CN109241784A - A kind of close SM2 signature verification method of the state of SSD and system - Google Patents

A kind of close SM2 signature verification method of the state of SSD and system Download PDF

Info

Publication number
CN109241784A
CN109241784A CN201810935578.4A CN201810935578A CN109241784A CN 109241784 A CN109241784 A CN 109241784A CN 201810935578 A CN201810935578 A CN 201810935578A CN 109241784 A CN109241784 A CN 109241784A
Authority
CN
China
Prior art keywords
mould
unit
module
calculated value
multiplication operation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810935578.4A
Other languages
Chinese (zh)
Inventor
李湘锦
张鹏
董怀玉
王宏伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Union Memory Information System Co Ltd
Original Assignee
Shenzhen Union Memory Information System Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Union Memory Information System Co Ltd filed Critical Shenzhen Union Memory Information System Co Ltd
Priority to CN201810935578.4A priority Critical patent/CN109241784A/en
Publication of CN109241784A publication Critical patent/CN109241784A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/60Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
    • G06F7/72Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computational Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of close SM2 signature verification method of the state of SSD and systems, and wherein method includes: the configuration data for obtaining ahb bus and sending;Configuration data is handled;The relevant parameter obtained after processing is subjected to point multiplication operation;The data obtained conducive to point multiplication operation carry out signature calculation, obtain the calculated value with signing messages;Verifying has the calculated value of signing messages, and verification result is saved.The configuration data that a kind of close SM2 signature verification method of state of SSD of the present invention and system are sent by obtaining ahb bus, then handled to obtain required Various types of data parameter in signature verification to configuration data, the close SM2 signature verification of state can be realized, reduce the consumption of storage resource, cpu performance is discharged, signature verification speed is faster.

