| CPC H04L 9/3252 (2013.01) [H04L 9/0643 (2013.01); H04L 63/1466 (2013.01)] | 8 Claims |
|
1. A calculation method for elliptic curve digital signature to resist memory disclosure attacks, wherein a digital signature algorithms includes an SM2 signature algorithm, an ECDSA signature algorithm or an EC-Schnorr signature algorithm, the steps include:
Using a key of symmetric cryptographic algorithm to encrypt a random number k1 and a private key used for signing during initialization phase happened in a trusted environment, wherein the symmetric cryptographic algorithms include AES algorithm or SM4 algorithm, a scalar multiplication k1×G is calculated where k1∈ [1, n−1] and n is the order of the elliptic curve and G is the base point of the elliptic curve;
Calculating plaintext data used to calculate s based on the selected signature algorithm and the value of scalar multiplication k1×G at each signing, wherein the plaintext data used to calculate s include r or the data calculated based on r;
Calculating s inside registers based on the above plaintext data and the ciphertext of random number k1 and the ciphertext of the private key;
Using (r, s) as the signature of the message;
wherein when the SM2 signature algorithm is selected, the plaintext data used to generate s are calculated by the following steps:
1) Calculating e based on the known parameter M of SM2 signature algorithm;
2) Selecting a random number k2 where k2 ∈[1, n−1];
3) Calculating scalar multiplication k2×G;
4) Adding scalar multiplication k1×G to scalar multiplication k2×G to get the value of k×G where k is the random number;
5) Calculating r based on the value of k×G;
Using parameters r and k2 as the plaintext data for generating s.
|