CN108243002B - Method, apparatus, device and computer readable storage medium for modular reduction - Google Patents
Method, apparatus, device and computer readable storage medium for modular reduction Download PDFInfo
- Publication number
- CN108243002B CN108243002B CN201810026230.3A CN201810026230A CN108243002B CN 108243002 B CN108243002 B CN 108243002B CN 201810026230 A CN201810026230 A CN 201810026230A CN 108243002 B CN108243002 B CN 108243002B
- Authority
- CN
- China
- Prior art keywords
- operand
- final value
- value
- reduction
- bit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Mathematical Physics (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Physics & Mathematics (AREA)
- Pure & Applied Mathematics (AREA)
- Algebra (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Executing Machine-Instructions (AREA)
Abstract
The invention discloses a modular reduction method, a device, equipment and a computer readable storage medium, wherein 0 is added to a first operand to complement to 512 bits to obtain a second operand, the second operand is calculated by a reduction algorithm to obtain a first final value, then 0 is added to the first final value to complement to 288 bits to obtain a third operand, the third operand is calculated by the reduction algorithm to obtain a second final value, whether the second final value is smaller than a preset threshold value or not is judged, and if yes, the second final value is output; if not, subtracting a preset threshold value from the second final value to obtain a third final value and outputting the third final value. The result output after twice reduction algorithm of the invention only needs to be reduced once or does not need to be reduced by the maximum value of the operational numerical range specified in the SM2 encryption algorithm, compared with the maximum value which needs to be reduced for many times in the prior art, the invention greatly reduces the times of reducing the maximum value, shortens the calculation time and improves the speed of modular reduction.
Description
Technical Field
The invention relates to the technical field of encryption algorithms, in particular to a modular reduction method. The invention also relates to a modular reduction device, equipment and a computer readable storage medium.
Background
The SM2 encryption algorithm is a commercial encryption algorithm formulated by the China national Cryptosystem, the SM2 encryption algorithm is modified based on an ECC (Elliptic Curve Cryptosystem) algorithm, and the SM2 encryption algorithm has a secret key length of 256 bits. At present, the SM2 series commercial cipher algorithm is widely popularized and applied in the field of commercial ciphers in China.
The SM2 encryption algorithm has many considerations in implementation, in the SM2 encryption algorithm, the length of input data must be 256 bits, and there may be a problem that the data length of output result is greater than 256 bits after two data are subjected to dot product operation, in order to meet the operation rule of the SM2 encryption algorithm, it is necessary to perform a modulo reduction operation on the data with the data length greater than 256 bits, the modulo reduction operation is to perform a reduction on a first operand requiring the modulo reduction to obtain a first operand with the data length close to 256 bits, and then perform a modulo reduction on a maximum value (a 256-bit first operand) within an operable value range specified in the SM2 encryption algorithm by using the first operand to obtain a result, that is, continuously subtract the maximum value by using the first operand with the data length close to 256 bits until the result is smaller than the maximum value. In the prior art, the data length of the result of the reduction of the modular reduction operation has a certain difference with 256 bits, so that the maximum value needs to be subtracted more times when the modular reduction operation is performed, the calculation time is long, and the calculation speed of the whole modular reduction operation is slow.
Therefore, how to provide a fast modulo reduction method, apparatus, device and computer readable storage medium is a problem to be solved by those skilled in the art.
Disclosure of Invention
An object of the present invention is to provide a die reduction method capable of increasing the speed of die reduction; it is another object of the present invention to provide a die reduction apparatus, device and computer-readable storage medium including the above method, which can also improve the speed of die reduction.
In order to solve the above technical problem, the present invention provides a method for reducing a mold shrinkage, comprising:
receiving a first operand to be reduced modulo a reduction;
adding 0 before the highest bit of the first operand until the first operand reaches 512 bits and obtaining a second operand;
calculating the second operand through a reduction algorithm to obtain a first final value;
adding 0 before the most significant bit of the first final value until the first final value reaches 288 bits and gets a third operand;
calculating the third operand by the reduction algorithm to obtain a second final value;
judging whether the second final value is smaller than a preset threshold value, if so, outputting the second final value; if not, subtracting the preset threshold value from the second final value to obtain a third final value and outputting the third final value;
wherein the preset threshold is the maximum value within the operable value range specified in the SM2 encryption algorithm.
