GB/T 32918.52017 (GB/T32918.52017)
Standard ID  Contents [version]  USD  STEP2  [PDF] delivered in  Name of Chinese Standard  See Detail  Status  Related Standard 
GB/T 32918.52017  English  170 
Add to Cart

010 minutes. Autodelivery.

Information security technology  Public key cryptographic algorithm SM2 based on elliptic curves  Part 5: Parameter definition

GB/T 32918.52017
 Valid 
GB/T 32918.52017

GB/T 32918.52017: PDF in English (GBT 32918.52017) GB/T 32918.52017
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Information security technology  Public key
cryptographic algorithm SM2 based on elliptic curves
 Part 5. Parameter definition
ISSUED ON. MAY 12, 2017
IMPLEMENTED ON. DECEMBER 1, 2017
Issued by. General Administration of Quality Supervision, Inspection and
Quarantine of the PRC;
Standardization Administration of the PRC.
Table of Contents
Foreword ... 3
Introduction ... 4
1 Scope ... 6
2 Normative references ... 6
3 Symbols ... 6
4 Parameter definition ... 7
Appendix A (Informative) Example of digital signature and verification ... 8
Appendix B (Informative) Example of key exchange and verification ... 10
Appendix C (Informative) Example of message encryption and decryption ... 14
References ... 16
Introduction
In 1985, N.Koblitz and V.Miller independently proposed the application of elliptic
curves to public key cryptosystems. The nature of the curve on which the elliptic
curve’s public key cryptography is based is as follows.
 The elliptic curve on the finite field forms a finite exchange group under the
point addition operation, its order is similar to the base field size;
 Similar to the power operation in the finite field multiplication group, the
elliptic curve’s multiplepointmultiplication operation constitutes a oneway
function.
In the multiplepointmultiplication operation, the multiplepointmultiplication
and the base point are known, the problem of solving the multiplication is called
the elliptic curve’s discrete logarithm problem. For the discrete logarithm
problem of general elliptic curves, there is only a solution method for
exponential computational complexity. Compared with the large number
decomposition problem and the discrete logarithm problem on the finite field,
the elliptic curve’s discrete logarithm problem is much more difficult to solve.
Therefore, under the same level of security, the elliptic curve cryptography is
much smaller than the key size required for other public key cryptographies.
SM2 is an elliptic curve’s cryptographic algorithm standard which is developed
and proposed by the National Cryptography Authority. The main objectives of
GB/T 32918 are as follows.
 GB/T 32918.1 defines and describes the related concepts and
mathematical basics of the SM2 elliptic curve cryptographic algorithm, and
outlines the relationship between this part and other parts.
 GB/T 32918.2 describes a signature algorithm based on elliptic curve, that
is, the SM2 signature algorithm.
 GB/T 32918.3 describes a key exchange protocol based on elliptic curve,
that is, the SM2 key exchange protocol.
 GB/T 32918.4 describes a public key encryption algorithm based on elliptic
curve, that is, the SM2 encryption algorithm, which uses the SM3
cryptographic hash algorithm as defined in GB/T 329052016.
 GB/T 32918.5 gives the elliptic curve parameters used by the SM2
Information security technology  Public key
cryptographic algorithm SM2 based on elliptic curves
 Part 5. Parameter definition
1 Scope
This Part of GB/T 32918 specifies the curve parameters of public key
cryptographic algorithm SM2 based on elliptic curves.
This Part applies to digital signature and verification (SEE Appendix A), key
exchange and verification (SEE Appendix B), and example of message
encryption and decryption (SEE Appendix C).
2 Normative references
The following documents are indispensable for the application of this document.
For the dated references, only the versions with the dates indicated are
applicable to this document. For the undated references, the latest version
(including all the amendments) are applicable to this document.
GB/T 329052016 Information security techniques  SM3 cryptographic hash
algorithm
GB/T 32918.12016 Information security technology  Public key
cryptographic algorithm SM2 based on elliptic curves  Part 1. General
GB/T 32918.22016 Information security technology  Public key
cryptographic algorithm SM2 based on elliptic curves  Part 2. Digital
signature algorithm
GB/T 32918.32016 Information security technology  Public key
cryptographic algorithm SM2 based on elliptic curves  Part 3. Key exchange
protocol
GB/T 32918.42016 Information security technology  Public key
cryptographic algorithm SM2 based on elliptic curves  Part 4. Public key
encryption algorithm
3 Symbols
Appendix A
(Informative)
Example of digital signature and verification
A.1 Overview
This appendix selects the cryptographic hash algorithm given in GB/T 32905
2016. The input is a message bit string of length less than 264. The output is a
hash value of 256 bits in length, which is recorded as H256().
This appendix uses the digital signature algorithm specified in GB/T 32918.2
2016 to calculate the corresponding values in each step.
In this appendix, all numbers, expressed in hexadecimal form, are high on the
left and low on the right.
In this appendix, the message uses the code in GB/T 1988.
Assume that the GB/T 1988 code of IDA is. 31323334 35363738 31323334
35363738. ENTLA=0080.
A.2 Digital signature SM2 based on elliptic curves
Elliptic curve equation is. y2=x3+ax+b
Example 1. Fp256
Base point G= (xG, yG). Its order is recorded as n.
Prime number p
Factor a
Factor b
Coordinate xG
Coordinate yG
Order n
Message M to be signed
The hexadecimal representation of the GB/T 1988 code of M
Private key dA
Public key
Coordinate xA
Coordinate yA
Hash value
Appendix B
(Informative)
Example of key exchange and verification
B.1 General requirements
This appendix selects the cryptographic hash algorithm given in GB/T 32905
2016. The input is a message bit string of length less than 264. The output is a
hash value of 256 bits in length, which is recorded as H256().
This appendix uses the key exchange protocol specified in GB/T 32918.32016
to calculate the corresponding values in each step.
In this appendix, all numbers, expressed in hexadecimal form, are high on the
left and low on the right.
Assume that the GB/T 1988 code of IDA is. 31323334 35363738 31323334
35363738. ENTLA=0080.
Assume that the GB/T 1988 code of IDB is. 31323334 35363738 31323334
35363738. ENTLB=0080.
B.2 Key exchange protocol SM2 based on elliptic curves
Elliptic curve equation is. y2=x3+ax+b
Example 1. Fp256
Cofactor h. 1
Base point G= (xG, yG). Its order is recorded as n.
Prime number p
Factor a
Factor b
Coordinate xG
Coordinate yG
Order n
User A’s private key dA
User A’s public key
Coordinate xA
...... (Above excerpt was released on 20180914, modified on 20210607, translated/reviewed by: Wayne Zheng et al.) Source: https://www.chinesestandard.net/PDF.aspx/GBT32918.52017
