CN114465735A - Signature checking system, electronic device, electronic equipment and signature checking method - Google Patents

Signature checking system, electronic device, electronic equipment and signature checking method Download PDF

Info

Publication number
CN114465735A
CN114465735A CN202210376774.9A CN202210376774A CN114465735A CN 114465735 A CN114465735 A CN 114465735A CN 202210376774 A CN202210376774 A CN 202210376774A CN 114465735 A CN114465735 A CN 114465735A
Authority
CN
China
Prior art keywords
point
signature
elliptic curve
module
point multiplication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210376774.9A
Other languages
Chinese (zh)
Other versions
CN114465735B (en
Inventor
李健
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xiangdixian Computing Technology Chongqing Co ltd
Original Assignee
Beijing Xiangdixian Computing Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Xiangdixian Computing Technology Co Ltd filed Critical Beijing Xiangdixian Computing Technology Co Ltd
Priority to CN202210376774.9A priority Critical patent/CN114465735B/en
Publication of CN114465735A publication Critical patent/CN114465735A/en
Application granted granted Critical
Publication of CN114465735B publication Critical patent/CN114465735B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Compression, Expansion, Code Conversion, And Decoders (AREA)
  • Storage Device Security (AREA)

Abstract

The disclosure provides a signature checking system, an electronic device, electronic equipment and a signature checking method, aiming at improving signature checking efficiency and ensuring reliable signature checking results. The system comprises a check label system, a check label parameter generation module, a check label generation module and a check label verification module, wherein the check label system comprises a double-point multiplication module and a single-point multiplication module, and the double-point multiplication module executes double-point multiplication operation on the check label parameter based on a non-binary coding mode to obtain a first elliptic curve point; wherein the first elliptic curve point is used to verify whether the signature is valid without being an infinite point. The single-point multiplication module executes single-point multiplication operation on the verification parameters based on a binary coding mode under the condition that the first elliptic curve point is an infinite point to obtain a second elliptic curve point; wherein the second elliptic curve point is used to verify whether the signature is valid. In the disclosure, the first elliptic curve point is calculated through the double-point multiplication module, so that the signature checking efficiency can be effectively improved. In addition, under the condition that the first elliptic curve point is an infinite point, the elliptic curve point is calculated again through the single-point multiplication module, and the reliability of the signature verification result is ensured.