Preferably, the process of calculating the second operand by a reduction algorithm to obtain the first final value specifically includes:
bitwise splitting the second operand into 16 32-bit fourth operands;
combining the fourth operand with 0 into 14 256-bit fifth operands;
and obtaining the first final value by the fifth operand through addition operation and subtraction operation.
Preferably, the process of calculating the third operand by the reduction algorithm to obtain the second final value specifically includes:
bitwise splitting the third operand into 9 32-bit sixth operands;
combining the sixth operand with 0 into 3 seventh operands of 256 bits;
and obtaining a second final value by the seventh operand through addition operation and subtraction operation.
In order to solve the above technical problem, the present invention further provides a die reduction apparatus, including:
a receiving unit for receiving a first operand to be reduced modulo;
a first processing unit for adding 0 before the most significant bit of the first operand until the first operand reaches 512 bits and getting a second operand;
the first reduction unit is used for calculating the second operand through a reduction algorithm to obtain a first final value;
a second processing unit to add 0 before the most significant bit of the first final value until the first final value reaches 288 bits and get a third operand;
the second reduction unit is used for calculating the third operand through the reduction algorithm to obtain a second final value;
the third processing unit is used for judging whether the second final value is smaller than a preset threshold value or not, and if so, outputting the second final value; if not, subtracting the preset threshold value from the second final value to obtain a third final value and outputting the third final value;
wherein the preset threshold is the maximum value within the operable value range specified in the SM2 encryption algorithm.
Preferably, the first reduction unit includes:
a first splitting unit for bit-wise splitting the second operand into 16 32-bit fourth operands;
a first combining unit for combining the fourth operand with 0 to form 14 256-bit fifth operands;
and the first operation unit is used for obtaining the first final value by the fifth operand through addition operation and subtraction operation.
Preferably, the second reduction unit includes:
a second splitting unit, configured to split the third operand into 9 sixth operands of 32 bits by bit;
a second combination unit for combining the sixth operand with 0 to form 3 seventh operands of 256 bits;
and the second operation unit is used for obtaining a second final value by the seventh operand through addition operation and subtraction operation.
In order to solve the above technical problem, the present invention also provides a mold reduction apparatus, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the modular reduction method as claimed in any one of the above when said computer program is executed.
In order to solve the above technical problem, the present invention further provides a computer-readable storage medium having a computer program stored thereon, where the computer program is executed by a processor to implement the steps of the modular reduction method according to any one of the preceding claims.
The invention provides a modular reduction method, a device, equipment and a computer readable storage medium, when a first operand is less than 512 bits, adding 0 to complement the first operand needing modular reduction to 512 bits to obtain a second operand, calculating the second operand through a reduction algorithm to obtain a first final value, then when the first final value is less than 288 bits, adding 0 to complement the first final value to 288 bits to obtain a third operand, calculating the third operand through the reduction algorithm to obtain a second final value, judging whether the second final value is less than a preset threshold value which is the maximum value in an operational numerical range specified in an SM2 encryption algorithm, and if so, judging that the second final value is the operand meeting the SM2 encryption algorithm specification; and if not, subtracting a preset threshold value from the second final value to obtain a third final value, wherein the third final value is an operand meeting the requirements of the SM2 encryption algorithm. The result output after twice reduction algorithm of the invention only needs to be reduced once or does not need to be reduced by the maximum value of the operational numerical range specified in the SM2 encryption algorithm, compared with the maximum value which needs to be reduced for many times in the prior art, the invention greatly reduces the times of reducing the maximum value, shortens the calculation time and improves the speed of modular reduction.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed in the prior art and the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
FIG. 1 is a flow chart of a method of modular reduction according to the present invention;
fig. 2 is a schematic structural diagram of a die reduction device provided in the present invention.
