GM/T 0003.4-2012 PDF in English
GM/T 0003.4-2012 (GM/T0003.4-2012, GMT 0003.4-2012, GMT0003.4-2012)
Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Name of Chinese Standard | Status |
GM/T 0003.4-2012 | English | 145 |
Add to Cart
|
0-9 seconds. Auto-delivery.
|
Public key cryptographic algorithm SM2 based on elliptic curves - Part 4: Public key encryption algorithm
| Valid |
Standards related to (historical): GM/T 0003.4-2012
PDF Preview
GM/T 0003.4-2012: PDF in English (GMT 0003.4-2012) GM/T 0003.4-2012
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
File No.. 36829-2012
Public key cryptographic algorithm
SM2 based on elliptic curves -
Part 4. Public key encryption algorithm
ISSUED ON. MARCH 21, 2012
IMPLEMENTED ON. MARCH 21, 2012
Issued by. State Cryptography Administration
Table of Contents
Foreword ... 3
Introduction .. 4
1 Scope .. 5
2 Normative references ... 5
3 Terms and definitions ... 5
4 Symbols.. 6
5 Algorithm parameters and auxiliary functions .. 7
5.1 General .. 7
5.2 Elliptic curve system parameters ... 7
5.3 User key-pair ... 7
5.4 Auxiliary functions ... 7
5.4.1 General .. 7
5.4.2 Cryptographic hash function ... 8
5.4.3 Key derivation function ... 8
5.4.4 Random number generator ... 8
6 Encryption algorithm and flow .. 9
6.1 Encryption algorithm .. 9
6.2 Encryption algorithm flow... 9
7 Decryption algorithm and flow ... 10
7.1 Decryption algorithm ... 10
7.2 Decryption algorithm flow ... 11
Annex A (Informative) Examples of message encryption and decryption ... 13
A.1 General requirements... 13
A.2 Message encryption and decryption of an elliptic curve on ࡲ .. 13
A.3 Message encryption and decryption of an elliptic curve on ࡲ .. 17
Foreword
GM/T 0003-2012 Public key cryptographic algorithm SM2 based on elliptic
curves is divided into 5 parts.
— Part 1. General;
— Part 2. Digital signature algorithm;
— Part 3. Key exchange protocol;
— Part 4. Public key encryption algorithm;
— Part 5. Parameter definition.
This is Part 4 of GM/T 0003-2012.
This Part was drafted in accordance with the rules given in GB/T 1.1-2009.
Attention is drawn to the possibility that some of the elements of this document
may be the subject of patent rights. The issuing authority shall not be held
responsible for identifying any or all such patent rights.
Annex A of this Part is an informative annex.
This Part was proposed by and shall be under the jurisdiction of State
Cryptography Administration.
Drafting organizations of this Part. Beijing Huada Information Safety
Technology Co., Ltd, PLA Information Engineering University, Data Assurance
and Communication Security Research Center of Chinese Academy of
Sciences.
Main drafters of this Part. Chen Jianhua, Zhu Yuefei, Ye Dingfeng, Hu Lei, Pei
Dingyi, Peng Guohua, Zhang Yajuan, Zhang Zhenfeng.
Public key cryptographic algorithm
SM2 based on elliptic curves -
Part 4. Public key encryption algorithm
1 Scope
This Part of GM/T 0003 specifies the public key encryption algorithm for the
public key cryptographic algorithm SM2 based on elliptic curves, and gives an
example of message encryption and decryption as well as the corresponding
flow.
This Part is applicable to the message encryption and decryption in commercial
cryptographic application. The message sender may use the receiver’s public
key to encrypt the message; the receiver decrypts the message using the
corresponding private key. Meanwhile, this Part also provides standard
positioning and standardized reference of products and technologies for
manufacturers of security products to enhance the reliability and interoperability
of the security products.
2 Normative references
The following documents are essential to the application of this document. For
dated references, only the editions with the dates indicated are applicable to
this document. For undated references, only the latest editions (including all the
amendments) are applicable to this document.
GM/T 0003.1-2012 Public key cryptographic algorithm SM2 based on elliptic
curves - Part 1. General
3 Terms and definitions
The following terms and definitions are applicable to this document.
3.1 Secret key
A key that is shared by both sender and receiver but not known by the third
party in the cryptographic system.
3.2 Message
ܲ ܲ ⋯ ܲᇣᇧᇧᇧᇧᇤᇧᇧᇧᇧᇥ
, where k is a positive integer.
ሾݔ, ݕሿ. A set of integers greater than or equal to x and less than or equal to y.
ڿݔۀ. Ceiling function, the minimal integer greater than or equal to x. For instance,
ڿ7ۀ ൌ 7, ڿ8.3ۀ ൌ 9.
ہݔۂ. Floor function, the maximal integer less than or equal to x. For instance,
ہ7ۂ ൌ 7, ہ8.3ۂ ൌ 8.
⋕ ܧ൫ܨ൯. Number of points on ܧ൫ܨ൯, called the order of the elliptic curve ܧ൫ܨ൯.
5 Algorithm parameters and auxiliary functions
5.1 General
The public key encryption algorithm requires the sender to use the receiver’s
public key to encrypt the message into ciphertext. The receiver uses his own
private key to decrypt the received ciphertext, thus reverting to the original
message.
5.2 Elliptic curve system parameters
The elliptic curve system parameters include the size q (in case of q = 2m, it
also includes the identity and reduced polynomial of the element notation) of
the finite field ܨ; two elements ܽ, ܾ ∈ ܨ of the equation that defines the elliptic
curve ܧ൫ܨ൯ ; base point ܩ ൌ ሺݔீ, ݕீሻ ሺܩ ് ܱሻ on ܧ൫ܨ൯ , where ݔீ and ݕீ
are two elements in ܨ; order n of G and other options (such as cofactor h of n,
etc.).
The elliptic curve system parameters and the verification thereof shall meet the
requirements of Chapter 5 in GM/T 0003.1-2012.
5.3 User key-pair
User B’s key-pair includes the private key ݀ and public key ܲ ൌ ሾ݀ሿܩ.
The generation algorithm of the user key-pair and the verification algorithm of
the public key shall meet the requirements of Chapter 6 in GM/T 0003.1-2012.
5.4 Auxiliary functions
5.4.1 General
The public key encryption algorithm based on elliptic curves specified in this
B1. TAKE out the bit string C1 from C; CONVERT the data type of C1 to the
point on an elliptic curve, in accordance with the methods given in 4.2.4
and 4.2.10 of GM/T 0003.1-2012; VERIFY whether C1 meets the elliptic
curve equation; if not, REPORT an error and EXIT;
B2. CALCULATE the point ܵ ൌ ሾ݄ሿܥଵ on an elliptic curve; if S is a point at
infinity, REPORT an error and EXIT;
B3. CALCULATE ሾ݀ሿܥଵ ൌ ሺݔଶ, ݕଶሻ ;CONVERT the data type of the
coordinates x2 and y2 to a bit string, in accordance with the methods given
in 4.2.6 and 4.2.5 of GM/T 0003.1-2012;
B4. CALCULATE ݐ ൌ ܭܦܨሺݔଶ ∥ ݕଶ, ݈݇݁݊ሻ; if t is a full-0 bit string, REPORT an
error and EXIT;
B5. TAKE out the bit string C2 from C; CALCULATE ܯᇱ ൌ ܥଶ⨁ݐ;
B6. CALCULATE ݑ ൌ ܪܽݏ݄ሺݔଶ ∥ ܯᇱ ∥ ݕଶሻ; TAKE out the bit string C3 from C;
if ݑ ് ܥଷ, REPORT an error and EXIT;
B7. OUTPUT the plaintext ܯᇱ.
NOTE. SEE Annex A for an example of the decryption process.
7.2 Decryption algorithm flow
The decryption algorithm flow is illustrated in Figure 2.
...... Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.
|