Description

A kind of close SM2 signature verification method of the state of SSD and system
Technical field
The present invention relates to solid state hard disk, the close SM2 signature verification method of the more specifically a kind of state of SSD and system.
Background technique
Currently, data safety is increasingly valued by people, SSD (the Solid State with encryption function Drives solid state hard disk) the increasingly extensive but current close SM2 signature verification needs of SSD realization state with encryption function of application Biggish memory space is consumed, occupies cpu resource, software control is complicated, and working efficiency is low.
Summary of the invention
It is an object of the invention to overcome the deficiencies of the prior art and provide a kind of close SM2 signature verification method of the state of SSD and System.
To achieve the above object, the invention adopts the following technical scheme: a kind of close SM2 signature verification method of state of SSD, institute The method of stating includes:
Obtain the configuration data that ahb bus is sent;
Configuration data is handled;
The relevant parameter obtained after processing is subjected to point multiplication operation;
The data obtained conducive to point multiplication operation carry out signature calculation, obtain the calculated value with signing messages;
Verifying has the calculated value of signing messages, and verification result is saved.
Its further technical solution are as follows: described the step of configuration data is handled, specifically includes the following steps:
Parse configuration data;
Data after parsing are sent into key control unit.
Its further technical solution are as follows: the described the step of relevant parameter obtained after processing is subjected to point multiplication operation, specifically The following steps are included:
Key control unit calls point multiplication operation unit and mould to carry out operation against computing unit, wherein the point multiplication operation Unit includes that point plus calculating and a times point calculate;
Point multiplication operation cell call dot product basic computational ele- ment, multiplying unit and the mould fx operation with pipeline Unit carries out operation.
Its further technical solution are as follows: the data obtained conducive to point multiplication operation carry out signature calculation, obtain with label The step of calculated value of name information, specifically includes the following steps:
Obtain the calculated value and private key random number that point multiplication operation obtains;
Key control unit calls mould n arithmetic element to carry out adding mould, multiply mould and the inverse calculating of mould;
Mould n arithmetic element controls the division arithmetic unit of mould n and multiplying unit carries out operation.
Its further technical solution are as follows: the verifying has the calculated value of signing messages, and the step that verification result is saved Suddenly, specifically includes the following steps:
Obtain the value that latest computed obtains in register;
New calculated value is compared with the calculated value for having signing messages in register;
If numerical value is identical, it is verified;
If numerical value is different, verifies and do not pass through.
A kind of close SM2 signature verification system of the state of SSD, the system comprises acquiring unit, processing unit, arithmetic element, Signature calculation unit and authentication unit;
The acquiring unit, for obtaining the configuration data of ahb bus transmission;
The processing unit, for handling configuration data;
The arithmetic element, for the relevant parameter obtained after processing to be carried out point multiplication operation;
The signature calculation unit carries out signature calculation for being conducive to the data that point multiplication operation obtains, obtains with signature The calculated value of information;
The authentication unit for verifying the calculated value for having signing messages, and verification result is saved.
Its further technical solution are as follows: the processing unit includes parsing module and writing module;
The parsing module, for parsing configuration data;
The write module is sent into key control unit for the data after parsing.
Its further technical solution are as follows: the arithmetic element includes the key control unit calling module and dot product fortune Calculate cell call module;
The key control unit calling module calls point multiplication operation unit and the inverse calculating of mould single for key control unit Member carries out operation, wherein the point multiplication operation unit adds including calculates and put again calculating;
The point multiplication operation cell call module is transported for point multiplication operation cell call dot product basic computational ele- ment, multiplication It calculates unit and the mould fx arithmetic element with pipeline carries out operation.
Its further technical solution are as follows: the signature calculation unit include private key random number module, mould n computing module and Mould n control module;
The private key random number module, for obtaining the calculated value and private key random number that point multiplication operation obtains;
The mould n computing module calls mould n arithmetic element to carry out plus mould, multiplies mould and mould is inverse for key control unit It calculates;
The mould n control module, for mould n arithmetic element control mould n division arithmetic unit and multiplying unit into Row operation.
Its further technical solution are as follows: the authentication unit includes that calculated value obtains module and comparison module;
The calculated value obtains module, the value obtained for obtaining latest computed in register;
The comparison module, for new calculated value to be compared with the calculated value for having signing messages in register, If numerical value is identical, it is verified, if numerical value is different, verifies and do not pass through.
Compared with the prior art, the invention has the advantages that: a kind of close SM2 signature verification method of the state of SSD of the present invention and The configuration data that system is sent by obtaining ahb bus, required for then being handled to obtain in signature verification to configuration data Various types of data parameter, the close SM2 signature verification of state can be realized, reduce the consumption of storage resource, discharge cpu performance, signature Verifying speed is faster.
The above description is only an overview of the technical scheme of the present invention, can in order to better understand technical measure It is implemented in accordance with the contents of the specification, and in order to make above and other objects of the present invention, feature and advantage brighter Show understandable, special below to lift preferred embodiment, detailed description are as follows.
Detailed description of the invention
Fig. 1 is a kind of flow chart of the close SM2 signature verification method specific embodiment of the state of SSD of the present invention;
Fig. 2 is to handle in a kind of close SM2 signature verification method specific embodiment of the state of SSD of the present invention configuration data Flow chart;
Fig. 3 is the process that point multiplication operation is carried out in a kind of close SM2 signature verification method specific embodiment of the state of SSD of the present invention Figure;
Fig. 4 is the flow chart of signature calculation in a kind of close SM2 signature verification method specific embodiment of the state of SSD of the present invention;
Fig. 5 is the process of signing messages verifying in a kind of close SM2 signature verification method specific embodiment of the state of SSD of the present invention Figure;
Fig. 6 is a kind of structure chart of the close SM2 signature verification system specific embodiment of the state of SSD of the present invention;
Fig. 7 is the structure chart of processing unit in a kind of close SM2 signature verification system specific embodiment of the state of SSD of the present invention;
Fig. 8 is the structure chart of arithmetic element in a kind of close SM2 signature verification system specific embodiment of the state of SSD of the present invention;
Fig. 9 is the structure of signature calculation unit in a kind of close SM2 signature verification system specific embodiment of the state of SSD of the present invention Figure;
Figure 10 is the structure chart of authentication unit in a kind of close SM2 signature verification system specific embodiment of the state of SSD of the present invention.
Specific embodiment
In order to more fully understand technology contents of the invention, combined with specific embodiments below to technical solution of the present invention into One step introduction and explanation, but not limited to this.
It should be appreciated that herein, relational terms such as first and second and the like are used merely to an entity/behaviour Work/object is distinguished with another entity/operation/object, without necessarily requiring or implying these entity/operation/objects Between there are any actual relationship or orders.
It is also understood that the terms "include", "comprise" or any other variant thereof is intended to cover non-exclusive inclusion, So that the process, method, article or the system that include a series of elements not only include those elements, but also including not having The other element being expressly recited, or further include for this process, method, article or the intrinsic element of system.Do not having In the case where having more limitations, the element that is limited by sentence "including a ...", it is not excluded that include the element process, There is also other identical elements in method, article or system.
As shown in Figs. 1-5, the present invention provides a kind of close SM2 signature verification methods of the state of SSD, this method comprises:
S10, the configuration data that ahb bus is sent is obtained;
S20, configuration data is handled;
S30, the relevant parameter obtained after processing is subjected to point multiplication operation;
S40, the data obtained conducive to point multiplication operation carry out signature calculation, obtain the calculated value with signing messages;
S50, verifying have the calculated value of signing messages, and verification result is saved.
Specifically, register can receive the configuration data of ahb bus transmission, then configuration data is handled and is signed Required Various types of data parameter in name verifying, can be realized the close SM2 signature verification of state, The present invention reduces disappearing for storage resource Consumption, can discharge cpu performance, improve signature verification speed.
In certain embodiments, step S20 specifically includes the following steps:
S201, parsing configuration data;
S202, the data after parsing are sent into key control unit.
Specifically, parsing data include Hash Value, system parameter, the rank of basic point G, the random number of signature, basic point G, Public key and private key.These data parsed can be sent in key control unit, to realize signature or authentication function.
In certain embodiments, step S30 specifically includes the following steps:
S301, key control unit call point multiplication operation unit and mould to carry out operation against computing unit, wherein point multiplication operation Unit includes that point plus calculating and a times point calculate;
S302, point multiplication operation cell call dot product basic computational ele- ment, multiplying unit and the mould with pipeline Fx arithmetic element carries out operation.
Specifically, point multiplication operation unit includes that point plus calculating and a times point calculate, the point under the standard projection based on two element field Add/point doubling is as follows:
Input (x1, y1, z1)(x2, y2, z2);
Export (x3, y3, z3);
Point add operation formula:
Z3=(λ12)3(Z1Z2)
λ1=X1Z2
λ2=X2Z1
Further abbreviation formula, facilitates logic to realize, considers the realization of pipeline, improves calculated performance:
stp1:r7=z1*z2
stp2:r1=x1*z2
stp3:r2=x2*z1
stp4:r4=y1*z2
stp5:r5=y2*z1
stp6:t0=(r1^r2)*r7
stp7:t1=(r1^r2)*(r1^r2)
stp8:t2=r2*r4
stp9:t3=r1*r5
stp10:z2=t0*t1
stp11:t4=(t2^t3)*r7
stp12:t2=r1*r2
stp13:t0=r1*t1
stp14:t3=t2*(r1^r2)
stp15:t2=r4*(r1^r2)
stp16:t0=(r4^r5)*(t0^t3^t4)
stp17:x2=(t3^t4)*(r1^r2)
stp18:t4=t1*t2
stp19:y2=t0^x2^t4
Point doubling formula:
Z3=(x1z1)3
X3=(x1z1)(bz1 4+x1 4)
Y3=x1 4(x1 2+y1z1)+x1 4x1z1+bz1 4(x1 2+y1z1)
Further abbreviation formula, facilitates logic to realize, considers the realization of pipeline, improves calculated performance:
stp1:r7=z1*z1
stp2:r1=x1*z1
stp3:r2=x1*x1
stp4:r4=r1*r1
stp5:r5=y1*z1
stp6:r5=r2^r5
stp7:t0=r1*r1
stp8:t2=r7*r7
stp9:t1=r2*r2
stp10:t3=b*t2
stp11:z2=r1*t0
stp12:x2=r1*(t1^t3)
stp13:t4=t1*r5
stp14:t3=t2*r5
stp15:t2=t1*r1
stp16:t3=b*t3
stp17:y2=t2^t3^t4^x2
The calculating of mould against computing unit is as follows:
Input: A (GF (2257))
Output: A-1
Stp1:T=A2// mould side
Stp2:X=AT=A3// modular multiplication exports as X
Stp3:T=X2// mould side
Stp4:T=T2// execute 1 time, it is equivalent to 2 times squares of progress
Stp5:X=XT//modular multiplication
Stp6:T=X2// mould side
Stp7:T=T2// execute 3 times, it is equivalent to 4 times squares of progress
Stp8:X=XT//modular multiplication
Stp9:T=X2// mould side
Stp10:T=T2// execute 7 times, it is equivalent to 8 times squares of progress
Stp11:X=XT//modular multiplication
Stp12:T=X2// mould side
Stp13:T=T2// execute 15 times, it is equivalent to 16 times squares of progress
Stp14:X=XT//modular multiplication
Stp15:T=X2// mould side
Stp16:T=T2// execute 31 times, it is equivalent to 32 times squares of progress
Stp17:X=XT//modular multiplication
Stp18:T=X2// mould side
Stp19:T=T2// execute 63 times, it is equivalent to 64 times squares of progress
Stp20:X=XT//modular multiplication
Stp21:T=X2// mould side
Stp22:T=T2// execute 127 times, it is equivalent to 128 times squares of progress
Stp23:X=XT//modular multiplication
Stp27:A=X2// as inverse
Using the arithmetic speed that can be improved of this algorithm, such as work as m=257, needs 256 mould quadratic sums, 8 modular multiplication behaviour Make, and when existing algorithm such as m=257, need to carry out 256 mould quadratic sums, 255 modular multiplications.
In certain embodiments, step S40 specifically includes the following steps:
S401, calculated value and private key random number that point multiplication operation obtains are obtained;
S402, key control unit call mould n arithmetic element to carry out adding mould, multiply mould and the inverse calculating of mould;
S403, the division arithmetic unit of mould n arithmetic element control mould n and multiplying unit carry out operation.
Specifically, division arithmetic unit: n is the rank of basic point G, n*G=0;Inputting dividend dividend, (bit wide is multinomial 2 times of formula base length), output divisor divisor (length that bit wide is polynomial basis) is exported remainder (remainder);
Multiplying unit: inputting a/b to be multiplied (length that bit wide is polynomial basis), exports as the data after multiplying 2 times of polynomial basis length (bit wide be).
In certain embodiments, step S50 specifically includes the following steps:
S501, the value that latest computed obtains in register is obtained;
S502, new calculated value is compared with the calculated value for having signing messages in register;
If S503, numerical value are identical, it is verified;
If S504, numerical value are different, verify and do not pass through.
It should be understood that the size of the serial number of each step is not meant that the order of the execution order in above-described embodiment, each process Execution sequence should be determined by its function and internal logic, the implementation process without coping with the embodiment of the present invention constitutes any limit It is fixed.
The close SM2 signature verification method of state corresponding to a kind of SSD described in above-described embodiment, the present invention provides one kind The close SM2 signature verification system of the state of SSD.
As illustrated in figures 6-10, the close SM2 signature verification system of a kind of state of SSD, system include acquiring unit, processing unit, Arithmetic element, signature calculation unit and authentication unit;
Acquiring unit 1, for obtaining the configuration data of ahb bus transmission;
Processing unit 2, for handling configuration data;
Arithmetic element 3, for the relevant parameter obtained after processing to be carried out point multiplication operation;
Signature calculation unit 4 carries out signature calculation for being conducive to the data that point multiplication operation obtains, obtains with signing messages Calculated value;
Authentication unit 5 for verifying the calculated value for having signing messages, and verification result is saved.
Specifically, register can receive the configuration data of ahb bus transmission, then configuration data is handled and is signed Required Various types of data parameter in name verifying, can be realized the close SM2 signature verification of state, The present invention reduces disappearing for storage resource Consumption, can discharge cpu performance, improve signature verification speed.
In certain embodiments, processing unit 2 includes parsing module 21 and writing module 22;
Parsing module 21, for parsing configuration data;
Writing module 22 is sent into key control unit for the data after parsing.
Specifically, parsing data include Hash Value, system parameter, the rank of basic point G, the random number of signature, basic point G, Public key and private key.These data parsed can be sent in key control unit, to realize signature or authentication function.
In certain embodiments, arithmetic element 3 includes key control unit calling module 31 and point multiplication operation unit tune With module 32;
Key control unit calling module 31 calls point multiplication operation unit and mould against computing unit for key control unit Carry out operation, wherein point multiplication operation unit includes that point plus calculating and a times point calculate;
Point multiplication operation cell call module 32 is used for point multiplication operation cell call dot product basic computational ele- ment, multiplying Unit and mould fx arithmetic element with pipeline carry out operation.
S301, key control unit call point multiplication operation unit and mould to carry out operation against computing unit, wherein point multiplication operation Unit includes that point plus calculating and a times point calculate;
S302, point multiplication operation cell call dot product basic computational ele- ment, multiplying unit and the mould with pipeline Fx arithmetic element carries out operation.
Specifically, point multiplication operation unit includes that point plus calculating and a times point calculate, the point under the standard projection based on two element field Add/point doubling is as follows:
Input (x1, y1, z1)(x2, y2, z2);
Export (x3, y3, z3);
Point add operation formula:
Z3=(λ12)3(Z1Z2)
λ1=X1Z2
λ2=X2Z1
Further abbreviation formula, facilitates logic to realize, considers the realization of pipeline, improves calculated performance:
stp1:r7=z1*z2
stp2:r1=x1*z2
stp3:r2=x2*z1
stp4:r4=y1*z2
stp5:r5=y2*z1
stp6:t0=(r1^r2)*r7
stp7:t1=(r1^r2)*(r1^r2)
stp8:t2=r2*r4
stp9:t3=r1*r5
stp10:z2=t0*t1
stp11:t4=(t2^t3)*r7
stp12:t2=r1*r2
stp13:t0=r1*t1
stp14:t3=t2*(r1^r2)
stp15:t2=r4*(r1^r2)
stp16:t0=(r4^r5)*(t0^t3^t4)
stp17:x2=(t3^t4)*(r1^r2)
stp18:t4=t1*t2
stp19:y2=t0^x2^t4
Point doubling formula:
Z3=(x1z1)3
X3=(x1z1)(bz1 4+x1 4)
Y3=x1 4(x1 2+y1z1)+x1 4x1z1+bz1 4(x1 2+y1z1)
Further abbreviation formula, facilitates logic to realize, considers the realization of pipeline, improves calculated performance:
stp1:r7=z1*z1
stp2:r1=x1*z1
stp3:r2=x1*x1
stp4:r4=r1*r1
stp5:r5=y1*z1
stp6:r5=r2^r5
stp7:t0=r1*r1
stp8:t2=r7*r7
stp9:t1=r2*r2
stp10:t3=b*t2
stp11:z2=r1*t0
stp12:x2=r1*(t1^t3)
stp13:t4=t1*r5
stp14:t3=t2*r5
stp15:t2=t1*r1
stp16:t3=b*t3
stp17:y2=t2^t3^t4^x2
The calculating of mould against computing unit is as follows:
Input: A (GF (2257))
Output: A-1
Stp1:T=A2// mould side
Stp2:X=AT=A3// modular multiplication exports as X
Stp3:T=X2// mould side
Stp4:T=T2// execute 1 time, it is equivalent to 2 times squares of progress
Stp5:X=XT//modular multiplication
Stp6:T=X2// mould side
Stp7:T=T2// execute 3 times, it is equivalent to 4 times squares of progress
Stp8:X=XT//modular multiplication
Stp9:T=X2// mould side
Stp10:T=T2// execute 7 times, it is equivalent to 8 times squares of progress
Stp11:X=XT//modular multiplication
Stp12:T=X2// mould side
Stp13:T=T2// execute 15 times, it is equivalent to 16 times squares of progress
Stp14:X=XT//modular multiplication
Stp15:T=X2// mould side
Stp16:T=T2// execute 31 times, it is equivalent to 32 times squares of progress
Stp17:X=XT//modular multiplication
Stp18:T=X2// mould side
Stp19:T=T2// execute 63 times, it is equivalent to 64 times squares of progress
Stp20:X=XT//modular multiplication
Stp21:T=X2// mould side
Stp22:T=T2// execute 127 times, it is equivalent to 128 times squares of progress
Stp23:X=XT//modular multiplication
Stp27:A=X2// as inverse
Using the arithmetic speed that can be improved of this algorithm, such as work as m=257, needs 256 mould quadratic sums, 8 modular multiplication behaviour Make, and when existing algorithm such as m=257, need to carry out 256 mould quadratic sums, 255 modular multiplications.
In certain embodiments, signature calculation unit 4 includes private key random number module 41, mould n computing module 42 and mould n Control module 43;
Private key random number module 41, for obtaining the calculated value and private key random number that point multiplication operation obtains;
Mould n computing module 42 calls mould n arithmetic element to carry out adding mould, multiplies mould and mould based on by key control unit It calculates;
Mould n control module 43, division arithmetic unit and multiplying unit for mould n arithmetic element control mould n carry out Operation.
Specifically, division arithmetic unit: n is the rank of basic point G, n*G=0;Inputting dividend dividend, (bit wide is multinomial 2 times of formula base length), output divisor divisor (length that bit wide is polynomial basis) is exported remainder (remainder);
Multiplying unit: inputting a/b to be multiplied (length that bit wide is polynomial basis), exports as the data after multiplying 2 times of polynomial basis length (bit wide be).
In certain embodiments, authentication unit 5 includes that calculated value obtains module 51 and comparison module 2;
Calculated value obtains module 51, the value obtained for obtaining latest computed in register;
Comparison module 52, for new calculated value to be compared with the calculated value for having signing messages in register, if Numerical value is identical, then is verified, if numerical value is different, verifies and does not pass through.
It is apparent to those skilled in the art that for convenience of description and succinctly, only with above-mentioned each function Can unit, module division progress for example, in practical application, can according to need and by above-mentioned function distribution by different Functional unit, module are completed, i.e., the internal structure of described device is divided into different functional unit or module, more than completing The all or part of function of description.Each functional unit in embodiment, module can integrate in one processing unit, can also To be that each unit physically exists alone, can also be integrated in one unit with two or more units, it is above-mentioned integrated Unit both can take the form of hardware realization, can also realize in the form of software functional units.In addition, each function list Member, the specific name of module are also only for convenience of distinguishing each other, the protection scope being not intended to limit this application.Above system The specific work process of middle unit, module, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
Those of ordinary skill in the art may be aware that list described in conjunction with the examples disclosed in the embodiments of the present disclosure Member and algorithm steps can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually It is implemented in hardware or software, the specific application and design constraint depending on technical solution.Professional technician Each specific application can be used different methods to achieve the described function, but this realization is it is not considered that exceed The scope of the present invention.
In embodiment provided by the present invention, it should be understood that disclosed system and method can pass through others Mode is realized.For example, system embodiment described above is only schematical, for example, the division of the module or unit, Only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components can be with In conjunction with or be desirably integrated into another system, or some features can be ignored or not executed.Another point, it is shown or discussed Mutual coupling or direct-coupling or communication connection can be through some interfaces, the INDIRECT COUPLING of device or unit or Communication connection can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme 's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product When, it can store in a computer readable storage medium.Based on this understanding, the technical solution of the embodiment of the present invention Substantially all or part of the part that contributes to existing technology or the technical solution can be with software product in other words Form embody, which is stored in a storage medium, including some instructions use so that one Computer equipment (can be personal computer, server or the network equipment etc.) or processor (processor) execute this hair The all or part of the steps of bright each embodiment the method for embodiment.And storage medium above-mentioned include: USB flash disk, mobile hard disk, Read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic The various media that can store program code such as dish or CD.
It is above-mentioned that technology contents of the invention are only further illustrated with embodiment, in order to which reader is easier to understand, but not It represents embodiments of the present invention and is only limitted to this, any technology done according to the present invention extends or recreation, by of the invention Protection.Protection scope of the present invention is subject to claims.

Claims (10)

1. a kind of close SM2 signature verification method of the state of SSD, which is characterized in that the described method includes:
Obtain the configuration data that ahb bus is sent;
Configuration data is handled;
The relevant parameter obtained after processing is subjected to point multiplication operation;
The data obtained conducive to point multiplication operation carry out signature calculation, obtain the calculated value with signing messages;
Verifying has the calculated value of signing messages, and verification result is saved.
2. a kind of close SM2 signature verification method of the state of SSD according to claim 1, which is characterized in that described pair of configuration number According to the step of being handled, specifically includes the following steps:
Parse configuration data;
Data after parsing are sent into key control unit.
3. a kind of close SM2 signature verification method of the state of SSD according to claim 1, which is characterized in that it is described will processing after Obtained relevant parameter carries out the step of point multiplication operation, specifically includes the following steps:
Key control unit calls point multiplication operation unit and mould to carry out operation against computing unit, wherein the point multiplication operation unit It is calculated including point plus calculating and a times point;
Point multiplication operation cell call dot product basic computational ele- ment, multiplying unit and the mould fx arithmetic element with pipeline Carry out operation.
4. a kind of close SM2 signature verification method of the state of SSD according to claim 1, which is characterized in that described to be conducive to dot product The step of data that operation obtains carry out signature calculation, obtain the calculated value with signing messages, specifically includes the following steps:
Obtain the calculated value and private key random number that point multiplication operation obtains;
Key control unit calls mould n arithmetic element to carry out adding mould, multiply mould and the inverse calculating of mould;
Mould n arithmetic element controls the division arithmetic unit of mould n and multiplying unit carries out operation.
5. a kind of close SM2 signature verification method of the state of SSD according to claim 1, which is characterized in that the verifying has The calculated value of signing messages, and the step of verification result is saved, specifically includes the following steps:
Obtain the value that latest computed obtains in register;
New calculated value is compared with the calculated value for having signing messages in register;
If numerical value is identical, it is verified;
If numerical value is different, verifies and do not pass through.
6. a kind of close SM2 signature verification system of the state of SSD, which is characterized in that the system comprises acquiring unit, processing unit, Arithmetic element, signature calculation unit and authentication unit;
The acquiring unit, for obtaining the configuration data of ahb bus transmission;
The processing unit, for handling configuration data;
The arithmetic element, for the relevant parameter obtained after processing to be carried out point multiplication operation;
The signature calculation unit carries out signature calculation for being conducive to the data that point multiplication operation obtains, obtains with signing messages Calculated value;
The authentication unit for verifying the calculated value for having signing messages, and verification result is saved.
7. a kind of close SM2 signature verification system of the state of SSD according to claim 6, which is characterized in that the processing unit Including parsing module and writing module;
The parsing module, for parsing configuration data;
The write module is sent into key control unit for the data after parsing.
8. a kind of close SM2 signature verification system of the state of SSD according to claim 6, which is characterized in that the arithmetic element Including key control unit calling module and point multiplication operation cell call module;
The key control unit calling module, for key control unit call point multiplication operation unit and mould against computing unit into Row operation, wherein the point multiplication operation unit includes that point plus calculating and a times point calculate;
The point multiplication operation cell call module is used for point multiplication operation cell call dot product basic computational ele- ment, multiplying list First and mould fx arithmetic element with pipeline carries out operation.
9. a kind of close SM2 signature verification system of the state of SSD according to claim 6, which is characterized in that the signature calculation Unit includes private key random number module, mould n computing module and mould n control module;
The private key random number module, for obtaining the calculated value and private key random number that point multiplication operation obtains;
The mould n computing module calls mould n arithmetic element to carry out adding mould, multiplies mould and the inverse calculating of mould for key control unit;
The mould n control module, division arithmetic unit and multiplying unit for mould n arithmetic element control mould n are transported It calculates.
10. a kind of close SM2 signature verification system of the state of SSD according to claim 6, which is characterized in that the verifying is single Member includes that calculated value obtains module and comparison module;
The calculated value obtains module, the value obtained for obtaining latest computed in register;
The comparison module, for new calculated value to be compared with the calculated value for having signing messages in register, if number It is worth identical, then is verified, if numerical value is different, verifies and do not pass through.
CN201810935578.4A 2018-08-16 2018-08-16 A kind of close SM2 signature verification method of the state of SSD and system Pending CN109241784A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810935578.4A CN109241784A (en) 2018-08-16 2018-08-16 A kind of close SM2 signature verification method of the state of SSD and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810935578.4A CN109241784A (en) 2018-08-16 2018-08-16 A kind of close SM2 signature verification method of the state of SSD and system