Detailed Description
The core of the invention is to provide a die reduction method which can improve the speed of die reduction; another core of the present invention is to provide a modular reduction apparatus, device and computer readable storage medium comprising the above method, which can also improve the speed of modular reduction.
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The present invention provides a method of mold reduction, as shown in fig. 1, fig. 1 is a flow chart of the method of mold reduction provided by the present invention, the method includes the following steps:
step S1: a first operand to be reduced modulo is received.
It should be noted that, in the SM2 encryption algorithm, it is specified that the maximum value of the operable value is a prime field P, where P is a 256-bit binary number, and the specific value can be written as 2256-2224-296+264The form of-1, in the SM2 encryption algorithm, when performing the dot product operation, the result may exceed P, and therefore the value exceeding P needs to be reduced modulo to a value less than P, where the first operand is the value exceeding P in the SM2 encryption algorithm.
Step S2: add 0 before the first operand most significant bit until the first operand reaches 512 bits and gets the second operand.
It should be noted that, the result of multiplying two P in the SM2 encryption algorithm does not exceed 512 bits at most, and in order to meet the operating characteristics of a 32-bit computer, the first operand that needs to be reduced modulo is normalized to a number that meets the operating characteristics of the computer, that is, 0 is added in front of the highest bit of the first operand until the first operand reaches 512 bits, the 512-bit operand is the second operand, and adding 0 in front of the highest bit of the first operand only changes the number of bits of the first operand, and does not change the value of the first operand.
Step S3: and calculating the second operand by a reduction algorithm to obtain a first final value.
It should be noted that the second operand is a 512-bit binary number, and the 512-bit second operand can be reduced to a binary number with a bit number not exceeding about 260 bits by the reduction algorithm, the binary number is the first final value, and the specific value of the first final value is about 0 to 15P.
Step S4: 0 is added before the most significant bit of the first final value until the first final value reaches 288 bits and the third operand is obtained.
It should be noted that, since the first final value calculated by the first reduction algorithm does not exceed 260 bits, and in order to satisfy the calculation characteristics of the 32-bit computer, the number of bits of the first final value needs to be complemented to a multiple of 32 closest to 260, that is, 0 is added before the highest bit of the first final value until the number of bits of the first final value reaches 288 bits, the binary number of the 288 bits is a third operand, and adding 0 before the highest bit of the first final value changes only the number of bits of the first final value and does not change the value of the first final value.
Step S5: and calculating the third operand by a reduction algorithm to obtain a second final value.
It should be noted that the third operand is 288 bits of binary number, and the 512 bits of third operand can be reduced to about 256 bits of binary number by the reduction algorithm, which is the second final value, and the specific value of the second final value is about 0-2P, and the second final value is very close to the maximum value P of the operable value range in the SM2 encryption algorithm.
Step S6: and judging whether the second final value is smaller than a preset threshold value, if so, entering the step S7, and if not, entering the step S8.
Step S7: a second final value is output.
Step S8: and subtracting a preset threshold value from the second final value to obtain a third final value and outputting the third final value.
It should be noted that, since the range of the second final value is about 0 to 2P, it is necessary to determine whether the second final value is reduced to the operable value range in the SM2 encryption algorithm, that is, whether the second final value is smaller than a preset threshold, where the preset threshold is the maximum value P in the operable value range specified in the SM2 encryption algorithm, if yes, it indicates that the value of the second final value is within 0 to P and already meets the operable value range in the SM2 encryption algorithm, at this time, the second final value is output, if no, it indicates that the value of the second final value is within 1P to 2P, at this time, the preset threshold P is subtracted from the second final value, so as to obtain a third final value in the value range of 0 to P, and output the third final value. The operation of subtracting P from the second final value is an operation of modulo P by the second final value, and the second final value and the third final value are operands conforming to the SM2 encryption algorithm.
Preferably, the process of calculating the first final value by the reduction algorithm on the second operand specifically includes:
bitwise splitting the second operand into 16 32-bit fourth operands;
combining the fourth operand with 0 to form 14 256-bit fifth operands;
and obtaining a first final value by the addition operation and the subtraction operation of the fifth operand.
