GB/T 38635.2-2020 Information security technology -Identity-based cryptographic algorithms SM9 -Part 2: Algorithms
1 Scope
This part of GB/T 38635 specifies the digital signature algorithm, key exchange protocol, key encapsulation mechanism, and encryption algorithm in the identity-based cryptographic algorithms SM9.
This part is applicable to the engineering implementation of the identity-based cryptographic algorithms SM9, providing guidance for the development and testing of products related to the identity-based cryptographic algorithms SM9.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 17964 Information security technology - Security techniques - Modes of operation for a block cipher
GB/T 32905 Information security techniques - SM3 cryptographic hash algorithm
GB/T 32907 Information security technology - SM4 block cipher algorithm
GB/T 32915 Information security technology - Randomness test methods for binary sequence
GB/T 38635.1-2020 Information security technology - Identity-based cryptographic algorithms SM9 - Part 1: General
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 38635.1-2020 and the following apply. For the convenience of application, some terms and definitions specified in GB/T 38635.1-2020 are listed below.
3.1
encryption master key
key at the top level of the hierarchy of identity-based cryptographic key, consisting of the encryption master private key and the encryption master public key; the encryption master public key is publicly available, while the encryption master private key is kept secret by the key generation center (KGC); the KGC uses the encryption master private key and the user identity to generate the encryption private key of the user; in identity-based cryptography, the encryption master private key is typically generated by the KGC using a random number generator, and the encryption master public key is generated by combining the encryption master private key with the system parameters
3.2
identity
information that cannot be denied by an entity, such as its recognizable name, email address, ID number, phone number, and street address, which can be used to identify the entity uniquely
[GB/T 38635.1-2020, Definition 3.1]
3.3
initiator
user who sends the first round of exchange information during the operation of a protocol
3.4
initialization vector/initialization value; IV
initial data introduced for data transformation in cryptographic transformation to increase security or synchronize cryptographic devices
3.5
key confirmation from A to B
assurance by which User B is convinced that User A has a particular secret key
3.6
signed message
a set of data elements consisting of a message and the digital signature part of that message
3.7
signature key
secrete data element that is exclusively used by the signer during the digital signature generation process, i.e., the private key of the signer
3.8
signature master key
signature root key of the system, consisting of the signature master private key and the signature master public key; the signature master public key is publicly available, while the signature master private key is kept secret by the KGC; the KGC uses the signature master private key and the user identity to generate the signature private key of the user; in identity-based cryptography, the signature master private key is typically generated by the KGC using a random number generator, and the signature master public key is generated by combining the signature master private key with system parameters
Foreword II
Introduction III
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols
5 Algorithm parameters and auxiliary functions
5.1 General
5.2 System parameter set
5.3 Auxiliary functions
6 Digital signature generation and verification algorithms and their processes
6.1 Generation of system signature master key and user signature key
6.2 Digital signature generation algorithm
6.3 Digital signature generation algorithm process
6.4 Digital signature verification algorithm
6.5 Digital signature verification algorithm process
7 Key exchange protocol and its process
7.1 Generation of system encryption master key and user encryption key
7.2 Key exchange protocol
7.3 Key exchange protocol process
8 Key encapsulation mechanism and its process
8.1 Generation of system encryption master key and user encryption key
8.2 Key encapsulation algorithm
8.3 Key encapsulation algorithm process
8.4 Decapsulation algorithm
8.5 Decapsulation algorithm process
9 Encryption algorithm and its process
9.1 Generation of system encryption master key and user encryption key
9.2 Encryption algorithm
9.3 Encryption algorithm process
9.4 Decryption algorithm
9.5 Decryption algorithm process
Annex A (Informative) Algorithm examples
GB/T 38635.2-2020 Information security technology -Identity-based cryptographic algorithms SM9 -Part 2: Algorithms
1 Scope
This part of GB/T 38635 specifies the digital signature algorithm, key exchange protocol, key encapsulation mechanism, and encryption algorithm in the identity-based cryptographic algorithms SM9.
This part is applicable to the engineering implementation of the identity-based cryptographic algorithms SM9, providing guidance for the development and testing of products related to the identity-based cryptographic algorithms SM9.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 17964 Information security technology - Security techniques - Modes of operation for a block cipher
GB/T 32905 Information security techniques - SM3 cryptographic hash algorithm
GB/T 32907 Information security technology - SM4 block cipher algorithm
GB/T 32915 Information security technology - Randomness test methods for binary sequence
GB/T 38635.1-2020 Information security technology - Identity-based cryptographic algorithms SM9 - Part 1: General
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 38635.1-2020 and the following apply. For the convenience of application, some terms and definitions specified in GB/T 38635.1-2020 are listed below.
3.1
encryption master key
key at the top level of the hierarchy of identity-based cryptographic key, consisting of the encryption master private key and the encryption master public key; the encryption master public key is publicly available, while the encryption master private key is kept secret by the key generation center (KGC); the KGC uses the encryption master private key and the user identity to generate the encryption private key of the user; in identity-based cryptography, the encryption master private key is typically generated by the KGC using a random number generator, and the encryption master public key is generated by combining the encryption master private key with the system parameters
3.2
identity
information that cannot be denied by an entity, such as its recognizable name, email address, ID number, phone number, and street address, which can be used to identify the entity uniquely
[GB/T 38635.1-2020, Definition 3.1]
3.3
initiator
user who sends the first round of exchange information during the operation of a protocol
3.4
initialization vector/initialization value; IV
initial data introduced for data transformation in cryptographic transformation to increase security or synchronize cryptographic devices
3.5
key confirmation from A to B
assurance by which User B is convinced that User A has a particular secret key
3.6
signed message
a set of data elements consisting of a message and the digital signature part of that message
3.7
signature key
secrete data element that is exclusively used by the signer during the digital signature generation process, i.e., the private key of the signer
3.8
signature master key
signature root key of the system, consisting of the signature master private key and the signature master public key; the signature master public key is publicly available, while the signature master private key is kept secret by the KGC; the KGC uses the signature master private key and the user identity to generate the signature private key of the user; in identity-based cryptography, the signature master private key is typically generated by the KGC using a random number generator, and the signature master public key is generated by combining the signature master private key with system parameters
Contents of GB/T 38635.2-2020
Foreword II
Introduction III
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols
5 Algorithm parameters and auxiliary functions
5.1 General
5.2 System parameter set
5.3 Auxiliary functions
6 Digital signature generation and verification algorithms and their processes
6.1 Generation of system signature master key and user signature key
6.2 Digital signature generation algorithm
6.3 Digital signature generation algorithm process
6.4 Digital signature verification algorithm
6.5 Digital signature verification algorithm process
7 Key exchange protocol and its process
7.1 Generation of system encryption master key and user encryption key
7.2 Key exchange protocol
7.3 Key exchange protocol process
8 Key encapsulation mechanism and its process
8.1 Generation of system encryption master key and user encryption key
8.2 Key encapsulation algorithm
8.3 Key encapsulation algorithm process
8.4 Decapsulation algorithm
8.5 Decapsulation algorithm process
9 Encryption algorithm and its process
9.1 Generation of system encryption master key and user encryption key
9.2 Encryption algorithm
9.3 Encryption algorithm process
9.4 Decryption algorithm
9.5 Decryption algorithm process
Annex A (Informative) Algorithm examples