Publications (1)

Publication Number Publication Date
CN109241784A true CN109241784A (en) 2019-01-18

Family

ID=65071369

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810935578.4A Pending CN109241784A (en) 2018-08-16 2018-08-16 A kind of close SM2 signature verification method of the state of SSD and system

Country Status (1)

Country Link
CN (1) CN109241784A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113688399A (en) * 2021-08-25 2021-11-23 深圳忆联信息***有限公司 Firmware digital signature protection method and device, computer equipment and storage medium
CN116032490A (en) * 2023-01-09 2023-04-28 郑州轻工业大学 Fabric block chain construction method based on improved SM2 algorithm

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110113235A1 (en) * 2009-08-27 2011-05-12 Craig Erickson PC Security Lock Device Using Permanent ID and Hidden Keys
CN104021104A (en) * 2014-06-12 2014-09-03 国家电网公司 Collaborative system based on dual-bus structure and communication method thereof
CN104536913A (en) * 2014-12-10 2015-04-22 山东华芯半导体有限公司 Big integer operational circuit based on a plurality of RAMs and data transfer method
CN105790939A (en) * 2016-03-01 2016-07-20 全球能源互联网研究院 Prime number field elliptic curve cryptography system of VLSI realization accelerator
CN106415492A (en) * 2014-05-30 2017-02-15 苹果公司 Language, function library, and compiler for graphical and non-graphical computation on a graphical processor unit
CN106789078A (en) * 2016-12-29 2017-05-31 记忆科技(深圳)有限公司 A kind of digital signature identification system based on ahb bus

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110113235A1 (en) * 2009-08-27 2011-05-12 Craig Erickson PC Security Lock Device Using Permanent ID and Hidden Keys
CN106415492A (en) * 2014-05-30 2017-02-15 苹果公司 Language, function library, and compiler for graphical and non-graphical computation on a graphical processor unit
CN104021104A (en) * 2014-06-12 2014-09-03 国家电网公司 Collaborative system based on dual-bus structure and communication method thereof
CN104536913A (en) * 2014-12-10 2015-04-22 山东华芯半导体有限公司 Big integer operational circuit based on a plurality of RAMs and data transfer method
CN105790939A (en) * 2016-03-01 2016-07-20 全球能源互联网研究院 Prime number field elliptic curve cryptography system of VLSI realization accelerator
CN106789078A (en) * 2016-12-29 2017-05-31 记忆科技(深圳)有限公司 A kind of digital signature identification system based on ahb bus

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113688399A (en) * 2021-08-25 2021-11-23 深圳忆联信息***有限公司 Firmware digital signature protection method and device, computer equipment and storage medium
CN116032490A (en) * 2023-01-09 2023-04-28 郑州轻工业大学 Fabric block chain construction method based on improved SM2 algorithm
CN116032490B (en) * 2023-01-09 2023-10-03 郑州轻工业大学 Fabric block chain construction method based on improved SM2 algorithm

Similar Documents

Publication Publication Date Title
EP1320027B1 (en) Elliptic curve cryptosystem apparatus, method and program
CN108446314B (en) Student information storage method, computer readable storage medium and terminal equipment
Asif et al. High‐throughput multi‐key elliptic curve cryptosystem based on residue number system
CN102131198B (en) Realizing method of elliptic curve cryptography arithmetic device in authentication system
Varchola et al. MicroECC: A lightweight reconfigurable elliptic curve crypto-processor
CN103049710B (en) Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm
US9983850B2 (en) Shared hardware integer/floating point divider and square root logic unit and associated methods
CN108733347B (en) Data processing method and device
CN108228754A (en) flow generation method and terminal device
CN108334346A (en) A kind of development approach and device of Service control flow
CN109241784A (en) A kind of close SM2 signature verification method of the state of SSD and system
KR101925868B1 (en) Modular arithmetic unit and secure system having the same
Hossain et al. Efficient fpga implementation of modular arithmetic for elliptic curve cryptography
Kaedi et al. Low‐complexity and differential power analysis (DPA)‐resistant two‐folded power‐aware Rivest–Shamir–Adleman (RSA) security schema implementation for IoT‐connected devices
CN113222132A (en) Multiplier, data processing method, chip, computer device and storage medium
CN103339665B (en) For the method for multi-number division or modular transformation
CN114003194A (en) Operation method and device based on multiplier and computer readable storage medium
US7673257B1 (en) System, method and computer program product for word-level operator-to-cell mapping
Bini et al. A computational framework for two-dimensional random walks with restarts
Pirotte et al. Design of a fully balanced ASIC coprocessor implementing complete addition formulas on Weierstrass elliptic curves
CN103888246A (en) Low-energy-consumption small-area data processing method and data processing device thereof
CN116975884A (en) Data security storage method and device
EP3226120B1 (en) Non-modular multiplier, method for non-modular multiplication and computational device
Bernstein et al. Faster elliptic-curve discrete logarithms on FPGAs
US20210167944A1 (en) Method and apparatus for computing hash function

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190118