SM2 signature algorithm protection method for resisting error attack based on lattice

• Main Authors: GAO SHUNXIAN, FENG JINGYI, CHEN HUA, WU WENLING, CAO WEIQIONG, HAN XUCANG, ZHENG XIAOGUANG, LUO PENG, LI GUOYOU, LI DAWEI
• Format: Patent
• Language: English
• Published: 19.08.2015
• Subjects: CALCULATING; COMPUTING; COUNTING; ELECTRIC COMMUNICATION TECHNIQUE; ELECTRIC DIGITAL DATA PROCESSING; ELECTRICITY; PHYSICS; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

The present invention discloses an SM2 signature algorithm protection method for resisting error attack based on lattice. The method comprises the following steps: (1) a signer A carries out Hash operation on an inputted message M to be signed and combines an operation result ZA and the message M to obtain M<->, (2) M<-> is subjected to hashing compression to obtain a pre-processing result e, (3) two random numbers k and w are generated, the scalar multiplication kG of the random number k and a base point G and the scalar multiplication wPA of the random number w and a public key PA are calculated respectively, then the above two scalar multiplications are summed to an elliptic curve point Q, (4) the coordinate x1 mode n add of e and point Q is calculated to obtain an r value, (5) private keys dA, k, w, r are subjected to substitution to obtain a signature result s. By using the method provided by the invention, the lattice attack of an SM2 signature algorithm can be effectively and comprehensively resisted.