In addition, when performing the first reduction operation, the 512-bit second operand needs to be split into 16 fourth operands of 32 bits from the upper bit to the lower bit in units of every 32 bits, for example: the 16 32-bit fourth operand, c15, c14, …, c1 and c0, is obtained after splitting. These 16 32-bit fourth operands are then recombined with 0 (note: the later-described 0 for recombination is included herein and refers to 32-bit 0) according to the rules of the reduction algorithm to obtain 14 256-bit fifth operands, for example: and recombining to obtain 14 256 fifth operands of s14, s15, …, s2 and s1, wherein s1 is obtained by recombining 8 32 fourth operands by taking s1 as an example, and s1 is sequentially c7, c6, c5, c4, c3, c2, c1 and c0 from high order to low order. The detailed recombination process is as follows:
s1={c7,c6,c5,c4,c3,c2,c1,c0}
s2={c15,0,0,0,0,0,0,0}
s3={c12,0,c15,c14,0,0,0,c13}
s4={c13,0,0,0,0,0,c14,c15}
s5={c14,0,0,0,c13,0,c15,c14}
s6={c8,c11,c13,c15,c14,0,c9,c10}
s7={c9,c14,c10,c13,c8,0,c11,c12}
s8={c10,c15,c14,c12,c11,0,c13,c8}
s9={c11,0,0,c9,c12,0,c10,c9}
s10={0,0,0,0,c15,0,c12,c11}
s11={0,0,0,0,0,c8,0,0}
s12={0,0,0,0,0,c9,0,0}
s13={0,0,0,0,0,c13,0,0}
s14={0,0,0,0,0,c14,0,0}
the 14 256-bit fifth operands are subjected to 14 times of addition and 4 times of subtraction according to a relation in a reduction algorithm to obtain a first final value R1, wherein the relation is as follows:
R1=s1+s2+s2+s2+s3+s3+s4+s4+s5+s5+s6+s7+s8+s9+s10-s11-s12-s13-s14
wherein s1, s2, …, s14 are 14 fifth operands of 256 bits. R1 is a number in the range of 0 to 15P.
Preferably, the process of calculating the third operand by the reduction algorithm to obtain the second final value specifically includes:
splitting the third operand bit-wise into 9 32-bit sixth operands;
combining the sixth operand with 0 to form 3 seventh operands of 256 bits;
and obtaining a second final value by the seventh operand through addition operation and subtraction operation.
In addition, when performing the second reduction operation, the 288-bit third operand needs to be split into 9 sixth operands of 32 bits from the upper bit to the lower bit in units of every 32 bits, for example: after splitting, 9 32-bit sixth operands of d8, d7, …, d1 and d0 are obtained. Then, the 9 32-bit sixth operands are recombined with 0 according to the rules of the reduction algorithm to obtain 3 256-bit seventh operands, for example: and obtaining three 256-bit seventh operands of r1, r2 and r3 after recombination, wherein r1 is taken as an example, r1 consists of 8 32-bit seventh operands, and d7, d6, d5, d4, d3, d2, d1 and d0 are arranged from the high order to the low order. The detailed recombination process is as follows:
r1={d7,d6,d5,d4,d3,d2,d1,d0}
r2={d8,0,0,0,d8,0,0,d8}
r3={0,0,0,0,0,d8,0,0}
and performing 1 addition operation and 1 subtraction operation on the 3 256-bit seventh operands according to a relation in a reduction algorithm to obtain a second final value R2, wherein the specific relation is as follows:
r2 is R1+ R2-R3, wherein R1, R2 and R3 are seven operands with 256 bits, and R2 is a number in the range of 0-2P.
It can be understood that in the SM2 encryption algorithm, it can be considered that the splitting and combining of operands are not time-consuming, and compared with the prior art that the operands after the first reduction need to be reduced by P (7 times are required on average, and 14 times are required in the worst case), the operand obtained by the first fast reduction algorithm provided by the present invention only needs to be added and subtracted once to obtain the second final value of 0-2P, and the second final value only needs to be reduced by P1 time, so that the number of computations is greatly reduced, and the speed of the reduction algorithm is accelerated.
