Skip to product information
1 of 8

PayPal, credit cards. Download editable-PDF and invoice in 1 second!

GM/T 0044.4-2016 English PDF (GMT0044.4-2016)

GM/T 0044.4-2016 English PDF (GMT0044.4-2016)

Regular price $145.00 USD
Regular price Sale price $145.00 USD
Sale Sold out
Shipping calculated at checkout.
Quotation: In 1-minute, 24-hr self-service. Click here GM/T 0044.4-2016 to get it for Purchase Approval, Bank TT...

GM/T 0044.4-2016: Identity-based cryptographic algorithms SM9 - Part 4: Key encapsulation mechanism and public key encryption alogorithm

This Part of GM/T 0044 specifies the identity-based key encapsulation mechanism and public key encryption algorithm implemented using elliptic curve pairing and provides the corresponding flows. Key encapsulation mechanism can be used to encapsulate the key to a specific entity. Public key encryption and decryption algorithms are identity-based asymmetric cryptographic algorithm, which enables the sender of a message to encrypt the message using the identity of the receiver, and only the receiver can decrypt the ciphertext with the corresponding private key to get the message.
GM/T 0044.4-2016
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE REPUBLIC OF CHINA
ICS 35.040
L 80
File No.. 55616-2016
Identity-based cryptographic algorithms SM9 -
Part 4. Key encapsulation mechanism and
public key encryption algorithm
ISSUED ON. MARCH 28, 2016
IMPLEMENTED ON. MARCH 28, 2016
Issued by. State Cryptography Administration
Table of Contents
Foreword ... 3
Introduction .. 4
1 Scope .. 5
2 Normative references ... 5
3 Terms and definitions ... 6
4 Symbols ... 7
5 Algorithm parameters and auxiliary functions ... 9
5.1 General ... 9
5.2 System parameter group .. 10
5.3 Generation of system encryption master key and user encryption key
.. 10
5.4 Auxiliary functions ... 10
6 Key encapsulation mechanism and flows .. 13
6.1 Key encapsulation algorithm and flows .. 13
6.2 Decapsulation algorithm and flow .. 15
7 Public key encryption algorithm and flows ... 17
7.1 Encryption algorithm and flow ... 17
7.2 Decryption algorithm and flow ... 19
Foreword
GM/T 0044 ?€?Identity-based cryptographic algorithms SM9?€? consists of five parts. - Part 1. General;
- Part 2. Digital signature algorithm;
- Part 3. Key exchange protocol;
- Part 4. Key encapsulation mechanism and public key encryption algorithm; - Part 5. Parameter definition.
This Part is Part 4 of GM/T 0044.
This Part was drafted in accordance with the rules given in GB/T 1.1-2009. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuing authority shall not be held responsible for identifying any or all such patent rights.
This Part was proposed by and shall be under the jurisdiction of Code Industry Standardization Technical Committee.
Main drafting organizations of this Part. National Information Security Engineering Center, Shenzhen Olym Information Security Technology Co., Ltd., Wuhan University, Shanghai Jiao Tong University, Institute of Information Engineering of Chinese Academy of Sciences, North Institute of Information Technology.
Main drafters of this Part. Chen Xiao, Cheng Zhaohui, Ye Dingfeng, Hu Lei, Chen Jianhua, Lu Beike, Ji Qinguang, Cao Zhenfu, Yuan Wengong, Liu Ping, Ma Ning, Yuan Feng, Li Zengxin, Wang Xuejin, Yang Hengliang, Zhang Qingpo, Ma Yanli, Pu Yusan, Tang Ying, Sun Yisheng, An Xuan.
Identity-based cryptographic algorithms SM9 -
Part 4. Key encapsulation mechanism and
public key encryption algorithm
1 Scope
This Part of GM/T 0044 specifies the identity-based key encapsulation
mechanism and public key encryption algorithm implemented using elliptic curve pairing and provides the corresponding flows. Key encapsulation
mechanism can be used to encapsulate the key to a specific entity. Public key encryption and decryption algorithms are identity-based asymmetric
cryptographic algorithm, which enables the sender of a message to encrypt the message using the identity of the receiver, and only the receiver can decrypt the ciphertext with the corresponding private key to get the message.
This Part is applicable to key encapsulation and message encryption and decryption.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the dated edition cited applies. For undated references, the latest edition of the referenced document (including all amendments) applies.
GM/T 0004-2012 SM3 cryptographic hash algorithm
GM/T 0002-2012
GM/T 0044.1-2016 Identity-based cryptographic algorithms SM9 - Part 1.
General
GM/T 0044.2-2016 Identity-based cryptographic algorithms SM9 - Part 2.
Digital signature algorithm
GM/T 0044.3-2016 Identity-based cryptographic algorithms SM9 - Part 3.
Key exchange protocol
3.8
message authentication code; MAC
A code obtained by an authentication algorithm applying to particular key and message bit string. It may be used to identify the source of the data and to verify the integrity of the data. The function used to get the message authentication code is called the message authentication code function.
3.9
encryption master key
A key at the top of the key hierarchical structure of identity-based cryptography, including encryption master private key and encryption master public key, where the encryption master public key is public and the encryption master private key is kept secret by KGC. KGC uses encryption master private key and user identity to generate the user?€?s encryption private key. In the identity-based cryptography, encryption master private key is generally generated by KGC by a random number generator, and encryption master public key is generated by encryption master private key in combination with system parameters.
3.10
identity
Information that uniquely identifies an entity. The identity shall be composed of information that the entity cannot deny, such as identifiable name, e-mail address, ID number, phone number, street address, etc. of the entity.
3.11
key generation center; KGC
In this Part, a trusted authority responsible for selecting system parameters, generating encryption master key and generating user encryption private key. 4 Symbols
For the purpose of this document, the following symbols apply.
A, B. two users using public key cryptographic system.
cf. remaining factor of elliptic curve order relative to N.
cid. identifier of curves represented by one byte, where 0x10 represents the constant curve (i.e. non-super singular curve) on Fp (prime p > 2191), 0x11 5.2 System parameter group
The system parameter group consists of curve identifier cid; parameters of elliptic curve base field Fq; parameters a and b of elliptic curve equation; parameter ?? of twist curve (if the lower 4 bits of cid are 2); prime factor N of curve order and remaining factor cf relative to N; number of embedding times of curve E (Fq) relative to N; generator P1 of N order cyclic subgroup G1 of E (Fqd1) (d1 divides k); generator P2 of N order cyclic subgroup G2 of E (Fqd2) (d2 divides k); identifier eid of bilinear pairing e; homomorphism map ?? of (options) G2 to G1.
The range of the bilinear pairing e is N order multiplicative cyclic group GT. For a detailed description of system parameters and their verification, see Clause 7 of GM/T 0044.1-2016.
5.3 Generation of system encryption master key and user encryption key
KGC generates a random number ke ??? [1, N - 1] as the encryption master
private key. Calculate the element Ppub-e = [ke] P1 in G1 as the encryption master public key. The encryption master key pairing is (ke, Ppub-e). KGC secretly saves ke and publishes Ppub-s.
KGC selects and publishes the encryption private key generation function identifier hid that is expressed by one byte.
The identity of user B is IDB. To generate the encryption private key deB of user B, KGC first calculates t1 = H1 (IDB II hid, N) + ke on the finite field FN. If t1 = 0, it shall generate encryption private key, calculate and public encryption master public key again, and update the encryption private key of the existing user; otherwise calculate t2 = ke ?€? t1-1 and then calculate deA = [t2] P2.
5.4 Auxiliary functions
5.4.1 General
In the identity-based key encapsulation mechanism and public key encryption algorithm specified in this Part, 5 types of auxiliary functions are involved. cryptographic hash function, key derivation function, message authentication code function, random number generator and block cipher algorithm. The
strength of the 5 types of auxiliary functions directly affect the security of the key encapsulation mechanism and public key encryption algorithm.
5.4.2 Cryptographic hash function
5.4.2.1 Cryptographic hash function Hv ( )
Figure 2 -- Decapsulation algorithm flow
7 Public key encryption algorithm and flows
7.1 Encryption algorithm and flow
7.1.1 Encryption algorithm
Suppose the message to be sent is the bit string M, mlen is the bit length of M, K1_len is the bit length of the key K1 in the block cipher algorithm, and K2_len is the bit length of the key K2 in the function MAC (K2, Z).
To encrypt the plaintext M to user B, user A, as the encryptor, shall implement the following calculation steps.
A1. Calculate element QB = [H1 (IDB II hid, N)] P1 + Ppub-e in group G1; A2. Generate random number r ??? [1, N - 1];
A3. Calculate element C1 = [r] QB in group G1, and convert the data type of C1 into bit string according to the details given in 6.2.8 and 6.2.5 of GM/T 0044.1-2016;
A4. Calculate element g = e (Ppub-e, P2) in group GT;
A5. Calculate element w = g?€? in the group GT, and convert the data type of w into bit string according to the details given in 6.2.6 and 6.2.5 of GM/T 0044.1-2016;
A6. Calculate by t...

View full details