Description

Signature checking system, electronic device, electronic equipment and signature checking method
Technical Field
The present disclosure relates to the field of data processing technologies, and in particular, to a signature verification system, an electronic device, and a signature verification method.
Background
In order to ensure the reliability of the data source, after the data receiver obtains the data, it usually verifies whether the signature of the data is valid, if the signature is valid, the data source is reliable, and if the signature is invalid, the data source is not reliable.
Taking the ECDSA signature verification algorithm as an example, the signature verification process generally includes the following steps: judging whether the signature value is within a preset interval, if so, executing the next step, and if not, determining that the signature is invalid; calculating the hash value of the data, and deducing an integer according to the hash value; performing modular operation on the signature value and the integer to obtain signature verification parameters
Figure 295476DEST_PATH_IMAGE001
And
Figure 168623DEST_PATH_IMAGE002
(ii) a According to the parameters of signature verification
Figure 844455DEST_PATH_IMAGE001
Figure 161167DEST_PATH_IMAGE002
G (base point of elliptic curve), Q (public key), calculating elliptic curve point
Figure 37462DEST_PATH_IMAGE003
(ii) a If elliptic curve point
Figure 730612DEST_PATH_IMAGE004
If the point is an infinite point, the signature is determined to be invalid; if it is not
Figure 526529DEST_PATH_IMAGE004
Not at infinite point, the abscissa is aligned
Figure 263410DEST_PATH_IMAGE005
Performing a modular operation to obtain a modular operation result; and if the result of the modular operation is equal to the signature value, determining that the signature is valid, and if the result of the modular operation is not equal to the signature value, determining that the signature is invalid. For example, the paper "national secret SM2 digital signature algorithm and ECDSA algorithm comparative analysis research" (published in 2013, 2 months and 15 days) and "safe and efficient two-party collaborative ECDSA signature scheme" (published in 2021, 2 months and 25 days) both partially or wholly disclose the signature verification process.
In the process of checking the label, the elliptic curve points are calculated
Figure 144779DEST_PATH_IMAGE004
The time is large in calculation amount, so that the time consumption of the whole label checking process is long.
Disclosure of Invention
The invention aims to provide a signature checking system, an electronic device, electronic equipment and a signature checking method, which improve signature checking efficiency on the premise of ensuring the reliability of a signature checking result.
According to one aspect of the present disclosure, there is provided a system for verifying labels, comprising:
the double-point multiplication module is configured to execute double-point multiplication operation on the verification parameters based on a preset coding mode to obtain a first elliptic curve point; the preset coding mode is a non-binary coding mode, and the first elliptic curve point is used for verifying whether the signature is valid or not under the condition that the first elliptic curve point is not an infinite point;
the single-point multiplication module is configured to execute single-point multiplication operation on the verification parameters based on a binary coding mode under the condition that the first elliptic curve point is an infinite point to obtain a second elliptic curve point; wherein the second elliptic curve point is used to verify whether the signature is valid.
Optionally, the signature verification system further comprises:
and the flow control module is configured to obtain a first elliptic curve point obtained by the operation of the double-point multiplication module, and send control information to the single-point multiplication module to control the single-point multiplication module to execute the single-point multiplication operation on the verification parameters based on a binary coding mode under the condition that the first elliptic curve point is an infinite point.
Optionally, the flow control module and the double-point multiplication module are connected through a first interface, and the first interface is used for the double-point multiplication module to send a first elliptic curve point to the flow control module;
the flow control module is connected with the single-point multiplication module through a second interface, and the second interface is used for the flow control module to send control information to the single-point multiplication module.
Optionally, the signature verification system further comprises:
the point-adding-point multiplying module, the double-point multiplying module and the single-point multiplying module are connected with the point-adding-point multiplying module; the double-point multiplication module calls the point addition and point multiplication module to execute point addition and/or point multiplication operation during the execution of the double-point multiplication operation; the single-point multiplication module calls the point adding and point multiplying module to execute point adding and/or point multiplying operation during the execution of the single-point multiplication operation.
Optionally, the signature verification system further comprises:
a modulo operation module configured to perform a modulo operation on an abscissa of the first elliptic curve point or perform a modulo operation on an integer into which the abscissa of the first elliptic curve point is converted, in a case where the first elliptic curve point is not an infinite point.
Optionally, the module for performing a modulo operation is further configured to perform a modulo operation on an abscissa of the second elliptic curve point or perform a modulo operation on an integer into which the abscissa of the second elliptic curve point is converted, in a case where the second elliptic curve point is not the infinity point.
Optionally, the preset encoding mode is any one of the following encoding modes: JSF code, NAF code.
Optionally, the single point multiplication module is further configured to perform a point multiplication operation in the signing task.
Optionally, the single-point multiplication module is further configured to, during execution of the point multiplication operation in the signature task, in response to the control information, save the operation state of the signature task to the storage module, and execute the single-point multiplication operation on the verification parameter based on a binary coding manner; the control information is used for indicating the single-point multiplication module to execute point multiplication operation in the signature verification task;
the single point multiplication module is further configured to obtain the operation state from the storage module after the second elliptic curve point is obtained, and continue to execute the point multiplication operation in the signature task according to the operation state.
According to another aspect of the present disclosure, there is also provided an electronic device, which includes the signature verification system in any one of the above embodiments. In some usage scenarios, the product form of the electronic device is embodied as a CPU motherboard.
According to another aspect of the present disclosure, there is also provided an electronic device including the electronic apparatus described above. In some usage scenarios, the electronic device is in the form of a portable electronic device, such as a smartphone, a tablet, a VR device, a POS device, or the like; in some use scenes, the electronic equipment is in the form of a personal computer, a game host and the like; in some usage scenarios, the electronic device is in the form of a server host, a cryptographic engine, or a production device.
According to another aspect of the present disclosure, there is also provided a method for verifying a label, including:
performing double-point multiplication operation on the verification parameters based on a preset coding mode to obtain a first elliptic curve point; wherein the preset coding mode is a non-binary coding mode;
under the condition that the first elliptic curve point is not the infinite point, verifying whether the signature is effective or not according to the first elliptic curve point;
and under the condition that the first elliptic curve point is an infinite point, performing single-point multiplication operation on the signature verification parameter based on a binary coding mode to obtain a second elliptic curve point, and verifying whether the signature is effective or not according to the second elliptic curve point.
Optionally, verifying whether the signature is valid according to the first elliptic curve point comprises:
performing a modulus operation on the abscissa of the first elliptic curve point to obtain a first modulus operation result; and judging whether the first modular operation result is equal to the signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
Optionally, verifying whether the signature is valid according to the first elliptic curve point comprises:
converting the abscissa of the first elliptic curve point into a first integer; performing modular operation on the first integer to obtain a second modular operation result; and judging whether the second modular operation result is equal to the signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
Optionally, verifying whether the signature is valid according to the second elliptic curve point comprises:
in the case where the second elliptic curve point is an infinite point, it is determined that the signature is invalid.
Optionally, verifying whether the signature is valid according to the second elliptic curve point further includes:
performing modular operation on the abscissa of the second elliptic curve point under the condition that the second elliptic curve point is not the infinite point to obtain a third modular operation result; and judging whether the third modular operation result is equal to the signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
Optionally, verifying whether the signature is valid according to the second elliptic curve point further includes:
converting the abscissa of the second elliptic curve point into a second integer under the condition that the second elliptic curve point is not the infinite point; performing modular operation on the second integer to obtain a fourth modular operation result; and judging whether the fourth modular operation result is equal to the signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
Optionally, the preset encoding mode is any one of the following encoding modes: JSF code, NAF code.
Drawings
Fig. 1 is a schematic structural diagram of a signature verification system provided in an embodiment of the present disclosure;
fig. 2 is a schematic flow chart of a signature verification method according to an embodiment of the present disclosure.
Detailed Description
Before the embodiments of the present disclosure are described, it should be noted that: some embodiments of the present disclosure are described as a process flow, and although various operation steps of the flow may be numbered with sequential steps, the operation steps therein may be performed in parallel, concurrently, or simultaneously.
The terms "first", "second", etc. may be used in embodiments of the disclosure to describe various features, but these features should not be limited by these terms. These terms are used merely to distinguish one feature from another.
The terms "and/or," "and/or," as used in connection with embodiments of the present disclosure, may include any and all combinations of one or more of the associated listed features.
It should be understood that when a connection or communication between two components is described, the connection or communication between the two components may be understood as either a direct connection or communication or an indirect connection or communication through intermediate components, unless a direct connection or direct communication between the two components is explicitly indicated.
In order to make the technical solutions and advantages of the embodiments of the present disclosure more clearly understood, the following detailed description of the exemplary embodiments of the present disclosure with reference to the accompanying drawings makes it obvious that the described embodiments are only a part of the embodiments of the present disclosure, rather than an exhaustive list of all the embodiments. It should be noted that, in the present disclosure, the embodiments and features of the embodiments may be combined with each other without conflict.
The purpose of this disclosure is to provide a promote and examine the sign scheme of signing efficiency to ensure the reliability of examining the sign result.
One embodiment of the present disclosure provides an endorsement system that includes a two-point multiply module and a one-point multiply module.
The double-dot multiplication module is configured to: and performing double-point multiplication operation on the verification parameters based on a preset coding mode to obtain a first elliptic curve point. The preset encoding mode is a non-binary encoding mode, and the first elliptic curve point is used for verifying whether the signature is valid or not under the condition that the first elliptic curve point is not an infinite point. In some possible implementations, the preset coding mode may be JSF coding, that is, Joint Sparse Form (Joint Sparse Form) coding mode. In other possible implementations, the default coding scheme may be NAF coding, i.e., Non-Adjacent Form (Non-Adjacent Form) coding scheme.
The single point multiplication module is configured to: and under the condition that the first elliptic curve point is an infinite point, performing single-point multiplication operation on the verification parameters based on a binary coding mode to obtain a second elliptic curve point. Wherein the second elliptic curve point is used to verify whether the signature is valid.
The system for checking the signature can be used for calculating elliptic curve points in the signature checking process
Figure 376040DEST_PATH_IMAGE007
. It is worth pointing out thatThe system firstly calculates an elliptic curve point based on a non-binary coding mode (such as JSF or NAF) through a double-point multiplication module, and if the elliptic curve point is not an infinite point, whether the signature is valid can be continuously verified according to the elliptic curve point. Because the calculation rate of the elliptic curve points calculated by the double-point multiplication module based on the non-binary coding mode is higher than that of the elliptic curve points calculated by the single-point multiplication module based on the binary coding mode, the elliptic curve points can be obtained more quickly by firstly calculating the elliptic curve points by using the double-point multiplication module, and the signature checking efficiency is effectively improved.
The inventors of the present disclosure have discovered that non-binary code based double-point multiplication operations have a small probability of calculating a false infinity point when calculating elliptic curve points. In other words, if the elliptic curve point calculated by the double-point multiplication module is an infinite point, the elliptic curve point has a small probability of being a false infinite point. The inventor finds that the probability of the existence of the false infinite point is caused by the characteristic of the algorithm of 'double-point multiplication operation based on non-binary coding'.
In a general signature verification algorithm, if a calculated elliptic curve point belongs to an infinite point, the signature is directly determined to be invalid (i.e. the signature is illegal). However, in the present disclosure, in order to avoid an error in the signature verification result caused by a false infinity point, for example, an actually valid signature is erroneously determined to be invalid. According to the method, after the infinite point is calculated through the double-point multiplication module, the elliptic curve point is recalculated through the single-point multiplication module based on a binary coding mode. Because the algorithm of 'single-point multiplication operation based on binary coding' cannot generate false infinite points, the method can directly verify whether the signature is valid according to the elliptic curve points after the elliptic curve points are calculated by the single-point multiplication module, and therefore the reliability of the signature verification result can be ensured.
It should be noted that when the double-point multiplication operation is performed based on the non-binary coding method, the probability of calculating the false infinity point is very small. Therefore, for the own legal signature, under the most conditions, the infinite points cannot be calculated by the double-point multiplication module, so that the signature verification efficiency of the legal signature can be effectively improved under the most conditions. For the signature which is illegal per se, after the point at infinity is calculated by the double-point multiplication module, the elliptic curve point is calculated again by the single-point multiplication module, although the signature verification time consumption can be increased, for the signature which is illegal per se, the experience/feeling of the illegal signer can be not considered by the method even if the signature verification time consumption is increased because the signer is illegal per se.
In some possible embodiments, the double-point multiplication module may be a software module, in other words, the function of the double-point multiplication module may be implemented by a program. Alternatively, the two-point multiplication module may also be a hardware module, for example, the two-point multiplication module may be implemented by a circuit structure.
Likewise, in some possible implementations, the single multiplication module may be a software module, in other words, the function of the single multiplication module may be implemented by a program. Alternatively, the single-point multiplication module may be a hardware module, for example, the single-point multiplication module may be implemented by a circuit structure.
For convenience of understanding, the present disclosure takes a double-point multiplication module as an example, and a specific implementation manner of calculating an elliptic curve point by the double-point multiplication module is given: parameters of checking label
Figure 511617DEST_PATH_IMAGE001
And
Figure 435711DEST_PATH_IMAGE002
respectively carrying out JSF coding to obtain
Figure 804375DEST_PATH_IMAGE001
Is coded into
Figure 573748DEST_PATH_IMAGE008
And
Figure 327946DEST_PATH_IMAGE002
is coded into
Figure 157362DEST_PATH_IMAGE009
(ii) a For two coded results, e.g.Fruit
Figure 13323DEST_PATH_IMAGE010
Is not equal to (0,0), then let
Figure 74469DEST_PATH_IMAGE011
Where R is the point of an elliptic curve
Figure 699486DEST_PATH_IMAGE004
. The above process can be used to design a corresponding software module as a specific implementation manner of the double-point multiplication module. However, it should be noted that the above process is only an example of the present disclosure, and the present disclosure is not limited to the above example for the specific implementation of the double-dot multiplication module.
For the sake of understanding, if the double-point multiplication module is designed as a hardware module, the present disclosure provides the following specific embodiments: the double-point multiplication module comprises a coding circuit and a control unit, wherein the coding circuit is used for checking the label parameter
Figure 699803DEST_PATH_IMAGE012
And
Figure 26748DEST_PATH_IMAGE002
respectively carrying out JSF coding to obtain
Figure 403502DEST_PATH_IMAGE012
Is encoded as a result of
Figure 617446DEST_PATH_IMAGE002
And the control unit calls a point adding and point multiplying module to execute point adding and/or point multiplying operation according to the coding result so as to calculate the elliptic curve point. The point-plus-point multiplication module can further call the modular operation module to execute modular operation during operation. It should be noted that the above specific embodiment is only an example of the present disclosure, and the present disclosure is not limited to the above specific embodiment for the specific implementation of the double-dot multiplication module.
Referring to fig. 1, fig. 1 is a schematic structural diagram of a signature verification system according to an embodiment of the present disclosure. As shown in fig. 1, the signature verification system includes a flow control module, a two-point multiplication module, and a one-point multiplication module. The flow control module and the double-point multiplication module are connected through one or more first interfaces, and the flow control module and the single-point multiplication module are connected through one or more second interfaces.
The double-dot multiplication module is configured to: and performing double-point multiplication operation on the verification parameters based on a preset coding mode to obtain a first elliptic curve point. The preset coding mode can be a JSF coding mode or a NAF coding mode.
In some possible embodiments, as shown in fig. 1, the first interface includes a Control interface, the flow Control module may send Control information DP _ Control to the duple-dot multiplication module through the Control interface after receiving the check task, and the duple-dot multiplication module performs duple-dot multiplication operation on the check parameter after receiving the Control information DP _ Control.
The flow control module is configured to: and obtaining a first elliptic curve point obtained by the operation of the double-point multiplication module, and sending control information to the single-point multiplication module to control the single-point multiplication module to execute single-point multiplication operation on the verification parameters based on a binary coding mode under the condition that the first elliptic curve point is an infinite point.
In some possible embodiments, as shown in fig. 1, the first interface further includes an operation state interface and an operation result interface. After the double-point multiplication module calculates the first elliptic curve point, the operation state interface sends operation state information DP _ Done to the process control module, and the operation result interface sends operation result information DP _ Status (i.e. the first elliptic curve point) to the process control module. The process control module identifies the operation state information DP _ Done, and if DP _ Done is equal to the preset value (for example, if DP _ Done is equal to 1), the process control module checks whether DP _ Status is an infinity point. The operation state information DP _ Done is equivalent to an enable signal (which can also be understood as a trigger signal) of the operation result information DP _ Status, and when DP _ Done is equal to a preset value, the signal of DP _ Status is significant.
As shown in fig. 1, the second interface also includes a Control interface, and if DP _ Status is the point of infinity, the process Control module sends Control information SP _ Control to the single point multiplication module through the Control interface.
The single point multiplication module is configured to: and under the condition that the first elliptic curve point is an infinite point, performing single-point multiplication operation on the verification parameters based on a binary coding mode to obtain a second elliptic curve point.
In some possible embodiments, the single-point multiplication module performs the single-point multiplication operation on the check parameter after receiving the Control information SP _ Control sent by the flow Control module. As shown in fig. 1, the second interface further includes an operation state interface and an operation result interface. After the single-point multiplication module calculates the second elliptic curve point, the operation state information SP _ Done is sent to the process control module through the operation state interface, and the operation result information SP _ Status (namely, the second elliptic curve point) is sent to the process control module through the operation result interface. The flow control module recognizes the operation state information SP _ Done, and if SP _ Done is equal to a preset value (for example, if SP _ Done is equal to 1), the flow control module checks whether SP _ Status is an infinity point. The operation state information SP _ Done is equivalent to an enable signal (which can also be understood as a trigger signal) of the operation result information SP _ Status, and when the SP _ Done is equal to a preset value, the signal of the SP _ Status is significant.
As shown in fig. 1, the signature verification system may further include a point-plus-point multiplication module, and both the two-point multiplication module and the single-point multiplication module are connected to the point-plus-point multiplication module.
The double-point multiplication module calls the point and point multiplication module to execute point addition and/or point multiplication operation during the execution of the double-point multiplication operation. In some possible embodiments, after receiving the Control information DP _ Control sent by the flow Control module, the dualpurple-multiplication module obtains the signature verification parameter from the storage module (e.g., dual-port SRAM)
Figure 804976DEST_PATH_IMAGE012
And
Figure 104370DEST_PATH_IMAGE002
then is aligned with
Figure 19237DEST_PATH_IMAGE012
And
Figure 602534DEST_PATH_IMAGE002
respectively carrying out JSF coding (or NAF coding) to obtain
Figure 210233DEST_PATH_IMAGE012
And
Figure 996923DEST_PATH_IMAGE002
the JSF encoding result of (1). Double dot multiplication module according to
Figure 715480DEST_PATH_IMAGE012
And
Figure 651819DEST_PATH_IMAGE002
and calling a point adding and point multiplying module to execute point adding operation, or execute point multiplying operation, or execute point adding operation and point multiplying operation. For example when
Figure 430419DEST_PATH_IMAGE012
Is coded into
Figure 969985DEST_PATH_IMAGE013
And
Figure 475921DEST_PATH_IMAGE002
is coded into
Figure 784543DEST_PATH_IMAGE014
The conditions are satisfied:
Figure 468465DEST_PATH_IMAGE015
is not equal to
Figure 980480DEST_PATH_IMAGE016
And the double-point multiplication module calls a point addition and point multiplication module to execute point addition and/or point multiplication operation. During the point adding and/or point multiplying operation, the point adding and/or point multiplying module reads the signature verification parameters from the dual-port SRAM: g (base point of elliptic curve), Q (public key), and is based on
Figure 306419DEST_PATH_IMAGE012
Is coded into
Figure 203968DEST_PATH_IMAGE013
Figure 324371DEST_PATH_IMAGE002
Is coded into
Figure 822217DEST_PATH_IMAGE014
G and Q, performing point addition and/or point multiplication operation.
The single-point multiplication module also calls the point and point multiplication module to execute point addition and/or point multiplication operation during the execution of the single-point multiplication operation. In some possible implementations, the single point multiplication module may be based on the signature verification parameter
Figure 686268DEST_PATH_IMAGE012
And
Figure 703903DEST_PATH_IMAGE002
and calling a point and point multiplication module to execute point addition operation, or execute point multiplication operation, or execute point addition operation and point multiplication operation.
In addition, as shown in FIG. 1, the process control module may invoke the dot-plus-dot module. Specifically, before calling the double-point multiplication module to perform the double-point multiplication operation, the flow control module may call the point-plus-point multiplication module in advance to perform pre-calculation on the verification parameters, so as to pre-calculate points, and the points may be stored in the dual-port SRAM. These points may be utilized during the double-point multiplication module performing the double-point multiplication operation.
As shown in fig. 1, the signature verification system may further include a module operation module, and the point-plus-point multiplication module is connected to the module operation module. The point adding and point multiplying module calls the modular operation module to execute at least one of the following modular operations during the point adding/point multiplying operation: modular arithmetic, modular multiplication arithmetic, modular addition arithmetic and modular inversion arithmetic.
In addition, in some possible embodiments, the modular arithmetic module is also configuredThe method comprises the following steps: in the case where the first elliptic curve point is not the infinity point, the modulo operation is performed on the abscissa of the first elliptic curve point. As described above, the double-point multiplication operation based on the JSF coding (or NAF coding) has a possibility of calculating a false infinity point, but if the calculated elliptic curve point is not the infinity point, it is necessary to verify whether the signature is valid or not from the elliptic curve point. In the present disclosure, if an elliptic curve point calculated based on a double-point multiplication operation of JSF coding (or NAF coding) is not an infinite point, the abscissa of the elliptic curve point may be plotted by a modulo operation module
Figure 737150DEST_PATH_IMAGE017
And executing the modulus operation to obtain a modulus operation result. If the result of the modulo operation is equal to the signature value, the signature is valid, otherwise the signature is invalid.
Or in other possible implementations, the modulo operation module is further configured to: and performing modulus operation on the integer converted from the abscissa of the first elliptic curve point.
It should be noted that, since the values involved in the elliptic curve are usually large numbers, i.e. numbers with a long number of bits, such as 256 bits. Whereas the number of bits of an electronic device (e.g. a computer) is typically 32 bits or 64 bits. Therefore, if the present disclosure is implemented by a software program, the calculated abscissa of the elliptic curve point generally needs to be stored in an array form, so that the array form of the abscissa needs to be converted into an integer before the abscissa is modulo. Whereas if the present disclosure is implemented in hardware circuitry to declare a 256-bit number, for hardware, the resulting abscissa is itself a 256-bit integer, and thus the abscissa can be directly modulo.
In some possible implementations, the modulo operation module is further configured to: in a case where the second elliptic curve point is not the infinity point, a modulo operation is performed on the abscissa of the second elliptic curve point, or a modulo operation is performed on an integer into which the abscissa of the second elliptic curve point is converted. As described earlier, the single-point multiplication operation based on binary coding does not have a possibility of calculating a false infinity point, and therefore if the elliptic curve point calculated by the single-point multiplication module is an infinity point, it can be determined that the signature is invalid.
If the elliptic curve point calculated by the single-point multiplication module is not an infinite point, the abscissa of the elliptic curve point can be subjected to the modular operation module
Figure 473025DEST_PATH_IMAGE017
And executing the modulus operation to obtain a modulus operation result. Or performing modular operation on the integer converted from the abscissa of the second elliptic curve point through a modular operation module to obtain a modular operation result. If the result of the modulo operation is equal to the signature value, the signature is valid, otherwise the signature is invalid.
In this disclosure, the double-point multiplication module is set as the default module for calculating the elliptic curve points during the signature verification operation. In other words, when it is desired to calculate elliptic curve points in a signature verification task, the present disclosure will first calculate elliptic curve points by a two-point multiplication module. If the elliptic curve point calculated by the double-point multiplication module is not an infinite point, the label checking operation is continuously executed by using the elliptic curve point, for example, a modulus operation is performed on the abscissa of the elliptic curve point, and the modulus operation result is compared with the label checking value. In this case, the single point multiplication module need not calculate elliptic curve points for the signature verification task. Thus, the single multiplication module is in an idle state in many cases.
Further, as shown in fig. 1, the dual port SRAM in the present disclosure is connected to a flow control module and a modulo operation module. The flow control module is used for reading the label checking data from the dual-port SRAM or storing the label checking data into the dual-port SRAM. And the modular operation module is used for storing the intermediate result and the operation result into the dual-port SRAM.
In order to improve the utilization rate of the single-point multiplication module and the whole signature verification system, the single-point multiplication module is also configured to execute the point multiplication operation in the signature task. In some possible implementations, the single-point multiply module is set as the default module to perform the point multiply operation during the signature operation. For example, when the flow control module receives the signature task, it sends control information to the single-point multiplication module through the second interface to control the single-point multiplication module to perform the point multiplication operation in the signature task.
The single-point multiplication module can call the point-plus-point multiplication module to execute point-plus and/or point-multiply operation during the point-multiply operation of executing the signature task. During the point adding and/or point multiplying operation, the modular operation module may be called to perform at least one of the following modular operations: modular arithmetic, modular multiplication arithmetic, modular addition arithmetic and modular inversion arithmetic.
In addition, considering that in rare cases, the signature which is legal in itself is calculated by the double-point multiplication module during signature verification, a false infinite point is calculated, so that the elliptic curve point needs to be calculated again by the single-point multiplication module, and the signature verification time is increased. However, when the single point multiplication module is required to calculate the elliptic curve point, the single point multiplication module may be performing the point multiplication operation in the signature task. In order not to further increase the time spent on verifying the signature, the single point multiplication module may be further configured to: during the execution of the single-point multiplication operation in the signature task, the operation state of the signature task is saved to a storage module (such as a dual-port SRAM) in response to the control information, and the single-point multiplication operation is executed on the verification parameters based on a binary coding mode. The control information is used for indicating the single-point multiplication module to execute single-point multiplication operation in the signature verification task.
And the single-point multiplication module is also configured to acquire the operation state from the storage module after the second elliptic curve point is obtained, and continue to execute the single-point multiplication in the signature task according to the operation state.
In other words, the single point multiplication module receives the control information if the double point multiplication module calculates an infinite point in the signature verification task during the execution of the point multiplication operation in the signature task. The single point multiplication module is used for responding to the control information, interrupting the point multiplication operation in the signature task and executing the point multiplication operation in the signature verification task to calculate the elliptic curve point. And after the single-point multiplication module calculates the elliptic curve point, the point multiplication operation in the interrupted signature task is continuously executed.
In some possible embodiments, the saving of the operation state of the single point multiplication module to the storage module may include: intermediate results, the number of bits in the dot product operation where binary encoding has been performed.
The embodiment of the disclosure also provides an electronic device, which includes the signature verification system in any one of the embodiments. In some usage scenarios, the product form of the electronic device is embodied as a CPU motherboard.
The embodiment of the disclosure also provides an electronic device, which includes the electronic device. In some usage scenarios, the electronic device is in the form of a portable electronic device, such as a smartphone, a tablet, a VR device, a POS device, or the like; in some use scenes, the electronic equipment is in the form of a personal computer, a game host and the like; in some usage scenarios, the electronic device is in the form of a server host, a cryptographic engine, or a production device.
The embodiment of the disclosure further provides a signature verification method, and referring to fig. 2, fig. 2 is a schematic flow chart of the signature verification method provided by the embodiment of the disclosure. As shown in fig. 2, the signature verification method includes the following steps:
s210: performing double-point multiplication operation on the verification parameters based on a preset coding mode to obtain a first elliptic curve point; the preset coding mode is a non-binary coding mode.
In some possible embodiments, the preset encoding manner may specifically be a JSF encoding manner, or may be a NAF encoding manner. For how to perform the double-point multiplication operation based on the JSF coding (or NAF coding), reference may be made to the above embodiments, and details are not described here to avoid repetition.
S220: in the case where the first elliptic curve point is not the infinite point, whether the signature is valid is verified based on the first elliptic curve point.
In some possible embodiments, when verifying whether the signature is valid according to the first elliptic curve point, a modulo operation may be specifically performed on an abscissa of the first elliptic curve point to obtain a first modulo operation result; and judging whether the first modular operation result is equal to the signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
Alternatively, in another possible implementation, when verifying whether the signature is valid according to the first elliptic curve point, the abscissa of the first elliptic curve point may be specifically converted into the first integer; performing modular operation on the first integer to obtain a second modular operation result; and then judging whether the second modular operation result is equal to the signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
S230: and under the condition that the first elliptic curve point is an infinite point, performing single-point multiplication operation on the signature verification parameter based on a binary coding mode to obtain a second elliptic curve point, and verifying whether the signature is effective or not according to the second elliptic curve point.
In some possible embodiments, when verifying whether the signature is valid according to the second elliptic curve point, it may be specifically determined that the signature is invalid in the case where the second elliptic curve point is an infinite point. As described above, when the single-point multiplication operation is performed based on the binary code, the pseudo infinity point is not calculated. Therefore, in the present disclosure, if the calculated elliptic curve point is an infinite point when the single point multiplication operation is performed based on the binary code, it can be directly determined that the signature is invalid.
In some possible embodiments, when verifying whether the signature is valid according to the second elliptic curve point, the modulo operation may be performed on the abscissa of the second elliptic curve point under the condition that the second elliptic curve point is not an infinite point, so as to obtain a third modulo operation result; and judging whether the third modular operation result is equal to the signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
Alternatively, in other possible embodiments, when verifying whether the signature is valid according to the second elliptic curve point, the abscissa of the second elliptic curve point may be further converted into the second integer in the case that the second elliptic curve point is not an infinite point; performing modular operation on the second integer to obtain a fourth modular operation result; and then judging whether the fourth modular operation result is equal to the signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
As described above, when the double-point multiplication operation is performed based on the non-binary coding method, the probability of calculating the false infinity point is small. Therefore, for the own legal signature, under most conditions, the double-point multiplication module can calculate the non-infinite points, so that the signature verification efficiency of the legal signature can be effectively improved under most conditions.
While preferred embodiments of the present disclosure have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the disclosure.
It will be apparent to those skilled in the art that various changes and modifications can be made in the present disclosure without departing from the spirit and scope of the disclosure. Thus, if such modifications and variations of the present disclosure fall within the scope of the claims of the present disclosure and their equivalents, the present disclosure is intended to include such modifications and variations as well.

Claims (18)

1. A system for verifying labels, comprising:
the double-point multiplication module is configured to execute double-point multiplication operation on the verification parameters based on a preset coding mode to obtain a first elliptic curve point; the preset coding mode is a non-binary coding mode, and the first elliptic curve point is used for verifying whether the signature is valid or not under the condition that the first elliptic curve point is not an infinite point;
the single-point multiplication module is configured to execute a single-point multiplication operation on the signature verification parameter based on a binary coding mode to obtain a second elliptic curve point under the condition that the first elliptic curve point is an infinite point; wherein the second elliptic curve point is used to verify whether the signature is valid.
2. The system of claim 1, the signature verification system further comprising:
and the flow control module is configured to obtain the first elliptic curve point obtained by the operation of the double-point multiplication module, and send control information to the single-point multiplication module to control the single-point multiplication module to perform single-point multiplication on the signature verification parameter based on a binary coding mode under the condition that the first elliptic curve point is an infinite point.
3. The system of claim 2, the process control module and the double-point multiplication module connected by a first interface, the first interface for the double-point multiplication module to send the first elliptic curve point to the process control module;
the flow control module and the single-point multiplication module are connected through a second interface, and the second interface is used for the flow control module to send the control information to the single-point multiplication module.
4. The system of claim 1, the signature verification system further comprising:
the double-point multiplication module and the single-point multiplication module are connected with the point multiplication module; the double-point multiplication module calls the point and point multiplication module to execute point addition and/or point multiplication operation during the execution of double-point multiplication operation; and the single-point multiplication module calls the point adding and point multiplying module to execute point adding and/or point multiplying operation during the execution of the single-point multiplication operation.
5. The system of claim 1, the signature verification system further comprising:
a module operation module configured to perform a module operation on an abscissa of the first elliptic curve point or perform a module operation on an integer into which the abscissa of the first elliptic curve point is converted, in a case where the first elliptic curve point is not an infinite point.
6. The system of claim 5, the modulo operation module further configured to perform a modulo operation on an abscissa of the second elliptic curve point or perform a modulo operation on an integer into which the abscissa of the second elliptic curve point is converted, in a case that the second elliptic curve point is not an infinite point.
7. The system according to any one of claims 1 to 5, wherein the predetermined encoding scheme is any one of the following encoding schemes: JSF code, NAF code.
8. The system of any of claims 1 to 5, wherein the single point multiplication module is further configured to perform a point multiplication operation in the signature task.
9. The system of claim 8, the single point multiplication module further configured to save an operation state of the signature task to a storage module in response to control information during execution of a point multiplication operation in the signature task, and perform the single point multiplication operation on the signature verification parameter based on a binary encoding manner; the control information is used for instructing the single-point multiplication module to execute point multiplication operation in the signature verification task;
the single-point multiplication module is further configured to obtain the operation state from the storage module after the second elliptic curve point is obtained, and continue to execute the point multiplication operation in the signature task according to the operation state.
10. An electronic device comprising the system of any one of claims 1 to 9.
11. An electronic device comprising the electronic apparatus of claim 10.
12. A method of verifying a signature, comprising:
performing double-point multiplication operation on the signature verification parameters based on a preset coding mode to obtain a first elliptic curve point; wherein the preset coding mode is a non-binary coding mode;
in the case that the first elliptic curve point is not an infinite point, verifying whether a signature is valid according to the first elliptic curve point;
and under the condition that the first elliptic curve point is an infinite point, performing single-point multiplication operation on the signature verification parameter based on a binary coding mode to obtain a second elliptic curve point, and verifying whether the signature is effective or not according to the second elliptic curve point.
13. The method of claim 12, the verifying whether a signature is valid according to the first elliptic curve point comprising:
performing a modulus operation on the abscissa of the first elliptic curve point to obtain a first modulus operation result;
and judging whether the first modular operation result is equal to a signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
14. The method of claim 12, the verifying whether a signature is valid according to the first elliptic curve point comprising:
converting the abscissa of the first elliptic curve point into a first integer;
performing modular operation on the first integer to obtain a second modular operation result;
and judging whether the second modular operation result is equal to a signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
15. The method of claim 12, said verifying whether said signature is valid according to said second elliptic curve point, comprising:
determining that the signature is invalid if the second elliptic curve point is an infinite point.
16. The method of claim 15, said verifying whether said signature is valid according to said second elliptic curve point, further comprising:
performing modular operation on the abscissa of the second elliptic curve point under the condition that the second elliptic curve point is not an infinite point to obtain a third modular operation result;
and judging whether the third modular operation result is equal to a signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
17. The method of claim 15, said verifying whether said signature is valid according to said second elliptic curve point, further comprising:
converting the abscissa of the second elliptic curve point into a second integer in a case where the second elliptic curve point is not an infinite point;
performing modular operation on the second integer to obtain a fourth modular operation result;
and judging whether the fourth modulo operation result is equal to a signature value, if so, determining that the signature is valid, and if not, determining that the signature is invalid.
18. The method according to any one of claims 12 to 17, wherein the predetermined encoding mode is any one of the following encoding modes: JSF code, NAF code.
CN202210376774.9A 2022-04-12 2022-04-12 Signature checking system, electronic device, electronic equipment and signature checking method Active CN114465735B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210376774.9A CN114465735B (en) 2022-04-12 2022-04-12 Signature checking system, electronic device, electronic equipment and signature checking method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210376774.9A CN114465735B (en) 2022-04-12 2022-04-12 Signature checking system, electronic device, electronic equipment and signature checking method