The invention provides a modular reduction method, when a first operand is less than 512 bits, adding 0 to a first operand needing modular reduction to complement to 512 bits and obtain a second operand, calculating the second operand through a reduction algorithm to obtain a first final value, then adding 0 to the first final value to complement to 288 bits and obtain a third operand when the first final value is less than 288 bits, calculating the third operand through the reduction algorithm to obtain a second final value, judging whether the second final value is less than a preset threshold value, wherein the preset threshold value is the maximum value in an operable numerical range specified in an SM2 encryption algorithm, and if so, indicating that the second final value is the operand meeting the SM2 encryption algorithm; and if not, subtracting a preset threshold value from the second final value to obtain a third final value, wherein the third final value is an operand meeting the requirements of the SM2 encryption algorithm. The result output after twice reduction algorithm of the invention only needs to be reduced once or does not need to be reduced by the maximum value of the operational numerical range specified in the SM2 encryption algorithm, compared with the maximum value which needs to be reduced for many times in the prior art, the invention greatly reduces the times of reducing the maximum value, shortens the calculation time and improves the speed of modular reduction.
The present invention also provides a mold reduction apparatus, as shown in fig. 2, fig. 2 is a schematic structural diagram of the mold reduction apparatus provided by the present invention, and the apparatus includes:
a receiving unit for receiving a first operand to be reduced modulo;
a first processing unit for adding 0 before the most significant bit of the first operand until the first operand reaches 512 bits and obtaining a second operand;
the first reduction unit is used for calculating the second operand through a reduction algorithm to obtain a first final value;
a second processing unit to add 0 before the most significant bit of the first final value until the first final value reaches 288 bits and obtain a third operand;
the second reduction unit is used for calculating the third operand through a reduction algorithm to obtain a second final value;
the third processing unit is used for judging whether the second final value is smaller than a preset threshold value or not, and if so, outputting the second final value; if not, subtracting a preset threshold value from the second final value to obtain a third final value and outputting the third final value;
wherein the preset threshold is the maximum value within the operable value range specified in the SM2 encryption algorithm.
Preferably, the first reduction unit includes:
a first splitting unit for bit-wise splitting the second operand into 16 32-bit fourth operands;
a first combining unit for combining the fourth operand with 0 to form 14 256-bit fifth operands;
and the first operation unit is used for obtaining a first final value by the addition operation and the subtraction operation of the fifth operand.
Preferably, the second reduction unit includes:
a second splitting unit, configured to split the third operand into 9 sixth operands of 32 bits by bit;
a second combination unit for combining the sixth operand with 0 to form 3 seventh operands of 256 bits;
and the second operation unit is used for obtaining a second final value by the addition operation and the subtraction operation of the seventh operand.
The invention provides a modular reduction device, which is characterized in that when a first operand is less than 512 bits, 0 is added to the first operand needing modular reduction to complement the first operand to 512 bits to obtain a second operand, the second operand is calculated by a reduction algorithm to obtain a first final value, then when the first final value is less than 288 bits, 0 is added to the first final value to complement the first final value to 288 bits to obtain a third operand, the third operand is calculated by the reduction algorithm to obtain a second final value, whether the second final value is smaller than a preset threshold value is judged, the preset threshold value is the maximum value in an operational numerical value range specified in an SM2 encryption algorithm, and if yes, the second final value is the operand meeting the SM2 encryption algorithm specification; and if not, subtracting a preset threshold value from the second final value to obtain a third final value, wherein the third final value is an operand meeting the requirements of the SM2 encryption algorithm. The result output after twice reduction algorithm of the invention only needs to be reduced once or does not need to be reduced by the maximum value of the operational numerical range specified in the SM2 encryption algorithm, compared with the maximum value which needs to be reduced for many times in the prior art, the invention greatly reduces the times of reducing the maximum value, shortens the calculation time and improves the speed of modular reduction.
The present invention also provides a mold reduction apparatus comprising:
a memory for storing a computer program;
a processor for implementing the steps of the modular reduction method as claimed in any one of the above when executing a computer program.
The invention also provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the modular reduction method as in any one of the above.
For the introduction of the modular reduction apparatus and the computer readable storage medium provided by the present invention, please refer to the above method embodiments, which are not repeated herein.
The foregoing has described in detail a modular reduction method, apparatus, device, and computer-readable storage medium provided by the present invention. The principles and embodiments of the present invention are explained herein using specific examples, which are presented only to assist in understanding the method and its core concepts. It should be noted that, for those skilled in the art, it is possible to make various improvements and modifications to the present invention without departing from the principle of the present invention, and those improvements and modifications also fall within the scope of the claims of the present invention.
Claims (4)
1. A modular reduction method for encryption, comprising:
receiving a first operand to be reduced modulo a reduction; the first operand is a value that exceeds the prime field;
adding 0 before the highest bit of the first operand until the first operand reaches 512 bits and obtaining a second operand;
calculating the second operand through a reduction algorithm to obtain a first final value;
adding 0 before the most significant bit of the first final value until the first final value reaches 288 bits and gets a third operand;
calculating the third operand by the reduction algorithm to obtain a second final value;
judging whether the second final value is smaller than a preset threshold value, if so, outputting the second final value; if not, subtracting the preset threshold value from the second final value to obtain a third final value and outputting the third final value; the second final value and the third final value are both operands conforming to the SM2 encryption algorithm;
wherein the preset threshold is the maximum value in the operable value range specified in the SM2 encryption algorithm;
wherein, the process of calculating the second operand by a reduction algorithm to obtain the first final value specifically includes:
bitwise splitting the second operand into 16 32-bit fourth operands;
combining the fourth operand with 0 into 14 256-bit fifth operands;
obtaining the first final value by the addition operation and the subtraction operation of the fifth operand;
wherein the process of calculating the third operand by the reduction algorithm to obtain the second final value specifically includes:
bitwise splitting the third operand into 9 32-bit sixth operands;
combining the sixth operand with 0 into 3 seventh operands of 256 bits;
and obtaining a second final value by the seventh operand through addition operation and subtraction operation.
2. A modular reduction apparatus for encryption, comprising:
a receiving unit for receiving a first operand to be reduced modulo; the first operand is a value that exceeds the prime field;
a first processing unit for adding 0 before the most significant bit of the first operand until the first operand reaches 512 bits and getting a second operand;
the first reduction unit is used for calculating the second operand through a reduction algorithm to obtain a first final value;
a second processing unit to add 0 before the most significant bit of the first final value until the first final value reaches 288 bits and get a third operand;
the second reduction unit is used for calculating the third operand through the reduction algorithm to obtain a second final value;
the third processing unit is used for judging whether the second final value is smaller than a preset threshold value or not, and if so, outputting the second final value; if not, subtracting the preset threshold value from the second final value to obtain a third final value and outputting the third final value; the second final value and the third final value are both operands conforming to the SM2 encryption algorithm;
wherein the preset threshold is the maximum value in the operable value range specified in the SM2 encryption algorithm;
wherein the first reduction unit includes:
a first splitting unit for bit-wise splitting the second operand into 16 32-bit fourth operands;
a first combining unit for combining the fourth operand with 0 to form 14 256-bit fifth operands;
the first operation unit is used for obtaining the first final value through addition operation and subtraction operation of the fifth operand;
wherein the second reduction unit includes:
a second splitting unit, configured to split the third operand into 9 sixth operands of 32 bits by bit;
a second combination unit for combining the sixth operand with 0 to form 3 seventh operands of 256 bits;
and the second operation unit is used for obtaining a second final value by the seventh operand through addition operation and subtraction operation.
3. A modular reduction apparatus for encryption, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the modular reduction method as claimed in claim 1 when executing said computer program.
4. A computer-readable storage medium, having stored thereon a computer program which, when being executed by a processor, carries out the steps of the modular reduction method according to claim 1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810026230.3A CN108243002B (en) | 2018-01-11 | 2018-01-11 | Method, apparatus, device and computer readable storage medium for modular reduction |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810026230.3A CN108243002B (en) | 2018-01-11 | 2018-01-11 | Method, apparatus, device and computer readable storage medium for modular reduction |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108243002A CN108243002A (en) | 2018-07-03 |
| CN108243002B true CN108243002B (en) | 2021-03-16 |
Family
ID=62699533
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810026230.3A Active CN108243002B (en) | 2018-01-11 | 2018-01-11 | Method, apparatus, device and computer readable storage medium for modular reduction |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108243002B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101763241A (en) * | 2010-01-20 | 2010-06-30 | 西安电子科技大学 | Large integer modular arithmetic device for realizing signature algorithm in ECC cryptosystem and modular method therefor |
| US8971528B2 (en) * | 2013-01-29 | 2015-03-03 | Certicom Corp. | Modified elliptic curve signature algorithm for message recovery |
| CN107147495A (en) * | 2017-05-25 | 2017-09-08 | 广东工业大学 | Binary expands the implementation method of SM2 AESs on domain |
-
2018
- 2018-01-11 CN CN201810026230.3A patent/CN108243002B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101763241A (en) * | 2010-01-20 | 2010-06-30 | 西安电子科技大学 | Large integer modular arithmetic device for realizing signature algorithm in ECC cryptosystem and modular method therefor |
| US8971528B2 (en) * | 2013-01-29 | 2015-03-03 | Certicom Corp. | Modified elliptic curve signature algorithm for message recovery |
| CN107147495A (en) * | 2017-05-25 | 2017-09-08 | 广东工业大学 | Binary expands the implementation method of SM2 AESs on domain |
Non-Patent Citations (1)
| Title |
|---|
| 国密SM2在SoPC上快速运算的研究和实现;邵梦丽;《中国优秀硕士学位论文全文数据库 信息科技辑》;20171115;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108243002A (en) | 2018-07-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7908641B2 (en) | Modular exponentiation with randomized exponent | |
| US20150063561A1 (en) | Protection of a calculation against side-channel attacks | |
| CN107004084B (en) | Multiplicative mask for cryptographic operations | |
| US20210391975A1 (en) | Exponent splitting for cryptographic operations | |
| US11003769B2 (en) | Elliptic curve point multiplication operation method and apparatus | |
| CN106681690A (en) | Montgomery modular multiplication based data processing method, modular multiplication operation method and device | |
| CN111092718A (en) | Encryption method and device and electronic equipment | |
| RU2680761C1 (en) | Secure data transformations | |
| CN108243002B (en) | Method, apparatus, device and computer readable storage medium for modular reduction | |
| CN112737778B (en) | Digital signature generation and verification method and device, electronic equipment and storage medium | |
| CN114465728B (en) | Method, device, equipment and storage medium for attacking elliptic curve signature algorithm | |
| US20120069998A1 (en) | Encryption device | |
| CN114584285B (en) | Secure multiparty processing method and related device | |
| CN114760055A (en) | Secret sharing method, system, storage medium and device based on Messen prime number | |
| US20140355755A1 (en) | Apparatus and method for performing compression operation in hash algorithm | |
| CN110505051B (en) | Character string hash processing method and device | |
| CN109947393B (en) | Operation method and device based on remainder device | |
| CN114868175A (en) | Final power calculation device, pairing operation device, encryption processing device, final power calculation method, and final power calculation program | |
| CN108075889A (en) | A kind of data transmission method and system for reducing encryption and decryption operation time complexity | |
| JP2011081594A (en) | Data processor and data processing program | |
| CN114978641A (en) | Data processing method, device and equipment | |
| US20240171401A1 (en) | Method for calculating using an one-way function effienct in a zero knowledge proof, and apparatus implementing the same method | |
| US20240007292A1 (en) | Calculating method using zero-knowledge proof-friendly one-way function, and apparatus for implementing the same | |
| CN108804883B (en) | Method and device for running obfuscated code | |
| KR101524661B1 (en) | Calculating apparatus and method for Triple-Base Chain elliptic curve scalar multiplication by reordering |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |