient B. Text2 is other information that needs to be passed, which is optional. If there is information that requires encrypted transmission, it shall be encapsulated in a digital envelope. Use the RequestAuthenticated definition. A: Verify B’s authentication information Initiator A receives the message containing the TokenAB sent by B, and performs identity authentication. The details are as follows: a) A generates B’s public key according to B’s identity. If A does not have the public parameter for generating B’s public key, it shall be obtained from the public parameter service system (PPS);Annex A
(Normative) Public parameter query protocols A.1 Description This annex defines the relevant protocols for information query with the public parameter service system (PPS). The protocol format is based on the ASN.1 format specification. A.2 Obtaining PPS service information Used to obtain the number and type of IBC key management infrastructure or IBC key management system supported by PPS. where version is the version number item, which is defined as 0 in this Standard. id is the identity item, which is the identity of the querier. time is the time item, which is the return time, in Greenwich format. A.3 Obtaining PPS service information response Used for the response of PPS to basic information. generation server served by PPS or the IBC system (only one set of master keys is supported). kgsIDInfo is the key generation server identity item, which the identity of the key generation server served by PPS or the IBC system (only one set of master keys is supported). time is the time item, which is the return time, in Greenwich format. IBCSignlnfo is the signature information. signData is the signature item, which is the signature information of PPS, and the content includes PPSInfo. algorithm is the algorithm item, which is the algorithm identity used for the signature. A.4 Public parameter information query Used for the request to query PPS for the public parameter of IBC system. where version is the version number item, which is defined as 0 in this Standard. id is the identity item, which is the identity of the querier. kgslDInfo is the query condition, for querying the identification information of the key generation server, using one of the basic information of PPS as the query condition for obtaining a set of public parameters in PPS. Time is the time item, which is the query time, in Greenwich format. A.5 Public parameter information query response Used for the response of PPS to public parameter queries. algorithm is the algorithm item, which is the algorithm identity used for the signature. IBCSignlnfo is the signature information. signData is the signature item, which is the signature information of PPS, and the content includes IBCUserInfo. A.8 IBC public parameter structure where version is the version item, which determines the version of IBCSysParams format. The format mentioned in this Standard must be set to 1. districtName is the name item, which is an IA5 string that must be encoded in a URI or IRI. districtSerial is an integer that represents the only available IBC public parameter (for a URI or IRI defined by districtName). If a new parameter is published for districtName, the value of districtSerial must be greater than the value of districtSerial used previously. validity is the validity term, which determines the lifetime of a specific IBCSysParams paradigm and is determined as follows: The values of notBefore and notAfter must be expressed in Greenwich Mean Time and include seconds (e.g. time is expressed as YYYYMMD-DHHMMSSZ). Even if the number of seconds is zero, it is also expressed as the nearest second. The customer must confirm that the date of the IBC public parameter it uses is between the notBefore time and the notAfter time of the IBC public parameter. At the same time, if the date is not in this interval, the parameters for the IBC encryption operation cannot be used.Annex B
(Normative) Key and signature format B.1 Key data structure The key type is divided into signature and encrypted master key, signature and encrypted user key. a) ASN.1 of SM9 algorithm signature master private key data format is defined as: b) ASN.1 of SM9 algorithm signature master public key data format is defined as: SM9SignMasterPublicKey is of type BIT STRING and reads: 04 || X1 || X2 || Y1 || Y2, where X1, X2 and Y1, Y2 respectively identify the x and y components of the public key; the length of each component is 256 bits. Or 03 || X1 || X2, where X1 and X2 respectively identify the x components of the public key; the length of each component is 256 bits. Take the value of which the rightmost bit is 1 in the decompressed Y root values (Y1 || Y2). Take the value of which the rightmost bit is 0 in the restored Y root values, otherwise Y1 = base domain q - root Y1, Y2 = base domain q - root Y2. Or 02 || X1 || X2, where X1 and X2 respectively identify the two x components of the public key; the length of each component is 256 bits. Take the option value of which the rightmost bit is 0 in the decompressed Y root values (Y1 || Y2). Take the option value of which the rightmost bit is 0 in the restored Y root values, otherwise Y1 = base domain q - root Y1, Y2 = base domain q - root Y2. c) ASN.1 of SM9 algorithm encryption master private key data format is defined as: d) ASN.1 of SM9 algorithm encryption master public key data format is defined as: ......Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.
