Method for verifying safety of SM2 signature algorithm based on improved difference error attack

A technology of error attack and improved difference, which is applied in the direction of secure communication device, user identity/authority verification, digital transmission system, etc., and can solve problems such as irrecoverability

Active Publication Date: 2015-08-12
INST OF SOFTWARE - CHINESE ACAD OF SCI +2
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In addition, the full coordinates of the scalar multiplica

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for verifying safety of SM2 signature algorithm based on improved difference error attack
  • Method for verifying safety of SM2 signature algorithm based on improved difference error attack
  • Method for verifying safety of SM2 signature algorithm based on improved difference error attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0075] The following describes the present invention in further detail with reference to the accompanying drawings and an example, but the scope of the present invention is not limited in any way. In the embodiment, an experiment in which the error attack method of the present invention performs a lattice attack on the SM2 signature algorithm is used as an example to illustrate the effectiveness of the present invention.

[0076] 1) In the i-th iteration of the SM2 signature scalar multiplication operation, an error is injected to change part of the bit value of the intermediate y coordinate. In an implementation of SM2(F p -256) The signature algorithm is signed in the 32-bit chip of the signature algorithm, and the 248 rounds of point multiplication of the binary scalar multiplication iteration from right to left is about to end (you can check the injected error energy trace, and filter to meet the error injection time requirement ’S signature), to store the result Q 248 The ch...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for verifying safety of an SM2 signature algorithm based on an improved difference error attack, wherein the method comprises the steps as follows: 1) using the SM2 signature algorithm to sign a message M, injecting an error when scalar multiplication of a generated random number k and an elliptic curve base point G of the SM2 signature algorithm is iterated to the No.i times so as to change part of bit value of y coordinate of a medium value in the No.i times; 2) recovering the continuous bit value of the random number k by using the signature result obtained in the step 1), an attestation public key PA and a message M hashing value e; 3) configuring an HNP problem by using the continuous bit value and a wrong signature result, and analyzing a private key by using a lattice attack, and judging whether the current SM2 signature algorithm is safe according to the private key. The method of the invention can insert error more simply and comprehensively analyze the safety that the SM2 signature algorithm resists an attack.

Description

Technical field [0001] The invention belongs to the field of elliptic curve cryptographic algorithm (ECC) analysis and error attacks, and specifically relates to an SM2 signature algorithm security verification method based on improved differential error attacks, and belongs to the technical field of information security. Background technique [0002] Since Miller and Koblitz introduced elliptic curves into cryptography in the 1980s, and Lenstra proposed the use of elliptic curves for factorization algorithms, elliptic curves have played an increasingly important role in cryptography. ECC is based on the finite field elliptic curve discrete logarithm problem (ECDLP): in a cyclic additive group, G is the generator, and the order of G is n, knowing Q=kG and G, find the value of k, where Q= kG is a scalar multiplication operation on a finite field, specifically an algebraic operation on a finite field. [0003] If F is a finite field, it contains at least two elements, and there is a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/32
CPCH04L9/3252H04L63/08
Inventor 冯婧怡陈华曹伟琼韩绪仓李大为罗鹏郑晓光李国友高顺贤朱少峰
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap