CN101931529B - Data encryption method, data decryption method and nodes - Google Patents

Data encryption method, data decryption method and nodes Download PDF

Info

Publication number
CN101931529B
CN101931529B CN201010249089.7A CN201010249089A CN101931529B CN 101931529 B CN101931529 B CN 101931529B CN 201010249089 A CN201010249089 A CN 201010249089A CN 101931529 B CN101931529 B CN 101931529B
Authority
CN
China
Prior art keywords
elliptic curve
coordinate system
sending node
information
point
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201010249089.7A
Other languages
Chinese (zh)
Other versions
CN101931529A (en
Inventor
张震玮
王景成
何军
骆舰
张弥
赵广磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201010249089.7A priority Critical patent/CN101931529B/en
Priority to PCT/CN2010/079823 priority patent/WO2012019407A1/en
Publication of CN101931529A publication Critical patent/CN101931529A/en
Application granted granted Critical
Publication of CN101931529B publication Critical patent/CN101931529B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Mathematical Physics (AREA)
  • Physics & Mathematics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Computing Systems (AREA)
  • Mathematical Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a data encryption method, a data decryption method and nodes. The data encryption method comprises that: a transmitting node acquires a parameter group, a key and data information of a preset elliptic curve; and the transmitting node calculates data encryption information by using the parameter group, the key and the data information of the elliptic curve, and transmits the data encryption information to a receiving node, wherein in the process of calculating the data encryption information, the transmitting node converts the elliptic curve into an equation under a projection coordinate system, operates multiple points on the elliptic curve by using the corresponding relationship between an affine point on the elliptic curve and a projection point on the equation, and converts the multiple points under the projection coordinate system to perform operation. The method can reduce the operation amount of data encryption and decryption of an elliptic curve public key password system so that the elliptic curve public key password system can be applied in a wireless sensing node of a wireless sensing network.

Description

A kind of data ciphering method, data decryption method and node
Technical field
The present invention relates to elliptic curve cipher (ECC, Elliptic Curve Cryptography) technical field, be specifically related to a kind of data encryption, data decryption method, sending node and receiving node based on Elliptic Curve Public Key Cryptosystems.
Background technology
Cryptographic system generally can be divided into two types: DSE arithmetic and public-key cryptosystem.Wherein, public-key cryptosystem is by Diffie-Hellman and Merkle independent proposition respectively, and first piece of paper multiuser cryptographic techniques about public key cryptography submits to the National Computer Conference of the U.S. in June, 1976.Comparatively conventional public-key cryptosystem has RSA public-key cryptosystem, elliptic curve cryptosystem etc. now.In existing public-key cryptosystem, elliptic curve cryptosystem is every the highest grade of bit encryption a kind of at present known public-key cryptosystem.
Digital signature technology is the main application to public key encryption algorithm, and its major function is for data source authentication is provided, data integrity and non-repudiation authentication.Digital signature of elliptic curve technology is the elliptic curve version of digital signature.It utilizes security intensity and the relatively short key length that elliptic curve cryptosystem is stronger to realize the authentication to data source and data integrity.The application of public key encryption algorithm also comprises and utilizes Elliptic Curve Public Key Cryptosystems to be encrypted and cipher-text information is decrypted to sent information.
In existing Elliptic Curve Public Key Cryptosystems, need to carry out the point doubling on elliptic curve, and the operand of inversion operation in point doubling is very large, can expend a large amount of calculation resources, this,, to supporting the hardware of the node device of Elliptic Curve Public Key Cryptosystems to have very high requirement, has limited the application of Elliptic Curve Public Key Cryptosystems on the limited nodal terminal of some functions (as wireless sensing node).
Summary of the invention
Technical problem to be solved by this invention is to provide a kind of data ciphering method, data decryption method and node, in order to reduce the operand of the digital signature identification of Elliptic Curve Public Key Cryptosystems.
For solving the problems of the technologies described above, the invention provides scheme as follows:
A data ciphering method based on Elliptic Curve Public Key Cryptosystems, comprising:
Sending node obtains parameter group, key and the data message of the elliptic curve setting in advance;
Sending node utilizes parameter group, key and the data message of elliptic curve, calculates data encryption information, and described data encryption information is sent to receiving node;
Wherein, in calculating the process of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate.
Preferably, in above-mentioned data ciphering method, wherein, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate, specifically comprise:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to the equation under projected coordinate system, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
According to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system;
Utilize described corresponding relation and described computing formula, by the point doubling on described elliptic curve, be transformed under described projected coordinate system and calculate.
Preferably, in above-mentioned data ciphering method,
Described key is the PKI of receiving node, and described data message is cleartext information, and described data encryption information is the cipher-text information that described cleartext information is corresponding.
Preferably, in above-mentioned data ciphering method,
Described key is the private key of sending node, the identification information that described data message is sending node, the digital signature information that described data encryption information is sending node;
And sending node, when described digital signature information is sent to receiving node, sends to receiving node by described identification information simultaneously.
Preferably, in above-mentioned data ciphering method,
The calculating of the digital signature information of described sending node comprises:
From 1 to n-1, choose arbitrarily an integer k, wherein n is the Prime Orders of the basic point of elliptic curve;
Calculate kP, then by the x coordinate x of kP 3be converted to integer and to integer delivery n computing, obtains r, wherein P=(P x, P y), represent the basic point of described elliptic curve;
Use default hash function to carry out hash computing to the identification information of sending node, obtain Hash Value e, and to k -1(e+dr) delivery n computing, obtains s, and wherein d is described private key;
At r and s, be all not equal at 0 o'clock, obtain described digital signature information (r, s).
Preferably, in above-mentioned data ciphering method,
Described projection coordinate is Jacobi's projected coordinate system;
In calculating the process of described kP, for the calculating of 2P, carry out in such a way:
According to described corresponding relation, obtain the affine some subpoint G=(X that P is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P.
The present invention also provides a kind of sending node, comprising:
Acquiring unit, for obtaining parameter group, key and the data message of the elliptic curve setting in advance;
Ciphering unit, for utilizing parameter group, key and the data message of elliptic curve, calculates data encryption information;
Transmitting element, also for sending to receiving node by described data encryption information;
Wherein, described ciphering unit is in calculating the process of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate.
Preferably, in above-mentioned sending node, described ciphering unit comprises:
Projecting cell, for described elliptic curve is projected to projected coordinate system, is converted to the equation under projected coordinate system by described elliptic curve, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
Converting unit, for according to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system;
Computing unit, for utilizing described corresponding relation and described computing formula, by the point doubling on described elliptic curve, is transformed under described projected coordinate system and calculates.
Preferably, in above-mentioned sending node,
Described key is the private key of sending node, the identification information that described data message is sending node, the digital signature information that described data encryption information is sending node;
Described transmitting element also, for when described digital signature information is sent to receiving node, sends to receiving node by described identification information simultaneously.
Preferably, in above-mentioned sending node,
Described ciphering unit comprises:
Selected cell, for choose arbitrarily an integer k from 1 to n-1, wherein n is the Prime Orders of the basic point of described elliptic curve;
The first computing unit, for calculating kP, then by the x coordinate x of kP 3be converted to integer and to integer delivery n computing, obtains r, wherein P=(P x, P y), represent the basic point of described elliptic curve;
The second computing unit, for using hash function to carry out hash computing to the identification information of sending node, obtains Hash Value e, and to k -1(e+dr) delivery n computing, obtains s, and wherein d is described private key;
Output unit, for being all not equal at 0 o'clock at r and s, obtains described digital signature information (r, s).
Preferably, in above-mentioned sending node, described projection coordinate is Jacobi's projected coordinate system, and described the first computing unit is further used for, in calculating the process of described kP, for the calculating of 2P, carrying out in such a way:
According to described corresponding relation, obtain the affine some subpoint G=(X that P is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P.
The present invention also provides a kind of data decryption method based on Elliptic Curve Public Key Cryptosystems, comprising:
Receiving node receives the data encryption information of sending node, and the parameter group that described data encryption information is the default elliptic curve of sending node utilization, the first key and data message calculate;
Receiving node utilizes parameter group and second key corresponding to described the first key of described elliptic curve, and described data encryption information is decrypted;
Wherein, in the decrypting process of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate.
Preferably, in above-mentioned data decryption method, wherein, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate, specifically comprise:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to the equation under projected coordinate system, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
According to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system;
Utilize described corresponding relation and described the first computing formula, by the point doubling on described elliptic curve, be transformed under described projected coordinate system and calculate.
Preferably, in above-mentioned data decryption method,
The PKI that described the first key is receiving node, the private key that described the second key is receiving node, described data message is cleartext information, described data encryption information is the cipher-text information that described cleartext information is corresponding.
