A.2 SM2橢圓曲線數字簽名

A.2 SM2橢圓曲線數字簽名

<!-- /* Font Definitions */ @font-face {font-family:宋體; panose-1:2 1 6 0 3 1 1 1 1 1; mso-font-alt:SimSun; mso-font-charset:134; mso-generic-font-family:auto; mso-font-pitch:variable; mso-font-signature:3 680460288 22 0 262145 0;} @font-face {font-family:黑體; panose-1:2 1 6 9 6 1 1 1 1 1; mso-font-alt:SimHei; mso-font-charset:134; mso-generic-font-family:modern; mso-font-pitch:fixed; mso-font-signature:-2147482945 953122042 22 0 262145 0;} @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4; mso-font-charset:0; mso-generic-font-family:roman; mso-font-pitch:variable; mso-font-signature:-536869121 1107305727 33554432 0 415 0;} @font-face {font-family:"\@宋體"; panose-1:2 1 6 0 3 1 1 1 1 1; mso-font-charset:134; mso-generic-font-family:auto; mso-font-pitch:variable; mso-font-signature:3 680460288 22 0 262145 0;} @font-face {font-family:"\@黑體"; panose-1:2 1 6 0 3 1 1 1 1 1; mso-font-charset:134; mso-generic-font-family:modern; mso-font-pitch:fixed; mso-font-signature:-2147482945 953122042 22 0 262145 0;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-unhide:no; mso-style-qformat:yes; mso-style-parent:""; margin:0cm; text-align:justify; text-justify:inter-ideograph; mso-pagination:none; font-size:10.5pt; mso-bidi-font-size:12.0pt; font-family:"Times New Roman",serif; mso-fareast-font-family:宋體; mso-font-kerning:1.0pt;} p.MsoPlainText, li.MsoPlainText, div.MsoPlainText {mso-style-unhide:no; mso-style-link:"純文本 Char"; margin:0cm; text-align:justify; text-justify:inter-ideograph; mso-pagination:none; font-size:10.5pt; font-family:宋體; mso-hansi-font-family:"Courier New"; mso-bidi-font-family:"Courier New"; mso-font-kerning:1.0pt;} span.a {mso-style-name:"純文本 字符"; mso-style-noshow:yes; mso-style-priority:99; mso-style-unhide:no; mso-ansi-font-size:10.5pt; mso-bidi-font-size:12.0pt; font-family:等線; mso-ascii-font-family:等線; mso-ascii-theme-font:minor-fareast; mso-fareast-font-family:等線; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:"Courier New"; mso-bidi-font-family:"Courier New"; mso-font-kerning:1.0pt;} span.Char {mso-style-name:"純文本 Char"; mso-style-unhide:no; mso-style-locked:yes; mso-style-link:純文本; mso-ansi-font-size:10.5pt; mso-bidi-font-size:10.5pt; font-family:宋體; mso-ascii-font-family:宋體; mso-hansi-font-family:"Courier New"; mso-bidi-font-family:"Courier New"; mso-font-kerning:1.0pt;} .MsoChpDefault {mso-style-type:export-only; mso-default-props:yes; font-size:10.0pt; mso-ansi-font-size:10.0pt; mso-bidi-font-size:10.0pt; mso-ascii-font-family:"Times New Roman"; mso-fareast-font-family:宋體; mso-hansi-font-family:"Times New Roman"; mso-font-kerning:0pt;} /* Page Definitions */ @page {mso-page-border-surround-header:no; mso-page-border-surround-footer:no;} @page WordSection1 {size:612.0pt 792.0pt; margin:72.0pt 90.0pt 72.0pt 90.0pt; mso-header-margin:36.0pt; mso-footer-margin:36.0pt; mso-paper-source:0;} div.WordSection1 {page:WordSection1;} -->   

橢圓曲線方程為：y^2 ^= x^3^ + ax + b

示例1：F*p*-256

素數p：FFFFFFFE FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF 00000000 FFFFFFFF FFFFFFFF

系數a：FFFFFFFE FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF 00000000 FFFFFFFF FFFFFFFC

系數b：28E9FA9E 9D9F5E34 4D5A9E4B CF6509A7 F39789F5 15AB8F92 DDBCBD41 4D940E93

基點G = (xG *, *yG)，其階記為n。

坐標xG：32C4AE2C 1F198119 5F990446 6A39C994 8FE30BBF F2660BE1 715A4589 334C74C7

坐標yG： BC3736A2 F4F6779C 59BDCEE3 6B692153 D0A9877C C62A4740 02DF32E5 2139F0A0

階n： FFFFFFFE FFFFFFFF FFFFFFFF FFFFFFFF 7203DF6B 21C6052B 53BBF409 39D54123

待簽名的消息M：message digest

M的GB/T1988編碼的16進制表示：6D65737361676520646967657374

私鑰dA：3945208F 7B2144B1 3F36E38A C6D39F95 88939369 2860B51A 42FB81EF 4DF7C5B8

公鑰PA=(xA , yA)：

坐標xA：09F9DF31 1E5421A1 50DD7D16 1E4BC5C6 72179FAD 1833FC07 6BB08FF3 56F35020

坐標yA：CCEA490C E26775A5 2DC6EA71 8CC1AA60 0AED05FB F35E084A 6632F607 2DA9AD13

雜湊值ZA= H256(ENTLA||IDA||a||b||xG||yG||xA||yA)。

ZA：B2E14C5C 79C6DF5B 85F4FE7E D8DB7A26 2B9DA7E0 7CCB0EA9 F4747B8C CDA8A4F3

簽名各步驟中的有關值：

=ZA||M：

B2E14C5C 79C6DF5B 85F4FE7E D8DB7A26 2B9DA7E0 7CCB0EA9 F4747B8C CDA8A4F3

6D657373 61676520 64696765 7374

密碼雜湊算法值e=H256(

F4486FDF C0D28640

產生隨機數k：59276E27 D506861A 16680F3A D9C02DCC EF3CC1FA 3CDBE4CE 6D54B80D EAC1BC21

計算橢圓曲線點(x1, y1)=[k]G：

坐標x1：04EBFC71 8E8D1798 62043226 8E77FEB6 415E2EDE 0E073C0F 4F640ECD 2E149A73

坐標y1：E858F9D8 1E5430A5 7B36DAAB 8F950A3C 64E6EE6A 63094D99 283AFF76 7E124DF0

計算r=(e+x1) modn：F5A03B06 48D2C463 0EEAC513 E1BB81A1 5944DA38 27D5B741 43AC7EAC EEE720B3

(1+dA)^-1^：4DFE9D9C 1F5901D4 E6F58E4E C3D04567 822D2550 F9B88E82 6D1B5B3A B9CD0FE0

計算s= ((1+dA)^-1^× (k - r×dA)) modn：B1B6AA29 DF212FD8 763182BC 0D421CA1 BB9038FD 1F7F42D4

840B69C4 85BBC1AA

消息M的簽名為(r, s)：

值r：F5A03B06 48D2C463 0EEAC513 E1BB81A1 5944DA38 27D5B741 43AC7EAC EEE720B3

值s：B1B6AA29 DF212FD8 763182BC 0D421CA1 BB9038FD 1F7F42D4 840B69C4 85BBC1AA

驗證各步驟中的有關值：

密碼雜湊算法值e’=H256(’)： F0B43E94 BA45ACCA ACE692ED 534382EB 17E6AB5A 19CE7B31 F4486FDF C0D28640

計算t = (r’+ s’) mod n：A756E531 27F3F43B 851C47CF EEFD9E43 A2D133CA 258EF4EA 73FBF468 3ACDA13A

計算橢圓曲線點(x0’, y0’)=[s’]G：

坐標x0’：2B9CE14E 3C8D1FFC 46D693FA 0B54F2BD C4825A50 6607655D E22894B5 C99D3746

坐標y0’：277BFE04 D1E526B4 E1C32726 435761FB CE0997C2 6390919C 4417B3A0 A8639A59

計算橢圓曲線點(x0’0 ~, y0’0 )=[t]*PA~*：

坐標x0’0：FDAC1EFA A770E463 5885CA1B BFB360A5 84B238FB 2902ECF0 9DDC935F 60BF4F9B

坐標y0’~0 ~：B89AA926 3D5632F6 EE82222E 4D63198E 78E095C2 4042CBE7 15C23F71 1422D74C

計算橢圓曲線點(x1’, y1’)= [s’]G +[t]PA：

坐標x1’： 04EBFC71 8E8D1798 62043226 8E77FEB6 415E2EDE 0E073C0F 4F640ECD 2E149A73

坐標y1’： E858F9D8 1E5430A5 7B36DAAB 8F950A3C 64E6EE6A 63094D99 283AFF76 7E124DF0

計算R = (e’+ x1’) modn：F5A03B06 48D2C463 0EEAC513 E1BB81A1 5944DA38 27D5B741 43AC7EAC EEE720B3