HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189760 (18 Jan 2025)

GM/T 0080-2020 PDF English


Search result: GM/T 0080-2020_English: PDF (GM/T0080-2020)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GM/T 0080-2020English295 Add to Cart 0-9 seconds. Auto-delivery. SM9 cryptographic algorithm application specification Valid
BUY with any currencies (Euro, JPY, GBP, KRW etc.): GM/T 0080-2020     Related standards: GM/T 0080-2020

PDF Preview: GM/T 0080-2020


GM/T 0080-2020: PDF in English (GMT 0080-2020)

GM/T 0080-2020 GM CRYPTOGRAPHY INDUSTRY STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 38.040 CCS L 80 SM9 Cryptographic Algorithm Application Specification ISSUED ON: DECEMBER 28, 2020 IMPLEMENTED ON: JULY 01, 2021 Issued by: State Cryptography Administration Table of Contents Foreword ... 4 Introduction ... 5 1 Scope ... 6 2 Normative References ... 6 3 Terms and Definitions ... 6 4 Abbreviations ... 7 5 SM9 Key Pair ... 8 5.1 Generator ... 8 5.2 SM9 master private key... 8 5.3 SM9 master public key ... 8 5.4 SM9 user private key ... 9 5.5 SM9 user public key ... 9 6 Data Format ... 9 6.1 Key data structure ... 9 6.2 Signature data structure ... 11 6.3 Encryption data structure ... 11 6.4 Key encapsulation data format ... 12 7 Pre-processing ... 12 7.1 Pre-processing hash function H1 ... 12 7.2 Pro-processing hash function H2 ... 12 7.3 Pre-processing pair calculation e ... 13 7.4 Pre-processing user’s signature verification QD ... 13 7.5 Pre-processing user’s encryption QE ... 14 8 Calculation Process ... 14 8.1 Key generation ... 14 8.2 Digital signature ... 16 8.3 Signature verification ... 16 8.4 Key encapsulation ... 17 8.5 Key unsealing ... 17 8.6 Encryption ... 18 8.7 Decryption ... 18 8.8 Key agreement ... 19 SM9 Cryptographic Algorithm Application Specification 1 Scope This Document defines the application method of SM9 cryptographic algorithm, as well as data formats such as keys, encryption, and signatures, etc. This Document is applicable to the application of SM9 cryptographic algorithm, and the development and testing of equipment and systems that support SM9 cryptographic algorithm. 2 Normative References The following documents are essential to the application of this Document. For the dated documents, only the versions with the dates indicated are applicable to this Document; for the undated documents, only the latest version (including all the amendments) is applicable to this Document. GB/T 32905 Information Security Technology - SM3 Cryptographic Hash Algorithm GB/T 32907 Information Security Techno1ogy - SM4 Block Cipher Algorithm GB/T 32918 (all parts) Information Security Technology - Public Key Cryptographic Algorithm SM2 Based on Elliptic Curves GB/T 38635.1-2020 Information Security Technology - Identity-Based Cryptographic Algorithms SM9 - Part 1: General GB/T 38635.2-2020 Information Security Technology - Identity-Based Cryptographic Algorithms SM9 - Part 2: Algorithm 3 Terms and Definitions For the purpose of this Document, the following terms and definitions apply. 3.1 Algorithm identifier Digitized information that is used to indicate algorithmic mechanisms. 3.2 SM9 algorithm PPS: Public Parameter Service. 5 SM9 Key Pair 5.1 Generator The Generator P1 point on G1 is marked as (xp1, yP1); and the ASN.1 of the data format is defined as SM9P1::=BIT STRING; the type is BIT STRING; and its content is: 04‖X1‖Y1, where X1 and Y1 respectively identify the x component and y component of the point; and each component has a length of 256 bits. The Generator P2 point on G2 is marked as (xp2, yP2); and the ASN.1 of the data format is defined as SM9P2::=BIT STRING; the type is BIT STRING; and its content is: 04‖X1‖X2‖Y1‖Y2, where X1, X2 and Y1, Y2 respectively identify the x component and y component of the public key; and each component has a length of 256 bits, or 03‖X1‖X2, where X1 and X2 respectively identify each x component of the public key; and each component has a length of 256 bits. Select the value whose rightmost bit is 1 in the decompressed Y root value (Y1‖Y2). After the restoration, the rightmost bit of the Y root value shall be 1; otherwise, Y1=base field q - root Y1, Y2=base field q - root Y2. or 02‖X1‖X2, where X1 and X2 respectively identify the 2 x components of the public key; and each component has a length of 256 bits. Select the option value whose rightmost bit is 0 in the decompressed Y root value (Y1‖Y2). After the restoration, the Y root value takes the option value whose rightmost bit is 0, otherwise Y1=base field q - root Y1, Y2=base field q - root Y2. 5.2 SM9 master private key It includes the SM9 signature master private key and the encryption master private key; both are an integer greater than or equal to 1 and less than N-1 (N is the order of the cyclic group G1, G2, and GT, and its value is shown in Appendix A.1 of GB/T 38635.2- 2020), abbreviated as s, with the length of 256 bits. 5.3 SM9 master public key It includes SM9 signature master public key Ppub2 and encryption master public key Ppub1. They are points on G2 and G1; and the coordinates are expressed as (xSPub, ySPub) and (xEPub, yEPub). Thereof, the x and y coordinates of the signature master public key also contain two components, namely x1 component and x2 component, y1 component and y2 component, and the length of each component is 256 bits. The length of the x and y coordinates of the encryption master public key are both 256 bits. 5.4 SM9 user private key It includes SM9 user signature private key and user encryption private key, which are points on G1 and G2 respectively; and the coordinates are expressed as (xSPri, ySPri) and (xEPri, yEPri). The length of the x and y coordinates of the user signature key are both 256 bits. The x and y coordinates of the user's encryption private key also contain two components, namely x1 component and x2 component, y1 component and y2 component, and the length of each component is 256 bits. 5.5 SM9 user public key In IBC technology, the user identification ID can uniquely determine the user's public key, which represents the public key in applications. The representation of ID coordinates based on bilinear pairing can be divided into user signature public key coordinates and user encryption public key coordinates. The user signature public key and the signature master public key are of the same coordinate structure; and there are two respective components on the x and y coordinates, which are marked as QS; and user encryption public key and the encryption master public key are of the same coordinate structure, which is marked as QE. NOTE: Here is how to generate the user's public key coordinates. Input: Algorithm function H, userID, hid, master public key Ppubi, generator Pi i=1,2. Output: User public key QA. Calculation method: , signature public key coordinates are used for signature/verification of signature. , encryption public key coordinates are used for key encapsulation, encryption/decryption. 6 Data Format 6.1 Key data structure The key is divided into signature/encryption master key, and signature/encryption user key: a) The ASN.1 of data format of SM9 algorithm signature master private key is defined as: ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.