HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189759 (1 Dec 2024)

GM/T 0009-2012 (GM/T 0009-2023 Newer Version) PDF English


GM/T 0009-2012 (GM/T0009-2012, GMT 0009-2012, GMT0009-2012)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GM/T 0009-2023English269 Add to Cart 3 days (SM2 cryptographic algorithm usage specifications) Valid
GM/T 0009-2012English85 Add to Cart 0-9 seconds. Auto-delivery. SM2 cryptography algorithm application specification Valid
Newer version: GM/T 0009-2023     Standards related to (historical): GM/T 0009-2023
PDF Preview

GM/T 0009-2012: PDF in English (GMT 0009-2012)

GM/T 0009-2012 GM CRYPTOGRAPHY INDUSTRY STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 File No.. 38307-2013 SM2 cryptography algorithm application specification ISSUED ON. NOVEMBER 22, 2012 IMPLEMENTED ON. NOVEMBER 22, 2012 Issued by. State Cryptography Administration Table of Contents Foreword ... 4  Introduction .. 5  1 Scope .. 6  2 Normative references ... 6  3 Terms and definitions ... 6  4 Symbols and abbreviations ... 7  5 SM2 key-pair .. 7  5.1 SM2 private key... 7  5.2 SM2 public key ... 7  6 Data conversion ... 7  6.1 The conversion from Bit String to Octet String .. 7  6.2 The conversion from Octet String to Bit String .. 8  6.3 The conversion from integer to Octet String ... 8  6.4 The conversion from Octet String to integer ... 8  7 Data format .. 9  7.1 Key data format ... 9  7.2 Encrypted data format .. 9  7.3 Signature data format ... 10  7.4 Key-pair protection data format ... 10  8 Preprocessing ... 11  8.1 Preprocessing 1 ... 11  8.2 Preprocessing 2 ... 11  9 Calculation process .. 12  9.1 Generating keys ... 12  9.2 Encryption ... 12  9.3 Decryption ... 13  9.4 Digital signature ... 13  9.5 Signature verification .. 13  9.6 Key agreement .. 14  10 Default value of user-identity-identifier ID ... 16  Foreword This Standard was drafted in accordance with the rules given in GB/T 1.1-2009. Attention is drawn to the possibility that some of the elements of this Standard may be the subject of patent rights. The issuing authority shall not be held responsible for identifying any or all such patent rights. This Standard was proposed by and shall be under the jurisdiction of State Cryptography Administration. Main drafting organizations of this Standard. Beijing Haitai Fangyuan Technologies Co., Ltd., Westone Information Industry Inc., Wuxi Jiangnan Information Security Engineering Technology Center, Xingtang Communication Technology Co., Ltd., Shandong De'an Information Technology Co., Ltd., Shanghai Koal Software Co., Ltd. Main drafters of this Standard. Liu Ping, Jiang Hongyu, Liu Zengshou, Zeng Yubo, Li Yuanzheng, Xu Qiang, Tan Wuzheng, Kong Fanyu, Wang Nina. SM2 cryptography algorithm application specification 1 Scope This standard defines the application method of SM2 cryptography algorithm, as well as the data formats of secret key, encryption and signature. This standard applies to the use of SM2 cryptography algorithm, as well as the research-development and testing of equipment and systems that support SM2 cryptography algorithm. 2 Normative references The following documents are essential for the application of this document. For dated references, only the dated version applies to this document. For undated references, the latest edition (including all amendments) applies to this document. GM/T 0003 (all parts) SM2 elliptic curve public key cryptography algorithm GM/T 0004 SM3 cryptographic hash algorithm 3 Terms and definitions The following terms and definitions apply to this document. 3.1 Algorithm identifier It is used to indicate the digitized information of algorithmic mechanism. 