Preferably, in above-mentioned data decryption method,
The private key that described the first key is sending node, the PKI that described the second key is sending node, the identification information that described data message is sending node, the digital signature information that described data encryption information is sending node;
Receiving node further receives the identification information of sending node, and in the decrypting process of described data encryption information, utilize the PKI of the parameter group of described elliptic curve, the identification information of sending node and described sending node, described digital signature information is carried out to signature authentication.
Preferably, in above-mentioned data decryption method,
Described described digital signature information is carried out to signature authentication, comprising:
When in the r in described digital signature information (r, s) or s, any does not belong to interval [1, n-1], the failure of judgement digital signature identification, wherein n is the Prime Orders of the basic point of described elliptic curve;
When r and s all belong to interval [1, n-1], use default hash function to carry out hash computing to the identification information m of sending node, obtain Hash Value e, and to s -1delivery n computing obtains w;
Calculate u 1p and u 2q, and calculate u 1p+u 2q obtains T, wherein, and u 1=ew mod n, u 2=rw mod n, P=(P x, P y), representing the basic point of described elliptic curve, Q represents described PKI;
When T=∞, the failure of judgement signature authentication;
When T ≠ ∞, by the x coordinate x of T 4be converted to integer and right delivery n computing obtains v, and judges whether v=r sets up: if set up, digital signature identification passes through; Otherwise digital signature identification failure.
Preferably, in above-mentioned data decryption method,
Described projection coordinate is Jacobi's projected coordinate system;
Calculating described u 1p or u 2in the process of Q, for the calculating of 2F, carry out in such a way, wherein F represents P or Q:
According to described corresponding relation, obtain the affine some subpoint G=(X that F is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2F.
The present invention also provides a kind of receiving node, comprising:
Receiving element, for receiving the data encryption information of sending node, the parameter group that described data encryption information is the default elliptic curve of sending node utilization, the first key and data message calculate;
Decryption unit, for utilizing parameter group and second key corresponding to described the first key of described elliptic curve, is decrypted described data encryption information;
Wherein, described decryption unit is in the decrypting process of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate.
Preferably, in above-mentioned receiving node, described decryption unit comprises:
Projecting cell, for described elliptic curve is projected to projected coordinate system, is converted to the equation under projected coordinate system by described elliptic curve, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
Converting unit, for according to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system;
Computing unit, for utilizing described corresponding relation and described computing formula, by the point doubling on described elliptic curve, is transformed under described projected coordinate system and calculates.
Preferably, in above-mentioned receiving node,
The private key that described the first key is sending node, the PKI that described the second key is sending node, the identification information that described data message is sending node, the digital signature information that described data encryption information is sending node;
Described receiving element, also for receiving the identification information of sending node;
Described decryption unit, also for the decrypting process in described data encryption information, utilizes the PKI of the parameter group of described elliptic curve, the identification information of sending node and described sending node, and described digital signature information is carried out to signature authentication.
Preferably, in above-mentioned receiving node,
Described decryption unit comprises:
The first judging unit, when in the r in described digital signature information (r, s) or s, any does not belong to interval [1, n-1], the failure of judgement digital signature identification, wherein n is the Prime Orders of the basic point of described elliptic curve;
The first computing unit, when all belonging to interval [1, n-1] at r and s, is used default hash function to carry out hash computing to the identification information m of sending node, obtains Hash Value e, and to s -1delivery n computing obtains w;
The second computing unit, for calculating u 1p, wherein P=(P x, P y), represent the basic point of described elliptic curve;
The 3rd computing unit, for calculating u 2q, wherein Q represents described PKI;
The 3rd computing unit, for calculating u 1p+u 2q obtains T, wherein, and u 1=ew mod n, u 2=rw mod n;
The second judging unit, for when the T=∞, the failure of judgement signature authentication;
The 3rd judging unit, for when T ≠ ∞, by the x coordinate x of T 4be converted to integer and right delivery n computing obtains v, and judges whether v=r sets up: if set up, digital signature identification passes through; Otherwise digital signature identification failure.
Preferably, in above-mentioned receiving node,
Described projection coordinate is Jacobi's projected coordinate system;
Described the second computing unit, is further used for calculating described u 1p or u 2in the process of Q, for the calculating of 2F, carry out in such a way, wherein F represents P or Q:
According to described corresponding relation, obtain the affine some subpoint G=(X that F is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2F.
From the above, can find out, data ciphering method provided by the invention, data decryption method and node, utilizing Elliptic Curve Public Key Cryptosystems generated data enciphered message and enciphered message is being decrypted for example, in the process of (calculate digital signature information and digital signature information is being carried out to signature authentication), by elliptic curve is projected to projected coordinate system by original coordinate system, elliptic curve is converted to the equation under projected coordinate system, and then by the point doubling of described elliptic curve, be converted to the computing under projected coordinate system, because the computing under projected coordinate system only need to be calculated the multiplication between coordinate figure under projected coordinate system, additional calculation, thereby avoided the inversion operation in elliptic curve point doubling, and inversion operation can expend a large amount of system resource, therefore the present invention can greatly reduce operand, improved computational efficiency.And, because the present invention greatly reduces the operand in data encryption and decrypting process, make also can apply Elliptic Curve Public Key Cryptosystems in the situation of node system resource-constrained, expanded the range of application of Elliptic Curve Public Key Cryptosystems, for example, make ellipse curve signature algorithm can be applied to the wireless sensing node in radio sensing network, both improved the fail safe of radio sensing network, needn't increase again the hardware cost of node.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of the data ciphering method based on Elliptic Curve Public Key Cryptosystems described in the embodiment of the present invention;
Fig. 2 is the schematic flow sheet of the data decryption method based on Elliptic Curve Public Key Cryptosystems described in the embodiment of the present invention;
Fig. 3 is the example schematic of the generative process of digital signature of elliptic curve in the embodiment of the present invention;
Fig. 4 is the example schematic of the proof procedure of digital signature of elliptic curve in the embodiment of the present invention;
Fig. 5 is the structural representation of sending node described in the embodiment of the present invention;
Fig. 6 is the structural representation of receiving node described in the embodiment of the present invention.
Embodiment
The present invention is directed to the large deficiency of Encrypt and Decrypt operand in existing Elliptic Curve Public Key Cryptosystems, by elliptic curve is carried out to coordinate system conversion, the point doubling of elliptic curve is transformed under projected coordinate system and is carried out, reduce the operand of signature authentication algorithm, expanded the range of application of Elliptic Curve Public Key Cryptosystems.Below with reference to accompanying drawing, by specific embodiment, the present invention is described further.
The embodiment of the present invention provides a kind of data ciphering method based on Elliptic Curve Public Key Cryptosystems.Please refer to Fig. 1, data ciphering method described in the embodiment of the present invention, specifically comprises the following steps:
Step 11, sending node obtain the elliptic curve setting in advance parameter group,, key and cleartext information.
Step 12, sending node utilizes parameter group, key and the cleartext information of elliptic curve, calculates data encryption information, and described data encryption information is sent to receiving node; Wherein, in calculating the process of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate.
Here, when described in application the present embodiment, data ciphering method is encrypted plaintext, key described in above-mentioned steps 11 is the PKI of receiving node, and described data message is cleartext information, and the data encryption information described in above-mentioned steps 12 is the cipher-text information that described cleartext information is corresponding.
Here, when described in application the present embodiment, data ciphering method carries out digital signature to sending node, key described in above-mentioned steps 11 is the private key of sending node, described data message is the identification information of sending node, the digital signature information that data encryption information described in above-mentioned steps 12 is sending node, and sending node, when described digital signature information is sent to receiving node, sends to receiving node by described identification information simultaneously.
In the process of utilizing Elliptic Curve Public Key Cryptosystems generating digital signature or plaintext being encrypted, all can relate to the point doubling on elliptic curve.The present embodiment, in above-mentioned steps 12, by the point doubling on described elliptic curve, is transformed under projected coordinate system and calculates, and specifically comprises:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to the equation under projected coordinate system, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
According to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system, in the expression formula of described computing formula cancellation denominator;
Utilize described corresponding relation and described computing formula, by the point doubling on described elliptic curve, be transformed under described projected coordinate system and calculate.
From the above, can find out, the present embodiment is when utilizing Elliptic Curve Public Key Cryptosystems calculated data enciphered message, by elliptic curve is projected to projected coordinate system by original coordinate system, elliptic curve is converted to the equation under projected coordinate system, the every bit of elliptic curve (subpoint) under original coordinate system has a corresponding with it point (affine point) under projected coordinate system; And then the present embodiment is by the point doubling of described elliptic curve, be converted to the computing under projected coordinate system, because the computing under projected coordinate system only need to be calculated the multiplication between coordinate figure, additional calculation under projected coordinate system, thereby avoided the inversion operation in elliptic curve point doubling, and inversion operation can expend a large amount of system resource, therefore the present embodiment can greatly reduce operand, has improved computational efficiency.
Preferably, described in the present embodiment, sending node is the wireless sensing node in radio sensing network.
Radio sensing network is a kind of network consisting of sensor node, its various monitoring target information in monitoring, perception and collection network distributed areas that can cooperate, and these information are processed, be distributed to observer.Because radio sensing network node mostly needs to be deployed in relative risk or the comparatively severe area of environment, and in the ordinary course of things, under the situation of wireless sensing node in no supervision and maintenance, so wireless sensing node is very easily subject to various malicious attack, thereby threaten the safety of whole radio sensing network.So must guarantee the legal identity of node communication in radio sensing network.On the other hand due to wireless sensing node memory capacity and computing capability all very limited, this makes at wireless sensing node is to use comparatively complicated cryptographic algorithm very difficult, therefore the arithmetical operation of the elliptic curve key length of prior art is not suitable for being applied in the limited wireless sensing node of hardware resource, so the wireless sensing node of prior art does not all adopt the very high ellipse curve signature algorithm of fail safe.And the present embodiment is changed by coordinate system, avoided the inversion operation in the point doubling of elliptic curve, greatly reduce the operand in signature process, make Elliptic Curve Public Key Cryptosystems can be applied to wireless sensing node, both improve the fail safe of node, needn't increase again the hardware cost of node.
Corresponding with above-mentioned digital signature method, the present embodiment also provides a kind of data decryption method based on Elliptic Curve Public Key Cryptosystems, and as shown in Figure 2, this authentication method specifically comprises:
Step 21, receiving node receives the data encryption information of sending node, and the parameter group that described data encryption information is the default elliptic curve of sending node utilization, the first key and data message calculate;
Step 22, receiving node utilizes parameter group and second key corresponding to described the first key of described elliptic curve, and described data encryption information is decrypted; Wherein, in the deciphering of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate.
Here, when described in application the present embodiment, data decryption method is decrypted ciphertext, the PKI that the first key described in above-mentioned steps 21 is receiving node, the private key that described the second key is receiving node, described data message is cleartext information, and described data encryption information is the cipher-text information that described cleartext information is corresponding.
Here, when described in application the present embodiment, data ciphering method carries out signature authentication to the digital signature of sending node, the private key that the first key described in above-mentioned steps 21 is sending node, the PKI that described the second key is sending node, described data message is the identification information of sending node, the digital signature information that described data encryption information is sending node; And in step 21, receiving node further receives the identification information of sending node, and in the decrypting process of the information of data encryption described in step 22, utilize the PKI of the parameter group of described elliptic curve, the identification information of sending node and described sending node, described digital signature information is carried out to signature authentication.
Here, in above-mentioned steps 22, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate, specifically comprise:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to the equation under projected coordinate system, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
According to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system, in the expression formula of described computing formula cancellation denominator;
Utilize described corresponding relation and described computing formula, by the point doubling on described elliptic curve, be transformed under described projected coordinate system and calculate.
Preferably, described receiving node is the wireless sensing node in radio sensing network.
From the above, can find out, the present embodiment is when being decrypted data enciphered message, by elliptic curve is projected to projected coordinate system by original coordinate system, elliptic curve is converted to the equation under projected coordinate system, the every bit of elliptic curve (subpoint) under original coordinate system has a corresponding with it point (affine point) under projected coordinate system; And then the present embodiment is by the point doubling of described elliptic curve, be converted to the computing under projected coordinate system, because the computing under projected coordinate system only need to be calculated the multiplication between coordinate figure, additional calculation under projected coordinate system, thereby avoided the inversion operation in elliptic curve point doubling, greatly reduce operand, improved computational efficiency.
In order to be easier to understand the said method of the present embodiment, the present embodiment further be take Jacobi's projected coordinate system and digital signature and signature authentication as example, by concrete example, said method is described further.This concrete example is not limited to the present invention, the present invention can be applied to other projected coordinate system equally, in standard projection coordinate system, the present invention can be applied in various encrypting and decrypting algorithms based on existing Elliptic Curve Public Key Cryptosystems equally in the process that is expressly encrypted and ciphertext is decrypted.
How the point doubling that first elliptic curve is described is realized by the calculating under Jacobi's elliptic coordinates.
The parameter group D=(p, a, b, P, n, h) that supposes to provide elliptic curve, this parameter group can define an elliptic curve equation E:y 2=x 3+ ax+b.Wherein, p is one and is greater than 3 prime number, and its binary system length is greater than 160 bits conventionally, the prime number of can Shi You USA National Institute of Standard and Technology (NIST) recommending, thus can obtain corresponding prime field.A, b is elliptic curve E:y 2=x 3the coefficient of+ax+b.P=(P x, P y) be the basic point on elliptic curve E.H is cofactor, and n is the Prime Orders of basic point P.Suppose that the key of the digital signature that adopts in the present embodiment is to (d, Q), wherein d is private key, is arbitrary integer between 1 to n-1 (be d ∈ R[1, n-1]), for sending node all; Q=dP is PKI, for receiving node owns.
Here, elliptic curve is converted to the equation under Jacobi's projected coordinate system, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation, specifically: by elliptic curve E:y 2=x 3+ ax+b converts the equation form Y under Jacobi's projected coordinate system to 2=X 3+ aXZ 4+ bZ 6, now the subpoint under Jacobi's projected coordinate system (X: Y: Z), the affine point (X/Z under Z ≠ 0 and elliptic curve place original coordinate system 2, Y/Z 3) correspondence.
Suppose W=(x 1, y 1) be a point in elliptic curve, the point doubling formula 2W=(x of elliptic curve 2, y 2) be:
x 2=λ 2-2x 1 mod p
y 2=λ(x 1-x 2)-y 1 mod p
Wherein, λ=(3x 1 2+ a)/2y 1.The mod p here means the computing to delivery p, for example in above formula respectively to λ 2-2x 1and λ (x 1-x 2)-y 1delivery p computing.
According to the corresponding relation between affine point and subpoint, for affine point: W=(x 1, y 1)=(X/Z 2, Y/Z 3), there is subpoint G=(X 1: Y 1: Z 1) corresponding with it, therefore, make G=(X 1: Y 1: Z 1), 2G=(X ' 3: Y ' 3: 1), by x 1, y 1replace with the coordinate under Jacobi's projected coordinate system, the point doubling formula of the above-mentioned elliptic curve of substitution, obtains:
X 3 ′ = ( 3 X 1 2 + aZ 1 4 ) 2 - 8 X 1 Y 1 2 4 Y 1 2 Z 1 2
Y 3 ′ = 3 X 1 2 + aZ 1 4 2 Y 1 Z 1 ( X 1 Z 1 2 - X 3 ′ ) - Y 1 Z 1 3
In expression formula, cancel denominator, 2G=(X 3: Y 3: Z 3), wherein
X 3 = ( 3 X 1 2 + aZ 1 4 ) 2 - 8 X 1 Y 1 2 Y 3 = ( 3 X 1 2 + aZ 1 4 ) ( 4 X 1 Y 1 2 - X 3 ) - 8 Y 1 4 Z 3 = 2 Y 1 Z 1 - - - ( 1 )
Above-mentioned formula (1) is the point doubling of the elliptic curve computing formula under Jacobi's projected coordinate system.In the expression formula of above-mentioned formula (1), all there is no denominator, thereby avoided inversion operation.Meanwhile, due to etc. result of calculation, can reuse, further to reduce operand.
By above conversion, affine some W=(x on elliptic curve 1, y 1)=(X/Z 2, Y/Z 3), the some 2W that its point doubling obtains, corresponding to the 2G=(X under Jacobi projection coordinate 3: Y 3: Z 3), therefore, when calculating the point doubling of elliptic curve, only need to utilize corresponding relation and the above-mentioned formula (1) between affine point and subpoint, point doubling on elliptic curve is converted to the calculating under Jacobi's projected coordinate system, and then according to above-mentioned corresponding relation, the result of calculation under Jacobi's projected coordinate system is converted back to the original coordinate system at elliptic curve place, what can obtain elliptic curve doubly puts result of calculation.
In this example, as the wireless sensing node of sending node, when there is communication, first produce the digital signature information (r of this sending node, s), and by this digital signature information (r, s) send to receiving node, its detailed process as shown in Figure 3, comprising:
Step 300, the identification information m of derivation sending node, here, this identification information can be the information of terminal number, terminal MAC Address or other this terminal of energy unique identification.
Step 301, derives and is preset at the parameter group D=(p, a, b, P, n, h) of the elliptic curve in sending node and the private key d of sending node.
Step 302, sending node choose 1 to n-1 between arbitrary integer k (be k ∈ R[1, n-1]), and calculate kP=(x 3, y 3), then by field parameter x 3be converted to integer concrete conversion can be carried out x according to American National Standards Institute's ANSI X9.62 standard 3be converted to integer
Here, in step 302, kP=(x can calculated 3, y 3) process in use above-mentioned formula (1), the point doubling of elliptic curve is optimized, to reduce operand, improve operation efficiency.According to multi point arithmetic in elliptic curve, as follows for the computational process of N=kP:
First, k is expressed as to binary form k=(k i-1..., k 2, k 1) 2, and make N=0:
Then, for i, from 0 to t-1, repeat successively the computing of following A, B:
A) if k i=1, N is updated to the result (being N ← N+P) of N+P; If k i=0, keep N constant (being N ← N);
B) calculate 2P, and P is updated to 2P (being P ← 2P);
Finally, export the value of N, obtain the result of calculation of N=kP.
Wherein, in described step B, calculating 2P specifically comprises:
According to the corresponding relation between described affine point and subpoint, obtain the affine some subpoint G=(X that P is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P, thereby obtains doubly putting the operation result of 2P.
As can be seen calculated from the above process, in carrying out elliptic curve during multi point arithmetic, need to repeatedly carry out the point doubling (being the 2P in step B) of elliptic curve, therefore, this example is when calculating 2P, elliptic curve is projected under Jacobi's projected coordinate system, utilize corresponding relation and the above-mentioned formula (1) of affine point and subpoint, point doubling is converted to the calculating under Jacobi projection coordinate, then according to above-mentioned corresponding relation, result of calculation is converted back to the original coordinate system under elliptic curve, can obtain point doubling result, thereby avoided the inversion calculation in elliptic curve point doubling, greatly reduced operand.
Step 303, calculates
Step 304, judges whether r=0 sets up: if set up, return to step 302, to reselect k, calculate; If be false, obtain the value of r and enter step 305.
Step 305, is used default hash function to carry out hash computing to the identification information m of node, obtains Hash Value e.For example use secure hash algorithm SHA1 to carry out hash computing to m, be fixed the Hash Value of 160 of length.
Step 306, calculates s=k -1(e+dr) mod n, to k -1(e+dr) delivery n computing.
Step 307, judges whether s=0 sets up, if set up, returns to step 302; If be false, obtain the value of s and enter step 308.
Step 308, obtains the digital signature information (r, s) of the elliptic curve of sending node, and digital signature information (r, s) and self identification information is sent to receiving node.Here, preferably, sending node and receiving node are all the wireless sensing nodes in radio sensing network.
In this example, receiving node receives the digital digital signature information (r that sending node sends, s) after, utilize preset PKI to verify it, thereby when sending node access network, the legitimacy of sending node is authenticated, guarantee the secure communication of network, concrete verification process as shown in Figure 4, comprising:
Step 400, after communication process starts, receiving node is received the digital signature information (r, s) of sending node and the terminal identification information m of sending node;
Step 401, receiving node extracts parameter D=(p, a, b, P, n, h) and the PKI Q that is preset at local elliptic curve.
Step 402, whether receiving node check r and s are all the integers in interval [1, n-1]: if any one is checked unsuccessfully, enter step 410; R and s are the integers in interval [1, n-1], enter step 403.
Step 403, is used default hash function (as SHA1, identical with sending node) to carry out hash computing to the terminal identification information m of sending node, is fixed the Hash Value e of 160 of length.
Step 404, calculates w=s -1mod n is (to s -1delivery n computing obtains w).
Step 405, calculates u 1=ew mod n and u 2(to ew delivery n, computing obtains u to=rw mod n 1, to rw delivery n, computing obtains u 2); Then, calculate u 1p and u 2q, and calculate u 1p+u 2q obtains T, T=u 1p+u 2q.
Step 406, judges whether T=∞ is true: in this way, enter step 410; Otherwise enter step 407.
Step 407, according to ANSI X9.62 standard, by the x coordinate x of field parameter T 4be converted to integer and calculate
Step 408, due to s=k -1(e+dr) mod n, rearrangement can obtain:
K=s -1(e+dr)=s -1e+s -1rd=we+wrd=u 1+ u 2d (mod n), that is:
X=u 1p+u 2q=u 1p+u 2dP=(u 1+ u 2d) P=kP, so there is v=r to set up, therefore judges whether v=r sets up: if set up, enter step 409; Otherwise enter step 410.
Step 409, digital signature identification passes through, and returns to the indication of (" accepting this signature ").
Step 410, digital signature identification failure, returns to the indication of (" refusing this signature ").
Here, in above-mentioned steps 405, u can calculated 1p and u 2in the process of Q, use above-mentioned formula (1), the point doubling of elliptic curve be optimized, to reduce operand, improve operation efficiency, be described as follows:
Wherein calculate u 1p comprises:
By u 1be converted to binary form u 1=(f h-1..., f 2, f 1) 2, and to make the initial value of N be 0;
For i, from 0 to h-1, repeat successively the computing of following steps A, B:
Steps A) if f i=1, N is updated to the result of N+P; If f i=0, keep N constant;
Step B) calculate 2P, and P is updated to 2P;
Computing finishes the value of rear output N, obtains N=u 1the result of calculation of P;
Wherein, in described step B, calculating 2P comprises:
According to the corresponding relation between described affine point and subpoint, obtain the affine some subpoint G=(X that P is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P again, thereby obtains doubly putting the operation result of 2P.
And calculating u 2q, specifically comprises again:
By u 2be converted to binary form u 2=(j i-1..., j 2, j 1) 2, and to make the initial value of M be 0;
For i, from 0 to l-1, repeat successively the computing of following steps A ', B ':
Steps A ') if j i=1, M is updated to the result of M+Q; If j i=0, keep M constant;
Step B ') calculate 2Q, and Q is updated to 2Q;
Computing finishes the value of rear output M, obtains M=u 2the result of calculation of Q;
Wherein, in described step B ', calculating 2Q comprises:
According to described corresponding relation, obtain the affine some subpoint B=(X that Q is corresponding 2: Y 2: Z 2);
According to formula solve and obtain 2B=(X 4: Y 4: Z 4);
According to described corresponding relation, subpoint 2B is converted to affine some 2Q again, thereby obtains doubly putting the operation result of 2Q.
In above process, sending node is in generating digital signing messages process, receiving node all can utilize above-mentioned formula (1) to simplify the point doubling of elliptic curve in certifying digital signature information process, avoided the inversion operation in point doubling, reduced the system resource that point doubling consumes, reduce the requirement to node hardware, improved operation efficiency.
Finally, by following table, listed and adopted the wireless sensing node before and after being optimized of method described in the present embodiment generating PKI, needed time when digital signature information and certifying digital signature, from following table, can find out, adopt after the present embodiment method, under same hardware condition, wireless sensing node can greatly reduce computing required time, described in the present embodiment, method can improve operation efficiency to a great extent, make Elliptic Curve Public Key Cryptosystems can be applied to the less wireless sensing node of system resource, and needn't improve the hardware configuration of wireless sensing node, there is good economic benefit, can improve the fail safe of radio sensing network again
The time of implementation (S) of not optimizing Time of implementation after optimization (S)
Produce PKI 30.12 8.23
Generate signature 30.05 8.33
Certifying signature 60.55 16.95
Finally, the present embodiment also provides respectively in order to realize the node device of above-mentioned data ciphering method and data decryption method.
Wherein, as shown in Figure 5, a kind of sending node that the present embodiment provides, specifically comprises:
Acquiring unit, for obtaining parameter group, key and the data message of the elliptic curve setting in advance;
Ciphering unit, for utilizing parameter group, key and the data message of elliptic curve, calculates data encryption information;
Transmitting element, also for sending to receiving node by described data encryption information;
Wherein, described ciphering unit is in calculating the process of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate.
As a preferred embodiment, described ciphering unit comprises:
Projecting cell, for described elliptic curve is projected to projected coordinate system, is converted to the equation under projected coordinate system by described elliptic curve, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
Converting unit, for according to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system;
Computing unit, for utilizing described corresponding relation and described computing formula, by the point doubling on described elliptic curve, is transformed under described projected coordinate system and calculates.
As a preferred embodiment, the PKI that described key is receiving node, described data message is cleartext information, described data encryption information is the cipher-text information that described cleartext information is corresponding.
As a preferred embodiment, the private key that described key is sending node, the identification information that described data message is sending node, the digital signature information that described data encryption information is sending node; And described transmitting element also, for when described digital signature information is sent to receiving node, sends to receiving node by described identification information simultaneously.
Preferably, described sending node is the wireless sensing node in radio sensing network.
As a preferred embodiment, described ciphering unit comprises:
Selected cell, for choose arbitrarily an integer k from 1 to n-1, wherein n is the Prime Orders of the basic point of described elliptic curve;
The first computing unit, for calculating kP, then by the x coordinate x of kP 3be converted to integer , and to integer delivery n computing, obtains r, wherein P=(P x, P y), represent the basic point of described elliptic curve;
The second computing unit, for using hash function to carry out hash computing to the identification information of sending node, obtains Hash Value e, and to k -1(e+dr) delivery n computing, obtains s, and wherein d is described private key;
Output unit, for being all not equal at 0 o'clock at r and s, obtains described digital signature information (r, s).
As a preferred embodiment, described projection coordinate is Jacobi's projected coordinate system, and described the first computing unit is further used for, in calculating the process of described kP, for the calculating of 2P, carrying out in such a way:
According to described corresponding relation, obtain the affine some subpoint G=(X that P is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P.
Please refer to shown in Fig. 6, the present embodiment also provides a kind of receiving node, specifically comprises again:
Receiving element, for receiving the data encryption information of sending node, the parameter group that described data encryption information is the default elliptic curve of sending node utilization, the first key and data message calculate;
Decryption unit, for utilizing parameter group and second key corresponding to described the first key of described elliptic curve, is decrypted described data encryption information;
Wherein, described decryption unit is in the decrypting process of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate.
As a preferred embodiment, described decryption unit comprises:
Projecting cell, for described elliptic curve is projected to projected coordinate system, is converted to the equation under projected coordinate system by described elliptic curve, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
Converting unit, for according to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system;
Computing unit, for utilizing described corresponding relation and described computing formula, by the point doubling on described elliptic curve, is transformed under described projected coordinate system and calculates.
Preferably, described sending node is the wireless sensing node in radio sensing network.
As a preferred embodiment, the PKI that described the first key is receiving node, the private key that described the second key is receiving node, described data message is cleartext information, described data encryption information is the cipher-text information that described cleartext information is corresponding.
As a preferred embodiment, the private key that described the first key is sending node, the PKI that described the second key is sending node, the identification information that described data message is sending node, the digital signature information that described data encryption information is sending node;
Described receiving element, also for receiving the identification information of sending node;
Described decryption unit, also for the decrypting process in described data encryption information, utilizes the PKI of the parameter group of described elliptic curve, the identification information of sending node and described sending node, and described digital signature information is carried out to signature authentication.
Preferably, described decryption unit comprises:
The first judging unit, when in the r in described digital signature information (r, s) or s, any does not belong to interval [1, n-1], the failure of judgement digital signature identification, wherein n is the Prime Orders of the basic point of described elliptic curve;
The first computing unit, when all belonging to interval [1, n-1] at r and s, is used default hash function to carry out hash computing to the identification information m of sending node, obtains Hash Value e, and to s -1delivery n computing obtains w;
The second computing unit, for calculating u 1p, wherein P=(P x, P y), represent the basic point of described elliptic curve;
The 3rd computing unit, for calculating u 2q, wherein Q represents described PKI;
The 3rd computing unit, for calculating u 1p+u 2q obtains T, wherein, and u 1=ew mod n, u 2=rw mod n;
The second judging unit, for when the T=∞, the failure of judgement signature authentication;
The 3rd judging unit, for when T ≠ ∞, by the x coordinate x of T 4be converted to integer and right delivery n computing obtains v, and judges whether v=r sets up: if set up, digital signature identification passes through; Otherwise digital signature identification failure.
As a preferred embodiment, described projection coordinate is Jacobi's projected coordinate system, and described the second computing unit is further used for calculating described u 1p or u 2in the process of Q, for the calculating of 2F, carry out in such a way, wherein F represents P or Q:
According to described corresponding relation, obtain the affine some subpoint G=(X that F is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2F.
The above is only embodiments of the present invention; it should be pointed out that for those skilled in the art, under the premise without departing from the principles of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.

Claims (18)

1. the data ciphering method based on Elliptic Curve Public Key Cryptosystems, is characterized in that, comprising:
Sending node obtains parameter group, key and the data message of the elliptic curve setting in advance;
Sending node utilizes parameter group, key and the data message of elliptic curve, calculates data encryption information, and described data encryption information is sent to receiving node; The digital signature information that described data encryption information is sending node, the calculating of the digital signature information of described sending node comprises:
From 1 to n-1, choose arbitrarily an integer k, wherein n is the Prime Orders of the basic point of elliptic curve;
Calculate kP, then by the x coordinate x of kP 3be converted to integer and to integer delivery n computing, obtains r, wherein P=(P x, P y) represent the basic point of described elliptic curve;
Use default hash function to carry out hash computing to the identification information of sending node, obtain Hash Value e, and to k -1(e+dr) delivery n computing, obtains s, and wherein d is private key;
At r and s, be all not equal at 0 o'clock, obtain described digital signature information (r, s);
Wherein, in calculating the process of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate.
2. data ciphering method as claimed in claim 1, is characterized in that, wherein, by the point doubling on described elliptic curve, is transformed under projected coordinate system and calculates, and specifically comprises:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to the equation under projected coordinate system, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
According to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system;
Utilize described corresponding relation and described computing formula, by the point doubling on described elliptic curve, be transformed under described projected coordinate system and calculate.
3. data ciphering method as claimed in claim 1, is characterized in that,
Described key is the PKI of receiving node, and described data message is cleartext information, and described data encryption information is the cipher-text information that described cleartext information is corresponding.
4. data ciphering method as claimed in claim 1, is characterized in that,
Described key is the private key of sending node, the identification information that described data message is sending node;
And sending node, when described digital signature information is sent to receiving node, sends to receiving node by described identification information simultaneously.
5. data ciphering method as claimed in claim 1, is characterized in that,
Described projection coordinate is Jacobi's projected coordinate system;
In calculating the process of described kP, for the calculating of 2P, carry out in such a way:
According to described corresponding relation, obtain the affine some subpoint G=(X that P is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P.
6. a sending node, is characterized in that, comprising:
Acquiring unit, for obtaining parameter group, key and the data message of the elliptic curve setting in advance;
Ciphering unit, for utilizing parameter group, key and the data message of elliptic curve, calculates data encryption information;
Transmitting element, also for described data encryption information is sent to receiving node, the digital signature information that described data encryption information is sending node; Described transmitting element comprises selected cell, the first computing unit, the second computing unit and output unit, wherein:
Selected cell, for choose arbitrarily an integer k from 1 to n-1, wherein n is the Prime Orders of the basic point of described elliptic curve;
The first computing unit, for calculating kP, then by the x coordinate x of kP 3be converted to integer and to integer delivery n computing, obtains r, wherein P=(P x, P y) represent the basic point of described elliptic curve;
The second computing unit, for using hash function to carry out hash computing to the identification information of sending node, obtains Hash Value e, and to k -1(e+dr) delivery n computing, obtains s, and wherein d is private key;
Output unit, for being all not equal at 0 o'clock at r and s, obtains described digital signature information (r, s);
Wherein, described ciphering unit is in calculating the process of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate.
7. sending node as claimed in claim 6, is characterized in that, described ciphering unit comprises:
Projecting cell, for described elliptic curve is projected to projected coordinate system, is converted to the equation under projected coordinate system by described elliptic curve, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
Converting unit, for according to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system;
Computing unit, for utilizing described corresponding relation and described computing formula, by the point doubling on described elliptic curve, is transformed under described projected coordinate system and calculates.
8. sending node as claimed in claim 6, is characterized in that,
Described key is the private key of sending node, the identification information that described data message is sending node;
Described transmitting element also, for when described digital signature information is sent to receiving node, sends to receiving node by described identification information simultaneously.
9. sending node as claimed in claim 6, is characterized in that, described projection coordinate is Jacobi's projected coordinate system, and described the first computing unit is further used for, in calculating the process of described kP, for the calculating of 2P, carrying out in such a way:
According to described corresponding relation, obtain the affine some subpoint G=(X that P is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2P.
10. the data decryption method based on Elliptic Curve Public Key Cryptosystems, is characterized in that, comprising:
Receiving node receives the data encryption information of sending node, and the parameter group that described data encryption information is the default elliptic curve of sending node utilization, the first key and data message calculate;
Receiving node utilizes parameter group and second key corresponding to described the first key of described elliptic curve, and described data encryption information is decrypted;
Wherein, in the decrypting process of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate;
Receiving node further receives the identification information of sending node, and in the decrypting process of described data encryption information, utilize the PKI of the parameter group of described elliptic curve, the identification information of sending node and described sending node, digital signature information carried out to signature authentication, comprising:
When in the r in described digital signature information (r, s) or s, any does not belong to interval [1, n-1], the failure of judgement digital signature identification, wherein n is the Prime Orders of the basic point of described elliptic curve;
When r and s all belong to interval [1, n-1], use default hash function to carry out hash computing to the identification information m of sending node, obtain Hash Value e, and to s -1delivery n computing obtains w;
Calculate u 1p and u 2q, and calculate u 1p+u 2q obtains T, wherein, and u 1=ewmodn, u 2=rwmodn, P=(P x, P y) representing the basic point of described elliptic curve, Q represents described PKI;
When T=∞, the failure of judgement signature authentication;
When T ≠ ∞, by the x coordinate x of T 4be converted to integer and right delivery n computing obtains v, and judges whether v=r sets up: if set up, digital signature identification passes through; Otherwise digital signature identification failure.
11. data decryption methods as claimed in claim 10, is characterized in that, wherein, by the point doubling on described elliptic curve, are transformed under projected coordinate system and calculate, and specifically comprise:
Described elliptic curve is projected to projected coordinate system, described elliptic curve is converted to the equation under projected coordinate system, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
According to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system;
Utilize described corresponding relation and described computing formula, by the point doubling on described elliptic curve, be transformed under described projected coordinate system and calculate.
12. data decryption methods as claimed in claim 10, is characterized in that,
The PKI that described the first key is receiving node, the private key that described the second key is receiving node, described data message is cleartext information.
13. data decryption methods as claimed in claim 10, is characterized in that,
The private key that described the first key is sending node, the PKI that described the second key is sending node, the identification information that described data message is sending node, the digital signature information that described data encryption information is sending node.
14. data decryption methods as claimed in claim 10, is characterized in that,
Described projection coordinate is Jacobi's projected coordinate system;
Calculating described u 1p or u 2in the process of Q, for the calculating of 2F, carry out in such a way, wherein F represents P or Q:
According to described corresponding relation, obtain the affine some subpoint G=(X that F is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2F.
15. 1 kinds of receiving nodes, is characterized in that, comprising:
Receiving element, for receiving the data encryption information of sending node, the parameter group that described data encryption information is the default elliptic curve of sending node utilization, the first key and data message calculate;
Decryption unit, for utilizing parameter group and second key corresponding to described the first key of described elliptic curve, is decrypted described data encryption information;
Wherein, described decryption unit is in the decrypting process of described data encryption information, described elliptic curve is converted to the equation under projected coordinate system, and utilize affine point on described elliptic curve and the corresponding relation between the subpoint on described equation, by the point doubling on described elliptic curve, be transformed under projected coordinate system and calculate;
Described decryption unit, also for the decrypting process in described data encryption information, utilizes the PKI of the parameter group of described elliptic curve, the identification information of sending node and described sending node, and digital signature information is carried out to signature authentication;
Described decryption unit comprises:
The first judging unit, when in the r in described digital signature information (r, s) or s, any does not belong to interval [1, n-1], the failure of judgement digital signature identification, wherein n is the Prime Orders of the basic point of described elliptic curve;
The first computing unit, when all belonging to interval [1, n-1] at r and s, is used default hash function to carry out hash computing to the identification information m of sending node, obtains Hash Value e, and to s -1delivery n computing obtains w;
The second computing unit, for calculating u 1p, wherein P=(P x, P y) represent the basic point of described elliptic curve;
The 3rd computing unit, for calculating u 2q, wherein Q represents described PKI;
The 3rd computing unit, for calculating u 1p+u 2q obtains T, wherein, and u 1=ewmodn, u 2=rwmodn;
The second judging unit, for when the T=∞, the failure of judgement signature authentication;
The 3rd judging unit, for when T ≠ ∞, by the x coordinate x of T 4be converted to integer and right delivery n computing obtains v, and judges whether v=r sets up: if set up, digital signature identification passes through; Otherwise digital signature identification failure.
16. receiving nodes as claimed in claim 15, is characterized in that, described decryption unit comprises:
Projecting cell, for described elliptic curve is projected to projected coordinate system, is converted to the equation under projected coordinate system by described elliptic curve, and the affine point on definite described elliptic curve and the corresponding relation between the subpoint on described equation;
Converting unit, for according to described corresponding relation, by the coordinate of the affine point in the point doubling formula of described elliptic curve being replaced with to the coordinate of subpoint, the computing formula of the point doubling that is converted to described elliptic curve under projected coordinate system;
Computing unit, for utilizing described corresponding relation and described computing formula, by the point doubling on described elliptic curve, is transformed under described projected coordinate system and calculates.
17. receiving nodes as claimed in claim 15, is characterized in that,
The private key that described the first key is sending node, the PKI that described the second key is sending node, the identification information that described data message is sending node, the digital signature information that described data encryption information is sending node;
Described receiving element, also for receiving the identification information of sending node.
18. receiving nodes as claimed in claim 15, is characterized in that,
Described projection coordinate is Jacobi's projected coordinate system;
Described the second computing unit, is further used for calculating described u 1p or u 2in the process of Q, for the calculating of 2F, carry out in such a way, wherein F represents P or Q:
According to described corresponding relation, obtain the affine some subpoint G=(X that F is corresponding 1: Y 1: Z 1);
According to formula solve and obtain 2G=(X 3: Y 3: Z 3);
According to described corresponding relation, subpoint 2G is converted to affine some 2F.
CN201010249089.7A 2010-08-09 2010-08-09 Data encryption method, data decryption method and nodes Expired - Fee Related CN101931529B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201010249089.7A CN101931529B (en) 2010-08-09 2010-08-09 Data encryption method, data decryption method and nodes
PCT/CN2010/079823 WO2012019407A1 (en) 2010-08-09 2010-12-15 Data encryption method, data decryption method, transmitting node and receiving node

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010249089.7A CN101931529B (en) 2010-08-09 2010-08-09 Data encryption method, data decryption method and nodes

Publications (2)

Publication Number Publication Date
CN101931529A CN101931529A (en) 2010-12-29
CN101931529B true CN101931529B (en) 2014-07-16

Family

ID=43370466

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010249089.7A Expired - Fee Related CN101931529B (en) 2010-08-09 2010-08-09 Data encryption method, data decryption method and nodes

Country Status (2)

Country Link
CN (1) CN101931529B (en)
WO (1) WO2012019407A1 (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102761412A (en) * 2011-04-27 2012-10-31 航天信息股份有限公司 P-element domain SM2 elliptic curve public key encryption, decryption and encryption-decryption hybrid system
CN102761415B (en) * 2011-04-27 2015-04-08 航天信息股份有限公司 System for generating, verifying and mixing digital signatures of p-element domain SM2 elliptic curves
CN102255729B (en) * 2011-07-07 2013-07-10 武汉理工大学 IBE (Internet Booking Engine) data encryption system based on medium digital certificate
CN104915179B (en) * 2015-04-28 2018-07-17 南京邮电大学 A kind of method of human body physiological data secret protection
CN105025474B (en) * 2015-06-26 2018-04-13 安徽大学 Lightweight digital signature method for wireless sensor network
CN106712965B (en) * 2017-01-17 2020-02-18 数安时代科技股份有限公司 Digital signature method and device and password equipment
CN106972924B (en) * 2017-03-23 2020-06-23 联想(北京)有限公司 Method and device for encryption, decryption, electronic signature and verification signature
CN108933670B (en) * 2018-10-18 2021-02-26 北京云测信息技术有限公司 Digital signature method and device, mobile device and storage medium
CN112995784B (en) * 2021-05-19 2021-09-21 杭州海康威视数字技术股份有限公司 Video data slice encryption method, device and system
CN113254968B (en) * 2021-06-04 2022-07-05 晶澄微电子(宁波)有限公司 ECC (error correction code) key exchange method, system, network equipment and storage medium for reducing modular inverse computation
CN113364585B (en) * 2021-06-04 2022-09-13 晶澄微电子(宁波)有限公司 ECC authentication method and system for reducing modular inverse computation
CN114001650B (en) * 2021-09-16 2023-09-29 北京市测绘设计研究院 Encryption method for conversion parameters of local coordinate system and arbitrary plane coordinate system
CN114244552B (en) * 2021-10-27 2024-04-19 中国银行股份有限公司 Data encryption transmission method and device based on block chain
CN114065171B (en) * 2021-11-11 2022-07-08 北京海泰方圆科技股份有限公司 Identity authentication method, device, system, equipment and medium
CN115001685B (en) * 2022-07-22 2022-10-21 北京信安世纪科技股份有限公司 Method, device, equipment and storage medium for inadvertent transmission
CN115378588B (en) * 2022-10-25 2023-05-26 北京信安世纪科技股份有限公司 Method, apparatus and storage medium for inadvertent transmission

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1444168A (en) * 2003-04-23 2003-09-24 浙江大学 Probability type asymmetric encipherment method based on public key certificate on ellipse curve
CN1890916A (en) * 2003-10-03 2007-01-03 松下电器产业株式会社 Information transfer system, encryption device, and decryption device using elliptic curve cryptography
CN101262345A (en) * 2008-01-04 2008-09-10 清华大学 Time point system for ellipse curve password system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5850443A (en) * 1996-08-15 1998-12-15 Entrust Technologies, Ltd. Key management system for mixed-trust environments
US20080104417A1 (en) * 2006-10-25 2008-05-01 Nachtigall Ernest H System and method for file encryption and decryption
CN101018125B (en) * 2007-03-02 2010-06-16 中兴通讯股份有限公司 Radio terminal security network and card locking method based on the ellipse curve public key cipher
CN101697513A (en) * 2009-10-26 2010-04-21 深圳华为通信技术有限公司 Digital signature method, device and system as well as digital signature verification method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1444168A (en) * 2003-04-23 2003-09-24 浙江大学 Probability type asymmetric encipherment method based on public key certificate on ellipse curve
CN1890916A (en) * 2003-10-03 2007-01-03 松下电器产业株式会社 Information transfer system, encryption device, and decryption device using elliptic curve cryptography
CN101262345A (en) * 2008-01-04 2008-09-10 清华大学 Time point system for ellipse curve password system

Also Published As

Publication number Publication date
WO2012019407A1 (en) 2012-02-16
CN101931529A (en) 2010-12-29

Similar Documents

Publication Publication Date Title
CN101931529B (en) Data encryption method, data decryption method and nodes
CN109584978B (en) Information processing method and system based on signature aggregation medical health monitoring network model
CA2806357C (en) Authenticated encryption for digital signatures with message recovery
CA2808701C (en) Authenticated encryption for digital signatures with message recovery
CN110545279A (en) block chain transaction method, device and system with privacy and supervision functions
US11870891B2 (en) Certificateless public key encryption using pairings
US9705683B2 (en) Verifiable implicit certificates
US9800418B2 (en) Signature protocol
CN110086599B (en) Hash calculation method and signcryption method based on homomorphic chameleon Hash function
US20170244566A1 (en) Component for connecting to a data bus, and methods for implementing a cryptographic functionality in such a component
CN102946602A (en) Mobile information system based privacy protection and encryption method
CN110545169B (en) Block chain method and system based on asymmetric key pool and implicit certificate
CN104301108A (en) Signcryption method based from identity environment to certificateless environment
US9544144B2 (en) Data encryption
US20150006900A1 (en) Signature protocol
CN114448641A (en) Privacy encryption method, electronic equipment, storage medium and chip
CN108055134B (en) Collaborative computing method and system for elliptic curve point multiplication and pairing operation
Kumar et al. An efficient implementation of digital signature algorithm with SRNN public key cryptography
US20220038267A1 (en) Methods and devices for secured identity-based encryption systems with two trusted centers
CN116743358A (en) Repudiation multi-receiver authentication method and system
Shim Comments on" A Cross-Layer Approach to Privacy-Preserving Authentication in WAVE-Enabled VANETs" by Biswas and Mišić
WO2016187689A1 (en) Signature protocol
Mohapatra Signcryption schemes with forward secrecy based on elliptic curve cryptography
Sajeev et al. Elliptic curve cryptography enabled security for wireless communication
CA2892318C (en) Signature protocol

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20140716

Termination date: 20170809