1
/
of
11
www.ChineseStandard.us -- Field Test Asia Pte. Ltd.
GM/T 0057-2018 English PDF (GM/T0057-2018)
GM/T 0057-2018 English PDF (GM/T0057-2018)
Regular price
$270.00
Regular price
Sale price
$270.00
Unit price
/
per
Shipping calculated at checkout.
Couldn't load pickup availability
GM/T 0057-2018: Identity authentication specifications based on IBC technology
Delivery: 9 seconds. Download (& Email) true-PDF + Invoice.
Get Quotation: Click GM/T 0057-2018 (Self-service in 1-minute)
Historical versions (Master-website): GM/T 0057-2018
Preview True-PDF (Reload/Scroll-down if blank)
GM/T 0057-2018
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
File No.: 62997-2018
Identity authentication
specifications based on IBC technology
ISSUED ON: MAY 02, 2018
IMPLEMENTED ON: MAY 02, 2018
Issued by: State Cryptography Administration
Table of Contents
Foreword ... 3
Introduction ... 4
1 Scope ... 5
2 Normative references ... 5
3 Terms and definitions ... 5
4 Abbreviations ... 6
5 Identity structure ... 6
6 User identity authentication specifications ... 7
6.1 Description ... 7
6.2 One-way user identity authentication ... 8
6.2.1 Recipient authenticates the identity of initiator ... 8
6.2.2 Initiator authenticates the identity of recipient ... 11
6.3 Three-pass authentication ... 14
Annex A (Normative) Public parameter query protocols ... 18
Annex B (Normative) Key and signature format ... 27
Bibliography ... 30
Identity authentication
specifications based on IBC technology
1 Scope
This Standard specifies the requirements for identity authentication using
identity-based cryptography technology.
This Standard applies to the field of identity authentication using identity-based
cryptography technology.
2 Normative references
The following referenced documents are indispensable for the application of
this document. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any
amendments) applies.
GM/T 0044 Identity-based cryptographic algorithms SM9
3 Terms and definitions
For the purpose of this document, the following terms and definitions apply.
3.1
identity
Unique information that identifies an object's identity, such as email address,
mobile number, fingerprint data.
3.2
SM9 algorithm
An algorithm defined by GM/T 0044.
3.3
public parameter service
ibcTypeAlias: A generic alias for identity type, optional.
identityData: Identity data is an eight-bit string, a specific description of identity.
serial: The unique code inside the system, optional.
validStart: The start date of the validity period.
validityEnd: The expiration date of the validity period, optional. If this item does
not exist, the identity is valid for a long time.
idExtensions: Extension item is an Extensions type, identifying information
extensions.
where
extnID represents the OID of an extension element.
critical represents whether this extension element is extremely important.
extnValue represents the value of this extension element, which is string type.
6 User identity authentication specifications
6.1 Description
The user identity authentication process includes the flow of authenticating two
parties and the specific protocol. When performing identity authentication, both
parties can obtain the key parameters of the relevant authentication system by
accessing the Public Parameter Service (PPS), such as the public parameters
of the IBC; and can also obtain information about the identity of the other party
by accessing the PPS, such as the status of the identity information, complete
identity data, as shown in Figure 1.
See Annex A, A.4 for PPS query protocols.
where
IDB is the uniqueness identity of verifier B.
rA is a time indicating uniqueness or a random number generated by the initiator.
signA is the signature of initiator A, of which the format is SM9Signature.
Text1 is other information that needs to be passed, which is optional. If there is
information that requires encrypted transmission, it shall be encapsulated in a
digital envelope.
The format of request of being authenticated is as follows:
The userSignature token signature SM9Signature type, see Annex B.
B: Verify A's authentication information
After receiving the message from A containing TokenAB, B performs identity
authentication, as shown in Figure 2.
The details are as follows:
a) B generates A’s public key according to A’s identity. If B does not have the
public parameter for generating A’s public key, it shall be obtained from
the public parameter service system PPS;
b) Verify A’s signature information contained in the token:
1) Verify whether the value of the IDB identity segment in the TokenAB is
The submitted data for verification is denoted as a token “Token”, of which the
uniqueness/timeliness is controlled by generating and verifying a timestamp or
a random number.
The details are as follows:
A: A sends B a request of obtaining B’s identity authentication information.
A sends to B: IDA || rA || Text1, which can also be expressed as {IDA, rA, Text1}.
where
IDA is the uniqueness identity of initiator B.
rA is a time indicating uniqueness or a random number generated by the initiator.
Text1 is other information that needs to be passed, which is optional.
The format of request of authenticating each other is as follows:
B: B returns to A the information of confirming his identity.
B sends to A: IDB || TokenBA, which can also be expressed as {IDB, TokenBA}.
The token sent by recipient B to initiator A is denoted as TokenBA.
TokenBA = IDA || r || Text2 || signB (IDA || r || Text2), which can also be expressed
as
TokenBA = {IDA, r, Text2, signB (IDA, r, Text2)}.
where
IDA is the uniqueness identity of initiator A.
IDA is optional. Since A is known for this value, B can no longer attach this value
when returning to A.
r = rA || rB.
rB is a random number generated by B.
2) Verify whether the value of IDB identity segment in TokenAB is equal to
the identifier of entity A;
3) Verify the correctness of the digital signature;
4) Verify uniqueness/timeliness;
5) Parse Text1.
If any of the verification results are incorrect, the communication is stopped,
and feedback the information of authentication failure.
If the verification is correct, the identity authentication is completed.
B: B returns information of confirming A’s identity to A.
B sends to A: IDB || TokenBA, which can also be expressed as {IDB, TokenBA}.
The token sent by recipient B to initiator A is denoted as TokenBA.
TokenBA = IDA || rA || Text2 || signB (IDA || rA || Text2), which can also be
expressed as
TokenBA = {IDA, rA, Text2, signB (IDA, rA, Text2)}.
where
IDA is the uniqueness identity of initiator A.
rA is a time indicating uniqueness or a random number generated by the initiator.
SignB is the signature of recipient B.
Text2 is other information that needs to be passed, which is optional. If there is
information that requires encrypted transmission, it shall be encapsulated in a
digital envelope.
Use the RequestAuthenticated definition.
A: Verify B’s authentication information
Initiator A receives the message containing the TokenAB sent by B, and
performs identity authentication.
The details are as follows:
a) A generates B’s public key according to B’s identity. If A does not have the
public parameter for generating B’s public key, it shall be obtained from
the public parameter service system (PPS);
Annex A
(Normative)
Public parameter query protocols
A.1 Description
This annex defines the relevant protocols for information query with the public
parameter service system (PPS). The protocol format is based on the ASN.1
format specification.
A.2 Obtaining PPS service information
Used to obtain the number and type of IBC key management infrastructure or
IBC key management system supported by PPS.
where
version is the version number item, which is defined as 0 in this Standard.
id is the identity item, which is the identity of the querier.
time is the time item, which is the return time, in Greenwich format.
A.3 Obtaining PPS service information response
Used for the response of PPS to basic information.
generation server served by PPS or the IBC system (only one set of master
keys is supported).
kgsIDInfo is the key generation server identity item, which the identity of the
key generation server served by PPS or the IBC system (only one set of master
keys is supported).
time is the time item, which is the return time, in Greenwich format.
IBCSignlnfo is the signature information.
signData is the signature item, which is the signature information of PPS, and
the content includes PPSInfo.
algorithm is the algorithm item, which is the algorithm identity used for the
signature.
A.4 Public parameter information query
Used for the request to query PPS for the public parameter of IBC system.
where
version is the version number item, which is defined as 0 in this Standard.
id is the identity item, which is the identity of the querier.
kgslDInfo is the query condition, for querying the identification information of
the key generation server, using one of the basic information of PPS as the
query condition for obtaining a set of public parameters in PPS.
Time is the time item, which is the query time, in Greenwich format.
A.5 Public parameter information query response
Used for the response of PPS to public parameter queries.
algorithm is the algorithm item, which is the algorithm identity used for the
signature.
IBCSignlnfo is the signature information.
signData is the signature item, which is the signature information of PPS, and
the content includes IBCUserInfo.
A.8 IBC public parameter structure
where
version is the version item, which determines the version of IBCSysParams
format. The format mentioned in this Standard must be set to 1.
districtName is the name item, which is an IA5 string that must be encoded in
a URI or IRI.
districtSerial is an integer that represents the only available IBC public
parameter (for a URI or IRI defined by districtName). If a new parameter is
published for districtName, the value of districtSerial must be greater than the
value of districtSerial used previously.
validity is the validity term, which determines the lifetime of a specific
IBCSysParams paradigm and is determined as follows:
The values of notBefore and notAfter must be expressed in Greenwich Mean
Time and include seconds (e.g. time is expressed as YYYYMMD-DHHMMSSZ).
Even if the number of seconds is zero, it is also expressed as the nearest
second. The customer must confirm that the date of the IBC public parameter
it uses is between the notBefore time and the notAfter time of the IBC public
parameter. At the same time, if the date is not in this interval, the parameters
for the IBC encryption operation cannot be used.
Annex B
(Normative)
Key and signature format
B.1 Key data structure
The key type is divided into signature and encrypted master key, signature and
encrypted user key.
a) ASN.1 of SM9 algorithm signature master private key data format is
defined as:
b) ASN.1 of SM9 algorithm signature master public key data format is defined
as:
SM9SignMasterPublicKey is of type BIT STRING and reads:
04 || X1 || X2 || Y1 || Y2, where X1, X2 and Y1, Y2 respectively identify the x and y
components of the public key; the length of each component is 256 bits. Or
03 || X1 || X2, where X1 and X2 respectively identify the x components of the
public key; the length of each component is 256 bits. Take the value of which
the rightmost bit is 1 in the decompressed Y root values (Y1 || Y2). Take the
value of which the rightmost bit is 0 in the restored Y root values, otherwise Y1
= base domain q - root Y1, Y2 = base domain q - root Y2. Or
02 || X1 || X2, where X1 and X2 respectively identify the two x components of the
public key; the length of each component is 256 bits. Take the option value of
which the rightmost bit is 0 in the decompressed Y root values (Y1 || Y2). Take
the option value of which the rightmost bit is 0 in the restored Y root values,
otherwise Y1 = base domain q - root Y1, Y2 = base domain q - root Y2.
c) ASN.1 of SM9 algorithm encryption master private key data format is
defined as:
d) ASN.1 of SM9 algorithm encryption master public key data format is
defined as:
GM/T 0057-2018
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
File No.: 62997-2018
Identity authentication
specifications based on IBC technology
ISSUED ON: MAY 02, 2018
IMPLEMENTED ON: MAY 02, 2018
Issued by: State Cryptography Administration
Table of Contents
Foreword ... 3
Introduction ... 4
1 Scope ... 5
2 Normative references ... 5
3 Terms and definitions ... 5
4 Abbreviations ... 6
5 Identity structure ... 6
6 User identity authentication specifications ... 7
6.1 Description ... 7
6.2 One-way user identity authentication ... 8
6.2.1 Recipient authenticates the identity of initiator ... 8
6.2.2 Initiator authenticates the identity of recipient ... 11
6.3 Three-pass authentication ... 14
Annex A (Normative) Public parameter query protocols ... 18
Annex B (Normative) Key and signature format ... 27
Bibliography ... 30
Identity authentication
specifications based on IBC technology
1 Scope
This Standard specifies the requirements for identity authentication using
identity-based cryptography technology.
This Standard applies to the field of identity authentication using identity-based
cryptography technology.
2 Normative references
The following referenced documents are indispensable for the application of
this document. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any
amendments) applies.
GM/T 0044 Identity-based cryptographic algorithms SM9
3 Terms and definitions
For the purpose of this document, the following terms and definitions apply.
3.1
identity
Unique information that identifies an object's identity, such as email address,
mobile number, fingerprint data.
3.2
SM9 algorithm
An algorithm defined by GM/T 0044.
3.3
public parameter service
ibcTypeAlias: A generic alias for identity type, optional.
identityData: ...
Delivery: 9 seconds. Download (& Email) true-PDF + Invoice.
Get Quotation: Click GM/T 0057-2018 (Self-service in 1-minute)
Historical versions (Master-website): GM/T 0057-2018
Preview True-PDF (Reload/Scroll-down if blank)
GM/T 0057-2018
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
File No.: 62997-2018
Identity authentication
specifications based on IBC technology
ISSUED ON: MAY 02, 2018
IMPLEMENTED ON: MAY 02, 2018
Issued by: State Cryptography Administration
Table of Contents
Foreword ... 3
Introduction ... 4
1 Scope ... 5
2 Normative references ... 5
3 Terms and definitions ... 5
4 Abbreviations ... 6
5 Identity structure ... 6
6 User identity authentication specifications ... 7
6.1 Description ... 7
6.2 One-way user identity authentication ... 8
6.2.1 Recipient authenticates the identity of initiator ... 8
6.2.2 Initiator authenticates the identity of recipient ... 11
6.3 Three-pass authentication ... 14
Annex A (Normative) Public parameter query protocols ... 18
Annex B (Normative) Key and signature format ... 27
Bibliography ... 30
Identity authentication
specifications based on IBC technology
1 Scope
This Standard specifies the requirements for identity authentication using
identity-based cryptography technology.
This Standard applies to the field of identity authentication using identity-based
cryptography technology.
2 Normative references
The following referenced documents are indispensable for the application of
this document. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any
amendments) applies.
GM/T 0044 Identity-based cryptographic algorithms SM9
3 Terms and definitions
For the purpose of this document, the following terms and definitions apply.
3.1
identity
Unique information that identifies an object's identity, such as email address,
mobile number, fingerprint data.
3.2
SM9 algorithm
An algorithm defined by GM/T 0044.
3.3
public parameter service
ibcTypeAlias: A generic alias for identity type, optional.
identityData: Identity data is an eight-bit string, a specific description of identity.
serial: The unique code inside the system, optional.
validStart: The start date of the validity period.
validityEnd: The expiration date of the validity period, optional. If this item does
not exist, the identity is valid for a long time.
idExtensions: Extension item is an Extensions type, identifying information
extensions.
where
extnID represents the OID of an extension element.
critical represents whether this extension element is extremely important.
extnValue represents the value of this extension element, which is string type.
6 User identity authentication specifications
6.1 Description
The user identity authentication process includes the flow of authenticating two
parties and the specific protocol. When performing identity authentication, both
parties can obtain the key parameters of the relevant authentication system by
accessing the Public Parameter Service (PPS), such as the public parameters
of the IBC; and can also obtain information about the identity of the other party
by accessing the PPS, such as the status of the identity information, complete
identity data, as shown in Figure 1.
See Annex A, A.4 for PPS query protocols.
where
IDB is the uniqueness identity of verifier B.
rA is a time indicating uniqueness or a random number generated by the initiator.
signA is the signature of initiator A, of which the format is SM9Signature.
Text1 is other information that needs to be passed, which is optional. If there is
information that requires encrypted transmission, it shall be encapsulated in a
digital envelope.
The format of request of being authenticated is as follows:
The userSignature token signature SM9Signature type, see Annex B.
B: Verify A's authentication information
After receiving the message from A containing TokenAB, B performs identity
authentication, as shown in Figure 2.
The details are as follows:
a) B generates A’s public key according to A’s identity. If B does not have the
public parameter for generating A’s public key, it shall be obtained from
the public parameter service system PPS;
b) Verify A’s signature information contained in the token:
1) Verify whether the value of the IDB identity segment in the TokenAB is
The submitted data for verification is denoted as a token “Token”, of which the
uniqueness/timeliness is controlled by generating and verifying a timestamp or
a random number.
The details are as follows:
A: A sends B a request of obtaining B’s identity authentication information.
A sends to B: IDA || rA || Text1, which can also be expressed as {IDA, rA, Text1}.
where
IDA is the uniqueness identity of initiator B.
rA is a time indicating uniqueness or a random number generated by the initiator.
Text1 is other information that needs to be passed, which is optional.
The format of request of authenticating each other is as follows:
B: B returns to A the information of confirming his identity.
B sends to A: IDB || TokenBA, which can also be expressed as {IDB, TokenBA}.
The token sent by recipient B to initiator A is denoted as TokenBA.
TokenBA = IDA || r || Text2 || signB (IDA || r || Text2), which can also be expressed
as
TokenBA = {IDA, r, Text2, signB (IDA, r, Text2)}.
where
IDA is the uniqueness identity of initiator A.
IDA is optional. Since A is known for this value, B can no longer attach this value
when returning to A.
r = rA || rB.
rB is a random number generated by B.
2) Verify whether the value of IDB identity segment in TokenAB is equal to
the identifier of entity A;
3) Verify the correctness of the digital signature;
4) Verify uniqueness/timeliness;
5) Parse Text1.
If any of the verification results are incorrect, the communication is stopped,
and feedback the information of authentication failure.
If the verification is correct, the identity authentication is completed.
B: B returns information of confirming A’s identity to A.
B sends to A: IDB || TokenBA, which can also be expressed as {IDB, TokenBA}.
The token sent by recipient B to initiator A is denoted as TokenBA.
TokenBA = IDA || rA || Text2 || signB (IDA || rA || Text2), which can also be
expressed as
TokenBA = {IDA, rA, Text2, signB (IDA, rA, Text2)}.
where
IDA is the uniqueness identity of initiator A.
rA is a time indicating uniqueness or a random number generated by the initiator.
SignB is the signature of recipient B.
Text2 is other information that needs to be passed, which is optional. If there is
information that requires encrypted transmission, it shall be encapsulated in a
digital envelope.
Use the RequestAuthenticated definition.
A: Verify B’s authentication information
Initiator A receives the message containing the TokenAB sent by B, and
performs identity authentication.
The details are as follows:
a) A generates B’s public key according to B’s identity. If A does not have the
public parameter for generating B’s public key, it shall be obtained from
the public parameter service system (PPS);
Annex A
(Normative)
Public parameter query protocols
A.1 Description
This annex defines the relevant protocols for information query with the public
parameter service system (PPS). The protocol format is based on the ASN.1
format specification.
A.2 Obtaining PPS service information
Used to obtain the number and type of IBC key management infrastructure or
IBC key management system supported by PPS.
where
version is the version number item, which is defined as 0 in this Standard.
id is the identity item, which is the identity of the querier.
time is the time item, which is the return time, in Greenwich format.
A.3 Obtaining PPS service information response
Used for the response of PPS to basic information.
generation server served by PPS or the IBC system (only one set of master
keys is supported).
kgsIDInfo is the key generation server identity item, which the identity of the
key generation server served by PPS or the IBC system (only one set of master
keys is supported).
time is the time item, which is the return time, in Greenwich format.
IBCSignlnfo is the signature information.
signData is the signature item, which is the signature information of PPS, and
the content includes PPSInfo.
algorithm is the algorithm item, which is the algorithm identity used for the
signature.
A.4 Public parameter information query
Used for the request to query PPS for the public parameter of IBC system.
where
version is the version number item, which is defined as 0 in this Standard.
id is the identity item, which is the identity of the querier.
kgslDInfo is the query condition, for querying the identification information of
the key generation server, using one of the basic information of PPS as the
query condition for obtaining a set of public parameters in PPS.
Time is the time item, which is the query time, in Greenwich format.
A.5 Public parameter information query response
Used for the response of PPS to public parameter queries.
algorithm is the algorithm item, which is the algorithm identity used for the
signature.
IBCSignlnfo is the signature information.
signData is the signature item, which is the signature information of PPS, and
the content includes IBCUserInfo.
A.8 IBC public parameter structure
where
version is the version item, which determines the version of IBCSysParams
format. The format mentioned in this Standard must be set to 1.
districtName is the name item, which is an IA5 string that must be encoded in
a URI or IRI.
districtSerial is an integer that represents the only available IBC public
parameter (for a URI or IRI defined by districtName). If a new parameter is
published for districtName, the value of districtSerial must be greater than the
value of districtSerial used previously.
validity is the validity term, which determines the lifetime of a specific
IBCSysParams paradigm and is determined as follows:
The values of notBefore and notAfter must be expressed in Greenwich Mean
Time and include seconds (e.g. time is expressed as YYYYMMD-DHHMMSSZ).
Even if the number of seconds is zero, it is also expressed as the nearest
second. The customer must confirm that the date of the IBC public parameter
it uses is between the notBefore time and the notAfter time of the IBC public
parameter. At the same time, if the date is not in this interval, the parameters
for the IBC encryption operation cannot be used.
Annex B
(Normative)
Key and signature format
B.1 Key data structure
The key type is divided into signature and encrypted master key, signature and
encrypted user key.
a) ASN.1 of SM9 algorithm signature master private key data format is
defined as:
b) ASN.1 of SM9 algorithm signature master public key data format is defined
as:
SM9SignMasterPublicKey is of type BIT STRING and reads:
04 || X1 || X2 || Y1 || Y2, where X1, X2 and Y1, Y2 respectively identify the x and y
components of the public key; the length of each component is 256 bits. Or
03 || X1 || X2, where X1 and X2 respectively identify the x components of the
public key; the length of each component is 256 bits. Take the value of which
the rightmost bit is 1 in the decompressed Y root values (Y1 || Y2). Take the
value of which the rightmost bit is 0 in the restored Y root values, otherwise Y1
= base domain q - root Y1, Y2 = base domain q - root Y2. Or
02 || X1 || X2, where X1 and X2 respectively identify the two x components of the
public key; the length of each component is 256 bits. Take the option value of
which the rightmost bit is 0 in the decompressed Y root values (Y1 || Y2). Take
the option value of which the rightmost bit is 0 in the restored Y root values,
otherwise Y1 = base domain q - root Y1, Y2 = base domain q - root Y2.
c) ASN.1 of SM9 algorithm encryption master private key data format is
defined as:
d) ASN.1 of SM9 algorithm encryption master public key data format is
defined as:
GM/T 0057-2018
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
File No.: 62997-2018
Identity authentication
specifications based on IBC technology
ISSUED ON: MAY 02, 2018
IMPLEMENTED ON: MAY 02, 2018
Issued by: State Cryptography Administration
Table of Contents
Foreword ... 3
Introduction ... 4
1 Scope ... 5
2 Normative references ... 5
3 Terms and definitions ... 5
4 Abbreviations ... 6
5 Identity structure ... 6
6 User identity authentication specifications ... 7
6.1 Description ... 7
6.2 One-way user identity authentication ... 8
6.2.1 Recipient authenticates the identity of initiator ... 8
6.2.2 Initiator authenticates the identity of recipient ... 11
6.3 Three-pass authentication ... 14
Annex A (Normative) Public parameter query protocols ... 18
Annex B (Normative) Key and signature format ... 27
Bibliography ... 30
Identity authentication
specifications based on IBC technology
1 Scope
This Standard specifies the requirements for identity authentication using
identity-based cryptography technology.
This Standard applies to the field of identity authentication using identity-based
cryptography technology.
2 Normative references
The following referenced documents are indispensable for the application of
this document. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any
amendments) applies.
GM/T 0044 Identity-based cryptographic algorithms SM9
3 Terms and definitions
For the purpose of this document, the following terms and definitions apply.
3.1
identity
Unique information that identifies an object's identity, such as email address,
mobile number, fingerprint data.
3.2
SM9 algorithm
An algorithm defined by GM/T 0044.
3.3
public parameter service
ibcTypeAlias: A generic alias for identity type, optional.
identityData: ...
Share
