GM/T 0044.4-2016 Identity-based cryptographic algorithms SM9 - Part 4: Key encapsulation mechanism and public key encryption alogorithm
1 Scope
This part specifies an identity-based key encapsulation mechanism, and a public key encryption and decryption algorithm built upon pairings from elliptic curves and specifies the corresponding processes. The key encapsulation mechanism can be used to encapsulate a secret key to a specific entity. The public key encryption and decryption algorithms are identity-based asymmetric cryptographic algorithms, which allow the sender to encrypt the message using the identity of a receiver, and only the receiver can decrypt the encrypted message using its corresponding private key.
This part applies to the key encapsulation and the encryption and decryption of a message.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes the requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GM/T 0004, SM3 Cryptographic Hash Algorithm GM/T 0002, SM4 Block Cipher Algorithm
GM/T 0044.1‒2016, SM9 Identity-based Cryptographic Algorithms — Part 1: General
GM/T 0044.3‒2016, SM9 Identity-based Cryptographic Algorithms — Part 3: Key Exchange Protocol GM/Z 4001, Cryptographic Terminology
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1 secret key
key shared by both the sender and the receiver in a cryptographic system, unknown to any third party
3.2 message
bit string of finite length
3.3 key derivation function
function that generates one or more shared private keys from shared secrets and other parameters known to both entities
3.4 encryption master key
topmost key in the key hierarchy of an identity–based cryptographic system, composed of the encryption master private key and the encryption master public key. The encryption master public key is publicly available while the encryption master private key is kept secret by the KGC. The KGC generates the user’s encryption private key by using the encryption master private key and the user’s identity. In an identity–based cryptographic system, the encryption master private key is usually generated by the KGC using random number generator while the encryption master public key is generated with the encryption master private key and the system parameters
3.5 identity
information that can be used to confirm the identity of an entity, composed of non-repudiable information about the entity, such as its distinguishable name, email address, identity card number, telephone number, and street address.
3.6 key generation center (KGC)
trusted authority responsible for the selection of system parameters, generation of the encryption master keys, and generation of users’ encryption private keys (in this part)
4 Symbols
The following symbols apply to this part.
A, B: two users A and B using the identity-based cryptographic system
cf: the cofactor of the order of an elliptic curve relative to N
cid : curve identifier that indicates the type of elliptic curve, denoted by one byte, where 0x10 represents an ordinary curve (the non-supersingular curve) over Fp (the prime number p > 2191), 0x11 represents a supersingular curve over Fp , and 0x12 represents an ordinary curve and its twisted curve
over F
Dec( ): block cipher decryption algorithm
deB: encryption private key of the user B
Enc( ): block cipher encryption algorithm
e: a bilinear pairing from G1 × G2 to GT
eid : bilinear pairing identifier to distinguish the type of the bilinear pairing e , denoted by one byte, where 0x01 represents the Tate pairing, 0x02 represents the Weil pairing, 0x03 represents the Ate pairing, and 0x04 represents the R-Ate pairing
GT: a multiplicative cyclic group of prime order N
G1: an additive cyclic group of prime order N
G2: an additive cyclic group of prime order N
gu: g to the power of u, where g is an element in the multiplicative group GT and u is a positive integer, that is gu = g . g . … . g
一--一--一
Multiply u times
Hv ( ): a cryptographic hash function
H1( ), H2( ): cryptographic functions derived from the cryptographic hash function