Publications (2)

Publication Number Publication Date
CN114465735A true CN114465735A (en) 2022-05-10
CN114465735B CN114465735B (en) 2022-06-17

Family

ID=81416855

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210376774.9A Active CN114465735B (en) 2022-04-12 2022-04-12 Signature checking system, electronic device, electronic equipment and signature checking method

Country Status (1)

Country Link
CN (1) CN114465735B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115129297A (en) * 2022-08-30 2022-09-30 北京象帝先计算技术有限公司 Multi-point multiplication operation system, method, graphic processor, electronic device and equipment

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030059043A1 (en) * 2001-09-26 2003-03-27 Katsuyuki Okeya Elliptic curve signature verification method and apparatus and a storage medium for implementing the same
US7024559B1 (en) * 2002-06-28 2006-04-04 The United States Of America As Represented By The National Security Agency Method of elliptic curve digital signature using expansion in joint sparse form
CN106533682A (en) * 2016-11-10 2017-03-22 上海华虹集成电路有限责任公司 Point-to-point elliptic-curve type digital signature algorithm and signature verification method based on the same
CN107425968A (en) * 2017-06-22 2017-12-01 广东工业大学 A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system
CN108650087A (en) * 2018-05-16 2018-10-12 广东工业大学 A kind of SM2 ellipse curve signature dot product encryption methods under binary field F2m
CN112099760A (en) * 2020-08-24 2020-12-18 清华大学 Single multiplier seamless scheduling method for point addition and point doubling in SM2 cryptographic algorithm
CN113783702A (en) * 2021-09-28 2021-12-10 南京宁麒智能计算芯片研究院有限公司 Hardware implementation method and system for elliptic curve digital signature and signature verification
CN113794572A (en) * 2021-09-28 2021-12-14 南京宁麒智能计算芯片研究院有限公司 Hardware implementation system and method for high-performance elliptic curve digital signature and signature verification

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030059043A1 (en) * 2001-09-26 2003-03-27 Katsuyuki Okeya Elliptic curve signature verification method and apparatus and a storage medium for implementing the same
US7024559B1 (en) * 2002-06-28 2006-04-04 The United States Of America As Represented By The National Security Agency Method of elliptic curve digital signature using expansion in joint sparse form
CN106533682A (en) * 2016-11-10 2017-03-22 上海华虹集成电路有限责任公司 Point-to-point elliptic-curve type digital signature algorithm and signature verification method based on the same
CN107425968A (en) * 2017-06-22 2017-12-01 广东工业大学 A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system
CN108650087A (en) * 2018-05-16 2018-10-12 广东工业大学 A kind of SM2 ellipse curve signature dot product encryption methods under binary field F2m
CN112099760A (en) * 2020-08-24 2020-12-18 清华大学 Single multiplier seamless scheduling method for point addition and point doubling in SM2 cryptographic algorithm
CN113783702A (en) * 2021-09-28 2021-12-10 南京宁麒智能计算芯片研究院有限公司 Hardware implementation method and system for elliptic curve digital signature and signature verification
CN113794572A (en) * 2021-09-28 2021-12-14 南京宁麒智能计算芯片研究院有限公司 Hardware implementation system and method for high-performance elliptic curve digital signature and signature verification

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
李凡等: "基于FPGA的SM2点运算快速并行实现", 《电子测量技术》 *
王婧等: "安全高效的两方协同ECDSA签名方案", 《通信学报》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115129297A (en) * 2022-08-30 2022-09-30 北京象帝先计算技术有限公司 Multi-point multiplication operation system, method, graphic processor, electronic device and equipment
CN115129297B (en) * 2022-08-30 2022-12-13 北京象帝先计算技术有限公司 Multi-point multiplication operation system, method, graphic processor, electronic device and equipment

Also Published As

Publication number Publication date
CN114465735B (en) 2022-06-17

Similar Documents

Publication Publication Date Title
EP1729442A2 (en) An authentication system executing an elliptic curve digital signature cryptographic process
CN111064583B (en) Threshold SM2 digital signature method and device, electronic equipment and storage medium
US9391773B2 (en) Elliptic curve point multiplication procedure resistant to side-channel information leakage
CN108494557B (en) Social security digital certificate management method, computer readable storage medium and terminal device
JP7206324B2 (en) System and method for one-time Chinese Remainder Theorem exponentiation for cryptographic algorithms
CN108964914B (en) SM2 point multiplication architecture for resisting side channel attack
CN112262544B (en) Device, system and method for generating and processing cryptographic parameters
CN114465735B (en) Signature checking system, electronic device, electronic equipment and signature checking method
CN109145651B (en) Data processing method and device
CN113839781A (en) Countermeasure for side channel attacks on protected signing and key exchange operations
CN113722734A (en) Method, device and system for determining selection result fragmentation by two-party security selection
CN111737757A (en) Method and device for performing secure operation on private data
US20080320557A1 (en) Batch verification device, program and batch verification method
CN111586013B (en) Network intrusion detection method, device, node terminal and storage medium
CN115242402B (en) Signature method, signature verification method and electronic equipment
CN116192396A (en) Signature rapid generation method and device, electronic equipment and computer storage medium
CN116225369A (en) SM2 algorithm scalar multiplication operation optimization method and system
US8966254B2 (en) Keyless challenge and response system
CN113630236A (en) SM3 data encryption method and related device
CN115113848B (en) Signature/signature verification circuit, device, equipment, method and coordinate restoration circuit
CN114363658B (en) Method and device for encrypted transmission of audio and video stream
CN114124356B (en) Ciphertext generation method, server, medium and device applied to blockchain
US20240195636A1 (en) Hardened Encoded Message Check for RSA Signature Verification
CN113761561B (en) SHA1 encryption method and device based on convolution optimization
CN113595730B (en) Processing method and device for generating ECC curve in engineering

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20231204

Address after: 401135 No. 618 Liangjiang Avenue, Longxing Town, Yubei District, Chongqing

Patentee after: Xiangdixian Computing Technology (Chongqing) Co.,Ltd.

Address before: Room 901, 901, floor 9 (09), building 1, yard 5, Anding Road, Chaoyang District, Beijing 100029

Patentee before: Beijing xiangdixian Computing Technology Co.,Ltd.

TR01 Transfer of patent right