3.2 SM2 algorithm It is an elliptic curve cryptography algorithm with a key length of 256 bits. 3.3 SM3 algorithm It is a hash algorithm with an output length of 256 bits. For M0, the leftmost 8-blen% 8-bit is set to 0, and the right is set to B0B1 ... B8- 8mlen+blen-1. Output M. 6.2 The conversion from Octet String to Bit String The conversion process from Octet String to Bit String is as follows. INPUT. An Octet String with a length of mlen -- M. OUTPUT. A Bit String with a length of blen -- B. ACTION. Convert Octet String -- M = M0M1 ... Mmlen-1 into Bit String -- B = B0B1 ... Bblen-1; use the following method. From 0≤i≤mlen-1, set. B8iB8i+1 ... B8i+7 = Mi Output B. 6.3 The conversion from integer to Octet String If an integer is converted into Octet String, the basic method is to use binary system to express first, then convert Result Bit String into Octet String. The following is the conversion process. INPUT. a non-negative integer x, the expected length of Octet String is mlen. The basic restriction is. 28(rnlen) > x OUTPUT. An Octet String with a length of mlen -- M. ACTION. Convert x-value x = Xmlen-128(mlen) + Xmlen-228 (rnlen-2) + ... + x128 + x0 based on 28=256 into an Octet String M = M0M1 ... Mmlen-1; use the following method. From 0≤i≤mlen-1, set. Mi = Xmlen-1-i Output M. 6.4 The conversion from Octet String to integer Octet String may be simply regarded as integer that is based on 256, and the conversion process is as follows. INPUT. An Octet String with a length of mlen -- M. OUTPUT. An integer x. 9 Calculation process 9.1 Generating keys SM2 key-generation refers to the process of generating the key-pair of SM2 algorithm; the key-pair includes the private key and the corresponding public key. The length of the private key is 256 bits and the length of the public key is 512 bits. INPUT. None OUTPUT. k SM2PrivateKey SM2 private key Q SM2PublicKey SM2 public key For detailed calculation process, see GM/T 0003. 9.2 Encryption SM2 encryption refers to the process of generating the corresponding ciphertext by using the specified public key to perform the specific encryption- calculation on the plaintext. The ciphertext can only specify the private key that is corresponding to the public key to decrypt. INPUT. Q SM2PublicKey SM2 public key m Byte String Plaintext data to be encrypted OUTPUT. c SM2Cipher Ciphertext Where. The format of the output parameter c is defined in 7.2; XCoordinate and YCoordinate of the output parameter c are x-component and y-component of the public key that is randomly generated; The calculation formula of HASH in the output parameter c is. HASH = SM3 (x || m || y) In which, x and y are x-component and y-component of Q; CipherText in the output parameter c is an encrypted ciphertext whose length is equal to the length of plaintext. For detailed calculation process, see GM/T 0003 and GM/T 0004. 9.6 Key agreement Key agreement is the agreement process of establishing a shared secret key between two users. In this way, the value of a shared secret key can be determined. Suppose the two sides of key agreement are A and B, the key-pairs are (dA, QA) and (dB, QB) respectively; and the bit length of the key data that both sides need to obtain is klen. Key agreement protocol is divided into two stages. Stage I. Produce temporary key-pair User A. Call and generate key algorithm to produce temporary key-pair (rA, RA), identify ID for the identity of RA and user A. Send it to user B User B. Call and generate key algorithm to produce temporary key-pair (rB, RB), identify ID for the identity of RB and user B. Send it to user A Stage II. Calculate a shared secret key User A. Input parameters. QA SM2PublicKey User A's public key QB SM2PublicKey User B's public key RA SM2PublicKey User A's temporary public key IDA OCTET STRING User A's ID RB SM2PublicKey User B's temporary public key IDB OCTET STRING User B's ID dA SM2PrivateKey User A's private key rA SM2PrivateKey User A's temporary private key klen INTEGER The bit length of the key data that needs to be outputted Output parameters. K OCTET STRING The key data whose bit length is Men ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.